Page MenuHomePhabricator
Create Task
Maniphest T7103

Authentication via Reverse Proxy?
Closed, InvalidPublic
Actions

Description

So, something similar to this: https://wiki.jenkins-ci.org/display/JENKINS/Reverse+Proxy+Auth+Plugin

Basically the problem I am facing is that I want to host Phabricator on AWS. However our admins refuse to open firewall ports to a complete range of subnet from our domain controllers. For Jenkins, I plan to host a reverse proxy on-premise and use that plugin. However, Phabricator doesn't seem to have any authentication mechanism I can use to get around this problem.

( I have a cloud formation template that will take an EBS snapshot and RDS snapshot and create a "clone" of the existing phabricator. That's my plan for upgrading / changing configurations. That's why the IP will change quite frequently, and so I can't just ask the admins to change the firewall rules every time I change something. )

Please do let me know if I've missed anything. Much thanks.

Related Objects

Event Timeline

jason.chen created this task.Feb 2 2015, 9:29 AM
jason.chen raised the priority of this task from to Needs Triage.
jason.chen updated the task description. (Show Details)
jason.chen added a project: Roadmap.
jason.chen added a subscriber: jason.chen.
epriestley added a subscriber: epriestley.Feb 2 2015, 1:28 PM

We don't currently support this.

T814 has some discussion and a third party extension for HTTP Basic auth, which is probably nearly identical to this (i.e., you just want to look at some other header). That's a possible approach, although it may be a fair bit of work and we can't help you with it.

If your network admins are willing to allow connections from a specific source IP, it sounds like you might be able to use an Elastic IP in AWS and whitelist only that IP.

epriestley triaged this task as Low priority.Feb 2 2015, 1:29 PM
epriestley edited projects, added Auth; removed Roadmap.
jason.chen closed this task as Invalid.Feb 2 2015, 9:36 PM
jason.chen claimed this task.

Hi @epriestley that ticket is exactly what I'm after. Much thanks.

Phabricator · Built by Phacility