Giter VIP home page Giter VIP logo

Comments (10)

jonquark avatar jonquark commented on June 16, 2024

The webui uses openldap to store its users (so it doesn't just need a client).

It's available in EPEL for RHEL9
https://docs.fedoraproject.org/en-US/epel/#_el9

from amlen.

davydnorris avatar davydnorris commented on June 16, 2024

But why does it have to be openldap? Couldn't it store it's users in ANY LDAP? It just seems a really weird thing to hardwire into an installation, especially when there's a page in the UI for configuring LDAP - what is that actually used for?

from amlen.

jonquark avatar jonquark commented on June 16, 2024

The WebUI has a local database of users allowed to login to the webui. It has to be something specific as the means of configuring, starting, stopping an ldap instance is obviously different between different servers.

There is a page in the WebUI for configuring the LDAP connection of the server - the server is just an LDAP client, the WebUI uses a local LDAP server.

from amlen.

davydnorris avatar davydnorris commented on June 16, 2024

Wow - for me that would be even more reason to not hard code the LDAP server. Most organisations will have an existing directory server they would want to use across their IT team - many would want to use some form of SSO as well.

This is being deployed into Liberty, which offers all these things and does it so well! My suggestion would be to do what pretty much every other app I've seen in Liberty does, and that is deploy in Liberty with the default Basic User Registry, and then let the end user configure Liberty for other directory systems, SSO, etc.

The Basic User Registry would let you set up the initial admin/admin user, and would then remove the need for any LDAP components in the web UI installation.

Have a look at IBM Engineering Lifecycle Management tools on jazz.net - this is a perfect example of what I am talking about. IBM's Maximo is another example

from amlen.

jonquark avatar jonquark commented on June 16, 2024

Yes, having the WebUI optionally use an external LDAP would be a nice feature. I'm not aware of any person or organisation who is currently working on that (or planning to work on that).

from amlen.

davydnorris avatar davydnorris commented on June 16, 2024

If I worked on this to remove all explicit LDAP dependencies and go with the default Basic User Registry as the out of the box option would this be of interest? Then the documentation could refer to the Liberty online help for people who want to configure a directory.

Then you could optionally provide a separate package to install and set up openldap using the scripts in this distro, including a prepopulated XML registry file that would connect Liberty

from amlen.

jonquark avatar jonquark commented on June 16, 2024

By default it should do what it does today. The user should not have to know anything about LDAP to run the WebUI on their laptop.

If you wanted to add a way of optionally configuring it to use an external LDAP provider instead that would be welcome as long as it doesn't change default behaviour and break the existing users.

from amlen.

davydnorris avatar davydnorris commented on June 16, 2024

Well, that's really just an XML file, and anybody who knows enough about Liberty will be able to do that themselves so not really worth doing. They'll just have to go through the install first to extract the good bits ;-)

From what I can see, the Web UI is a nicely contained JSP app in a war - you remove all the encumbrances around it and it'll just run anywhere Liberty does. Windows, Linux, any sort of containers - even a Pi. The way it is right now it's the installer wrapped tightly around it that makes it non-transportable, and yet that was one of the things I heard the project calling out for help with in the talks and slides I've looked at.

As I mentioned, I was a big user of the WIoTP and was looking for an alternative - I had hoped the Web UI also included the device management UI that is in IBM Cloud, so either way I'm up for a bunch of web development before I get to the same functionality. It may end up I use the server component (which is one of the best around) and build my own UI completely.

If you ever decide to move down a simplification path and to strip the WebUI installer back to something like I've mentioned - I'll always be very keen to help

from amlen.

davydnorris avatar davydnorris commented on June 16, 2024

By default it should do what it does today. The user should not have to know anything about LDAP to run the WebUI on their laptop.

And of course, the best way to have the user "not have to know anything about LDAP" would be to not use it at all by default :-). Just use the Basic User Registry instead

from amlen.

jonquark avatar jonquark commented on June 16, 2024

There are lots of existing users. Any switch away from openldap would need well-tested automatic migration. If you would like to work on that or on an extra, differently packaged version of the WebUI, either would be welcomed if sufficiently unlikely to break the current user base :)

from amlen.

Related Issues (20)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.