Code Repositories xandikos / 5befd6d
Add some notes on multi-user support. Jelmer Vernooń≥ 3 years ago
1 changed file(s) with 32 addition(s) and 0 deletion(s). Raw diff Collapse all Expand all
0 Multi-User Support
1 ------------------
2
3 Multi-user support could arguably also include sharing of
4 calendars/collections/etc. This is beyond the scope of this document, which
5 just focuses on allowing multiple users to use their own silo in a single
6 instance of Xandikos.
7
8 Siloed user support can be split up into three steps:
9
10 * storage - mapping a user to a principal
11 * authentication - letting a user log in
12 * authorization - checking whether the user has access to a resource
13
14 Authentication
15 --------------
16
17 In the simplest form, a forwarding proxy provides the name of an authenticated
18 user. E.g. Apache or uWSGI sets the REMOTE_USER environment variable. If
19 REMOTE_USER is not present for an operation that requires authentication, a 401
20 error is returned.
21
22 Authorization
23 -------------
24
25 In the simplest form, users only have access to the resources under their own
26 principal.
27
28 Storage
29 -------
30
31 By default, the principal for a user is simply "/%(username)s".