I think most people are implementing either an Apache or NGinx proxy in front of PuppetDB for this purpose.
For Apache, should be pretty easy to do with proxy based RewriteRule's in Apache, and within the same virtualhost definition you should be able to enforce authentication. For example: <VirtualHost *:80> RewriteEngine on RewriteRule /(.*) http://localhost:8080/$1 [P,L] <Location /> AuthType Basic AuthName "Restricted Files" AuthBasicProvider file AuthUserFile /etc/httpd/basic.pwd Require user ken </Location> </VirtualHost> This is at least a start anyway. More custom redirections and handling can be rolled obviously. ken. On Tue, Mar 12, 2013 at 8:50 AM, Zane Williamson <zane.william...@gmail.com> wrote: > Hi All, > > Has anyone figured out a nice way to restrict user access to puppetdb's http > web interface? Such as a .htaccess method or something similar? I would > prefer something along > those lines instead of setting up firewall rules. > > -Zane > > -- > You received this message because you are subscribed to the Google Groups > "Puppet Users" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to puppet-users+unsubscr...@googlegroups.com. > To post to this group, send email to puppet-users@googlegroups.com. > Visit this group at http://groups.google.com/group/puppet-users?hl=en. > For more options, visit https://groups.google.com/groups/opt_out. > > -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To post to this group, send email to puppet-users@googlegroups.com. Visit this group at http://groups.google.com/group/puppet-users?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
