No authentication is possible so not possible to deploy on internet
Closed this issue · 7 comments
Hello
I am trying to setup this tool for our company (thanks for the work on this product !), and my first prerequisite it to deliver the tool on a internet url so it can be accessible for all employee that need to access it.
I have create a setup based on the docker work (thanks !)
But I am hitting an issue regarding privacy. If I add a simple http-auth on the backend then the frontend is not able to communicate with the backend (using this plugin for example).
How do you secure PIA backend actually ?
Can we use the backend/frontend solution from PIAlabs instead ? It seems to rely on Symfony and implement an auth system.
THANKS !
Hello
The PIAlabs solutions isn’t maintained by the CNIL and the PIA tool community.
For now the solutions is to generate a strong URL like "https://iAqoFWfh9YVpwfzZ3AfoRimiQfdQZW.smtg.tld" which is hard to find. Of course it's not the best solution.
Hello @brunto
Thanks for your feedback, but this solution will not be possible in my case.
Does the project have a roadmap with features that will be added ?
THANKS !
Hello,
There is this roadmap for PIA but it might not be totally up-to-date:
https://github.com/LINCnil/pia/projects
Hello
No news about right management ? Without it, a web version is unusable, isn't it ?
Hello @Cyrille37
We are currently working on it. It'll be released in the next few months.
The LDAP integration will also be released soon.
Hello,
The next version (3.1) will have an authentication module with users, roles, profiles and rights management.
This new version should come this autumn 2021.
Thank you,
Bonjour,
Pour information, la prochaine version (3.1) contiendra un module de gestion des utilisateurs et de rôles/profils/droits.
Elle devrait arriver pendant l'automne.
Cordialement,