Ancestors

Written by Dust0741@lemmy.world on 2024-10-03 at 18:48

Authentication for external sevices

https://lemmy.world/post/20469777

=> More informations about this toot | More toots from Dust0741@lemmy.world

Written by just_another_person@lemmy.world on 2024-10-03 at 18:50

Tunnels are not authentication.

Are you asking how to have each service challenge for authentication? That’s up to the software.

=> More informations about this toot | More toots from just_another_person@lemmy.world

Written by Dust0741@lemmy.world on 2024-10-03 at 18:57

True.

I would like to add another authentication.

I guess my question is how trustworthy is built-in authentication? I’m not really talking about vulnerabilities, but that’s a part of this, but how much trust can I put into a small projects login page being secure?

=> More informations about this toot | More toots from Dust0741@lemmy.world

Toot

Written by FierySpectre@lemmy.world on 2024-10-03 at 21:00

I’d like to do the same, but atm I use nginx to serve all the web interfaces… And keycloak support is either a plus subscription feature or made to work with hacky Lua scripts.

So for now it’s security through obscurity, I got a wildcard cert and the pages are accessed based on subdomain. So afaik nobody has a clue unless they start iterating common subdomain names. (At some point™️ I’m adding proper auth though)

=> More informations about this toot | More toots from FierySpectre@lemmy.world

Descendants