exozyme/exozyme
7
12
Fork 0
Code Issues 4 Pull requests Projects Releases 39 Wiki Activity

Use Keycloak or Authentik (with LDAP plugins) #205

New issue
Closed
opened 2023-06-18 18:13:48 +00:00 by dragongoose · 2 comments
dragongoose commented 2023-06-18 18:13:48 +00:00
Copy link

The current LDAP server solution seems to keep having reoccuring issues with managing permissions, and nobody here really knowing how it's permissions work.

Switching to Authentik or Keycloak could help solve this issues!

Would this be a viable option?

The current LDAP server solution seems to keep having reoccuring issues with managing permissions, and nobody here really knowing how it's permissions work. Switching to [Authentik](https://goauthentik.io/) or [Keycloak](https://www.keycloak.org/) could help solve this issues! Would this be a viable option?
a added the
enhancement
 label 2023-06-18 18:56:45 +00:00
a commented 2023-06-18 18:57:12 +00:00
Owner
Copy link

I've considered this before (in fact we used Keycloak around 2 years ago for a while), but it would require quite a bit of work to switch to a different auth server and reconfigure everything to use the new service. The current LDAP setup can be annoying, but it does work and I think this is a "don't fix it if it's not broken" situation. I'd say I'm fairly knowledgeable about OpenLDAP and permissions and stuff, and I also wrote some scripts (adduser, moduser, deluser) to simplify managing the LDAP server so it's really not that bad. Of course, if I had to redo everything, I'd probably not use OpenLDAP, but I think it's too late to switch now.

I've considered this before (in fact we used Keycloak around 2 years ago for a while), but it would require quite a bit of work to switch to a different auth server and reconfigure everything to use the new service. The current LDAP setup can be annoying, but it does work and I think this is a "don't fix it if it's not broken" situation. I'd say I'm fairly knowledgeable about OpenLDAP and permissions and stuff, and I also wrote some scripts (adduser, moduser, deluser) to simplify managing the LDAP server so it's really not that bad. Of course, if I had to redo everything, I'd probably not use OpenLDAP, but I think it's too late to switch now.
a closed this issue 2023-06-18 18:57:12 +00:00
dragongoose commented 2023-06-18 19:09:38 +00:00
Author
Copy link

Ah, that makes sense

Ah, that makes sense
👍 1
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
main
v9.0
v8.8
v8.7
v8.6
v8.5
v8.4
v8.3
v8.2
v8.1
v8.0
v7.10
v7.9
v7.8
v7.7
v7.6
v7.5
v7.4
v7.3
v7.2
v7.1
v7.0
v6.1
v6.0
v5.1
v5.0
v4.2
v4.1
v4.0
v3.0
v2.5
v2.4
v2.3
v2.2
v2.1
v2.0
v1.3
v1.2
v1.1
v1.0
v0.3-beta
Labels
Clear labels   
bug

Something is not working

  
duplicate

This issue or pull request already exists

  
enhancement

New feature

  
help wanted

Need some help

  
invalid

Something is wrong

  
question

More information is needed

  
security

Security vulnerability

  
wontfix

This won't be fixed

No labels
bug
duplicate
enhancement
help wanted
invalid
question
security
wontfix
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
2 participants
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: exozyme/exozyme#205
No description provided.
Delete branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?