web-proxy-sso: TODO list for public release #43
Comments
|
|
|
@gitdevmod problem with API POST turned out to be a typo: UpdateOnly -> UpdateOnlyTextField |
|
|
@AdSchellevis the SSO plugin is quite light in terms of dependencies, and it requires a squid.conf base hook... it looks better to bring it into core.git itself. what do you think? @gitdevmod At the moment, I don't know where the menu item should live (except in a native proxy server tab) and how it is going to be modelled: do we need a SSO configuration per user or is the "general" form the only form we need to use? |
|
@fichtner it's a general configuration, add a new server authentication, configure the plugin (AD information) and the server authentication in proxy configuration page. |
|
@fichtner oops, was working may way through my email from top to bottom, so posted my comments here opnsense/core#1235 I'm not overly enthusiastic for integrating it into core, mainly because of timing and current workload. If it's in core it automatically means we have to support the feature. I do see the logic of having it integrated, but when pluggable its easier to manage. |
|
@gitdevmod squid.conf and rc.conf.d changes in via plugin.. almost done :) |
|
Thanks! |
|
Code for kerberos is added correctly but Local User Authentication helper config should not be added at the same time
|
|
@gitdevmod ok, this is tricky to plug in, we may need an "alt-auth" file for this then |
We fall back to the local authentication if not found. PR: opnsense/plugins#43
|
@gitdevmod should be in there, I think we are ready for a first try :) |
|
@gitdevmod fix tested in core and plugins for /etc/rc.conf.d/squid subdir -- cannot commit ATM, but will be there soon |
We fall back to the local authentication if not found. PR: opnsense/plugins#43 (cherry picked from commit 3512257)
|
Use a drop-down list for Domain Version. Last time I tried it did not work. |
|
@gitdevmod the authentication work on core.git moves to 16.7.8. I don't think we'll be ready for the first release of SSO just then, but 16.7.9 could be the one. :) |
|
I tried the option drop-down, but I didn't render properly as you said. Just keeping this for reference. |
|
Hi guys, how install this plugin web-proxy-sso in my opnsense 17.1.4-amd64? |
|
@adrianobragas You should be able to install it via |
|
Hi Adriano,
Update to 17.1.4 from the firmware pages, then log into the console or ssh and type:
# pkg install os-web-proxy-sso-devel
The package is then available from the menu, but keep in mind it has not been finished for release.
Cheers,
Franco
… On 21. Jun 2017, at 06:54, Adriano Braga da Silva ***@***.***> wrote:
Hi guys, how install this plugin web-proxy-sso in my opnsense 17.1.4-amd64?
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub, or mute the thread.
|
|
We are going to replace the old SSO plugin with #266 soon |
fix POST issue: {"errorMessage":"Error at /usr/local/opnsense/mvc/app/models/OPNsense/Base/FieldTypes/BaseField.php:520 - array_key_exists() expects parameter 2 to be array, string given (errno=2)"}copyright header style updateschange menu locationadjust squid.conf and rc.conf.d/squidalt-auth hook to prevent local user authentication/etc/rc.conf.d/ssoproxyad is not sourced because the service is "squid" <-- need an /etc/rc.conf.d/squid DIRECTORY insteadCurrently required patching for 16.7.7:
The text was updated successfully, but these errors were encountered: