I am trying too setup up influx persistence on Openhab2.
I have had a influxdb running on a cloud server for a long time, and I would like to use it for persistence in OpenHAB2.
It’s configured to run behind apache configured as a reverse proxy server, doing both the SSL/TLS offloading (decrypt) and authentication using basic auth.
It looks like OpenHAB’s influxdb service is trying to authenticate using query parameters as seen in the apache log here:
62.198.104.94 - - [12/Nov/2018:14:00:00 +0100] “POST /write?u=roth&p=<MyPa$$word>&db=openhab&rp=autogen&precision=n&consistency=one HTTP/1.1” 401 793 “-” “okhttp/2.4.0”
62.198.104.94 - roth [12/Nov/2018:14:00:03 +0100] "POST /write?db=roth HTTP/1.1" 204 4176 "-" "curl/7.40.0"
62.198.104.94 - fjernv [12/Nov/2018:14:00:04 +0100] "POST /write?db=roth HTTP/1.1" 204 4176 "-" "curl/7.40.0"
(First line is OpenHAB, second and third is my own script for other use).
Is there any way to make the influx persistence service use basic authentication as recommended by influx:
https://docs.influxdata.com/influxdb/v1.7/administration/authentication_and_authorization/#set-up-authentication
"Authenticate with Basic Authentication as described in RFC 2617, Section 2
This is the preferred method for providing user credentials."
Switching to basic authentication both has the benefit of making OpenHAB influx service, working with InfluxDB’s running behind authenticating reverse proxy’s and also avoid logging the password in CLEAR TEXT in the proxy logs (as seen in the log excerpt above).