Mercurial > hg > orthanc
comparison OrthancServer/main.cpp @ 3533:2090ec6a83a5
create a default user if none is provided, while issuing a warning in Orthanc Explorer
| author | Sebastien Jodogne <s.jodogne@gmail.com> |
|---|---|
| date | Fri, 04 Oct 2019 17:41:43 +0200 |
| parents | f07352e0375c |
| children | cac8ffcb9cef |
comparison
equal
deleted
inserted
replaced
| 3532:e4b4b4dbef99 | 3533:2090ec6a83a5 |
|---|---|
| 830 httpServer.SetAuthenticationEnabled(authenticationEnabled); | 830 httpServer.SetAuthenticationEnabled(authenticationEnabled); |
| 831 | 831 |
| 832 if (httpServer.IsRemoteAccessAllowed() && | 832 if (httpServer.IsRemoteAccessAllowed() && |
| 833 !authenticationEnabled) | 833 !authenticationEnabled) |
| 834 { | 834 { |
| 835 LOG(WARNING) << "Remote access is enabled while user authentication is disabled, " | 835 LOG(WARNING) << "====> Remote access is enabled while user authentication is explicitly disabled, " |
| 836 << "make sure this does not affect the security of your setup"; | 836 << "make sure this does not affect the security of your setup <===="; |
| 837 } | 837 } |
| 838 } | 838 } |
| 839 else if (httpServer.IsRemoteAccessAllowed()) | 839 else if (httpServer.IsRemoteAccessAllowed()) |
| 840 { | 840 { |
| 841 // Starting with Orthanc 1.5.8, it is impossible to enable | 841 // Starting with Orthanc 1.5.8, it is impossible to enable |
| 855 bool hasUsers = lock.GetConfiguration().SetupRegisteredUsers(httpServer); | 855 bool hasUsers = lock.GetConfiguration().SetupRegisteredUsers(httpServer); |
| 856 | 856 |
| 857 if (httpServer.IsAuthenticationEnabled() && | 857 if (httpServer.IsAuthenticationEnabled() && |
| 858 !hasUsers) | 858 !hasUsers) |
| 859 { | 859 { |
| 860 LOG(WARNING) << "HTTP authentication is enabled, but no user is declared, " | 860 if (httpServer.IsRemoteAccessAllowed()) |
| 861 << "check the value of configuration option \"RegisteredUsers\""; | 861 { |
| 862 /** | |
| 863 * Starting with Orthanc 1.5.8, if no user is explicitly | |
| 864 * defined while remote access is allowed, we create a | |
| 865 * default user, and Orthanc Explorer shows a warning | |
| 866 * message about an "Insecure setup". This convention is | |
| 867 * used in Docker images "jodogne/orthanc", | |
| 868 * "jodogne/orthanc-plugins" and "osimis/orthanc". | |
| 869 **/ | |
| 870 LOG(ERROR) << "====> HTTP authentication is enabled, but no user is declared. " | |
| 871 << "Creating a default user: Review your configuration option \"RegisteredUsers\". " | |
| 872 << "Your setup is INSECURE <===="; | |
| 873 | |
| 874 context.SetDefaultUser(true); | |
| 875 | |
| 876 // This is the username/password of the default user in Orthanc. | |
| 877 httpServer.RegisterUser("orthanc", "orthanc"); | |
| 878 } | |
| 879 else | |
| 880 { | |
| 881 LOG(WARNING) << "HTTP authentication is enabled, but no user is declared, " | |
| 882 << "check the value of configuration option \"RegisteredUsers\""; | |
| 883 } | |
| 884 } | |
| 885 else | |
| 886 { | |
| 887 // This setup is secure | |
| 888 context.SetDefaultUser(false); | |
| 862 } | 889 } |
| 863 | 890 |
| 864 if (lock.GetConfiguration().GetBooleanParameter("SslEnabled", false)) | 891 if (lock.GetConfiguration().GetBooleanParameter("SslEnabled", false)) |
| 865 { | 892 { |
| 866 std::string certificate = lock.GetConfiguration().InterpretStringParameterAsPath( | 893 std::string certificate = lock.GetConfiguration().InterpretStringParameterAsPath( |