Open dresende opened 8 years ago
I think I can answer my own question, but at least other people can read it. It seems IPP inherits everything from HTTP (digest auth, certificates, GSSAPI...).
https://en.wikipedia.org/wiki/Internet_Printing_Protocol#Implementation
@dresende As mention in Project Status I haven't implemented any security related features yet. But it should be fairly simple to do - I just hasn't gotten around to it yet.
I'm going to reopen the issue so that it's more obvious
Yes, I was also going to reopen it. I was trying not to change the bind.js
but it seems impossible. It would perhaps be simpler to just provide a callback before certain actions that could enable the developer to deny access. This way we could just use other modules to do http auth.
Hello, any security implementation since then?
@ajvjunior no not yet unfortunately
@watson, i tried to modify bind.js using http-auth (https://github.com/reconrus/NFC-Printing/blob/master/server/virtial-ipp-printer/mod/bind.js ). I add new listener to http.createServer. All works, but nothing can't open .ps file, because the file is corrupted. Could you please tell how I can fix it.
This would be super nice to have. @SimonWT have you figured out the way to make it work?
I did this on my fork, but I haven't used in a while.
const PrintServer = require("ipp-server");
const printer = new PrintServer({
name : "My Printer",
authorize : (req, res, body, next) => {
if (!req.headers.authorization) {
res.writeHead(401, {
"WWW-Authenticate" : "Basic realm=\"My Printer\""
});
return res.end();
}
console.log(req.headers.authorization);
// validate and return next() if OK, otherwise, return as above
return next();
}
});
Has anyone managed to create a reliable authentication with this? Would be really helpful
Is this supported? Is it at the HTTP level? This would be awesome to identify people printing and just do loads of funny stuff :smile: