mirror of
https://github.com/opencloud-eu/opencloud.git
synced 2026-01-30 17:01:17 -05:00
92d3f77ab8
* readme for the auth-basic service Signed-off-by: jkoberg <jkoberg@owncloud.com> * Apply suggestions from code review * Apply suggestions from code review Co-authored-by: Jörn Friedrich Dreyer <jfd@butonic.de> * Update services/auth-basic/README.md Co-authored-by: Martin <github@diemattels.at> Signed-off-by: jkoberg <jkoberg@owncloud.com> Co-authored-by: Martin <github@diemattels.at> Co-authored-by: Jörn Friedrich Dreyer <jfd@butonic.de>
21 lines
1.4 KiB
Markdown
21 lines
1.4 KiB
Markdown
# Auth-Basic Service
|
|
|
|
The `auth-basic` service is responsible for validating authentication of incoming requests. To do so, it will use the configured `auth manager`, see the `Auth Managers` section. Only HTTP basic auth requests to ocis will involve the `auth-basic` service.
|
|
|
|
## Auth Managers
|
|
|
|
Since the `auth-basic` service does not do any validation itself, it needs to be configured with an authentication manager. One can use the `AUTH_BASIC_AUTH_PROVIDER` environment variable to configure this.
|
|
|
|
### LDAP Auth Manager
|
|
|
|
Setting `AUTH_BASIC_AUTH_PROVIDER` to `"ldap"` will configure the `auth-basic` service to use LDAP as auth manager. This is the recommended option for running in a production and testing environment. More details on how to configure LDAP with ocis can be found in the admin docs.
|
|
|
|
### Other Auth Managers
|
|
|
|
The possible auth mangers which can be selected are `"ldap"` and `"owncloudsql"`. Those are tested and usable though `"ldap"` is the recommend manager. Refer to the admin docs for additional information about those.
|
|
|
|
## Scalability
|
|
|
|
Scalability, just like memory and CPU consumption, are highly dependent on the configured auth manager. When using the recommended one which is `"ldap"`, there is no persistance as requests will just be forwarded to the LDAP server. Therefore, multiple instances of the `auth-basic` service can be started without further configuration. Be aware, that other auth managers might not allow that.
|
|
|