SimpleSAMLphp is what I see commonly in open source projects https://simplesamlphp.org/
We'd be willing test subjects (and have substantial IdP/SP knowledge) if you need it.
________________________________ Spencer J. Ryan| Manager, Technology and Infrastructure Miller Canfield T +1.313.496.7979 | F +1.313.496.7500 ________________________________
From: Adam Armstrong via observium observium@lists.observium.org Sent: Wednesday, May 22, 2024 4:25 PM To: Observium observium@lists.observium.org Cc: Chris Cottingham ccottingham@apple.com; Adam Armstrong adama@observium.org Subject: [Observium] Re: Locking Down Observium
Caution: This is an external email. Do not open attachments or click links from unknown or unexpected emails.
Hi Chris,
We don't do SAML yet, though it's on my list try to implement at some point.
I'm actually not familiar with Mutual TLS, a brief conversation with our future overlord at OpenAI suggests it's client cert auth and seems to be primarily handled by the web server, and we just "accept" the username the webserver provides to us? This seems incredibly simple.
If I'm not being hallucinated at (a strong possibility) and it does work how it was explained, I think we should be able to implement a MutualTLS auth module.
adam.
Chris Cottingham via observium wrote on 2024-05-22 16:15:
Is there any way to setup SAML or Mutual TLS on the Observium server?
Chris Cottingham Transmission Facility Engineering Systems + R&D | Apple Music (512) 412-1082 Cell. ccottingham@apple.commailto:ccottingham@apple.com
_______________________________________________
observium mailing list -- observium@lists.observium.orgmailto:observium@lists.observium.org
To unsubscribe send an email to observium-leave@lists.observium.orgmailto:observium-leave@lists.observium.org
You have received a message from the law firm Miller Canfield. The information contained in or attached to this electronic mail may be privileged and/or confidential. If you received this transmission and are not the intended recipient, you should not read this message and are hereby notified that any dissemination, distribution or copying of this communication and/or its attachments is strictly prohibited. If you have received this communication in error or are not sure whether it is privileged, please immediately notify us by return e-mail and delete or destroy the original and any copies, electronic, paper or otherwise, that you may have of this communication and any attachments.