Comment 0 for bug 1807668

Initial deployment is done with:

  OpenShiftGlobalVariables:
    openshift_master_identity_providers:
    - name: allow_all
      login: 'true'
      challenge: true
      kind: AllowAllPasswordIdentityProvider

In a subsequent stack update we set it to htpasswd_auth:

  OpenShiftGlobalVariables:
    openshift_master_identity_providers:
    - name: 'htpasswd_auth'
      login: 'true'
      challenge: 'true'
      kind: 'HTPasswdPasswordIdentityProvider'
    openshift_master_htpasswd_users:
      marius: '$apr1$jpBOUqeU$X4jUsMyCHOOp8TFYtPq0v1'

But after the stack update succeeds we're still able to log in with any user/pass which points to the new configuration not being applied.

The openshift documentation states that "After making changes to an identity provider, you must restart the master services for the changes to take effect".

https://docs.openshift.com/container-platform/3.11/install_config/configuring_authentication.html#overview