MyFavMirrors/minio
1
0
Fork 0
mirror of https://github.com/minio/minio.git synced 2025-11-07 21:02:58 -05:00
Code Issues Packages Projects Releases Wiki Activity

deprecate embedded browser (#12163)

Browse Source 
https://github.com/minio/console takes over the functionality for the
future object browser development

Signed-off-by: Harshavardhana <harsha@minio.io>
This commit is contained in:
Harshavardhana
2021-04-27 10:52:12 -07:00
committed by GitHub
parent cf335f6c63
commit 736d8cbac4
270 changed files with 641 additions and 40893 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
docs/sts/README.md
View File

@@ -92,14 +92,6 @@ This will open the login page of keycloak, upon successful login, STS credential
These credentials can now be used to perform MinIO API operations.
### Using MinIO Browser
- Open MinIO URL on the browser, lets say http://localhost:9000
- Click on `Log in with OpenID`
- Provide `Client ID` and press ENTER, if `client_id` is already configured for MinIO this page will automatically redirect to Keycloak user login page.
- User will be redirected to the Keycloak user login page, upon successful login the user will be redirected to MinIO page and logged in automatically,
the user should see now the buckets and objects they have access to.
## Explore Further
- [MinIO Admin Complete Guide](https://docs.min.io/docs/minio-admin-complete-guide.html)
- [The MinIO documentation website](https://docs.min.io)

8
docs/sts/keycloak.md
View File

@@ -114,14 +114,6 @@ This will open the login page of keycloak, upon successful login, STS credential
These credentials can now be used to perform MinIO API operations.
### Using MinIO Browser
- Open MinIO URL on the browser, lets say http://localhost:9000
- Click on `Log in with OpenID`
- Provide `Client ID` and press ENTER, if `client_id` is already configured for MinIO this page will automatically redirect to Keycloak user login page.
- User will be redirected to the Keycloak user login page, upon successful login the user will be redirected to MinIO page and logged in automatically,
the user should see now the buckets and objects they have access to.
## Explore Further
- [MinIO STS Quickstart Guide](https://docs.min.io/docs/minio-sts-quickstart-guide)

3
docs/sts/ldap.md
View File

@@ -252,9 +252,6 @@ $ go run ldap.go -u foouser -p foopassword
}
```
## Caveats
**LDAP STS credentials are not yet supported on MinIO Browser UI, we may add this feature in future releases.**
## Explore Further
- [MinIO Admin Complete Guide](https://docs.min.io/docs/minio-admin-complete-guide.html)
- [The MinIO documentation website](https://docs.min.io)

26
docs/sts/web-identity.md
View File

@@ -14,7 +14,6 @@
- [Sample Response](#sample-response)
- [Using WebIdentity API](#using-webidentity-api)
- [Authorization Flow](#authorization-flow)
- [Using MinIO Browser](#using-minio-browser)
- [Explore Further](#explore-further)
## Introduction
@@ -140,28 +139,9 @@ $ go run web-identity.go -cid 204367807228-ok7601k6gj1pgge7m09h7d79co8p35xx.apps
- Using the access token the callback handler further talks to Google OAuth2 Token URL to obtain an JWT id_token.
- Once obtained the JWT id_token is further sent to STS endpoint i.e MinIO to retrive temporary credentials.
- Temporary credentials are displayed on the browser upon successful retrieval.
## Using MinIO Browser
To support WebIdentity login on MinIO Browser, set openid configuration and restart MinIO
```
mc admin config set myminio identity_openid config_url="<CONFIG_URL>" client_id="<client_identifier>"
```
```
mc admin service restart myminio
```
Sample URLs for Keycloak are
`config_url` - `http://localhost:8080/auth/realms/demo/.well-known/openid-configuration`
JWT token returned by the Identity Provider should include a custom claim for the policy, this is required to create a STS user in MinIO. The name of the custom claim could be either `policy` or `<NAMESPACE_PREFIX>policy`. If there is no namespace then `claim_prefix` can be ingored. For example if the custom claim name is `https://min.io/policy` then, `claim_prefix` should be set as `https://min.io/`.
- Open MinIO Browser and click `Log in with OpenID`
- Enter the `Client ID` obtained from Identity Provider and press ENTER, if not you can set a `client_id` on server to avoid this step.
- The user will be redirected to the Identity Provider login page
- Upon successful login on Identity Provider page the user will be automatically logged into MinIO Browser
- JWT token returned by the Identity Provider *must* include a custom claim for the policy, this is required to create a STS user in MinIO.
The name of the custom claim could be either `policy` or `<NAMESPACE_PREFIX>policy`. If there is no namespace then `claim_prefix` can be
ignored. For example if the custom claim name is `https://min.io/policy` then, `claim_prefix` should be set as `https://min.io/`.
## Explore Further
- [MinIO Admin Complete Guide](https://docs.min.io/docs/minio-admin-complete-guide.html)