quantum/nginx-krbauth
1
0
Fork 0
mirror of https://github.com/quantum5/nginx-krbauth.git synced 2025-07-27 04:04:14 -04:00
Code Issues Packages Projects Releases Wiki Activity

Don't create cookies when mTLS is used

Browse source
This commit is contained in:
Quantum 2025-07-20 17:29:01 -04:00
parent 32cebf4691
commit c0395eb97a
1 changed files with 2 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
nginx_krbauth.py
View file

@ -192,7 +192,8 @@ def auth() -> Response:
authorization = request.headers.get('Authorization', '') authorization = request.headers.get('Authorization', '')
if check_tls(): if check_tls():
return auth_success(context, next_url) # No cookie required since the check endpoint can trivially verify mTLS.
return redirect(next_url, code=307)
if ENABLE_GSSAPI and authorization.startswith('Negotiate '): if ENABLE_GSSAPI and authorization.startswith('Negotiate '):
return auth_spnego(context, next_url) return auth_spnego(context, next_url)
if LDAP_USER_DN and authorization.startswith('Basic '): if LDAP_USER_DN and authorization.startswith('Basic '):