diff options
| author | Gerardo Zamudio <gerardozamudio@users.noreply.github.com> | 2016-02-24 23:48:50 -0600 |
|---|---|---|
| committer | Gerardo Zamudio <gerardozamudio@users.noreply.github.com> | 2016-02-24 23:48:50 -0600 |
| commit | e4de6b3898b64b26d29aff31f21df5fda8055686 (patch) | |
| tree | 575f8a65440f291d70a070d168eafca8c82a6459 /doc/reverse-proxy-authentication.markdown | |
| parent | d9ffbea174ea6524d0a22f8375ca8b3aa04a3c96 (diff) | |
| parent | a6540bc604c837d92c9368540c145606723e97f7 (diff) | |
Merge pull request #1 from fguillot/master
Update from upstream
Diffstat (limited to 'doc/reverse-proxy-authentication.markdown')
| -rw-r--r-- | doc/reverse-proxy-authentication.markdown | 12 |
1 files changed, 6 insertions, 6 deletions
diff --git a/doc/reverse-proxy-authentication.markdown b/doc/reverse-proxy-authentication.markdown index 7c001f3d..609bad7a 100644 --- a/doc/reverse-proxy-authentication.markdown +++ b/doc/reverse-proxy-authentication.markdown @@ -8,18 +8,18 @@ The authentication is done by another system, Kanboard doesn't know your passwor Requirements ------------ -- A well configured reverse proxy +- A well-configured reverse proxy or -- Apache auth on the same server +- Apache Auth on the same server How does this work? ------------------- 1. Your reverse proxy authenticates the user and send the username through a HTTP header. -2. Kanboard retreive the username from the request +2. Kanboard retrieve the username from the request - The user is created automatically if necessary - Open a new Kanboard session without any prompt assuming it's valid @@ -29,7 +29,7 @@ Installation instructions ### Setting up your reverse proxy This is not in the scope of this documentation. -You should check the user login is sent by the reverse proxy using a HTTP header, and find which one. +You should check the user login is sent by the reverse proxy using a HTTP header, and find out which one. ### Setting up Kanboard @@ -59,6 +59,6 @@ Notes: - If the proxy is the same web server that runs Kanboard, according the [CGI protocol](http://www.ietf.org/rfc/rfc3875) the header name will be `REMOTE_USER`. By example, Apache add `REMOTE_USER` by default if `Require valid-user` is set. -- If Apache is a reverse proxy to another Apache running Kanboard, the header `REMOTE_USER` is not set (same behaviour with IIS and Nginx). +- If Apache is a reverse proxy to another Apache running Kanboard, the header `REMOTE_USER` is not set (same behavior with IIS and Nginx). -- If you have a real reverse proxy, the [HTTP ICAP draft](http://tools.ietf.org/html/draft-stecher-icap-subid-00#section-3.4) proposes the header to be `X-Authenticated-User`. This de-facto standart has been adopted by a number of tools. +- If you have a real reverse proxy, the [HTTP ICAP draft](http://tools.ietf.org/html/draft-stecher-icap-subid-00#section-3.4) proposes the header to be `X-Authenticated-User`. This de facto standard has been adopted by a number of tools. |