cancel
Showing results for 
Search instead for 
Did you mean: 
  • 913 Views

HTPasswd Identity Provider

Jump to solution

When i create a HTPasswd Identity Provider from the web Console of OpenShift 4.5 must i create a secret that contain the htpasswd file or i only pass the local file from the web console?

Because if i create a Identity provider from the command line, first i create a secret that contain my generated htpasswd and after i extract the oauth.yaml and edit it to add the name of the secret.

When i look the gui web i see there is the direct load to htpasswd file, it's the same practice?

Thanks

 

Labels (1)
0 Kudos
1 Solution

Accepted Solutions
MichaelPhillips
Moderator
Moderator
  • 861 Views

Hi Daniel,

When you use the OpenShift web console to create the HTPasswd Identity Provider, the web console creates the secret for you. It creates the secret with a unique name in the format of htpasswd-xxxxx in the openshift-config namespace. If you check the YAML tab for OAuths > OAuth Details, you will see the name listed there. You can also see the secret by going to Workloads > Secrets and selecting the openshift-config project. On the initial addition of the HTPasswd Identity Provider, you do not have the ability to specify the name of the secret.

If you decide to modify the YAML to point to the name of a secret that you created, I would advise following it up by running the command "watch oc get pods -n openshift-authentication". If you don't see the oauth-openshift-X pods recreated, then something when wrong. For example, a typo in the secret name, the secret might not be in the openshift-config namespace, or the secret doesn't have the "htpasswd" data key (maybe you forgot to add "htpasswd=" when creating the secret).

Hope this helps.

View solution in original post

1 Reply
MichaelPhillips
Moderator
Moderator
  • 862 Views

Hi Daniel,

When you use the OpenShift web console to create the HTPasswd Identity Provider, the web console creates the secret for you. It creates the secret with a unique name in the format of htpasswd-xxxxx in the openshift-config namespace. If you check the YAML tab for OAuths > OAuth Details, you will see the name listed there. You can also see the secret by going to Workloads > Secrets and selecting the openshift-config project. On the initial addition of the HTPasswd Identity Provider, you do not have the ability to specify the name of the secret.

If you decide to modify the YAML to point to the name of a secret that you created, I would advise following it up by running the command "watch oc get pods -n openshift-authentication". If you don't see the oauth-openshift-X pods recreated, then something when wrong. For example, a typo in the secret name, the secret might not be in the openshift-config namespace, or the secret doesn't have the "htpasswd" data key (maybe you forgot to add "htpasswd=" when creating the secret).

Hope this helps.

Join the discussion
You must log in to join this conversation.