Join GitHub today
GitHub is home to over 40 million developers working together to host and review code, manage projects, and build software together.Sign up
Consider closed auth by default #1560
The origin containers want to come open by default, which I think I understand. It's good for quickly trying things, and it's also desired in Vagrant, etc.
However, I think users of Ansible should be considered more serious - they may be running it on real servers in their infrastructure, and it might be accessible to the Internet even.
I think we should have closed auth by default - the existing docs on configuring authentication are pretty good.
@cgwalters A while back we came to the decision to have Origin default to the product default (AllowAll) and override that for Enterprise and Online installations (DenyAll).
That said, the ansible variable openshift_identity_providers is available to configure this and is documented in the example host files.
I wouldn't be against changing the default for Origin, but would like confirmation from @smarterclayton before changing the current default.