Coder Social home page Coder Social logo

Comments (4)

bhartshorn avatar bhartshorn commented on August 17, 2024 1

My usecase gets a little muddy because the services are running in Docker behind Traefik as a web proxy.

I would probably use the 'OAuth2-Proxy' project I linked to. I get the impression that it's built to run one instance per service that needs authentication, so I would stand up a copy of it alongside cerca, just for cerca. (all in docker)

I might get around to making the changes in cerca and do a PR, but I'm not sure I have time to invest in learning the codebase right now. We'll see!

from cerca.

cblgh avatar cblgh commented on August 17, 2024 1

thanks for the context!

if you do find yourself with some extra time, server/server.go contains all you want

here are some snippets that feel relevant:

and if you don't get to it, i'll see when i have a little bit of time to explore it :)

from cerca.

decentral1se avatar decentral1se commented on August 17, 2024 1

Hey sorry to jump in on this thread, the header fix seems to be a very nice minimal addition to support this!

I am very curious about "Single Sign On" which also continues in the tradition of cerca, that is, "lean".

This is not really a thing to solve in cerca and may be a wider discussion as to what is the suitable "go to" authentication solution for low-tech but I'm curious to have that chat somewhere!

I was thinking LDAP but after some chat on the pmc xmpp someone was saying that prosody has a nice model for just authenticating against the linux system user accounts with PAM https://modules.prosody.im/mod_auth_pam.html seems pretty neat 😌

Again, probably a wider discussion but I think low-tech self-hosting is going to need to cross this "one username/password for all" bridge at some point...

from cerca.

cblgh avatar cblgh commented on August 17, 2024

@bhartshorn thank you for your thoughtfully written issue! i really appreciate when people take the time to understand a project and what may or may not be a suitable addition 🖤

let me look into the links you reference regarding enabling an authentication proxy and i'll get back to you! my initial reaction is that if it is a matter of handling a set of http headers to support such a usecase then it feels like a very reasonable tradeoff and addition c:

how do you see this working for your hackerspace usecase: would you be operating an oauth proxy? or is it already taken care of for the SSO provider you already have?

from cerca.

Related Issues (20)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.