BZ-1778362: Adding how to update HTPasswd IDP with new user list #20508
Conversation
bergerhoffer
added
peer-review-needed
|
@openshift/team-documentation For peer review please. |
|
The preview will be available shortly at: |
bergerhoffer
force-pushed
the
BZ-1778362
branch
from
561c78a to
f84e2ae
Compare
|
@stlaz Can you check out this new procedure to update after adding or removing users from an HTPasswd file? I pulled the steps together from various places, and they work for me, but let me know if there is a different procedure that is preferable. |
adellape
added
peer-review-done
| user.user.openshift.io "<username>" deleted | ||
| ---- | ||
| + | ||
| // TODO: A user doesn't get [immediately, or at all?] kicked out of a session until you delete the user? |
There was a problem hiding this comment.
you need to remove all of their oauthaccesstokens
There was a problem hiding this comment.
@stlaz What would be the command(s) to do that?
There was a problem hiding this comment.
as per DMs, if you've already removed the user object, the user should be able to use their accesstoken anyway
| user.user.openshift.io "<username>" deleted | ||
| ---- | ||
| + | ||
| Be sure to remove the user, otherwise the user can continue using their token as long as it has not expired. |
There was a problem hiding this comment.
@stlaz Is this wording okay per our discussion?
|
@xingxingxia or @barleyer - Could one of you please review this update? Thanks! |
|
@rhpmali is the owner of IDP configuration now, he will review this PR. I'll double review. |
|
/lgtm |
|
LGTM |
|
Thanks @rhpmali and @xingxingxia! Merging. |
|
/cherrypick enterprise-4.4 |
|
/cherrypick enterprise-4.3 |
|
/cherrypick enterprise-4.2 |
|
@bergerhoffer: new pull request created: #21095 In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
|
@bergerhoffer: new pull request created: #21096 In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
|
@bergerhoffer: new pull request created: #21097 In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
Preview: https://bz-1778362--ocpdocs.netlify.com/openshift-enterprise/latest/authentication/identity_providers/configuring-htpasswd-identity-provider.html#identity-provider-htpasswd-update-users_configuring-htpasswd-identity-provider