Note: This bug is displayed in read-only format because the product is no longer active in Red Hat Bugzilla.

Bug 893172

Summary: The console and broker should not have to run on the same host
Product: OpenShift Container Platform Reporter: Brenton Leanhardt <bleanhar>
Component: WebsiteAssignee: Brenton Leanhardt <bleanhar>
Status: CLOSED NOTABUG QA Contact: libra bugs <libra-bugs>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 1.0.0CC: jialiu, libra-onpremise-devel, xjia
Target Milestone: ---Keywords: Triaged
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2013-03-07 21:35:54 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Brenton Leanhardt 2013-01-08 19:22:39 UTC
Description of problem:

Currently due to the way the remote-user authentication plugin works the console and the broker have to run on the same host and communicate over the loopback interface.  That is because we are trusting the REMOTE_USER header from the console.

What we would like to do is to have an trusted encrypted connection between the console and broker (most likely using ssl certs) so that we can remove that requirement.

This is related to Bug #892990 since we're having to workaround the problem of dealing with the special case of 'localhost' in the BROKER_URL.