chef - Re: Admin permissions on chef-server:4000

Subscribers: 1946
Owners
Bryan McLellan
Joshua Timberman
Nathen Harvey
Seth Chisamore
Serdar Sutay

Subscribe
Unsubscribe
Info
Archive

Post

RSS
Shared documents

General discussion about Chef

Re: Admin permissions on chef-server:4000

From: Adam Jacob <adam@opscode.com>
To: chef@lists.opscode.com
Subject: Re: Admin permissions on chef-server:4000
Date: Tue, 17 Mar 2009 10:45:58 -0700

On Tue, Mar 17, 2009 at 3:11 AM, Michal Frackowiak <michalf@wikidot.com>
wrote:
> OK, so do you think this would work as a general-purpose security measure,
> for both chef-clients and admin access?
>
> 1. Set up a proxy server with basic auth + ssl (nginx or apache), passing to
> chef-server:4000 and 4001
> 2. Set up clients with
> registration_url        "https://user:password@proxied-chef-server:2000";
> openid_url              "https://user:password@proxied-chef-server:2001";
> ...
> 3. use https://proxied-chef-server:2000 for web ui access too

Currently, the REST client in Chef does not support HTTP Basic auth.
I'm in the middle of refactoring Chef to use a rest-client, which will
enable this behavior.  It'll be in the next Chef release.

Adam

--
Opscode, Inc.
Adam Jacob, CTO
T: (206) 508-4759 E: adam@opscode.com

Admin permissions on chef-server:4000, Michal Frackowiak, 03/16/2009
- Re: Admin permissions on chef-server:4000, AJ Christensen, 03/16/2009
  - Re: Admin permissions on chef-server:4000, Aric Gardner, 03/16/2009
    - Re: Admin permissions on chef-server:4000, Michal Frackowiak, 03/17/2009
      - Re: Admin permissions on chef-server:4000, Adam Jacob, 03/17/2009
      - Re: Admin permissions on chef-server:4000, Adam Jacob, 03/17/2009