Tranquil IT Forum

Hello,

I haven't been able to find the information in the documentation on how to access an external repository behind a proxy with authentication.
There is a proxy field in the repository definition, but it doesn't seem to work. It doesn't ask me for my authentication information.

Thank you in advance.

https://www.wapt.fr/fr/doc/Installation ... tres-proxy



You can enter your username and password in this format:

http_proxy=http://user:pwd@host_fqdn:port

And put my password in plain text in a file and on the network?

hasop wrote: ↑Jan 19, 2018 - 12:38 and put my password in plain text in a file and on the network?

You have the option:
* to configure an exception rule on your proxy
* to download the package in question through your browser with the authentication of your choice and import the package as a file
* to put identifiers in a local file (who even mentioned putting them on the network???) which you can delete right after
* to propose a patch
* to offer to fund a patch

Nowhere in this list do I see the option "awkwardly complain on the forum"... Sorry.

Denis

Denis, Denis, moderation.

Denis, it's true that your contact didn't properly identify themselves; since then, I've learned that they're a major player in the French healthcare sector and are interested in WAPT Enterprise, so that's great news for WAPT.

Denis, the solutions you're proposing are spot on, and technically you're 100% correct.

Among the added security features, we'll definitely need to implement an authenticated mode for external repositories, even though Tranquil IT's message is to only trust external repositories based on their perceived reliability.

We'd even say that the most security-conscious businesses will have set up a VLAN to analyze external packets on a small sample of machines before repackaging the downloaded packet for deployment on their own internal test samples.

For better service, forum participants, please identify yourselves more precisely. Don't hide behind a generic username. Alternatively, describe your needs more clearly, express your constraints, and if they fall under your best practices, then we are interested in those practices if securing a network justifies them.

It would be foolish for WAPT to be dropped by a major healthcare organization in France simply because we gave a clumsy answer on our own forum.

So, please, if you wish to remain anonymous, be extremely specific about your needs. And if you choose not to hide behind a username, then we will answer your questions with a general understanding of your constraints.

Happy New Year, Vincent

Hello,
From a technical standpoint, I prefer solution 2 (using a browser that handles proxy authentication).

Ideally (for ease of use), this would be transparent authentication, similar to what's found in browsers that rely on the system's proxy configuration. Failing that, requiring authentication upon access could be a good compromise.