As a developer I would like users to securely access information from the graylog server in production so that this application complies with security policies and good practices.
Possible Solution
The main graylog frontend ships with its own login page and is integrated with an auth backend in production. We ideally want to steal/reuse as much of that infrastructure as possible. It would be nice if unauthenticated clients could simply re redirected to the login page to generate a session ID.
If that is not possible then we will need our own minimal login page and to examine the network traffic in the browser while logging in to see what API calls are needed to authenticate.
Acceptance Criteria
Unauthenticated users are shown a login page
Once authenticated, they are shown the logpanel
No sensitive information is leaked via logs or the console (sending sensitive information over https is okay)
(Optional, unsure if this is possible) Logging into the logpanel also authenticates you with graylog and vice versa
As a developer I would like users to securely access information from the graylog server in production so that this application complies with security policies and good practices.
Possible Solution
The main graylog frontend ships with its own login page and is integrated with an auth backend in production. We ideally want to steal/reuse as much of that infrastructure as possible. It would be nice if unauthenticated clients could simply re redirected to the login page to generate a session ID.
If that is not possible then we will need our own minimal login page and to examine the network traffic in the browser while logging in to see what API calls are needed to authenticate.
Acceptance Criteria