Closed karthicksek closed 4 years ago
ehrnst
commented
4 years ago Not sure I follow. Where do you use basic? To be honest, it is years ago since I built this, so I don't have everything on the top of my head. From what I remember I built this using impersonation and integrated security
karthicksek
commented
4 years ago Not sure I follow. Where do you use basic? To be honest, it is years ago since I built this, so I don't have everything on the top of my head. From what I remember I built this using impersonation and integrated security
Thanks for your reply...here attached a screenshot where the BASIC auth is configured in IIS. Is it something to be changed with WINDOWS authentication by doing some modification on code. am not a developer but you can give some idea in it. Do you be able to create a scom webapp for me with secure authentication mechanisms like Azure AD OAuth or Certificate based auth etc...thanks in advance.
dylrob
commented
4 years ago Lol your comments are so ridiculous. Could you be any more demanding? If you want to improve the app then do it... that’s sort of the point of github
ehrnst
commented
4 years ago Hi. I know the documentation is lacking here. But have you seen the wiki? https://github.com/ehrnst/System-Center-Operations-Manager-API/wiki/Installation-and-configuration
I'm sorry I don't recall everything here. But I'm pretty sure I had basic disabled, and is configured to forward (impersonate) the windows credentials
On Tue, 25 Aug 2020 at 15:58, dylrob notifications@github.com wrote:
Lol your comments are so ridiculous. Could you be any more demanding? If you want to improve the app then do it... that’s sort of the point of github
— You are receiving this because you commented.
Reply to this email directly, view it on GitHub https://github.com/ehrnst/System-Center-Operations-Manager-API/issues/30#issuecomment-680042015, or unsubscribe https://github.com/notifications/unsubscribe-auth/AFC6E5XNLE522TB7VFTKK2TSCO7QDANCNFSM4P6ED3JA .
ehrnst
commented
4 years ago I'm closing this. please let me know if you have issues
Hi Ehrnst,
Would like to use this webapi in our infra but it has limit like it can be configured ONLY WITH BASIC authentication on SCOM server which is security vulnerability since it passes data through CLEARTEXT. Would be great if you you alter this code to give us in some what secure authentication like OAuth or certificate based auth etc. Again this secure auth mechanism really helps in my implementation. Thanks in advance for your try and suggestions in this for me(at end I have to remove the BASIC auth with secure mechanism).