Re: Resuming UAA work

Home Messages Hashtags Subgroups

#147

Re: Resuming UAA work

Alberto A. Flores #147 cool, thanks Gwenn! Alberto Flores http://www.linkedin.com/in/aflores “A war against standards leads logically and inevitably to hostility to religion, because it is religious faith that provides the ultimate basis for all standards.” - Michael Medved "(T)he foundation of our national policy will be laid in the pure and immutable principles of private morality; ...the propitious smiles of Heaven can never be expected on a nation that disregards the eternal rules of order and right which Heaven itself has ordained..." George Washington, First Inaugural, April 30 1789 On Fri, May 29, 2015 at 6:22 AM, Gwenn Etourneau <getourneau(a)pivotal.io> wrote: Yes should be ok. By the way the best way to use the Uaa is by the provided api. thanks On Fri, May 29, 2015 at 7:16 PM, Alberto A. Flores <aaflores(a)gmail.com> wrote: Thanks Gween, so just to be clear, I should be able to install UAA standalone and the cf-uaac to interact with it. No need to install CloudFoundry. Alberto Flores http://www.linkedin.com/in/aflores “A war against standards leads logically and inevitably to hostility to religion, because it is religious faith that provides the ultimate basis for all standards.” - Michael Medved "(T)he foundation of our national policy will be laid in the pure and immutable principles of private morality; ...the propitious smiles of Heaven can never be expected on a nation that disregards the eternal rules of order and right which Heaven itself has ordained..." George Washington, First Inaugural, April 30 1789 On Fri, May 29, 2015 at 5:55 AM, Gwenn Etourneau <getourneau(a)pivotal.io> wrote: https://github.com/cloudfoundry/cf-uaac Is a ruby client and should be able to help you, even if the name is "cf-" I think even if uaac is not really cloudfoundry this mailling list is ok. On Fri, May 29, 2015 at 6:22 PM, Alberto A. Flores <aaflores(a)gmail.com> wrote: Filip, Does the uaa have a cli? It seems like uaac is a "cloudfoundry" thing. Sound like cli interactions are expected through curl. PS: wasn't sure where to ask this question since the UAA is a project of it's own. Maybe it's too early to have a mailing list for it. Do you inow where we can post questions for it? Cf mailing list? Alberto Twitter: albertoaflores On May 28, 2015, at 6:53 PM, Filip Hanik <fhanik(a)pivotal.io> wrote: The UAA doesn't depend on CF, it can be leveraged as a stand alone product. On Thu, May 28, 2015 at 4:52 PM, Aristoteles Neto < aristoteles.neto(a)webdrive.co.nz> wrote: From the perspective of using BOSH without CF, moving the users to the manifest is actually an improvement, as it allows you to list the actual users without logging in to the DB. Are there any plans to split out UAA from Cloud Foundry? More specifically I’d love to be able to have groups / permissions scheme for deployments / commands without needing to install CF. -- Neto On 29/05/2015, at 10:33, Dmitriy Kalinin <dkalinin(a)pivotal.io> wrote: Hey all, We have resumed BOSH & UAA integration work: https://www.pivotaltracker.com/n/projects/1285490 to be worked on by a single pair. As part of this work we are going to provide two options how to configure the Director auth: - without UAA [default] (already exists, but we want to simplify it) - with UAA (currently being worked on) Currently Director only works without UAA and has its own user management functionality. There is the users table in the DB and CLI provides create/delete user commands. I would like to simplify this functionality as much as possible. Users would be configured statically in the manifest for the Director so that we can delete users table and associated commands. Here is how the Director manifest would look like for 'Director without UAA' configuration: properties: director: users: - {name: admin, hashed_password: $1$0497b6da$8/0owfq5zblA3o7kXQgGy} # crypted 'password' - {name: admin2, hashed_password: $1$0497b6da$8/0owfq5zblA3o7kXQgGy} # crypted 'password' ... For more complex use cases, we will encourage people to use Director auth via UAA once that becomes available so that LDAP, password, lockout policies, etc. can be configured. Thoughts? Dmitriy _______________________________________________ cf-bosh mailing list cf-bosh(a)lists.cloudfoundry.org https://lists.cloudfoundry.org/mailman/listinfo/cf-bosh _______________________________________________ cf-bosh mailing list cf-bosh(a)lists.cloudfoundry.org https://lists.cloudfoundry.org/mailman/listinfo/cf-bosh _______________________________________________ cf-bosh mailing list cf-bosh(a)lists.cloudfoundry.org https://lists.cloudfoundry.org/mailman/listinfo/cf-bosh _______________________________________________ cf-bosh mailing list cf-bosh(a)lists.cloudfoundry.org https://lists.cloudfoundry.org/mailman/listinfo/cf-bosh _______________________________________________ cf-bosh mailing list cf-bosh(a)lists.cloudfoundry.org https://lists.cloudfoundry.org/mailman/listinfo/cf-bosh _______________________________________________ cf-bosh mailing list cf-bosh(a)lists.cloudfoundry.org https://lists.cloudfoundry.org/mailman/listinfo/cf-bosh _______________________________________________ cf-bosh mailing list cf-bosh(a)lists.cloudfoundry.org https://lists.cloudfoundry.org/mailman/listinfo/cf-bosh attachment.html
More All Messages By This Member

View All 19 Messages In Topic

#147

Join {cf-bosh@lists.cloudfoundry.org to automatically receive all group messages.

Home Hashtags Subgroups Terms