Provide Secret Key auth to upstream service

[JohnOmernik]

Provide Secret Key auth to upstream service

Request Type

Feature Request

Work Environment

NA

Problem Description

Currently, the cortex doesn't require any sort of auth. It would be nice if authentication between an upstream service could be required. So that people can't just hit the cortex URL and anonymously run analyzers.

At a minimum, using a secret key in the hive config that is passed in all requests to the cortex would be a start, that would require some info on enabled https for the cortex (I was able to mimic the https setup for the hive, so that won't be an issue).

A more verbose way would be to provide the auth information from thehive, and pass it to the cortex which then accesses the elastic search backend (or other auth backend) to gather keys or other info, and record metrics etc.

[saadkadhi]

This is a feature we have identified for Cortex 2. Cortex 2 will support authentication on the Web UI but also on the API, rate-limiting (for analyzers that are based on services which use quotas such as VT), report caching etc.

[JohnOmernik]

Outstanding. I also posted some issues in cortex-analyzers. One of those being able to have user passthrough of keys, i.e. if I have 10 users, and they each have their own keys, to have cortex be able to use that key instead of a single static key.