Johannes, That worked pretty well! Now writing the custom directive that wrappers the multi-auth and another cookie directive, that was a pretty wild “welcome to akka-http” undertaking!
-Andrew From: <akka-user@googlegroups.com> on behalf of "johannes.rudo...@lightbend.com" <johannes.rudo...@lightbend.com> Reply-To: "akka-user@googlegroups.com" <akka-user@googlegroups.com> Date: Monday, May 22, 2017 at 5:11 AM To: Akka User List <akka-user@googlegroups.com> Subject: [EXT] [akka-user] Re: has anyone attempted a multi-source authentication? Hi Andrew, here's a general idea at how it could work: If you model each authentication method as a `Directive1[Session]` that returns the session (or user, principal, etc.) for that authentication method and all of the directive return the a value of the same type or a type with a common supertype then you can combine each of those directives with `|`: def authentication: Directive1[Session] = cookieAuthentication | tokenAuthentication | basicAuthentication The first one will be used with highest precedence and the other ones will only be tried if all the previous once have rejected the request. Is that what you are looking for? Johannes On Saturday, May 20, 2017 at 12:47:03 AM UTC+2, Andrew Norman wrote: This would be for a system that services requests from users directly and also with other systems. Users would have a session cookie and non-user systems a token. The idea / paradigm here is the old java interceptor authentication approach where authentication was attempted a number of ways before the action is handled. If any of the various types of authentication was successful then the action can be invoked (provided the authenticated entity is authorized to invoke the target action). So looking at the akka-http setup, I'm seeing that there is cookie handling directive and there are authentication directive (that look like they are wired to handle usernames and passwords). Is there some sort of directive that resembles or can work with the multi-source auth paradigm? -- >>>>>>>>>> Read the docs: http://akka.io/docs/ >>>>>>>>>> Check the FAQ: >>>>>>>>>> http://doc.akka.io/docs/akka/current/additional/faq.html >>>>>>>>>> Search the archives: https://groups.google.com/group/akka-user --- You received this message because you are subscribed to a topic in the Google Groups "Akka User List" group. To unsubscribe from this topic, visit https://groups.google.com/d/topic/akka-user/EuZvou0x7l0/unsubscribe. To unsubscribe from this group and all its topics, send an email to akka-user+unsubscr...@googlegroups.com<mailto:akka-user+unsubscr...@googlegroups.com>. To post to this group, send email to akka-user@googlegroups.com<mailto:akka-user@googlegroups.com>. Visit this group at https://groups.google.com/group/akka-user. For more options, visit https://groups.google.com/d/optout. -- >>>>>>>>>> Read the docs: http://akka.io/docs/ >>>>>>>>>> Check the FAQ: >>>>>>>>>> http://doc.akka.io/docs/akka/current/additional/faq.html >>>>>>>>>> Search the archives: https://groups.google.com/group/akka-user --- You received this message because you are subscribed to the Google Groups "Akka User List" group. To unsubscribe from this group and stop receiving emails from it, send an email to akka-user+unsubscr...@googlegroups.com. To post to this group, send email to akka-user@googlegroups.com. Visit this group at https://groups.google.com/group/akka-user. For more options, visit https://groups.google.com/d/optout.
