Authentication via local accounts
Local accounts are the default authentication method for Allure Testops. Unlike other methods, it does not rely on any external identity provider and stores everything it needs inside the Allure UAA service's database.
How it works
To log into Allure Testops, a user enters their credentials: a username (or an email address) and a password. Both the username and the email address are unique identifiers of an account and can be used interchangeably.
New users can be registered in two different ways.
An admin can send an invitation link to an email address, thus pre-approving a future account with that address. When sending the invite, the admin specifies which role will be assigned to the new user. See Members § Manage invites for more details.
A user can initiate the registration process of a new account themselves from the registration form. Depending on the configuration, such an account may or may not need approval from an admin. Also, the configuration specifies which role will be assigned to the new account.
This workflow is disabled by default.
Allure Testops also provides a «Reset password» function.
For both the invitations and the password resets, Allure Testops needs to connect to an SMTP server.
Parameters
Edit the following parameters in the values.yaml file.
User registration settings
allure.registrationEnabled
— iftrue
, users will be able to initiate registration process themselves.allure.autoApprove
— iftrue
, newly registered users will not need approval from administrator.allure.auth.defaultRole
— the role to set for newly registered users. Allowed values: “ROLE_ADMIN”, “ROLE_USER”, “ROLE_GUEST”.
Mail server connection
smtp.enabled
— must betrue
.smtp.host
— mail server hostname.smtp.port
— mail server port.smtp.startTLSEnabled
— try to use an encrypted connection with the server.smtp.startTLSRequired
— never connect if the server does not support encryption.smtp.sslEnabled
— enable SSL support.smtp.sslTrust
— domains for which self-signed certificates can be accepted.
Mail account
smtp.authEnabled
—true
if the mail server requires authentication.smtp.username
— username for connecting to the mail server.smtp.password
— password for connecting to the mail server.smtp.from
— the address that should be shown in the From header of each email.
Note that some SMTP servers may require
ALLURE_MAIL_FROM
to be identical toALLURE_MAIL_USERNAME
.
Edit the following parameters in the .env file.
User registration settings
ALLURE_REGISTRATION_ENABLED
— iftrue
, users will be able to initiate registration process themselves.ALLURE_REGISTRATION_AUTOAPPROVE
— iftrue
, newly registered users will not need approval from administrator.ALLURE_REGISTRATION_DEFAULT_ROLE
— the role to set for newly registered users. Allowed values: “ROLE_ADMIN”, “ROLE_USER”, “ROLE_GUEST”.
Mail server parameters
ALLURE_MAIL_HOST
— mail server hostname.ALLURE_MAIL_PORT
— mail server port.ALLURE_MAIL_SMTP_STARTTLS_ENABLE
— try to use an encrypted connection with the server.ALLURE_MAIL_SMTP_STARTTLS_REQUIRED
— never connect if the server does not support encryption.ALLURE_MAIL_SMTP_SSL_ENABLE
— enable SSL support.ALLURE_MAIL_SMTP_SSL_TRUST
— domains for which self-signed certificates can be accepted.
Mail account
ALLURE_MAIL_SMTP_AUTH
—true
if the mail server requires authentication.ALLURE_MAIL_USERNAME
— username for connecting to the mail server.ALLURE_MAIL_PASSWORD
— password for connecting to the mail server.ALLURE_MAIL_FROM
— the address that should be shown in the From header of each email.
Note that some SMTP servers may require
ALLURE_MAIL_FROM
to be identical toALLURE_MAIL_USERNAME
.
Edit the following parameters in the /opt/allure-testops/uaa/conf/allure-uaa.conf file.
User registration settings
- ??? — if
true
, users will be able to initiate registration process themselves. - ??? — if
true
, newly registered users will not need approval from administrator. - ??? — the role to set for newly registered users. Allowed values: “ROLE_ADMIN”, “ROLE_USER”, “ROLE_GUEST”.
- ??? — if
Mail server parameters
SPRING_MAIL_HOST
— mail server hostname.SPRING_MAIL_PORT
— mail server port.SPRING_MAIL_PROPERTIES_MAIL_SMTP_STARTTLS_ENABLE
— try to use an encrypted connection with the server.SPRING_MAIL_PROPERTIES_MAIL_SMTP_STARTTLS_REQUIRED
— never connect if the server does not support encryption.SPRING_MAIL_PROPERTIES_MAIL_SMTP_SSL_ENABLE
— enable SSL support.SPRING_MAIL_PROPERTIES_MAIL_SMTP_SSL_TRUST
— domains for which self-signed certificates can be accepted.
Mail account
SPRING_MAIL_PROPERTIES_MAIL_SMTP_AUTH
—true
if the mail server requires authentication.SPRING_MAIL_USERNAME
— username for connecting to the mail server.SPRING_MAIL_PASSWORD
— password for connecting to the mail server.ALLURE_MAIL_FROM
— the address that should be shown in the From header of each email.
Note that some SMTP servers may require
ALLURE_MAIL_FROM
to be identical toSPRING_MAIL_USERNAME
.
Example
allure:
auth:
primary: system
registrationEnabled: false
autoApprove: false
defaultRole: ROLE_GUEST
smtp:
enabled: true
host: smtp.example.com
port: 465
startTLSEnabled: true
startTLSRequired: true
sslEnabled: true
sslTrust: smtp.example.com
authEnabled: true
username: [email protected]
password: $ecretPa$$w0rd
from: [email protected]
ALLURE_REGISTRATION_ENABLED=false
ALLURE_REGISTRATION_AUTOAPPROVE=false
ALLURE_REGISTRATION_DEFAULT_ROLE=ROLE_GUEST
ALLURE_MAIL_HOST=smtp.example.com
ALLURE_MAIL_PORT=465
ALLURE_MAIL_SMTP_STARTTLS_ENABLE=true
ALLURE_MAIL_SMTP_STARTTLS_REQUIRED=true
ALLURE_MAIL_SMTP_SSL_ENABLE=true
ALLURE_MAIL_SMTP_SSL_TRUST=smtp.example.com
ALLURE_MAIL_SMTP_AUTH=true
[email protected]
ALLURE_MAIL_PASSWORD=$ecretPa$$w0rd
[email protected]
SPRING_MAIL_HOST=smtp.example.com
SPRING_MAIL_PORT=465
SPRING_MAIL_PROPERTIES_MAIL_SMTP_STARTTLS_ENABLE=true
SPRING_MAIL_PROPERTIES_MAIL_SMTP_STARTTLS_REQUIRED=true
SPRING_MAIL_PROPERTIES_MAIL_SMTP_SSL_ENABLE=true
SPRING_MAIL_PROPERTIES_MAIL_SMTP_SSL_TRUST=smtp.example.com
SPRING_MAIL_PROPERTIES_MAIL_SMTP_AUTH=true
[email protected]
SPRING_MAIL_PASSWORD=$ecretPa$$w0rd
[email protected]