Documentation: reflect the current state of anonymous token generation.

refs #16726

Arvados-DCO-1.1-Signed-off-by: Ward Vandewege <ward@curii.com>

diff --git a/doc/install/install-keep-web.html.textile.liquid b/doc/install/install-keep-web.html.textile.liquid
index 14536cf207a89a248c56837787dc8dc993814a37..90ae6faa7a2f48dce243d2966a7a63aee9bf4818 100644 (file)
--- a/doc/install/install-keep-web.html.textile.liquid
+++ b/doc/install/install-keep-web.html.textile.liquid
@@ -99,7 +99,10 @@ h2(#update-config). Configure anonymous user token
 
 {% assign railscmd = "bundle exec ./script/get_anonymous_user_token.rb --get" %}
 {% assign railsout = "zzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzz" %}
-If you intend to use Keep-web to serve public data to anonymous clients, configure it with an anonymous token. Use the following command on the <strong>API server</strong> to create an anonymous user token. {% include 'install_rails_command' %}
+If you intend to use Keep-web to serve public data to anonymous clients, configure it with an anonymous token.
+
+# First, generate a long random string and put it in the @config.yml@ file, in the @AnonymousUserToken@ field.
+# Then, use the following command on the <strong>API server</strong> to register the anonymous user token in the database. {% include 'install_rails_command' %}
 
 <notextile>
 <pre><code>    Users:

diff --git a/lib/config/config.default.yml b/lib/config/config.default.yml
index d25ffaaf01461d4b7df91d1ceeb06ed340853037..670352a3a006e03e49dabf8360493c5c9c0995ed 100644 (file)
--- a/lib/config/config.default.yml
+++ b/lib/config/config.default.yml
@@ -273,9 +273,10 @@ Clusters:
       NewUserNotificationRecipients: {}
       NewInactiveUserNotificationRecipients: {}
 
-      # Set AnonymousUserToken to enable anonymous user access. You can get
-      # the token by running "bundle exec ./script/get_anonymous_user_token.rb"
-      # in the directory where your API server is running.
+      # Set AnonymousUserToken to enable anonymous user access. Populate this
+      # field with a long random string. Then run "bundle exec
+      # ./script/get_anonymous_user_token.rb" in the directory where your API
+      # server is running to record the token in the database.
       AnonymousUserToken: ""
 
       # If a new user has an alternate email address (local@domain)

diff --git a/lib/config/generated_config.go b/lib/config/generated_config.go
index 60ba85b4739464759177730d25077dc428c7f3f8..a11376f4003d3b92881400e2e20671d980783a63 100644 (file)
--- a/lib/config/generated_config.go
+++ b/lib/config/generated_config.go
@@ -279,9 +279,10 @@ Clusters:
       NewUserNotificationRecipients: {}
       NewInactiveUserNotificationRecipients: {}
 
-      # Set AnonymousUserToken to enable anonymous user access. You can get
-      # the token by running "bundle exec ./script/get_anonymous_user_token.rb"
-      # in the directory where your API server is running.
+      # Set AnonymousUserToken to enable anonymous user access. Populate this
+      # field with a long random string. Then run "bundle exec
+      # ./script/get_anonymous_user_token.rb" in the directory where your API
+      # server is running to record the token in the database.
       AnonymousUserToken: ""
 
       # If a new user has an alternate email address (local@domain)