Re: UAA, SAML, and LDAP questions

Home Messages Hashtags Subgroups

#102

Re: UAA, SAML, and LDAP questions

Sree Tummidi #102 Hi Aaron, You could potentially use the access token (similar to a personal access token used for GitHub API ) to achieve the CLI automation. The access token can either be retrieved via an authentication to the CLI itself or via UAAC. Regular users would still continue to use the -sso option. Thanks, Sree Tummidi Sr. Product Manager Identity - Pivotal Cloud Foundry On Wed, May 13, 2015 at 1:56 PM, Huber, Aaron M <aaron.m.huber(a)intel.com> wrote: That’s the main concern we have as well – we currently need LDAP for the CLI since SAML doesn’t work in that case, but we’d like SAML for web-based interactions (SSO in a portal, etc.). But at present it seems like that’s not possible without the user having to deal with effectively two separate accounts. Aaron From: Mike Youngstrom [mailto:youngm(a)gmail.com] Sent: Wednesday, May 13, 2015 1:34 PM To: Filip Hanik Cc: Huber, Aaron M; CF Developers Mailing List Subject: Re: [cf-dev] UAA, SAML, and LDAP questions Well, that's a bummer. Is there any way around that? Our SAML is backed by the same LDAP so they are the same user. We can provide a unique ID to correlate SAML with LDAP users. Mike On Wed, May 13, 2015 at 2:28 PM, Filip Hanik <fhanik(a)pivotal.io> wrote: yes, it would result in two different shadow accounts, differentiated by the value of the user's origin field On Wed, May 13, 2015 at 2:08 PM, aaron_huber <aaron.m.huber(a)intel.com> wrote: Would the same user logging in via SAML and LDAP result in two different UAA user objects with different sources, so that the user would have two different sets of orgs/spaces/apps? Aaron -- View this message in context: http://cf-dev.70369.x6.nabble.com/cf-dev-UAA-SAML-and-LDAP-questions-tp62p65.html Sent from the CF Dev mailing list archive at Nabble.com. _______________________________________________ cf-dev mailing list cf-dev(a)lists.cloudfoundry.org https://lists.cloudfoundry.org/mailman/listinfo/cf-dev _______________________________________________ cf-dev mailing list cf-dev(a)lists.cloudfoundry.org https://lists.cloudfoundry.org/mailman/listinfo/cf-dev _______________________________________________ cf-dev mailing list cf-dev(a)lists.cloudfoundry.org https://lists.cloudfoundry.org/mailman/listinfo/cf-dev attachment.html
More All Messages By This Member

View All 12 Messages In Topic

#102

Join cf-dev@lists.cloudfoundry.org to automatically receive all group messages.

Home Hashtags Subgroups Terms