diff --git a/doc/adminguide.html b/doc/adminguide.html index da25388..0568ae3 100755 --- a/doc/adminguide.html +++ b/doc/adminguide.html @@ -243,6 +243,37 @@ URL = http://your.proxy.host/subdir/ into elogd.cfg.
+
+Authentication = Webserver ++This triggers elogd to use the environment variable "X-Forwarded-User" as the logged in user.
+# this required to pass on the generated env-variable X-Forwarded-User to the proxy +ProxyPassInterpolateEnv On + +ProxyPass /elog/ http://your.host.domain:8080/ + +<Location "/elog"> + Order allow,deny + Allow from all + AuthType Basic + AuthName "elog-server" + AuthUserFile "/opt/elog/htpasswd" + require valid-user + RequestHeader unset Authorization + RequestHeader add X-Forwarded-User %{REMOTE_USER}s + # elog doesn't like the '@', so we need to cut it + RequestHeader edit X-Forwarded-User "@(.*)$" "" +</Location> ++ + +
When images are attached to ELOG entries, thumbnails can be created for quick preview. This works also for PDF and PostScript files. ELOG forwards any image operation diff --git a/doc/config.html b/doc/config.html index 9848f58..9e98855 100755 --- a/doc/config.html +++ b/doc/config.html @@ -2207,6 +2207,22 @@ Options Location = Main Building{a}, New Building{b}, Old Building{c} you have to change your password by other means (such as via the Windows login if you use a Windows Domain).
++ Beside the Kerberos authentication, elogd version 3.0 and higher can be configured to accept a authentication done + by the webserver. +
Authentication = Webserver
+ + You can also combine it with other authentication methods as shown for Kerberos. +
+
+ Elogd is then accepting the username set in the Request-Header "X-Forwarded-User" as already logged in.
+ To make this work, you need to configure the webserver correctly, as describe in the adminguide.
+