We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Hi.
Thanks a lot for this tool, it is very useful for me. However, there's one feature I'd like to have which would be helping me a lot:
I'd like to automatically set ACLs for users, but without being able to modify nginx-sso's config. Currently I'm doing this via nginx' config:
location /nginx-sso-auth { internal; proxy_pass http://nginx-sso/auth; ... proxy_set_header X-Allow "bob"; }
and in nginx-sso config:
acl: rule_sets: - rules: - field: "x-allow" equals: "bob" allow: - "bob" - rules: - field: "x-allow" equals: "@staff" allow: - "@cn=staff,ou=groups,dc=company"
This does work, but isn't really comfortable - I have to create a rule set for each user or group or combination of those.
Would it be possible, do add something like this:
acl: rule_sets: - rules: allow: - $x-allow
That way, one could put all users allowed to access an resource into the X-Allow header and leave the rest to nginx-sso.
The text was updated successfully, but these errors were encountered:
No branches or pull requests
Hi.
Thanks a lot for this tool, it is very useful for me. However, there's one feature I'd like to have which would be helping me a lot:
I'd like to automatically set ACLs for users, but without being able to modify nginx-sso's config. Currently I'm doing this via nginx' config:
and in nginx-sso config:
This does work, but isn't really comfortable - I have to create a rule set for each user or group or combination of those.
Would it be possible, do add something like this:
That way, one could put all users allowed to access an resource into the X-Allow header and leave the rest to nginx-sso.
The text was updated successfully, but these errors were encountered: