From 0ddeae4a60014fff135481da7e5cc3e299dd13f1 Mon Sep 17 00:00:00 2001 From: James Elliott Date: Fri, 26 Aug 2022 11:34:56 +1000 Subject: [PATCH] docs: seafile header sso (#3888) --- .../trusted-header-sso/organizr/index.md | 6 +- .../trusted-header-sso/seafile/index.md | 75 +++++++++++++++++++ 2 files changed, 79 insertions(+), 2 deletions(-) create mode 100644 docs/content/en/integration/trusted-header-sso/seafile/index.md diff --git a/docs/content/en/integration/trusted-header-sso/organizr/index.md b/docs/content/en/integration/trusted-header-sso/organizr/index.md index 256887ee0..d3eb829d8 100644 --- a/docs/content/en/integration/trusted-header-sso/organizr/index.md +++ b/docs/content/en/integration/trusted-header-sso/organizr/index.md @@ -21,8 +21,10 @@ As with all guides in this section it's important you read the [introduction](.. ## Tested Versions -* Authelia: v4.35.5 -* Organizr: 2.1.1890 +* Authelia: + * v4.35.5 +* Organizr: + * 2.1.1890 ## Before You Begin diff --git a/docs/content/en/integration/trusted-header-sso/seafile/index.md b/docs/content/en/integration/trusted-header-sso/seafile/index.md new file mode 100644 index 000000000..acd0b3b51 --- /dev/null +++ b/docs/content/en/integration/trusted-header-sso/seafile/index.md @@ -0,0 +1,75 @@ +--- +title: "Seafile" +description: "Trusted Header SSO Integration for Seafile" +lead: "" +date: 2022-06-15T17:51:47+10:00 +draft: false +images: [] +menu: +integration: +parent: "trusted-header-sso" +weight: 420 +toc: true +community: true +--- + +## Introduction + +This is a guide on integration of __Authelia__ and [Seafile] via the trusted header SSO authentication. + +As with all guides in this section it's important you read the [introduction](../introduction.md) first. + +## Tested Versions + +* Authelia: + * v4.35.5 +* [Seafile] Server: + * 9.0.4 + +## Before You Begin + +This example makes the following assumptions: + +* __Application Root URL:__ `https://seafile.example.com` +* __Authelia Root URL:__ `https://auth.example.com` +* __User Email Domain:__ `@example.com` + +## Configuration + +To configure [Seafile] to trust the `Remote-User` and `Remote-Email` header do the following: + +1. Configure `seahub_settings.py` and adjust the following settings: +```python +ENABLE_REMOTE_USER_AUTHENTICATION = True + +# Optional, HTTP header, which is configured in your web server conf file, +# used for Seafile to get user's unique id, default value is 'HTTP_REMOTE_USER'. +REMOTE_USER_HEADER = 'HTTP_REMOTE_USER' + +# Optional, when the value of HTTP_REMOTE_USER is not a valid email address, +# Seafile will build a email-like unique id from the value of 'REMOTE_USER_HEADER' +# and this domain, e.g. user1@example.com. +REMOTE_USER_DOMAIN = 'example.com' + +# Optional, whether to create new user in Seafile system, default value is True. +# If this setting is disabled, users doesn't preexist in the Seafile DB cannot login. +# The admin has to first import the users from external systems like LDAP. +REMOTE_USER_CREATE_UNKNOWN_USER = True + +# Optional, whether to activate new user in Seafile system, default value is True. +# If this setting is disabled, user will be unable to login by default. +# the administrator needs to manually activate this user. +REMOTE_USER_ACTIVATE_USER_AFTER_CREATION = True + +# Optional, map user attribute in HTTP header and Seafile's user attribute. +REMOTE_USER_ATTRIBUTE_MAP = { + 'HTTP_REMOTE_NAME': 'name', + 'HTTP_REMOTE_EMAIL': 'contact_email', +} +``` + +## See Also + +* [Seafile Remote User Docs](https://manual.seafile.com/deploy/remote_user/) + +[Seafile]: https://www.seafile.com/