From: Peter Amstutz Date: Tue, 3 Mar 2015 17:16:55 +0000 (-0500) Subject: Merge branch '5322-sso-manual-account-doc' closes #5322 X-Git-Tag: 1.1.0~1774 X-Git-Url: https://git.arvados.org/arvados.git/commitdiff_plain/7e814093e36dd6fc96353584c2c0797f4654f317?hp=6cd3b6fb1c143017c6bca4db899c8c6ddd237572 Merge branch '5322-sso-manual-account-doc' closes #5322 --- diff --git a/doc/install/install-manual-prerequisites.html.textile.liquid b/doc/install/install-manual-prerequisites.html.textile.liquid index e5b28d9156..5fe214ec96 100644 --- a/doc/install/install-manual-prerequisites.html.textile.liquid +++ b/doc/install/install-manual-prerequisites.html.textile.liquid @@ -34,7 +34,7 @@ You may also use a different method to pick the unique identifier. The unique id h2. SSL certificates -There are four public-facing services that will require an SSL certificate. If you do not have official SSL certificates, you can use self-signed certificates. By convention, we use the following hostname pattern: +There are five public-facing services that will require an SSL certificate. If you do not have official SSL certificates, you can use self-signed certificates. By convention, we use the following hostname pattern:
table(table table-bordered table-condensed). @@ -43,4 +43,5 @@ table(table table-bordered table-condensed). |Arvados Websockets endpoint|ws.@uuid_prefix@.your.domain| |Arvados Keepproxy server|keep.@uuid_prefix@.your.domain| |Arvados Workbench|workbench.@uuid_prefix@.your.domain| +|Arvados SSO Server|auth.your.domain|
diff --git a/doc/install/install-sso.html.textile.liquid b/doc/install/install-sso.html.textile.liquid index f272d857a7..4f6a9771f1 100644 --- a/doc/install/install-sso.html.textile.liquid +++ b/doc/install/install-sso.html.textile.liquid @@ -37,6 +37,8 @@ Edit @config/initializers/secret_token.rb@ to set @config.secret_token@ to the s h3. Configure upstream authentication provider +This will enable users to log in using their existing Google accounts. If you don't want to use Google for account services, you can also "add accounts manually.":#manual-accounts + 
~/sso-devise-omniauth-provider$ cp -i config/environments/production.rb.example config/environments/production.rb
@@ -52,15 +54,37 @@ Use @rails console@ to create a @Client@ record that will be used by the Arvados 
~/sso-devise-omniauth-provider$ rake secret
 xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
 ~/sso-devise-omniauth-provider$ RAILS_ENV=production bundle exec rails console
-irb(main):001:0> c = Client.new
-irb(main):002:0> c.name = "joshid"
-irb(main):003:0> c.app_id = "arvados-server"
-irb(main):004:0> c.app_secret = "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
-irb(main):005:0> c.save!
-irb(main):006:0> quit
+:001 > c = Client.new
+:002 > c.name = "joshid"
+:003 > c.app_id = "arvados-server"
+:004 > c.app_secret = "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
+:005 > c.save!
+:006 > quit
+h2(#manual-accounts). Adding user accounts manually + +Instead of relying on an upstream authentication such as Google, you can create accounts on the SSO server manually. + + +
~/sso-devise-omniauth-provider$ RAILS_ENV=production bundle exec rails console
+:001 > user = User.new(:email => "test@example.com")
+:002 > user.password = "passw0rd"
+:003 > user.save!
+:004 > quit
+
+ + +To log in using a manually created account: + +# Go to https://auth.your.domain/users/sign_in +# Enter the email address and password and click on "Sign in" +# You will arrive at a page "You are now signed in as test@example.com" +# Go to https://workbench.@uuid_prefix@.your.domain/ +# Click on the Workbench "Log in" button. +# You should now be logged in to Workbench. Confirm by looking for the email address displayed in the upper right. + h2. Start the SSO server h3. Run a simple standalone server