User story #3751: Allow API v1 URL on localhost only - Rudder - Issue Tracker

Actions

Copy link

User story #3751

closed

User story #3000: Build a REST API to manage all actions in Rudder (CRUD on Nodes, Groups, Directives and Rules)

Allow API v1 URL on localhost only

Added by François ARMAND almost 11 years ago. Updated about 9 years ago.

Status:

Released

Priority:

Assignee:

Matthieu CERDA

Category:

API

Target version:

2.7.0~beta1

Pull Request:

https://github.com/Normation/rudder/p...

UX impact:

Suggestion strength:

User visibility:

Effort required:

Name check:

Fix check:

Regression:

Description

On Rudder 2.6, we could request "/api/*" without any authentication, and so we choosed to allows URL of that kind to be called from localhost only.

In Rudder 2.7, we are going to get a real API with working authentication, but we need to still allows non authenticated request on URL from API v1.

So, for the following URL ONLY, Apache have to be configured to accept request from localhost only
(has it was, but in place of "/api/*", we take care of):

- /api/status
- /api/techniqueLibrary/reload
- /api/dyngroup/reload
- /api/deploy/reload
- /api/archives

Actions

Copy link

Also available in: Atom PDF

Project

General

Profile

Rudder

Custom queries

User story #3751

Allow API v1 URL on localhost only

Updated by François ARMAND almost 11 years ago

Updated by Vincent MEMBRÉ almost 11 years ago

Updated by François ARMAND almost 11 years ago

Updated by Matthieu CERDA almost 11 years ago

Updated by Matthieu CERDA almost 11 years ago

Updated by Nicolas PERRON almost 11 years ago

Updated by Jonathan CLARKE almost 11 years ago

Updated by Matthieu CERDA almost 11 years ago

Updated by Jonathan CLARKE almost 11 years ago

Updated by Matthieu CERDA almost 11 years ago

Updated by Nicolas PERRON almost 11 years ago

Updated by Benoît PECCATTE about 9 years ago