Stack Overflow
Stack Overflow

Questions tagged [traefik-authentication]

23 questions
3
votes
0 answers

Traefik 2.0: conditionally add headers (for authentication at Grafana)

I'm currently using the jwilder-nginx-reverse-proxy but planning to replace it with Traefik v2.0. Migrating all the configs of my docker instance worked fine so far but ATM I'm struggling with some piece of custom nginx configuration... To have…
Lost Carrier
  • 123
  • 1
  • 7
2
votes
1 answer

Setting up authentication/authorization using Traefik ForwardAuth

I'm using Docker to setup some services and Traefik 2 acts as a reverse proxy for these services. So far I was using Basic Auth to protect the access to the services, but I'm trying to get rid of the user/pass prompt. Looking at the Traefik's…
Fitz
  • 570
  • 1
  • 5
  • 23
2
votes
1 answer

TraefIk Forward Auth Request URI

I am using Traefik's Foward Auth middleware to authenticate my requests. The auth server is hosted at http://localhost/auth The requests that I want to authenticate are from http://rooms.localhost/:roomId For example,…
Pratik Daigavane
  • 63
  • 6
1
vote
1 answer

Traefik forward-auth middleware for OpenID Connect

Traefik includes a forward-auth middleware, but there is also an OIDC-specific middleware in Traefik Enterprise Edition https://traefik.io/glossary/openid-connect-everything-you-need-to-know/ Is it possible to achieve OIDC auth with just the free…
devin
  • 1,078
  • 1
  • 9
  • 23
1
vote
0 answers

Traefik v2 BasicAuth Middleware: having troubles enabling auth for any container different than Dashboard

I'm not really an expert and I'm working on Traefik with Docker for the first time: ideally, I would like to expose a service (ie. a Docker Container with a ready-to-use-app, in this example Koodo Reader) while being protected from *massively easy…
NeoMod
  • 11
  • 2
1
vote
1 answer

Can traefik's forwardAuth middleware be used to secure a browser page (not an api)?

I need to secure a web page with a token stored in a cookie or url param. All examples I can find for using forwardAuth middleware seems to be for securing an API, as it's easy to supply headers in an API request. Sending custom headers isn't an…
Ben Davis
  • 13,112
  • 10
  • 50
  • 65
1
vote
0 answers

Can i use keycloak to authenticate docker services with oauth support using traefik?

I use docker and traefik on my own server to provide my services. Now it is so that I have many services where I have to login, for example Portainer, Gitlab, RocketChat etc. To be honest, it is quite annoying when you have to enter your login data…
Niklas
  • 1,638
  • 4
  • 19
  • 48
1
vote
0 answers

Can Traefik ForwardAuth authenticate multiple APIs with different URL path?

I'm new to Traefik. I just implemented Traefik ForwardAuth with my simple auth server. It seems that Traefik ForwardAuth can only manage the service, but can't manage APIs in service. To give an example: There's a service SVC with 3 APIs that are:…
Frank
  • 11
  • 1
0
votes
0 answers

Traefik trying to update certificates from Let's Encrypt fails with error 403

We have traefik (v2.9.9) running in a Docker Container with a number of services using Let's Encrypt to request certificates and traefik's basicAuth middelware to secure access to this services. When traefik tries to update the certs error 403…
M. Koch
  • 3
  • 3
0
votes
0 answers

Bring up traefik proxy on host 0.0.0.0

Ideally, when I bring up a simple http server using python -m http.server 8081, it runs on 0.0.0.0:8081 which can be connected from a different pod. Upon giving the netstat -nlp command, I see that the local address is 0.0.0.0:8081 and the foreign…
Nikhil Kagita
  • 1
0
votes
0 answers

unauthorized login after adding traefik

I just added Traefik to a project that I'm working on, and when I'm trying to login I get a 401 Unauthorized. The authentication process was working fine before. The authentication is an sso based on SPNEGO, Kerberos and ldap. I logged in the login…
M-BNCH
  • 393
  • 1
  • 3
  • 18
0
votes
0 answers

Skip hostname verification in traefik

I was going through traefik documentation where it is mentioned that "insecuresskipverify" tag can be used to skip ssl verification in case of serverstransport as well as in middleware(forwardauth). In this case any dummy certificate can be used…
atroy
  • 11
  • 2
0
votes
0 answers

How to ask login with middleware everytime I refresh the page or open new tab?

I work in Kubernetes and I have an app I can access with a K8S service and ingress traefik with the following yaml script: --- apiVersion: v1 kind: Secret metadata: name: whoami-login namespace: XXX data: users: XXX # Had it with:…
lbened
  • 65
  • 6
0
votes
0 answers

TLS communication between ingress and auth microservice fails in k8s

Currently if i try to hit a microservice which has https rest endpoint in my local(mac) with a created ssl certifacte i get proper output. During creation of local machine ssl certificate i have used CN(common name) as localhost. I used openssl. For…
atroy
  • 11
  • 2
0
votes
0 answers

traefik always send traffic via tcp to middleware not over TLS

We are trying to encrypt communication between traefik ingress and middleware (forwardauth) & ingress to backend server also. Forwardauth redirects traffic to authentication server which is running over https and used selfsinged certificate. In the…
atroy
  • 11
  • 2
1
2