ADUCID 4.x

User Tools

Site Tools

Trace:
nocode:overview

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision 		Previous revision
nocode:overview [2019/08/01 09:44]
tjotov [No-Code integration overview] 		nocode:overview [2020/02/29 11:07] (current)
mpospisek [No-Code integration overview]
Line 8: Line 8:
  
 In Apache configuration just require authentication: In Apache configuration just require authentication:
-   require valid user+<sxh bash> 
 +require valid user 
 +</sxh>
 ===== REMOTE_USER or any other attribute ===== ===== REMOTE_USER or any other attribute =====
 User ID is sent to application in header attribute - REMOTE_USER User ID is sent to application in header attribute - REMOTE_USER
Line 15: Line 17:
  
 Example how to send X-forwarded-user instead of REMOTE_USER: Example how to send X-forwarded-user instead of REMOTE_USER:
- RewriteEngine On  +<sxh bash> 
- RewriteCond %{LA-U:REMOTE_USER} (.+) +RewriteEngine On  
- RewriteRule .* - [E=RU:%1] +RewriteCond %{LA-U:REMOTE_USER} (.+) 
- RequestHeader set X-Forwarded-User %{RU}e+RewriteRule .* - [E=RU:%1] 
 +RequestHeader set X-Forwarded-User %{RU}e 
 +</sxh>
 ===== Security remarks ===== ===== Security remarks =====
-Apache has to be accessible only via TLS (https) +  * Apache has to be accessible only via TLS (https). 
-Back-end application has to be separated and accessible only from Apache (http, ajp, ...) +  Back-end application has to be separated and accessible only from Apache (http, ajp, ...) 
-Apache installed for ADUCID shouldn't be used for applications. User another instance of Apache instead. +  Apache installed for ADUCID shouldn't be used for applications. User another instance of Apache instead. 
-Headers from client are not transported to the back-end as ProxyPass is used (unless you configure Apache to do it) +  Headers from client are not transported to the back-end as ProxyPass is used (unless you configure Apache to do it) 
-So if users sents REMOTE_USER to Apache, it is wiped out and target application won't see it+  So if users sents REMOTE_USER to Apache, it is wiped out and target application won't see it
  
 ===== Technical overview ===== ===== Technical overview =====
Line 34: Line 38:
   * [[nocode:applications|Applications tested with ADUCID No-Code integration yet]]   * [[nocode:applications|Applications tested with ADUCID No-Code integration yet]]
   * [[nocode:authorization|Authorization in No-code]]   * [[nocode:authorization|Authorization in No-code]]
-  * [[nocode:binder|ADUCID Binder]]+  * [[components:binder|ADUCID Binder]]
nocode/overview.1564652679.txt.gz · Last modified: 2019/08/01 09:44 by tjotov

Page Tools

Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki