Well, as you said, your guess is empty as mine in this aspect. I even stated it was my POV. Now… this is one of those sittuations when if you had the feature available, a LOT of people would use it.
No, they wouldn't. The majority of users do not use squid. It may be popular, and the most popular package, but it's not installed on the majority of systems, and even less of those have AD or could even use SSO. Again, you can't make claims without support to back them. I have, through the years here in the community and through support, interacted with a significant portion of the user base and I'm in a better position to know what is being used. It may be wildly popular with a portion of the user base, but many would just as soon put squid on a second box and not try to run all of that on the firewall. Or they wouldn't use a proxy at all. We are, don't forget, primarily a firewall and not a UTM platform.
Of all the pfSense servers running, a small portion participate on the forums or buy Support subscriptions. An even smaller portion care enough to actually participate, now cut that down even more to people that really care enough about the development process and wants to help.
Yes, but even so, the ones we talk to via support, pre-sales, and so on are a good cross-section because not all of those actually are intending to make a purchase, they just want to know what we can do. And very few of those are asking for it.
Let's drop the weapons and bring this down to: You are changing "everything" on 2.3, IMO it's the best time to ask the community(from paid support to idiots like me that wants to help). I mean, not only about SSO, but other features in general.
We're not changing "everything" though – just the GUI, base OS, package backend, update mechanism, and a few other things feature-wise. Lots more than that will change for 3.0. That still doesn't have any impact on what packages can do, other than it makes building them a bit easier.
Well, the acronym SSO is not that widely known, specially in the market pfSense targets at. Ask Ingrid about Spiceworks community, most of them don't understand the concept. But take the time to explain it, whatever makes the "User" do less for more, they(we) want.
I didn't just search literally for "SSO" but variations and things like active directory and so on. I just said "SSO" for simplicity.
Create a poll, if possible with translations, make Renato Botelho post the poll on our Facebook page, I'll also ask people to take part in it. Post it on Spiceworks too.
We have done some surveys before, and we'd need to be more careful about how things are worded and where it's put up. The Facebook group is not a good representation of the community in general.
These are things that wouldn't be done by me or any one of us in development or support though, those are things you'd want to be talking to someone in sales about. Drop a line to sales@pfsense.org and see what you can get there.
It was usable for 2.2.4, the changes are necessary for 2.3.x because the front end is all new. Now, this feature is present in almost all competitors on the same market sector pfSense targets, isn't that little change worth the effort?(It's a question, no irony intended).
It was not something we could import into 2.2.4 as-is either. The changes made to accommodate the hit counter broke other things in the process like rule descriptions and lookups. It's not something that could be imported without changes no matter where it went. It might have been OK for people to apply to their systems, it might have functioned, but it was NOT in a state we could import into the code base due to the way it was done. Cool, yes, useful, also yes, but it was not implemented in a way that was good for everyone. It will be fixed, but it will take some time.
Locking this thread since it's outlived its usefulness.
