FreeIPA development has been focused on Linux systems management. Web-based applications meanwhile standardized around OAuth 2.0 authorization framework. The talk will discuss an effort to allow both worlds to interoperate seamlessly and secure. We will demonstrate how a transformation between OAuth 2.0 authorization grant and Kerberos ticket can be setup with FreeIPA to be able to enjoy single sign-on across all managed resources. We also show how to integrate FreeIPA with OAuth 2.0 identity providers as an identity source with upcoming FreeIPA SCIM v2 support and how to enable new types of hardware tokens to use in FreeIPA environments.
Presented by Alexander Bokovoy and Francisco Triviño García
Slides: vda.li/talks/2...
Негізгі бет Break ice or don't login twice: FreeIPA and OAuth 2.0
Пікірлер: 2