Ok for whatever reason this user_map_match: '.*' was never sent to the apache configuration!
The ood_portal.yml has
# Lua regular expression used to map authenticated-user to system-user
# This configuration is ignored if user_map_cmd is defined
# Default: '.*'
but the apache conf file ends with the more complicated default scheme, somehow.
If I force the change on the apache’s config, it works. If I re-generate it, I get again the
SetEnv OOD_USER_MAP_MATCH "^([^@]+)@.*$" on ood-portal.conf
I want to make sure I understand the sequence. After making the changes to the ood_portal.yml you issued the update_ood_portal command and restarted apache and OOD and the setting for the user_map_match never shows up?
Do you have ondemand-dex installed? If we notice that this package is available in 2.0 we force some defaults, like user_map_match. I ask because your logs also output some auth_openidc:warn messages which imply that your using OIDC auth and not basic (another default we’re forcing because of dex).
If you have ondemand-dex installed and don’t wish to use it, then remove it and bounce httpd and check ood-portal.conf to see the correct things being populated.
That’s what comes by following the instructions for using Ubuntu:
ii ondemand 2.0.31 amd64 Open OnDemand is an open source release of the Ohio SuperComputer Center's
ii ondemand-dex 2.32.0 amd64 OnDemand Dex
ii ondemand-nginx 1.18.0 amd64 A high performance web server and reverse proxy server
ii ondemand-passenger 6.0.14 amd64 Phusion Passenger application server for OnDemand
ii ondemand-release-web 2.0.1 all OnDemand repo release files for 2.0 web repo
I want to use dex later, but I wanted first to have it running “single-user” so to speak - more than anything, to show a working prototype to the boss before putting work and making it into production.
And you are correct - by removing this package, it now works as intended. Should I submit a bug report?