prosody-modules
898575a0c6f3
mod_http_authentication/README.markdown

Find changesets by keywords by author, files, the commit message, revision number or hash, or revset expression.

Software / code / prosody-modules

File

mod_http_authentication/README.markdown @ 5210:898575a0c6f3

mod_http_oauth2: Switch to '303 See Other' redirects This is the recommendation by draft-ietf-oauth-v2-1-07 section 7.5.2. It is the only redirect code that guarantees the user agent will use a GET request, rather than re-submitting a POST request to the new URL. The latter would be bad for us, as we are encoding auth tokens in the form data.
author Matthew Wild <mwild1@gmail.com>
date Mon, 06 Mar 2023 10:37:43 +0000
parent 3019:b19d64dd4c66
line wrap: on
line source

---
labels:
- 'Stage-Beta'
summary: Enforces HTTP Basic authentication across all HTTP endpoints served by Prosody
...

# mod_http_authentication

This module enforces HTTP Basic authentication across all HTTP endpoints served by Prosody.

## Configuration

  Name                               Default                           Description
  ---------------------------------- --------------------------------- --------------------------------------------------------------------------------------------------------------------------------------
  http\_credentials                  "minddistrict:secretpassword"     The credentials that HTTP clients must provide to access the HTTP interface. Should be a string with the syntax "username:password".
  unauthenticated\_http\_endpoints   { "/http-bind", "/http-bind/" }   A list of paths that should be excluded from authentication.

## Usage

This is a global module, so should be added to the global `modules_enabled` option in your config file. It applies to all HTTP virtual hosts.

## Compatibility

The module use a new API in Prosody 0.10 and will not work with older
versions.

## Details

By Kim Alvefur \<zash@zash.se\>