orthanc: Resources/Configuration.json comparison

Security: If remote HTTP access is enabled, HTTP authentication automatically gets enabled

author	Sebastien Jodogne <s.jodogne@gmail.com>
date	Fri, 23 Aug 2019 21:32:16 +0200
parents	cc3e408165eb
children	d2b9981017c4

comparison

equal deleted inserted replaced

-:d8f7c3970e25
+:0d248cc63ded
 /**
 * Security-related options for the HTTP server
 **/
-// Whether remote hosts can connect to the HTTP server
+// Whether remote hosts can connect to the HTTP server. For security
+// reasons, starting with Orthanc 1.5.8, as soon as this option is
+// set to "true", authentication is enabled, and you have to declare
+// an user in "RegisteredUsers" to access the HTTP server.
 "RemoteAccessAllowed" : false,
 // Whether or not SSL is enabled
 "SslEnabled" : false,
 // Path to the SSL certificate in the PEM format (meaningful only if
 // SSL is enabled)
 "SslCertificate" : "certificate.pem",
-// Whether or not the password protection is enabled
+// Whether or not the password protection is enabled. Starting with
+// Orthanc 1.5.8, password protection is automatically enabled as
+// soon as "RemoteAccessAllowed" is set to "true".
 "AuthenticationEnabled" : false,
 // The list of the registered users. Because Orthanc uses HTTP
 // Basic Authentication, the passwords are stored as plain text.
 "RegisteredUsers" : {

Mercurial > hg > orthanc