RPJosh
/
authelia
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

docs: seafile header sso (#3888)

pull/3893/head^2
James Elliott 2022-08-26 11:34:56 +10:00 committed by GitHub
parent 5ee203485c
commit 0ddeae4a60
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 79 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
docs/content/en/integration/trusted-header-sso/organizr/index.md
View File

@ -21,8 +21,10 @@ As with all guides in this section it's important you read the [introduction](..
## Tested Versions ## Tested Versions
* Authelia: v4.35.5 * Authelia:
* Organizr: 2.1.1890 * v4.35.5
* Organizr:
* 2.1.1890
## Before You Begin ## Before You Begin

75
docs/content/en/integration/trusted-header-sso/seafile/index.md 100644
View File

@ -0,0 +1,75 @@
---
title: "Seafile"
description: "Trusted Header SSO Integration for Seafile"
lead: ""
date: 2022-06-15T17:51:47+10:00
draft: false
images: []
menu:
integration:
parent: "trusted-header-sso"
weight: 420
toc: true
community: true
---
## Introduction
This is a guide on integration of __Authelia__ and [Seafile] via the trusted header SSO authentication.
As with all guides in this section it's important you read the [introduction](../introduction.md) first.
## Tested Versions
* Authelia:
* v4.35.5
* [Seafile] Server:
* 9.0.4
## Before You Begin
This example makes the following assumptions:
* __Application Root URL:__ `https://seafile.example.com`
* __Authelia Root URL:__ `https://auth.example.com`
* __User Email Domain:__ `@example.com`
## Configuration
To configure [Seafile] to trust the `Remote-User` and `Remote-Email` header do the following:
1. Configure `seahub_settings.py` and adjust the following settings:
```python
ENABLE_REMOTE_USER_AUTHENTICATION = True
# Optional, HTTP header, which is configured in your web server conf file,
# used for Seafile to get user's unique id, default value is 'HTTP_REMOTE_USER'.
REMOTE_USER_HEADER = 'HTTP_REMOTE_USER'
# Optional, when the value of HTTP_REMOTE_USER is not a valid email address
# Seafile will build a email-like unique id from the value of 'REMOTE_USER_HEADER'
# and this domain, e.g. user1@example.com.
REMOTE_USER_DOMAIN = 'example.com'
# Optional, whether to create new user in Seafile system, default value is True.
# If this setting is disabled, users doesn't preexist in the Seafile DB cannot login.
# The admin has to first import the users from external systems like LDAP.
REMOTE_USER_CREATE_UNKNOWN_USER = True
# Optional, whether to activate new user in Seafile system, default value is True.
# If this setting is disabled, user will be unable to login by default.
# the administrator needs to manually activate this user.
REMOTE_USER_ACTIVATE_USER_AFTER_CREATION = True
# Optional, map user attribute in HTTP header and Seafile's user attribute.
REMOTE_USER_ATTRIBUTE_MAP = {
'HTTP_REMOTE_NAME': 'name',
'HTTP_REMOTE_EMAIL': 'contact_email',
}
```
## See Also
* [Seafile Remote User Docs](https://manual.seafile.com/deploy/remote_user/)
[Seafile]: https://www.seafile.com/