Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[gateway/management-api] http core services should not enforce basic authentication #791

Closed
blackfich opened this issue Sep 15, 2017 · 1 comment · Fixed by gravitee-io/gravitee-management-rest-api#250 or gravitee-io/gravitee-api-management#187
Closed

[gateway/management-api] http core services should not enforce basic authentication #791

blackfich opened this issue Sep 15, 2017 · 1 comment · Fixed by gravitee-io/gravitee-management-rest-api#250 or gravitee-io/gravitee-api-management#187
Assignees
@blackfich
Labels
type: enhancement
Milestone
1.10.0

Comments

@blackfich
Copy link

blackfich commented Sep 15, 2017
edited

the new HTTP core services should not enforce authentication. One should be able to disable authentication from setting in conf file

Expected Behavior

when services.core.http.authentication.type is set to none no authentication should be required

Current Behavior

currently basic authentication is hardcoded and does not take into account the type of authentication

Possible Solution

when services.core.http.authentication.type is set to none , don't attach any AuthHandler to the mainRouter and nodeRouter routes

retrieve authentication type from config file:

@Value("${services.core.http.authentication.type:basic}")
private String authenticationType;

act on it:

AuthHandler authHandler = null;
switch ( authenticationType.toLowerCase() ) {
   case "none":
      break;
   case "basic":
      authHandler = BasicAuthHandler.create(authProvider, "gravitee.io");
      break;
   default:
      throw new IllegalArgumentException("Unsupported Authentication type " + authenticationType + " for HTTP core services");
}

// Set security handler is defined
if ( authHandler != null ) {
   mainRouter.route().handler(authHandler);
   nodeRouter.route().handler(authHandler);
}

Context

We want to use the new health check ability but without the need for authentication (the port it is on is not exposed to the outside world)

Your Environment

  • Version used: 1.9.0
  • Browser Name and version: N/A
  • Operating System and version: CentOS/7
@blackfich
Copy link
Author

I will propose au PR next week regarding this new feature

@blackfich blackfich mentioned this issue Sep 18, 2017
Merged
@brasseld brasseld changed the title [gateway/management] http core services should not enforce basic authentication [gateway/management-api] http core services should not enforce basic authentication Oct 6, 2017
@brasseld brasseld added this to the 1.10.0 milestone Oct 6, 2017
@brasseld brasseld self-assigned this Oct 6, 2017
@blackfich blackfich mentioned this issue Oct 6, 2017
Merged
brasseld pushed a commit to gravitee-io/gravitee-management-rest-api that referenced this issue Oct 17, 2017
@brasseld
fix(management-api): Allow disabling of authentication for internal n…
72038ba 
…ode API from config file

closes gravitee-io/issues#791
brasseld pushed a commit to gravitee-io/gravitee-api-management that referenced this issue Oct 17, 2017
@brasseld
fix(gateway): Allow disabling of authentication for internal node API…
b4f93f3 
… based on config file

closes gravitee-io/issues#791
@brasseld brasseld assigned blackfich and unassigned brasseld Oct 17, 2017
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@blackfich blackfich

Labels
type: enhancement
Projects
None yet
Milestone
1.10.0
Development

Successfully merging a pull request may close this issue.

closes gravitee-io/issues#791
fix(gateway): Allow disabling of authentication for internal node API
2 participants
@brasseld @blackfich