How to Setup InterSystems IRIS Container to Use OS-Level Authentication Programmatically
Hi Community!
When you run IRIS container out-of-the-box and connect to it via terminal e.g. with:
docker-compose exec iris bashYou see something like:
root@7b19f545187b:/opt/app# irissession IRIS
Node: 7b19f545187b, Instance: IRIS
Username: ***
Password: ***
USER>And you enter login and password every time.
How to programmatically setup docker-compose file to have IRIS container with OS authentication enabled? And have the following while entering the terminal:
root@7b19f545187b:/opt/app# irissession IRIS
Node: 7b19f545187b, Instance: IRIS
USER>
Comments
Check out my series of articles Continuous Delivery of your InterSystems solution using GitLab it talks about many features, related to automating these kind of tasks. In particular, Part VII (CD using containers) talks about programmatic enabling of OS-level authentication.
One substitution in your code to use $zboolean to account for cases where it had already been enabled (in which case your code would disable it).
Instead of:
Set p("AutheEnabled")=p("AutheEnabled")+16Use
Set p("AutheEnabled")=$zb(p("AutheEnabled"),16,7)To activate OS authentication in your docker image, you can run this code, in %SYS namespace
Do ##class(Security.System).Get(,.p) Set p("AutheEnabled")=p("AutheEnabled")+16 Do ##class(Security.System).Modify(,.p)
If you work with community edition, you can use my image, where you can easily define also user and password for external use.
Running server
$ docker run -d --rm --name iris \
-p 52773:52773 \
-e IRIS_USER=test \
-e IRIS_PASSWORD=test \
daimor/intersystems-iris:2019.1.0S.111.0-communityTerminal connect
$ docker exec -it iris iris session iris
Node: 413a4da758e7, Instance: IRIS
USER>write $username
root
USER>write $roles
%AllOr with docker-compose, something like this
iris:
image: daimor/intersystems-iris:2019.1.0S.111.0-community
ports:
- 52773:52773
environment:
IRIS_USER: ${IRIS_PASSWORD:-test}
IRIS_PASSWORD: ${IRIS_PASSWORD:-test}