Uploaded image for project: 'Red Hat OpenShift Data Science'
  1. Red Hat OpenShift Data Science
  2. RHODS-1757

Several issues with docs re. authentication via LDAP

XMLWordPrintable

      All related to current "Adding users for OpenShift Data Science" assembly (https://pantheon.corp.redhat.com/pantheon/preview/latest/833576ff-c1e0-4b75-bffa-aed6722fe34d), but it may be worth splitting this into multiple assemblies (per provider) depending on the complexity of the overall process.

      Problem 1:
      The information currently provided for RHODS user configuration is not sufficient for easily configuring LDAP as the identity provider.

      At minimum we need to link to LDAP configuration and LDAP syncing to ensure customers have the information they need to sync an LDAP group to OpenShift.

      Future fix cloned to RHODS-1815: Ideally we would create an assembly for people who want to configure LDAP auth with all of the required steps, including changing rhods-groups-config to use the RHODS user group that is synced from LDAP. This currently requires cluster-admin permissions in OpenShift, but in future will only require dedicated-admin permissions.

      Problem 2:
      Documentation doesn't currently mention use of system:authenticated in rhods-groups-config, but this can be used to allow all authenticated users access to JupyterHub. Covered by RHODS-1723.

      Problem 3:
      Documentation doesn't currently mention the need to restart (re-rollout) JupyterHub deployment config when you alter the rhods-groups-config, but this is required to apply the new configuration

      Recommended SME reviewers:

      • Chris Chase
      • Erwan Granger

              rhn-ecs-lbailey Laura Bailey
              cchase@redhat.com Chris Chase
              Arthy Loganathan Arthy Loganathan
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

                Created:
                Updated:
                Resolved: