User story #7767
closed
Handle remote header / environment variable based authentification
Description
The title says it all :)
Typically, in a SSO-enabled environment, one scenario is delegating the Authentication part to either the servlet container, application server or web server, using HTTP headers or an environment variable (REMOTE_USER).
It would be a good idea to have this in Rudder !
Updated by Jonathan CLARKE almost 9 years ago
I think this is an excellent idea. It could be very useful.
It would make sense to have the header name configurable. The header should just contain the username, which of course should be checked to actually exist, just like we do with a username from LDAP.
Updated by Matthieu CERDA almost 9 years ago
- enable "external.authentication" property (name is up to the implementor :D)
- choose "external.authentication.header" (something like "Auth-User")
And if this feature is enabled, do just like if we got a successful bind fron LDAP if a user is detected and give it the privileges defined in rudder-users.xml, and fallback to an "anonymous" unprivileged user if no header is found / it is empty / has no privileges.
Updated by Benoît PECCATTE almost 9 years ago
A default name of "REMOTE_USER" since it's what is generally user in other applications.
Updated by François ARMAND almost 7 years ago
- Assignee deleted (
François ARMAND)
Updated by François ARMAND 10 months ago
- Status changed from New to Resolved
- Regression set to No
We have a plugin for that kind of things, including OAuth2 for ex.