Cockpit authentication

I’ve made quite a bit of progress with my LLNG module and a variety of other software, but if it’s really going to be useful, it’s going to need to work with the “stock”, “out of the box” Neth software. Obviously Cockpit is going to be an important part of that.

But that’s getting to be a little tricky, as I’m not able to find much in the way of documentation about how Cockpit works with external authentication. I’d like to use something like SAML2 or OIDC, but I can’t find any docs indicating that Cockpit supports those. But I do find this:

…which makes it look like I should be able to set the Authorization header with Base64 user/password as with normal HTTP basic authentication, and call https://neth_hostname:9090/login, and Cockpit will authenticate that user in the background. Straightforward enough, right?

No, not really–it’s easy enough to configure LLNG to do that, but it just doesn’t work; Cockpit sends the user to the login screen. Any Cockpit wizards here who can help track down what’s going on? Or any resources for help with this sort of thing in Cockpit?


As far as I know, none of the core devs have tried such configuration.
We use Cockpit to authenticate some users using basic authentication, but we never setup Cockpit with a centralized login manager.

I’m not even sure that Cockpit version on NS7 support such a thing.
Still, if you look inside man cockpit.conf you will find something about OAuth.