diff options
Diffstat (limited to 'doc/manual.html')
-rw-r--r-- | doc/manual.html | 51 |
1 files changed, 51 insertions, 0 deletions
diff --git a/doc/manual.html b/doc/manual.html index d010685..f0535c2 100644 --- a/doc/manual.html +++ b/doc/manual.html @@ -987,6 +987,57 @@ check that the proofs of possession are correct, and the possessed key is signed by the identity provider. </p> + <h2>Running webid-oidc-reverse-proxy</h2> + <p> + The distribution comes with a reverse proxy, aptly named + <pre>webid-oidc-reverse-proxy</pre>, to listen to an interface, + take requests, authenticate them, and pass them to a backend + with an additional header containing the webid of the agent, if + authenticated. + </p> + <p>The reverse proxy is invoked with the following arguments:</p> + <ul> + <li> + <pre>-p</pre> <info:var>PORT</info:var>, + <pre>--port=</pre><info:var>PORT</info:var>: the port on which + the reverse proxy listens; + </li> + <li> + <pre>-i</pre> <info:var>INBOUND</info:var>, + <pre>--inbound-uri=</pre><info:var>INBOUND</info:var>: the + public name of the server; + </li> + <li> + <pre>-o</pre> <info:var>OUTBOUND</info:var>, + <pre>--outbound-uri=</pre><info:var>OUTBOUND</info:var>: the + address of the backend; + </li> + <li> + <pre>-H</pre> <info:var>HEADER</info:var>, + <pre>--header=</pre><info:var>HEADER</info:var>: replace the + name of the header that will contain the webid of the + user. Defaults to <pre>XXX-Agent</pre>. Please note that this + value should be ASCII, otherwise it’s not guaranteed that the + reverse proxy will drop other capitalizations of the header in + malicious requests. + </li> + <li> + <pre>-l <info:var>FILE.log</info:var></pre>, or + <pre>--log-file=<info:var>FILE.log</info:var></pre> let the + server dump all its output to + <info:var>FILE.log</info:var>. See the identity provider + comment. + </li> + <li> + <pre>-e <info:var>FILE.err</info:var></pre>, or + <pre>--error-file=<info:var>FILE.err</info:var></pre> let the + server dump all its errors to <info:var>FILE.err</info:var>. + </li> + </ul> + <p> + You can localize the interface by setting the + <info:var>LANG</info:var> environment variable. + </p> <h2>The authenticator</h2> <p> In <emph>(webid-oidc jws)</emph>, the following function |