Commit 8ed88638 authored by ale's avatar ale

Add allowed_groups to sso-proxy docs

parent fe763606
Pipeline #2735 passed with stages
in 4 minutes and 46 seconds
......@@ -120,7 +120,8 @@ it wouldn't be safe for them to trust this information anyway, unless
they have a way to ensure it comes only from the trusted sso-proxy
(perhaps using TLS or other forms of transport verification). Finally,
*sso-proxy* only handles incoming requests based on their Host
attribute, not the request path.
attribute, not the request path. And the only access control rules
currently supported are group-based.
The proxy server has its own configuration file, */etc/sso/proxy.yml*
by default, which has the following attributes:
......@@ -135,6 +136,8 @@ by default, which has the following attributes:
* `backends` is the list of configured endpoints and associated
backends, each entry has the following attributes:
* `host` the HTTP host to serve
* `allowed_groups` is a list of the groups whose users will be
allowed access to the service
* `upstream` is a list of *host:port* addresses for the upstream
backends
* `tls_server_name` allows you to explicitly set the value of the
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment