Bruno Cascio

+1

Is there any plan to support this feature? :( it's a quite common scenario. For example: ```yaml apiVersion: argoproj.io/v1alpha1 kind: ApplicationSet metadata: name: bookinfo namespace: argocd finalizers: - resources-finalizer.argocd.argoproj.io spec:...

BTW, There's a new service called rds proxy to avoid this kind of issues 😁 On Fri, 11 Dec 2020 at 22:37 Sellooh wrote: > I found a different project...

I agree. Maybe the recommendation should be, "Don't use basic auth over non-SSL connection". I'm wondering, How to make a secure user-pass authentication with JWT?

@felickz OAuth2 is for Authorization, not Authentication.

> The password is sent over the wire in base64 encoding. I think that base64 encoding is just to avoid `śóḿé cháŕácters` that could be broken at some point. If...

So, what do you recommend? I've seen subjective opinions and some nonsense as well.

Finally.. if you use jwt properly, does not matter. If someone brokes your autentication even using the most secure standard, you and a lot of people will have troubles. Keep...

> https://speakerdeck.com/rdegges/jwts-suck-and-are-stupid Is about cookies vs JWTS. In APIs is not a valid scenario...

> Did you know you can use secure http-only cookies over CORS from a static React site? Sounds like an API to me :) (though it’s better to avoid CORS...