-
Notifications
You must be signed in to change notification settings - Fork 187
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
403 whitelist issues with github auth #256
Comments
cc @choldgraf in case he finds this interesting from an upstream documentation perspective. @choldgraf when would you like issues to be raised upstream at https://github.com/jupyterhub/zero-to-jupyterhub-k8s ? |
most definitely! this would be a useful one to iron out, thanks for the ping @mrocklin ! Do you all want to open an issue or shall I? |
@rsignell-usgs do you have any interest in reporting this upstream? |
closing here. |
I'm just capturing this github auth 403 whitelist problem in case other folks deploying pangeo find it useful.
On pangeo.esipfed.org, we initially were whitelisting users via the
auth: admin
section injupyter-config.yaml
, which makes themadmin
users, and that worked fine -- people on this list had no problem logging in.I then decided to add
org_whitelist:
entries, and this caused people who logged out to get 403 errors when they tried to log back in.Looking at the logs for the hub pod:
revealed that it said "User rsignell-usgs is not in org whitelist" even though I was listed as an admin, and also was a member of a whitelisted org. When I went to confirm my membership in the org on github, I saw that my membership in the org was "private", and when I switched it to "public" I was able to finally login.
![2018-05-15_9-31-54](https://user-images.githubusercontent.com/1872600/40059741-e7242a9c-5822-11e8-86f3-0213d37ebed2.png)
The text was updated successfully, but these errors were encountered: