Re: Resuming UAA work

Gwenn Etourneau Is a ruby client and should be able
to help you, even if the name is "cf-"

I think even if uaac is not really cloudfoundry this mailling list is ok.

On Fri, May 29, 2015 at 6:22 PM, Alberto A. Flores <aaflores(a)>


Does the uaa have a cli? It seems like uaac is a "cloudfoundry" thing.
Sound like cli interactions are expected through curl.

PS: wasn't sure where to ask this question since the UAA is a project of
it's own. Maybe it's too early to have a mailing list for it. Do you inow
where we can post questions for it? Cf mailing list?

Twitter: albertoaflores

On May 28, 2015, at 6:53 PM, Filip Hanik <fhanik(a)> wrote:

The UAA doesn't depend on CF, it can be leveraged as a stand alone product.

On Thu, May 28, 2015 at 4:52 PM, Aristoteles Neto <
aristoteles.neto(a)> wrote:

From the perspective of using BOSH without CF, moving the users to the
manifest is actually an improvement, as it allows you to list the actual
users without logging in to the DB.

Are there any plans to split out UAA from Cloud Foundry? More
specifically I’d love to be able to have groups / permissions scheme for
deployments / commands without needing to install CF.

-- Neto

On 29/05/2015, at 10:33, Dmitriy Kalinin <dkalinin(a)> wrote:

Hey all,

We have resumed BOSH & UAA integration work: to be worked on by a
single pair.

As part of this work we are going to provide two options how to configure
the Director auth:
- without UAA [default] (already exists, but we want to simplify it)
- with UAA (currently being worked on)

Currently Director only works without UAA and has its own user management
functionality. There is the users table in the DB and CLI provides
create/delete user commands. I would like to simplify this functionality as
much as possible. Users would be configured statically in the manifest for
the Director so that we can delete users table and associated commands.

Here is how the Director manifest would look like for 'Director without
UAA' configuration:

- {name: admin, hashed_password: $1$0497b6da$8/0owfq5zblA3o7kXQgGy} #
crypted 'password'
- {name: admin2, hashed_password: $1$0497b6da$8/0owfq5zblA3o7kXQgGy}
# crypted 'password'

For more complex use cases, we will encourage people to use Director auth
via UAA once that becomes available so that LDAP, password, lockout
policies, etc. can be configured.


cf-bosh mailing list

cf-bosh mailing list

cf-bosh mailing list

cf-bosh mailing list

Join to automatically receive all group messages.