{"id":1428,"date":"2022-09-12T10:41:13","date_gmt":"2022-09-12T10:41:13","guid":{"rendered":"http:\/\/patriciocerda.com\/?p=1428"},"modified":"2022-12-21T10:54:57","modified_gmt":"2022-12-21T10:54:57","slug":"openshift-anadiendo-active-directory-como-oauth-provider","status":"publish","type":"post","link":"https:\/\/patriciocerda.com\/?p=1428","title":{"rendered":"OpenShift &#8211; A\u00f1adiendo Active Directory como OAuth Provider"},"content":{"rendered":"<p>Hola a todos!!! En este post hablaremos sobre como integrar OpenShift con Active Directory, a\u00f1adiendo nuestro dominio AD como OAuth Provider en un cluster OpenShift<\/p>\n<h2><\/h2>\n<div id=\"ez-toc-container\" class=\"ez-toc-v2_0_83 counter-hierarchy ez-toc-counter ez-toc-grey ez-toc-container-direction\">\n<div class=\"ez-toc-title-container\">\n<p class=\"ez-toc-title\" style=\"cursor:inherit\">Contenidos<\/p>\n<span class=\"ez-toc-title-toggle\"><a href=\"#\" class=\"ez-toc-pull-right ez-toc-btn ez-toc-btn-xs ez-toc-btn-default ez-toc-toggle\" aria-label=\"Toggle Table of Content\"><span class=\"ez-toc-js-icon-con\"><span class=\"\"><span class=\"eztoc-hide\" style=\"display:none;\">Toggle<\/span><span class=\"ez-toc-icon-toggle-span\"><svg style=\"fill: #999;color:#999\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" class=\"list-377408\" width=\"20px\" height=\"20px\" viewBox=\"0 0 24 24\" fill=\"none\"><path d=\"M6 6H4v2h2V6zm14 0H8v2h12V6zM4 11h2v2H4v-2zm16 0H8v2h12v-2zM4 16h2v2H4v-2zm16 0H8v2h12v-2z\" fill=\"currentColor\"><\/path><\/svg><svg style=\"fill: #999;color:#999\" class=\"arrow-unsorted-368013\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"10px\" height=\"10px\" viewBox=\"0 0 24 24\" version=\"1.2\" baseProfile=\"tiny\"><path d=\"M18.2 9.3l-6.2-6.3-6.2 6.3c-.2.2-.3.4-.3.7s.1.5.3.7c.2.2.4.3.7.3h11c.3 0 .5-.1.7-.3.2-.2.3-.5.3-.7s-.1-.5-.3-.7zM5.8 14.7l6.2 6.3 6.2-6.3c.2-.2.3-.5.3-.7s-.1-.5-.3-.7c-.2-.2-.4-.3-.7-.3h-11c-.3 0-.5.1-.7.3-.2.2-.3.5-.3.7s.1.5.3.7z\"\/><\/svg><\/span><\/span><\/span><\/a><\/span><\/div>\n<nav><ul class='ez-toc-list ez-toc-list-level-1 ' ><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/patriciocerda.com\/?p=1428\/#Que_necesitamos\" >Que necesitamos<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-2\" href=\"https:\/\/patriciocerda.com\/?p=1428\/#Integracion_de_OpenShift_con_LDAPAD\" >Integraci\u00f3n de OpenShift con LDAP\/AD<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-3\" href=\"https:\/\/patriciocerda.com\/?p=1428\/#Sincronizar_los_grupos_de_AD_con_OpenShift\" >Sincronizar los grupos de AD con OpenShift<\/a><\/li><\/ul><\/nav><\/div>\n<h2><span class=\"ez-toc-section\" id=\"Que_necesitamos\"><\/span>Que necesitamos<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>Para poder completar esta integraci\u00f3n necesitaremos:<\/p>\n<ul>\n<li>Un cluster OpenShift ya desplegado y totalmente operativo<\/li>\n<li>Un dominio Active Directory accesible desde el cluster OpenShift<\/li>\n<li>Usuarios y grupos de Active Directory que posteriormente utilizaremos para autenticarnos en OpenShift<\/li>\n<\/ul>\n<h2><\/h2>\n<h2><span class=\"ez-toc-section\" id=\"Integracion_de_OpenShift_con_LDAPAD\"><\/span>Integraci\u00f3n de OpenShift con LDAP\/AD<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>Lo primero que deberemos llevar a cabo, es la integraci\u00f3n de OpenShift con Active Directory (LDAP), de manera de utilizar AD como Identity Provider.<\/p>\n<ul>\n<li>Nos dirigimos a la consola web de\u00a0 OCP y vamos a Administration \u2013&gt; Cluster Settings \u2013&gt; Global Configuration \u2013&gt; Oauth<\/li>\n<li>En la parte inferior, en la secci\u00f3n <strong>Identity Provider<\/strong>, hacemos click en <strong>Add<\/strong> y luego en <strong>LDAP<\/strong>.<\/li>\n<\/ul>\n<p><a href=\"https:\/\/patriciocerda.com\/wp-content\/uploads\/2022\/09\/KastenOAuth21.jpg\"><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter wp-image-1398\" src=\"https:\/\/patriciocerda.com\/wp-content\/uploads\/2022\/09\/KastenOAuth21-300x293.jpg\" alt=\"\" width=\"400\" height=\"391\" srcset=\"https:\/\/patriciocerda.com\/wp-content\/uploads\/2022\/09\/KastenOAuth21-66x66.jpg 66w, https:\/\/patriciocerda.com\/wp-content\/uploads\/2022\/09\/KastenOAuth21-200x195.jpg 200w, https:\/\/patriciocerda.com\/wp-content\/uploads\/2022\/09\/KastenOAuth21-300x293.jpg 300w, https:\/\/patriciocerda.com\/wp-content\/uploads\/2022\/09\/KastenOAuth21-400x390.jpg 400w, https:\/\/patriciocerda.com\/wp-content\/uploads\/2022\/09\/KastenOAuth21-600x585.jpg 600w, https:\/\/patriciocerda.com\/wp-content\/uploads\/2022\/09\/KastenOAuth21-768x749.jpg 768w, https:\/\/patriciocerda.com\/wp-content\/uploads\/2022\/09\/KastenOAuth21-800x780.jpg 800w, https:\/\/patriciocerda.com\/wp-content\/uploads\/2022\/09\/KastenOAuth21-1024x998.jpg 1024w, https:\/\/patriciocerda.com\/wp-content\/uploads\/2022\/09\/KastenOAuth21-1200x1170.jpg 1200w, https:\/\/patriciocerda.com\/wp-content\/uploads\/2022\/09\/KastenOAuth21-1536x1498.jpg 1536w\" sizes=\"(max-width: 400px) 100vw, 400px\" \/><\/a><\/p>\n<ul>\n<li>Llenamos el formulario con los siguientes datos:\n<ul>\n<li><strong>Name<\/strong>: Identificador unico para el Identity Provider<\/li>\n<li><strong>URL<\/strong>: URL de conexion con AD<\/li>\n<li><strong>Bind<\/strong> <strong>DN<\/strong>: DN del usuario con el que nos conectaremos a AD.<\/li>\n<li><strong>Bind Password<\/strong>: Password del usuario para conectarnos a AD.<\/li>\n<li><strong>ID<\/strong>: name<\/li>\n<li><strong>Prefered username<\/strong>: sAMAccountName<\/li>\n<li><strong>Name<\/strong>: cn<\/li>\n<li><strong>Email<\/strong>: UserPrincipalName<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<p><a href=\"https:\/\/patriciocerda.com\/wp-content\/uploads\/2022\/09\/KastenOAuth22.jpg\"><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter wp-image-1399\" src=\"https:\/\/patriciocerda.com\/wp-content\/uploads\/2022\/09\/KastenOAuth22-300x263.jpg\" alt=\"\" width=\"400\" height=\"351\" srcset=\"https:\/\/patriciocerda.com\/wp-content\/uploads\/2022\/09\/KastenOAuth22-200x176.jpg 200w, https:\/\/patriciocerda.com\/wp-content\/uploads\/2022\/09\/KastenOAuth22-300x263.jpg 300w, https:\/\/patriciocerda.com\/wp-content\/uploads\/2022\/09\/KastenOAuth22-400x351.jpg 400w, https:\/\/patriciocerda.com\/wp-content\/uploads\/2022\/09\/KastenOAuth22-600x527.jpg 600w, https:\/\/patriciocerda.com\/wp-content\/uploads\/2022\/09\/KastenOAuth22-768x675.jpg 768w, https:\/\/patriciocerda.com\/wp-content\/uploads\/2022\/09\/KastenOAuth22-800x703.jpg 800w, https:\/\/patriciocerda.com\/wp-content\/uploads\/2022\/09\/KastenOAuth22-1024x899.jpg 1024w, https:\/\/patriciocerda.com\/wp-content\/uploads\/2022\/09\/KastenOAuth22-1200x1054.jpg 1200w, https:\/\/patriciocerda.com\/wp-content\/uploads\/2022\/09\/KastenOAuth22-1536x1349.jpg 1536w\" sizes=\"(max-width: 400px) 100vw, 400px\" \/><\/a><\/p>\n<ul>\n<li>Hacemos click en <strong>Add <\/strong>para finalizar la creaci\u00f3n del Identity Provider<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<p>Opcionalmente podemos simplemente editar el fichero YAML de OAuth y a\u00f1adir los siguientes datos:<\/p>\n<style type=\"text\/css\" scopped=\"scopped\">.fusion-syntax-highlighter-1 > .CodeMirror, .fusion-syntax-highlighter-1 > .CodeMirror .CodeMirror-gutters {background-color:var(--awb-color1);}.fusion-syntax-highlighter-1 > .CodeMirror .CodeMirror-gutters { background-color: var(--awb-color2); }.fusion-syntax-highlighter-1 > .CodeMirror .CodeMirror-linenumber { color: var(--awb-color8); }<\/style><div class=\"fusion-syntax-highlighter-container fusion-syntax-highlighter-1 fusion-syntax-highlighter-theme-light\" style=\"opacity:0;margin-top:0px;margin-right:0px;margin-bottom:0px;margin-left:0px;font-size:14px;border-width:1px;border-style:solid;border-color:var(--awb-color3);\"><div class=\"syntax-highlighter-copy-code\"><span class=\"syntax-highlighter-copy-code-title\" data-id=\"fusion_syntax_highlighter_1\" style=\"font-size:14px;\">Copy to Clipboard<\/span><\/div><label for=\"fusion_syntax_highlighter_1\" class=\"screen-reader-text\">Syntax Highlighter<\/label><textarea class=\"fusion-syntax-highlighter-textarea\" id=\"fusion_syntax_highlighter_1\" data-readOnly=\"nocursor\" data-lineNumbers=\"1\" data-lineWrapping=\"\" data-theme=\"default\" data-mode=\"text\/x-sh\">spec:\n  identityProviders:\n    - ldap:\n        attributes:\n          email:\n            - UserPrincipalName\n          id:\n            - name\n          name:\n            - cn\n          preferredUsername:\n            - sAMAccountName\n        bindDN: 'CN=ocpadmin,CN=Users,DC=homelab,DC=local'\n        bindPassword:\n          name: ldap-secret\n        insecure: true\n        url: >-\n          ldap:\/\/adlab01.homelab.local\/CN=Users,DC=homelab,DC=local?sAMAccountName??(objectClass=person)\n      mappingMethod: claim\n      name: HomeLab AD\n      type: LDAP<\/textarea><\/div>\n<p>&nbsp;<\/p>\n<p><a href=\"https:\/\/patriciocerda.com\/wp-content\/uploads\/2022\/12\/ocpoauth.jpg\"><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter wp-image-1431\" src=\"https:\/\/patriciocerda.com\/wp-content\/uploads\/2022\/12\/ocpoauth-300x265.jpg\" alt=\"\" width=\"397\" height=\"351\" srcset=\"https:\/\/patriciocerda.com\/wp-content\/uploads\/2022\/12\/ocpoauth-200x177.jpg 200w, https:\/\/patriciocerda.com\/wp-content\/uploads\/2022\/12\/ocpoauth-300x265.jpg 300w, https:\/\/patriciocerda.com\/wp-content\/uploads\/2022\/12\/ocpoauth-400x353.jpg 400w, https:\/\/patriciocerda.com\/wp-content\/uploads\/2022\/12\/ocpoauth-600x530.jpg 600w, https:\/\/patriciocerda.com\/wp-content\/uploads\/2022\/12\/ocpoauth-768x678.jpg 768w, https:\/\/patriciocerda.com\/wp-content\/uploads\/2022\/12\/ocpoauth-800x706.jpg 800w, https:\/\/patriciocerda.com\/wp-content\/uploads\/2022\/12\/ocpoauth-1024x904.jpg 1024w, https:\/\/patriciocerda.com\/wp-content\/uploads\/2022\/12\/ocpoauth-1200x1059.jpg 1200w, https:\/\/patriciocerda.com\/wp-content\/uploads\/2022\/12\/ocpoauth.jpg 1390w\" sizes=\"(max-width: 397px) 100vw, 397px\" \/><\/a><\/p>\n<p>&nbsp;<\/p>\n<h2><span class=\"ez-toc-section\" id=\"Sincronizar_los_grupos_de_AD_con_OpenShift\"><\/span>Sincronizar los grupos de AD con OpenShift<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>Una vez creado el Identity Provider para integrar OpenShift con AD, lo siguiente ser\u00e1 sincronizar los grupos de AD en OpenShift para que este ultimo pueda conocer los usuarios que pertenecen a los grupos requeridos.<\/p>\n<ul>\n<li>Creamos un fichero YAML con la configuracion requerida para sincronizar los grupos de AD que necesitemos, en mi caso los grupos ocpadmins (para gestionar OCP) y k10admins (para gestionar Kasten).<\/li>\n<\/ul>\n<p>[\/fusion_text]<style type=\"text\/css\" scopped=\"scopped\">.fusion-syntax-highlighter-2 > .CodeMirror, .fusion-syntax-highlighter-2 > .CodeMirror .CodeMirror-gutters {background-color:var(--awb-color1);}.fusion-syntax-highlighter-2 > .CodeMirror .CodeMirror-gutters { background-color: var(--awb-color2); }.fusion-syntax-highlighter-2 > .CodeMirror .CodeMirror-linenumber { color: var(--awb-color8); }<\/style><div class=\"fusion-syntax-highlighter-container fusion-syntax-highlighter-2 fusion-syntax-highlighter-theme-light\" style=\"opacity:0;margin-top:0px;margin-right:0px;margin-bottom:0px;margin-left:0px;font-size:14px;border-width:1px;border-style:solid;border-color:var(--awb-color3);\"><div class=\"syntax-highlighter-copy-code\"><span class=\"syntax-highlighter-copy-code-title\" data-id=\"fusion_syntax_highlighter_2\" style=\"font-size:14px;\">Copy to Clipboard<\/span><\/div><label for=\"fusion_syntax_highlighter_2\" class=\"screen-reader-text\">Syntax Highlighter<\/label><textarea class=\"fusion-syntax-highlighter-textarea\" id=\"fusion_syntax_highlighter_2\" data-readOnly=\"nocursor\" data-lineNumbers=\"1\" data-lineWrapping=\"\" data-theme=\"default\" data-mode=\"text\/x-sh\">kind: LDAPSyncConfig\napiVersion: v1\nurl: ldap:\/\/adlab01.homelab.local\nbindDN: CN=ocpadmin,CN=Users,DC=homelab,DC=local\nbindPassword: xxxxxxxxxxx\ninsecure: true\ngroupUIDNameMapping:\n    \"CN=Users,DC=homelab,DC=local\": ocpadmins\n    \"CN=Users,DC=homelab,DC=local\": k10admins\nactiveDirectory:\n    usersQuery:\n        baseDN: \"CN=Users,DC=homelab,DC=local\"\n        scope: sub\n        derefAliases: never\n        filter: (objectclass=person)\n        pageSize: 0\n    userNameAttributes: [ sAMAccountName ]\n    groupMembershipAttributes: [ memberOf ]<\/textarea><\/div><div class=\"fusion-text fusion-text-1\"><\/p>\n<ul>\n<li>Ejecutamos el siguiente comando para sincronizar ambos grupos de AD para que sean visible en Openshift<\/li>\n<\/ul>\n<p>\n<\/div><style type=\"text\/css\" scopped=\"scopped\">.fusion-syntax-highlighter-3 > .CodeMirror, .fusion-syntax-highlighter-3 > .CodeMirror .CodeMirror-gutters {background-color:var(--awb-color1);}.fusion-syntax-highlighter-3 > .CodeMirror .CodeMirror-gutters { background-color: var(--awb-color2); }.fusion-syntax-highlighter-3 > .CodeMirror .CodeMirror-linenumber { color: var(--awb-color8); }<\/style><div class=\"fusion-syntax-highlighter-container fusion-syntax-highlighter-3 fusion-syntax-highlighter-theme-light\" style=\"opacity:0;margin-top:0px;margin-right:0px;margin-bottom:0px;margin-left:0px;font-size:14px;border-width:1px;border-style:solid;border-color:var(--awb-color3);\"><div class=\"syntax-highlighter-copy-code\"><span class=\"syntax-highlighter-copy-code-title\" data-id=\"fusion_syntax_highlighter_3\" style=\"font-size:14px;\">Copy to Clipboard<\/span><\/div><label for=\"fusion_syntax_highlighter_3\" class=\"screen-reader-text\">Syntax Highlighter<\/label><textarea class=\"fusion-syntax-highlighter-textarea\" id=\"fusion_syntax_highlighter_3\" data-readOnly=\"nocursor\" data-lineNumbers=\"1\" data-lineWrapping=\"\" data-theme=\"default\" data-mode=\"text\/x-sh\">oc adm groups sync --sync-config=ldap-sync.yaml \"CN=ocpadmins,CN=Users,DC=homelab,DC=local\" --confirm\noc adm groups sync --sync-config=ldap-sync.yaml \"CN=k10admins,CN=Users,DC=homelab,DC=local\" --confirm<\/textarea><\/div><div class=\"fusion-text fusion-text-2\"><\/p>\n<p><a href=\"https:\/\/patriciocerda.com\/wp-content\/uploads\/2022\/09\/KastenOAuth24-scaled.jpg\"><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter wp-image-1400\" src=\"https:\/\/patriciocerda.com\/wp-content\/uploads\/2022\/09\/KastenOAuth24-300x83.jpg\" alt=\"\" width=\"502\" height=\"139\" srcset=\"https:\/\/patriciocerda.com\/wp-content\/uploads\/2022\/09\/KastenOAuth24-200x55.jpg 200w, https:\/\/patriciocerda.com\/wp-content\/uploads\/2022\/09\/KastenOAuth24-300x83.jpg 300w, https:\/\/patriciocerda.com\/wp-content\/uploads\/2022\/09\/KastenOAuth24-400x110.jpg 400w, https:\/\/patriciocerda.com\/wp-content\/uploads\/2022\/09\/KastenOAuth24-600x165.jpg 600w, https:\/\/patriciocerda.com\/wp-content\/uploads\/2022\/09\/KastenOAuth24-768x211.jpg 768w, https:\/\/patriciocerda.com\/wp-content\/uploads\/2022\/09\/KastenOAuth24-800x220.jpg 800w, https:\/\/patriciocerda.com\/wp-content\/uploads\/2022\/09\/KastenOAuth24-1024x282.jpg 1024w, https:\/\/patriciocerda.com\/wp-content\/uploads\/2022\/09\/KastenOAuth24-1200x330.jpg 1200w, https:\/\/patriciocerda.com\/wp-content\/uploads\/2022\/09\/KastenOAuth24-1536x423.jpg 1536w\" sizes=\"(max-width: 502px) 100vw, 502px\" \/><\/a><\/p>\n<p>&nbsp;<\/p>\n<ul>\n<li>Finalmente aplicamos el rol requerido para cada grupo.\u00a0 En este punto, le aplicaremos el clusterrole cluster-admin al grupo ocpadmins.<\/li>\n<\/ul>\n<p>\n<\/div><style type=\"text\/css\" scopped=\"scopped\">.fusion-syntax-highlighter-4 > .CodeMirror, .fusion-syntax-highlighter-4 > .CodeMirror .CodeMirror-gutters {background-color:var(--awb-color1);}.fusion-syntax-highlighter-4 > .CodeMirror .CodeMirror-gutters { background-color: var(--awb-color2); }.fusion-syntax-highlighter-4 > .CodeMirror .CodeMirror-linenumber { color: var(--awb-color8); }<\/style><div class=\"fusion-syntax-highlighter-container fusion-syntax-highlighter-4 fusion-syntax-highlighter-theme-light\" style=\"opacity:0;margin-top:0px;margin-right:0px;margin-bottom:0px;margin-left:0px;font-size:14px;border-width:1px;border-style:solid;border-color:var(--awb-color3);\"><div class=\"syntax-highlighter-copy-code\"><span class=\"syntax-highlighter-copy-code-title\" data-id=\"fusion_syntax_highlighter_4\" style=\"font-size:14px;\">Copy to Clipboard<\/span><\/div><label for=\"fusion_syntax_highlighter_4\" class=\"screen-reader-text\">Syntax Highlighter<\/label><textarea class=\"fusion-syntax-highlighter-textarea\" id=\"fusion_syntax_highlighter_4\" data-readOnly=\"nocursor\" data-lineNumbers=\"1\" data-lineWrapping=\"\" data-theme=\"default\" data-mode=\"text\/x-sh\">oc adm policy add-cluster-role-to-group cluster-admin ocpadmins<\/textarea><\/div><div class=\"fusion-text fusion-text-3\"><\/div><\/p>\n<ul>\n<li>Si nos conectamos ahora a nuestro cluster OpenShift, veremos que tenemos el Identity Provider para autenticarnos (HomeLab AD). Utilizamos un usario del grupo <b>ocpadmins <\/b>para probar la autenticaci\u00f3n.<\/li>\n<\/ul>\n<p><a href=\"https:\/\/patriciocerda.com\/wp-content\/uploads\/2022\/09\/KastenOAuth25.jpg\"><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter wp-image-1401\" src=\"https:\/\/patriciocerda.com\/wp-content\/uploads\/2022\/09\/KastenOAuth25-300x130.jpg\" alt=\"\" width=\"369\" height=\"160\" srcset=\"https:\/\/patriciocerda.com\/wp-content\/uploads\/2022\/09\/KastenOAuth25-200x87.jpg 200w, https:\/\/patriciocerda.com\/wp-content\/uploads\/2022\/09\/KastenOAuth25-300x130.jpg 300w, https:\/\/patriciocerda.com\/wp-content\/uploads\/2022\/09\/KastenOAuth25-400x173.jpg 400w, https:\/\/patriciocerda.com\/wp-content\/uploads\/2022\/09\/KastenOAuth25-600x260.jpg 600w, https:\/\/patriciocerda.com\/wp-content\/uploads\/2022\/09\/KastenOAuth25-768x332.jpg 768w, https:\/\/patriciocerda.com\/wp-content\/uploads\/2022\/09\/KastenOAuth25-800x346.jpg 800w, https:\/\/patriciocerda.com\/wp-content\/uploads\/2022\/09\/KastenOAuth25-1024x443.jpg 1024w, https:\/\/patriciocerda.com\/wp-content\/uploads\/2022\/09\/KastenOAuth25-1200x519.jpg 1200w, https:\/\/patriciocerda.com\/wp-content\/uploads\/2022\/09\/KastenOAuth25.jpg 1306w\" sizes=\"(max-width: 369px) 100vw, 369px\" \/><\/a><\/p>\n<p><a href=\"https:\/\/patriciocerda.com\/wp-content\/uploads\/2022\/09\/KastenOAuth26.jpg\"><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter wp-image-1402\" src=\"https:\/\/patriciocerda.com\/wp-content\/uploads\/2022\/09\/KastenOAuth26-300x159.jpg\" alt=\"\" width=\"379\" height=\"201\" srcset=\"https:\/\/patriciocerda.com\/wp-content\/uploads\/2022\/09\/KastenOAuth26-200x106.jpg 200w, https:\/\/patriciocerda.com\/wp-content\/uploads\/2022\/09\/KastenOAuth26-300x159.jpg 300w, https:\/\/patriciocerda.com\/wp-content\/uploads\/2022\/09\/KastenOAuth26-400x212.jpg 400w, https:\/\/patriciocerda.com\/wp-content\/uploads\/2022\/09\/KastenOAuth26-600x318.jpg 600w, https:\/\/patriciocerda.com\/wp-content\/uploads\/2022\/09\/KastenOAuth26-768x407.jpg 768w, https:\/\/patriciocerda.com\/wp-content\/uploads\/2022\/09\/KastenOAuth26-800x424.jpg 800w, https:\/\/patriciocerda.com\/wp-content\/uploads\/2022\/09\/KastenOAuth26-1024x542.jpg 1024w, https:\/\/patriciocerda.com\/wp-content\/uploads\/2022\/09\/KastenOAuth26-1200x635.jpg 1200w, https:\/\/patriciocerda.com\/wp-content\/uploads\/2022\/09\/KastenOAuth26.jpg 1303w\" sizes=\"(max-width: 379px) 100vw, 379px\" \/><\/a><\/p>\n<p><a href=\"https:\/\/patriciocerda.com\/wp-content\/uploads\/2022\/09\/KastenOAuth27-scaled.jpg\"><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter wp-image-1403\" src=\"https:\/\/patriciocerda.com\/wp-content\/uploads\/2022\/09\/KastenOAuth27-300x87.jpg\" alt=\"\" width=\"400\" height=\"116\" srcset=\"https:\/\/patriciocerda.com\/wp-content\/uploads\/2022\/09\/KastenOAuth27-200x58.jpg 200w, https:\/\/patriciocerda.com\/wp-content\/uploads\/2022\/09\/KastenOAuth27-300x87.jpg 300w, https:\/\/patriciocerda.com\/wp-content\/uploads\/2022\/09\/KastenOAuth27-400x116.jpg 400w, https:\/\/patriciocerda.com\/wp-content\/uploads\/2022\/09\/KastenOAuth27-600x175.jpg 600w, https:\/\/patriciocerda.com\/wp-content\/uploads\/2022\/09\/KastenOAuth27-768x223.jpg 768w, https:\/\/patriciocerda.com\/wp-content\/uploads\/2022\/09\/KastenOAuth27-800x233.jpg 800w, https:\/\/patriciocerda.com\/wp-content\/uploads\/2022\/09\/KastenOAuth27-1024x298.jpg 1024w, https:\/\/patriciocerda.com\/wp-content\/uploads\/2022\/09\/KastenOAuth27-1200x349.jpg 1200w, https:\/\/patriciocerda.com\/wp-content\/uploads\/2022\/09\/KastenOAuth27-1536x447.jpg 1536w\" sizes=\"(max-width: 400px) 100vw, 400px\" \/><\/a><\/p>\n<p>&nbsp;<\/p>\n<p>Con esto ya tenemos integrado nuestro dominio Active Directory como proveedor OAuth en OpenShift.\u00a0 OAuth se puede utilizar para que otras aplicaciones corriendo en OpenShift puedan utilizar la autenticaci\u00f3n mendiante los OAuth providers configurados, en este caso, Active Directory.<\/p>\n<p>&nbsp;<\/p>\n<p>Gracias!!!<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Hola a todos!!! En este post hablaremos sobre como integrar<\/p>\n","protected":false},"author":1,"featured_media":1430,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"footnotes":""},"categories":[27,72,68],"tags":[65,32,31,70,66,69],"aioseo_notices":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v24.5 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>OpenShift - A\u00f1adiendo Active Directory como OAuth Provider - vLatam<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/patriciocerda.com\/?p=1428\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"OpenShift - A\u00f1adiendo Active Directory como OAuth Provider - vLatam\" \/>\n<meta property=\"og:description\" content=\"Hola a todos!!! En este post hablaremos sobre como integrar\" \/>\n<meta property=\"og:url\" content=\"https:\/\/patriciocerda.com\/?p=1428\" \/>\n<meta property=\"og:site_name\" content=\"vLatam\" \/>\n<meta property=\"article:published_time\" content=\"2022-09-12T10:41:13+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2022-12-21T10:54:57+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/patriciocerda.com\/wp-content\/uploads\/2022\/12\/IntroBlog1398.png\" \/>\n\t<meta property=\"og:image:width\" content=\"1280\" \/>\n\t<meta property=\"og:image:height\" content=\"720\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"pcerda\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"pcerda\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/patriciocerda.com\/?p=1428\",\"url\":\"https:\/\/patriciocerda.com\/?p=1428\",\"name\":\"OpenShift - A\u00f1adiendo Active Directory como OAuth Provider - vLatam\",\"isPartOf\":{\"@id\":\"https:\/\/patriciocerda.com\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/patriciocerda.com\/?p=1428#primaryimage\"},\"image\":{\"@id\":\"https:\/\/patriciocerda.com\/?p=1428#primaryimage\"},\"thumbnailUrl\":\"https:\/\/patriciocerda.com\/wp-content\/uploads\/2022\/12\/IntroBlog1398.png\",\"datePublished\":\"2022-09-12T10:41:13+00:00\",\"dateModified\":\"2022-12-21T10:54:57+00:00\",\"author\":{\"@id\":\"https:\/\/patriciocerda.com\/#\/schema\/person\/613aa192d7dbcedcd20e08318891aa2a\"},\"breadcrumb\":{\"@id\":\"https:\/\/patriciocerda.com\/?p=1428#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/patriciocerda.com\/?p=1428\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/patriciocerda.com\/?p=1428#primaryimage\",\"url\":\"https:\/\/patriciocerda.com\/wp-content\/uploads\/2022\/12\/IntroBlog1398.png\",\"contentUrl\":\"https:\/\/patriciocerda.com\/wp-content\/uploads\/2022\/12\/IntroBlog1398.png\",\"width\":1280,\"height\":720},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/patriciocerda.com\/?p=1428#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/patriciocerda.com\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"OpenShift &#8211; A\u00f1adiendo Active Directory como OAuth Provider\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/patriciocerda.com\/#website\",\"url\":\"https:\/\/patriciocerda.com\/\",\"name\":\"vLatam\",\"description\":\"El Blog de Patricio Cerda\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/patriciocerda.com\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/patriciocerda.com\/#\/schema\/person\/613aa192d7dbcedcd20e08318891aa2a\",\"name\":\"pcerda\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/patriciocerda.com\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/patriciocerda.com\/wp-content\/litespeed\/avatar\/ce92117b9294544adeaad229a8fbac13.jpg?ver=1778589913\",\"contentUrl\":\"https:\/\/patriciocerda.com\/wp-content\/litespeed\/avatar\/ce92117b9294544adeaad229a8fbac13.jpg?ver=1778589913\",\"caption\":\"pcerda\"},\"url\":\"https:\/\/patriciocerda.com\/?author=1\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"OpenShift - A\u00f1adiendo Active Directory como OAuth Provider - vLatam","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/patriciocerda.com\/?p=1428","og_locale":"en_US","og_type":"article","og_title":"OpenShift - A\u00f1adiendo Active Directory como OAuth Provider - vLatam","og_description":"Hola a todos!!! En este post hablaremos sobre como integrar","og_url":"https:\/\/patriciocerda.com\/?p=1428","og_site_name":"vLatam","article_published_time":"2022-09-12T10:41:13+00:00","article_modified_time":"2022-12-21T10:54:57+00:00","og_image":[{"width":1280,"height":720,"url":"https:\/\/patriciocerda.com\/wp-content\/uploads\/2022\/12\/IntroBlog1398.png","type":"image\/png"}],"author":"pcerda","twitter_card":"summary_large_image","twitter_misc":{"Written by":"pcerda","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/patriciocerda.com\/?p=1428","url":"https:\/\/patriciocerda.com\/?p=1428","name":"OpenShift - A\u00f1adiendo Active Directory como OAuth Provider - vLatam","isPartOf":{"@id":"https:\/\/patriciocerda.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/patriciocerda.com\/?p=1428#primaryimage"},"image":{"@id":"https:\/\/patriciocerda.com\/?p=1428#primaryimage"},"thumbnailUrl":"https:\/\/patriciocerda.com\/wp-content\/uploads\/2022\/12\/IntroBlog1398.png","datePublished":"2022-09-12T10:41:13+00:00","dateModified":"2022-12-21T10:54:57+00:00","author":{"@id":"https:\/\/patriciocerda.com\/#\/schema\/person\/613aa192d7dbcedcd20e08318891aa2a"},"breadcrumb":{"@id":"https:\/\/patriciocerda.com\/?p=1428#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/patriciocerda.com\/?p=1428"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/patriciocerda.com\/?p=1428#primaryimage","url":"https:\/\/patriciocerda.com\/wp-content\/uploads\/2022\/12\/IntroBlog1398.png","contentUrl":"https:\/\/patriciocerda.com\/wp-content\/uploads\/2022\/12\/IntroBlog1398.png","width":1280,"height":720},{"@type":"BreadcrumbList","@id":"https:\/\/patriciocerda.com\/?p=1428#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/patriciocerda.com\/"},{"@type":"ListItem","position":2,"name":"OpenShift &#8211; A\u00f1adiendo Active Directory como OAuth Provider"}]},{"@type":"WebSite","@id":"https:\/\/patriciocerda.com\/#website","url":"https:\/\/patriciocerda.com\/","name":"vLatam","description":"El Blog de Patricio Cerda","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/patriciocerda.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/patriciocerda.com\/#\/schema\/person\/613aa192d7dbcedcd20e08318891aa2a","name":"pcerda","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/patriciocerda.com\/#\/schema\/person\/image\/","url":"https:\/\/patriciocerda.com\/wp-content\/litespeed\/avatar\/ce92117b9294544adeaad229a8fbac13.jpg?ver=1778589913","contentUrl":"https:\/\/patriciocerda.com\/wp-content\/litespeed\/avatar\/ce92117b9294544adeaad229a8fbac13.jpg?ver=1778589913","caption":"pcerda"},"url":"https:\/\/patriciocerda.com\/?author=1"}]}},"jetpack_featured_media_url":"https:\/\/patriciocerda.com\/wp-content\/uploads\/2022\/12\/IntroBlog1398.png","_links":{"self":[{"href":"https:\/\/patriciocerda.com\/index.php?rest_route=\/wp\/v2\/posts\/1428"}],"collection":[{"href":"https:\/\/patriciocerda.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/patriciocerda.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/patriciocerda.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/patriciocerda.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=1428"}],"version-history":[{"count":1,"href":"https:\/\/patriciocerda.com\/index.php?rest_route=\/wp\/v2\/posts\/1428\/revisions"}],"predecessor-version":[{"id":1432,"href":"https:\/\/patriciocerda.com\/index.php?rest_route=\/wp\/v2\/posts\/1428\/revisions\/1432"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/patriciocerda.com\/index.php?rest_route=\/wp\/v2\/media\/1430"}],"wp:attachment":[{"href":"https:\/\/patriciocerda.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=1428"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/patriciocerda.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=1428"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/patriciocerda.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=1428"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}