doc update
This commit is contained in:
parent
3768a0c103
commit
c23cd26a39
21
README
21
README
|
@ -1,6 +1,20 @@
|
|||
== Configure Nginx to launch SSL authentication ==
|
||||
Intro
|
||||
=====
|
||||
|
||||
Configure urls requiring SSL authentication
|
||||
This module allows user authentication and registration using Belgian eID card.
|
||||
The main idea is to redirect user on an alternative port, requiring SSL
|
||||
authentication and using SSL certificate data to authenticate user.
|
||||
|
||||
Config
|
||||
======
|
||||
|
||||
Urls looking for SSL data must be defined on a separate port which should be
|
||||
declared in your BEID_AUTH_PORT setting(defaults to 8443).
|
||||
|
||||
|
||||
|
||||
Configure Nginx
|
||||
===============
|
||||
|
||||
server {
|
||||
listen 8443;
|
||||
|
@ -20,7 +34,7 @@ server {
|
|||
return 301 https://$host/;
|
||||
}
|
||||
|
||||
location ~ ^/accounts/beid/(signin|add) {
|
||||
location ~ ^/accounts/beid/(x509|signin|add|activate/.*) {
|
||||
proxy_pass http://localhost:8000;
|
||||
proxy_read_timeout 600;
|
||||
proxy_set_header Host $host;
|
||||
|
@ -33,6 +47,7 @@ server {
|
|||
proxy_set_header Ssl-Client-S-Dn $ssl_client_s_dn;
|
||||
proxy_set_header Ssl-Client-Serial $ssl_client_serial;
|
||||
proxy_set_header Ssl-Client-Cert $ssl_client_cert;
|
||||
proxy_set_header Ssl-Client-Verify $ssl_client_verify;
|
||||
}
|
||||
|
||||
}
|
||||
|
|
Reference in New Issue