Detailed access control and user management by reverse proxy - it works

Hello! I try to implement but I have no idea about the filter.cgi shortcut? Where should he be? In the event that I can log in with different users but the android application does not work?

Hello, I am a little late to the party.

Anyway I would like to introduce the following project to you:

A few, very short words

Technology involved

It uses NGINX as reverse proxy and mutual TLS authentication (client certificates) to determine (with the help of a NodeJS app) which Sitemaps, MainUI pages and Items a client has access to.


Each client has a unique username and can be member of multiple organizations.
Each organization can have multiple Sitemaps.

The authorization of Item access is build on top of the Sitemap authorization, my project does not require any real configuration outside of openHAB & your CA for the client certificates.