Skip to content

Commit

Permalink
[ci skip] Autodoc commit for 4ddaec3.
Browse files Browse the repository at this point in the history
  • Loading branch information
@oscwiag
oscwiag committed Nov 26, 2024
1 parent 67dddfd commit e774a68
Show file tree
Hide file tree
Showing 14 changed files with 236 additions and 653 deletions.
63 changes: 51 additions & 12 deletions develop/_sources/security.rst.txt
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,7 @@ Introduction
This document details the security framework for Open OnDemand, providing essential information that administrators need to know for secure deployment and operation.

.. note::
If you're here to report a vulerability, you may refer to :ref:`vulnerability-management`.
If you're here to report a vulnerability, you may refer to :ref:`vulnerability-management`.

Considerations
--------------
Expand Down Expand Up @@ -38,19 +38,58 @@ that some centers may want to change or disable altogether.
Additionally, you may want to disable or limit access to the application. You can do this
through :ref:`disabling_applications`.

Conclusion
----------
Maintaining a secure and robust operational environment is critical for the success of Open OnDemand. Administrators are encouraged to implement the security practices recommended in this guide and to regularly review security settings and updates.
.. _vulnerability-management:

Vulnerability Management
------------------------

Vulnerability management is a critical component of the security strategy for Open OnDemand.
This document outlines the procedures for reporting and managing vulnerabilities.

Reporting a Vulnerability
^^^^^^^^^^^^^^^^^^^^^^^^^

If you have security concerns or think you have found a vulnerability, please submit a
private report by visiting the 'Security' section of our GitHub located at
`GitHub Open OnDemand Security <https://github.com/OSC/ondemand/security/>`_ and
clicking 'Report a vulnerability'.

For direct inquiries or issues in submitting a report, contact the core project team
via email at [email protected].

Disclosure Policy
^^^^^^^^^^^^^^^^^

- Upon reporting, you will receive a response within hours, acknowledging the receipt of the report.
- A primary handler from the team will be assigned to coordinate the fix and release process:
- Confirm the problem and determine the affected versions (1-2 days).
- Audit code to find any potential similar problems.
- Prepare fixes for all releases still under maintenance and release as soon as possible.

Comments on Policy
^^^^^^^^^^^^^^^^^^

Suggestions to improve this process can be made via submitting a ticket, opening a
Discourse topic, or a pull request.

Security Audits
^^^^^^^^^^^^^^^

Open OnDemand has been audited several times by Trusted CI, the NSF Cybersecurity
Center of Excellence. The latest engagement report is available
`here <https://openondemand.org/sites/default/files/documents/Trusted%20CI%20Open%20OnDemand%20Engagement%20Final%20Report%20-%20REDACTED%20FOR%20PUBLIC%20RELEASE%20210712_0.pdf>`__.
These audits have helped shape the security landscape of the platform and contribute
to its ongoing security enhancements.


Maintaining a secure and robust operational environment is critical for the success of
Open OnDemand. Administrators are encouraged to implement the security practices
recommended in this guide and to regularly review security settings and updates.


Relevant References
-------------------

.. toctree::
:maxdepth: 2
:caption: Security Topics

security/vulnerability-management
authentication/overview
how-tos/monitoring/logging
customizations
- :ref:`Authentication Overview <authentication-overview>`
- :ref:`Logging <logging>`
- :ref:`Customizations <customizations>`
42 changes: 0 additions & 42 deletions develop/_sources/security/vulnerability-management.rst.txt
View file

This file was deleted.

49 changes: 28 additions & 21 deletions develop/authentication/overview.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -102,9 +102,33 @@


<p class="caption"><span class="caption-text">Getting Started</span></p>
<ul>
<ul class="current">
<li class="toctree-l1"><a class="reference internal" href="../requirements.html">Requirements</a></li>
<li class="toctree-l1"><a class="reference internal" href="../installation.html">Installation</a></li>
<li class="toctree-l1 current"><a class="reference internal" href="../installation.html">Installation</a><ul class="current">
<li class="toctree-l2"><a class="reference internal" href="../installation/install-software.html">1. Install Software</a></li>
<li class="toctree-l2 current"><a class="reference internal" href="../authentication.html">2. Authentication</a><ul class="current">
<li class="toctree-l3 current"><a class="current reference internal" href="#">Overview</a><ul>
<li class="toctree-l4"><a class="reference internal" href="overview/configure-authentication.html">1. Configure Apache Authentication</a></li>
<li class="toctree-l4"><a class="reference internal" href="overview/map-user.html">2. Setup User Mapping</a></li>
<li class="toctree-l4"><a class="reference internal" href="overview/configure-logout.html">3. Configure Logout</a></li>
</ul>
</li>
<li class="toctree-l3"><a class="reference internal" href="oidc.html">OpenID Connect</a></li>
<li class="toctree-l3"><a class="reference internal" href="dex.html">OpenID Connect with Dex</a></li>
<li class="toctree-l3"><a class="reference internal" href="shibboleth.html">Shibboleth</a></li>
<li class="toctree-l3"><a class="reference internal" href="cas.html">CAS</a></li>
<li class="toctree-l3"><a class="reference internal" href="tutorial-oidc-keycloak-rhel7.html">OpenID Connect with KeyCloak on RHEL7</a></li>
<li class="toctree-l3"><a class="reference internal" href="duo-2fa-with-keycloak.html">Two Factor Auth using Duo with Keycloak</a></li>
<li class="toctree-l3"><a class="reference internal" href="adfs-with-auth-mellon.html">SAML Authentication with Active Directory Federated Services (ADFS) and mod_auth_mellon</a></li>
<li class="toctree-l3"><a class="reference internal" href="nsf-access.html">NSF ACCESS</a></li>
<li class="toctree-l3"><a class="reference internal" href="insecure.html">Other Insecure Options</a></li>
</ul>
</li>
<li class="toctree-l2"><a class="reference internal" href="../installation/add-ssl.html">3. Secure Apache httpd</a></li>
<li class="toctree-l2"><a class="reference internal" href="../installation/modify-system-security.html">4. Add SELinux</a></li>
<li class="toctree-l2"><a class="reference internal" href="../installation.html#building-from-source">Building From Source</a></li>
</ul>
</li>
<li class="toctree-l1"><a class="reference internal" href="../installation/add-cluster-config.html">Cluster Configuration</a></li>
<li class="toctree-l1"><a class="reference internal" href="../how-tos/app-development/interactive/setup.html">Setup Interactive Apps</a></li>
</ul>
Expand All @@ -123,27 +147,10 @@
<li class="toctree-l1"><a class="reference internal" href="../tutorials/tutorials-dashboard-apps.html">Developing The OOD Dashboard</a></li>
</ul>
<p class="caption"><span class="caption-text">Reference</span></p>
<ul class="current">
<ul>
<li class="toctree-l1"><a class="reference internal" href="../architecture.html">Architecture</a></li>
<li class="toctree-l1"><a class="reference internal" href="../reference.html">Configuration Reference</a></li>
<li class="toctree-l1 current"><a class="reference internal" href="../security.html">Security</a><ul class="current">
<li class="toctree-l2"><a class="reference internal" href="../security.html#introduction">Introduction</a></li>
<li class="toctree-l2"><a class="reference internal" href="../security.html#considerations">Considerations</a></li>
<li class="toctree-l2"><a class="reference internal" href="../security.html#conclusion">Conclusion</a></li>
<li class="toctree-l2 current"><a class="reference internal" href="../security.html#relevant-references">Relevant References</a><ul class="current">
<li class="toctree-l3"><a class="reference internal" href="../security/vulnerability-management.html">Vulnerability Management</a></li>
<li class="toctree-l3 current"><a class="current reference internal" href="#">Overview</a><ul>
<li class="toctree-l4"><a class="reference internal" href="overview/configure-authentication.html">1. Configure Apache Authentication</a></li>
<li class="toctree-l4"><a class="reference internal" href="overview/map-user.html">2. Setup User Mapping</a></li>
<li class="toctree-l4"><a class="reference internal" href="overview/configure-logout.html">3. Configure Logout</a></li>
</ul>
</li>
<li class="toctree-l3"><a class="reference internal" href="../how-tos/monitoring/logging.html">Logging</a></li>
<li class="toctree-l3"><a class="reference internal" href="../customizations.html">Customizations</a></li>
</ul>
</li>
</ul>
</li>
<li class="toctree-l1"><a class="reference internal" href="../security.html">Security</a></li>
<li class="toctree-l1"><a class="reference internal" href="../release-notes.html">Release Notes</a></li>
<li class="toctree-l1"><a class="reference internal" href="../version-policy.html">Versioning Policy</a></li>
<li class="toctree-l1"><a class="reference internal" href="../glossary.html">Glossary</a></li>
Expand Down
49 changes: 28 additions & 21 deletions develop/authentication/overview/configure-authentication.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -102,9 +102,33 @@


<p class="caption"><span class="caption-text">Getting Started</span></p>
<ul>
<ul class="current">
<li class="toctree-l1"><a class="reference internal" href="../../requirements.html">Requirements</a></li>
<li class="toctree-l1"><a class="reference internal" href="../../installation.html">Installation</a></li>
<li class="toctree-l1 current"><a class="reference internal" href="../../installation.html">Installation</a><ul class="current">
<li class="toctree-l2"><a class="reference internal" href="../../installation/install-software.html">1. Install Software</a></li>
<li class="toctree-l2 current"><a class="reference internal" href="../../authentication.html">2. Authentication</a><ul class="current">
<li class="toctree-l3 current"><a class="reference internal" href="../overview.html">Overview</a><ul class="current">
<li class="toctree-l4 current"><a class="current reference internal" href="#">1. Configure Apache Authentication</a></li>
<li class="toctree-l4"><a class="reference internal" href="map-user.html">2. Setup User Mapping</a></li>
<li class="toctree-l4"><a class="reference internal" href="configure-logout.html">3. Configure Logout</a></li>
</ul>
</li>
<li class="toctree-l3"><a class="reference internal" href="../oidc.html">OpenID Connect</a></li>
<li class="toctree-l3"><a class="reference internal" href="../dex.html">OpenID Connect with Dex</a></li>
<li class="toctree-l3"><a class="reference internal" href="../shibboleth.html">Shibboleth</a></li>
<li class="toctree-l3"><a class="reference internal" href="../cas.html">CAS</a></li>
<li class="toctree-l3"><a class="reference internal" href="../tutorial-oidc-keycloak-rhel7.html">OpenID Connect with KeyCloak on RHEL7</a></li>
<li class="toctree-l3"><a class="reference internal" href="../duo-2fa-with-keycloak.html">Two Factor Auth using Duo with Keycloak</a></li>
<li class="toctree-l3"><a class="reference internal" href="../adfs-with-auth-mellon.html">SAML Authentication with Active Directory Federated Services (ADFS) and mod_auth_mellon</a></li>
<li class="toctree-l3"><a class="reference internal" href="../nsf-access.html">NSF ACCESS</a></li>
<li class="toctree-l3"><a class="reference internal" href="../insecure.html">Other Insecure Options</a></li>
</ul>
</li>
<li class="toctree-l2"><a class="reference internal" href="../../installation/add-ssl.html">3. Secure Apache httpd</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../installation/modify-system-security.html">4. Add SELinux</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../installation.html#building-from-source">Building From Source</a></li>
</ul>
</li>
<li class="toctree-l1"><a class="reference internal" href="../../installation/add-cluster-config.html">Cluster Configuration</a></li>
<li class="toctree-l1"><a class="reference internal" href="../../how-tos/app-development/interactive/setup.html">Setup Interactive Apps</a></li>
</ul>
Expand All @@ -123,27 +147,10 @@
<li class="toctree-l1"><a class="reference internal" href="../../tutorials/tutorials-dashboard-apps.html">Developing The OOD Dashboard</a></li>
</ul>
<p class="caption"><span class="caption-text">Reference</span></p>
<ul class="current">
<ul>
<li class="toctree-l1"><a class="reference internal" href="../../architecture.html">Architecture</a></li>
<li class="toctree-l1"><a class="reference internal" href="../../reference.html">Configuration Reference</a></li>
<li class="toctree-l1 current"><a class="reference internal" href="../../security.html">Security</a><ul class="current">
<li class="toctree-l2"><a class="reference internal" href="../../security.html#introduction">Introduction</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../security.html#considerations">Considerations</a></li>
<li class="toctree-l2"><a class="reference internal" href="../../security.html#conclusion">Conclusion</a></li>
<li class="toctree-l2 current"><a class="reference internal" href="../../security.html#relevant-references">Relevant References</a><ul class="current">
<li class="toctree-l3"><a class="reference internal" href="../../security/vulnerability-management.html">Vulnerability Management</a></li>
<li class="toctree-l3 current"><a class="reference internal" href="../overview.html">Overview</a><ul class="current">
<li class="toctree-l4 current"><a class="current reference internal" href="#">1. Configure Apache Authentication</a></li>
<li class="toctree-l4"><a class="reference internal" href="map-user.html">2. Setup User Mapping</a></li>
<li class="toctree-l4"><a class="reference internal" href="configure-logout.html">3. Configure Logout</a></li>
</ul>
</li>
<li class="toctree-l3"><a class="reference internal" href="../../how-tos/monitoring/logging.html">Logging</a></li>
<li class="toctree-l3"><a class="reference internal" href="../../customizations.html">Customizations</a></li>
</ul>
</li>
</ul>
</li>
<li class="toctree-l1"><a class="reference internal" href="../../security.html">Security</a></li>
<li class="toctree-l1"><a class="reference internal" href="../../release-notes.html">Release Notes</a></li>
<li class="toctree-l1"><a class="reference internal" href="../../version-policy.html">Versioning Policy</a></li>
<li class="toctree-l1"><a class="reference internal" href="../../glossary.html">Glossary</a></li>
Expand Down
Loading

0 comments on commit e774a68

Please sign in to comment.