Me again, With a little perserverance I managed to extract the missing information from the code (or the docs, can't remember). It's a two steps configuration :
1- And the easiest one because it is found in official docs in a very clear way, that I reminded in the current thread: we need to create a stack that references the NoAuth handler, and assign the "REMOTE_USER" (exposed apache env) to the key "username" in EST yaml file 2- The tricky part I would say, because it is a little bit hidden: it's the other EST configuration file (or the global config file) which is actually where the stack is chosen (the new created stack that references the handler with corresponding exposed Apache values in this case). With that being said, it's not limited to http basic auth, but i guess to any auth supported in Apache as long as environment variables are exposed so that these can be consumed by OpenXPKI yaml files. Mohamed Le ven. 27 oct. 2023 à 13:24, Mo Be <mopra...@gmail.com> a écrit : > Me again, > > It's the apache conf, at > *openxpki-config/contrib/apache2-openxpki-site.conf,* that needs to be > updated with the right code (to support basic authentication). > > That code can easily be found in apache docs, or in the internet: how to > enable basic auth in apache. (for the people who are not familiar with > apache and linux and whatsoever, like myself) > > Though, I don't know how to consume the details such as the username from > apache and use it in the workflow. > > Current state: > I send a curl authenticated with basic auth, say bob. > > But when i see the catchall.log, i see user "Anonymous". > > Even though, I followed the docs and added the stack and handler, it > appears i'm still missing something. > > My stack.yml looks like this, > I tried both with envkeys and without > _BasicAuth: > handler: ExternalAuth > type: client # looks like a label, not sure what type means in this > context > username: REMOTE_USER > # envkeys: > # username: REMOTE_USER > > And the handler > ExternalAuth: > type: NoAuth > role: Anonynous > > A little help on this? > Thank you >
_______________________________________________ OpenXPKI-users mailing list OpenXPKI-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openxpki-users
