[pve-devel] [PATCH] [PATCH pve-access-control] SSO feature: login with SAMLv2

Dietmar Maurer dietmar at proxmox.com
Tue Jun 1 10:12:35 CEST 2021

I wonder why you want to store temporary data in /etc/pve/tmp/saml. Wouldn't it we good enough
to store that on the local file system?

> On 05/27/2021 11:55 PM Julien BLAIS <webmaster at jbsky.fr> wrote:
> Added a new endpoint usable by api2/html/access/saml?realm=$DOM
>   which allows to initiate a redirection to an IdP.
>   During initialization, the /etc/pve/tmp/saml file is filled with the format REALM:SAML_REQUEST_ID:TIME
> Modification of the endpoint /access/ticket to support SAMLResponse.
>   The information is extracted from the SAMLResponse variable in order to check
>   if the SAML_REQUEST_ID exists in /etc/pve/tmp/saml, we extract from this file the REALM used to initiate the SSO connection.

More information about the pve-devel mailing list