[tor-bugs] #32332 [Internal Services/Service - nextcloud]: Set up LDAP authn for nc.tpn
Tor Bug Tracker & Wiki
blackhole at torproject.org
Wed Nov 20 22:21:26 UTC 2019
#32332: Set up LDAP authn for nc.tpn
-------------------------------------------------+-------------------------
Reporter: ln5 | Owner:
| nextcloud-admin@…
Type: defect | Status: new
Priority: Medium | Milestone:
Component: Internal Services/Service - | Version:
nextcloud |
Severity: Normal | Resolution:
Keywords: | Actual Points:
Parent ID: #32519 | Points:
Reviewer: | Sponsor:
-------------------------------------------------+-------------------------
Comment (by anarcat):
i just had the idea that we could leverage the "basic http auth" system
for authentication here.
the idea would be that ud-ldap would populate a "htaccess/htpasswd" kind
of file and Nextcloud would tap into that. It seems there's support for
configuring nextcloud to authenticate against "environment variables"
which we could leverage for this purpose:
https://docs.nextcloud.com/server/11/admin_manual/configuration_server/sso_configuration.html
#configuring-environment-based-authentication
The advantage of this approach is that it could possibly work for *ALL*
web apps. We would reuse the `webPassword` field in LDAP and reuse it
everywhere... It could be used for GitLab as well, for example...
Otherwise I don't think it's worth treating NC as a special snowflake. If
we don't take the above approach, we should just hook it up directly into
LDAP and accept that it might have problems if LDAP is down.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/32332#comment:8>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list