Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Simple basic auth ( replace of #85 ) #88

Closed
wants to merge 3 commits into from
Closed

Simple basic auth ( replace of #85 ) #88

wants to merge 3 commits into from

Conversation

sawanoboly
Copy link
Contributor

replace of #85

Add BasicAuth to chef-zero.

If given option `-auth-string STRING` or initialize ChefZero::Server with `:auth_string`  `server = ChefZero::Server.new(:auth_string => 'foobar')`, then chef_server_url will be provided as `'http://foobar@localhost:8889'`

UseCase:

1. We run chef-client local-mode on a shared-hosting server with recipe which spends long time.
2. The server listens local port during chef-client running.
3. Maybe, shared-hosting users could retrieve my cookbooks or other resources via http://localhost:8889.

@jkeiser
Copy link
Contributor

jkeiser commented Aug 22, 2014

Hmm. The right thing to do here might be to just add authentication. (It turns out it's not hard.)

@sawanoboly
Copy link
Contributor Author

I feel that the chefzero doesn't need supporting real authentication like the chef-server.
Because of managing client pubkeys, expiring sessions... It is a troublesome.

Whatever you want to do.

@jkeiser
Copy link
Contributor

jkeiser commented Aug 27, 2014

It already manages client keys, so I don't think that's much of an issue :) And there is no session concept or expiration.

Only reason I'd prefer that is I'd rather not introduce two authentication concepts (basic and chef) over time.

@sawanoboly
Copy link
Contributor Author

I see. Please close it.

Can I use authentication feature with v3.0?

@jkeiser
Copy link
Contributor

jkeiser commented Aug 28, 2014

If it's all right, I'd like to leave this open to remind me. 3.0 doesn't have authentication yet.

Out of curiosity, will unix domain sockets work for you? You can start chef-zero on a unix socket and it will communicate over that. Those can be secured, so you should be able to keep communications silent as long as people are not using the same unix user ...

@sawanoboly
Copy link
Contributor Author

Thanks, to use the domain socket sounds good.
But I would like use the chefzero via HTTP over SSH port-forwarding with knife-plugin which I wrote.
So, I am glad if to be able to authenticate.

FYI, the plugin is knfe-zero.

@thommay
Copy link
Contributor

thommay commented Jul 19, 2016

Hi,
since local-mode is now in process by default, and we'd rather not have chef-zero support different authentication modes to chef-server, we're going to close this Pull Request. Thanks for your contribution.
-Thom

@thommay thommay closed this Jul 19, 2016
@chef chef locked and limited conversation to collaborators Nov 16, 2017
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
4 participants
@sawanoboly @jkeiser @thommay @chef-supermarket