Issue 1: Add SSO to roadmap - Bimba roadmap

Message 34

2025-04-26T12:07:51+00:00

Testing if mail-gw still works after enabling SSO

Message 33

2025-04-26T09:49:00+00:00

Applied on roadmap. Check email-gw. Logout doesn't redirect back

Message 30

2025-04-22T17:46:42+00:00

Left to do: * apply on roadmap.apiote.xyz * check mail gateway

Message 29

2025-04-15T08:01:47+00:00

Left to do:
* check copying user data after login
* replace form with button
* check email gateway

Message 28

2025-04-12T16:01:58+00:00

change roles everywhere (including roadmap) to without ‘seat’

i.e. * platform * back * window * …

Message 15

2025-04-04T11:45:37+00:00

Message 6

2025-03-18T11:15:17+00:00

also: https://wiki.roundup-tracker.org/OauthAuthentication

I think there are two main ways: * simple but possibly insecure; * replace login form in roadmap with login button redirecting to SSO * add hook on SSO register to add user to roadmap and dummy password generated/stored in vault * pass user:specificPassword in authorization header to roadmap * difficult: * integrate OIDC into login procedure in roadmap (cf. wiki link)

maybe it can be done in steps: first the simple step, then pass token to roadmap and check OIDC claims in login procedure (still needs users created in hook from SSO, with no password this time and safeguard not to check local password)

Message 1

2025-03-02T13:15:24+00:00

* https://wiki.roundup-tracker.org/ShibbolethLogin
* https://wiki.roundup-tracker.org/LDAPLogin
* https://wiki.roundup-tracker.org/CustomisationExamples #Security