AuthenticationΒΆ
By default, morpfw uses no authentication.
Available authentication modules are:
morpfw.authn.noauth:AuthnPolicy
- NOAUTH policymorpfw.authn.pas:AuthnPolicy
- Pluggable Auth Service which authenticate either using JWToken orX-API-KEY
header. Requires Pluggable Auth Service to be enabled as the API key and token management comes from that module.morpfw.authn.useridparam:AuthnPolicy
- Default. Gets username fromuser.id
parameter inGET
. Validates remote address againstmorpfw.security.allowed_nets
to only trust provded hostsmorpfw.authn.remoteuser:AuthnPolicy
- Gets username fromREMOTE_USER
environment variable. Validates remote address againstmorpfw.security.allowed_nets
to only trust provded hosts
To change to a different authentication module, update
morpfw.authn.policy
configuration in settings.yml
. Eg:
configuration:
morpfw.authn.policy: morpfw.authn.remoteuser:AuthnPolicy
morpfw.authn.policy.settings: {}