airavata-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Marcus Christie (JIRA)" <j...@apache.org>
Subject [jira] [Resolved] (AIRAVATA-2889) Use service account to authenticate Django portal to IamAdminService
Date Mon, 05 Nov 2018 19:34:01 GMT

     [ https://issues.apache.org/jira/browse/AIRAVATA-2889?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Marcus Christie resolved AIRAVATA-2889.
---------------------------------------
    Resolution: Fixed

> Use service account to authenticate Django portal to IamAdminService
> --------------------------------------------------------------------
>
>                 Key: AIRAVATA-2889
>                 URL: https://issues.apache.org/jira/browse/AIRAVATA-2889
>             Project: Airavata
>          Issue Type: Improvement
>            Reporter: Marcus Christie
>            Assignee: Marcus Christie
>            Priority: Major
>
> PGA uses the realm admin's username and password, but it would be better if we could
just use the existing client_id and client_secret to get an access token for authenticating
with the IAM Admin Services API.
> h5. TODO
> * [x] Add *manage-users* role from the *realm-management* client to the automatically
generated PGA client in the tenant creation code
> *  -In KeyCloakSecurityManager, use ProfileService to get oauth client id/secret from
TenantProfileService instead of from Gateway in workspace catalog (where it may or may not
be populated)-
> ** turns out I don't need this. oauth client id and secret are replicated with the Gateway
in the workspace catalog. There was a bug preventing this from working but that has been fixed
(AIRAVATA-2924).



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

Mime
View raw message