Skip to content

Commit b02532c

Browse files
committed
BZ-1778362: Adding how to update HTPasswd IDP with new user list
1 parent 6c5c9d8 commit b02532c

File tree

3 files changed

+66
-1
lines changed

3 files changed

+66
-1
lines changed

authentication/identity_providers/configuring-htpasswd-identity-provider.adoc

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -40,4 +40,6 @@ include::modules/identity-provider-htpasswd-CR.adoc[leveloffset=+1]
4040

4141
include::modules/identity-provider-add.adoc[leveloffset=+1]
4242

43+
include::modules/identity-provider-htpasswd-update-users.adoc[leveloffset=+1]
44+
4345
include::modules/identity-provider-configuring-using-web-console.adoc[leveloffset=+1]

modules/identity-provider-creating-htpasswd-file-linux.adoc

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -35,5 +35,5 @@ Adding password for user user1
3535
. Continue to add or update credentials to the file:
3636
+
3737
----
38-
$ htpasswd -b </path/to/users.htpasswd> <user_name> <password>
38+
$ htpasswd -B -b </path/to/users.htpasswd> <user_name> <password>
3939
----
Lines changed: 63 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,63 @@
1+
// Module included in the following assemblies:
2+
//
3+
// * authentication/identity_providers/configuring-htpasswd-identity-provider.adoc
4+
5+
[id="identity-provider-htpasswd-update-users_{context}"]
6+
= Updating users for an HTPasswd identity provider
7+
8+
You can add or remove users from an existing HTPasswd identity provider.
9+
10+
.Prerequisites
11+
12+
* You have created a secret that contains the HTPasswd user file. This procedure assumes that it is named `htpass-secret`.
13+
* You have configured an HTPasswd identity provider. This procedure assumes that it is named `my_htpasswd_provider`.
14+
* You have access to the `htpasswd` utility. On Red Hat Enterprise Linux this is available by installing the `httpd-tools` package.
15+
* You have cluster administrator privileges.
16+
17+
.Procedure
18+
19+
. Retrieve the HTPasswd file from the `htpass-secret` secret and save the file to your file system:
20+
+
21+
----
22+
$ oc get secret htpass-secret -ojsonpath={.data.htpasswd} -n openshift-config | base64 -d > users.htpasswd
23+
----
24+
25+
. Add or remove users from the `users.htpasswd` file.
26+
27+
** To add a new user:
28+
+
29+
----
30+
$ htpasswd -bB users.htpasswd <username> <password>
31+
Adding password for user <username>
32+
----
33+
34+
** To remove an existing user:
35+
+
36+
----
37+
$ htpasswd -D users.htpasswd <username>
38+
Deleting password for user <username>
39+
----
40+
41+
. Replace the `htpass-secret` secret with the updated users in the `users.htpasswd` file:
42+
+
43+
----
44+
$ oc create secret generic htpass-secret --from-file=htpasswd=users.htpasswd --dry-run -o yaml -n openshift-config | oc replace -f -
45+
----
46+
47+
. If you removed one or more users, you must additionally remove existing resources for each user.
48+
49+
.. Delete the user:
50+
+
51+
----
52+
$ oc delete user <username>
53+
user.user.openshift.io "<username>" deleted
54+
----
55+
+
56+
Be sure to remove the user, otherwise the user can continue using their token as long as it has not expired.
57+
58+
.. Delete the identity for the user:
59+
+
60+
----
61+
$ oc delete identity my_htpasswd_provider:<username>
62+
identity.user.openshift.io "my_htpasswd_provider:<username>" deleted
63+
----

0 commit comments

Comments
 (0)