Skip to content

Latest commit

 

History

History
41 lines (33 loc) · 1.29 KB

20231024-minutes.md

File metadata and controls

41 lines (33 loc) · 1.29 KB

Authentication Working Group Minutes

Tuesday, 2023/10/24

10:00 am ET

Attendees:

Terrell Russell, Kory Draughn, Alan King, Martin Flores, Harry Kodden (SURF), Claudio Cacciari (SURF)

Minutes

SUMMARY:

DISCUSSION

  • OIDC/OAuth2 in HTTP API
    • OIDC Merged - irods/irods_client_http_api#75
    • Initial release coming this week
      • process_stash PR
      • Dockerization PR
        • Builder (released/built image will be published)
        • Runner
      • Documentation PR
    • After initial release
      • Alternative user mapping to happen after initial release
      • Refresh tokens
  • Deprecating temporary passwords
    • Maastricht looking into current usage
    • Thinking usage can be moved to LimitedPassword
      • Differences are minimal - obfuscation, TTL
      • Python client does not yet support LimitedPassword API
  • pam_password in 4.3
    • Berlin reporting something is different in the prompting codepaths
    • pam_password now prompting more consistently than 4.2 'pam'
    • PamAuthCheck has not changed since 2016
    • May actually want pam_interactive due to controlling the flow
    • Current thinking - this may be behaving as expected/desired
    • Consortium may need to write our own pam module for testing/confirmation
  • Next meeting
    • January 2024