Open Bug 295921 Opened 19 years ago Updated 10 years ago

Bugzilla login via SSL client certificate

Categories

(Bugzilla :: Extension Ideas, enhancement)

Product:
Bugzilla
Component:
Extension Ideas
Type:
enhancement
Priority:
Not set
Severity:
normal

Tracking

()

People

(Reporter: sascha-mozilla-bugzilla, Unassigned)

References

Details

User-Agent:       w3m/0.5.1
Build Identifier: 

Now that Bugzilla is available via https, it would be great if I could 
"login" with an SSL client certificate (issued by CACert.org, but that's a 
different issue being dealt with elsewhere).
Apart from being more secure (smartcard support etc.), it'd make accessing 
Bugzilla much easier for frequent users (no need to re-login every day).
Also, I would no longer need to turn on cookies to use Bugzilla normally.


Reproducible: Always

Steps to Reproduce:
Assignee: justdave → user-accounts
Component: Bugzilla: Other b.m.o Issues → User Accounts
Product: mozilla.org → Bugzilla
QA Contact: myk → default-qa
Version: other → unspecified
BTW: It would be even better if I could login using a specific SSL public 
key, regardless of the certificate. Bugzilla doesn't need any information 
from the certificate. The only thing that matters is that the key belongs 
to the owner of the account.

doesn't it work with setting like the followings?
* user_info_class to ENV
* auth_env_email to SSL_CLIENT_S_DN_Email
* auth_env_realname to SSL_CLIENT_S_DN_CN

# should we imprement the check code which confirms SSL_CLIENT_VERIFY=SUCCESS ?
(In reply to comment #3)
> doesn't it work with setting like the followings?
> * user_info_class to ENV
> * auth_env_email to SSL_CLIENT_S_DN_Email
> * auth_env_realname to SSL_CLIENT_S_DN_CN

Rumours are it does, but in some situations it is not always possible to enforce SSL_CLIENT_S_DN_Email field to even exist. Therefore, the better option would be to perform the mapping between any administrator-tunable certificate field and bugzilla account, utilizing extern_id, perhaps. 

After all, we still need to have a Bugzilla user account and that means that mapping does already exists. Making such a mapping more tunable, instead of a hardcoded SSL_CLIENT_S_DN_Email, would be great.
Status: UNCONFIRMED → NEW
Ever confirmed: true
I would strongly prefer directly using the key for the mapping instead of the certificate. The certificate does not certify anything useful for bugzilla besides the email address and using the latter one would force me to use a single address for all bugzilla accounts. Additionally, I'd have to trust ALL CAs that are configured on server side.
As the Bugzilla account needs to be created first anyway, it's easy to store the public key in the account. If the key ever gets lost, login via password is (or rather: should) still be possible, so a new one can be configured (like on account creation, simply allow the user to store the public key used for the current session).

BTW: While I just expect the SSL key login to simply accept an empty password on the login page, it'd be a great (future) enhancement to directly login a user if his key is configured for login in exactly one account. If it's configured in multiple accounts (yes, I do have multiple accounts in some bugzillas), there could be some designated "default" account. That's probably too much work for those few special cases (multiple matching accounts), though.


this proposal is better suited to being implemented as an extension instead of in bugzilla core.
Assignee: user-accounts → extension.ideas
Component: User Accounts → Extension Ideas
You need to log in before you can comment on or make changes to this bug.