You can configure Pulse to let an HTTP reverse proxy handle authentication. Popular web servers have a very extensive list of pluggable authentication modules, and any of them can be used with the AuthProxy feature.

Auth Proxy

Examples of proxying methods include using NGINX with HTTP basic authentication or Apache with mod_auth_mellon.

Note
Available in Enterprise edition.

Auth Proxy Settings

These settings can be configured as environment variables, system properties or .yml config files. See Admin Configuration for more info.

Windows Settings

Linux Settings


If you are using proxy authentication, we recommend that you use an IP whitelist.
If you are not using a whitelist, it is assumed that you are using some other networking mechanism to ensure that all authenticated requests are coming from a trusted client, such as only binding the server to localhost and running the authenticating proxy on the same machine on a different network interface.

Example Apache Configuration

For testing purposes here is an example apache proxy configuration that was tested working, note the websockets rule:

First run this command to install the relevant apache modules:

sudo a2enmod proxy proxy_http proxy_balancer lbmethod_byrequests proxy_wstunnel

Then create this apache configuration: