SAML authentication to RHEV User Portal
Environment
- Red Hat Enterprise Virtualization 3.5
- IBM Tivoli Federated Identity Manager
Issue
- We would like to integrate RHEV User-Portal authentication with our current federated identity management solution using SAML.
- This is addressed in Bug #1131443 as CLOSED CURRENTRELEASE in RHEV-3.5:
1. setup saml using mod_auth_saml.
2. setup ldap with matching user names.
3. setup ovirt-engine similar to kerberos sso.
engine does not care if it is mod_auth_kerb or mod_auth_saml authenticating at apache level
- We are looking answers for answers to the following questions:
1) Is this officially supported in 3.5?
2) Is there associated documentation describing the process in more detail?
Resolution
- Our QE team was able to test with mod_auth_mellon apache module as service provider and OpenAM as identity provider. More instructions are in the attached PDF file.
- If you have a different provider, please contact Red Hat Support for assistance.
Root Cause
- There is no associated documentation describing the process in more detail.
Diagnostic Steps
- Is there any specific SAML provider that customer are aiming at?
Attachments
This solution is part of Red Hat’s fast-track publication program, providing a huge library of solutions that Red Hat engineers have created while supporting our customers. To give you the knowledge you need the instant it becomes available, these articles may be presented in a raw and unedited form.
Comments