Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support for authentication using external proxy #33

Merged
merged 3 commits into from
Nov 3, 2023
Merged

Support for authentication using external proxy #33

merged 3 commits into from
Nov 3, 2023

Conversation

jakubman1
Copy link
Contributor

Simplified version of #32 that uses external proxy instead of implementing authentication directly in ExaFS.

Makes use of proxy such as Apache that handles the authentication and fills the specified HTTP header.

Example of Apache configuration for database authentication:

# mod_dbd configuration
DBDriver pgsql
DBDParams "dbname=exafs_users host=localhost user=exafs password=verysecurepassword"

DBDMin  4
DBDKeep 8
DBDMax  20
DBDExptime 300

# ExaFS authentication
<VirtualHost *:80>
    ServerName example.com
    DocumentRoot /var/www/html

    <Location />
    AuthType Basic
    AuthName "Database Authentication"
    AuthBasicProvider dbd
    AuthDBDUserPWQuery "SELECT pass_hash AS password FROM \"users\" WHERE email = %s"
    Require valid-user
    RequestHeader set X-Authenticated-User expr=%{REMOTE_USER}
    ProxyPass http://127.0.0.1:8080/
    </Location>
</VirtualHost>

@jakubman1
support external authentication
b94c3e3 
Expects authentication to be done using an external tool (such as
Apache), that fills the users UUID to a HTTP header and acts as a
proxy.
@jirivrany
Copy link
Collaborator

Good work, thank you.

@jirivrany jirivrany merged commit 6913689 into CESNET:develop Nov 3, 2023
1 check passed
jirivrany added a commit that referenced this pull request Nov 3, 2023
@jirivrany @jakubman1
Version 0.7.3. (#34)
432110d 
* Support for authentication using external proxy (#33)

* add options for HTTP header authentication to config

* add template for handling error 401: Unauthorized

* support external authentication

Expects authentication to be done using an external tool (such as
Apache), that fills the users UUID to a HTTP header and acts as a
proxy.

* version 0.7.3, simple auth mode available, docs for auth created

* version 0.7.3, simple auth mode available, docs for auth created

* typo in link

---------

Co-authored-by: Jakub Man <jakub.man@pm.me>
jirivrany added a commit that referenced this pull request Jan 25, 2024
@jirivrany @jakubman1
Develop (#37)
673ae7a 
* Support for authentication using external proxy (#33)

* add options for HTTP header authentication to config

* add template for handling error 401: Unauthorized

* support external authentication

Expects authentication to be done using an external tool (such as
Apache), that fills the users UUID to a HTTP header and acts as a
proxy.

* version 0.7.3, simple auth mode available, docs for auth created

* version 0.7.3, simple auth mode available, docs for auth created

* typo in link

* Bugfix/autoescape (#35)

* rename all j2 files back to html

* add Markup to dashboard to render tables from macros

* bugfix - V4 table cols, DOCS update

---------

Co-authored-by: Jakub Man <jakub.man@pm.me>
jirivrany added a commit that referenced this pull request Mar 8, 2024
@jirivrany @jakubman1
Closes #38 (#39)
dd2f592 
* Support for authentication using external proxy (#33)

* add options for HTTP header authentication to config

* add template for handling error 401: Unauthorized

* support external authentication

Expects authentication to be done using an external tool (such as
Apache), that fills the users UUID to a HTTP header and acts as a
proxy.

* version 0.7.3, simple auth mode available, docs for auth created

* version 0.7.3, simple auth mode available, docs for auth created

* typo in link

* Bugfix/autoescape (#35)

* rename all j2 files back to html

* add Markup to dashboard to render tables from macros

* bugfix - V4 table cols, DOCS update

* bugfix, closes #38

---------

Co-authored-by: Jakub Man <jakub.man@pm.me>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@jakubman1 @jirivrany