On 16/08/16 11:33, Patrick Uiterwijk wrote: > On Tue, Aug 16, 2016 at 9:49 AM, Karanbir Singh <mail-lists at karan.org> wrote: >> On 16/08/16 10:30, Fabian Arrotin wrote: >>> For existing resources within centos.org that we deployed before ACO was >>> available, those were configured to use their built-in users DB. So we >>> can invest time to see which are the possibilities to be tied to ACO but >>> it needs at least some glue, like for example token/oauth. Actually, ACO >>> on its own can't do that (nor is "ldap" compatible) so we need to setup >>> something in between (like what's done for the Fedora project) to do >>> that, like either ipsilon (https://ipsilon-project.org/) or keycloak >>> (http://www.keycloak.org/) >> >> prolly worth looking at keycloak once > > Is there any reason why you're only mentioning Keycloak here? > Are there any features Ipsilon is missing that would rule it out for > you, or is there > some other reason? mostly since its something I haveto work with in a different scope - but the fact that it does not work with the accounts backend we have at the moment is a bit of a blocker :) > Ipsilon would probably be a better choice for now given your account backend, > as Fabian already pointed out. sounds good, can we get some sort of a scope done here ? -- Karanbir Singh +44-207-0999389 | http://www.karan.org/ | twitter.com/kbsingh GnuPG Key : http://www.karan.org/publickey.asc