Skip to content

Latest commit

 

History

History
34 lines (22 loc) · 1.18 KB

authentication.md

File metadata and controls

34 lines (22 loc) · 1.18 KB
Raw

Authentication

Webfuse supports two authentications mechanisms:

  • token-based authentication using HTTP headers
  • in-protocol authentication

To activate authentication, two command line option can be specified:

  • --wf-authenticator PATH
    allows to specify an executable used for authentication
  • --wf-auth-header HEADER (optional) allows to specify the HTTP header used for authentication

When --wf-auth-header is not specifiend or the header is not contained in the HTTP request, the in-protocol solutions is used: Before any other operation, the credentials are queried via getcredsrequest.

Authenticator

An authenticator is an executable or script used for token-based authentication. Credentials are passed to the authenticator via stdin.

Header restrictions

Note that not any HTTP header can be specified using --wf-auth-header option. The following headers are supported:

  • X-Auth-Token
  • Authorization

In addition to that, any non-standard header can be specified.

Due to implementation limitation, most standard headers can not be used by now. Please let us know, when you intend to use a header that is not supported yet. Please create an issue in that case.