Closed
Bug 994114
Opened 10 years ago
Closed 10 years ago
Install mod_authnz_persona on people.mozilla.org
Categories
(Infrastructure & Operations Graveyard :: WebOps: Other, task)
Tracking
(Not tracked)
RESOLVED
FIXED
People
(Reporter: bwinton, Assigned: gozer)
References
()
Details
Attachments
(1 file)
2.46 KB,
patch
|
bburton
:
review+
|
Details | Diff | Splinter Review |
Hi! I've got some things I'ld like to put on my webspace on people.mozilla.org, but they're a little sensitive, and so I'ld like to restrict access to people who work at Mozilla. If we added the persona apache auth module, then I could add an htaccess file with: AuthType Persona Require persona-idp login.mozilla.org which would be perfect… Thanks! :)
Updated•10 years ago
|
Assignee: server-ops → server-ops-webops
Component: Server Operations → WebOps: Other
Product: mozilla.org → Infrastructure & Operations
QA Contact: shyam → nmaul
Assignee | ||
Updated•10 years ago
|
Assignee: server-ops-webops → gozer
Assignee | ||
Comment 1•10 years ago
|
||
It's absolutely possible and should be low impact for folks that don't enable it. However, since people.mozilla.org is a special snowflake (no staging), I am asking for some review love before even considering making this so.
Attachment #8404106 -
Flags: review?(bburton)
Comment 2•10 years ago
|
||
I don't see any issues, do a --noop run before applying to be safe We should probably send this through CAB just to be safe
Flags: cab-review?
Comment 3•10 years ago
|
||
Comment on attachment 8404106 [details] [diff] [review] [puppet] Install and configure mod_authnz_persona Review of attachment 8404106 [details] [diff] [review]: ----------------------------------------------------------------- +1
Attachment #8404106 -
Flags: review?(bburton) → review+
Comment 4•10 years ago
|
||
CAB approval for noon PDT Friday (04/18/2014). Requested a MOTD message be put in place for notification.
Reporter | ||
Comment 5•10 years ago
|
||
So, I added a .htaccess file as described above, but now when I go to https://people.mozilla.org/~bwinton/private/delorian.html it just says "Authorization Required", instead of presenting a Persona login page, as https://github.com/mozilla/mod_authnz_persona suggests it should… (Perhaps because https://people.mozilla.org/login.shtml returns a 403 Forbidden, which might be because /usr/share/mod_authnz_persona/ doesn't exist? I'm just guessing here, though.)
Comment 6•10 years ago
|
||
(In reply to Blake Winton (:bwinton) from comment #5) > So, I added a .htaccess file as described above, but now when I go to > https://people.mozilla.org/~bwinton/private/delorian.html it just says > "Authorization Required", instead of presenting a Persona login page, as > https://github.com/mozilla/mod_authnz_persona suggests it should… > > (Perhaps because https://people.mozilla.org/login.shtml returns a 403 > Forbidden, which might be because /usr/share/mod_authnz_persona/ doesn't > exist? I'm just guessing here, though.) Deploying this was delayed because the folks involved were off Friday, we'll reschedule for later this week
Assignee | ||
Comment 7•10 years ago
|
||
Can I just assume we are pushing this one week to noon PDT Friday (04/25/2014) ?
Comment 8•10 years ago
|
||
(In reply to Philippe M. Chiasson (:gozer) from comment #7) > Can I just assume we are pushing this one week to noon PDT Friday > (04/25/2014) ? Yes, please update the MOTD two hours in advance of the work and update the topic in #it before you begin
Flags: cab-review? → cab-review+
Reporter | ||
Comment 9•10 years ago
|
||
Hmm, I'm still getting "Authorization Required" instead of the Persona login page… Did you run into any difficulties with the deployment?
Assignee | ||
Comment 10•10 years ago
|
||
Committed revision 87314. Committed revision 87315. Enable and test by dropping in your .htaccess: SSLRequireSSL On AuthType Persona require valid-user And make sure to access people.mozilla.org via SSL. See it in action here: https://people.mozilla.org/~pchiasson/test/
Status: NEW → RESOLVED
Closed: 10 years ago
Resolution: --- → FIXED
Updated•9 years ago
|
Change Request: --- → approved
Flags: cab-review+
Updated•5 years ago
|
Product: Infrastructure & Operations → Infrastructure & Operations Graveyard
You need to log in
before you can comment on or make changes to this bug.
Description
•