Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
718
Views
0
Helpful
2
Replies

Do we have option to disable authentication for jsonRPC only

Go to solution
pradc
Cisco Employee
Cisco Employee

‎02-04-2020 10:21 AM - edited ‎02-04-2020 10:22 AM

Hi Experts,

 

We are planning to use NGINX and our own user management service but we want to use jsonRPC as an internal service.

Do we have any option to disable authentication for jsonRPC only?

Can we use /ncs-config/aaa/external-validation for jsonRPC?

 

Thanks,

Pradeep

 

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
perander
Cisco Employee
Cisco Employee

‎03-03-2020 04:57 AM

The closest disabling of authentication for JSON-RPC is to enable

/ncs-config/aaa/external-authentication and make it authenticate every request.

This doesn't fully disable JSON-RPC authentication though, because the

session cookie is still needed for all methods; i.e. in order to do anything a

a login is necessary. This login could have bogus input though, since the external

auth program would allow every request.

 

The external token authentication, i.e. /ncs-config/aaa/external-validation and the

X-Auth-Token header, doesn't work with JSON-RPC at all.

View solution in original post

0 Helpful
2 Replies 2

Go to solution
perander
Cisco Employee
Cisco Employee

‎03-03-2020 04:57 AM

The closest disabling of authentication for JSON-RPC is to enable

/ncs-config/aaa/external-authentication and make it authenticate every request.

This doesn't fully disable JSON-RPC authentication though, because the

session cookie is still needed for all methods; i.e. in order to do anything a

a login is necessary. This login could have bogus input though, since the external

auth program would allow every request.

 

The external token authentication, i.e. /ncs-config/aaa/external-validation and the

X-Auth-Token header, doesn't work with JSON-RPC at all.

0 Helpful

Go to solution
perander
Cisco Employee
Cisco Employee
In response to perander

‎03-03-2020 05:08 AM

To clarify, this is how external authentication works. It is called when the json-rpc login method is invoked.
0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the NSO Developer community:

Customers Also Viewed These Support Documents