Bug 1327024 - Kerberos authentication to console and API not fully functional(https://github.com/openshift/origin/pull/4566)
Summary: Kerberos authentication to console and API not fully functional(https://githu...
Alias: None
Product: OpenShift Container Platform
Classification: Red Hat
Component: RFE
Version: 3.1.0
Hardware: Unspecified
OS: Unspecified
Target Milestone: ---
: ---
Assignee: Jordan Liggitt
QA Contact: weiwei jiang
Depends On:
Blocks: 1358399
TreeView+ depends on / blocked
Reported: 2016-04-14 06:29 UTC by Miheer Salunke
Modified: 2019-11-25 17:59 UTC (History)
13 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
: 1358399 (view as bug list)
Last Closed: 2016-09-27 09:37:41 UTC
Target Upstream Version:
jmeyer: needinfo+

Attachments (Terms of Use)

System ID Priority Status Summary Last Updated
Red Hat Product Errata RHBA-2016:1933 normal SHIPPED_LIVE Red Hat OpenShift Container Platform 3.3 Release Advisory 2016-09-27 13:24:36 UTC

Description Miheer Salunke 2016-04-14 06:29:21 UTC
Description of problem:
We are trying to setup a configuration for supporting Active Directory authentication for Openshift using Kerberos.
The setup is documented in Openshift Enterprise 3.1 Installation and Configuration ยง 7.2.8 but is not fully working.

The part about login from a browser in the console seems working.
But when using the OC CLI, it seems this tool is not able to use kerberos authentication. It seems it is only able to authenticate through basic authentication.

Could you confirm OC CLI is kerberised?

Version-Release number of selected component (if applicable):

How reproducible:

Steps to Reproduce:
1.Mentioned in the description

Actual results:
oc is not kerberised

Expected results:
it should be kerberised

Additional info:

Upstream fix https://github.com/openshift/origin/pull/4566

Comment 11 errata-xmlrpc 2016-09-27 09:37:41 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.


Note You need to log in before you can comment on or make changes to this bug.