Configured RADIUS login for enterprise users. Works okay but we notices AWX is constantly trying to auth the admin user against the radius server?
This is unexpected since admin is a ‘normal user’ and shouldn’t be authorising against the Radius server, especially when i’m not even attempting to login as admin user. :S
Thanks for reading!
Here’s the relevant log from the awx_web container, still happens every minute with version 17.0.1:
ERROR:root:RADIUS timeout occurred contacting 172.17.0.1:1812
This seems like a security bug, since it’s constantly throwing the admin password of the AWX system to whatever Radius is authorizing against. :S
Actually the password of admin user is hashed so it’s not too bad.
The solution i used in the end was i configured the Oauth script the Radius server calls so it drops requests for ‘admin’ user.