WebUI: Certificate login #559
Conversation
|
@pvomacka NACK, see lint errors in travis. |
pvomacka
force-pushed
the
cert_log
branch
2 times, most recently
from
03d32ee
to
8bd36a3
Compare
| this.cert_btn_node = IPA.button({ | ||
| name: 'cert_auth', | ||
| title:"Login using personal certificate", | ||
| label: "Smart Card Login", |
There was a problem hiding this comment.
Title sounds correct, but the title of the button: "Smart Card" is IMO too specific. User can login with cert even without smart card.
| @@ -72,9 +78,12 @@ define(['dojo/_base/declare', | |||
|
|
|||
| user_locked: "The user account you entered is locked. ", | |||
|
|
|||
| login_url: '/ipa/session/login_x509', | |||
There was a problem hiding this comment.
this should be called e.g. x509_url login is too general.
|
@pvoborni thank you for review. Fixed all proposed changes. |
install/conf/ipa.conf
Outdated
| GssapiDelegCcachePerms mode:0660 gid:ipaapi | ||
| GssapiImpersonate On | ||
| NSSVerifyClient require | ||
| NSSOCSP On |
There was a problem hiding this comment.
NSSOCSP can't be specified inside . That's why Travis crashes.
pvomacka
force-pushed
the
cert_log
branch
4 times, most recently
from
2c34b32
to
0c4c802
Compare
Add necessary steps which set SSSD and set SELinux boolean during installation or upgrade. Also create new endpoint in apache for login using certificates. https://pagure.io/freeipa/issue/6225
Also add error message when login failed. https://pagure.io/freeipa/issue/6225
|
LGTM and works. |
ghost
added
ack
ghost
closed this
|
NACK NACK NACK |
|
You need to wait to get th gssproxy fix I've been developing today and set the minimum gssproxy version to the one with the fix once we get to publish it |
|
Removed in #585 once it will be pushed I will close this one again. |
|
#585 was pushed |
https://pagure.io/freeipa/issue/6225