tysonnorris commented on a change in pull request #2517: Support client certificate verify on server side URL: https://github.com/apache/incubator-openwhisk/pull/2517#discussion_r131200474
########## File path: core/controller/src/main/scala/whisk/core/controller/RestAPIs.scala ########## @@ -160,7 +160,7 @@ protected[controller] class RestAPIVersion(apipath: String, apiversion: String)( sendCorsHeaders { (pathEndOrSingleSlash & get) { complete(OK, info) - } ~ authenticate(basicauth) { + } ~ (authenticate(basicauth) | authenticate(certificateAuth)) { Review comment: This SPI approach would help expose a specific combination of auth mechanisms, but currently the SPI notion only supports "one impl per interface"; It could change to support "multiple impls per interface", but in the meantime, it is probably good enough for this case (unless people want to enable BOTH basic and cert auth). I would assume that support "multiple auth impls" would be a low priority for now, but it could be a problem if a deployment wanted to support many different oauth logins. (even then, that could be implemented as a multi-oauth-provider impl of the auth SPI, so may not be a real problem) ---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org With regards, Apache Git Services