Skip to content
This repository has been archived by the owner on Oct 15, 2022. It is now read-only.

Authentication

Thilo Planz edited this page Jan 19, 2012 · 2 revisions

Authentication providers

By default, authentication is disabled (this means only anonymous access is available, which is also disabled by default, see the next section.

In order to enable authentication, you have to specify a "provider" to use (using the configuration property auth.provider). The choices are

  • "demo": a simple solution using passwords and roles defined as properties, with some defaults to be used for quick demonstrations or testing

  • "trusted": relies on authentication having been performed by a proxy server in front of v7files, allows all authentication attempts and trusts the user and role names passed in as HTTP headers

  • "mongo": checks username and password against a collection in MongoDB. Does not support roles yet.

Anonymous access

By default, authentication is required for any kind of access.

You can enable anonymous access using the auth.anonymous property. The value of the property is the name of the role given to the anonymous user (so that you can set permissions).

The "demo" provider

Passwords and roles for the "demo" authentication provider are defined in the main configuration file. There are two users present by default (set the passwords to blank to disable them):

auth.demo.user.admin.password = admin
auth.demo.user.admin.roles = admins, users
auth.demo.user.demo.password = demo
auth.demo.user.demo.roles = users

The "mongo" provider

This provider queries a MongoDB collection for username and password. It uses the same database that stores the files for this endpoint or tenant. You have to configure the collection and field names. Passwords need to be stored as cryptographic hashes, a variety of formats are supported (and automatically detected).

# there are no defaults, you have to set these properties
auth.mongo.collection = users
auth.mongo.username = user_id
auth.mongo.password = password_hash
Clone this wiki locally