You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@ignite.apache.org by Mikhail Pochatkin <m....@gmail.com> on 2023/05/31 07:34:07 UTC

[DISCUSSION] IEP-105: Basic Authentication in Apache Ignite 3

Hi, Igniters!

Please take a look at the proposal for Basic Authentication in Apache
Ignite 3 [1].

Thanks for any feedback!

1. IEP-106: Basic Authentication - Apache Ignite - Apache Software
Foundation
<https://cwiki.apache.org/confluence/display/IGNITE/IEP-106%3A+Basic+Authentication>

Re: [DISCUSSION] IEP-105: Basic Authentication in Apache Ignite 3

Posted by Mikhail Pochatkin <m....@gmail.com>.

Hi, Alexandr. Thanks for your feedback. I have fixed your comments

ср, 31 мая 2023 г. в 13:18, Aleksandr Pakhomov <ap...@gmail.com>:

> Hi, Mikhail
>
> > Then the REST client’s exchange with the node will follow the flow:
> > Client posts the client-id and client-secret to the token endpoint URL
> using specified authentication type and receives an access token or error
> message. At this point implementation should cache the token.
> > Client sends the access token to the REST API endpoint using the
> client_secret_basic authentication type.
> > REST API implementation validates the token using the JWKS URL.
> >
>
> ^^ does not sound like a Basic Authentication that is used to be just a
> base64 encoded username-password pair. Shall we rename the proposal to
> "Authentication in Apache Ignite 3"?
>
> One more question, could you please describe the security-related about
> how should we store the password on the server?
>
> --
> Best regards,
> Aleksandr
>
>
> > On 31 May 2023, at 09:34, Mikhail Pochatkin <m....@gmail.com>
> wrote:
> >
> > Hi, Igniters!
> >
> > Please take a look at the proposal for Basic Authentication in Apache
> > Ignite 3 [1].
> >
> > Thanks for any feedback!
> >
> > 1. IEP-106: Basic Authentication - Apache Ignite - Apache Software
> > Foundation
> > <
> https://cwiki.apache.org/confluence/display/IGNITE/IEP-106%3A+Basic+Authentication
> >
>
>

-- 
best regards,
Pochatkin Mikhail.

Re: [DISCUSSION] IEP-105: Basic Authentication in Apache Ignite 3

Posted by Aleksandr Pakhomov <ap...@gmail.com>.

Hi, Mikhail 

> Then the REST client’s exchange with the node will follow the flow:
> Client posts the client-id and client-secret to the token endpoint URL using specified authentication type and receives an access token or error message. At this point implementation should cache the token.
> Client sends the access token to the REST API endpoint using the client_secret_basic authentication type.
> REST API implementation validates the token using the JWKS URL.
> 

^^ does not sound like a Basic Authentication that is used to be just a base64 encoded username-password pair. Shall we rename the proposal to "Authentication in Apache Ignite 3"? 

One more question, could you please describe the security-related about how should we store the password on the server? 

-- 
Best regards, 
Aleksandr


> On 31 May 2023, at 09:34, Mikhail Pochatkin <m....@gmail.com> wrote:
> 
> Hi, Igniters!
> 
> Please take a look at the proposal for Basic Authentication in Apache
> Ignite 3 [1].
> 
> Thanks for any feedback!
> 
> 1. IEP-106: Basic Authentication - Apache Ignite - Apache Software
> Foundation
> <https://cwiki.apache.org/confluence/display/IGNITE/IEP-106%3A+Basic+Authentication>