infra-ansible
infra-ansible copied to clipboard
Update config-nexus role to set up Remote User Token Authentication when requested
As a user of Sonatype Nexus on OpenShift, I would like to be able to use the https://github.com/openshift/oauth-proxy to provide authentication to Nexus so that I do not have to use default usernames and passwords.
In order to do this, the role will have to:
- Enable the RUT Auth capability in Nexus
- Configured the RUT Auth capability to use the X-Forwarded-User header from https://github.com/openshift/oauth-proxy
- Change the default admin credentials using and API call.
Doing some research on this and found that the admin password can be reset using the Nexus scripting API. Upload a groovy script containing:
import org.sonatype.nexus.security.SecuritySystem
def securitySystem = container.lookup(SecuritySystem.class.getName())
securitySystem.changePassword('admin','admin1234')
And then execute it. The difficulty will be in having ansible insert the password desired.
@sherl0cks or @oybed Any thoughts here?
Hi,
I am using the Nexus as per my need, I want to authenticate the Repository using the RUT . i couldn't find any example . how to pass the the X-Proxy-REMOTE-USER in the header. please suggest me to resolve my issue.
Thanks,