This Handler is designed to retrieve VHost configuration from the website
itself, not from LL:NG configuration. Rules and headers are set in a
rules.json file stored at the website root directory (ie
http://website/rules.json
). This file looks like:
{
"rules": {
"^/admin": "$uid eq 'admin'",
"default": "accept"
},
"headers": {
"Auth-User": "$uid"
}
}
If this file is not found, the default rule “accept” is applied and just “Auth-User” header is sent (Auth-User => $uid).
No specific configuration is required except that:
DevOps
handler type either with
VHOSTTYPE
environment variable or in VHost options/rules.json
or use
RULES_URL
environment variable to set JSON file location.
Default to http://127.0.0.1:<server-port>
HTTP_REDIRECT
or PORT_REDIRECT
environment variables.Attention
Note that DevOps handler will not compile rules.json if Safe Jail is not enabled.
See SSO as a Service for more.