Uploaded image for project: 'Couchbase Mobile'
  1. Couchbase Mobile
  2. CM-84

Authentication and Authorization for Sync Gateway Admin API




      PRD: https://docs.google.com/document/d/1c_WSQwgsf9Dr3ut3tjnCR4q7Cdc7xY0eUF1EaBNfCRM/edit#heading=h.lc76bc1zsnxu

      Roles PRD: https://docs.google.com/document/d/1_xUt5MzvlQH4du5ksK_dqfes6zcHpQDqGDYgQGYjiX4/edit?usp=sharing



      The admin REST endpoint is unauthenticated . The documentation encourages the use of localhost to enforce only local access to the machine . The only way to allow external access is doing something clunky like SSH tunneling or establishing firewall rules to allow restricted access to the machine
      This has several limitations
      1) Users are developing own backend "admin UI applications", external monitoring apps, authentication server etc that need to be able to remotely access the adminAPI Users are using mechanisms like bastion hosts and HA proxy and firewalls to restrict access...this s is not always practical.
      2) WIth distributed edge deployments, the ability to remotely connect to and administer sync gateway over public network may be more likely
      3) Anyone with access to the machine (though mechanisms indicated earlier) can administer the admin API. So while the access is restricted to a specific machine(s) - there is no user authentication to restrict user level access. Additionally, there may be scenarios where different users may be allowed different roles (read-only, read-write, monitor etc)- Customer company policies have user-level restrictions and they need a way to enforce that

      Leveraging RBAC users to enforce admin API access would be a likely candidate for implementation.


        Issue Links

          No reviews matched the request. Check your Options in the drop-down menu of this sections header.


            There are no comments yet on this issue.


              priya.rajagopal Priya Rajagopal
              priya.rajagopal Priya Rajagopal
              0 Vote for this issue
              5 Start watching this issue



                Gerrit Reviews

                  There are no open Gerrit changes