Securing a Docker container with HTTP BASIC AUTH

Consider running a Docker container with a web application exposing a certain port. How to apply the additional security layer before accessing the URL (HTTP BASIC AUTH)?

Docker Engine version >= 1.9.1

  • Strange Vagrant error with Docker and shell provisioners
  • Starting a container that was already started and stoppped
  • How to deploy Dockerfile and application files to boot2docker
  • Different Docker 1.9 networks talk to each other?
  • Error 50007 when creating cgroup with cgroup_new_cgroup
  • Getting docker pull to default pull from a private registry?
  • Connecting to RDS Mysql from docker container with Wordpress
  • How to pass securely SSH Keys to Docker Build?
  • VisualVM unable to connect remote tomcat in docker with RMI
  • polkit-gnome-authentication-agent-1 fail to start in docker without privileged flag
  • gdb in docker container returns “ptrace: Operation not permitted.”
  • Pulling docker images behind a proxy
  • One Solution collect form web for “Securing a Docker container with HTTP BASIC AUTH”

    Typically, you dedicate a container for authentication, with for instance NGiNX.
    This is described in “Authenticating proxy with nginx”, which not only adds the basic authentication, but also ssl (https)

    That web server will then reverse proxy to your container.

    You have a more generic solution (based on a reverse-proxy NGiNX) with jwilder/nginx-proxy

    nginx-proxy sets up a container running nginx and docker-gen.
    docker-gen generates reverse proxy configs for nginx and reloads nginx when containers are started and stopped.

    See the use case with “Automated Nginx Reverse Proxy for Docker”.

    Docker will be the best open platform for developers and sysadmins to build, ship, and run distributed applications.