You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@airflow.apache.org by GitBox <gi...@apache.org> on 2019/12/31 10:10:47 UTC
[GitHub] [airflow] mik-laj commented on a change in pull request #6907:
[AIRFLOW-6349] - secure api and cookie by default
mik-laj commented on a change in pull request #6907: [AIRFLOW-6349] - secure api and cookie by default
URL: https://github.com/apache/airflow/pull/6907#discussion_r362187074
##########
File path: airflow/config_templates/default_airflow.cfg
##########
@@ -240,7 +240,7 @@ fail_fast = False
[api]
# How to authenticate users of the API
-auth_backend = airflow.api.auth.backend.default
+auth_backend = airflow.api.auth.backend.deny_all
Review comment:
Can you add note in UPDATING.MD? Some may install AIRFLOW automatically and may be surprised that the default value has changed. I also think that he should change the name of package `airflow.api.auth.backend.deny_all to a different one to better describe the content.
I also noticed that another person(me) is already working on it.
https://github.com/apache/airflow/pull/6625/files
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
With regards,
Apache Git Services