Skip to content

HTTP Signature Authentication Handler implementation for Apache Sling

License

Unlicense, Unlicense licenses found

Licenses found

Unlicense
LICENSE
Unlicense
UNLICENSE
Notifications You must be signed in to change notification settings

adamcin/net.adamcin.sling.auth.httpsig

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

43 Commits
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

net.adamcin.sling.auth.httpsig

HTTP Signature Authentication Handler implementation for Apache Sling using SSH authorized_keys.

How It Works

  1. Install the following bundles:
  1. Deploy an authorized_keys file containing the SSH public keys of clients who are authorized to login as admin, such as that of a Jenkins server, to either of the two locations on the server filesystem:
  • ${sling.home}/../.ssh/authorized_keys: Deploy to this location to only grant HTTP admin permission to client public keys. Notice that the .ssh directory in the path is a sibling of ${sling.home}, which allows for re-installation and backup/restore of the Sling instance without disturbing the authorized_keys file. This file takes precedence over the standard user home location.
  • ${user.home}/.ssh/authorized_keys: Deploy to this location only in order to grant ssh/scp access to clients with these public keys, in addition to granting them HTTP admin authentication.
  1. Use a Signature-enabled HTTP client to interact with the Sling instance, with a keyId format following the Joyent convention of "/$username/keys/$fingerprint". You can find Java-based helpers in httpsig-java for Apache Commons HttpClient 3.x, Apache Http Components 4.x, and Ning AsyncHttpClient.

Analytics

About

HTTP Signature Authentication Handler implementation for Apache Sling

Resources

License

Unlicense, Unlicense licenses found

Licenses found

Unlicense
LICENSE
Unlicense
UNLICENSE

Stars

Watchers

Forks

Packages

No packages published

Languages