Archives
/
falk-werner_webfuse
mirror of https://github.com/falk-werner/webfuse
1
0
Fork 0
Code Issues Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '8554d74a0d'
${ noResults }
falk-werner_webfuse/doc/authentication.md

1.2 KiB
Raw Blame History

Authentication

Webfuse supports two authentications mechanisms:

  • token-based authentication using HTTP headers
  • in-protocol authentication

To activate authentication, two command line option can be specified:

  • --wf-authenticator PATH
    allows to specify an executable used for authentication
  • --wf-auth-header HEADER (optional) allows to specify the HTTP header used for authentication

When --wf-auth-header is not specifiend or the header is not contained in the HTTP request, the in-protocol solutions is used: Before any other operation, the credentials are queried via getcredsrequest.

Authenticator

An authenticator is an executable or script used for token-based authentication. Credentials are passed to the authenticator via stdin.

Header restrictions

Note that not any HTTP header can be specified using --wf-auth-header option. The following headers are supported:

  • X-Auth-Token
  • Authorization

In addition to that, any non-standard header can be specified.

Due to implementation limitation, most standard headers can not be used by now. Please let us know, when you intend to use a header that is not supported yet. Please create an issue in that case.