Skip to main content

Application Authentication

You can choose whether to enable permission verification before registering an application. Once enabled, only authorized users(owners) can modify the system configuration of the registered application.

To enable application verification, the following parameters need to be added to the startup parameters of the arex-api, arex-storage, and arex-schedule service before registering the application:

-Darex.app.auth.switch=true // The default value is false, which means that the application permission verification feature is not enabled by default.

As shown below:

  arex-api-service:
...
environment:
- TZ=Asia/Shanghai
- JAVA_OPTS=-Darex.mongo.uri=$AREX_MONGO_URI
-Darex.redis.uri=$AREX_REDIS_URI
-Darex.storage.service.url=http://arex-storage-service:8080
-Dspring.config.additional-location=/usr/local/tomcat/additional-config/
-Dspring.config.name=application,oauth
-Darex.app.auth.switch=true
...
arex-storage-service:
...
environment:
- TZ=Asia/Shanghai
- JAVA_OPTS=-Darex.mongo.uri=$AREX_MONGO_URI
-Darex.redis.uri=$AREX_REDIS_URI
-Darex.api.service.api=http://arex-api-service:8080
-Darex.app.auth.switch=true
...
arex-schedule-service:
...
environment:
- TZ=Asia/Shanghai
- JAVA_OPTS=-Darex.mongo.uri=$AREX_MONGO_URI
-Darex.redis.uri=$AREX_REDIS_URI
-Darex.storage.service.api=http://arex-storage-service:8080
-Darex.api.service.api=http://arex-api-service:8080
-Darex.app.auth.switch=true
...

The table below shows the impact range of operations for users without permissions after enabling the verification feature. The functionality for users with permissions remains the same as before.

User ActionUsers with privileges (Owners)Users without privileges
Modify Configuration×
Start Replay
View Replay Report
Delete Application×
View Recording Details×

When verification is disabled, unauthorized users can perform all operations. However, after enabling verification, unauthorized users will be unable to perform certain operations such as modifying configurations, deleting applications, and viewing recording details. On the other hand, authorized users will not be affected and can continue to perform all operations.