Mercurial > hg > orthanc
comparison OrthancServer/main.cpp @ 3500:0d248cc63ded
Security: If remote HTTP access is enabled, HTTP authentication automatically gets enabled
| author | Sebastien Jodogne <s.jodogne@gmail.com> |
|---|---|
| date | Fri, 23 Aug 2019 21:32:16 +0200 |
| parents | cc3e408165eb |
| children | 27b53c61aa99 |
comparison
equal
deleted
inserted
replaced
| 3499:d8f7c3970e25 | 3500:0d248cc63ded |
|---|---|
| 819 httpServer.SetThreadsCount(lock.GetConfiguration().GetUnsignedIntegerParameter("HttpThreadsCount", 50)); | 819 httpServer.SetThreadsCount(lock.GetConfiguration().GetUnsignedIntegerParameter("HttpThreadsCount", 50)); |
| 820 httpServer.SetPortNumber(lock.GetConfiguration().GetUnsignedIntegerParameter("HttpPort", 8042)); | 820 httpServer.SetPortNumber(lock.GetConfiguration().GetUnsignedIntegerParameter("HttpPort", 8042)); |
| 821 httpServer.SetRemoteAccessAllowed(lock.GetConfiguration().GetBooleanParameter("RemoteAccessAllowed", false)); | 821 httpServer.SetRemoteAccessAllowed(lock.GetConfiguration().GetBooleanParameter("RemoteAccessAllowed", false)); |
| 822 httpServer.SetKeepAliveEnabled(lock.GetConfiguration().GetBooleanParameter("KeepAlive", defaultKeepAlive)); | 822 httpServer.SetKeepAliveEnabled(lock.GetConfiguration().GetBooleanParameter("KeepAlive", defaultKeepAlive)); |
| 823 httpServer.SetHttpCompressionEnabled(lock.GetConfiguration().GetBooleanParameter("HttpCompressionEnabled", true)); | 823 httpServer.SetHttpCompressionEnabled(lock.GetConfiguration().GetBooleanParameter("HttpCompressionEnabled", true)); |
| 824 httpServer.SetAuthenticationEnabled(lock.GetConfiguration().GetBooleanParameter("AuthenticationEnabled", false)); | |
| 825 httpServer.SetTcpNoDelay(lock.GetConfiguration().GetBooleanParameter("TcpNoDelay", true)); | 824 httpServer.SetTcpNoDelay(lock.GetConfiguration().GetBooleanParameter("TcpNoDelay", true)); |
| 826 | 825 |
| 827 lock.GetConfiguration().SetupRegisteredUsers(httpServer); | 826 if (httpServer.IsRemoteAccessAllowed()) |
| 828 | 827 { |
| 828 // Starting with Orthanc 1.5.8, enabling remote access forces user authentication. | |
| 829 httpServer.SetAuthenticationEnabled(true); | |
| 830 } | |
| 831 else | |
| 832 { | |
| 833 httpServer.SetAuthenticationEnabled(lock.GetConfiguration().GetBooleanParameter("AuthenticationEnabled", false)); | |
| 834 } | |
| 835 | |
| 836 bool hasUsers = lock.GetConfiguration().SetupRegisteredUsers(httpServer); | |
| 837 | |
| 838 if (httpServer.IsAuthenticationEnabled() && | |
| 839 !hasUsers) | |
| 840 { | |
| 841 LOG(WARNING) << "HTTP authentication is enabled, but no user is declared, " | |
| 842 << "check the value of configuration option \"RegisteredUsers\""; | |
| 843 } | |
| 844 | |
| 829 if (lock.GetConfiguration().GetBooleanParameter("SslEnabled", false)) | 845 if (lock.GetConfiguration().GetBooleanParameter("SslEnabled", false)) |
| 830 { | 846 { |
| 831 std::string certificate = lock.GetConfiguration().InterpretStringParameterAsPath( | 847 std::string certificate = lock.GetConfiguration().InterpretStringParameterAsPath( |
| 832 lock.GetConfiguration().GetStringParameter("SslCertificate", "certificate.pem")); | 848 lock.GetConfiguration().GetStringParameter("SslCertificate", "certificate.pem")); |
| 833 httpServer.SetSslEnabled(true); | 849 httpServer.SetSslEnabled(true); |