Project

General

Profile

Actions

Idea #16314

closed

Support literal user/pass pairs in config file + make arvbox use it instead of SSO

Added by Peter Amstutz almost 4 years ago. Updated over 3 years ago.

Status:
Resolved
Priority:
Normal
Assigned To:
Category:
Login
Target version:
Story points:
1.0
Release relationship:
Auto

Description

Example config file excerpt:

  Login:
    # Authenticate test users only.
    Test:
      Enable: true
      Users:
        active:
          email: active-user@arvados.local
          password: xyzzy
        projectviewer:
          email: project-viewer@arvados.local
          password: xyzzy

In the process, can we fix the hardcoded localhost/port check for redirect to SSO server in

lib/controller/handler_test.go line 197
lib/controller/rpc/conn_test.go line 61

Subtasks 2 (0 open2 closed)

Task #16323: Review 16314-testuserdbResolvedTom Clegg08/18/2020Actions
Task #16747: Review 16314-arvbox-testuserdbResolvedTom Clegg08/18/2020Actions

Related issues

Related to Arvados Epics - Idea #15322: Replace and delete sso-providerResolved03/11/202008/26/2020Actions
Actions #1

Updated by Peter Amstutz almost 4 years ago

  • Category set to Login
Actions #2

Updated by Peter Amstutz almost 4 years ago

  • Story points set to 1.0
  • Assigned To set to Peter Amstutz
Actions #3

Updated by Peter Amstutz almost 4 years ago

  • Target version changed from 2020-04-22 to 2020-05-06 Sprint
Actions #4

Updated by Peter Amstutz almost 4 years ago

  • Related to Idea #15322: Replace and delete sso-provider added
Actions #5

Updated by Peter Amstutz almost 4 years ago

  • Target version changed from 2020-05-06 Sprint to 2020-05-20 Sprint
Actions #6

Updated by Peter Amstutz almost 4 years ago

  • Target version changed from 2020-05-20 Sprint to 2020-06-03 Sprint
Actions #7

Updated by Peter Amstutz almost 4 years ago

  • Target version changed from 2020-06-03 Sprint to 2020-06-17 Sprint
Actions #8

Updated by Peter Amstutz almost 4 years ago

  • Target version deleted (2020-06-17 Sprint)
Actions #9

Updated by Tom Clegg over 3 years ago

  • Subject changed from arvbox uses PAM login instead of SSO to Support literal user/pass pairs in config file + make arvbox use it instead of SSO
Actions #10

Updated by Tom Clegg over 3 years ago

  • Description updated (diff)
Actions #11

Updated by Peter Amstutz over 3 years ago

Maybe it should use hashed passwords at least?

Actions #12

Updated by Tom Clegg over 3 years ago

Since this is only intended for test environments, I don't think hashed passwords need to be a priority.

Actions #13

Updated by Peter Amstutz over 3 years ago

  • Release set to 25
  • Target version set to 2020-08-26 Sprint
Actions #14

Updated by Peter Amstutz over 3 years ago

  • Assigned To changed from Peter Amstutz to Tom Clegg
Actions #15

Updated by Ward Vandewege over 3 years ago

  • Description updated (diff)
Actions #16

Updated by Ward Vandewege over 3 years ago

  • Description updated (diff)
Actions #17

Updated by Tom Clegg over 3 years ago

  • Status changed from New to In Progress
Actions #18

Updated by Tom Clegg over 3 years ago

This branch just adds config/controller support (planning to update arvbox / run-tests.sh in a separate branch).

16314-testuserdb @ 20cea53c48260a0cec3d588c2af520b27433b8c1 -- developer-run-tests: #2015

Actions #19

Updated by Lucas Di Pentima over 3 years ago

  • File lib/controller/localdb/login.go
    • Line 38 et al: Having so many wantX condition checks is making hard to follow the case statements, could we just check that the number of true wantX vars is 1 and then clean up the case statements for better readability?
  • Tests failed -- adding the new config to export.go seem to be missing: developer-run-tests-remainder: #2103 /console
Actions #20

Updated by Tom Clegg over 3 years ago

Updated switch statement -- still a bit repetitive, but better -- and added missing config export entries.

16314-testuserdb @ 658f6be33e100b4cefd3ca7c332fe13970d6a245 -- developer-run-tests: #2016

Also added a wb2 branch, 16314-test-user-db @ arvados-workbench2|f47e1caaa5781e6f6d8e022f92cae34adf49eaad to add support for that config (I didn't change the wb2 test config, but we should probably do that when the API side is merged).

Actions #21

Updated by Lucas Di Pentima over 3 years ago

Updates at 658f6be33e100b4cefd3ca7c332fe13970d6a245 LGTM.

Workbench2 branch requires the following fix:

diff --git a/src/common/config.ts b/src/common/config.ts
index 26f8dddb..825bf132 100644
--- a/src/common/config.ts
+++ b/src/common/config.ts
@@ -235,7 +235,7 @@ export const mockClusterConfigJSON = (config: Partial<ClusterConfigJSON>): Clust
             Enable: false,
         },
         Test: {
-            Enable: boolean;
+            Enable: false,
         }
     },
     Collections: {

I've manually tried arvbox and it works great!

Actions #22

Updated by Tom Clegg over 3 years ago

16314-arvbox-testuserdb @ b4091adb7ac1a85de6ae1f18895e9d8f9da5d441 -- developer-run-tests: #2033

Changes arvbox to use the Test login mechanism (with default logins user/user and admin/admin) instead of SSO. Uses a basic login form served from controller.

Actions #23

Updated by Lucas Di Pentima over 3 years ago

  • File doc/install/arvbox.html.textile.liquid mentions SSO related things on lines 83, 137, 140
  • Workbench2 branch needs a fix at file src/common/config.ts line 238 → s/;/,/
  • Other than that, LGTM.
Actions #24

Updated by Tom Clegg over 3 years ago

  • Target version changed from 2020-08-26 Sprint to 2020-09-09 Sprint
Actions #25

Updated by Tom Clegg over 3 years ago

  • Status changed from In Progress to Resolved
Actions

Also available in: Atom PDF