You are viewing a plain text version of this content. The canonical link for it is here.

Posted to notifications@apisix.apache.org by "An-DJ (via GitHub)" <gi...@apache.org> on 2023/03/23 02:34:06 UTC

[GitHub] [apisix] An-DJ commented on a diff in pull request #9147: feat(cli): support APISIX_ALLOW_NONE_AUTHENTICATION

An-DJ commented on code in PR #9147:
URL: https://github.com/apache/apisix/pull/9147#discussion_r1145603321


##########
apisix/cli/ngx_tpl.lua:
##########
@@ -51,6 +51,8 @@ worker_shutdown_timeout {* worker_shutdown_timeout *};
 env APISIX_PROFILE;
 env PATH; # for searching external plugin runner's binary
 
+env APISIX_ALLOW_NONE_AUTHENTICATION; # allow any IP with empty admin_key

Review Comment:
   IMO we just bypass the configuration check here.
   
   That is, if the user set `APISIX_ALLOW_NONE_AUTHENTICATION=true` but still configure the adminKey, the key also works.
   
   So this env var just `allow` none auth, not `bypass`.



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: notifications-unsubscribe@apisix.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org