Different sitemaps & Security

Any idea how to use different sitemaps, that aren’t accessible to everybody?
I would like to have fe something like:

  • Sitemap A > user A & B
  • Sitemap B > user A
  • Sitemap C > user B
1 Like

Setup NGINX to provide & enforce user auth per-(sitemap-)URL ?

Auth done inside OH is in the works, too, but will probably take some more time to get released.

1 Like

OK. Didn’t though on this one.
I’m only using NGINX to protect my setup from WAN side.

But indeed, maybe I could use NGINX to protect it from LAN as well.
Not sure if I can block all LAN access (since server is on internal network) directly to OpenHAB. Maybe an access list on the openhab webserver?
I’ll have a look…

configure the jetty to listen only on localhost

1 Like

Back to this topic…

The question I have right now:

  • User A should go to sitemap A and habpanel A
  • User B should go to sitemap B and habpanel B
  • User C should go to sitemap C and habpanel C

And of course, to complicate things: User A shouldn’t be able to see other sitemaps (like B, C…).

Before I start testing several things, I would like to have your opinions. I’m thinking fe of following possibilities:

  1. OH Authentication
    Don’t know if the auth inside OH has been developed some more?
    Is this maybe possible through the Cloud Connector?

  2. NGINX
    I’m thinking of creating different nginx profiles.

    • Forwarding them to each sitemap.
      But I’m facing issues with the layout. With some tries and errors, I should be able to solve this, no?
    • But what with the habpanels? Can these be contacted direclty?
  3. Different OH servers/installations
    Maybe different servers (virtuals) that have their own sitemap/habpanel?
    But how can I let them talk to each-other (bindings KNX, zwave…)? Maybe through mqtt?

  4. Others?

Thanks for you input!!!

Not that I’ve heard of.