X-Git-Url: https://git.arvados.org/arvados.git/blobdiff_plain/a32c4f9997a0c8941b62668c5e59941985359c05..5b970a6c9505527e146e73cb4756a64ecc1679cd:/doc/install/install-sso.html.textile.liquid
diff --git a/doc/install/install-sso.html.textile.liquid b/doc/install/install-sso.html.textile.liquid
index f272d857a7..b0ad8b4253 100644
--- a/doc/install/install-sso.html.textile.liquid
+++ b/doc/install/install-sso.html.textile.liquid
@@ -28,15 +28,17 @@ Create a secret:
~/sso-devise-omniauth-provider$ cp -i config/initializers/secret_token.rb.example config/initializers/secret_token.rb
-~/sso-devise-omniauth-provider$ rake secret
+~/sso-devise-omniauth-provider$ ruby -e 'puts rand(2**400).to_s(36)'
zzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzz
-Edit @config/initializers/secret_token.rb@ to set @config.secret_token@ to the string produced by @rake secret@.
+Edit @config/initializers/secret_token.rb@ to set @config.secret_token@ to the string produced by @rand@ above.
h3. Configure upstream authentication provider
+This will enable users to log in using their existing Google accounts. If you don't want to use Google for account services, you can also "add accounts manually.":#manual-accounts
+
~/sso-devise-omniauth-provider$ cp -i config/environments/production.rb.example config/environments/production.rb
@@ -49,18 +51,40 @@ h3(#client). Create arvados-server client
Use @rails console@ to create a @Client@ record that will be used by the Arvados API server. The values of @app_id@ and @app_secret@ correspond to the @APP_ID@ and @APP_SECRET@ that must be set in in "Setting up Omniauth in the API server.":install-api-server.html#omniauth
-~/sso-devise-omniauth-provider$ rake secret
+~/sso-devise-omniauth-provider$ ruby -e 'puts rand(2**400).to_s(36)'
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
~/sso-devise-omniauth-provider$ RAILS_ENV=production bundle exec rails console
-irb(main):001:0> c = Client.new
-irb(main):002:0> c.name = "joshid"
-irb(main):003:0> c.app_id = "arvados-server"
-irb(main):004:0> c.app_secret = "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
-irb(main):005:0> c.save!
-irb(main):006:0> quit
+:001 > c = Client.new
+:002 > c.name = "joshid"
+:003 > c.app_id = "arvados-server"
+:004 > c.app_secret = "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
+:005 > c.save!
+:006 > quit
+h2(#manual-accounts). Adding user accounts manually
+
+Instead of relying on an upstream authentication such as Google, you can create accounts on the SSO server manually.
+
+
+~/sso-devise-omniauth-provider$ RAILS_ENV=production bundle exec rails console
+:001 > user = User.new(:email => "test@example.com")
+:002 > user.password = "passw0rd"
+:003 > user.save!
+:004 > quit
+
+
+
+To log in using a manually created account:
+
+# Go to https://auth.your.domain/users/sign_in
+# Enter the email address and password and click on "Sign in"
+# You will arrive at a page "You are now signed in as test@example.com"
+# Go to https://workbench.@uuid_prefix@.your.domain/
+# Click on the Workbench "Log in" button.
+# You should now be logged in to Workbench. Confirm by looking for the email address displayed in the upper right.
+
h2. Start the SSO server
h3. Run a simple standalone server