diff --git a/docs/configuration/entrypoints.md b/docs/configuration/entrypoints.md index dc19b6ef4..7ed721258 100644 --- a/docs/configuration/entrypoints.md +++ b/docs/configuration/entrypoints.md @@ -109,23 +109,52 @@ Users can be specified directly in the toml file, or indirectly by referencing a usersFile = "/path/to/.htdigest" ``` +### Forward Authentication + +This configuration will first forward the request to `http://authserver.com/auth`. + +If the response code is 2XX, access is granted and the original request is performed. +Otherwise, the response from the auth server is returned. + +```toml +[entryPoints] + [entryPoints.http] + # ... + # To enable forward auth on an entrypoint + [entryPoints.http.auth.forward] + address = "http://authserver.com/auth" +``` + +```toml +[entryPoints] + [entrypoints.http] + # ... + # To enable forward auth on an entrypoint (HTTPS) + [entrypoints.http.auth.forward] + address = "https://authserver.com/auth" + [entrypoints.http.auth.forward.tls] + cert = "authserver.crt" + key = "authserver.key" +``` + + ## Specify Minimum TLS Version -To specify an https entrypoint with a minimum TLS version, and specifying an array of cipher suites (from crypto/tls). +To specify an https entry point with a minimum TLS version, and specifying an array of cipher suites (from crypto/tls). ```toml [entryPoints] [entryPoints.https] address = ":443" [entryPoints.https.tls] - MinVersion = "VersionTLS12" - CipherSuites = ["TLS_RSA_WITH_AES_256_GCM_SHA384"] + minVersion = "VersionTLS12" + cipherSuites = ["TLS_RSA_WITH_AES_256_GCM_SHA384"] [[entryPoints.https.tls.certificates]] - CertFile = "integration/fixtures/https/snitest.com.cert" - KeyFile = "integration/fixtures/https/snitest.com.key" + certFile = "integration/fixtures/https/snitest.com.cert" + keyFile = "integration/fixtures/https/snitest.com.key" [[entryPoints.https.tls.certificates]] - CertFile = "integration/fixtures/https/snitest.org.cert" - KeyFile = "integration/fixtures/https/snitest.org.key" + certFile = "integration/fixtures/https/snitest.org.cert" + keyFile = "integration/fixtures/https/snitest.org.key" ``` ## Compression diff --git a/types/types.go b/types/types.go index c22b8044b..7b8717ca4 100644 --- a/types/types.go +++ b/types/types.go @@ -1,16 +1,15 @@ package types import ( + "crypto/tls" + "crypto/x509" "encoding" "errors" "fmt" - "strconv" - "strings" - - "crypto/tls" - "crypto/x509" "io/ioutil" "os" + "strconv" + "strings" "github.com/containous/traefik/log" "github.com/docker/libkv/store"