AnsweredAssumed Answered

Authentication on REST port

Question asked by OM949 on Mar 31, 2014
Latest reply on Apr 7, 2014 by huan zhou

Is possible to disable the authentication mechanism on the REST api?

 

This is required for testing in a lab environment. In the lab environment external authentication is enabled and the users are authenticating using a safeword token via the RADIUS protocol.  However, because the safeword infrastructure does not allow re-use of the same token code, the behind-the-scene authentication that SA does for the different modules (admin, reporter, alerter, etc) is failing.  If it is possible to disable this authentication it will provide a workaround until token authentication is supported (10.4 release).

 

I am fully aware of the security implicates. At the moment, the REST ports are ACL'd using IPTables, so only connections from the Broker, Decoders and Concentrators are allowed.

Outcomes