Copys the incoming TLS client certificate to the outgoing
request. The backend can then use this certificate for
client authentication ie. k8s client cert authentication
We previously did not copy the sticky flag if the load-balancer
method validation failed, causing enabled stickiness to be dropped in
case of a validation error (which, technically, for us is the same as a
load-balancer configuration without an explicitly set method). This
change fixes that.
A few refactorings and improvements along the way:
- Move the frontend and backend configuration steps into separate
methods/functions for better testability.
- Include the invalid method name in the error value and avoid log
duplication.
- Add tests for the backend configuration part.
* Add ability to set authenticated user in request header
Some web applications provide the ability to authorize users based on
the authenticated from Basic Auth. This patch provides a way to set a
key to which the authenticated user can be set in the Header.
For example, if I set `HeaderValue = "X-WebAuth-User"` and authenticate,
my application will be able to read my user name from that header and
provide me with the proper access.
This fixes#802
A new option (--web.statistics) enables the collection of some basic
information about requests and responses. This currently consists of
the most recent 10 requests that resulted in HTTP 4xx or 5xx errors.
This change adds sticky session support, by using the new
oxy/rr/StickySession feature.
To use it, set traefik.backend.sticky to true.
This is currently only implemented in the wrr load balancer, and against
the Marathon backend, but lifting it should be very doable.
In the wrr load balancer, a cookie called _TRAEFIK_SERVERNAME will be
set with the backend to use. If the cookie is altered to an invalid
backend server, or the server is removed from the load balancer, the
next server will be used instead.
Otherwise, the cookie will be checked in Oxy's rr on access and if valid
the connection will be wired through to it.
Split a bit traefik into package. The idea behind this refactor is to
start move inter-dependencies away and do some DRY or SRP.
- Adds a `provider` package, with providers except `web.go`
- Adds a `types` package with common struct.
- Move `gen.go` to an `autogen` package
Signed-off-by: Vincent Demeester <vincent@sbr.pm>
