This handler is designed to read vhost configuration from the website
itself not from LL:NG configuration. Rules and headers are set in a
rules.json file stored at the website root directory (ie
http://website/rules.json
). This file looks like:
{
"rules": {
"^/admin": "$uid eq 'admin'",
"default": "accept"
},
"headers": {
"Auth-User": "$uid"
}
}
If this file is not found, the default rule “accept” is applied and just “Auth-User” header is sent (Auth-User => $uid).
No specific configuration is required except that:
VHOSTTYPE
environment variable)/rules.json
or use RULES_URL
parameter to set JSON file path
(see SSO as a Service). Default to
http://127.0.0.1:<server-port>
Attention
Note that DevOps handler will refuse to compile rules.json if Safe Jail isn’t enabled.
See SSO as a Service for more