[pve-devel] [PATCH] [PATCH pve-access-control] SSO feature: login with SAMLv2
Dietmar Maurer
dietmar at proxmox.com
Tue Jun 1 10:12:35 CEST 2021
I wonder why you want to store temporary data in /etc/pve/tmp/saml. Wouldn't it we good enough
to store that on the local file system?
> On 05/27/2021 11:55 PM Julien BLAIS <webmaster at jbsky.fr> wrote:
>
>
> Added a new endpoint usable by api2/html/access/saml?realm=$DOM
> which allows to initiate a redirection to an IdP.
> During initialization, the /etc/pve/tmp/saml file is filled with the format REALM:SAML_REQUEST_ID:TIME
> Modification of the endpoint /access/ticket to support SAMLResponse.
> The information is extracted from the SAMLResponse variable in order to check
> if the SAML_REQUEST_ID exists in /etc/pve/tmp/saml, we extract from this file the REALM used to initiate the SSO connection.
More information about the pve-devel
mailing list