Proposal for SAML Authentication Support to FAB #1028
Comments
|
I am working on it for support SAML2 in CAS. #968 |
|
@sumous okay, do you know what the timeline for supporting SAML2 is? I looked at python-cas and it seems that it only supports SAML 1.0, are there plans to support SAML 2.0? More than happy to help, thanks! |
|
This issue has been automatically marked as stale because it has not had recent activity. It will be closed in 7 days if no further activity occurs. Feel free to reopen it if it's still relevant to you. Thank you |
|
. |
|
This issue has been automatically marked as stale because it has not had recent activity. It will be closed in 7 days if no further activity occurs. Feel free to reopen it if it's still relevant to you. Thank you |
|
@dpgaspar Hi! Sorry to ask a redundant question but what is the status of this task? I am really interested in this so I can help if needed, at Wikimedia we are starting to use CAS and I'd love to bridge the gap between it and Presto+Kerberos (working on it in apache/superset#8794). |
|
gentle ping :) |
|
bump for Apache Airflow FAB SAML support. |
|
Any update on this, guys? |
Proposal for SAML Authentication Support to FAB
Motivation
To enable a more secure way of authentication as an option. It is also the primary way of authentication at Affirm and many other companies. It also seems to be requested by others in the community -
Need help with saml 2.0 integration
Add SAML support
@mistercrunch - requesting suggestions and comments, thanks!
Proposed Change
When creating an app using FAB, users get an option to choose from 5 existing ways of authentication like AUTH_DB, AUTH_OAUTH and more. To provide SAML as an option to users, AUTH_SAML will be added to this list. In the config.py file, users can select AUTH_SAML as their authentication method and would have to list the SAML Identity Providers they'd like to support.
When they run the app, users will be directed to the chosen SAML Identity provider to login.
New or Changed Public Interfaces
Other views and models will be added as per the need. These changes will enable flow of authentication using SAML, from sign on request to retrieving user info, just as is done for other authentication methods.
New dependencies
python3-saml is required and has the MIT License
Rejected Alternatives
Rejected using library flask-saml2 because it is not maintained as frequently as python3-saml. python3-saml is backed by onelogin and has good documentation and support.
The text was updated successfully, but these errors were encountered: