search

varamfer / openhab

Automatically exported from code.google.com/p/openhab
0 stars 0 forks source link

openHAB instance should have it's uniq ID generated during first launch #81

Closed GoogleCodeExporter closed 8 years ago

GoogleCodeExporter commented 8 years ago 
openHAB should generate some uniq identifier of instance during first launch, 
save it persistently and hav a REST API which can be used without 
authentication even if authentication is switched on to access this id in 
read-only mode. UUID is a good idea of such an id. java.util.UUID can be used 
to generate one. It can be saved in a plain file in openHAB directory and then 
read during openHAB startup.

This feature is needed to secure usage of mDNS discovery mechanism between 
openHAB and client apps so that an app can check if discovered openHAB is the 
correct one before sending username/password authentication to prevent possible 
hijack attacks to stole username/password information when client app accesses 
remote openHAB system through public network and to prevent unconvinience when 
you visit your friend's house with openHAB running and try to connect to your 
home openHAB from his home network.

Original issue reported on code.google.com by belovic...@gmail.com on 18 Apr 2012 at 6:14

GoogleCodeExporter commented 8 years ago 
Sounds like a reasonable thing to do.
I'll just have a try and assign it to Thomas - maybe we are lucky and he will 
implement it ;-)

Original comment by kai.openhab on 19 Apr 2012 at 10:53

GoogleCodeExporter commented 8 years ago

Original comment by teichsta on 20 Apr 2012 at 7:58

GoogleCodeExporter commented 8 years ago 
[deleted comment]
GoogleCodeExporter commented 8 years ago 
Implemented and pushed to default!

A file "uuid" is generated to "<openhabhome>/webapps/static" if it doesn't 
exist already. The file could be read by requesting: 
"http://<openhab>:8080/static/uuid".

Is that what you are looking for?

Original comment by teichsta on 20 Apr 2012 at 8:50

GoogleCodeExporter commented 8 years ago 
If it will be accessible without auth then yes!

Original comment by belovic...@gmail.com on 20 Apr 2012 at 11:22

GoogleCodeExporter commented 8 years ago 
yes it is!

Original comment by teichsta on 20 Apr 2012 at 11:34