I think the solution is feasible and can greatly improve the security of APISIX.
Baoyuan <baoyuan....@gmail.com> 于2022年1月25日周二 21:25写道: > Strongly agree that this can greatly reduce the security risk of APISIX. > > > please use a custom token in the generation environment and > write into the configuration file. > > Do we need to provide this function to help users do it? > > Ming Wen <wenm...@apache.org> 于2022年1月25日周二 16:28写道: > > > hello, > > Apache APISIX has the fixed token of admin API in the configuration > > file[1]. > > While we strongly recommend that users change this token, this is a > > security risk anyway. We should use a more elegant solution to actively > > solve this problem. > > > > My solution is: > > 1. Remove these fixed tokens and change the default value to empty > > 2. When Apache APISIX starts, if the token is found to be empty, it > > will automatically generate a random token, and print the hint > information > > on the screen and in the log: random token is only applicable to the test > > environment, please use a custom token in the generation environment and > > write into the configuration file. > > 3. The admin API does not accept the empty token. > > > > In this way, it will not affect the previous version, nor will it > > affect the developer's experience of Apache APISIX, and enhance the > > security. > > > > What do you think? > > > > > > [1] > > > > > https://github.com/apache/apisix/blob/master/conf/config-default.yaml#L87-L100 > > > > Thanks, > > Ming Wen, Apache APISIX PMC Chair > > Twitter: _WenMing > > > -- Thanks, Janko
