dubbo-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Don Bosco Durai <bo...@apache.org>
Subject Re: Authentication support for API...
Date Wed, 28 Feb 2018 01:18:39 GMT
For now, it is for my work project.

But Apache Ranger also as an API server for distributing policies across the cluster. Ranger
would be a good candidate for Dubbo, however Kerberos is a mandatory authentication requirement.


Alternatively, Ranger can provide authorization similar what it does for Kafka where there
is a high volume of requests.

Bosco

On 2/26/18, 8:47 PM, "Huxing Zhang" <huxing@apache.org> wrote:

    Hi,
    
    On Tue, Feb 27, 2018 at 11:20 AM, Don Bosco Durai <bosco@apache.org> wrote:
    > Hi Jun
    >
    > Thanks for your response. The token architecture looks good. I am not sure what level
of authentication is supported at the Registry level. It would be good if it is a pluggable
module so that we can support different authentication schemes.
    >
    >>    The good news is, the core team are planning to provide support for connection
authentication and building secure connection, and i believe this feature along with others
will come soon.
    > This will be really helpful. We are doing a small PoC to see whether it addresses
our core requirement. If it does, I am happy to contribute towards the design/implementation
of authentication/authorization.
    
    Great to hear that! Any form of contributions is welcome!
    May I ask is it related to Apache Ranger project? Because I see you
    are one of  the Apache Ranger team and we are happy to be connected
    with any existing Apache project.
    
    >
    > Thanks
    >
    > Bosco
    >
    >
    >
    > On 2/25/18, 6:36 PM, "Jun Liu" <ken.lj.hz@gmail.com> wrote:
    >
    >     Hi, Bosco
    >
    >     At present, we do provide some security control strategies, but mainly on
    >     service registration and service discovery level:
    >
    >     1. Token Verification. You can check here for details:
    >     http://dubbo.io/books/dubbo-user-book-en/demos/token-authorization.html
    >     2. The accreditation capacity of the registration center itself. For
    >     example, authentication provided by ZooKeeper.
    >
    >
    >     As for the connection level, we haven't provided support for initial
    >     connection authentication, and also do not support secure connections e.g.
    >     SSL. Because for our initial purpose, Dubbo was designed to be used in
    >     organization internally. We made an assumption that the data communication
    >     environment is secure.
    >
    >
    >     The good news is, the core team are planning to provide support for
    >     connection authentication and building secure connection, and i believe
    >     this feature along with others will come soon.
    >
    >     On Mon, Feb 26, 2018 at 10:26 AM, Huxing Zhang <huxing@apache.org> wrote:
    >
    >     > Hi,
    >     >
    >     > Welcome to Dubbo community!
    >     >
    >     > This is probably the first thread regarding Dubbo development -:
    >     >
    >     > As the mailing list is just established, the core developers are just
    >     > start subscribing.
    >     >
    >     > Replying to this thread so more people could see it.
    >     >
    >     >
    >     > On Sat, Feb 24, 2018 at 5:41 PM, Don Bosco Durai <bosco@apache.org>
wrote:
    >     > > Hello Everyone
    >     > >
    >     > >
    >     > >
    >     > > I was looking into Dubbo project and it’s very interesting. Also,
it
    >     > meets most of my requirement.
    >     > >
    >     > >
    >     > >
    >     > > I need support for authentication during establishing the initial
    >     > connection. I couldn’t find any reference to it. I went through
    >     > http://dubbo.io/books/dubbo-user-book-en/ and http://dubbo.io/books/dubbo-
    >     > admin-book-en/
    >     > >
    >     > >
    >     > >
    >     > > Does Dubbo support security? Any pointers is appreciated.
    >     > >
    >     > >
    >     > >
    >     > > Thanks
    >     > >
    >     > >
    >     > >
    >     > > Bosco
    >     > >
    >     > >
    >     > >
    >     >
    >     >
    >     >
    >     > --
    >     > Best Regards!
    >     > Huxing
    >     >
    >
    >
    >
    
    -- 
    Best Regards!
    Huxing
    



Mime
View raw message