Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Unclear Documentation - Authentication - default configuration #10119

Closed
proddata opened this issue Jun 23, 2020 · 4 comments
Closed

Unclear Documentation - Authentication - default configuration #10119

proddata opened this issue Jun 23, 2020 · 4 comments
Labels
docs A documentation issue

Comments

@proddata
Copy link
Member

Documentation feedback

From the documentation right now it is unclear, what the default config for authentication for standard deployments is (packages, docker images, etc.)

By default, the boolean setting auth.host_based.enabled is false and therefore host based authentication is disabled. In this instance, the CrateDB cluster allows any unauthenticated connections.

then two paragraphs later ..

The crate.yml that is shipped with CrateDB explicitly enables host based authentication and defines a set of sane rules, which take effect in case HBA and Enterprise features are enabled.

Also the crate.yml shipping with linux packages is different from the default docker ones.
@proddata proddata added documentation triage An issue that needs to be triaged by a maintainer labels Jun 23, 2020
@mfussenegger
Copy link
Member

@proddata Would you be up for creating a PR that clarifies these parts?

@nomicode nomicode added enhancement Enhancement that doesn't fit into a more specific feature label. Try avoid using this and removed triage An issue that needs to be triaged by a maintainer labels Jun 23, 2020
@proddata
Copy link
Member Author

@mfussenegger I can help, but I am unsure about some technicalities. E.g. is it possible to use password authentication with HBA disabled?

@mfussenegger
Copy link
Member

is it possible to use password authentication with HBA disabled?

No, if you disable HBA and create a user with password, the user will be able to login without password.

@nomicode nomicode added docs A documentation issue content: correction and removed enhancement Enhancement that doesn't fit into a more specific feature label. Try avoid using this labels Jul 28, 2020
@nomicode nomicode mentioned this issue Aug 12, 2020
Closed
@nomicode nomicode mentioned this issue Nov 15, 2020
Closed
13 tasks
@nomicode nomicode mentioned this issue Dec 11, 2020
Merged
5 tasks
nomicode added a commit that referenced this issue Dec 11, 2020
@nomicode
Correction: Fix default authentication config documentation intro (fixes
06292aa 
 #10119)
@nomicode
Copy link
Contributor

nomicode commented Dec 11, 2020
edited
Loading

@proddata please can you check 06292aa to see if this change adequately addresses this issue?

nomicode added a commit that referenced this issue Dec 17, 2020
@nomicode
Correction: Fix default authentication config documentation intro (fixes
27c9805 
 #10119)
nomicode added a commit that referenced this issue Dec 17, 2020
@nomicode
Correction: Fix default authentication config documentation intro (fixes
042becd 
 #10119)
nomicode added a commit that referenced this issue Dec 21, 2020
@nomicode
Correction: Fix default authentication config documentation intro (fixes
4fba233 
 #10119)
@mergify mergify bot closed this as completed in 4a0a7c8 Dec 21, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
docs A documentation issue
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@nomicode @mfussenegger @proddata