Comments (5)
Should we be thinking about this separately for load and check end points?
Does basic authentication mean, just an http header? Perhaps we then need to give them a way of setting that in the config as well as in the support libraries.
If we are going to bake it into the support libraries perhaps we should just do JWT (and not the simplistic basic auth).
Client certificates is definitely premium feature.
Thoughts?
from cerbos.
Basic auth is the easiest way to get started and almost all HTTP libraries have support for it. It does involve setting a header, but, so does JWT. It's basically just sending a hashed username and a password in a header. It's not much work to support basic auth on our side and I think that can be a good starting point for many users who want to just try it out.
JWT is a bit more involved because they need to have a central signing server and distribute keys to applications. I don't think many small shops will have that infrastructure in place for their internal services (unless they are using something like Auth0 internally as well).
from cerbos.
from cerbos.
Is this still open? Docs says you can add certs.
from cerbos.
Yes. This task is about adding basic auth, JWT etc.
from cerbos.
Related Issues (20)
- auxData.jwt.disableVerification not operating as expected HOT 3
- Breaking change b/w cerbos v0.29.0 and dev HOT 2
- Update recommended nvim package manager in docs HOT 2
- Upgrade CEL to 0.18 HOT 2
- Improve error messages when gRPC endpoint doesn't exist
- Make the matched action available to conditions HOT 2
- Provide `runtime.action` to condition expressions HOT 1
- Document how to generate shell completion for 'cerbos', 'cerbosctl' CLI utilities HOT 2
- Make Validating and testing policies aware of lenientScope
- CORS Error on Firefox HOT 1
- Issue with multiple replicas and git backend HOT 8
- Installing Helm chart from OCI registry fails with 401 error HOT 1
- Kafka integration test is flaky
- Consider showing actual and expected values even when the tests succeed
- Repeated compilation errors HOT 1
- Inconsistent YAML parsing between schema validation and policy loading
- Update Otel HTTP semantic conventions HOT 2
- Export variables should support other data types HOT 4
- Make DBConnectionRetries configurable HOT 3
- Ability to produce output when the rule condition is not satisfied
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from cerbos.