Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

request help: Support forward-auth #5475

Closed
GhangZh opened this issue Nov 10, 2021 · 3 comments · Fixed by #6037
Closed

request help: Support forward-auth #5475

GhangZh opened this issue Nov 10, 2021 · 3 comments · Fixed by #6037
Labels
enhancement New feature or request

Comments

@GhangZh
Copy link

GhangZh commented Nov 10, 2021
edited
Loading

Issue description

We are using traefik and want to migrate to apisix, but traefik has a forward-auth plugin, which is a plugin that supports external authentication services, how does apisix support external authentication services?
image

Environment

  • apisix version (cmd: apisix version):2.10.0
  • OS (cmd: uname -a):
  • OpenResty / Nginx version (cmd: nginx -V or openresty -V):openresty/1.19.3.1
  • etcd version, if have (cmd: run curl http://127.0.0.1:9090/v1/server_info to get the info from server-info API):
  • apisix-dashboard version, if have:
  • the plugin runner version, if the issue is about a plugin runner (cmd: depended on the kind of runner):
  • luarocks version, if the issue is about installation (cmd: luarocks --version):
@GhangZh GhangZh changed the title request help: request help: Support forward-auth Nov 10, 2021
@spacewander
Copy link
Member

Can you provide more details about the forward-auth plugin and how do you use it?

@tzssangglass
Copy link
Member

This auth model looks like openid-connect or ladp-auth,

openid-connect: https://github.com/apache/apisix/blob/master/docs/en/latest/plugins/openid-connect.md

ladp-auth: https://github.com/apache/apisix/blob/master/docs/en/latest/plugins/ldap-auth.md

@GhangZh
Copy link
Author

GhangZh commented Nov 11, 2021
edited
Loading

I just want to use our own authentication service. In apisix, I want to set the domain name of the service through the annotation: "ingress.kubernetes.io/auth-url":http://xxxxxx, and hand it over to this service to get the authentication result. If the verification is passed, continue, if not Pass , stop.

@spacewander spacewander added the enhancement New feature or request label Nov 11, 2021
@tokers tokers mentioned this issue Nov 24, 2021
Closed
@spacewander spacewander mentioned this issue Jan 11, 2022
Merged
4 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

feat: add forward-auth plugin bzp2010/apisix
3 participants
@spacewander @tzssangglass @GhangZh