Add forward auth documentation.
This commit is contained in:
parent
243b45881d
commit
5229b7cfba
2 changed files with 40 additions and 12 deletions
|
@ -109,23 +109,52 @@ Users can be specified directly in the toml file, or indirectly by referencing a
|
||||||
usersFile = "/path/to/.htdigest"
|
usersFile = "/path/to/.htdigest"
|
||||||
```
|
```
|
||||||
|
|
||||||
|
### Forward Authentication
|
||||||
|
|
||||||
|
This configuration will first forward the request to `http://authserver.com/auth`.
|
||||||
|
|
||||||
|
If the response code is 2XX, access is granted and the original request is performed.
|
||||||
|
Otherwise, the response from the auth server is returned.
|
||||||
|
|
||||||
|
```toml
|
||||||
|
[entryPoints]
|
||||||
|
[entryPoints.http]
|
||||||
|
# ...
|
||||||
|
# To enable forward auth on an entrypoint
|
||||||
|
[entryPoints.http.auth.forward]
|
||||||
|
address = "http://authserver.com/auth"
|
||||||
|
```
|
||||||
|
|
||||||
|
```toml
|
||||||
|
[entryPoints]
|
||||||
|
[entrypoints.http]
|
||||||
|
# ...
|
||||||
|
# To enable forward auth on an entrypoint (HTTPS)
|
||||||
|
[entrypoints.http.auth.forward]
|
||||||
|
address = "https://authserver.com/auth"
|
||||||
|
[entrypoints.http.auth.forward.tls]
|
||||||
|
cert = "authserver.crt"
|
||||||
|
key = "authserver.key"
|
||||||
|
```
|
||||||
|
|
||||||
|
|
||||||
## Specify Minimum TLS Version
|
## Specify Minimum TLS Version
|
||||||
|
|
||||||
To specify an https entrypoint with a minimum TLS version, and specifying an array of cipher suites (from crypto/tls).
|
To specify an https entry point with a minimum TLS version, and specifying an array of cipher suites (from crypto/tls).
|
||||||
|
|
||||||
```toml
|
```toml
|
||||||
[entryPoints]
|
[entryPoints]
|
||||||
[entryPoints.https]
|
[entryPoints.https]
|
||||||
address = ":443"
|
address = ":443"
|
||||||
[entryPoints.https.tls]
|
[entryPoints.https.tls]
|
||||||
MinVersion = "VersionTLS12"
|
minVersion = "VersionTLS12"
|
||||||
CipherSuites = ["TLS_RSA_WITH_AES_256_GCM_SHA384"]
|
cipherSuites = ["TLS_RSA_WITH_AES_256_GCM_SHA384"]
|
||||||
[[entryPoints.https.tls.certificates]]
|
[[entryPoints.https.tls.certificates]]
|
||||||
CertFile = "integration/fixtures/https/snitest.com.cert"
|
certFile = "integration/fixtures/https/snitest.com.cert"
|
||||||
KeyFile = "integration/fixtures/https/snitest.com.key"
|
keyFile = "integration/fixtures/https/snitest.com.key"
|
||||||
[[entryPoints.https.tls.certificates]]
|
[[entryPoints.https.tls.certificates]]
|
||||||
CertFile = "integration/fixtures/https/snitest.org.cert"
|
certFile = "integration/fixtures/https/snitest.org.cert"
|
||||||
KeyFile = "integration/fixtures/https/snitest.org.key"
|
keyFile = "integration/fixtures/https/snitest.org.key"
|
||||||
```
|
```
|
||||||
|
|
||||||
## Compression
|
## Compression
|
||||||
|
|
|
@ -1,16 +1,15 @@
|
||||||
package types
|
package types
|
||||||
|
|
||||||
import (
|
import (
|
||||||
|
"crypto/tls"
|
||||||
|
"crypto/x509"
|
||||||
"encoding"
|
"encoding"
|
||||||
"errors"
|
"errors"
|
||||||
"fmt"
|
"fmt"
|
||||||
"strconv"
|
|
||||||
"strings"
|
|
||||||
|
|
||||||
"crypto/tls"
|
|
||||||
"crypto/x509"
|
|
||||||
"io/ioutil"
|
"io/ioutil"
|
||||||
"os"
|
"os"
|
||||||
|
"strconv"
|
||||||
|
"strings"
|
||||||
|
|
||||||
"github.com/containous/traefik/log"
|
"github.com/containous/traefik/log"
|
||||||
"github.com/docker/libkv/store"
|
"github.com/docker/libkv/store"
|
||||||
|
|
Loading…
Reference in a new issue