Alexander Boström wrote: > The way to solve problems like this is of course to use a single sign on > infrastructure (CAS, Shibboleth, OpenID, Pubcookie, Kerberos/SPNEGO) so > that there is only one single web page or dialog where the user has to > enter the password, or to use X509 client certificates. Combinations of > these do of course exist. > > I'm not overly worried about the Fedora infrastructure, just noting that > there are partial solutions and people working on solving the rest. > (FreeIPA is a good foundation, The Fedora infrastructure does hand out > certificates, most web applications can be integrated with single sign > on systems and so on.) > We have a pubcookie like setup for Fedora Infrastructure. But that doesn't help here because the domain is different from the cookie issuer. Some of the other single sign on technologies would help but they involve a manpower cost to setup, deploy, and maintain that we don't have anyone who wants to pay yet. -Toshio
Attachment:
signature.asc
Description: OpenPGP digital signature
-- fedora-devel-list mailing list fedora-devel-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-devel-list
