Page 1 of 1
Authentication
Posted: 27 Feb 2013 10:53
by p_mihai_ro
Will authentication be available anytime soon? Currently, the razberry API allows public access to anyone that knows the IP address and the port.
Thanks,
Yes, it will. We will use
Posted: 27 Feb 2013 10:53
by PoltoS
Yes, it will. We will use Basic Authentication with HTTPS (SSL). In a few weeks it will become available.
Thanks.
Posted: 27 Feb 2013 10:53
by p_mihai_ro
Thanks.
Will it?
Posted: 27 Feb 2013 10:53
by carlosbaraza
Hope it will and if you have stop the project I would like to request you to release it as open source so the community could continue it and update the software.
Authentication is something really important cause otherwise our Z-Wave devices are exposed to everyone who knows the IP address of the RPi.
It is not a good idea to
Posted: 27 Feb 2013 10:53
by PoltoS
It is not a good idea to expose your RPi to the word. We have reconsidered the issue with authentication and decided not to implement it directly in Z-Way package.
We now have our own remote access service with authentication. We also suggest to use ngnix or similar tools to make authentication, since different users asks for different level of authentication and access level.
binding to 127.0.0.1 only
Posted: 27 Feb 2013 10:53
by ku1111
In order to make it work with nginx as reversed proxy we need to be able to have the z-way-server listen to 127.0.0.1 only or else authentication can still be bypassed. Is there a way to limit the address(es) that the z-way-server listens to?
(I know I can setup iptable rules for this but the above method is way more elegant)
Regards
Marcel
Added to feature requests. So
Posted: 27 Feb 2013 10:53
by PoltoS
Added to feature requests. So far you can use iptables.