Thanks for the information. So what about the cookie generation? We have one page that authenticates the users in Atlassian products by generating a cookie, I think that it should be possible to do the same with Graylog2.
On Wednesday, January 22, 2014 12:44:15 PM UTC+2, Kay Röpke wrote: > > Hi! > > Graylog2 0.20 web interface currently only supports authenticating via > username/password and after that relies on its own session cookie to > authenticate against the graylog2 servers. > To support client certificates we would need add that as an authentication > mechanism. In fact we have received one or two questions about allowing > certificates to be used for authentication, but so far this has been low > priority, to be honest. > > For this to work sensibly and securely, we would need to support some kind > of certificate management for all the connections between the user, web > interface process and graylog2 server (as well as mongodb which stores the > user's data and session information). That was well beyond the scope of > this release, so we decided to not support it for now. > > If you need this feature, could you please file an issue over at github: > https://github.com/Graylog2/graylog2-web-interface/issues?milestone=&state=open? > > BTW, it wouldn't be as easy as in the 0.1x versions, because starting in > 0.20 the server authenticates all requests, too, and it has no knowledge > about the first proxy server. > > Thanks, > Kay > > > On Wednesday, January 22, 2014 10:47:33 AM UTC+1, Егор Морозов wrote: >> >> Hello everyone! >> >> We've been using Graylog2 0.1x for a long time, it was simple enough to >> patch it and make using SSL_CLIENT_S_DN_CN Apache env variable. As now it's >> powered using a binary, this is much more painful to do the same so I >> wonder if it's somehow possible to make it use any of the variables passed >> by a proxy (nginx/Apache) to authenticate the user. >> >> Alternative approach that I can see is to generate the cookie using perl >> or php script, but as I have no experience with Java, I can't really >> understand how to generate the same cookie (like graylog2-web does). Could >> someone describe this? >> >> Thanks! >> > -- You received this message because you are subscribed to the Google Groups "graylog2" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/groups/opt_out.
