CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-19 07:23:06 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #549 from Security-Onion-Solutions/feature/auth

Browse Source 
Feature/auth
This commit is contained in:
Jason Ertel
2020-04-09 17:39:23 -04:00
committed by GitHub
parent c0739976c9 c130c8fbf4
commit 3bf7a5aab5
5 changed files with 24 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
salt/common/nginx/nginx.conf.so-eval
View File

@@ -134,9 +134,9 @@ http {
proxy_set_header Connection "Upgrade"; proxy_set_header Connection "Upgrade";
} }
location /auth/ { location ~ ^/auth/.*?(whoami|login|logout) {
rewrite /auth/(.*) /$1 break; rewrite /auth/(.*) /$1 break;
proxy_pass http://{{ masterip }}:4433/; proxy_pass http://{{ masterip }}:4433;
proxy_read_timeout 90; proxy_read_timeout 90;
proxy_connect_timeout 90; proxy_connect_timeout 90;
proxy_set_header Host $host; proxy_set_header Host $host;
@@ -295,7 +295,7 @@ http {
error_page 401 = @error401; error_page 401 = @error401;
location @error401 { location @error401 {
add_header Set-Cookie "NSREDIRECT=http://{{ masterip }}$request_uri;Domain={{ masterip }};Path=/;Max-Age=60000"; add_header Set-Cookie "AUTH_REDIRECT=$request_uri;Max-Age=14400";
return 302 /auth/self-service/browser/flows/login; return 302 /auth/self-service/browser/flows/login;
} }

6
salt/common/nginx/nginx.conf.so-master
View File

@@ -134,9 +134,9 @@ http {
proxy_set_header Connection "Upgrade"; proxy_set_header Connection "Upgrade";
} }
location /auth/ { location ~ ^/auth/.*?(whoami|login|logout) {
rewrite /auth/(.*) /$1 break; rewrite /auth/(.*) /$1 break;
proxy_pass http://{{ masterip }}:4433/; proxy_pass http://{{ masterip }}:4433;
proxy_read_timeout 90; proxy_read_timeout 90;
proxy_connect_timeout 90; proxy_connect_timeout 90;
proxy_set_header Host $host; proxy_set_header Host $host;
@@ -295,7 +295,7 @@ http {
error_page 401 = @error401; error_page 401 = @error401;
location @error401 { location @error401 {
add_header Set-Cookie "NSREDIRECT=http://{{ masterip }}$request_uri;Domain={{ masterip }};Path=/;Max-Age=60000"; add_header Set-Cookie "AUTH_REDIRECT=$request_uri;Path=/;Max-Age=14400";
return 302 /auth/self-service/browser/flows/login; return 302 /auth/self-service/browser/flows/login;
} }

6
salt/common/nginx/nginx.conf.so-mastersearch
View File

@@ -134,9 +134,9 @@ http {
proxy_set_header Connection "Upgrade"; proxy_set_header Connection "Upgrade";
} }
location /auth/ { location ~ ^/auth/.*?(whoami|login|logout) {
rewrite /auth/(.*) /$1 break; rewrite /auth/(.*) /$1 break;
proxy_pass http://{{ masterip }}:4433/; proxy_pass http://{{ masterip }}:4433;
proxy_read_timeout 90; proxy_read_timeout 90;
proxy_connect_timeout 90; proxy_connect_timeout 90;
proxy_set_header Host $host; proxy_set_header Host $host;
@@ -295,7 +295,7 @@ http {
error_page 401 = @error401; error_page 401 = @error401;
location @error401 { location @error401 {
add_header Set-Cookie "NSREDIRECT=http://{{ masterip }}$request_uri;Domain={{ masterip }};Path=/;Max-Age=60000"; add_header Set-Cookie "AUTH_REDIRECT=$request_uri;Path=/;Max-Age=14400";
return 302 /auth/self-service/browser/flows/login; return 302 /auth/self-service/browser/flows/login;
} }

12
salt/soc/files/kratos/schema.json
View File

@@ -19,6 +19,18 @@
"via": "email" "via": "email"
} }
} }
},
"firstName": {
"type": "string",
"title": "First Name"
},
"lastName": {
"type": "string",
"title": "Last Name"
},
"role": {
"type": "string",
"title": "Role"
} }
}, },
"required": [ "required": [

3
salt/soc/files/soc/soc.json
View File

@@ -11,6 +11,9 @@
"filedatastore": { "filedatastore": {
"jobDir": "jobs" "jobDir": "jobs"
}, },
"kratos": {
"hostUrl": "http://{{ MASTERIP }}:4434/"
},
"securityonion": { "securityonion": {
"elasticsearchHost": "http://{{ MASTERIP }}:9200", "elasticsearchHost": "http://{{ MASTERIP }}:9200",
"elasticsearchUsername": "", "elasticsearchUsername": "",