You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@airavata.apache.org by ma...@apache.org on 2017/05/09 16:32:30 UTC
[4/7] airavata git commit: Temporarily disable WSO2 IS SSL
verification and API security
Temporarily disable WSO2 IS SSL verification and API security
Project: http://git-wip-us.apache.org/repos/asf/airavata/repo
Commit: http://git-wip-us.apache.org/repos/asf/airavata/commit/24f8b7f0
Tree: http://git-wip-us.apache.org/repos/asf/airavata/tree/24f8b7f0
Diff: http://git-wip-us.apache.org/repos/asf/airavata/diff/24f8b7f0
Branch: refs/heads/develop
Commit: 24f8b7f0f23a098babac6b1017c8b9bce67f71f2
Parents: a97bb13
Author: Marcus Christie <ma...@iu.edu>
Authored: Mon May 1 14:08:55 2017 -0400
Committer: Marcus Christie <ma...@iu.edu>
Committed: Tue May 2 09:24:26 2017 -0400
----------------------------------------------------------------------
.../inventories/scigap/production/group_vars/all/vars.yml | 4 +++-
dev-tools/ansible/roles/pga/defaults/main.yml | 1 +
dev-tools/ansible/roles/pga/templates/pga_config.php.j2 | 2 +-
3 files changed, 5 insertions(+), 2 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/airavata/blob/24f8b7f0/dev-tools/ansible/inventories/scigap/production/group_vars/all/vars.yml
----------------------------------------------------------------------
diff --git a/dev-tools/ansible/inventories/scigap/production/group_vars/all/vars.yml b/dev-tools/ansible/inventories/scigap/production/group_vars/all/vars.yml
index 33950d6..756edea 100644
--- a/dev-tools/ansible/inventories/scigap/production/group_vars/all/vars.yml
+++ b/dev-tools/ansible/inventories/scigap/production/group_vars/all/vars.yml
@@ -66,7 +66,7 @@ zookeeper_url: "{{ groups['zookeeper'][0] }}:{{ zookeeper_client_port }}"
api_server_name: "apiserver-node0"
api_server_host: "{{ groups['api-orch'][0] }}"
api_server_port: "8930"
-api_secured: "true"
+api_secured: "false"
tls_enable: "true"
api_server_tls_port: "9930"
enable_sharing: "true"
@@ -117,6 +117,8 @@ user_data_dir: "/var/www/portals/gateway-user-data"
#airavata_server: "tls://gw77.iu.xsede.org"
airavata_server: "tls://{{ groups['api-orch'][0] }}"
airavata_port: "9930"
+# FIXME: temporarily turn off SSL verification for WSO2 IS
+auth_verify_peer: "false"
# Sharing Registry related variables
sharing_registry_host: "{{ groups['api-orch'][0] }}"
http://git-wip-us.apache.org/repos/asf/airavata/blob/24f8b7f0/dev-tools/ansible/roles/pga/defaults/main.yml
----------------------------------------------------------------------
diff --git a/dev-tools/ansible/roles/pga/defaults/main.yml b/dev-tools/ansible/roles/pga/defaults/main.yml
index a7e7934..e8f869b 100644
--- a/dev-tools/ansible/roles/pga/defaults/main.yml
+++ b/dev-tools/ansible/roles/pga/defaults/main.yml
@@ -49,6 +49,7 @@ admin_role_name: "admin"
admin_readonly_role_name: "admin-read-only"
user_role_name: "gateway-user"
initial_role_name: "user-pending"
+auth_verify_peer: "true"
## Airavata Client related variables
#airavata_server: "tls://gw77.iu.xsede.org"
http://git-wip-us.apache.org/repos/asf/airavata/blob/24f8b7f0/dev-tools/ansible/roles/pga/templates/pga_config.php.j2
----------------------------------------------------------------------
diff --git a/dev-tools/ansible/roles/pga/templates/pga_config.php.j2 b/dev-tools/ansible/roles/pga/templates/pga_config.php.j2
index a8b34da..af887be 100644
--- a/dev-tools/ansible/roles/pga/templates/pga_config.php.j2
+++ b/dev-tools/ansible/roles/pga/templates/pga_config.php.j2
@@ -74,7 +74,7 @@ return array(
/**
* Enable HTTPS server verification
*/
- 'verify-peer' => true,
+ 'verify-peer' => {{ auth_verify_peer }},
/**
* Path to the server certificate file