Login Service⚓︎
The Login Service provides the platform Authorization Server for authenticated user identity and request authorization.
Helm Chart⚓︎
The Login Service is deployed via the login-service
helm chart from the EOEPCA Helm Chart Repository.
The chart is configured via values that are fully documented in the README for the login-service
chart.
helm install --values login-service-values.yaml um-login-service eoepca/login-service
Values⚓︎
At minimum, values for the following attributes should be specified:
- Public hostname of the Authorization Server, e.g.
auth.192.168.49.123.nip.io
- Initial password for the admin user
Note that the password must meet the complexity: at least 6 characters and include one uppercase letter, one lowercase letter, one digit, and one special character - IP Address of the public facing reverse proxy (Nginx Ingress Controller), e.g.
192.168.49.123
- Name of Persistent Volume Claim for
login-service
persistence, e.g.eoepca-userman-pvc
The boolen valuevolumeClaim.create
can be used for the PVC to be created by the helm release. This creates a volume of typehost-path
and, hence, is only useful for single-node development usage. - TLS Certificate Provider, e.g.
letsencrypt-production
Example login-service-values.yaml
…
volumeClaim:
name: eoepca-userman-pvc
create: false
config:
domain: auth.192.168.49.123.nip.io
adminPass: Chang3me!
ldapPass: Chang3me!
volumeClaim:
name: eoepca-userman-pvc
opendj:
volumeClaim:
name: eoepca-userman-pvc
oxauth:
volumeClaim:
name: eoepca-userman-pvc
oxtrust:
volumeClaim:
name: eoepca-userman-pvc
global:
domain: auth.192.168.49.123.nip.io
nginxIp: 192.168.49.123
nginx:
ingress:
annotations:
cert-manager.io/cluster-issuer: letsencrypt-production
hosts:
- auth.192.168.49.123.nip.io
tls:
- hosts:
- auth.192.168.49.123.nip.io
secretName: login-service-tls
Login Service Usage⚓︎
Once the deployment has been completed successfully, the Login Service is accessed at the endpoint https://auth.<domain>/
, configured by your domain - e.g. https://auth.192.168.49.123.nip.io/.
Login as the admin
user with the credentials configured in the helm values - ref. adminPass
/ ldapPass
.
Typical first actions to undertake through the Gluu web interface include creation of users and clients.
Additional Information⚓︎
Additional information regarding the Login Service can be found at: