authelia/example/compose/nginx/backend/html/home/index.html
Clement Michaud 76fa325f08 [BREAKING] Create a suite for kubernetes tests.
Authelia client uses hash router instead of browser router in order to work
with Kubernetes nginx-ingress-controller. This is also better for users having
old browsers.

This commit is breaking because it requires to change the configuration of the
proxy to include the # in the URL of the login portal.
2019-03-16 00:13:27 +01:00

134 lines
4.4 KiB
HTML

<!DOCTYPE>
<html>
<head>
<title>Home page</title>
<link rel="icon" href="/icon.png" type="image/png" />
</head>
<body>
<h1>Access the secret</h1>
<span style="font-size: 1.2em; color: red">You need to log in to access the secret!</span><br/><br/> Try to access it using
one of the following links to test access control powered by Authelia.<br/>
<ul>
<li>
public.example.com <a href="https://public.example.com:8080/"> / index.html</a>
</li>
<li>
secure.example.com <a href="https://secure.example.com:8080/"> / secret.html</a>
</li>
<li>
singlefactor.example.com <a href="https://singlefactor.example.com:8080/secret.html"> / secret.html</a>
</li>
<li>
dev.example.com
<ul>
<li>Groups
<ul>
<li>
<a href="https://dev.example.com:8080/groups/admin/secret.html"> / groups / admins / secret.html</a>
</li>
<li>
<a href="https://dev.example.com:8080/groups/dev/secret.html"> / groups / dev / secret.html</a>
</li>
</ul>
</li>
<li>Users
<ul>
<li>
<a href="https://dev.example.com:8080/users/john/secret.html"> / users / john / secret.html</a>
</li>
<li>
<a href="https://dev.example.com:8080/users/harry/secret.html"> / users / harry / secret.html</a>
</li>
<li>
<a href="https://dev.example.com:8080/users/bob/secret.html"> / users / bob / secret.html</a>
</li>
</ul>
</li>
</ul>
</li>
<li>
admin.example.com <a href="https://admin.example.com:8080/secret.html"> / secret.html</a>
</li>
<li>
mx1.main.example.com <a href="https://mx1.mail.example.com:8080/secret.html"> / secret.html</a>
</li>
<li>
mx2.main.example.com <a href="https://mx2.mail.example.com:8080/secret.html"> / secret.html</a>
</li>
</ul>
You can also log off by visiting the following <a href="https://login.example.com:8080/#/logout?rd=https://home.example.com:8080/">link</a>.
<h1>List of users</h1>
Here is the list of credentials you can log in with to test access control.<br/>
<br/> Once first factor is passed, you will need to follow the links to register a secret for the second factor.<br/> Authelia
will send you a fictituous email in a <strong>fake webmail</strong> at <a href="http://localhost:8085">http://localhost:8085</a>.<br/>
It will provide you with the link to complete the registration allowing you to authenticate with 2-factor.
<ul>
<li><strong>john / password</strong>: belongs to <em>admin</em> and <em>dev</em> groups.</li>
<li><strong>bob / password</strong>: belongs to <em>dev</em> group only.</li>
<li><strong>harry / password</strong>: does not belong to any group.</li>
</ul>
<h1>Access control rules</h1>
<p></p>These rules are extracted from the configuration file
<a href="https://github.com/clems4ever/authelia/blob/master/config.template.yml">config.template.yml</a>.</p>
<pre id="rules" style="border: 1px grey solid; padding: 20px; display: inline-block;">
default_policy: deny
rules:
# Rules applied to everyone
- domain: public.example.com
policy: bypass
- domain: secure.example.com
policy: two_factor
- domain: singlefactor.example.com
policy: one_factor
# Rules applied to 'admin' group
- domain: 'mx2.mail.example.com'
subject: 'group:admin'
policy: deny
- domain: '*.example.com'
subject: 'group:admin'
policy: two_factor
# Rules applied to 'dev' group
- domain: dev.example.com
resources:
- '^/groups/dev/.*$'
subject: 'group:dev'
policy: two_factor
# Rules applied to user 'john'
- domain: dev.example.com
resources:
- '^/users/john/.*$'
subject: 'user:john'
policy: two_factor
# Rules applied to user 'harry'
- domain: dev.example.com
resources:
- '^/users/harry/.*$'
subject: 'user:harry'
policy: two_factor
# Rules applied to user 'bob'
- domain: '*.mail.example.com'
subject: 'user:bob'
policy: two_factor
- domain: 'dev.example.com'
resources:
- '^/users/bob/.*$'
subject: 'user:bob'
policy: two_factor
</pre>
</body>
</html>