Set Up HTTP Headers Authentication
Appkit supports authentication via generic HTTP headers passed through from a component behind a secure firewall sitting in front of the Appkit application. If there is such an authentication component in the environment where you are using Appkit, you can configure the HTTP headers that the application will use to pick up the user’s details.
Adding header security
-
Add this dependency to the
pom.xmlfile:<dependency> <groupId>twigkit</groupId> <artifactId>twigkit.security.provider.http-header</artifactId> <version>${project.parent.version}</version> </dependency> -
Modify
conf/security/security.confto contain this:type: header
Configuring the headers used
Create a new configuration file in conf/security/header/header.conf.
A typical configuration might look like:
user-id: remote_user
roles: x-groupHere, the user’s ID will be extracted from the value of the remote_user header and roles from the x-group header.
All possible properties are listed here:
user-id: name of header that contains the ID of the user
roles: name of the header that contains the user’s roles - multiple values will be picked up from the header if specified by the comma separated header value convention
domain: name of the header that contains the domain for the user
detail-prefix: prefix of any headers containing values which should be added to the user’s details (for example, if X-USER- a header with the name X-USER-DEPARTMENT and its value will be added as an entry to the user details map)