[om-infra] sso - custom username support is working now
Anurag Bhandari
ab at anuragbhandari.com
Tue Jan 19 13:18:48 EST 2016
On 19-Jan-2016 1:26 pm, "Robert Xu" <robxu9 at gmail.com> wrote:
>
> Okay, so it's a good thing I caught this - LDAP is storing passwords
> in clear text. That is unacceptable.
Whoops! That's outrageous. Totally unacceptable.
>
> Can someone figure out a way to make LDAP store them hashed? We cannot
> proceed with passwords in clear text.
I can check into this. Where's the data store for LDAP? Also, did you check
if there's a setting in lemonldap to enable encrypted passwords. At any
rate, such a setting should be default.
>
> On 18 January 2016 at 20:03, Robert Xu <robxu9 at gmail.com> wrote:
> > Uhh, I can - but it's ugly. I'll put the patches up somewhere I guess.
> >
> > On 18 Jan 2016 19:00, "Raphaël Jadot" <rj at hodo.fr> wrote:
> >>
> >> Maybe silly question but is your hack shareable upstream?
> >>
> >> --
> >> Sent from Yandex.Mail for mobile
> >>
> >> 19.01.2016, 00:39, "Robert Xu" <robxu9 at gmail.com>:
> >>
> >>
> >> :)
> >>
> >> Okay - so for Discourse, the best option would be to use SAML
> >> (https://github.com/kirushik/discourse_saml_auth_proxy). This will
> >> ensure that attributes stay in sync between LemonLDAP and Discourse.
> >>
> >> I can get OpenProject set up with CAS, so you can authenticate there.
> >>
> >> I'll need to get Kahinah running with CAS, and we'll see if we can get
> >> our own abf.openmandriva.org to use CAS or SAML (ask fedya?).
> >>
> >> Robert
> >>
> >> On 18 January 2016 at 10:20, Raphaël Jadot <rj at hodo.fr> wrote:
> >>
> >> That's AWESOME :)
> >>
> >> --
> >> Sent from Yandex.Mail for mobile
> >>
> >> 17.01.2016, 06:13, "Robert Xu" <robxu9 at gmail.com>:
> >>
> >>
> >> hi all,
> >>
> >> I've added custom username support to lemonldap::ng. I think I covered
> >> all areas - but please let me know if I missed some edge case.
> >>
> >> lemonldap::ng still needs the ability to modify email addresses, but I
> >> think we can leave that off to another time.
> >>
> >> this means we are ready to start connecting systems to lemonldap::ng.
> >> what should we do first?
> >>
> >> cheers,
> >> Robert
> >>
> >>
> >> --
> >> cheers, Robert :: github.com/robxu9
> >>
> >>
> >>
> >>
> >>
> >>
> >> --
> >> cheers, Robert :: github.com/robxu9
>
>
>
> --
> cheers, Robert :: github.com/robxu9
>
> _______________________________________________
> OM-Infra mailing list
> OM-Infra at ml.openmandriva.org
> http://ml.openmandriva.org/mailman/listinfo/om-infra_ml.openmandriva.org
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://ml.openmandriva.org/mailman/private/om-infra_ml.openmandriva.org/attachments/20160119/6522d92b/attachment-0001.html>
More information about the OM-Infra
mailing list