Rudder

An user reported that he wasn't able to access the technique editor on rudder with an authentication error.

Further investigation shows that:

- access trough https works:

% curl -k -H "X-API-Token: $(cat /var/rudder/run/api-token)"  -X GET 'https://localhost/rudder/api/authentication?acl=read'

{"action":"authentication","result":"success","data":"F4909276532903MRXTL"}

But without the s leads to an error:

% curl -k -H "X-API-Token: $(cat /var/rudder/run/api-token)"  -X GET 'http://localhost/rudder/api/authentication?acl=read'

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML
  2.0//EN"> <html><head> <title>404 Not Found</title> </head><body> <h1>Not Found</h1> <p>The
  requested URL /rudder/api/authentication was not found on this server.</p> <hr>
  <address>Apache/2.4.25 (Debian) Server at localhost Port 80</address> </body></html>

And that changing the URLs in /usr/share/ncf/api/ncf_api_flask_app/views.py (~lines 49 & 51) let the user accesses to the technique editor in rudder.

It works with previous version of debian (like 9.1), so something must have change in the apache version used in debian 9.4.