I personally don't subscribe to the "every one of them should trust each other" school of security. You probably want some form of point-to-point internal auth going on. There's no reason, for instance, for your Redis instances to be talking to your MongoDB instance just because they share a common subnet.
To answer the original question, in the olden days of dropwizard-auth you'd write a principal that captures the incoming value and propagates it in the @Auth annotated method paramter. I don't know the new auth well enough to know what to suggest. Ryan On Tue, May 24, 2016 at 2:16 PM, Łukasz Byjoś <[email protected]> wrote: > Hi. Between your Microservices you don't need any Auth. You should create > come thing called api gateway which validate requests. Don't use > authentication between services because every of them should trust each > other. > > -- > You received this message because you are subscribed to the Google Groups > "dropwizard-user" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > For more options, visit https://groups.google.com/d/optout. > -- You received this message because you are subscribed to the Google Groups "dropwizard-user" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
