docs/content/integration/trusted-header-sso/seafile/index.md
This is a guide on integration of Authelia and Seafile via the trusted header SSO authentication.
As with all guides in this section it's important you read the introduction first.
This example makes the following assumptions:
https://seafile.{{< sitevar name="domain" nojs="example.com" >}}/https://{{< sitevar name="subdomain-authelia" nojs="auth" >}}.{{< sitevar name="domain" nojs="example.com" >}}/@{{< sitevar name="domain" nojs="example.com" >}}Some of the values presented in this guide can automatically be replaced with documentation variables.
{{< sitevar-preferences >}}
To configure Seafile to trust the Remote-User and Remote-Email header do the following:
seahub_settings.py and adjust the following settings:ENABLE_REMOTE_USER_AUTHENTICATION = True
# Optional, HTTP header, which is configured in your web server conf file,
# used for Seafile to get user's unique id, default value is 'HTTP_REMOTE_USER'.
REMOTE_USER_HEADER = 'HTTP_REMOTE_USER'
# Optional, when the value of HTTP_REMOTE_USER is not a valid email address,
# Seafile will build a email-like unique id from the value of 'REMOTE_USER_HEADER'
# and this domain, e.g. user1@{{< sitevar name="domain" nojs="example.com" >}}.
REMOTE_USER_DOMAIN = '{{< sitevar name="domain" nojs="example.com" >}}'
# Optional, whether to create new user in Seafile system, default value is True.
# If this setting is disabled, users doesn't preexist in the Seafile DB cannot login.
# The admin has to first import the users from external systems like LDAP.
REMOTE_USER_CREATE_UNKNOWN_USER = True
# Optional, whether to activate new user in Seafile system, default value is True.
# If this setting is disabled, user will be unable to login by default.
# the administrator needs to manually activate this user.
REMOTE_USER_ACTIVATE_USER_AFTER_CREATION = True
# Optional, map user attribute in HTTP header and Seafile's user attribute.
REMOTE_USER_ATTRIBUTE_MAP = {
'HTTP_REMOTE_NAME': 'name',
'HTTP_REMOTE_EMAIL': 'contact_email',
}