You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This means that there is no way to differentiate between users:
they share credentials
they have the same full access
it is not clear from audit logs who did what
Work-around could be to enable some form of basic authentication on the proxy.
But, in time this should be improved. Ideas. and operational requirements are welcome!
We will probably need to support multiple users, with their own passwords, and the ability to restrict access to specific CAs in krill (if more than one exists) based on the user. Preferably though without re-inventing the wheel. Maybe we can / should work with public openid providers? Like, use your github / google / $something account to login?
The text was updated successfully, but these errors were encountered:
The UI login relies on the global 'admin' token.
This means that there is no way to differentiate between users:
Work-around could be to enable some form of basic authentication on the proxy.
But, in time this should be improved. Ideas. and operational requirements are welcome!
We will probably need to support multiple users, with their own passwords, and the ability to restrict access to specific CAs in krill (if more than one exists) based on the user. Preferably though without re-inventing the wheel. Maybe we can / should work with public openid providers? Like, use your github / google / $something account to login?
The text was updated successfully, but these errors were encountered: