You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
39 lines
1.1 KiB
39 lines
1.1 KiB
LoadModule auth_basic_module modules/mod_auth_basic.so
|
|
LoadModule authn_file_module modules/mod_authn_file.so
|
|
LoadModule authz_user_module modules/mod_authz_user.so
|
|
|
|
<Location /broker>
|
|
AuthName "OpenShift broker API"
|
|
AuthType Basic
|
|
AuthUserFile /etc/openshift/htpasswd
|
|
require valid-user
|
|
|
|
SetEnvIfNoCase Authorization Bearer passthrough
|
|
|
|
# The node->broker auth is handled in the Ruby code
|
|
BrowserMatchNoCase ^OpenShift passthrough
|
|
Allow from env=passthrough
|
|
|
|
# Console traffic will hit the local port. mod_proxy will set this header automatically.
|
|
SetEnvIf X-Forwarded-For "^$" local_traffic=1
|
|
# Turn the Console output header into the Apache environment variable for the broker remote-user plugin
|
|
SetEnvIf X-Remote-User "(..*)" REMOTE_USER=$1
|
|
Allow from env=local_traffic
|
|
|
|
Order Deny,Allow
|
|
Deny from all
|
|
Satisfy any
|
|
</Location>
|
|
|
|
# The following APIs do not require auth:
|
|
<Location /broker/rest/cartridges*>
|
|
Allow from all
|
|
</Location>
|
|
|
|
<Location /broker/rest/api*>
|
|
Allow from all
|
|
</Location>
|
|
|
|
<Location /broker/rest/environment*>
|
|
Allow from all
|
|
</Location>
|
|
|