On 16/08/16 11:33, Patrick Uiterwijk wrote:
On Tue, Aug 16, 2016 at 9:49 AM, Karanbir Singh mail-lists@karan.org wrote:
On 16/08/16 10:30, Fabian Arrotin wrote:
For existing resources within centos.org that we deployed before ACO was available, those were configured to use their built-in users DB. So we can invest time to see which are the possibilities to be tied to ACO but it needs at least some glue, like for example token/oauth. Actually, ACO on its own can't do that (nor is "ldap" compatible) so we need to setup something in between (like what's done for the Fedora project) to do that, like either ipsilon (https://ipsilon-project.org/) or keycloak (http://www.keycloak.org/)
prolly worth looking at keycloak once
Is there any reason why you're only mentioning Keycloak here? Are there any features Ipsilon is missing that would rule it out for you, or is there some other reason?
mostly since its something I haveto work with in a different scope - but the fact that it does not work with the accounts backend we have at the moment is a bit of a blocker :)
Ipsilon would probably be a better choice for now given your account backend, as Fabian already pointed out.
sounds good, can we get some sort of a scope done here ?