Make it possible to add password protection to expose-metrics-as-json #20

dtanzer · 2013-09-26T08:42:42Z

The documentation for the ring extras says "WARNING: this URL will not be protected by a username or password in any way (yet), so if you have sensitive metrics you might want to think twice about using it (or protect it yourself)."

IMHO, the easiest way for adding password protection myself would be to add a route to composure that reads like

(GET "/metrics" [] (with-admin-privileges metrics-json))

instead of expose-metrics-as-json (where with-admin-privileges would ensure protection). But for this, "metrics-json" from the ring extras would have to be public. Can you make this method public so I can define the routes myself? Or did I misunderstand / miss something here?

The text was updated successfully, but these errors were encountered:

michaelklishin · 2014-06-14T20:53:01Z

This has gotten easier in 2.1.0: metrics.ring.expose/serve-metrics can be wrapped and used as a route function easily now. I'll leave this issue open because we may end up adding built-in support
for basic HTTP authentication. If not, this stuff needs to be documented.

michaelklishin added the request label Jun 6, 2014

michaelklishin added this to the 2.2.0 milestone Jun 14, 2014

michaelklishin self-assigned this Jun 14, 2014

michaelklishin added the documentation label Jun 14, 2014

michaelklishin removed this from the 2.2.0 milestone Sep 13, 2014

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Make it possible to add password protection to expose-metrics-as-json #20

Make it possible to add password protection to expose-metrics-as-json #20

dtanzer commented Sep 26, 2013

michaelklishin commented Jun 14, 2014

Make it possible to add password protection to expose-metrics-as-json #20

Make it possible to add password protection to expose-metrics-as-json #20

Comments

dtanzer commented Sep 26, 2013

michaelklishin commented Jun 14, 2014