Fedora Community Pre-Beta Testing

Toshio Kuratomi a.badger at gmail.com
Thu May 14 21:15:39 UTC 2009


Alexander Boström wrote:
> The way to solve problems like this is of course to use a single sign on
> infrastructure (CAS, Shibboleth, OpenID, Pubcookie, Kerberos/SPNEGO) so
> that there is only one single web page or dialog where the user has to
> enter the password, or to use X509 client certificates. Combinations of
> these do of course exist.
> 
> I'm not overly worried about the Fedora infrastructure, just noting that
> there are partial solutions and people working on solving the rest.
> (FreeIPA is a good foundation, The Fedora infrastructure does hand out
> certificates, most web applications can be integrated with single sign
> on systems and so on.)
> 
We have a pubcookie like setup for Fedora Infrastructure.  But that
doesn't help here because the domain is different from the cookie
issuer.  Some of the other single sign on technologies would help but
they involve a manpower cost to setup, deploy, and maintain that we
don't have anyone who wants to pay yet.

-Toshio

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 197 bytes
Desc: OpenPGP digital signature
URL: <http://listman.redhat.com/archives/fedora-devel-list/attachments/20090514/c9d36f9e/attachment.sig>


More information about the fedora-devel-list mailing list