mirror of
https://github.com/0rangebananaspy/authelia.git
synced 2024-09-14 22:47:21 +07:00
d09a307ff8
Authelia was using links with href="#" that changed the URL when clicked on. Therefore, this commit removes the href property and apply link style to tags without href property.
134 lines
4.4 KiB
HTML
134 lines
4.4 KiB
HTML
<!DOCTYPE>
|
|
<html>
|
|
|
|
<head>
|
|
<title>Home page</title>
|
|
<link rel="icon" href="/icon.png" type="image/png" />
|
|
</head>
|
|
|
|
<body>
|
|
<h1>Access the secret</h1>
|
|
<span style="font-size: 1.2em; color: red">You need to log in to access the secret!</span><br/><br/> Try to access it using
|
|
one of the following links to test access control powered by Authelia.<br/>
|
|
<ul>
|
|
<li>
|
|
public.example.com <a href="https://public.example.com:8080/"> /</a>
|
|
</li>
|
|
<li>
|
|
secure.example.com <a href="https://secure.example.com:8080/secret.html"> / secret.html</a>
|
|
</li>
|
|
<li>
|
|
singlefactor.example.com <a href="https://singlefactor.example.com:8080/secret.html"> / secret.html</a>
|
|
</li>
|
|
<li>
|
|
dev.example.com
|
|
<ul>
|
|
<li>Groups
|
|
<ul>
|
|
<li>
|
|
<a href="https://dev.example.com:8080/groups/admin/secret.html"> / groups / admins / secret.html</a>
|
|
</li>
|
|
<li>
|
|
<a href="https://dev.example.com:8080/groups/dev/secret.html"> / groups / dev / secret.html</a>
|
|
</li>
|
|
</ul>
|
|
</li>
|
|
<li>Users
|
|
<ul>
|
|
<li>
|
|
<a href="https://dev.example.com:8080/users/john/secret.html"> / users / john / secret.html</a>
|
|
</li>
|
|
<li>
|
|
<a href="https://dev.example.com:8080/users/harry/secret.html"> / users / harry / secret.html</a>
|
|
</li>
|
|
<li>
|
|
<a href="https://dev.example.com:8080/users/bob/secret.html"> / users / bob / secret.html</a>
|
|
</li>
|
|
</ul>
|
|
</li>
|
|
</ul>
|
|
</li>
|
|
<li>
|
|
admin.example.com <a href="https://admin.example.com:8080/secret.html"> / secret.html</a>
|
|
</li>
|
|
<li>
|
|
mx1.main.example.com <a href="https://mx1.mail.example.com:8080/secret.html"> / secret.html</a>
|
|
</li>
|
|
<li>
|
|
mx2.main.example.com <a href="https://mx2.mail.example.com:8080/secret.html"> / secret.html</a>
|
|
</li>
|
|
</ul>
|
|
|
|
You can also log off by visiting the following <a href="https://login.example.com:8080/#/logout?rd=https://home.example.com:8080/">link</a>.
|
|
|
|
<h1>List of users</h1>
|
|
Here is the list of credentials you can log in with to test access control.<br/>
|
|
<br/> Once first factor is passed, you will need to follow the links to register a secret for the second factor.<br/> Authelia
|
|
will send you a fictituous email in a <strong>fake webmail</strong> at <a href="http://localhost:8085">http://localhost:8085</a>.<br/>
|
|
It will provide you with the link to complete the registration allowing you to authenticate with 2-factor.
|
|
|
|
<ul>
|
|
<li><strong>john / password</strong>: belongs to <em>admin</em> and <em>dev</em> groups.</li>
|
|
<li><strong>bob / password</strong>: belongs to <em>dev</em> group only.</li>
|
|
<li><strong>harry / password</strong>: does not belong to any group.</li>
|
|
</ul>
|
|
|
|
<h1>Access control rules</h1>
|
|
<p></p>These rules are extracted from the configuration file
|
|
<a href="https://github.com/clems4ever/authelia/blob/master/config.template.yml">config.template.yml</a>.</p>
|
|
<pre id="rules" style="border: 1px grey solid; padding: 20px; display: inline-block;">
|
|
default_policy: deny
|
|
|
|
rules:
|
|
# Rules applied to everyone
|
|
- domain: public.example.com
|
|
policy: bypass
|
|
- domain: secure.example.com
|
|
policy: two_factor
|
|
- domain: singlefactor.example.com
|
|
policy: one_factor
|
|
|
|
# Rules applied to 'admin' group
|
|
- domain: 'mx2.mail.example.com'
|
|
subject: 'group:admin'
|
|
policy: deny
|
|
- domain: '*.example.com'
|
|
subject: 'group:admin'
|
|
policy: two_factor
|
|
|
|
# Rules applied to 'dev' group
|
|
- domain: dev.example.com
|
|
resources:
|
|
- '^/groups/dev/.*$'
|
|
subject: 'group:dev'
|
|
policy: two_factor
|
|
|
|
# Rules applied to user 'john'
|
|
- domain: dev.example.com
|
|
resources:
|
|
- '^/users/john/.*$'
|
|
subject: 'user:john'
|
|
policy: two_factor
|
|
|
|
|
|
# Rules applied to user 'harry'
|
|
- domain: dev.example.com
|
|
resources:
|
|
- '^/users/harry/.*$'
|
|
subject: 'user:harry'
|
|
policy: two_factor
|
|
|
|
# Rules applied to user 'bob'
|
|
- domain: '*.mail.example.com'
|
|
subject: 'user:bob'
|
|
policy: two_factor
|
|
- domain: 'dev.example.com'
|
|
resources:
|
|
- '^/users/bob/.*$'
|
|
subject: 'user:bob'
|
|
policy: two_factor
|
|
</pre>
|
|
</body>
|
|
|
|
</html>
|