Skip to content

Commit

Permalink
Merge pull request moby#21661 from twistlock/client_cert_auth_docs
Browse files Browse the repository at this point in the history 
Add short description about default authentication method in authorization docs
  • Loading branch information
@calavera
calavera committed Mar 30, 2016
2 parents 9d5c26b + b2f2f16 commit ea7d219
Showing 1 changed file with 5 additions and 0 deletions.
5 changes: 5 additions & 0 deletions docs/extend/plugins_authorization.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -49,6 +49,11 @@ Each plugin must reside within directories described under the
**Note**: the abbreviations `AuthZ` and `AuthN` mean authorization and authentication
respectively.

## Default user authorization mechanism

If TLS is enabled in the [Docker daemon](https://docs.docker.com/engine/security/https/), the default user authorization flow extracts the user details from the certificate subject name.
That is, the `User` field is set to the client certificate subject common name, and the `AuthenticationMethod` field is set to `TLS`.

## Basic architecture

You are responsible for registering your plugin as part of the Docker daemon
Expand Down

0 comments on commit ea7d219

Please sign in to comment.