authentication plugin for cubicweb instances behind a trusted reverse proxy managing authentication (eg. apache + kerberos)
This cube provides an authentication plugin which ensures proper authentication of users behind a trusted reverse proxy (eg. Apache + mod_ssl + mod_auth_kerb).
The idea is that if the CubicWeb application is behind a reverse proxy that is responsible for authenticating users, the CubicWeb application do trust this latter when it says the user is authenticated as ‘user’. This information is simply passed from the reverse proxy to the CubicWeb application by an entry in the HTTP header.
It is non-obstrusive and easy to plug.
The typical usage is to implement a simple kerberos based authentication mecanism.