When i create a HTPasswd Identity Provider from the web Console of OpenShift 4.5 must i create a secret that contain the htpasswd file or i only pass the local file from the web console?
Because if i create a Identity provider from the command line, first i create a secret that contain my generated htpasswd and after i extract the oauth.yaml and edit it to add the name of the secret.
When i look the gui web i see there is the direct load to htpasswd file, it's the same practice?
Thanks
Hi Daniel,
When you use the OpenShift web console to create the HTPasswd Identity Provider, the web console creates the secret for you. It creates the secret with a unique name in the format of htpasswd-xxxxx in the openshift-config namespace. If you check the YAML tab for OAuths > OAuth Details, you will see the name listed there. You can also see the secret by going to Workloads > Secrets and selecting the openshift-config project. On the initial addition of the HTPasswd Identity Provider, you do not have the ability to specify the name of the secret.
If you decide to modify the YAML to point to the name of a secret that you created, I would advise following it up by running the command "watch oc get pods -n openshift-authentication". If you don't see the oauth-openshift-X pods recreated, then something when wrong. For example, a typo in the secret name, the secret might not be in the openshift-config namespace, or the secret doesn't have the "htpasswd" data key (maybe you forgot to add "htpasswd=" when creating the secret).
Hope this helps.
Hi Daniel,
When you use the OpenShift web console to create the HTPasswd Identity Provider, the web console creates the secret for you. It creates the secret with a unique name in the format of htpasswd-xxxxx in the openshift-config namespace. If you check the YAML tab for OAuths > OAuth Details, you will see the name listed there. You can also see the secret by going to Workloads > Secrets and selecting the openshift-config project. On the initial addition of the HTPasswd Identity Provider, you do not have the ability to specify the name of the secret.
If you decide to modify the YAML to point to the name of a secret that you created, I would advise following it up by running the command "watch oc get pods -n openshift-authentication". If you don't see the oauth-openshift-X pods recreated, then something when wrong. For example, a typo in the secret name, the secret might not be in the openshift-config namespace, or the secret doesn't have the "htpasswd" data key (maybe you forgot to add "htpasswd=" when creating the secret).
Hope this helps.
Red Hat
Learning Community
A collaborative learning environment, enabling open source skill development.