Closed temabeloglinski closed 9 months ago
No, it is user-defined. You could implement it by such a strategy but the system has not done it for you. The example shows some hardcoded users: andy, wilma and guest. See https://clixon-docs.readthedocs.io/en/latest/restconf.html#auth-types
Unfortunately it didn't work
admin@clixon:/$ curl -X GET http://x.x.x.x/restconf/data/ -u andy:bar { "ietf-restconf:errors" : { "error": { "error-type": "protocol", "error-tag": "access-denied", "error-severity": "error", "error-message": "The requested URL was unauthorized" } }
} admin@clixon:/$
Maybe the example plugin is not installed correctly, or not loaded? Its the example_restconf.so plugin. Check debug of clixon_restconf that it loads, and then when the http request comes in that it reaches the ca_auth callback.example_basic_auth(). It should have a entry in syslog if you run it as -D 1. I assume you are running native restconf.
Olof, thanks for the tip. The directory path for restconf plugins was specified incorrectly in my configuration file.
admin@clixon:/$ curl -G http://127.0.0.1/restconf/data -u andy:bar { "ietf-restconf:data": {} }
Hi Olof! I have a question about RESTCONF with authentification. Do I understand correctly that when setting up a restconf with authentication, I use system users from the clicon group? For example: I have this config
Request Curl: admin@clixon:/$ curl -X GET http://x.x.x.x/restconf/data/ -u admin:admin { "ietf-restconf:errors" : { "error": { "error-type": "protocol", "error-tag": "access-denied", "error-severity": "error", "error-message": "The requested URL was unauthorized" } }
}
What I'm doing wrong?