Skip to content

WIP: Prototype/experiment for GroupSAML SSO Enforcement

What does this MR do?

I've been experimenting locally with a prototype for https://gitlab.com/gitlab-org/gitlab-ee/issues/5291

So far it mostly covers "SSO enforcement prevents access to basic group resources" but I'll probably update it as I experiment.

Currently included:

  • Group level access enforcement through UI
  • Project level access enforcement through UI
  • Redirect to sign in page when UI access prevented
  • Background SSO session required for non-UI access. This covers enforcement for git access over SSH, but might also work for API access.
  • Displays a different error message when Git access requires a new SSO session.

This MR will be closed in favour of new MRs as progress is made.

What are the relevant issue numbers?

Does this MR meet the acceptance criteria?

Edited by James Edwards-Jones

Merge request reports

Loading