I followed the Quickstart guide I found here, an at the end it says I should be able to log in to the server using my Unix credentials. I’m guessing that’s the username and password for my current session on my computer.
However, I’ve been getting 403 errors non-stop, saying “User ‘my-username’ not allowed”. I then went digging and found this post discussing the allowed users configuration, which the Quickstart guide doesn’t mention at all (since the 5.0 release?).
I spent the afternoon digging around the configuration file I generated trying to allow my user account, but to no success. I’ve set all the “allow_all” parametres I could find to “True”, and added my username to all the “allowed user” parametres. No result, and when I launch the server passing this modified configuration file as –config, the warning for no allowed users isn’t even suppressed, despite me editing that too, so I’m not even sure if my edits are taken into account (grepping the file shows my edits).
Does the Quickstart guide need more info, concerning the allowed users? Have I missed something obvious? Why am I not able to connect to me server?
EDIT: managed to get the configuration file to work and allow myself to login. It would deserve a section in the Quickstart guide though, as this definitely wasn’t quick.
Yes, I think you’re right that quickstart needs an update since the change in 5.0 to no longer allow any user who can successfully authenticate by default (allow_all’s default changed from True to False in 5.0, that’s my guess as to what was missing for you).
My guess is that setting c.Authenticator.allow_all = True would do it, or c.Authenticator.allowed_users = {"yourname"}, and this absolutely needs to be in the quickstart.
Thanks for reporting the problem!
Aside: the fact that JupyterHub no longer works with zero configuration is part of why I didn’t have allow_all off by default, but it does make sense as a more secure default. But it also means that quickstart can’t be quite so quick anymore, as we now have to introduce the concept of config files before anything can start.
Perhaps a way forward is to create a `jupyterhub –generate_config --allow_self` command, which generates the default config file with just the current user as an allowed user. Requiring su permissions as well maybe?
But yeah, definitely needs to be more explicitly in the quickstart. I found the info on the github in the end, so perhaps it could also be reasonable to include a few “further reading” links at the end of the quickstart to introduce slightly more complex elements of the tool.
Maybe a “quicker” start would be to modify the JupyterHub launch command as jupyterhub --Authenticator.allow_all=true in the Quick Start Guide and add a note on why the CLI flag is necessary. This way we still avoid users having to manage config files.
After you start JupyterHub for the first time you’ll probably want to customise it, so I think showing beginners how to create and modify the config file as part of the quickstart is useful.
On the topic of updating the quickstart guide, python has changed the way installing packages via pip works (using venv), which means I had to update the config file to give the absolute path of the jupyterhub-singleuser bin so that sudo could run it in shared mode. That could be shifted to a later section of the docs but for the moment the quickstart guide is also out of date on that topic.
And the general docs still mention the dummy authenticator password, which in the config file is listed as deprecated.