[midPoint] REST Authentication
Radovan Semancik
radovan.semancik at evolveum.com
Tue Aug 11 10:58:19 CEST 2015
Hi Anton,
There is a way how to "plug" midPoint into a SSO system. We had success
with CAS and OpenAM:
https://wiki.evolveum.com/display/midPoint/MidPoint+and+SSO+HOWTO
I believe that similar approach might be used to support OAuth2-based
mechanisms with the help of an OAuth server or an API gateway. I think
that this is the way forward: midPoint is not an authentication server.
MidPoint's responsibility is management of identities, not directly
authorization or authentication. There are great products that already
do auth/autz and we have no plans to duplicate their functionality. We
rather have plans to integrate with them.
Therefore we do not have any specific plans about extended
authentication mechanisms for REST or SOAP.
But that does not mean we cannot implement something simple such as the
X509-based auth (if you are thinking about SSL mutual authentication).
We can do it if there is a demand. You are the first to mention it,
therefore I have create a Jira issue:
https://jira.evolveum.com/browse/MID-2505
Please see the ususal options here:
https://wiki.evolveum.com/display/midPoint/I+Need+New+Feature
--
Radovan Semancik
Software Architect
evolveum.com
On 08/07/2015 12:38 PM, midpoint at mybtinternet.com wrote:
> Hi,
>
> Are there plans to support authentication mechanisms other than
> userid & password?
> I would like to see certificate authentication.
>
> Regards,
> Anton
>
>
>
>
> _______________________________________________
> midPoint mailing list
> midPoint at lists.evolveum.com
> http://lists.evolveum.com/mailman/listinfo/midpoint
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20150811/42a4a3c6/attachment.htm>
More information about the midPoint
mailing list