/wsrpc should use the client cert username as the session username

Question

/wsrpc should use the client cert username as the session username

Closed this issue 8 years ago · 1 comments

/wsrpc is assumed to be client-cert protected. Currently the "username" we log for those requests is "rpc", but it would be nice to use this as the default, but if a client cert exists with a non-empty CN then we'd use that as the username.

This currently only matters for logging, but this will be relevant when we expose different authentication and possibly restriction methods.

Answer 1 · 2016-09-14T19:18:22.000Z

Moved to magfest/sideboard#34