panettone: should use OIDC/SAML instead of raw LDAP for authn

#4
Opened by lukegb at 2020-07-28T01·26+00

LDAP is fine for authz/groups (although we don't have any in LDAP at the moment)

  1. I think it would be nice if we had a generic SSO proxy that takes care of this and just forwards identities via nginx auth-requests.

    tazjin at 2020-07-28T01·26+00

  2. That also works, actually.

    lukegb at 2020-07-28T01·26+00

  3. And also saves me a lot of work :)

    grfn at 2020-07-28T01·26+00