← Back to team overview

dhis2-users team mailing list archive

Re: OAuth & Single-Sign-on / CAS with DHIS2

 

Sure, feel free to keep us posted with updated :)

-- 
Morten Olav Hansen
Senior Engineer, DHIS 2
University of Oslo
http://www.dhis2.org

On Mon, Aug 7, 2017 at 11:57 AM, Jason Phillips <jason@xxxxxxxx> wrote:

> Hi Morten,
>
>
>
> Thanks for your reply.
>
>
>
> We did consider LDAP – and it’s certainly still on the table – but were
> definitely, based on your response, heading in the wrong direction; I have
> been investigating a number of OpenID server entities instead, so I am
> grateful for your advice.
>
> We’ll experiment with LDAP instead, and see where we wind up!  One day
> soon, we hope to begin documenting and sharing with the community all our
> “solutions”, so will eventually revert with our end-game…
>
>
>
> Kind Regards,
>
> *Jason Phillips*
>
> [image: hisp]
> *Information Systems / Infrastructure*
>
> *Health Information Systems Program____________________________________*
>
> This message and any attachments are subject to a disclaimer published at
> http://www.hisp.org/policies.html#comms_disclaimer.  Please read the
> disclaimer before opening any attachment or taking any other action in
> terms of this electronic transmission.  If you cannot access the
> disclaimer, kindly send an email to disclaimer@xxxxxxxx and a copy will
> be provided to you. By replying to this e-mail or opening any attachment
> you agree to be bound by the provisions of the disclaimer.
>
>
>
>
>
> *From:* Morten Olav Hansen [mailto:morten@xxxxxxxxx]
> *Sent:* Sunday, 06 August 2017 7:49 PM
> *To:* Jason Phillips <jason@xxxxxxxx>
> *Cc:* DHIS 2 Users list <dhis2-users@xxxxxxxxxxxxxxxxxxx>
> *Subject:* Re: [Dhis2-users] OAuth & Single-Sign-on / CAS with DHIS2
>
>
>
> Hi Jason
>
>
>
> Have you considered using LDAP? we have had support for that a few
> releases. OpenID is basically deprecated, and I suggest not going that
> route. OAuth2 does not itself contain any authentication protocols (we are
> using basic or form based to get the bearer token).
>
>
>
> We have a issue for adding OpenID connect support (OpenID 2 + OAuth2) but
> that's not something that is coming soon.
>
>
> --
>
> Morten Olav Hansen
>
> Senior Engineer, DHIS 2
>
> University of Oslo
>
> http://www.dhis2.org
>
>
>
> On Fri, Aug 4, 2017 at 10:38 AM, Jason Phillips <jason@xxxxxxxx> wrote:
>
> Greetings, community!
>
>
>
> HISP SA is looking at ways to implement a single-sign-on solution within
> our hosted DHIS2 instances, potentially using OAuth and a self-hosted
> central OpenID/OpenAuth server entity (or even a dhis2 instance?) for
> authentication.
>
> Has anyone got any experience with implementing such a solution, and/or
> any advice about what the best practice could/would be to do so?
> The aim would be to try and get all dhis2 instances to share a single
> user’s password across the board, and ideally be able to revoke, manage and
> control access to all instances in a single location.
>
>
>
> Any advice, comments, suggestions or guidance would be most welcome.
>
>
>
> Kind Regards,
>
> *Jason Phillips*
>
> [image: hisp]
> *Information Systems / Infrastructure*
>
> *Health Information Systems Program____________________________________*
>
> eMail:               jason@xxxxxxxx
> Tel/Fax:            +27 21 712 0170 <+27%2021%20712%200170>
> Cell:                 +27 72 973 7250 <+27%2072%20973%207250>
> Skype:             jason.n.phillips
>
> This message and any attachments are subject to a disclaimer published at
> http://www.hisp.org/policies.html#comms_disclaimer.  Please read the
> disclaimer before opening any attachment or taking any other action in
> terms of this electronic transmission.  If you cannot access the
> disclaimer, kindly send an email to disclaimer@xxxxxxxx and a copy will
> be provided to you. By replying to this e-mail or opening any attachment
> you agree to be bound by the provisions of the disclaimer.
>
>
>
> [image: cid:image002.jpg@01D2F4CE.CFC9B9B0]
>
> See the conference website <https://www.ehealthalive.org/> for more
> information!
>
>
>
>
>
>
>
> *This message and any attachments are subject to a disclaimer published at
> http://www.hisp.org/policies.html#comms_disclaimer
> <http://www.hisp.org/policies.html#comms_disclaimer>.  Please read the
> disclaimer before opening any attachment or taking any other action in
> terms of this electronic transmission.  If you cannot access the
> disclaimer, kindly send an email to disclaimer@xxxxxxxx
> <disclaimer@xxxxxxxx> and a copy will be provided to you. By replying to
> this e-mail or opening any attachment you agree to be bound by the
> provisions of the disclaimer.*
>
>
> _______________________________________________
> Mailing list: https://launchpad.net/~dhis2-users
> Post to     : dhis2-users@xxxxxxxxxxxxxxxxxxx
> Unsubscribe : https://launchpad.net/~dhis2-users
> More help   : https://help.launchpad.net/ListHelp
>
>
>
> *This message and any attachments are subject to a disclaimer published at
> http://www.hisp.org/policies.html#comms_disclaimer
> <http://www.hisp.org/policies.html#comms_disclaimer>.  Please read the
> disclaimer before opening any attachment or taking any other action in
> terms of this electronic transmission.  If you cannot access the
> disclaimer, kindly send an email to disclaimer@xxxxxxxx
> <disclaimer@xxxxxxxx> and a copy will be provided to you. By replying to
> this e-mail or opening any attachment you agree to be bound by the
> provisions of the disclaimer.*
>

JPEG image

PNG image


References