Lead Image © Gordon Bussiek, Fotolia.com

Lead Image © Gordon Bussiek, Fotolia.com

Identity and access management with Authelia

Bouncer

Article from ADMIN 79/2024
By
Add access controls to web applications that do not have their own user administration; however, this useful gatekeeper requires a reverse proxy.

To protect a private party from hooligans, you could check the guests' invitations at the entrance yourself, or you could hire a bouncer. Authelia [1] acts as a bouncer for web applications to help you regulate access to services that do not offer their own access controls.

Thanks to Authelia, developers do not have to implement complex and time-consuming user management in their own web applications. Instead, they can deploy Authelia upstream of their own software with two-factor authentication and single sign-on (SSO) by default. In other words, you just need to log in to Authelia to access several authorized applications.

Authelia requires that communication with the web applications be protected by a reverse proxy. The software then connects to this reverse proxy (Figure 1) and checks all incoming requests, just as a bouncer would check invitations.

Figure 1: The reverse proxy submits every incoming request to Authelia to authorize access explicitly.

When you access a web application in a browser, your request is first sent to the reverse proxy, which forwards it directly to Authelia for inspection. When a browser knocks on the door for the first time, it does not have an Authelia session cookie. In this

...
Use Express-Checkout link below to read the full article (PDF).

Buy this article as PDF

Express-Checkout as PDF
Price $2.95
(incl. VAT)

Buy ADMIN Magazine

SINGLE ISSUES
Print Issues
Digital Issues
 
SUBSCRIPTIONS
Print Subs
Digisubs
 
TABLET & SMARTPHONE APPS
Get it on Google Play

US / Canada

Get it on Google Play

UK / Australia

Related content

comments powered by Disqus