From e0e51d15a335ca9ad2c0b1071fbeca8f0157693f Mon Sep 17 00:00:00 2001 From: Samuel Maldonado Date: Fri, 10 May 2024 07:48:33 -0400 Subject: [PATCH] add remote validation setting (#213) --- Configuration.md | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/Configuration.md b/Configuration.md index 4568b19..f0a4cc0 100644 --- a/Configuration.md +++ b/Configuration.md @@ -81,6 +81,7 @@ queues: redis: url: # url of a running redis database validate_file: # (See "User Authentication Options" below) +remote_validate_file: # (See "User Authentication Options" below) validate_ip: # (See "User Authentication Options" below) validate_custom_status_message: # (See "User Authentication Options" below) validate_user_not_allowed_message: # (See "User Authentication Options" below) @@ -220,6 +221,12 @@ validate_custom_status_message: local_auth_login_name: shibboleth ``` +Additionally, MarkUs can be set to restrict remote logins based on username and/or IP when using remote authentication. + +**To enable restricted remote authentication, set the following setting:** + +- `remote_validate_file:` an absolute path to a script that expects input from stdin (user name, password (blank), and IP address; separated by "\n") and returns 0 if the user is authenticated and any other positive integer otherwise. + ### Logout redirect The `logout_redirect` setting determines where the user will be redirected when they logout of MarkUs. It can be one of `DEFAULT`, `NONE`, or a URL.