Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

is it possible to authorize only selected users to use eclipse-che dashboard website? #21539

Closed
Divine1 opened this issue Jul 8, 2022 · 5 comments
Closed

is it possible to authorize only selected users to use eclipse-che dashboard website? #21539

Divine1 opened this issue Jul 8, 2022 · 5 comments
Labels
area/install Issues related to installation, including offline/air gap and initial setup kind/question Questions that haven't been identified as being feature requests or bugs. lifecycle/stale Denotes an issue or PR has remained open with no activity and has become stale. severity/P2 Has a minor but important impact to the usage or development of the system.

Comments

@Divine1
Copy link

Divine1 commented Jul 8, 2022
edited

Summary

i have installed eclipse-che in k8s cluster. i have used dex as the OIDC provider and i have integrated dex with my organization's gitlab login.

currently anyusers who has access to the my organization's gitlab login credentials are able to use the eclipse-che dashboard webpage after successful authentication/authorization via dex-gitlab.

i dont want to allow access to all the users who has access to myorganization's gitlab to use eclipse-che dashboard webpage

Please let me know how to restrict/blacklist/whitelist users from using the eclipse-che dashboard?

Relevant information

No response
@Divine1 Divine1 added the kind/question Questions that haven't been identified as being feature requests or bugs. label Jul 8, 2022
@che-bot che-bot added the status/need-triage An issue that needs to be prioritized by the curator responsible for the triage. See https://github. label Jul 8, 2022
@tolusha
Copy link
Contributor

tolusha commented Jul 8, 2022

/cc @sparkoo @karatkep
Do you know if it is possible? Have you ever faced such an issue?

@karatkep
Copy link

karatkep commented Jul 8, 2022 via email

@Divine1
Copy link
Author

Divine1 commented Jul 8, 2022
edited

@tolusha @karatkep

i have installed eclipse-che in k8s cluster. i have used dex as the OIDC provider and i have integrated dex with my organization's gitlab login.

is there any feature that can be used to blacklist/whistelist/restrict user access before redirecting to eclipse-che dashboard page after successful login in dex-gitlab?

image

@sparkoo
Copy link
Member

sparkoo commented Jul 8, 2022
edited

I don't think there's currently clean way how to do that. You can maybe update rolebinding in user's namespace, removing permissions to Che resources. But I'm not sure it won't be reconciled back. Also new users will still be able to login to Che. I don't think there was ever such requirement.

@amisevsk amisevsk added severity/P2 Has a minor but important impact to the usage or development of the system. area/install Issues related to installation, including offline/air gap and initial setup and removed status/need-triage An issue that needs to be prioritized by the curator responsible for the triage. See https://github. labels Jul 8, 2022
@LiJunBJZhu LiJunBJZhu mentioned this issue Nov 1, 2022
Closed
@che-bot
Copy link
Contributor

che-bot commented Jan 4, 2023

Issues go stale after 180 days of inactivity. lifecycle/stale issues rot after an additional 7 days of inactivity and eventually close.

Mark the issue as fresh with /remove-lifecycle stale in a new comment.

If this issue is safe to close now please do so.

Moderators: Add lifecycle/frozen label to avoid stale mode.

@che-bot che-bot added the lifecycle/stale Denotes an issue or PR has remained open with no activity and has become stale. label Jan 4, 2023
@che-bot che-bot closed this as completed Jan 11, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
area/install Issues related to installation, including offline/air gap and initial setup kind/question Questions that haven't been identified as being feature requests or bugs. lifecycle/stale Denotes an issue or PR has remained open with no activity and has become stale. severity/P2 Has a minor but important impact to the usage or development of the system.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
6 participants
@sparkoo @tolusha @Divine1 @amisevsk @che-bot @karatkep