View Issue Details

IDProjectCategoryView StatusLast Update
0006846Talerdeployment and operationspublic2021-05-13 09:01
ReporterFlorian Dold Assigned ToMS  
PriorityhighSeverityminorReproducibilityhave not tried
Status assignedResolutionopen 
Summary0006846: use token auth with actual secret token for test/demo merchant instances, provide sandbox instance
DescriptionCurrently the merchant backend is not secured. That was initially intentional, but might cause trouble if somebody decides to mess with instances during a demo.

We should:
1. Generate a random token when bootstraping the environment. Store this token in a plain-text file and read it into an environment variable in ~/activate.
2. The taler-deployment-config-instances script should set up token authentication with this secret token
3. The merchant frontend demos should use this token
4. We should create one special instance named "sandbox" that we create without token auth, but where we forbid administrative endpoints via an nginx whitelist.
TagsNo tags attached.



2021-05-13 09:00

manager   ~0017846

- Sync was recently fixed in this regard, but waits to be tested.

- As for the 4. point: 'sandbox' instance got actually named "Tutorial", and instead of no token got one well-known, which is "sandbox". Those decisions happened after a private discussion.


2021-05-13 09:01

manager   ~0017847

Setting as 'high' as it's close to resolution.

Issue History

Date Modified Username Field Change
2021-04-14 14:07 Florian Dold New Issue
2021-04-14 14:07 Florian Dold Status new => assigned
2021-04-14 14:07 Florian Dold Assigned To => MS
2021-05-13 09:00 MS Note Added: 0017846
2021-05-13 09:01 MS Priority normal => high
2021-05-13 09:01 MS Note Added: 0017847