You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@airflow.apache.org by GitBox <gi...@apache.org> on 2019/11/26 16:43:24 UTC

[GitHub] [airflow] feluelle commented on a change in pull request #6625: [AIRFLOW-6027] Disable API access by default

feluelle commented on a change in pull request #6625: [AIRFLOW-6027] Disable API access by default
URL: https://github.com/apache/airflow/pull/6625#discussion_r350857962
 
 

 ##########
 File path: docs/security.rst
 ##########
 @@ -113,27 +113,40 @@ alter the content and make it part of the ``PYTHONPATH`` and configure it as a b
 API Authentication
 ------------------
 
-Authentication for the API is handled separately to the Web Authentication. The default is to not
-require any authentication on the API i.e. wide open by default. This is not recommended if your
-Airflow webserver is publicly accessible, and you should probably use the ``deny all`` backend:
+Authentication for the API is handled separately to the Web Authentication. By default, access to it is
+blocked. because The authorization configuration is configured as follows.
 
 .. code-block:: ini
 
     [api]
     auth_backend = airflow.api.auth.backend.deny_all
 
-Two "real" methods for authentication are currently supported for the API.
+Three "real" backend for authentication are currently supported for the API.
 
-To enabled Password authentication, set the following in the configuration:
+To allow access to the API **without authentication**, set the following in the configuration:
+
+.. code-block:: ini
+
+    [api]
+    auth_backend = airflow.api.auth.backend.allow_all
+
+To enabled **password authentication**, set the following in the configuration:
+
+.. code-block:: ini
+
+    [api]
+    auth_backend = airflow.contrib.auth.backends.password_auth
 
 Review comment:
   This block is a duplicate. See below.

----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
users@infra.apache.org


With regards,
Apache Git Services