Will be the fount of authentication, to log in to other applications with one account.
Description
Description
Revisions and Commits
Revisions and Commits
| rOPS Nasqueron Operations | |||
| D1808 | rOPSa7867d8fc322 Migrate auth-grove on Equatower | ||
| rDGROVE Docker image for Auth Grove | |||
| D375 | rDGROVEcc41e132174a Initial revision for Auth Grove's Docker image | ||
| rDII 502 error pages | |||
| D376 | rDIIf12291e0e1de 502 for login.nasqueron.org | ||
| Status | Subtype | Assigned | Task | ||
|---|---|---|---|---|---|
| Open | None | T270 Implement SSO on forum.nasqueron.org | |||
| Open | None | T271 Deploy Auth Grove to login.nasqueron.org | |||
| Open | None | T343 Provide a migration path from Espace Win accounts to Nasqueron accounts | |||
| Open | None | T347 Allow to register an account through a social login | |||
| Open | None | T344 Convert forum.nasqueron.org accounts into Nasqueron accounts | |||
| Resolved | None | T838 Disable gulp-notify | |||
| Wontfix | dereckson | T837 Investigate gulp issue to minimize CSS | |||
| Resolved | None | T836 Update MySQL users table in migration | |||
| Resolved | dereckson | T835 Commit storage/ folder | |||
| Resolved | dereckson | T839 Current URL detection code in views aren't coherent | |||
| Resolved | dereckson | T492 When using a front-end server with SSL termination, back-end serves http:// links. | |||
| Invalid | None | T878 Salt Auth Grove passwords | |||
| Resolved | dereckson | T840 Upgrade to Laravel 5.2 | |||
| Resolved | dereckson | T1452 Upgrade PHP version in Auth Grove Docker image |
Event Timeline
Comment Actions
Application name set to Auth Grove.
ASCII art logo possibilities could be found at P52.
Comment Actions
MySQL
Dwellers
$ mysql-acquisitariat-client Welcome to the MySQL monitor. Commands end with ; or \g. Your MySQL connection id is 25258597 Server version: 5.7.11 MySQL Community Server (GPL) Copyright (c) 2000, 2015, Oracle and/or its affiliates. All rights reserved. Oracle is a registered trademark of Oracle Corporation and/or its affiliates. Other names may be trademarks of their respective owners. Type 'help;' or '\h' for help. Type '\c' to clear the current input statement. mysql> CREATE DATABASE login; Query OK, 1 row affected (0.09 sec) mysql> GRANT ALL PRIVILEGES ON login.* TO 'login'@'%' IDENTIFIED BY '…'; Query OK, 0 rows affected, 1 warning (0.25 sec)
Password stored in K67.
Comment Actions
Current status
Container is deployed, a procedure to spin a new container or upgrade the code inside the current container is documented at http://agora.nasqueron.org/Operations_grimoire/Login.
Still to do
There is a minimal level of features still to implement to use it for Nasqueron.
Then, we'll need to link services to it.
Comment Actions
Development moratoire
Per T1771, we're currently considering implementing Keycloak as a reference identity management and SSO login product.
This product exposes a LDAP, OIDC (OpenID Connect) and SAML capabilities to authenticate users and applications. It seems to solve our main problems.
From there, it's not clear what we do with Auth Grove:
- Scenario A. We drop it, and as users we directly interact with Keycloak. Development is discontinued.
- Scenario B. Auth Grove is morphed into a front-end to use Keycloak: we expose current information, and interact with Keycloak API (through a generic set of classes to allow to switch to another solution) to set credentials and metadata.
- Scenario C. We use both Keycloak AND Auth Grove. We don't make integrate with Keycloak at all, to stay independent and not vendor-locked.
While T1771 evaluation is ongoing, a moratoire covers any development activities related to Auth Grove, with the obvious exception of security issues.
This moratoire cover fully or partly this task.