docker-dmarc-report icon indicating copy to clipboard operation
docker-dmarc-report copied to clipboard

Published 20 hours ago verified publisher icon gutmensch

Password Protection

Open ghnp5 opened this issue 1 year ago • 3 comments

Hey!

Is there any possibility we could have password protection in the Report Viewer UI ?

My suggestion is that we could set the password as an environment variable.

Thanks!

ghnp5 avatar Jan 28 '24 10:01 ghnp5

If so: please make it optional. This service could also just rely on external authentication methods, e.g. forward-auth by the reverse proxy. As it is just to display information and not perform any actions, there is no need for different users or a fully-fledged rights-management.

thebootable avatar Feb 02 '24 12:02 thebootable

@ghnp5 Nowadays I would rather rely on people having an own (simple) reverse proxy layer in front of this container with basic auth or an ingress controller in schedulers, so I see little value implementing something here. The next one then also wants digest auth and the next one ldap and so on... ;-)

If you feel like contributing I would welcome an optional disabled auth as @thebootable suggested!

gutmensch avatar Feb 04 '24 22:02 gutmensch

Thank you. I do have a layer of authentication in nginx, for all these private apps. I'm always just very paranoid that one day it might be faulty for some reason, and then all these "password-exempt" apps become exposed!!! :-)

But I understand what you say. Thanks!

ghnp5 avatar Feb 04 '24 22:02 ghnp5