tysonnorris commented on a change in pull request #2517: Support client
certificate verify on server side
URL:
https://github.com/apache/incubator-openwhisk/pull/2517#discussion_r131200474
##########
File path: core/controller/src/main/scala/whisk/core/controller/RestAPIs.scala
##########
@@ -160,7 +160,7 @@ protected[controller] class RestAPIVersion(apipath:
String, apiversion: String)(
sendCorsHeaders {
(pathEndOrSingleSlash & get) {
complete(OK, info)
- } ~ authenticate(basicauth) {
+ } ~ (authenticate(basicauth) | authenticate(certificateAuth)) {
Review comment:
This SPI approach would help expose a specific combination of auth
mechanisms, but currently the SPI notion only supports "one impl per
interface"; It could change to support "multiple impls per interface", but in
the meantime, it is probably good enough for this case (unless people want to
enable BOTH basic and cert auth).
I would assume that support "multiple auth impls" would be a low priority
for now, but it could be a problem if a deployment wanted to support many
different oauth logins. (even then, that could be implemented as a
multi-oauth-provider impl of the auth SPI, so may not be a real problem)
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
With regards,
Apache Git Services
