# 4.2 反向代理授权

功能开发中。

你可以使用HTTP反向代理服务器进行授权。启用该功能，我们可以对JUNO配置如下。

[auth.proxy]
# Defaults to false, but set to true to enable this feature
enabled = true
# HTTP Header name that will contain the username or email
header_name = "X-WEBAUTH-USER"
# HTTP Header property, defaults to `username` but can also be `email`
header_property = "username"
# Set to `true` to enable auto sign up of users who do not exist in Grafana DB. Defaults to `true`.
auto_sign_up = true
# Define cache time to live in minutes
# If combined with Grafana LDAP integration it is also the sync interval
sync_ttl = 60
# Limit where auth proxy requests come from by configuring a list of IP addresses.
# This can be used to prevent users spoofing the X-WEBAUTH-USER header.
# Example `whitelist = 192.168.1.1, 192.168.1.0/24, 2001::23, 2001::0/120`
whitelist = ""
# Optionally define more headers to sync other user attributes
# Example `headers = Name:X-WEBAUTH-NAME Email:X-WEBAUTH-EMAIL Groups:X-WEBAUTH-GROUPS`
headers = ""
# Check out docs on this for more details on the below setting
enable_login_token = false

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21

# 4.2.1 与 Juno 的交互

curl -H "X-WEBAUTH-USER: admin"  http://localhost:50000/api/users
[
    {
        "id":1,
        "name":"",
        "login":"admin",
        "email":"admin@localhost",
        "isAdmin":true
    }
]

1
2
3
4
5
6
7
8
9
10

← 4.1 授权介绍 4.3 Gitlab Auth →