New UI is installed and looks really nice and modern. I like it.
I don’t want to start a discussion about security (my installation is behind reverse proxy, secured by a SSO), but how could I achieve direct access to the UI?
My ideas would be
Remove superuser password so that the link from the SSO site (ensuring authorization and authentication) directly open the remote console without the need to enter the remote console password.
Have a direct link to the remote console, using a deep link with that password included.
Using long lived auth-token (I have not found anything for this)
would be the “easy” solution, but 2. would be preferred. This would be similar to accessing the remote console via VRM portal page (no password asked either).
I found on the login.php that the passwort sent in HTTP-Headers as _PASSWORD is being used to check access.
Hi & Happy New Year to all.
The Superuser level I think is intended for advanced operators & developers, and is essential to have.
Devices like ComAp’s generator controllers have SEVEN levels of user, each level has its own password.
I think the GX devices should have at least 4 levels, again each with their own password:-
User - can be open, no password,
Technician,
Installer,
Superuser.
The option of " a direct link to the remote console" - the console can be accessed directly through touch screen connected to the GX device, remotely over LAN (now password protected in the new UI) or very remotely via VRM - if enabled. This again is password protected, and you need installer access or higher to the site in VRM. Would you classify access over LAN as a direct link?
I thought of direct link as the http link to the remote console bypassing the password.
My venusos is locked down, a ssh tunnel is setup to my https-proxy.
The proxy has SSO (user, accesslevels + credentials), so that remote console password is not necessary.
Vrm portal is pretty cool, but I like to have my infrastructure under my own control.