Edit the README to add an access control section and update the user base

This commit is contained in:
Clement Michaud 2017-03-25 15:38:27 +01:00
parent e310478e6d
commit 38a4570b24
2 changed files with 13 additions and 1 deletions

View File

@ -56,7 +56,12 @@ accepted before getting to the login page:
![first-factor-page](https://raw.githubusercontent.com/clems4ever/authelia/master/images/first_factor.png) ![first-factor-page](https://raw.githubusercontent.com/clems4ever/authelia/master/images/first_factor.png)
### 1st factor: LDAP ### 1st factor: LDAP
An LDAP server has been deployed for you with the following credentials: **user/password**. An LDAP server has been deployed for you with the following credentials:
- **john/password** is in the admin group and has access to every subdomain.
- **bob/password** is in the dev group and has only access to *secret2.test.local*
- **harry/password** is not in a group but has access to *secret1.test.local*
as per the configuration file.
Type them in the login page and validate. Then, the second factor page should Type them in the login page and validate. Then, the second factor page should
have appeared as shown below. have appeared as shown below.
@ -99,6 +104,12 @@ email address. For the sake of the example, the email is delivered in the file
./notifications/notification.txt. ./notifications/notification.txt.
Paste the link in your browser and you should be able to reset the password. Paste the link in your browser and you should be able to reset the password.
### Access Control
With **Authelia**, you can define your own access control rules for restricting
the access to certain subdomains to your users. Those rules are defined in the
configuration file and are per-user or per-group. Check out the
*config.template.yml* to see how they are defined.
## Documentation ## Documentation
### Configuration ### Configuration
The configuration of the server is defined in the file The configuration of the server is defined in the file

View File

@ -47,6 +47,7 @@ access_control:
allowed_domains: allowed_domains:
- secret.test.local - secret.test.local
- secret1.test.local - secret1.test.local
- secret2.test.local
- group: dev - group: dev
allowed_domains: allowed_domains:
- secret2.test.local - secret2.test.local