Skip to end of banner
Go to start of banner

opHA3 - Authentication

Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

Version 1 Next »

Discovery

opHA 3 has different Authentication configurations to discover a peer: 

  • user/password
  • user/sharedkey

For the user/password, it should be a valid user and password with permission over module_opcore_view module. 

For the user/sharedkey: 

  • user must have permissions over module_opcore_view module. Used for authorisation. 
  • sharedkey should be one in omkd_secrets in opCommon.json in the poller. Used for authentication. 

A token will be generated using this user and password to protect the shared key. 

Peer Communication

opHA 3 needs to have the "token" method authentication setup in order to perform the internal communication. 

It can be changed in opCommon.json setting in the pollers: 

"auth_method_1" : "token",

It can also use auth_method_2 or auth_method_3. 

After the change, omkd daemon should be restarted. 

For this purpose, the following settings are sent from the poller to the primary: 

"auth_token_key" : ["token"],
"opha_api_user" : "omkapiha",

And they would be saved in the the registry in the primary, that will generate a token with this data to perform the communication. 



  • No labels