YakumoLabs/nextcloud-user_external
4
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge pull request #63 from nextcloud/basciauth_configuration-warning

Browse Source 
add basic auth configuration security warning
This commit is contained in:
Lutz Freitag
2019-05-23 19:12:45 +02:00
committed by GitHub
parent 00b3952f2f ffbd333547
commit 16ea6de49e
1 changed files with 2 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
README.md
View File

@@ -137,6 +137,8 @@ HTTP server of your choice to authenticate. It should return HTTP 2xx for correc
### Configuration ### Configuration
The only supported parameter is the URL of the web server where the authentication happens. The only supported parameter is the URL of the web server where the authentication happens.
**⚠⚠ Warning:** make sure to use the URL of a correctly configured HTTP Basic authenticating server. If the server always responds with a HTTP 2xx response without validating the users, this would allow anyone to log in to your Nextcloud instance with **any username / password combination**. ⚠⚠
Add the following to your `config.php`: Add the following to your `config.php`:
'user_backends' => array( 'user_backends' => array(