Graylog2/graylog2-server

Support Bearer Tokens for authenticating instead of using a token in basic auth

Open

#5167 aperta il 1 ott 2018

Vedi su GitHub
 (1 commento) (1 reazione) (0 assegnatari)Java (1032 fork)batch import
featuregood first issuetriaged

Metriche repository

Star
 (6945 star)
Metriche merge PR
 (Merge medio 8g 19h) (297 PR mergiate in 30 g)

Descrizione

Expected Behavior

When a user creates a token which can be used for authentication, it should be accepted by the server when passed as part of a Authentication: Bearer <Token> header.

Current Behavior

For token authentication, the server expects basic auth with the username set to the token and password to token. This is rather proprietary. Additionally, some systems which are otherwise capable of speaking to Graylog (e.g. the telegraf prometheus plugin speaking to the Graylog prometheus metrics reporter do not work due to the nonacceptance of Bearer Tokens.

Possible Solution

Steps to Reproduce (for bugs)

Context

Your Environment

  • Graylog Version:
  • Elasticsearch Version:
  • MongoDB Version:
  • Operating System:
  • Browser version:

Guida contributor