Tasks #37081
mgr/dashboard: SSO - Use `python-pysaml2` instead of `python-saml`
0%
Description
Ceph Dashboard is currently using `python-saml` library to support SAML2.0 SSO protocol.
Since this library is not available on distribution’s package management (yum, zypper, ...), we should move to `python-pysaml2` that is available on common distributions for both python 2 [1] and python 3 [2].
[1] https://pkgs.org/download/python-pysaml2
[2] https://pkgs.org/download/python3-pysaml2
History
#1 Updated by Ricardo Marques over 5 years ago
- Tracker changed from Bug to Tasks
#2 Updated by Ricardo Marques over 5 years ago
- Description updated (diff)
#3 Updated by Ricardo Marques over 5 years ago
- Priority changed from Normal to Low
#4 Updated by Kefu Chai over 5 years ago
please note python-saml only supports python2, while python3-saml supports both python2 and python3. see https://github.com/onelogin/python3-saml
#5 Updated by Lenz Grimmer over 5 years ago
To my knowledge, the dashboard is based on the onelogin SAMLv2 Python modules and already works in both a Python 2 and Python 3 environment - both python-saml and python3-saml are supported. Switching to the pysaml2 library requires a refactoring of the dashboard authentication code.
#6 Updated by Ken Dreyer about 5 years ago
Fedora has https://apps.fedoraproject.org/packages/python3-saml , so we should be good there.
For CentOS 7, we can package and ship https://github.com/onelogin/python-saml in the CentOS Storage SIG https://wiki.centos.org/SpecialInterestGroup/Storage/Ceph . I will work on this.
#7 Updated by Lenz Grimmer about 5 years ago
Ken Dreyer wrote:
Fedora has https://apps.fedoraproject.org/packages/python3-saml , so we should be good there.
For CentOS 7, we can package and ship https://github.com/onelogin/python-saml in the CentOS Storage SIG https://wiki.centos.org/SpecialInterestGroup/Storage/Ceph . I will work on this.
Thanks a lot, Ken - much appreciated!
#8 Updated by Lenz Grimmer about 5 years ago
- Status changed from New to Won't Fix
Resolving this as "Won't Fix" then
#9 Updated by Ernesto Puerta almost 3 years ago
- Project changed from mgr to Dashboard
- Category changed from 145 to Security & Auth