Rename kerberos_spnego omniauth provider to kerberos
What does this MR do and why?
Fixes #241318 (closed) #344071
As discussed in #241318 (comment 409272802), the kerberos_spnego
provider was introduced while the old password-based kerberos
provider was still available (it has since been removed in %15.0). The introduction of this new provider made Kerberos support unusable for new users because :
- it brokes the creation of new account when logging in with a new Kerberos principal (#344071)
- it brokes the addition of new Kerberos identities to users via the admin interface or the account tab of the user profile section (#241318 (closed))
Only existing identities linked to the kerberos
provider were still functionning, the only way to add new identities was for an operator to use the rails console or insert entries directly into the database.
This MR:
- removes the last remnant of the old
kerberos
provider, mainly logic related to the Kerberos tab containing fields to input a Kerberos principal and a password on the sign in page. - renames the
kerberos_spnego
provider tokerberos
, fixing issues related to the provider name discrepancy introduced by a hack that was added to maintain compatibility with the oldkerberos
- fixes the missing icon on the Kerberos auth button.
kerberos_spnego
identities: due to #241318 (closed), the kerberos_spnego
identities never worked, they can be safely ignored. Reassigning these identities to the kerberos
provider might cause collision with existing identities.
kerberos
provider to the new SPNEGO-based one. This section could be removed since migrating to the ticket-based provider now only requires to setup a keytab, there is no need to remove or rename the kerberos
provider in omniauth
settings anymore.
Screenshots or screen recordings
How to set up and validate locally
- Setup Kerberos on the GitLab instance (see https://docs.gitlab.com/ee/integration/kerberos.html and GDK Kerberos Howto
- Get a TGT
- Click the Kerberos auth button
MR acceptance checklist
This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.
-
I have evaluated the MR acceptance checklist for this MR.