restheart-security is the new security service for RESTHeart v4, the Web API for MongoDB. It acts as a reverse proxy for HTTP resources, providing Authentication and Authorization services.
restheart-security enables developers to configure security policies in standardized micro-gateway instances that are external to API and microservices implementations, avoiding coding security functions and a centralized gateway where scalability is a key concern.
restheart-security can also be used as a micro-gateway for Identity and Access Management in any HTTP-based microservices architecture.
Think about restheart-security as the "brick" that you put in front of your API and microservices to protect them.
restheart-security is built around a pluggable architecture. It comes with a strong security implementation but you can easily extend it by implementing plugins.
Building a plugin is as easy as implementing a simple interface and edit a configuration file. Plugins also allow to quickly implement and deploy secure Web Services.
You can find pre-built Maven artifacts on Jitpack.io. That allows to add RESTHeart Security as a dependency on you own POM and build new plugins.
Find the documentation at https://restheart.org/docs/security/overview
You need Java 11 and must download the latest release from releases page.
$ tar -xzf restheart-security-XX.tar.gz $ cd restheart-security $ java -jar restheart-security.jar etc/restheart-security.yml
Building from source
You need Git, Java 11 and Maven.
$ git clone firstname.lastname@example.org:SoftInstigate/restheart-security.git $ cd restheart-security $ mvn package $ java -jar target/restheart-security.jar etc/restheart-security.yml
$ docker pull softinstigate/restheart-security