--- /dev/null
+[func] fdupont
+ Added the "basic-auth-user-file" parameter to the HA
+ hook library to provide the user ID which is part of
+ the secret used by the basic HTTP auth from a file
+ instead in clear in the configuration.
+ (Gitlab #4070)
not specified or specified as an empty string, no authentication header is
added to HTTP transactions. It must not contain the colon (:) character.
+- ``basic-auth-user-file`` - is an alternatibe to ``basic-auth-user``:
+ instead of presenting the user ID in the configuration file it is specified
+ in the file indicated by this parameter.
+
- ``basic-auth-password`` - specifies the password for basic HTTP
authentication. This parameter is ignored when the user ID is not specified
or is empty. The password is optional; if not specified, an empty password is
}
// Basic HTTP authentication user.
+ std::string user;
+ bool do_auth = false;
if (p->contains("basic-auth-user")) {
- std::string user = getString(p, "basic-auth-user");
+ if (p->contains("basic-auth-user-file")) {
+ isc_throw(dhcp::DhcpConfigError, "only one of "
+ << "basic-auth-user and "
+ << "basic-auth-user-file parameter can be "
+ << "configured in peer '"
+ << cfg->getName() << "'");
+ }
+ user = getString(p, "basic-auth-user");
+ do_auth = true;
+ }
+ if (p->contains("basic-auth-user-file")) {
+ std::string user_file =
+ getString(p, "basic-auth-user-file");
+ try {
+ user = util::file::getContent(user_file);
+ do_auth = true;
+ } catch (const std::exception& ex) {
+ isc_throw(dhcp::DhcpConfigError, "bad user file in peer '"
+ << cfg->getName() << "': " << ex.what());
+ }
+ }
+ if (do_auth) {
BasicHttpAuthPtr& auth = cfg->getBasicAuth();
try {
if (!user.empty()) {
" {"
" \"name\": \"server3\","
" \"url\": \"http://127.0.0.1:8082/\","
- " \"basic-auth-user\": \"keatest\","
+ " \"basic-auth-user-file\": \""
+ TEST_HTTP_DIR "/hiddenu\","
" \"basic-auth-password-file\": \""
TEST_HTTP_DIR "/hiddenp\","
" \"role\": \"backup\""
projects / thirdparty / kea.git / commitdiff
