mirror of
https://github.com/0rangebananaspy/authelia.git
synced 2024-09-14 22:47:21 +07:00
cf16272a73
ACLs can now be defined by subdomain AND resource using pattern matching with regular expressions. It allows a very fine-grained access control to backend resources. [Note] For using example environmnent, user must update its /etc/hosts with new subdomains updated in README.
19 lines
894 B
Gherkin
19 lines
894 B
Gherkin
Feature: Authelia keeps user sessions despite the application restart
|
|
|
|
@need-authenticated-user-john
|
|
Scenario: Session is still valid after Authelia restarts
|
|
When the application restarts
|
|
Then I have access to:
|
|
| url |
|
|
| https://admin.test.local:8080/secret.html |
|
|
|
|
@need-registered-user-john
|
|
Scenario: Secrets are stored even when Authelia restarts
|
|
When the application restarts
|
|
And I visit "https://admin.test.local:8080/secret.html" and get redirected "https://auth.test.local:8080/?redirect=https%3A%2F%2Fadmin.test.local%3A8080%2Fsecret.html"
|
|
And I login with user "john" and password "password"
|
|
And I use "REGISTERED" as TOTP token handle
|
|
And I click on "TOTP"
|
|
Then I have access to:
|
|
| url |
|
|
| https://admin.test.local:8080/secret.html | |