Since this spans a bigger project which is now closing it, we're planning to break it down to three separate blog posts:
- Picking the SSO solution: The original landscape of our web-based services before SSO was implemented, a summary of the requirements we gathered for our new SSO identity provider, a summary of the existing FLOSS solutions we evaluated and a summary why we picked Apereo CAS as the identity provider to build our new service.
- Implementation of the SSO solution: A breakdown of how we designed and implemented our SSO setup, including aspects like high availability, monitoring, deployment and central configuration management.
- Migration of services to SSO and lessons learned: An overview of services which we integrated into the SSO frameworks (using which authentication protocols), lessons learned and an outlook at future steps.
- Which topic type does your blog post fall under? See: https://www.mediawiki.org/wiki/Wikimedia_technical_blog_editorial_guidelines#Outlines_for_topics:
Mostly "Big picture", but we're also hoping that will be useful for other sites looking to build an SSO framework with FLOSS, so some extent also "Technical explanation: problem / solution"
- Which audience or audiences do you think your post is appropriate for?:
- Community members (some of the services integrated into SSO are used by them partly and in the future Gitlab will use our SSO framework as well
- Other orgs who are interested in setting up an SSO identity provider based on FLOSS or migrating to a new one
- Will you need assistance with writing your blog post, or do you already have a draft? If you have a draft, please provide a link here:
We don't need further assistance other than stylistic review to align the content with the TechBlog guidelines. We expect to have a draft ready for at least one part of the series in February or early March.
- Does your post need to be published by a certain date?
- Do you have an image in mind for the featured image? You can learn more here: https://www.mediawiki.org/wiki/Wikimedia_technical_blog_editorial_guidelines#Images_used_in_your_post
We don't have one yet, but will have a look at Commons. Suggestions are more than welcome, since SSO is a concept that seems hard to visualise. Maybe something with a key to signify authentication or similar.
- Do you have any other questions or comments?
Not at this point.
Once your request is received, a technical blog admin will review it and reach out to you through Phabricator.