Re: [Pki-devel] SSO
Pascal,
I don't think Dogtag Web UI supports it. The feature you are suggesting
(sounds to me like it) requires a full fledged IDM deployment. You can look
at FreeIPA, if you are looking for MFA.
FreeIPA <https://www.freeipa.org/page/About> uses Dogtag CA as its backend
to issue certs and also combines several other components to offer a
full-fledged IDM deployment.
Nonetheless, I'm CC'ing pki-devel to see if other developers have any
thoughts.
Regards,
--Dinesh
On Mon, Jun 29, 2020 at 4:47 PM Pascal Jakobi <pascal.jakobi(a)gmail.com>
wrote:
Dinesh
In fact all I am doing here is in order to offer a GUI that may be used
with OpenId Connect (ie Keycloak or so...). The value of this is that it is
much more flexible than certificate based authentication. You can have MFA,
etc....
So my question : is there a way to remove the certificate based access
control in Dogtag's UI ? I would replace it with a tomcat valve that
provides OIDC support.
Best
--
*Pascal Jakobi* 116 rue de Stalingrad 93100 Montreuil, France
pascal.jakobi(a)gmail.com - +33 6 87 47 58 19
Attachments:
- attachment.html (text/html — 1.7 KB)