Is Proxy Authentication using Headers or Environment possible?

wz2b · February 23, 2024, 2:56pm

To be completed by the original poster:

CMS Version

Release-4.0.7

Installation Method

Docker

Operating System

Linux

Issue

I have an Apache proxy in front of Xibo. That proxy already knows how to communicate with our Shibboleth server and authenticate. Is there an authentication provider for Xibo that will take in the auth information from the proxy (via HTTP headers, if possible) and match that up to an existing Xibo user? This is SAML2 but I really don’t want Xibo handling the SAML. I want my Apache server to do it, then just send the authenticated username (email address) to Xibo.

I can set the header to anything I want, it is typically “Remote-User”

alex · February 23, 2024, 4:33pm

Xibo doesn’t have that functionality. It can do SAML itself (and we’ve connected to Shibboleth in the past with that).