3

I want a set up that would force all requests to be authenticated before reaching the application server. I'm seeing HAProxy support basic HTTP Authentication but I couldn't find any info about making custom authentication. So the scenario would be like

Positive authentication
In-coming Request -> HAProxy -> Authentication Server -> HAProxy -> Application -> Response 200

Negative authentication
In-coming Request -> HAProxy -> Authentication Server -> Response 401

The authentication I have in mind is using JWT for token authentication then check against in-memory caching to see if the login is still valid or not.

Is the set up mentioned possible? Am I on the right track here?

FYI: I'm quite new to the network and ops side so I might misunderstand some concept without realizing it.

RobGThai
  • 131
  • 6
  • In the meantime, did you found a way to implement this? – gxx Jun 30 '16 at 06:50
  • @gf_ Not yet, I'm looking into how Kong is using it. Kong is using NginX utilising sub-request to make it happen. I have yet to see it's counterpart in Lua. – RobGThai Jul 01 '16 at 11:11
  • I'm very interested in this, so I would really appreciate it if you would comment / update your post in case you're making progress. – gxx Jul 01 '16 at 11:15
  • @gl_ Will do. From the current situation, I think I'll probably try to replicate such feature as a Lua plugin. Otherwise, Zuul could be another alternative for this. – RobGThai Jul 01 '16 at 11:25
  • @RobGThai - did you ever get this figured out? I have a similar situation... – Ashish Aug 31 '16 at 13:34
  • @Ashnish I haven't revisited this project yet. However, a brief research show that it is possible. The next question is if we should do it or not. – RobGThai Aug 31 '16 at 14:03

0 Answers0