Uploaded image for project: 'Puppet Server'
  1. Puppet Server
  2. SERVER-2778

Remove legacy auth setting

    XMLWordPrintable

    Details

    • Type: Task
    • Status: Resolved
    • Priority: Normal
    • Resolution: Done
    • Affects Version/s: None
    • Fix Version/s: SERVER 7.0.0
    • Component/s: None
    • Labels:
    • Template:
    • Team:
      Froyo
    • Release Notes:
      New Feature
    • Release Notes Summary:
      Removes the setting to opt into using Puppet's legacy authorization files. Users are now required to use puppetserver's `auth.conf`, provided by trapperkeeper-authorization.
    • QA Risk Assessment:
      Needs Assessment

      Description

      The legacy auth.conf file that Puppet used to use has been heavily deprecated for several major releases, and doesn't have all the necessary features to correctly authenticate certs with authorization extensions, which are now widely in use in PE (e.g. CA cert, compiler certs). Puppet Server's trapperkeeper-authorization HOCON file has been a much more powerful replacement for a long time.

      This ticket is to track removing the setting, but not all of its backing code. That gives us the freedom to remove the code at our leisure, once the mode is no longer available to users.

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              maggie Maggie Dreyer
              Reporter:
              maggie Maggie Dreyer
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved:

                  Zendesk Support