[pve-devel] RE : RE : [PATCH] [PATCH pve-access-control] SSO feature:login with SAMLv2
Dietmar Maurer
dietmar at proxmox.com
Wed Jun 2 12:48:15 CEST 2021
> On 06/02/2021 12:16 PM wb <webmaster at jbsky.fr> wrote:
>
>
> > I also wonder why SAML? Would it be an option to use OpenId connect instead?
> As I was able to use SAML, I know the functional part and therefore, if I used SAML, it is only by ease.
>
> Switch to OpenID, why not. The time I set up a functional POC.
>
> On the other hand, I would like to know your constraints.
Sorry, what do you want to know exactly?
> Do you still want to use Rust?
Yes. But I am still searching for usable crates:
openidconnect: https://github.com/ramosbugs/openidconnect-rs
Seems promising, but I have not done any testing so far...
> If yes, I am curious to know how to bind perl to Rust? Do you have an example?
https://git.proxmox.com/?p=perlmod.git;a=summary
Hope the inline docs and examples are good enough to start...
> I noticed from our exchange :
> During an API call, if the user is not authenticated, do not pass in private and privileged the writing on /tmp/.
yes, unprivileged users should not be able to write anything.
More information about the pve-devel
mailing list