Stuck on an issue?
Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
Apicurio registry security - basic auth support
See original GitHub issueHi There
Another question related to security with Apicurio 2.0.1.Final. Our ecosystem will contain applications using different client serializer libs (confluent, apicurio, …).
What our main goals are:
- Read access: Must be compatible with most client libraries (confluent, apicurio, …).
- Write access: Should be secured (e.g. RBAC like apicurio registry provides with oauth
sr-admin,sr-developer)
For read access:
- e.g. confluent libs do not allow to configure oauth. which leads us to leave read access either unprotected or basic auth
- As far as i know apicurio registry does not support to use keycloak and http basic auth at the same time.
Question:
- Documentation “Configuring your Apicurio Registry deployment” only mentions OAuth with Keycloak. Is using Apicurio Registry with Basic Auth possible?
- Is it possible to use OAuth or Basic Auth for admin and developer purpose but leave read access unprotected?
- Are the
quarkus.http.auth.permission.*overridable? e.g. removing the read-apis from thequarkus.http.auth.permission.sr-read.pathsand add them to thequarkus.http.auth.permission.permit1.paths?
Issue Analytics
- State:
- Created 2 years ago
- Comments:22 (14 by maintainers)
Top Results From Across the Web
Configuring your Apicurio Registry deployment
By default, Apicurio Registry supports authentication using OpenID Connect. Users (or API clients) must obtain an access token to make authenticated calls ...
Read more >Chapter 5. Securing a Service Registry deployment
Service Registry supports authentication for the Service Registry web console and core REST API using Red Hat Single Sign-On, based on Open ID...
Read more >Securing the Apicurio Service Registry UI and API - Part 1
... examples on the Apicurio Service Registry when security is ... Configuring the Registry to use HTTPS and SSO for authentication and ...
Read more >Setting Java applications to use schemas with the Apicurio ...
SSL_TRUSTSTORE_PASSWORD_CONFIG, "<ca_p12_password>"); //If your Kafka and Schema registry endpoints do not use the same authentication method, you will need // ...
Read more >Setting up Keycloak for use with Apicurio
... your own KeyCloak server to provide the authentication layer to Apicurio. ... Keycloak supports various themes, and Apicurio comes with a theme...
Read more >
Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free
Top Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
We are in the process of testing using a non-Keycloak solution for auth (e.g. Auth0) but don’t have results on that yet. The goal is hopefully to support any OpenID Connect solution. But it’s unclear how easy that will be. 😃
Not really, that can be achieved using a custom build but it’s not supported out of the box.