mirror of
https://github.com/0rangebananaspy/authelia.git
synced 2024-09-14 22:47:21 +07:00
b9fea361c9
Running this suite is the first advice given by the bootstrap script to help the user move forward. This commit also updates the documentation to reflect changes introduced by the Go rewrite.
132 lines
4.3 KiB
HTML
132 lines
4.3 KiB
HTML
<!DOCTYPE>
|
|
<html>
|
|
|
|
<head>
|
|
<title>Home page</title>
|
|
<link rel="icon" href="/icon.png" type="image/png" />
|
|
</head>
|
|
|
|
<body>
|
|
<h1>Access the secret</h1>
|
|
<span style="font-size: 1.2em; color: red">You need to log in to access the secret!</span><br/><br/> Try to access it using
|
|
one of the following links to test access control powered by Authelia.<br/>
|
|
<ul>
|
|
<li>
|
|
public.example.com <a href="https://public.example.com:8080/"> /</a>
|
|
</li>
|
|
<li>
|
|
secure.example.com <a href="https://secure.example.com:8080/secret.html"> / secret.html</a>
|
|
</li>
|
|
<li>
|
|
singlefactor.example.com <a href="https://singlefactor.example.com:8080/secret.html"> / secret.html</a>
|
|
</li>
|
|
<li>
|
|
dev.example.com
|
|
<ul>
|
|
<li>Groups
|
|
<ul>
|
|
<li>
|
|
<a href="https://dev.example.com:8080/groups/admin/secret.html"> / groups / admins / secret.html</a>
|
|
</li>
|
|
<li>
|
|
<a href="https://dev.example.com:8080/groups/dev/secret.html"> / groups / dev / secret.html</a>
|
|
</li>
|
|
</ul>
|
|
</li>
|
|
<li>Users
|
|
<ul>
|
|
<li>
|
|
<a href="https://dev.example.com:8080/users/john/secret.html"> / users / john / secret.html</a>
|
|
</li>
|
|
<li>
|
|
<a href="https://dev.example.com:8080/users/harry/secret.html"> / users / harry / secret.html</a>
|
|
</li>
|
|
<li>
|
|
<a href="https://dev.example.com:8080/users/bob/secret.html"> / users / bob / secret.html</a>
|
|
</li>
|
|
</ul>
|
|
</li>
|
|
</ul>
|
|
</li>
|
|
<li>
|
|
admin.example.com <a href="https://admin.example.com:8080/secret.html"> / secret.html</a>
|
|
</li>
|
|
<li>
|
|
mx1.main.example.com <a href="https://mx1.mail.example.com:8080/secret.html"> / secret.html</a>
|
|
</li>
|
|
<li>
|
|
mx2.main.example.com <a href="https://mx2.mail.example.com:8080/secret.html"> / secret.html</a>
|
|
</li>
|
|
</ul>
|
|
|
|
You can also log off by visiting the following <a href="https://login.example.com:8080/#/logout?rd=https://home.example.com:8080/">link</a>.
|
|
|
|
<h1>List of users</h1>
|
|
Here is the list of credentials you can log in with to test access control.<br/>
|
|
<br/> Once first factor is passed, you will need to follow the links to register a secret for the second factor.<br/> Authelia
|
|
will send you a fictituous email in a <strong>fake webmail</strong> at <a href="http://localhost:8085">http://localhost:8085</a>.<br/>
|
|
It will provide you with the link to complete the registration allowing you to authenticate with 2-factor.
|
|
|
|
<ul>
|
|
<li><strong>john / password</strong>: belongs to <em>admin</em> and <em>dev</em> groups.</li>
|
|
<li><strong>bob / password</strong>: belongs to <em>dev</em> group only.</li>
|
|
<li><strong>harry / password</strong>: does not belong to any group.</li>
|
|
</ul>
|
|
|
|
<h1>Access control rules</h1>
|
|
<p></p>These rules are extracted from the configuration file
|
|
<a href="https://github.com/clems4ever/authelia/blob/master/config.template.yml">config.template.yml</a>.</p>
|
|
<pre id="rules" style="border: 1px grey solid; padding: 20px; display: inline-block;">
|
|
default_policy: deny
|
|
|
|
rules:
|
|
# Rules applied to everyone
|
|
- domain: public.example.com
|
|
policy: two_factor
|
|
- domain: singlefactor.example.com
|
|
policy: one_factor
|
|
|
|
# Rules applied to 'admin' group
|
|
- domain: 'mx2.mail.example.com'
|
|
subject: 'group:admin'
|
|
policy: deny
|
|
- domain: '*.example.com'
|
|
subject: 'group:admin'
|
|
policy: two_factor
|
|
|
|
# Rules applied to 'dev' group
|
|
- domain: dev.example.com
|
|
resources:
|
|
- '^/groups/dev/.*$'
|
|
subject: 'group:dev'
|
|
policy: two_factor
|
|
|
|
# Rules applied to user 'john'
|
|
- domain: dev.example.com
|
|
resources:
|
|
- '^/users/john/.*$'
|
|
subject: 'user:john'
|
|
policy: two_factor
|
|
|
|
|
|
# Rules applied to user 'harry'
|
|
- domain: dev.example.com
|
|
resources:
|
|
- '^/users/harry/.*$'
|
|
subject: 'user:harry'
|
|
policy: two_factor
|
|
|
|
# Rules applied to user 'bob'
|
|
- domain: '*.mail.example.com'
|
|
subject: 'user:bob'
|
|
policy: two_factor
|
|
- domain: 'dev.example.com'
|
|
resources:
|
|
- '^/users/bob/.*$'
|
|
subject: 'user:bob'
|
|
policy: two_factor
|
|
</pre>
|
|
</body>
|
|
|
|
</html>
|