From 92d3f77ab849fc60374a262c8b6abad72c475dec Mon Sep 17 00:00:00 2001
From: kobergj <jkoberg@owncloud.com>
Date: Thu, 3 Nov 2022 14:24:22 +0100
Subject: [PATCH] Readme for Auth-Basic (#4919)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

* readme for the auth-basic service

Signed-off-by: jkoberg <jkoberg@owncloud.com>

* Apply suggestions from code review

* Apply suggestions from code review

Co-authored-by: Jörn Friedrich Dreyer <jfd@butonic.de>

* Update services/auth-basic/README.md

Co-authored-by: Martin <github@diemattels.at>

Signed-off-by: jkoberg <jkoberg@owncloud.com>
Co-authored-by: Martin <github@diemattels.at>
Co-authored-by: Jörn Friedrich Dreyer <jfd@butonic.de>
---
 services/auth-basic/README.md | 20 ++++++++++++++++++++
 1 file changed, 20 insertions(+)
 create mode 100644 services/auth-basic/README.md

diff --git a/services/auth-basic/README.md b/services/auth-basic/README.md
new file mode 100644
index 0000000000..40f15af563
--- /dev/null
+++ b/services/auth-basic/README.md
@@ -0,0 +1,20 @@
+# Auth-Basic Service
+
+The `auth-basic` service is responsible for validating authentication of incoming requests. To do so, it will use the configured `auth manager`, see the `Auth Managers` section. Only HTTP basic auth requests to ocis will involve the `auth-basic` service.
+
+## Auth Managers
+
+Since the `auth-basic` service does not do any validation itself, it needs to be configured with an authentication manager. One can use the `AUTH_BASIC_AUTH_PROVIDER` environment variable to configure this.
+
+### LDAP Auth Manager
+
+Setting `AUTH_BASIC_AUTH_PROVIDER` to `"ldap"` will configure the `auth-basic` service to use LDAP as auth manager. This is the recommended option for running in a production and testing environment. More details on how to configure LDAP with ocis can be found in the admin docs.
+
+### Other Auth Managers
+
+The possible auth mangers which can be selected are `"ldap"` and `"owncloudsql"`. Those are tested and usable though `"ldap"` is the recommend manager. Refer to the admin docs for additional information about those.
+
+## Scalability
+
+Scalability, just like memory and CPU consumption, are highly dependent on the configured auth manager. When using the recommended one which is `"ldap"`, there is no persistance as requests will just be forwarded to the LDAP server. Therefore, multiple instances of the `auth-basic` service can be started without further configuration. Be aware, that other auth managers might not allow that.
+