Trusted Header Authorization
| This page is marked as "earlydoc", which means that it more of a collection of notes and an early draft before this page turns into good documentation later on. It is hoped that this early form of documentation is useful to you, but please understand that most documentation pages are higher quality than this. If you have suggestions or comments, please do get in contact or consider contributing your suggestions to the OliveTin documentation. |
config.yamlauthHttpHeaderUsername: "X-Username"
authHttpHeaderUsergroup: "X-Usergroup"
You must set AuthHttpHeaderUsername to some value, even if you only intend to use AuthHttpHeaderUsergroup, otherwise usergroups will be ignored.
|
Multiple usergroups
OliveTin will automatically detect multiple usergroups in the authHttpHeaderUsergroup header if they are separated by a space. You can also set a configuration option to use a different separator string with AuthHttpHeaderUsergroupSep. For example, if you set AuthHttpHeaderUsergroupSep to ,, then the header X-Usergroup: group1,group2 will be interpreted as two usergroups: group1 and group2.
authHttpHeaderUsergroupSep: ","