admin auth

L1 Bithead

admin auth

Any plans to allow various external authentication support (AD, SAML, etc)?

L7 Applicator

Re: admin auth

Hi @jchitsaz,

we have plans for SAML (https://github.com/PaloAltoNetworks/minemeld-core/issues/166), would that work ? 

L3 Networker

Re: admin auth

LDAP auth (primarily msft) would be ideal along with SAML. I'd like to be able to restrict access to a group or groups within LDAP which SAML doesn't provide.

L2 Linker

Re: admin auth

SAML would be ideal for us. Is there any early code we can test and/or contribute to?
L7 Applicator

Re: admin auth

Hi @Hugh.Kelley,

nope, but you can look into minemeld/flask/aaa*.py files to check the current mechanism. Why SAML?

L2 Linker

Re: admin auth

SAML is best for me because we have the supporting infrastructure already in place.  Our SaaS apps still seem to use SAML more than other protocols like OIDC.

 

Thanks for the pointer about the /flask files.   I'm new to Flask but am thinking that a file like this (link below) could drop into MineMeld pretty easily and sit alongside the /login route  (it uses /loginsso).

 

flask/loginsso.py    # Full transparency - I have not tested this at all, just a mock up

 

I'll try to test some over the coming days.

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!

The Live Community thanks you for your participation!