Mercurial > hg > orthanc
diff OrthancServer/main.cpp @ 3533:2090ec6a83a5
create a default user if none is provided, while issuing a warning in Orthanc Explorer
author | Sebastien Jodogne <s.jodogne@gmail.com> |
---|---|
date | Fri, 04 Oct 2019 17:41:43 +0200 |
parents | f07352e0375c |
children | cac8ffcb9cef |
line wrap: on
line diff
--- a/OrthancServer/main.cpp Thu Oct 03 13:44:08 2019 +0200 +++ b/OrthancServer/main.cpp Fri Oct 04 17:41:43 2019 +0200 @@ -832,8 +832,8 @@ if (httpServer.IsRemoteAccessAllowed() && !authenticationEnabled) { - LOG(WARNING) << "Remote access is enabled while user authentication is disabled, " - << "make sure this does not affect the security of your setup"; + LOG(WARNING) << "====> Remote access is enabled while user authentication is explicitly disabled, " + << "make sure this does not affect the security of your setup <===="; } } else if (httpServer.IsRemoteAccessAllowed()) @@ -857,8 +857,35 @@ if (httpServer.IsAuthenticationEnabled() && !hasUsers) { - LOG(WARNING) << "HTTP authentication is enabled, but no user is declared, " - << "check the value of configuration option \"RegisteredUsers\""; + if (httpServer.IsRemoteAccessAllowed()) + { + /** + * Starting with Orthanc 1.5.8, if no user is explicitly + * defined while remote access is allowed, we create a + * default user, and Orthanc Explorer shows a warning + * message about an "Insecure setup". This convention is + * used in Docker images "jodogne/orthanc", + * "jodogne/orthanc-plugins" and "osimis/orthanc". + **/ + LOG(ERROR) << "====> HTTP authentication is enabled, but no user is declared. " + << "Creating a default user: Review your configuration option \"RegisteredUsers\". " + << "Your setup is INSECURE <===="; + + context.SetDefaultUser(true); + + // This is the username/password of the default user in Orthanc. + httpServer.RegisterUser("orthanc", "orthanc"); + } + else + { + LOG(WARNING) << "HTTP authentication is enabled, but no user is declared, " + << "check the value of configuration option \"RegisteredUsers\""; + } + } + else + { + // This setup is secure + context.SetDefaultUser(false); } if (lock.GetConfiguration().GetBooleanParameter("SslEnabled", false))