| 9 Mar 2024 |
 raitobezarius | In reply to @hexa:lossy.network
who does though? 😄 Well, Apereo folks does OK things in that area | 01:55:49 |
 hexa | so CAS? | 01:55:59 |
| raitobezarius | It's honest even though I hate Java Enterprise | 01:56:37 |
| raitobezarius | (it hurts me to say it ok) | 01:56:49 |
| hexa | ❯ rg apereo
pkgs/development/php-packages/phing/composer.lock
4672: "apereo/phpcas": "<1.6",
| 01:57:03 |
| hexa | 🤡 | 01:57:08 |
| raitobezarius | what is this supposed to mean :D | 01:57:24 |
| hexa | take the best of both worlds | 01:57:27 |
| raitobezarius | But honestly, you say 'added complexity of SAML', I wonder how much this complexity has been inflicted by the bad reputation of SAML via corporate vendors | 01:57:40 |
| raitobezarius | OIDC was/is also very complicated | 01:57:47 |
| raitobezarius | I wonder why that complexity is also accepted | 01:58:14 |
| raitobezarius | and well all software has bugs :p https://github.com/kanidm/kanidm/issues/2611 | 01:59:27 |
| raitobezarius | even with a good codebase like kanidm we find some weird stuff | 01:59:53 |
| hexa | contemplating the requirements for our sso | 02:02:21 |
| hexa | wondering if the self service that kani provides is sufficient | 02:02:32 |
| hexa | haven't seen rc16 yet | 02:02:38 |
| raitobezarius | we are probably going to develop a self service on the top of it for our needs | 02:02:59 |
| raitobezarius | and just use kanidm API for a bunch of things | 02:03:13 |
| hexa | I'd rather we'd spent time elsewhere | 02:03:19 |
| raitobezarius | like RADIUS profiles | 02:03:19 |
| raitobezarius | idontmaketherules | 02:03:27 |
| hexa | I mean like for nixos.org | 02:03:47 |
| raitobezarius | i thought you were talking about your work | 02:04:02 |
| raitobezarius | what kind of self service do we want for nixos.org? | 02:04:12 |
| hexa | they'll get kanidm at some point, they have no choice | 02:04:13 |
| hexa | I think self-registration for one | 02:04:30 |
| hexa | updating your own name | 02:04:50 |
| hexa | the simple stuff | 02:05:07 |
| hexa | with kani creating accounts would amount to handing out urls/qrcodes to people | 02:05:24 |
| raitobezarius | seems like we can send anyone who needs more to fix it upstream | 02:05:52 |
