[Alioth-staff-replacement] gitea.debian.net
Michael Lustfield
michael at lustfield.net
Mon Aug 21 07:20:44 UTC 2017
On Mon, 21 Aug 2017 08:50:50 +0200
Joerg Jaspert <joerg at ganneff.de> wrote:
> On 14771 March 1977, Michael Lustfield wrote:
>
> > How does integration with Debian's SSO [1] sound? This has been done,
> > btw.
>
> Not very useful, honestly. Not with the current sso design and changes
> needed to it for it be useful to use it this way round. With current
> design, it would need to be the other way round, sso client to you.
>
> Thats the one disadvantage I see in running multiple different git
> somethings - which one do we take as so authorative that sso fetches
> data from and it defines who is -guest? (Obviously none of them having
> this flag, and sso being the one who does it (or another thing and gits
> and sso fetch from there) is the best thing).
>
> But sso is in other threads, so lets keep actual sso foo over there.
>
"Not very useful [...]" assumes that the new git service will ultimately become
the authority of -guest accounts. Per the other thread, that's not certain.
Even if -guest accounts were handled by gitea and SSO used gitea as an
authority, I would still prefer utilize SSO for the actual user authentication.
(I'm pretty sure I can make that work...)
With the current setup, SSO can use ldap/alioth/gitlab/etc. as auth sources and
gitea won't care so long as the username matches.
Obviously what I responded to and what I responded with were entirely opinion
on this setup, so I'll stop now and not bring this to the other thread.
--
Michael Lustfield
More information about the Alioth-staff-replacement
mailing list