You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Hello !
Thanks for this grate project. And I have one request for you.
I need to authenticate my users against LDAP. As wsgidav does not have this middleware, I use my nginx configuration to do it before proxying to wsgidav. In short :
user ---> nginx (with ldap authentication) ---> uwsgi running wsgidav
Nginx filters well the users, but wsgidav does not know about them, even if the REMOTE_USER variable is passed.
As I would like to restrict certain folders to a few users, wsgidav needs to know them, at least their username, which is passed with REMOTE_USER. And I do not want to either have a second authentication inside wsgidav nor can i remove the ldap authentication from nginx and enter manually each user/password in the wsgidav configuration.
I think #11 was talking about it, but I seek in the configuration and it seems that scenario is not possible yet.
Adding this possibility really would be great.
The text was updated successfully, but these errors were encountered:
If a trusted reverse proxy injects a REMOTE_USER (or some other header), and you don't want to grant access on the mere fact that a user name was passed, then you still need some mapping which users are allowed to access which resources, so you plan to use WsgiDAVDomainController?
We might add an option to the http_authenticator middleware like
trusted_auth_header="REMOTE_USER"
that will copy this header content to environ["http_authenticator.username"].
Would that help?
I started a branch with this patch, so you may test or improve it: https://github.com/mar10/wsgidav/tree/issue_28
Hello !
Thanks for this grate project. And I have one request for you.
I need to authenticate my users against LDAP. As wsgidav does not have this middleware, I use my nginx configuration to do it before proxying to wsgidav. In short :
user ---> nginx (with ldap authentication) ---> uwsgi running wsgidav
Nginx filters well the users, but wsgidav does not know about them, even if the REMOTE_USER variable is passed.
As I would like to restrict certain folders to a few users, wsgidav needs to know them, at least their username, which is passed with REMOTE_USER. And I do not want to either have a second authentication inside wsgidav nor can i remove the ldap authentication from nginx and enter manually each user/password in the wsgidav configuration.
I think #11 was talking about it, but I seek in the configuration and it seems that scenario is not possible yet.
Adding this possibility really would be great.
The text was updated successfully, but these errors were encountered: