[katello-devel] Signo improvements discussion

Justin Sherrill jsherril at redhat.com
Mon May 6 12:59:09 UTC 2013 

On 05/06/2013 08:26 AM, Bryan Kearney wrote:
> On 05/06/2013 07:59 AM, Marek Hulan wrote:
>> Hi all,
>>
>> I received some feedback (the biggest from Garik) about Signo 
>> application.
>> Although it seems to work by technical side it would be nice add some 
>> other
>> features. Here is the list to discuss:
>>
>> # Application information
>>
>> We could display information about from which application user is 
>> coming to
>> Signo, so he knows what is he logging in to. Note that user might get 
>> false
>> idea that he is logging just into Katello however logging into Signo 
>> means
>> also logging in into Foreman. Garik suggested displaying name, version,
>> favicon and logo from that application you are coming from so it 
>> would look
>> like as Katello login page (for Katello). What do others think? This 
>> would
>> also mean for every external application to be supported in Signo (to 
>> display
>> its graphics to avoid remote linking https problems etc.). I would 
>> find useful
>> just to display name of the application that you came from. Also we 
>> should
>> keep in mind security and possibility of forging this information.
>>
>> # Logout page
>>
>> Logout in Katello shows logout page that informs you about successful 
>> logout
>> and displaying you a link to login again. Garik suggested to remove 
>> this page
>> so user does not have to click link in order to login again. It would 
>> mean to
>> go to Signo login page again with no notification of logout. I don't 
>> think
>> users are logging out and in too often so I would leave that link 
>> there even
>> when logout page itself has small information value. Comments? FYI on 
>> Foreman
>> side there is no logout page so user is redirected to casual login 
>> page. He
>> may login to foreman to enter any other foreman url. That's more or 
>> less 3rd
>> possible way.
>
> No Opinions.
>
>>
>> # Katello - configurable login page
>>
>> We now force users to use Signo if it's set in katello.yml and 
>> fallback to
>> plain login form only if OpenID auth fails. However user may want to 
>> decide
>> which way he wants to use. Either SSO via Signo or plain login form. 
>> This
>> could work and be configurable until we extract user logic from 
>> Katello to
>> Signo. Again do we want to allow users to decide or "we know better"? 
>> :-)
>>
>> If you have any other ideas what could make users confused or what to 
>> improve,
>> please reply.
>>
>

I'm not sure eventually if it makes sense for katello to provide its own 
login page?  If katello as a project is going to use Signo by default 
why not remove our own login form?

-Justin

> Nice to have, but I bet in most enterprise apps they would not expose 
> this option.
> -- bk
>
> _______________________________________________
> katello-devel mailing list
> katello-devel at redhat.com
> https://www.redhat.com/mailman/listinfo/katello-devel

More information about the katello-devel mailing list