contour-authserver
An Envoy-compatible authorization server. (by projectcontour)
traefik-forward-auth
Minimal forward authentication service that provides Google/OpenID oauth based login and authentication for the traefik reverse proxy (by thomseddon)
contour-authserver | traefik-forward-auth | |
---|---|---|
1 | 32 | |
42 | 2,027 | |
- | - | |
8.3 | 0.0 | |
10 days ago | 7 days ago | |
Go | Go | |
Apache License 2.0 | MIT License |
The number of mentions indicates the total number of mentions that we've tracked plus the number of user suggested alternatives.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
contour-authserver
Posts with mentions or reviews of contour-authserver.
We have used some of these posts to build our list of alternatives
and similar projects. The last one was on 2022-12-21.
-
Cant wrap my head around auth process
OIDC OAuth for k8s authorization had nothing to do with AAA in your app.Nginx as an ingress or an API gateway is pretty much obsolete - you have to pick an API Gateway with an external Auth support, like Contour and it's auth server.More advanced service meshes, like istio has a built-in authz policies for JWT handling.Keep in mind that with the introduction of API Gateway spec, it's really important to pick the most mature solution out of the bunch. It's especially crucial, after 1.26 release, because current SIG can port the auth policies from service meshes directly into kubernetes admission, like it happened already with OPA & Kyverno policies.
traefik-forward-auth
Posts with mentions or reviews of traefik-forward-auth.
We have used some of these posts to build our list of alternatives
and similar projects. The last one was on 2023-10-11.
- Show HN: Obligator – An OpenID Connect server for self-hosters
-
Authentik reverse proxy vs swag
BTW also keycloak and other similar products offer the oauth-proxy capability, I even used the original oauth2-proxy https://github.com/oauth2-proxy/oauth2-proxy for a while, but it was getting too difficult to maintain for me. I used for a while https://github.com/thomseddon/traefik-forward-auth that was a smart hack configuring a single upstream provider, but it look abandoned. So I was considering authentik but apparently it's just oauth2-proxy embedded in it, at that point why not use oauth2-proxy directly.
-
Traefik with traefik-forward-auth towards Azure AD loop-redirect and fail
It seems there are some more recently updated forks.
-
Dell T320 vs T620 Idle Power
Traefik Forward Auth
-
Assuming I have each individual service working (cloudflare-tunnel, keycloak, nginx, arrs, dashy), how would I go about having a system like this? (more in comments)
One way I got this to work (for another app that doesn’t go through cloudflare) was to use Traefik with forward-auth and this: https://github.com/thomseddon/traefik-forward-auth
-
Just finished migrating my old tower servers to a Kubernetes cluster on my new rack!
In front of all of my private dashboards, I use Traefik Forward Auth to limit who can access them.
-
Is there something like Keycloak or Authelia that supports both forward auth and identity providers?
Hm, interesting. I have worked with traefik-forward-auth before, but I didn't know there is a fork. Are you using the fork? Would you happen to know if this issue from the original project still exists or if it's fixed in the fork?
-
How do you expose some of your services to the internet?
https://github.com/thomseddon/traefik-forward-auth (just another option if everyone accessing already has a google account)
-
Cant wrap my head around auth process
Traefik ingress + forward auth middleware + traefik-forward-auth does the trick.
-
SSO with keycloak and traefik
Hey have u setup a forward auth? https://github.com/thomseddon/traefik-forward-auth