-
Notifications
You must be signed in to change notification settings - Fork 20
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Security of the app #41
Comments
Environment variables are not stored in files. If you need a login page, it is recommended to place a proxy in front of it. For example, you can use NGINX with basic authentication for a simple login mechanism. |
Thank you for your response. I appreciate. I do have Nginx with authentication, actually. However,
There would be a lot more flexibility, and would be a lot more secure, if we could have a login page where we can login as the user/role we want. That's how Thank you very much. |
commit v1.1.2 fix relative path |
Hello,
CASSANDRA_USERNAME
andCASSANDRA_PASSWORD
are defined.This means that anyone accessing the URL of the webapp automatically has full access to the database.
Not only that, it also means that the superuser's password is hardcoded in a file.
Would it be possible to not have to provide these environment variables, and instead have a Log In front page, where we can just enter the username and password?
Is it possible to either make these "relative" paths (instead of absolute), or allow us to provide an environment variable that says what the "prefix" should be?
That way, we'd be able to set this webapp inside a subpath, e.g.
admin.mydomain.com/cassandra-web/
Thank you very much
The text was updated successfully, but these errors were encountered: