Uploaded image for project: 'Artifactory Binary Repository'
  1. Artifactory Binary Repository
  2. RTFACT-12320

Add an option to bind HTTP SSO logins to LDAP groups

    Details

    • Type: Improvement
    • Status: Resolved
    • Priority: High
    • Resolution: Fixed
    • Affects Version/s: 4.11.2, 4.12.2
    • Fix Version/s: 5.8.0
    • Component/s: LDAP
    • Labels:
      None

      Description

      Currently, Artifactory supports the ability to associate an HTTP SSO login session with groups in Artifactory (see https://www.jfrog.com/jira/browse/RTFACT-7112) with the use of a Realm user-plugin. However, this association is not persisted in any way, and it expires when the login session expires.

      Customers need to have the ability to achieve the same group association functionality with HTTP SSO login that they have with a standard LDAP login. This will be a cohesive solution for users who have an LDAP server configured in Artifactory for the purpose of groups and permissions, who use it in conjunction with HTTP SSO for login.

      In this scenario, the HTTP SSO login will use the same functionality the LDAP login uses to associate the user with a group on the LDAP server, and also persist the user to the group on Artifactory (i.e add the user to the relevant group(s) on Artifactory), just like the LDAP login does.

      We could make this option configurable in the HTTP SSO screen - i.e let the user pick an LDAP server(s) he wants to associate with the HTTP SSO login, for example.

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                Dudim Dudi Morad (Inactive)
                Reporter:
                uriahl Uriah Levy
                Assigned QA:
                Tamir Hadad
              • Votes:
                2 Vote for this issue
                Watchers:
                6 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: