Chapter 7. Configuring Authentication

Application users must authenticate with Data Grid clusters. Data Grid Operator generates default credentials or you can add your own.

7.1. Default Credentials

Data Grid Operator generates base64-encoded default credentials stored in an authentication secret named example-rhdatagrid-generated-secret

UsernameDescription

developer

Default application user.

operator

Internal user that interacts with Data Grid clusters.

7.2. Retrieving Credentials

Get credentials from authentication secrets to access Data Grid clusters.

Procedure

  • Retrieve credentials from authentication secrets, as in the following example: 

    $ oc get secret example-rhdatagrid-generated-secret

    Base64-decode credentials. 

    $ oc get secret example-rhdatagrid-generated-secret \
-o jsonpath="{.data.identities\.yaml}" | base64 --decode

credentials:
- username: developer
  password: dIRs5cAAsHIeeRIL
- username: operator
  password: uMBo9CmEdEduYk24

7.3. Adding Custom Credentials

Add custom credentials to an authentication secret.

Procedure

  1. Create an identities.yaml file that contains credentials for application users and the operator user for Data Grid Operator, for example: 

    credentials:
- username: testuser
  password: testpassword
- username: operator
  password: supersecretoperatorpassword

  2. Create an authentication secret with identities.yaml as follows: 

    $ oc create secret generic --from-file=identities.yaml connect-secret

  3. Specify the authentication secret with spec.security.endpointSecretName in your Infinispan CR and then apply the changes. 

    spec:
  ...
  security:
    endpointSecretName: connect-secret 1
    1
    specifies the authentication secret.