I have a private Docker registry running.

Any user should be able to push and pull any image. Therefore, right now I am not using any user identification at all.

However, a user should not be able to trick the registry to overwrite the Images of other users.

If user A uploads ourRegistry/myProgram:version_1, then user B should not be able to upload something tagged ourRegistry/myProgram:version_2.

Is there a way to add user authentification to a private registry to do this?

Additionally, the registry is part of a server that already has its own database of registered users. Is there a way to synchronize the users, so that the users don’t have to remember two passwords?