Table of Contents
Access to REST API can be either using Rudder authentication, either unauthenticated, using authentication mechanisms set elsewhere, for instance at Apache level.
By default, the access to the REST API is open to users not authenticated in Rudder.
The method of authentication can be configured in
/opt/rudder/etc/rudder-web.properties
rudder.rest.allowNonAuthenticatedUser=true
By default, the REST API is exposed for localhost only, at http://localhost/rudder/api
.
Example 9. Example usage of non authenticated REST API
Unrestricted access can be granted to local scripts accessing to localhost
,
whereas remote access to the REST API will be either denied, or restricted
through authentication at apache level.
Actions done using the REST API are logged by default as run by the user
UnknownRestUser
.
To change the name of this user, add following header to the HTTP request:
X-REST-USERNAME: MyConfiguredRestUser
If the REST API is authenticated, the authenticated user name will be used in the logs.