Auth section in web UI.

This commit is contained in:
Ludovic Fernandez 2018-07-17 12:02:03 +02:00 committed by Traefiker Bot
parent 9ce444b91a
commit a953d3ad89
3 changed files with 97 additions and 24 deletions

View file

@ -137,7 +137,7 @@ func (rr *retryResponseWriterWithoutCloseNotify) WriteHeader(code int) {
if rr.ShouldRetry() && code == http.StatusServiceUnavailable { if rr.ShouldRetry() && code == http.StatusServiceUnavailable {
// We get a 503 HTTP Status Code when there is no backend server in the pool // We get a 503 HTTP Status Code when there is no backend server in the pool
// to which the request could be sent. Also, note that rr.ShouldRetry() // to which the request could be sent. Also, note that rr.ShouldRetry()
// will never return true in case there was a connetion established to // will never return true in case there was a connection established to
// the backend server and so we can be sure that the 503 was produced // the backend server and so we can be sure that the 503 was produced
// inside Traefik already and we don't have to retry in this cases. // inside Traefik already and we don't have to retry in this cases.
rr.DisableRetries() rr.DisableRetries()

View file

@ -390,10 +390,10 @@ type Cluster struct {
// Auth holds authentication configuration (BASIC, DIGEST, users) // Auth holds authentication configuration (BASIC, DIGEST, users)
type Auth struct { type Auth struct {
Basic *Basic `export:"true"` Basic *Basic `json:"basic,omitempty" export:"true"`
Digest *Digest `export:"true"` Digest *Digest `json:"digest,omitempty" export:"true"`
Forward *Forward `export:"true"` Forward *Forward `json:"forward,omitempty" export:"true"`
HeaderField string `export:"true"` HeaderField string `json:"headerField,omitempty" export:"true"`
} }
// Users authentication users // Users authentication users
@ -401,24 +401,24 @@ type Users []string
// Basic HTTP basic authentication // Basic HTTP basic authentication
type Basic struct { type Basic struct {
Users `mapstructure:","` Users `json:"users,omitempty" mapstructure:","`
UsersFile string UsersFile string `json:"usersFile,omitempty"`
RemoveHeader bool RemoveHeader bool `json:"removeHeader,omitempty"`
} }
// Digest HTTP authentication // Digest HTTP authentication
type Digest struct { type Digest struct {
Users `mapstructure:","` Users `json:"users,omitempty" mapstructure:","`
UsersFile string UsersFile string `json:"usersFile,omitempty"`
RemoveHeader bool RemoveHeader bool `json:"removeHeader,omitempty"`
} }
// Forward authentication // Forward authentication
type Forward struct { type Forward struct {
Address string `description:"Authentication server address"` Address string `description:"Authentication server address" json:"address,omitempty"`
TLS *ClientTLS `description:"Enable TLS support" export:"true"` TLS *ClientTLS `description:"Enable TLS support" json:"tls,omitempty" export:"true"`
TrustForwardHeader bool `description:"Trust X-Forwarded-* headers" export:"true"` TrustForwardHeader bool `description:"Trust X-Forwarded-* headers" json:"trustForwardHeader,omitempty" export:"true"`
AuthResponseHeaders []string `description:"Headers to be forwarded from auth response"` AuthResponseHeaders []string `description:"Headers to be forwarded from auth response" json:"authResponseHeaders,omitempty"`
} }
// CanonicalDomain returns a lower case domain with trim space // CanonicalDomain returns a lower case domain with trim space
@ -501,11 +501,11 @@ func (b *Buckets) SetValue(val interface{}) {
// ClientTLS holds TLS specific configurations as client // ClientTLS holds TLS specific configurations as client
// CA, Cert and Key can be either path or file contents // CA, Cert and Key can be either path or file contents
type ClientTLS struct { type ClientTLS struct {
CA string `description:"TLS CA"` CA string `description:"TLS CA" json:"ca,omitempty"`
CAOptional bool `description:"TLS CA.Optional"` CAOptional bool `description:"TLS CA.Optional" json:"caOptional,omitempty"`
Cert string `description:"TLS cert"` Cert string `description:"TLS cert" json:"cert,omitempty"`
Key string `description:"TLS key"` Key string `description:"TLS key" json:"key,omitempty"`
InsecureSkipVerify bool `description:"TLS insecure skip verify"` InsecureSkipVerify bool `description:"TLS insecure skip verify" json:"insecureSkipVerify,omitempty"`
} }
// CreateTLSConfig creates a TLS config from ClientTLS structures // CreateTLSConfig creates a TLS config from ClientTLS structures

View file

@ -161,12 +161,85 @@
</div> </div>
</div> </div>
<div *ngIf="p.basicAuth && p.basicAuth.length"> <div *ngIf="p.auth">
<hr/> <hr/>
<div class="section-line"> <div class="section-line">
<h2 class="section-line-header">Basic Authentication</h2> <div *ngIf="p.auth.basic && (p.auth.basic.users || p.auth.basic.usersFile )">
<div class="tags padding-5-10"> <h2 class="section-line-header">Basic Authentication</h2>
<span class="tag is-info" *ngFor="let auth of p.basicAuth">{{ auth }}</span> <table class="table is-fullwidth is-hoverable">
<tbody>
<tr *ngIf="p.auth.basic.usersFile">
<td><span class="has-text-grey-light">Users File</span></td>
<td><span class="has-text-grey">{{ p.auth.basic.usersFile }}</span></td>
</tr>
<tr *ngIf="p.auth.headerField">
<td><span class="has-text-grey-light">Header Field</span></td>
<td><span class="has-text-grey">{{ p.auth.headerField }}</span></td>
</tr>
<tr>
<td><span class="has-text-grey-light">Remove Auth Header</span></td>
<td><span class="has-text-grey">{{ !!p.auth.basic.removeHeader }}</span></td>
</tr>
<tr *ngIf="p.auth.basic.users?.length">
<td><span class="has-text-grey-light">Users</span></td>
<td>
<div *ngFor="let user of p.auth.basic.users" class="padding-5-10">
<code class="has-text-grey">{{ user }}</code>
</div>
</td>
</tr>
</tbody>
</table>
</div>
<div *ngIf="p.auth.digest && (p.auth.digest.users || p.auth.digest.usersFile )">
<h2 class="section-line-header">Digest Authentication</h2>
<table class="table is-fullwidth is-hoverable">
<tbody>
<tr *ngIf="p.auth.digest.usersFile">
<td><span class="has-text-grey-light">Users File</span></td>
<td><span class="has-text-grey">{{ p.auth.digest.usersFile }}</span></td>
</tr>
<tr *ngIf="p.auth.headerField">
<td><span class="has-text-grey-light">Header Field</span></td>
<td><span class="has-text-grey">{{ p.auth.headerField }}</span></td>
</tr>
<tr>
<td><span class="has-text-grey-light">Remove Auth Header</span></td>
<td><span class="has-text-grey">{{ !!p.auth.digest.removeHeader }}</span></td>
</tr>
<tr *ngIf="p.auth.digest.users?.length">
<td><span class="has-text-grey-light">Users</span></td>
<td>
<div *ngFor="let user of p.auth.digest.users" class="padding-5-10">
<code class="has-text-grey">{{ user }}</code>
</div>
</td>
</tr>
</tbody>
</table>
</div>
<div *ngIf="p.auth.forward && p.auth.forward.address">
<h2 class="section-line-header">Forward Authentication</h2>
<table class="table is-fullwidth is-hoverable">
<tbody>
<tr>
<td><span class="has-text-grey-light">Address</span></td>
<td><span class="has-text-grey">{{ p.auth.forward.address }}</span></td>
</tr>
<tr>
<td><span class="has-text-grey-light">Trust Forward Header</span></td>
<td><span class="has-text-grey">{{ p.auth.forward.trustForwardHeader }}</span></td>
</tr>
<tr *ngIf="p.auth.forward.authResponseHeaders?.length">
<td><span class="has-text-grey-light">Response Headers</span></td>
<td>
<div *ngFor="let respHeader of p.auth.forward.authResponseHeaders">
<span class="has-text-grey">{{ respHeader }}</span>
</div>
</td>
</tr>
</tbody>
</table>
</div> </div>
</div> </div>
</div> </div>