Hide Forgot
1. Proposed title of this feature request Terms of Service Acceptance Page first time user logs in on OSE 2. Who is the customer behind the request? Account name: RED HAT IT/IS Customer segment: 3 TAM/SRM customer: yes, SRM/TAM customer Strategic Customer yes/no: yes 3. What is the nature and description of the request? In IT's Openshift Enterprise instance, because any kerberized user can just login and create an app, there is no way to get the user to agree to terms of service. So where a brand new user before they can get to the console, agrees to some customizable ToS against Openshift Enterprise service being provided by a given company. 4. Why does the customer need this? (List the business requirements here) Needed to make users aware of the ToS being provided by a given company. 5. How would the customer like to achieve this? (List the functional requirements here) n/a 6. For each functional requirement listed in question 5, specify how Red Hat and the customer can test to confirm the requirement is successfully implemented. Create a new user and check if it is presented to that user the ToS 7. Is there already an existing RFE upstream or in Red Hat bugzilla? No 8. Does the customer have any specific timeline dependencies? As soon as possible 9. Is the sales team involved in this request and do they have any additional input? No 10. List any affected packages or components. Unsure 11. Would the customer be able to assist in testing this functionality if implemented? Yes
I think this is still a very important feature for an enterprise deployment. Even at Red Hat IT, we would like to be able to set some ground rules to our users before they "blindly" start deploying gears/images to openshift. I don't think it is a blocker or a deal breaker, but definitely a "nice to have" for companies who want to set some guidelines for their users. A customizable ToS page before deploying your first app would be nice.
You don't need any custom authentication to do something that would be presented to users whenever they want to log into openshift. You can force a page to appear (login provider selection page) that is fully customizable https://docs.openshift.org/latest/install_config/web_console_customization.html#customizing-the-login-page This page appears before redirecting to whatever authentication mechanism you are using (so before it redirects to the redhat internal SAML auth) You could have a big "Log In" button and underneath a disclaimer saying by logging in you accept the terms of service. We are doing this for openshift online dev preview to have a link to register, some openshift branding, etc, before being redirected to github auth.
Work in progress: https://github.com/openshift/openshift-docs/pull/2144
Commits pushed to master at https://github.com/openshift/openshift-docs https://github.com/openshift/openshift-docs/commit/40bfc0e57158e4285b90aae98ded7f41abf1e935 Bug 1021658, added that the custom login page pops up when users' tokens expire https://github.com/openshift/openshift-docs/commit/4acf12e924f9eefe89eb322c6c1cb74a438b83ca Merge pull request #2144 from ahardin-rh/custom-login Bug 1021658, a custom login page pops up when users' tokens expire
Content is now published: https://access.redhat.com/documentation/en/openshift-enterprise/version-3.2/installation-and-configuration/#custom-login-page-example-usage