Project

General

Profile

Feature #28654

support client cert auth with pulp3

Added by Justin Sherrill 7 months ago. Updated 7 months ago.

Status:
Closed
Priority:
Normal
Assignee:
-
Category:
Foreman modules
Target version:
-

Description

adding the following lines should allow for katello to use cert auth within pulp3:

<Location /pulp/api/v3>
RequestHeader set REMOTE_USER "%{SSL_CLIENT_S_DN_CN}s" env=SSL_CLIENT_S_DN
</Location>

This was put within the 443 virtual host.

In addition, we should set this in /etc/pulp/settings.py:

REMOTE_USER_ENVIRON_NAME = 'HTTP_REMOTE_USER'


Related issues

Related to Installer - Bug #28761: REMOTE_USER should be unset for Pulp API cert authenticationClosed
Blocks Installer - Tracker #28736: Use Pulp 3 for File and Container content in KatelloClosed

Associated revisions

Revision 8be79638 (diff)
Added by William Clark 7 months ago

Fixes #28654 - support client cert auth with pulp3

Fixes #28654

Revision 13941abb (diff)
Added by William Clark 7 months ago

Fixes #28654 - support client cert auth with pulp3

Fixes #28654

This patch updates settings.py to include REMOTE_USER_ENVIRONMENT_NAME = 'HTTP_REMOTE_USER'. This, along with a change to the vhost in puppet-foreman_proxy_content, will be necessary to support client cert auth with pulp3.

History

#1 Updated by Ewoud Kohl van Wijngaarden 7 months ago

  • Blocks Tracker #28736: Use Pulp 3 for File and Container content in Katello added

#2 Updated by The Foreman Bot 7 months ago

  • Status changed from New to Ready For Testing
  • Pull request https://github.com/theforeman/puppet-foreman_proxy_content/pull/229 added

#3 Updated by William Clark 7 months ago

  • Pull request https://github.com/theforeman/puppet-pulpcore/pull/56 added

#4 Updated by The Foreman Bot 7 months ago

  • Fixed in Releases 2.0.0 added

#5 Updated by William Clark 7 months ago

  • Status changed from Ready For Testing to Closed

#6 Updated by Ewoud Kohl van Wijngaarden 7 months ago

  • Related to Bug #28761: REMOTE_USER should be unset for Pulp API cert authentication added

Also available in: Atom PDF