#1911 closed enhancement (wontfix)
Add authentication for WUI access
| Reported by: | luckyredhot | Owned by: | luckyredhot |
|---|---|---|---|
| Priority: | normal | Milestone: | undecided |
| Component: | code-frontend-web | Version: | 1.9.2 |
| Keywords: | WUI, access, security, authentication | Cc: | warner |
| Launchpad Bug: |
Description
At the moment anyone can access Tahoe-LAFS WUI and perform dangerous tricks such as filling up storage space. Workarounds are using iptables and nginx as proxy to Tahoe-LAFS.
It would be very nice to have WUI's own authentication capability.
Change History (7)
comment:1 Changed at 2013-02-01T18:20:20Z by zooko
- Cc warner added
- Owner set to luckyredhot
comment:2 Changed at 2013-02-05T11:12:23Z by luckyredhot
Under authentication I've just meant Basic access authentication: http://en.wikipedia.org/wiki/Basic_access_authentication described by RFC 2617 which can prevent accessing UI without providing login/password pair.
Of course it may be optional and also combined with other security techniques.
It would be also interesting to look on Brian's prototype.
comment:3 follow-up: ↓ 4 Changed at 2013-02-06T06:33:16Z by davidsarah
Basic authentication is insecure unless over a secure channel (e.g. TLS).
comment:4 in reply to: ↑ 3 ; follow-up: ↓ 5 Changed at 2013-02-07T13:38:42Z by luckyredhot
Replying to davidsarah:
Basic authentication is insecure unless over a secure channel (e.g. TLS).
Actually data transfer from Tahoe-LAFS WUI is also not secure due to it uses plain HTTP instead of HTTPS. Ticket's goal was not to ensure everything is secure but to ensure that intruders do not have access to WUI.
comment:5 in reply to: ↑ 4 Changed at 2013-02-08T19:01:58Z by davidsarah
Replying to luckyredhot:
Replying to davidsarah:
Basic authentication is insecure unless over a secure channel (e.g. TLS).
Actually data transfer from Tahoe-LAFS WUI is also not secure due to it uses plain HTTP instead of HTTPS. Ticket's goal was not to ensure everything is secure but to ensure that intruders do not have access to WUI.
I will rephrase.
Basic authentication does not provide secure authentication unless over a channel that already provides confidentiality.
comment:6 Changed at 2013-02-10T12:34:45Z by zooko
It is possible to access the WUI over TLS: docs/configuration.rst#overall-node-configuration.
comment:7 Changed at 2013-04-25T11:35:41Z by luckyredhot
- Resolution set to wontfix
- Status changed from new to closed
Ok, I have explained authorization techniques in FAQ https://tahoe-lafs.org/trac/tahoe-lafs/wiki/FAQ#Q30_authorization. No need to implement Tahoe own authorization at the moment. If someone need it you may reopen the ticket.
Brian has ideas and even, IIUC, a working prototype that controls access to a WUI.
This ticket is related to #1455, #1859, #1447, #1215, #860, #855, #587. I'm not sure if is is a duplicate of one of them or some combination of them. luckredhot: could you please clarify this ticket by spelling out what would allow us to close this ticket as "fixed"? I think it might be something like "All and only people who've been explicitly authorized by the node admin can use the WUI.". Does that sound right?
Brian: please advise on how this ticket should be written.