Skip to content

Commit

Permalink
issue-4003 - Updating documentation with step to disable basic authen…
Browse files Browse the repository at this point in the history
…tication

Signed-off-by: PrasannaHegde1 <[email protected]>
  • Loading branch information
PrasannaHegde1 committed Dec 14, 2022
1 parent 52b686f commit ddb6ac0
Showing 1 changed file with 13 additions and 0 deletions.
13 changes: 13 additions & 0 deletions docs/src/pages/guides/FHIRServerUsersGuide.md
Original file line number Diff line number Diff line change
Expand Up @@ -2792,6 +2792,19 @@ Here are some notes related to these authentication schemes:
* OAuth 2.0 authentication can only be used in conjunction with an HTTPS endpoint because the OAuth authorization steps rely on SSL handshake negotiations.
* Client certificate-based authentication can only be used in conjunction with an HTTPS endpoint since it involves SSL handshake negotiations. The main value of client authentication is that the server is able to securely authenticate the client through the use of certificates.

To disable basic authentication, add the below snippet under configDropins/overrides:
```xml
<server>
<webApplication id="fhir-server-webapp">
<application-bnd id="bind">
<security-role id="users" name="FHIRUsers">
<special-subject type="EVERYONE"/>
</security-role>
</application-bnd>
</webApplication>
</server>
```

### 5.2.3 Configuring mutual TLS authentication
To properly configure the FHIR server's keystore and truststore files, perform the following steps.

Expand Down

0 comments on commit ddb6ac0

Please sign in to comment.