[Pulp-list] What is the best way to script our authentication?
Nick Coghlan
ncoghlan at redhat.com
Mon Nov 11 01:35:21 UTC 2013
On 11/07/2013 12:18 AM, Caoilte O'Connor wrote:
> Hi Michael,
>
> Thanks for responding. We are using the command-line interface but we'd
> rather not script the password in plain text "pulp-admin login -u
> yourusernamehere -p yourpasswordhere" every time and we can't reliably
> set it up in advance as the SSL cert expires after 1 week.
>
> Is there any way to configure how long the cert lasts?
Back when I was working on PulpDist (alas, now sadly neglected for more
than a year and in dire need of an update to support Pulp v2+), I
modified the server to support Kerberos (more accurately, the
REMOTE_USER attribute, which I then combined with mod_auth_kerb) and
then used some custom client side scripts to support Kerberos login
(https://git.fedorahosted.org/cgit/pulpdist.git/tree/src/pulpdist/core/pulpapi.py#n292
and
https://git.fedorahosted.org/cgit/pulpdist.git/tree/src/pulpdist/cli/commands.py#n77).
The server side support for mod_auth_kerb was merged a while ago, but it
would be nice if the client could be updated to support Kerberos
authentication through an alternative REST API entry point.
Cheers,
Nick.
--
Nick Coghlan
Red Hat Infrastructure Engineering & Development, Brisbane
Testing Solutions Team Lead
Beaker Development Lead (http://beaker-project.org/)
More information about the Pulp-list
mailing list