eKuper API security is not enabled when EdgeX is running in secure mode #4538

bnevis-i · 2023-04-27T21:17:55Z

🐞 Bug Report

Affected Services [REQUIRED]

eKuiper rules-engine

Is this a regression?

No

Description and Minimal Reproduction [REQUIRED]

As per the EdgeX Microservice Authentication UCR, eKuiper should also be launched in JWT secure mode when EdgeX is also running in secure mode.

Currently, eKuiper API requires no authentication, regardless of how EdgeX is launched.

🌍 Your Environment

Deployment Environment:
EdgeX Version [REQUIRED]:
Anything else relevant?

cloudxxx8 · 2024-07-13T00:35:41Z

eKuiper contains the mechanism now, and we provide it the permission to access the secret store token
#4823

bnevis-i added bug Something isn't working security_audit Track issues that are related to CVE/CVSS/CWE auditing etc labels Apr 27, 2023

bnevis-i mentioned this issue Apr 27, 2023

Got error "Unable to parse JWT for call ..." on core-command when get command by kuiper rule with security enabled #4508

Closed

bnevis-i added this to New Issues in Security WG via automation Apr 27, 2023

bnevis-i moved this from New Issues to Icebox in Security WG Apr 27, 2023

cloudxxx8 closed this as completed Jul 13, 2024

Security WG automation moved this from Icebox to Done Jul 13, 2024

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

eKuper API security is not enabled when EdgeX is running in secure mode #4538

eKuper API security is not enabled when EdgeX is running in secure mode #4538

bnevis-i commented Apr 27, 2023

cloudxxx8 commented Jul 13, 2024

eKuper API security is not enabled when EdgeX is running in secure mode #4538

eKuper API security is not enabled when EdgeX is running in secure mode #4538

Comments

bnevis-i commented Apr 27, 2023

🐞 Bug Report

Affected Services [REQUIRED]

Is this a regression?

Description and Minimal Reproduction [REQUIRED]

🌍 Your Environment

cloudxxx8 commented Jul 13, 2024