You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
35 lines
1.2 KiB
35 lines
1.2 KiB
# Authentication
|
|
|
|
Webfuse supports two authentications mechanisms:
|
|
|
|
- token-based authentication using HTTP headers
|
|
- in-protocol authentication
|
|
|
|
To activate authentication, two command line option can be specified:
|
|
|
|
- `--wf-authenticator PATH`
|
|
allows to specify an executable used for authentication
|
|
- `--wf-auth-header HEADER` _(optional)_
|
|
allows to specify the HTTP header used for authentication
|
|
|
|
When `--wf-auth-header` is not specifiend or the header is not contained
|
|
in the HTTP request, the in-protocol solutions is used: Before any other
|
|
operation, the credentials are queried via `getcreds`request.
|
|
|
|
## Authenticator
|
|
|
|
An authenticator is an executable or script used for token-based
|
|
authentication. Credentials are passed to the authenticator via `stdin`.
|
|
|
|
## Header restrictions
|
|
|
|
Note that not any HTTP header can be specified using `--wf-auth-header`
|
|
option. The following headers are supported:
|
|
|
|
- `X-Auth-Token`
|
|
- `Authorization`
|
|
|
|
In addition to that, any non-standard header can be specified.
|
|
|
|
Due to implementation limitation, most standard headers can not be used by now. Please let us know, when you intend to use a header that is not supported yet. Please create an issue in that case.
|