vbatts/quay
Archived
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

Merge branch 'master' of github.com:coreos-inc/quay

Browse source
This commit is contained in:
Jimmy Zelinskie 2015-03-26 16:31:20 -04:00
commit 4d4947edaf
2 changed files with 7 additions and 7 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
data/users.py
View file

@ -202,8 +202,8 @@ class UserAuthentication(object):
if decrypted is None: if decrypted is None:
# This is a normal password. # This is a normal password.
if features.REQUIRE_ENCRYPTED_BASIC_AUTH: if features.REQUIRE_ENCRYPTED_BASIC_AUTH:
msg = ('Client login with passwords is disabled. Please generate a client token ' + msg = ('Client login with unecrypted passwords is disabled. Please generate an ' +
'and use it in place of your password.') 'encrypted password in the user admin panel for use here.')
return (None, msg) return (None, msg)
else: else:
password = decrypted password = decrypted

10
static/directives/config/config-setup-tool.html
View file

@ -47,16 +47,16 @@
</td> </td>
</tr> </tr>
<tr> <tr>
<td class="non-input">Encrypted Client Tokens:</td> <td class="non-input">Encrypted Client Password:</td>
<td colspan="2"> <td colspan="2">
<div class="co-checkbox"> <div class="co-checkbox">
<input id="ftet" type="checkbox" ng-model="config.FEATURE_REQUIRE_ENCRYPTED_BASIC_AUTH"> <input id="ftet" type="checkbox" ng-model="config.FEATURE_REQUIRE_ENCRYPTED_BASIC_AUTH">
<label for="ftet">Require Encrypted Client Tokens</label> <label for="ftet">Require Encrypted Client Passwords</label>
</div> </div>
<div class="help-text"> <div class="help-text">
If enabled, users will not be able to login from the Docker command If enabled, users will not be able to login from the Docker command
line with a non-encrypted password and must generate an encrypted line with a non-encrypted password and must generate an encrypted
token to use. password to use.
</div> </div>
<div class="help-text" ng-if="config.AUTHENTICATION_TYPE == 'LDAP'"> <div class="help-text" ng-if="config.AUTHENTICATION_TYPE == 'LDAP'">
This feature is <strong>highly recommended</strong> for setups with LDAP authentication, as Docker currently stores passwords in <strong>plaintext</strong> on user's machines. This feature is <strong>highly recommended</strong> for setups with LDAP authentication, as Docker currently stores passwords in <strong>plaintext</strong> on user's machines.
@ -311,12 +311,12 @@
</div> </div>
<div class="alert alert-warning" ng-if="config.AUTHENTICATION_TYPE == 'LDAP' && !config.FEATURE_REQUIRE_ENCRYPTED_BASIC_AUTH"> <div class="alert alert-warning" ng-if="config.AUTHENTICATION_TYPE == 'LDAP' && !config.FEATURE_REQUIRE_ENCRYPTED_BASIC_AUTH">
It is <strong>highly recommended</strong> to require encrypted client tokens. LDAP passwords used in the Docker client will be stored in <strong>plaintext</strong>! It is <strong>highly recommended</strong> to require encrypted client passwords. LDAP passwords used in the Docker client will be stored in <strong>plaintext</strong>!
<a href="javascript:void(0)" ng-click="config.FEATURE_REQUIRE_ENCRYPTED_BASIC_AUTH = true">Enable this requirement now</a>. <a href="javascript:void(0)" ng-click="config.FEATURE_REQUIRE_ENCRYPTED_BASIC_AUTH = true">Enable this requirement now</a>.
</div> </div>
<div class="alert alert-success" ng-if="config.AUTHENTICATION_TYPE == 'LDAP' && config.FEATURE_REQUIRE_ENCRYPTED_BASIC_AUTH"> <div class="alert alert-success" ng-if="config.AUTHENTICATION_TYPE == 'LDAP' && config.FEATURE_REQUIRE_ENCRYPTED_BASIC_AUTH">
Note: The "Require Encrypted Client Tokens" feature is currently enabled which will Note: The "Require Encrypted Client Passwords" feature is currently enabled which will
prevent LDAP passwords from being saved as plaintext by the Docker client. prevent LDAP passwords from being saved as plaintext by the Docker client.
</div> </div>