Skip to content

Central User Management and SSO

General Tasks:

  • install and configure Keycloak
  • install and configure OpenLDAP
  • setup admin accounts
  • propose user, group and role structure
  • setup normal user accounts accounts
  • notify user about their new user account
  • configure user federation with LDAP
  • setup permission structure

Integrate Platforms:

  1. Git Service (Gitlab)
  2. MariaDB Frontend (phpMyAdmin)
  3. Dashboard (Traefik)
  4. Pad (Hedgedoc) #50 (closed)
  5. Blog (Wordpress)
  6. Wiki (MediaWiki)
  7. Cloud File Share (Nextcloud)

Handle Account Migration (Format: SSO Account -> Plattform Account)

  • foo -> ?:
    • Create platform account by impersonating the SSO account
  • foo -> foo:
    • Check if the owner of the SSO account is the same as the platform account
    • migrate account to SSO
  • foo -> bar:
    • Check if the SSO account is the same as the platform account (match email)
    • rename platform account and migrate to SSO
  • ? -> qot:
    • user has no SSO account yet
    • check if user is member of OSEG
    • either create a SSO account or delete the platform account
Edited by Andre Lehmann
To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information