You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
{{ message }}
This repository was archived by the owner on Jul 9, 2024. It is now read-only.
this is really a serious security issue for hadui to be used in untrusted environment.
enforcing https/wss with client certificate authentication is ideal for corporate environment, but will add obvious burden in maintenance (key gen, signing etc.) for personal use.
maybe using a hadui.pass besides hadui.yaml is viable for some time: hadui.pass will be generated with random passphrase if does not exist yet; and wsc will not exec stmts until authenticated with matching passphrase passed over the wsc. note this still needs https/wss to prevent the secret being sniffed over LAN, tho can avoid cert signing etc.
this is really a serious security issue for hadui to be used in untrusted environment.
enforcing https/wss with client certificate authentication is ideal for corporate environment, but will add obvious burden in maintenance (key gen, signing etc.) for personal use.
maybe using a
hadui.passbesideshadui.yamlis viable for some time:hadui.passwill be generated with random passphrase if does not exist yet; and wsc will not exec stmts until authenticated with matching passphrase passed over the wsc. note this still needs https/wss to prevent the secret being sniffed over LAN, tho can avoid cert signing etc.