By default, ecflow requires a user name.
ecflow_client will use the login name(UID) for the user name by default.
The name is used for logging and to enable/disable access, when used in ecFlow White list file or Black list file
However, this can be problematic in certain cases, when working remotely, where the login name (UID) used on the remote machine(client) does not match the UID for the user for accessing the server.
To get around this we can specify the user:
- ECF_USER
export ECF_USER=fred; ecflow_client --ping
- --user
ecflow_client --user fred --ping
- python
import ecflow cl = ecflow.Client("polonius",3142) cl.set_user_name("fred") cl.ping()
However, this would allow user to pose as someone else. Hence in order to use this functionality, a password must be provided. See Black list file
Additionally, we do not want all users to be forced to use a password just because one user is working remotely.
Hence ecflow_server has special support for the password for those users, using ECF_USER or --user on the client-side.
An additional password file can be specified (the format is the same as Black list file).
<host>.<port>.ecf.custom_passwd
The server will look for this file during startup, alternatively, we can explicitly set the ECF_CUSTOM_PASSWD environment variable
export ECF_CUSTOM_PASSWD=polonius.3142.ecf.custom_passwd ecflow_start.sh -p 3142
Additionally, if new users are added/removed this file can be reloaded at run time with:
ecflow_client --reloadcustompasswdfile # server we reload polonius.3142.ecf.custom_passwd