Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Consider closed auth by default #1560

Closed
cgwalters opened this issue Mar 8, 2016 · 3 comments

Comments

@cgwalters
Copy link
Contributor

commented Mar 8, 2016

The origin containers want to come open by default, which I think I understand. It's good for quickly trying things, and it's also desired in Vagrant, etc.

However, I think users of Ansible should be considered more serious - they may be running it on real servers in their infrastructure, and it might be accessible to the Internet even.

I think we should have closed auth by default - the existing docs on configuring authentication are pretty good.

@detiber

This comment has been minimized.

Copy link
Contributor

commented Mar 8, 2016

@cgwalters A while back we came to the decision to have Origin default to the product default (AllowAll) and override that for Enterprise and Online installations (DenyAll).

That said, the ansible variable openshift_identity_providers is available to configure this and is documented in the example host files.

I wouldn't be against changing the default for Origin, but would like confirmation from @smarterclayton before changing the current default.

@smarterclayton

This comment has been minimized.

Copy link
Member

commented Mar 9, 2016

Ansible origin being closed auth by default is fine.

@tbielawa

This comment has been minimized.

Copy link
Member

commented Nov 15, 2016

This issue has been inactive for quite some time. Please update and reopen this issue if this is still a priority you would like to see action on.

@tbielawa tbielawa closed this Nov 15, 2016

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
5 participants
You can’t perform that action at this time.