Add optional authentication to carbon-agent protocol

Registered by chrismd on 2008-06-30

Currently carbon-agent is unauthenticated, which is problematic for users who wish to run Graphite on a non-private network. A simple solution would be to add an optional configuration parameter for carbon-agent that is a pre-shared secret key. If this secret key is defined, carbon-agent could send a random string to any connecting client, who would then be required to reply with a hash of this string concatenated to the secret key. If clients fail to do this, they simply get disconnected. This is basic challenge-response authentication.

Blueprint information

Status:
Not started
Approver:
None
Priority:
Undefined
Drafter:
None
Direction:
Needs approval
Assignee:
chrismd
Definition:
New
Series goal:
None
Implementation:
Unknown
Milestone target:
None

Related branches

Sprints

Whiteboard

(?)

Work Items

This blueprint contains Public information 
Everyone can see this information.