Feature #8484
closed
Make SmartProxyAuth concern more useful to plugins
Added by Stephen Benjamin about 10 years ago.
Updated over 6 years ago.
Description
Instead of being only handling the Puppet case, change the concern to authenticate arbitrary Smart Proxies / Features
I was thinking about this few days ago. I think Feature model should define whether we should trust that SmartProxy for authentication. Other plugins adds their own features to SmartProxy so they could just create it with (e.g.) authentication flag set to true.
- Status changed from New to Ready For Testing
- Pull request https://github.com/theforeman/foreman/pull/1975 added
- Pull request deleted (
@Marek - That could work also. The end goal for me was just to get rid of all the alias_method_chains and hacking I have on this Concern in foreman_salt.
The way I have it in the PR, each controller specifies which features are allowed to access it. This does have the advantage that a Salt-only Smart Proxy won't have access to say for example, an endpoint for the ABRT or OpenScap plugins.
FactImporters (and hopefully soon ReportImporters) are special in that the plugin's implementation would supply authorized features.
Yeah, nice one! I'm looking forward to test it with chef plugin.
- Translation missing: en.field_release set to 28
- Status changed from Ready For Testing to Closed
- % Done changed from 0 to 100
- Related to Bug #8949: Setting rename migration for {restrict_registered, require_ssl}_puppetmaster is actually a noop added
- Related to Bug #8922: authorized_smart_proxy_features should not fail if not implemented added
- Related to Bug #8646: Foreman will refuse reports from proxies that are not Puppet/Chef proxies added
- Related to Bug #11921: Features in controller authentication are not loaded correctly if you modify them from plugins added
Also available in: Atom
PDF
Updated by 
Updated by 
Updated by 
Updated by 
Updated by Anonymous