~sircmpwn/sr.ht-discuss

3 3

Integration with Active Driectory

Details
Message ID
<CAGPCOtm_iWDF_r4-aYDXieiHBDYh=fHgub7NKMrx347MP+aBHw@mail.gmail.com>
DKIM signature
pass
Download raw message
Hello,

Is there any possibility to integrate with Active Directory at this moment?
Mainly to allow known and authorised colleagues to login to a private
sr.ht instance...
--
Vriendelijke groeten,
Jeroen Langeveld
Details
Message ID
<CAU3DH41WKG8.1OC4LF9AE0Q4U@X200>
In-Reply-To
<CAGPCOtm_iWDF_r4-aYDXieiHBDYh=fHgub7NKMrx347MP+aBHw@mail.gmail.com> (view parent)
DKIM signature
fail
Download raw message
DKIM signature: fail
On Thu Apr 22, 2021 at 8:22 AM BST, Jeroen Langeveld wrote:
> Is there any possibility to integrate with Active Directory at this
> moment? Mainly to allow known and authorised colleagues to login to a
> private sr.ht instance...

SourceHut doesn't support proprietary technology, so I can't see support
for Active Directory being merged.

Would something like LDAP meet your needs?
Details
Message ID
<CAGPCOt=y+6HDUQqX1oPXc-5t1Gudzi0d4oepntNaqz6q7z+-cw@mail.gmail.com>
In-Reply-To
<CAU3DH41WKG8.1OC4LF9AE0Q4U@X200> (view parent)
DKIM signature
pass
Download raw message
I neglected to include the mailinglist in my replies, so for posterity
I'll add Mark's further replies:

On Thu Apr 22, 2021 at 9:13 AM BST, Jeroen Langeveld wrote:
> After posting I realised we usually use LDAP to authorise users for
> other systems, so that should work for srht too. Is LDAP supported out
> of the box, or do we need to do some hacking?

As far as I'm aware, no. However, there's an open issue for LDAP here:
https://todo.sr.ht/~sircmpwn/meta.sr.ht/144 which mentions support for
Pluggable Authentication Modules, so perhaps you could use that if
pam_ldap would work for you.

--
Vriendelijke groeten,
Jeroen Langeveld

Op do 22 apr. 2021 om 09:59 schreef Mark Dain <mark@markdain.net>:
>
> On Thu Apr 22, 2021 at 8:22 AM BST, Jeroen Langeveld wrote:
> > Is there any possibility to integrate with Active Directory at this
> > moment? Mainly to allow known and authorised colleagues to login to a
> > private sr.ht instance...
>
> SourceHut doesn't support proprietary technology, so I can't see support
> for Active Directory being merged.
>
> Would something like LDAP meet your needs?
Details
Message ID
<20210422084448.gcl3dkaxfndsx2ax@phi>
In-Reply-To
<CAGPCOt=y+6HDUQqX1oPXc-5t1Gudzi0d4oepntNaqz6q7z+-cw@mail.gmail.com> (view parent)
DKIM signature
pass
Download raw message
I added support for LDAP at some point, which was reverted due to a
licensing issue witht the python 'ldap' module. I didn't have the
time/incentive to rewrite it against yet-another-ldap-python module
which is properly licensed. Ping me if you want more details / the
actual links.

It would work with active directory (modulo 10 lines of code).

-- 
Timothée
Reply to thread Export thread (mbox)