Archives
/
falk-werner_webfuse
mirror of https://github.com/falk-werner/webfuse
1
0
Fork 0
Code Issues Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '7a131d6024'
${ noResults }
falk-werner_webfuse/doc/authentication.md

1.3 KiB
Raw Blame History

Authentication

Webfuse supports two authentications mechanisms:

  • token-based authentication using HTTP headers
  • in-protocol authentication

To activate authentication, two command line option can be specified:

  • --wf-authenticator PATH
    allows to specify an executable used for authentication
  • --wf-auth-header HEADER (optional) allows to specify the HTTP header used for authentication

When --wf-auth-header is not specifiend or the header is not contained in the HTTP request, the in-protocol solutions is used: Before any other operation, the credentials are queried via getcredsrequest.

Authenticator

An authenticator is an executable or script used for token-based authentication. During HTTP handshake, webfuse will scan for the configured HTTP header and invoke the authenticator.

authenticator TOKEN

The provided token contains the contents of the HTTP header.

Header restrictions

Note that not any HTTP header can be specified using --wf-auth-header option. The following headers are supported:

  • X-Auth-Token
  • Authorization

In addition to that, any non-standard header can be specified.

Due to implementation limitation, most standard headers can not be used by now. Please let us know, when you intend to use a header that is not supported yet. Please create an issue in that case.