mirror of
https://github.com/0rangebananaspy/authelia.git
synced 2024-09-14 22:47:21 +07:00
97bfafb6eb
With previous configuration format rules were not ordered between groups and thus not predictable. Also in some cases `any` must have been a higher precedence than `groups`. Flattening the rules let the user apply whatever policy he can think of. When several rules match the (subject, domain, resource), the first one is applied. NOTE: This commit changed the format for declaring ACLs. Be sure to update your configuration file before upgrading.
17 lines
1.2 KiB
Gherkin
17 lines
1.2 KiB
Gherkin
Feature: Non authenticated users have no access to certain pages
|
|
|
|
Scenario: Anonymous user has no access to protected pages
|
|
Then I get the following status code when requesting:
|
|
| url | code | method |
|
|
| https://login.example.com:8080/secondfactor | 401 | GET |
|
|
| https://login.example.com:8080/secondfactor/u2f/identity/start | 401 | GET |
|
|
| https://login.example.com:8080/secondfactor/u2f/identity/finish | 401 | GET |
|
|
| https://login.example.com:8080/secondfactor/totp/identity/start | 401 | GET |
|
|
| https://login.example.com:8080/secondfactor/totp/identity/finish | 401 | GET |
|
|
| https://login.example.com:8080/loggedin | 401 | GET |
|
|
| https://login.example.com:8080/api/totp | 401 | POST |
|
|
| https://login.example.com:8080/api/u2f/sign_request | 401 | GET |
|
|
| https://login.example.com:8080/api/u2f/sign | 401 | POST |
|
|
| https://login.example.com:8080/api/u2f/register_request | 401 | GET |
|
|
| https://login.example.com:8080/api/u2f/register | 401 | POST |
|