Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

permit some services from custom authentication [need help]

See original GitHub issue

I need help with custom authentication

I know we can use metadata and inspectors to support custom authorizations like basic authentication but how we can exclude some services from being authenticated in inspectors.

is there something like @PermitAll in JAX-RS (jersey framework implementation) which we can use and check the destination endpoint has this annotation or not in provider?

Issue Analytics

State:
Created 5 years ago
Comments:10 (6 by maintainers)

Top GitHub Comments

2reactions

dapengzhang0commented, Sep 11, 2018

The metadata example does use interceptor together: https://github.com/grpc/grpc-java/tree/master/examples/src/main/java/io/grpc/examples/header

The HeaderServerInterceptor.java in the example synthesizes the response headers, whereas your usecase is to inspect the request headers which is easier than the example. For authentication failure, in ServerInterceptor.interceptCall() method you can probably call

call.close(Status.UNAUTHENTICATED.withDescription("..."), new Metadata());
return next.startCall(call);

1reaction

dapengzhang0commented, Sep 11, 2018

@MetaiR in the grpc library we don’t have out of box high level tools like @PermitAll. Here’s an example using interceptor (with pseudocod needAuthentication(), authnPassed()):

public class AuthenticationServerInterceptor implements ServerInterceptor {
  @Override
  public <ReqT, RespT> ServerCall.Listener<ReqT> interceptCall(
      ServerCall<ReqT, RespT> call,
      Metadata requestHeaders,
      ServerCallHandler<ReqT, RespT> next) {
    String methodName = call.getMethodDescriptor().getFullMethodName();
    if (needAuthentication(methodName) && !authnPassed(requestHeaders)) {
      call.close(Status.UNAUTHENTICATED.withDescription("..."), new Metadata());
    }
    return next.startCall(call);
  }
}

Top Results From Across the Web

Custom Authentication and Authorization Framework | KongHQ

The custom authentication service exposes API endpoints to validate the JWT token, check user permissions, etc. The Kong custom plugin will ...

Custom authentication - AWS IoT Core

AWS IoT Core lets you define custom authorizers so that you can manage your own client authentication and authorization. This is useful when...

Overview of ASP.NET Core Authentication - Microsoft Learn

In ASP.NET Core, authentication is handled by the authentication service, IAuthenticationService, which is used by authentication middleware.

c# - Custom authentication scheme invoked after authorization ...

When registering the middleware we want to add some custom roles from our database, so have a custom middleware after authentication but before ......

Create a Custom External Authentication Provider

Build the matching Apex classes and methods for your chosen metadata types. Then use these classes to implement a custom authentication provider by ......