Is it possible to use HTTP basic auth for web login?

[estechnical]

I have an nginx proxy in front of several instances of kerberos web and machinery. I can pass on the http basic auth header using proxy_pass_header Authorization but I cannot work out how to make web allow this as a login method.

Are there docs for this or any pointers for enabling it that someone can provide, please?

I am using the kerberos docker image but can build my own if needed.

Thanks :)

[cedricve]

hey @estechnical,

Interesting! thanks for sharing and trying it out. So you want to have one portal which would signin to all web interfaces?

Cédric

[estechnical]

Hi @cedricve, that's it. This approach is common for running applications like this in kubernetes behind an ingress controller, or just behind a proxy in general.

Another less secure option would be to totally disable the login mechanism. I also don't know how to do this with kerberos web...

I wouldn't mind either way in my current setup, which is for home use. If anything, disabling direct access to the containers and forcing login at the proxy is just as secure. At least in the context of everything running on the same docker host...

Another very related question: What settings to do I need to modify to make web work behind the proxy? I am currently getting an exception NotFoundHttpException on the web interface.

If I enable access to the container's web port and access it directly it is fine and shows the login page.

However, when I access the web container via the proxy, I get the above exception. Url without proxy: http://localhost:xxxxx > redirects ok to /login Url with proxy: http://localhost:8080/front1/web > exception

[cedricve]

Hmm can we setup a teamviewer session to clear this out? I'll better understand your configuration as well.

[estechnical]

Sure thing. I think I am in a better position to provide concise examples of what I want to achieve.

Sorry for delay in getting back to you.