1.3 KiB
Authentication
Webfuse supports two authentications mechanisms:
- token-based authentication using HTTP headers
- in-protocol authentication
To activate authentication, two command line option needs to be given:
--wf-authenticator PATH
allows to specify an executable used for authentication--wf-auth-header HEADER
(optional) allows to specify the HTTP header used for authentication
When --wf-auth-header
is not specifiend or the header is not contained
in the HTTP request, the in-protocol solutions is used: Before any other
operation, the credentials are queried via getcreds
request.
Authenticator
An authenticator is an executable or script used for token-based authentication. During HTTP handshake, webfuse will scan for the configured HTTP header and invoke the authenticator.
authenticator TOKEN
The provided token
contains the contents of the HTTP header.
Header restrictions
Note that not any HTTP header can be specified using --wf-auth-header
option. The following headers are supported:
X-Auth-Token
Authorization
In addition to that, any non-standard header can be specified.
Due to implementation limitation, most standard headers can not be used by now. Please let us know, when you intend to use a header that is not supported yet. Please create an issue in that case.