Open ghnp5 opened 5 months ago
thebootable
commented
5 months ago If so: please make it optional. This service could also just rely on external authentication methods, e.g. forward-auth by the reverse proxy. As it is just to display information and not perform any actions, there is no need for different users or a fully-fledged rights-management.
gutmensch
commented
5 months ago @ghnp5 Nowadays I would rather rely on people having an own (simple) reverse proxy layer in front of this container with basic auth or an ingress controller in schedulers, so I see little value implementing something here. The next one then also wants digest auth and the next one ldap and so on... ;-)
If you feel like contributing I would welcome an optional disabled auth as @thebootable suggested!
ghnp5
commented
5 months ago Thank you. I do have a layer of authentication in nginx, for all these private apps. I'm always just very paranoid that one day it might be faulty for some reason, and then all these "password-exempt" apps become exposed!!! :-)
But I understand what you say. Thanks!
Hey!
Is there any possibility we could have password protection in the Report Viewer UI ?
My suggestion is that we could set the password as an environment variable.
Thanks!