AWX provides a web-based user interface, REST API, and task engine built on top of Ansible. It is one of the upstream projects for Red Hat Ansible Automation Platform.
Other
13.88k
stars
3.4k
forks
source link
RFE: Send real client remote address in TACACS+ authentication packet #1797
The function authenticate() in TACACSClient supports sending client remote address as parameter and should be used to correctly report client real address.
ISSUE TYPE
COMPONENT NAME
SUMMARY
Currently the TACACS+ authentication backend
https://github.com/ansible/awx/blob/96370584062a15271abafab7fc557ac2879aa38c/awx/sso/backends.py#L225-L227
sends default value for client remote address
https://github.com/ansible/tacacs_plus/blob/526b5a29c5656bbd8644accca238d1e9303dc272/tacacs_plus/flags.py#L81
The function
authenticate()
inTACACSClient
supports sending client remote address as parameter and should be used to correctly report client real address.https://github.com/ansible/tacacs_plus/blob/9ba553f79efcc7b955001503d1953900ba6284a4/tacacs_plus/client.py#L158
ENVIRONMENT
EXPECTED RESULTS
TACACS+ authentication packet will contain clients real remote address.
ACTUAL RESULTS
Client remote address is always set to
python_device
.