このコンテンツは選択した言語では利用できません。

8.2. Configuring User Authentication for the Broker


User authentication on OpenShift Enterprise with the standard remote user authentication plug-in uses Apache HTTP Server authentication methods. When a user is successfully authenticated for the first time, the broker host creates a user record in MongoDB. Therefore, a user can be added by creating the user in your preferred authentication repository.
OpenShift Enterprise supports any form of Apache authentication capable of setting the REMOTE_USER Apache environment variable securely. The following sections provide details on configuring user authentication on the broker for a number of popular authentication methods.

Important

The authentication configuration must be the same for both the broker application and the Management Console. For example, if the broker application is configured to use LDAP, the same configuration must be updated for the Management Console. See Section 8.9.1, “Installing the Management Console” for more information on installing and updating the authentication configuration for the Management Console.

8.2.1. Authenticating Using htpasswd

The basic installation of OpenShift Enterprise uses a flat /etc/openshift/htpasswd file that contains hashes of user passwords. Although this simple and standard method allows access with the httpd service, it is not very manageable, nor is it scalable. It is only intended for testing and demonstration purposes.
The list of OpenShift Enterprise users is stored with each user on a separate line in the /etc/openshift/htpasswd file on the broker host. You must have administrative access to the broker host to create and update this file. If multiple broker hosts are used for redundancy, a copy of the /etc/openshift/htpasswd file must exist on each broker host.
User password hashes can be created with the htpasswd tool, which is available for most operating systems from http://httpd.apache.org/docs/2.2/programs/htpasswd.html. For Red Hat Enterprise Linux, the htpasswd tool is part of the httpd-tools RPM.
Run htpasswd from wherever it is available to create a hash for a user password:

Example 8.3. Creating a Password Hash

# htpasswd -n bob

New password:  ######
Re-type new password:  ######
user:$apr1$IOzWzW6K$81cqXmwmZKqp6nWJPB6q31
Copy to Clipboard Toggle word wrap
The output can then be sent to an OpenShift Enterprise administrator, who can update the /etc/openshift/htpasswd file to provide access to users with their chosen password. Because the user password is a hash of the password, the user's password is not visible to the administrator.
トップに戻る
Red Hat logoGithubredditYoutubeTwitter

詳細情報

試用、購入および販売

コミュニティー

Red Hat ドキュメントについて

Red Hat をお使いのお客様が、信頼できるコンテンツが含まれている製品やサービスを活用することで、イノベーションを行い、目標を達成できるようにします。 最新の更新を見る.

多様性を受け入れるオープンソースの強化

Red Hat では、コード、ドキュメント、Web プロパティーにおける配慮に欠ける用語の置き換えに取り組んでいます。このような変更は、段階的に実施される予定です。詳細情報: Red Hat ブログ.

会社概要

Red Hat は、企業がコアとなるデータセンターからネットワークエッジに至るまで、各種プラットフォームや環境全体で作業を簡素化できるように、強化されたソリューションを提供しています。

Theme

© 2025 Red Hat