authelia/example/compose/nginx/backend/html/home/index.html

<!DOCTYPE>
<html>

<head>
  <title>Home page</title>
  <link rel="icon" href="/icon.png" type="image/png" />
</head>

<body>
  <h1>Access the secret</h1>
  <span style="font-size: 1.2em; color: red">You need to log in to access the secret!</span><br/><br/> Try to access it using
  one of the following links to test access control powered by Authelia.<br/>
  <ul>
    <li>
      public.example.com <a href="https://public.example.com:8080/"> / index.html</a>
    </li>
    <li>
      secret.example.com
      <ul>
        <li>Groups
          <ul>
            <li>
              <a href="https://dev.example.com:8080/groups/admin/secret.html"> / groups / admins / secret.html</a>
            </li>
            <li>
              <a href="https://dev.example.com:8080/groups/dev/secret.html"> / groups / dev / secret.html</a>
            </li>
          </ul>
        </li>
        <li>Users
          <ul>
            <li>
              <a href="https://dev.example.com:8080/users/john/secret.html"> / users / john / secret.html</a>
            </li>
            <li>
              <a href="https://dev.example.com:8080/users/harry/secret.html"> / users / harry / secret.html</a>
            </li>
            <li>
              <a href="https://dev.example.com:8080/users/bob/secret.html"> / users / bob / secret.html</a>
            </li>
          </ul>
        </li>
      </ul>
    </li>
    <li>
      admin.example.com <a href="https://admin.example.com:8080/secret.html"> / secret.html</a>
    </li>
    <li>
      mx1.main.example.com <a href="https://mx1.mail.example.com:8080/secret.html"> / secret.html</a>
    </li>
    <li>
      mx2.main.example.com <a href="https://mx2.mail.example.com:8080/secret.html"> / secret.html</a>
    </li>
    <li>
      single_factor.example.com <a href="https://single_factor.example.com:8080/secret.html"> / secret.html</a>
    </li>
  </ul>

  You can also log off by visiting the following <a href="https://login.example.com:8080/logout?rd=https://home.example.com:8080/">link</a>.

  <h1>List of users</h1>
  Here is the list of credentials you can log in with to test access control.<br/>
  <br/> Once first factor is passed, you will need to follow the links to register a secret for the second factor.<br/> Authelia
  will send you a fictituous email in a <strong>fake webmail</strong> at <a href="http://localhost:8085">http://localhost:8085</a>.<br/> 
  It will provide you with the link to complete the registration allowing you to authenticate with 2-factor.

  <ul>
    <li><strong>john / password</strong>: belongs to <em>admin</em> and <em>dev</em> groups.</li>
    <li><strong>bob / password</strong>: belongs to <em>dev</em> group only.</li>
    <li><strong>harry / password</strong>: does not belong to any group.</li>
  </ul>

  <h1>Access control rules</h1>
  <p></p>These rules are extracted from the configuration file
  <a href="https://github.com/clems4ever/authelia/blob/master/config.template.yml">config.template.yml</a>.</p>
  <pre id="rules" style="border: 1px grey solid; padding: 20px; display: inline-block;">
# Default policy can either be `allow` or `deny`.
# It is the policy applied to any resource if it has not been overriden
# in the `any`, `groups` or `users` category.

default_policy: deny

# The rules that apply to anyone.
# The value is a list of rules.

any:
  - domain: public.example.com
    policy: allow

# Group-based rules. The key is a group name and the value
# is a list of rules.

groups:
  admin:
    # All resources in all domains
    - domain: '*.example.com'
      policy: allow
    # Except mx2.mail.example.com (it restricts the first rule)
    - domain: 'mx2.mail.example.com'
      policy: deny
  dev:
    - domain: dev.example.com
      policy: allow
      resources:
        - '^/groups/dev/.*$'

# User-based rules. The key is a user name and the value
# is a list of rules.

users:
  john:
    - domain: dev.example.com
      policy: allow
      resources:
        - '^/users/john/.*$' 
  harry:
    - domain: dev.example.com
      policy: allow
      resources:
        - '^/users/harry/.*$'
  bob:
    - domain: '*.mail.example.com'
      policy: allow
    - domain: 'dev.example.com'
      policy: allow
      resources:
        - '^/users/bob/.*$'
    - domain: 'dev.example.com'
      policy: allow
      resources:
        - '^/users/harry/.*$'</pre>
</body>

</html>
Refine access control with per resource ACLs ACLs can now be defined by subdomain AND resource using pattern matching with regular expressions. It allows a very fine-grained access control to backend resources. [Note] For using example environmnent, user must update its /etc/hosts with new subdomains updated in README. 2017-09-03 13:22:09 +00:00			`<!DOCTYPE>`
			`<html>`

			`<head>`
			`<title>Home page</title>`
			`<link rel="icon" href="/icon.png" type="image/png" />`
			`</head>`

			`<body>`
			`<h1>Access the secret</h1>`
Disable second factor for certain subdomain 2017-09-24 21:19:03 +00:00			`<span style="font-size: 1.2em; color: red">You need to log in to access the secret!</span><br/><br/> Try to access it using`
			`one of the following links to test access control powered by Authelia.<br/>`
Refine access control with per resource ACLs ACLs can now be defined by subdomain AND resource using pattern matching with regular expressions. It allows a very fine-grained access control to backend resources. [Note] For using example environmnent, user must update its /etc/hosts with new subdomains updated in README. 2017-09-03 13:22:09 +00:00			`<ul>`
			`<li>`
Change domain from test.local to example.com Warning: you will need to update your /etc/hosts to take this change into account for the example environment to work. 2017-11-02 20:34:07 +00:00			`public.example.com <a href="https://public.example.com:8080/"> / index.html</a>`
Refine access control with per resource ACLs ACLs can now be defined by subdomain AND resource using pattern matching with regular expressions. It allows a very fine-grained access control to backend resources. [Note] For using example environmnent, user must update its /etc/hosts with new subdomains updated in README. 2017-09-03 13:22:09 +00:00			`</li>`
			`<li>`
Change domain from test.local to example.com Warning: you will need to update your /etc/hosts to take this change into account for the example environment to work. 2017-11-02 20:34:07 +00:00			`secret.example.com`
Refine access control with per resource ACLs ACLs can now be defined by subdomain AND resource using pattern matching with regular expressions. It allows a very fine-grained access control to backend resources. [Note] For using example environmnent, user must update its /etc/hosts with new subdomains updated in README. 2017-09-03 13:22:09 +00:00			`<ul>`
			`<li>Groups`
			`<ul>`
			`<li>`
Change domain from test.local to example.com Warning: you will need to update your /etc/hosts to take this change into account for the example environment to work. 2017-11-02 20:34:07 +00:00			`<a href="https://dev.example.com:8080/groups/admin/secret.html"> / groups / admins / secret.html</a>`
Refine access control with per resource ACLs ACLs can now be defined by subdomain AND resource using pattern matching with regular expressions. It allows a very fine-grained access control to backend resources. [Note] For using example environmnent, user must update its /etc/hosts with new subdomains updated in README. 2017-09-03 13:22:09 +00:00			`</li>`
			`<li>`
Change domain from test.local to example.com Warning: you will need to update your /etc/hosts to take this change into account for the example environment to work. 2017-11-02 20:34:07 +00:00			`<a href="https://dev.example.com:8080/groups/dev/secret.html"> / groups / dev / secret.html</a>`
Refine access control with per resource ACLs ACLs can now be defined by subdomain AND resource using pattern matching with regular expressions. It allows a very fine-grained access control to backend resources. [Note] For using example environmnent, user must update its /etc/hosts with new subdomains updated in README. 2017-09-03 13:22:09 +00:00			`</li>`
			`</ul>`
			`</li>`
			`<li>Users`
			`<ul>`
			`<li>`
Change domain from test.local to example.com Warning: you will need to update your /etc/hosts to take this change into account for the example environment to work. 2017-11-02 20:34:07 +00:00			`<a href="https://dev.example.com:8080/users/john/secret.html"> / users / john / secret.html</a>`
Refine access control with per resource ACLs ACLs can now be defined by subdomain AND resource using pattern matching with regular expressions. It allows a very fine-grained access control to backend resources. [Note] For using example environmnent, user must update its /etc/hosts with new subdomains updated in README. 2017-09-03 13:22:09 +00:00			`</li>`
			`<li>`
Change domain from test.local to example.com Warning: you will need to update your /etc/hosts to take this change into account for the example environment to work. 2017-11-02 20:34:07 +00:00			`<a href="https://dev.example.com:8080/users/harry/secret.html"> / users / harry / secret.html</a>`
Refine access control with per resource ACLs ACLs can now be defined by subdomain AND resource using pattern matching with regular expressions. It allows a very fine-grained access control to backend resources. [Note] For using example environmnent, user must update its /etc/hosts with new subdomains updated in README. 2017-09-03 13:22:09 +00:00			`</li>`
			`<li>`
Change domain from test.local to example.com Warning: you will need to update your /etc/hosts to take this change into account for the example environment to work. 2017-11-02 20:34:07 +00:00			`<a href="https://dev.example.com:8080/users/bob/secret.html"> / users / bob / secret.html</a>`
Refine access control with per resource ACLs ACLs can now be defined by subdomain AND resource using pattern matching with regular expressions. It allows a very fine-grained access control to backend resources. [Note] For using example environmnent, user must update its /etc/hosts with new subdomains updated in README. 2017-09-03 13:22:09 +00:00			`</li>`
			`</ul>`
			`</li>`
			`</ul>`
			`</li>`
			`<li>`
Change domain from test.local to example.com Warning: you will need to update your /etc/hosts to take this change into account for the example environment to work. 2017-11-02 20:34:07 +00:00			`admin.example.com <a href="https://admin.example.com:8080/secret.html"> / secret.html</a>`
Refine access control with per resource ACLs ACLs can now be defined by subdomain AND resource using pattern matching with regular expressions. It allows a very fine-grained access control to backend resources. [Note] For using example environmnent, user must update its /etc/hosts with new subdomains updated in README. 2017-09-03 13:22:09 +00:00			`</li>`
			`<li>`
Change domain from test.local to example.com Warning: you will need to update your /etc/hosts to take this change into account for the example environment to work. 2017-11-02 20:34:07 +00:00			`mx1.main.example.com <a href="https://mx1.mail.example.com:8080/secret.html"> / secret.html</a>`
Refine access control with per resource ACLs ACLs can now be defined by subdomain AND resource using pattern matching with regular expressions. It allows a very fine-grained access control to backend resources. [Note] For using example environmnent, user must update its /etc/hosts with new subdomains updated in README. 2017-09-03 13:22:09 +00:00			`</li>`
			`<li>`
Change domain from test.local to example.com Warning: you will need to update your /etc/hosts to take this change into account for the example environment to work. 2017-11-02 20:34:07 +00:00			`mx2.main.example.com <a href="https://mx2.mail.example.com:8080/secret.html"> / secret.html</a>`
Refine access control with per resource ACLs ACLs can now be defined by subdomain AND resource using pattern matching with regular expressions. It allows a very fine-grained access control to backend resources. [Note] For using example environmnent, user must update its /etc/hosts with new subdomains updated in README. 2017-09-03 13:22:09 +00:00			`</li>`
Disable second factor for certain subdomain 2017-09-24 21:19:03 +00:00			`<li>`
Change domain from test.local to example.com Warning: you will need to update your /etc/hosts to take this change into account for the example environment to work. 2017-11-02 20:34:07 +00:00			`single_factor.example.com <a href="https://single_factor.example.com:8080/secret.html"> / secret.html</a>`
Disable second factor for certain subdomain 2017-09-24 21:19:03 +00:00			`</li>`
Refine access control with per resource ACLs ACLs can now be defined by subdomain AND resource using pattern matching with regular expressions. It allows a very fine-grained access control to backend resources. [Note] For using example environmnent, user must update its /etc/hosts with new subdomains updated in README. 2017-09-03 13:22:09 +00:00			`</ul>`

Rename redirect query parameter into rd for compatibility with nginx-ingress 2018-04-24 21:03:05 +00:00			`You can also log off by visiting the following <a href="https://login.example.com:8080/logout?rd=https://home.example.com:8080/">link</a>.`
Refine access control with per resource ACLs ACLs can now be defined by subdomain AND resource using pattern matching with regular expressions. It allows a very fine-grained access control to backend resources. [Note] For using example environmnent, user must update its /etc/hosts with new subdomains updated in README. 2017-09-03 13:22:09 +00:00
			`<h1>List of users</h1>`
			`Here is the list of credentials you can log in with to test access control.<br/>`
Disable second factor for certain subdomain 2017-09-24 21:19:03 +00:00			`<br/> Once first factor is passed, you will need to follow the links to register a secret for the second factor.<br/> Authelia`
Provide information about fake webmail in home page of example 2017-10-17 22:48:57 +00:00			`will send you a fictituous email in a <strong>fake webmail</strong> at <a href="http://localhost:8085">http://localhost:8085</a>.<br/>`
			`It will provide you with the link to complete the registration allowing you to authenticate with 2-factor.`
Refine access control with per resource ACLs ACLs can now be defined by subdomain AND resource using pattern matching with regular expressions. It allows a very fine-grained access control to backend resources. [Note] For using example environmnent, user must update its /etc/hosts with new subdomains updated in README. 2017-09-03 13:22:09 +00:00
			`<ul>`
			`<li><strong>john / password</strong>: belongs to <em>admin</em> and <em>dev</em> groups.</li>`
			`<li><strong>bob / password</strong>: belongs to <em>dev</em> group only.</li>`
			`<li><strong>harry / password</strong>: does not belong to any group.</li>`
			`</ul>`

			`<h1>Access control rules</h1>`
Disable second factor for certain subdomain 2017-09-24 21:19:03 +00:00			`<p></p>These rules are extracted from the configuration file`
Refine access control with per resource ACLs ACLs can now be defined by subdomain AND resource using pattern matching with regular expressions. It allows a very fine-grained access control to backend resources. [Note] For using example environmnent, user must update its /etc/hosts with new subdomains updated in README. 2017-09-03 13:22:09 +00:00			`<a href="https://github.com/clems4ever/authelia/blob/master/config.template.yml">config.template.yml</a>.</p>`
			`<pre id="rules" style="border: 1px grey solid; padding: 20px; display: inline-block;">`
			# Default policy can either be `allow` or `deny`.
			`# It is the policy applied to any resource if it has not been overriden`
			# in the `any`, `groups` or `users` category.

			`default_policy: deny`

			`# The rules that apply to anyone.`
			`# The value is a list of rules.`

			`any:`
Change domain from test.local to example.com Warning: you will need to update your /etc/hosts to take this change into account for the example environment to work. 2017-11-02 20:34:07 +00:00			`- domain: public.example.com`
Refine access control with per resource ACLs ACLs can now be defined by subdomain AND resource using pattern matching with regular expressions. It allows a very fine-grained access control to backend resources. [Note] For using example environmnent, user must update its /etc/hosts with new subdomains updated in README. 2017-09-03 13:22:09 +00:00			`policy: allow`

			`# Group-based rules. The key is a group name and the value`
			`# is a list of rules.`

			`groups:`
			`admin:`
			`# All resources in all domains`
Change domain from test.local to example.com Warning: you will need to update your /etc/hosts to take this change into account for the example environment to work. 2017-11-02 20:34:07 +00:00			`- domain: '*.example.com'`
Refine access control with per resource ACLs ACLs can now be defined by subdomain AND resource using pattern matching with regular expressions. It allows a very fine-grained access control to backend resources. [Note] For using example environmnent, user must update its /etc/hosts with new subdomains updated in README. 2017-09-03 13:22:09 +00:00			`policy: allow`
Change domain from test.local to example.com Warning: you will need to update your /etc/hosts to take this change into account for the example environment to work. 2017-11-02 20:34:07 +00:00			`# Except mx2.mail.example.com (it restricts the first rule)`
			`- domain: 'mx2.mail.example.com'`
Refine access control with per resource ACLs ACLs can now be defined by subdomain AND resource using pattern matching with regular expressions. It allows a very fine-grained access control to backend resources. [Note] For using example environmnent, user must update its /etc/hosts with new subdomains updated in README. 2017-09-03 13:22:09 +00:00			`policy: deny`
			`dev:`
Change domain from test.local to example.com Warning: you will need to update your /etc/hosts to take this change into account for the example environment to work. 2017-11-02 20:34:07 +00:00			`- domain: dev.example.com`
Refine access control with per resource ACLs ACLs can now be defined by subdomain AND resource using pattern matching with regular expressions. It allows a very fine-grained access control to backend resources. [Note] For using example environmnent, user must update its /etc/hosts with new subdomains updated in README. 2017-09-03 13:22:09 +00:00			`policy: allow`
			`resources:`
			`- '^/groups/dev/.*$'`

			`# User-based rules. The key is a user name and the value`
			`# is a list of rules.`

			`users:`
			`john:`
Change domain from test.local to example.com Warning: you will need to update your /etc/hosts to take this change into account for the example environment to work. 2017-11-02 20:34:07 +00:00			`- domain: dev.example.com`
Refine access control with per resource ACLs ACLs can now be defined by subdomain AND resource using pattern matching with regular expressions. It allows a very fine-grained access control to backend resources. [Note] For using example environmnent, user must update its /etc/hosts with new subdomains updated in README. 2017-09-03 13:22:09 +00:00			`policy: allow`
			`resources:`
			`- '^/users/john/.*$'`
			`harry:`
Change domain from test.local to example.com Warning: you will need to update your /etc/hosts to take this change into account for the example environment to work. 2017-11-02 20:34:07 +00:00			`- domain: dev.example.com`
Refine access control with per resource ACLs ACLs can now be defined by subdomain AND resource using pattern matching with regular expressions. It allows a very fine-grained access control to backend resources. [Note] For using example environmnent, user must update its /etc/hosts with new subdomains updated in README. 2017-09-03 13:22:09 +00:00			`policy: allow`
			`resources:`
			`- '^/users/harry/.*$'`
			`bob:`
Change domain from test.local to example.com Warning: you will need to update your /etc/hosts to take this change into account for the example environment to work. 2017-11-02 20:34:07 +00:00			`- domain: '*.mail.example.com'`
Refine access control with per resource ACLs ACLs can now be defined by subdomain AND resource using pattern matching with regular expressions. It allows a very fine-grained access control to backend resources. [Note] For using example environmnent, user must update its /etc/hosts with new subdomains updated in README. 2017-09-03 13:22:09 +00:00			`policy: allow`
Change domain from test.local to example.com Warning: you will need to update your /etc/hosts to take this change into account for the example environment to work. 2017-11-02 20:34:07 +00:00			`- domain: 'dev.example.com'`
Refine access control with per resource ACLs ACLs can now be defined by subdomain AND resource using pattern matching with regular expressions. It allows a very fine-grained access control to backend resources. [Note] For using example environmnent, user must update its /etc/hosts with new subdomains updated in README. 2017-09-03 13:22:09 +00:00			`policy: allow`
			`resources:`
			`- '^/users/bob/.*$'`
Change domain from test.local to example.com Warning: you will need to update your /etc/hosts to take this change into account for the example environment to work. 2017-11-02 20:34:07 +00:00			`- domain: 'dev.example.com'`
Refine access control with per resource ACLs ACLs can now be defined by subdomain AND resource using pattern matching with regular expressions. It allows a very fine-grained access control to backend resources. [Note] For using example environmnent, user must update its /etc/hosts with new subdomains updated in README. 2017-09-03 13:22:09 +00:00			`policy: allow`
			`resources:`
			`- '^/users/harry/.*$'</pre>`
			`</body>`
Disable second factor for certain subdomain 2017-09-24 21:19:03 +00:00
Rename redirect query parameter into rd for compatibility with nginx-ingress 2018-04-24 21:03:05 +00:00			`</html>`