Skip to content

Commit

Permalink
Add short description about default authentication method in authoriz…
Browse files Browse the repository at this point in the history
…ation docs

Following the discussion in moby#21556, adding a short description of the
default user authentication mechanism (without requiring authentication
plugins)
Signed-off-by: Liron Levin <liron@twistlock.com>
  • Loading branch information
Liron Levin committed Mar 30, 2016
1 parent 3c15771 commit b2f2f16
Showing 1 changed file with 5 additions and 0 deletions.
5 changes: 5 additions & 0 deletions docs/extend/plugins_authorization.md
Original file line number Diff line number Diff line change
Expand Up @@ -49,6 +49,11 @@ Each plugin must reside within directories described under the
**Note**: the abbreviations `AuthZ` and `AuthN` mean authorization and authentication
respectively.

## Default user authorization mechanism

If TLS is enabled in the [Docker daemon](https://docs.docker.com/engine/security/https/), the default user authorization flow extracts the user details from the certificate subject name.
That is, the `User` field is set to the client certificate subject common name, and the `AuthenticationMethod` field is set to `TLS`.

## Basic architecture

You are responsible for registering your plugin as part of the Docker daemon
Expand Down

0 comments on commit b2f2f16

Please sign in to comment.