Question about the user authentication

[kun135]

Hi， I found that the user authentication function does not work，I can login with any user，Is it a problem with my configuration?

My configuration is as follows:

authentication:
  required: true
  type: usernamepassword

My user configuration information is as follows

 evebox config -D /var/lib/evebox/ users list
2022-11-02 21:02:41  INFO refinery_core::traits: current version: 1    
2022-11-02 21:02:41  INFO refinery_core::traits::sync: no migrations to apply    
{"uuid":"14e5189a-bd7e-4e31-a340-561226419579","username":"xukun"}

My evebox service information is as follows：

service evebox status -l
[root@Network-Security-Suricata bin]# service evebox status                       
Redirecting to /bin/systemctl status evebox.service
● evebox.service - Evebox Server
   Loaded: loaded (/usr/lib/systemd/system/evebox.service; disabled; vendor preset: disabled)
   Active: active (running) since 一 2022-11-07 15:00:47 CST; 4min 58s ago
 Main PID: 8592 (evebox)
   CGroup: /system.slice/evebox.service
           └─8592 /usr/bin/evebox server -c /etc/evebox/evebox.yaml --host 10.190.122.14 -v

At present i found that only version 0.15.0 has this problem.

At the same time, I found that pcap(https://127.0.0.1:5636/api/1/eve2pcap) always prompts 401 authentication required The error message is as follows

journalctl -u evebox -f
11月 07 15:11:02 Network-Security-Suricata evebox[8592]: 2022-11-07 15:11:02  INFO evebox::server::main: Authentication required but not session found.

How should I fix this problem？ Thank you very much！

[jasonish]

Sorry for the late response. Will look at this in the coming week.

[kun135]

It's alright, Thank you very much.

[jasonish]

Confirmed, embarrassed. Will have a fix + release this week.

[kun135]

Thank you so much.

[jasonish]

Fixed in git main. Will be in 0.16.0 soon.