30 lines
1.6 KiB
INI
30 lines
1.6 KiB
INI
[mlflow]
|
|
default_permission = READ
|
|
database_uri = sqlite:///basic_auth.db
|
|
admin_username = admin
|
|
admin_password = password1234
|
|
authorization_function = mlflow.server.auth:authenticate_request_basic_auth
|
|
# When true, users inherit default_permission for the reserved 'default' workspace.
|
|
grant_default_workspace_access = false
|
|
# Cache settings for resource-to-workspace lookups (used for permission checks).
|
|
# workspace_cache_max_size = 10000
|
|
# workspace_cache_ttl_seconds = 3600
|
|
# Cache settings for basic-auth username/password verification. Disabled by default
|
|
# (auth_cache_ttl_seconds = 0). When enabled, successful credential checks are
|
|
# cached for this long so PBKDF2 hash comparison runs at most once per (user,
|
|
# password) per TTL window — a ~3x throughput improvement on request-heavy
|
|
# auth-enabled workloads.
|
|
#
|
|
# The cache lives inside each worker process, so enabling it introduces staleness:
|
|
# * Password, admin-flag, and deletion changes via the HTTP APIs invalidate the
|
|
# entry on whichever worker handled the mutation immediately. Other workers in
|
|
# a multi-worker deployment may continue to accept the old credential until
|
|
# the TTL expires (at most auth_cache_ttl_seconds).
|
|
# * Mutations made out-of-band (direct SQL, external IdP sync) reach the cache
|
|
# on no workers and are likewise reflected only after the TTL expires.
|
|
#
|
|
# The cache is bounded by auth_cache_max_size and the TTL, so there is no
|
|
# unbounded memory growth. Set auth_cache_ttl_seconds to a positive value
|
|
# (e.g. 60) to opt in.
|
|
# auth_cache_max_size = 10000
|
|
# auth_cache_ttl_seconds = 0 |