Configuring Wazi Developer for Workspaces

Resolving the error of authorization token is missing

Self-signed certificates are certificates that are not signed by a certificate authority (CA). Self-signed certificates do not provide all of the security properties that certificates signed by a CA aim to provide. For example, when a website owner uses a self-signed certificate to provide HTTPS services, users who visit that website will see the following warning in their browser:

Authorization token is missing. Click here to reload page will block the login process.

Therefore, after installing Wazi Developer for Workspaces on OpenShift Container Platform with TLS support and a self-signed certificate, a user must add a self-signed TLS certificate to the browser for each route exposed in Wazi Developer for Workspaces. Otherwise, the warning is displayed.

To resolve the error, follow this link to Importing certificates to browsers.

Using external database for storage and external identity providers for authentication

By default, Wazi Developer for Workspaces uses Keycloak authentication service in the product. Wazi Developer for Workspaces also supports using OpenShift OAuth in authentication options, and it is recommended to configure this for increased security and user/admin account support. OpenShift OAuth authentication support requires OAuth to be configured in the cluster. It automatically configures Keycloak (RH-SSO) authentication services and allows you to use other external identity providers for the authentication and other external databases for storage.

Keycloak is a prerequisite to configure CodeReady Workspaces in multi-user mode. The CodeReady Workspaces administrator can choose to connect CodeReady Workspaces to an existing Keycloak instance or let the CodeReady Workspaces deployment start a new dedicated Keycloak instance.

Setting Workspace timeout limit

By default, Wazi Developer for Workspaces offers a 30 minutes (1800000 milliseconds) workspace timeout. To configure a timeout limit for Wazi Developer for Workspaces, issue the following command:

oc patch cheCluster/wazi-codeready-workspaces -n wazi-codeready-workspaces -p '{"spec": {"server": {"customCheProperties": {"CHE_LIMITS_WORKSPACE_IDLE_TIMEOUT":"-1" }}}}' --type merge

Note: In this example, the "CHE_LIMITS_WORKSPACE_IDLE_TIMEOUT":"-1" indicates the workspace will never time out. You can set your own timeout by providing a different value in milliseconds unit.

Additional customCheProperties can be configured and are listed under Advanced configuration options for the Che server component.