helmut72

Thank you, @jyio. Now logout also works. Great experience this weekend, one is Grist, second is learning basics about SAML. Now need to dive deeper into both.

Bitwarden/Vaultwarden isn't an authentication product, but a password manager. Can't be used for this part.

@dumblob A password manager is no user management tool. With a password manager you save login informations for your self hosted services and other services like Github or your outlook.com...

Will this also use forward auth? This means that public sharing isn't possible?

> it uses forward auth internally, on particular login/logout related endpoints. Shouldn't it then also works with Caddy and Authelia? I've looked into our Omnibus: https://github.com/paulfitz/grist-omnibus/blob/main/traefik.yaml You only catch `/auth/login`...

@paulfitz Thanks, interesting how it works with Traefik and Dex. But my problem: The user called `{http.reverse_proxy.header.Remote-Email}` is logged in without hitting any login or logout. I only open `grist.example.com`....

Maybe some http header based auth with automatic user creation is easier to implement? Then everyone can choose the prefered auth system (ldap, openid connect, saml...). I use http header...

This feature and external auth (https://github.com/sentriz/gonic/issues/44#issuecomment-1364588428) would complete Gonic for me.

Same for me. No log output after starting the container. In the container only systemd is running. I'm using Ubuntu 22.04 as the host for my other systems. Also tried...

Works for me now. I don't read the other logs. Need to boot the system with kernel parameter `systemd.unified_cgroup_hierarchy=0` Works great since 1.5h