From 18bfc1f2265bd5d2bfe1265079c965650977f3a8 Mon Sep 17 00:00:00 2001 From: Samuel Maldonado Date: Wed, 8 May 2024 15:22:01 -0400 Subject: [PATCH 1/2] add remote validation setting --- Configuration.md | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/Configuration.md b/Configuration.md index 4568b19..695e964 100644 --- a/Configuration.md +++ b/Configuration.md @@ -81,6 +81,7 @@ queues: redis: url: # url of a running redis database validate_file: # (See "User Authentication Options" below) +remote_validate_file: # (See "User Authentication Options" below) validate_ip: # (See "User Authentication Options" below) validate_custom_status_message: # (See "User Authentication Options" below) validate_user_not_allowed_message: # (See "User Authentication Options" below) @@ -220,6 +221,12 @@ validate_custom_status_message: local_auth_login_name: shibboleth ``` +Additionally, MarkUs can be set to restrict remote logins based on username and/or IP when using remote authentication. + +**To enable restricted remote authentication, set the following settings:** + +- `remote_validate_file:` an absolute path to a script that expects input from stdin (user name, password (blank), and IP address; separated by "\n") and returns 0 if the user is authenticated and any other positive integer otherwise. + ### Logout redirect The `logout_redirect` setting determines where the user will be redirected when they logout of MarkUs. It can be one of `DEFAULT`, `NONE`, or a URL. From 2cb25eac2c23777653d0528a95c0e45ab42046da Mon Sep 17 00:00:00 2001 From: Samuel Maldonado Date: Thu, 9 May 2024 11:56:10 -0400 Subject: [PATCH 2/2] correct pluralization --- Configuration.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Configuration.md b/Configuration.md index 695e964..f0a4cc0 100644 --- a/Configuration.md +++ b/Configuration.md @@ -223,7 +223,7 @@ local_auth_login_name: shibboleth Additionally, MarkUs can be set to restrict remote logins based on username and/or IP when using remote authentication. -**To enable restricted remote authentication, set the following settings:** +**To enable restricted remote authentication, set the following setting:** - `remote_validate_file:` an absolute path to a script that expects input from stdin (user name, password (blank), and IP address; separated by "\n") and returns 0 if the user is authenticated and any other positive integer otherwise.