How to connect a third party system to Gitlab for authentication - gitlab

I want to connect my own system to gitlab only for authentication.
After that i should be able to manage all the usernames and passwords of gitlab through my system.
Could you please help me to solve this scenario. Thank you.

That would be using the GitLab User API (as admin of your GitLab instance)
You can then add SSH keys for a user, or modify an existing user account (including their password)
You can do so through any number of GitLab API client.

Related

Redirect URI in Gitlab for GitKraken

I am using GitKraken Pro and a self-managed GitLab instance, which I want to connect to each other. GitLab wants me to add GitKraken as an application. One required value is Redirect URI, and I don't know what to enter there. This seems to be a callback, but to where?
Example screenshot:
Any help is highly appreciated!
The GitKraken/GItLab integration involves
OAuth authentication
setting up an SSH key and registering it to GitLab
An URL would be used only for webhooks.
I just found the solution, I am in the applications section, and not in the section to create private tokens.

Gitlab CE password synchronized with Active Directory

I've configured Gitlab CE 9.1.2 with OmniAuth and a CAS server (Single sign on) that authenticates against an Active Directory. The login process is working fine with the auto_create option to make the automatic signup, etc... but when the user is logged in is asked for set a password in order to use the https protocol to use the git repositories.
Is there any property or configuration to synchronize the Gitlab password with the Active Directory to avoid this extra step for the user?
Thank you in advance!
Solved! Here is the solution: https://gitlab.com/gitlab-org/gitlab-ce/issues/32199

Hybrid App Remote DB security

I'm attempting to create a simple Hybrid Application with native API using Cordova.
I think to use a simple REST API remote to retrieve user information.
First time users have to register into server to gain account, and then the app could manage all user's api via AJAX calls.
Now, I'll appreciate your opinions and suggestions about:
I thought use LARAVELL to manage routing and authentication: there's some contraindication to this approach?
(and principal question): I've no advanced notions about security... so someone can suggest how to manage security data and remote login?
For example: store user password and username to localStorage, and send username + token to remote DB.
My problem is how implement security when make remote REST call, that is how pass data for remote connection.
I hope my questions are understandable...
Thanks
Found complete tutorial to my answer, via JWT and access tokens.
The link is:
https://scotch.io/tutorials/token-based-authentication-for-angularjs-and-laravel-apps
Very very powerful!
Hope help someone,

Authenticating Git Repository regardless the server authentication

"Git" gurus, could you please help me in something
As far as I know, Git access could be manipulated through server user/group authentication. but is there is any way that I can use another access authentication regardless the OS server authentication?
I mean like SVN, Users only defined for SVN
You can use ssh, combined with Gitolite (an access control library in Perl, for Git): that will use the matching between ssh public key, and the username defined only for Gitolite.
See more at "How do programs like gitolite work?".
If you are using/installing Git hosting services like GitLab (ruby) or GitbLit (java), then the users can be defined in a dedicated database for those services.
In both cases, the user authentication doesn't rely on the OS.

Passing Jenkins user credential to remote script as a parameter securely

My corp Jenkins instance uses the corp LDAP for user authentication. We have a requirement to automate one on the internal portals which also takes corp LDAP for authentication.
Since there is a restriction of using "dummy" LDAP for automation purpose, i am thinking of passing my (or Jenkins users) corp credential to automation script securely.
How do I pass the Jenkins logged in user credential as parameters to a job.
How do I securely pass the parameters to job that executes remote script.I dont want to store / pass corp LDAP anywhere between Jenkins and remote.
Advanced thanks. appreciate inputs and any suggestions on alternate solution to meets this requirement.
This is an old question I stumbled on while searching answers for a similar issue. But I believe you can use the apitoken in place for the password. To find out apitoken, go to http(s)://yourJenkinsURL/user/yourID/configure, you will find it there.

Resources