You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Reading at Basic Authentication it says All users are permitted to pull content from the Registry without any limitations because the concept of private repositories is not adopted once token authentication is disabled. But, only users with staff permissions are allowed to push content to the Registry.
The same goes for Remote Webserver Authentication Similarly to basic authentication, all users can pull content from the Registry without limitations and only staff is allowed to push new content to the Registry.
However the below situation fails, even if the user is staff
In a discussion on elements ipanova mentioned that it should be super-user and not staff. Hence making the documentation super confusing.
Suggest to clarify the documentation that it mention super-user instead of staff if not using token authentication if you want to push images to the registry
The text was updated successfully, but these errors were encountered:
Yes, we need to update the docs. Thanks for opening the issue.
Regular users have no admin access or permissions.
Staff users (admins) can log into the admin interface (admin UI) but have restricted permissions based on what they are explicitly assigned (when it comes to pushing content, the admins have no permissions if the token authentication is disabled).
Superusers (a special subset of admins) have complete access and all permissions, without needing additional configuration, and are allowed to push content to Pulp.
When disabling token authentication with
TOKEN_AUTH_DISABLED=True,
the manual at https://pulpproject.org/pulp_container/docs/admin/learn/authentication/#basic-authentication states thatBasic authentication or Remote Webserver authentication is used as a default authentication method depending on a particular configuration.
Reading at Basic Authentication it says
All users are permitted to pull content from the Registry without any limitations because the concept of private repositories is not adopted once token authentication is disabled. But, only users with staff permissions are allowed to push content to the Registry.
The same goes for Remote Webserver Authentication
Similarly to basic authentication, all users can pull content from the Registry without limitations and only staff is allowed to push new content to the Registry.
However the below situation fails, even if the user is staff
In a discussion on elements ipanova mentioned that it should be super-user and not staff. Hence making the documentation super confusing.
Suggest to clarify the documentation that it mention super-user instead of staff if not using token authentication if you want to push images to the registry
The text was updated successfully, but these errors were encountered: