IRC Logs for #circuits Monday, 2016-06-06

prologiconly thing left to do now is make it a complete proxy (very naive atm)00:11
prologicsecure it (still thinking about this; basic auth is not secure :P)00:11
prologicand optimize it (use circuits.web.client)00:11
prologichi fUD00:11
prologicpdurbin: thoughts?00:11
pdurbinprologic: is basic auth over https secure?01:08
prologicin general i think so...01:28
pdurbinme too01:35
prologicI think the only difference between basic auth and digest auth is the later is harder (or impossible?) to hack in a replay attack02:40
prologicwhereas any auth based on basic auth (hashed or not) is a weak as just handing over your credentials without SSL/TLS02:40
prologicBut honestly I've been thinking about this a bit... whilst my PoC works and should in design be as simple as HTTP (frontend) -> Intercept/AAA=Proxy or Deny -> HTTP (backend)02:42
prologicWhere frontend can also be a load balancer like hipache, redx or traefik02:42
prologicI'm thinking of building it into something more elaborate with host and host+path aaa that can sit in front of any arbitrary set of apps02:44
prologicyou would (at least for my use-case) at least whitelist your local LAN where aaa in most cases is unnecessary and not required02:44
prologichmm this gives me interesting integration ideas with autodock02:46
prologicwhat do you think would be a good format for env vars to declare to an auth-proxy:02:46
prologic"please aaa me given a vhost" or "please aaa me, allowing this set of users/groups given a vhost" or "please aaa me given a set of users/groups with this vhost+path"02:47
prologic-e AUTH=required would be the simplest case02:48
*** Workster has quit IRC07:29
*** Coldblackice has quit IRC09:59
*** ninkotech has joined #circuits11:48
*** FSX has quit IRC12:47
*** FSX has joined #circuits13:56
*** robert_|disconne has quit IRC15:41
*** Coldblackice has joined #circuits17:12
*** robert_ has joined #circuits19:56
*** robert_ has quit IRC19:56
*** robert_ has joined #circuits19:56

Generated by 2.14.0 by Marius Gedminas - find it at!