By default ecflow requires a user name.
ecflow_client will use the login name(UID) for the user name by default.
The name is used for logging and to enable/disable access, when used in ecFlow White list file or Black list file
However this can be problematic in certain cases, when working remotely, where the login name (UID) used on the remote machine does not match the UID for user for accessing the server.
To get round this we can specify the user:
- ECF_USER
export ECF_USER=fred; ecflow_client --ping # send a message to the server posing as user fred
- --user
ecflow_client --user fred --ping # send a message to the server posing as user fred
- python
import ecflow cl =ecflow.Client("polonius",3142) cl.set_user_name("fred") cl.ping()
However this would allow user to pose as someone else. Hence in order to use this a password must be provided. See Black list file
Additionally we do not want all user to be forced to use a password just because one user is working remotely.
Hence ecflow_server has special support for password for those users, using ECF_USER or --user on the client side.
An additional password file , can be specified (the format is same as Black list file).
<host>.<port>.ecf.custom_passwd
The server will look for this file during start up, alternatively we can explicitly set the ECF_CUSTOM_PASSWD environment variable
export ECF_CUSTOM_USER=polonius.3142.ecf.custom_passwd ecflow_start.sh -p 3142
Additionally if new users are added/removed this file can be reloaded at run time with:
ecflow_client --reloadcustompasswdfile # server we reload polonius.3142.ecf.custom_passwd