XCP-ng
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Groups
    • Register
    • Login

    http authentication

    Scheduled Pinned Locked Moved Xen Orchestra
    5 Posts 3 Posters 562 Views 2 Watching
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S Offline
      sborrill
      last edited by

      I'd like to have the option for using basic http authentication rather than form-based authentication with Xen Orchestra (while still using LDAP for the actual backend authentication). This would allow easy single-sign-on through NetScaler by publishing it as an intranet resource without requiring Advanced/Enterprise licencing for SAML.

      1 Reply Last reply Reply Quote 0
      • olivierlambertO Offline
        olivierlambert Vates 🪐 Co-Founder CEO
        last edited by

        Ping @julien-f IDK if we need more info to have a specification 🙂

        1 Reply Last reply Reply Quote 0
        • julien-fJ Offline
          julien-f Vates 🪐 Co-Founder XO Team
          last edited by

          @sborrill What do you need exactly?

          You want XO to automatically sign in the user when the page is visited when the Authorization HTTP header contains the user credentials?

          S 1 Reply Last reply Reply Quote 0
          • S Offline
            sborrill @julien-f
            last edited by

            @julien-f Yep, exactly. Respond with 401 header if username or password are wrong (or not present). Probably allow for the realm to be configured too (not important for NetScaler).

            1 Reply Last reply Reply Quote 0
            • julien-fJ Offline
              julien-f Vates 🪐 Co-Founder XO Team
              last edited by

              @sborrill I have a work-in-progress branch with a plugin for this: https://github.com/vatesfr/xen-orchestra/pull/4701

              To test, you will need to checkout this branch, add a symlink to the packages/xo-server-auth-http plugin into the directory xo-server/node_modules and then to configure and unable the plugin from XO.

              This will make basic authentication available with the path /signin/basic, note that you can make it the default authentication by overriding authentication.defaultSignInPage in your configuration file.

              julien-f opened this pull request in vatesfr/xen-orchestra

              open WiP: feat(xo-server): support HTTP basic auth #4701

              1 Reply Last reply Reply Quote 1
              • First post
                Last post