How to protect the GUI session of WISTAR with your credentials so that no one can delete your topologies

[akher1]

How to add username and password for the WEBUI so that no one should make any changes to your topologies. The reason, I am asking because today someone deleted my topology which was building for past one week. This is really needed for me.

Regards,
Ankur

[Sidiox]

You can enable basic webauthentication on your webserver. If you use Apache as the webserver you can simply follow the instructions here: https://httpd.apache.org/docs/2.4/howto/auth.html
This is authentication against the webserver itself, the Wistar instance behind the webserver is still shared between all users that can authenticate.

[akher1]

I am able to bring up the apache server but the authentication is not working for me.

This is my server

ankur@ankur-virtual-machine:/etc/apache2/sites-enabled$ pwd
/etc/apache2/sites-enabled
nkur@ankur-virtual-machine:/etc/apache2/sites-enabled$ ls -la
total 48
drwxr-xr-x 2 root root 4096 Aug 2 16:15 .
drwxr-xr-x 8 root root 4096 Aug 2 14:47 ..
-rw-r--r-- 1 root root 152 Aug 2 15:54 .htaccess
-rw------- 1 root root 12288 Aug 2 15:52 .htaccess.swo
-rw------- 1 root root 12288 Aug 2 15:47 .htaccess.swp
-rw-r--r-- 1 root root 756 Aug 2 16:13 999-non
-rw-r--r-- 1 root root 563 Aug 2 15:59 999-wistar.conf
-rw-r--r-- 1 root root 1332 Aug 2 15:13 backup-0000-default.conf

virtual-machine:/etc/apache2/sites-enabled$ cat 999-wistar.conf
Define wistar_path /opt/wistar/wistar-master
Listen 8080
<VirtualHost *:8080>
WSGIScriptAlias / ${wistar_path}/wistar/wsgi.py
WSGIDaemonProcess wistar python-path=${wistar_path}
WSGIProcessGroup wistar
ErrorLog /var/log/apache2/wistar.log
CustomLog /var/log/apache2/wistar_access.log combined
Alias /static/ ${wistar_path}/common/static/

<Directory "${wistar_path}/common/static">
Require all granted

<Directory ${wistar_path}>

Require all granted

+++++++++THIS IS NOT WORKING+++++++++
ankur@ankur-virtual-machine:/etc/apache2/sites-enabled$ cat 999-non
Define wistar_path /opt/wistar/wistar-master
<VirtualHost *:8080>
WSGIScriptAlias / ${wistar_path}/wistar/wsgi.py
WSGIDaemonProcess wistar python-path=${wistar_path}
WSGIProcessGroup wistar
ErrorLog /var/log/apache2/wistar.log
CustomLog /var/log/apache2/wistar_access.log combined
Alias /static/ ${wistar_path}/common/static/

<Directory "${wistar_path}/common/static">
Require all granted

<Directory ${wistar_path}>

    <Files wsgi.py>
          AuthType Basic
      AuthName "Restricted Files"
      # (Following line optional)
      AuthBasicProvider file
      AuthUserFile "/var/www/html/passwords"
      Require user ankur   
    </Files>

ankurh@ankur-virtual-machine:/etc/apache2/sites-enabled$

=========

So, in which path I should call my password?

Regards,
Ankur Kher

[akher1]

Please provide some directions?

[dmontagner]

@akher1 today Wistar has no authentication methods enabled as it is a lab tool only. The suggestion made by @Sidiox is by far the easiest way to provide some level of authentication.

I suspect you haven't created the file .htpasswd on /opt/wistar/wistar-master.

Alternatively, but far more complex, you can enable authentication in DJango. But this will require extra coding.

https://docs.djangoproject.com/en/2.2/topics/auth/default/