Add optional authentication to carbon-agent protocol
Registered by
chrismd
Currently carbon-agent is unauthenticated, which is problematic for users who wish to run Graphite on a non-private network. A simple solution would be to add an optional configuration parameter for carbon-agent that is a pre-shared secret key. If this secret key is defined, carbon-agent could send a random string to any connecting client, who would then be required to reply with a hash of this string concatenated to the secret key. If clients fail to do this, they simply get disconnected. This is basic challenge-response authentication.
Blueprint information
- Status:
- Not started
- Approver:
- None
- Priority:
- Undefined
- Drafter:
- None
- Direction:
- Needs approval
- Assignee:
- chrismd
- Definition:
- New
- Series goal:
- None
- Implementation:
- Unknown
- Milestone target:
- None
- Started by
- Completed by
Related branches
Related bugs
Sprints
Whiteboard
(?)