Is possible to disable the authentication mechanism on the REST api?
This is required for testing in a lab environment. In the lab environment external authentication is enabled and the users are authenticating using a safeword token via the RADIUS protocol. However, because the safeword infrastructure does not allow re-use of the same token code, the behind-the-scene authentication that SA does for the different modules (admin, reporter, alerter, etc) is failing. If it is possible to disable this authentication it will provide a workaround until token authentication is supported (10.4 release).
I am fully aware of the security implicates. At the moment, the REST ports are ACL'd using IPTables, so only connections from the Broker, Decoders and Concentrators are allowed.