blob: aa3610e4fde8fca96203d4b36fe050fbb70069dc (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
|
## ldap_forwardauth
LDAP Forward Auth is a forward auth service (shocking) that i made to use with the caddy reverse proxy.
It allows a proxied login page to appear if a user tries to access restricted content while not logged in.
It uses LDAP for authentication, which can be configured in the conf/ldap/ldap.env file.
```
# the following is all the ldap credentials for a ldap bind dn auth setup
# this does not support ldap simple auth
LDAP_URL=
LDAP_BIND_DN=
LDAP_BIND_PASSWORD=
LDAP_BASE_DN=
LDAP_FILTER="(&)"
LDAP_UID="cn"
# the host that the forward auth is hosted at
# if the user is not logged in they will be redirected here
HTTP_HOST=auth.example.com
# the base domain for all websites that are being authed checked including the forward auth itself.
# they all need to have a common root domain otherwise the X-LDAP-Auth-Key cookie cannot be set.
COOKIE_DOMAIN=example.com
```
Once authenticated, sets the X-Webauth-User header, which can be used by applications to see who is logged in.
### how to run
'''
docker compose up -d
'''
|
