SupportKonsoleEntwicklerDemo startenKontakt

Dieser Inhalt ist in der von Ihnen ausgewählten Sprache nicht verfügbar.

Chapter 8. Configuring authentication

Application users need credentials to access Data Grid clusters. You can use default, generated credentials or add your own.

8.1. Default credentials

Data Grid Operator generates base64-encoded credentials for the following users:

UserSecret nameDescription

developer

infinispan-generated-secret

Credentials for the default application user.

operator

infinispan-generated-operator-secret

Credentials that Data Grid Operator uses to interact with Data Grid resources.

8.2. Retrieving credentials

Get credentials from authentication secrets to access Data Grid clusters.

Procedure

  • Retrieve credentials from authentication secrets. 

    oc get secret infinispan-generated-secret

    Base64-decode credentials. 

    oc get secret infinispan-generated-secret -o jsonpath="{.data.identities\.yaml}" | base64 --decode

8.3. Adding custom user credentials

Configure access to Data Grid cluster endpoints with custom credentials.

Note

Modifying spec.security.endpointSecretName triggers a cluster restart.

Procedure

  1. Create an identities.yaml file with the credentials that you want to add. 

    credentials:
- username: myfirstusername
  password: changeme-one
- username: mysecondusername
  password: changeme-two

  2. Create an authentication secret from identities.yaml. 

    oc create secret generic --from-file=identities.yaml connect-secret

  3. Specify the authentication secret with spec.security.endpointSecretName in your Infinispan CR and then apply the changes. 

    spec:
  security:
    endpointSecretName: connect-secret

8.4. Changing the operator password

You can change the password for the operator user if you do not want to use the automatically generated password.

Procedure

  • Update the password key in the infinispan-generated-operator-secret secret as follows: 

    oc patch secret infinispan-generated-operator-secret -p='{"stringData":{"password": "supersecretoperatorpassword"}}'
    Note

    You should update only the password key in the generated-operator-secret secret. When you update the password, Data Grid Operator automatically refreshes other keys in that secret.

8.5. Disabling user authentication

Allow users to access Data Grid clusters and manipulate data without providing credentials.

Important

Do not disable authentication if endpoints are accessible from outside the OpenShift cluster via spec.expose.type. You should disable authentication for development environments only.

Procedure

  1. Set false as the value for the spec.security.endpointAuthentication field in your Infinispan CR. 

    spec:
  security:
    endpointAuthentication: false
  2. Apply the changes.
Red Hat logoGithubRedditYoutubeTwitter

Lernen

Testen, kaufen und verkaufen

Communitys

Über Red Hat Dokumentation

Wir helfen Red Hat Benutzern, mit unseren Produkten und Diensten innovativ zu sein und ihre Ziele zu erreichen – mit Inhalten, denen sie vertrauen können.

Mehr Inklusion in Open Source

Red Hat hat sich verpflichtet, problematische Sprache in unserem Code, unserer Dokumentation und unseren Web-Eigenschaften zu ersetzen. Weitere Einzelheiten finden Sie in Red Hat Blog.

Über Red Hat

Wir liefern gehärtete Lösungen, die es Unternehmen leichter machen, plattform- und umgebungsübergreifend zu arbeiten, vom zentralen Rechenzentrum bis zum Netzwerkrand.

© 2024 Red Hat, Inc.