Hacking around, I actually found a way to use HTTP basic auth.
In /etc/nginx/conf.d/*.d/my_webapp.conf:
auth_basic "Please identify for ...";
auth_basic_user_file /etc/nginx/auth/...;
Create the auth file:
mkdir -p /etc/nginx/auth
htpasswd -c /etc/nginx/auth/...
Reload nginx:
systemctl reload nginx
Tweak ssowat by setting the following values to false:
vi /etc/ssowat/conf.json
"my_webapp.main": {
"auth_header": false,
"use_remote_user_var_in_nginx_conf": false,
}
The flag use_remote_user_var_in_nginx_conf has been introduced very recently:
I found a related discussion here: Authentication issues with YunoHost 11.1.0 with new SSOwat version / Please upgrade to YunoHost 11.1.2 to fix - #85 by DerpFox
I don’t understand the background of all this… Does anyone know if the developer of the commit is on this forum?