By default ecflow requires a user name. By default ecflow_client will use the login name(UID). The naem is used for logging and to enable/disable access, when used in ecFlow White list file or Black list file
However this can be problematic in certain cases, when working remotely, where the login name (UID) used on the remote machine does not match the UID for user used for accessing the server.
To get round this we can specify the user:
- export ECF_USER=fred; ecflow_client --ping
- ecflow_client --user fred --ping
However this would allow user to pose as someone else. Hence in order to use this a password must be provided. See Black list file
Additionally we do not want all user to be forced to use a password just because one user is working remotely.
Hence ecflow_server has special support for password for those users, using ECF_USER or --user on the client side.
An additional password file , can be specified ECF_CUSTOM_USER cab be used. (the format is same as Black list file).
<host>.<port?.ecf.custom_passwd
The server will load during server start time.
export ECF_CUSTOM_USER=polonius.3142.ecf.custom_passwd ecflow_start.sh -p 3142
Additionally if new users are added/removed this file can be reloaded at run time with:
ecflow_client --reloadcustompasswdfile # server we reload polonius.3142.ecf.custom_passwd