contour icon indicating copy to clipboard operation
contour copied to clipboard

Published 20 hours ago verified publisher icon projectcontour

Forward auth support

Open jieyu opened this issue 6 years ago • 7 comments
trafficstars

Please describe the problem you have

We're looking for some equivalent functionality of forward auth in Traefik https://docs.traefik.io/middlewares/forwardauth/ https://github.com/thomseddon/traefik-forward-auth

Is there any plan to support something similar to that? This is for the case when the user app does not have built-in support for authentication/authorization, and would like to have a general way to do that in the proxy.

jieyu avatar Nov 19 '19 17:11 jieyu

Hey @jieyu, this is currently an issue on the backlog (https://github.com/projectcontour/contour/issues/432). But it is something that I really would like to get added. We're going to be doing some planning for the next release (after 1.1), so we will have more details after 1.1 ships.

stevesloka avatar Nov 22 '19 16:11 stevesloka

Relating #432, #433 , #986 and #1014 which are all touching on aspects of authentication support.

jpeach avatar Nov 26 '19 10:11 jpeach

Related #68

jpeach avatar Nov 28 '19 23:11 jpeach

I've implemented a Contour / Envoy compatible ext_authz service to act as a forward authN middleware: https://github.com/MrSaints/forward-ext-authz-service

It is based on the same code, and flow used by Traefik's forward authN middleware. I've currently tested it to success with Pomerium.

MrSaints avatar Dec 20 '20 15:12 MrSaints

That looks really neat, thanks @MrSaints!

youngnick avatar Dec 21 '20 23:12 youngnick

Are there any plans to support this in contour as a built-in feature?

m-yosefpor avatar Jul 26 '23 14:07 m-yosefpor

The Contour project currently lacks enough contributors to adequately respond to all Issues.

This bot triages Issues according to the following rules:

  • After 60d of inactivity, lifecycle/stale is applied
  • After 30d of inactivity since lifecycle/stale was applied, the Issue is closed

You can:

  • Mark this Issue as fresh by commenting
  • Close this Issue
  • Offer to help out with triage

Please send feedback to the #contour channel in the Kubernetes Slack

github-actions[bot] avatar May 15 '24 00:05 github-actions[bot]

The Contour project currently lacks enough contributors to adequately respond to all Issues.

This bot triages Issues according to the following rules:

  • After 60d of inactivity, lifecycle/stale is applied
  • After 30d of inactivity since lifecycle/stale was applied, the Issue is closed

You can:

  • Mark this Issue as fresh by commenting
  • Close this Issue
  • Offer to help out with triage

Please send feedback to the #contour channel in the Kubernetes Slack

github-actions[bot] avatar Jun 14 '24 00:06 github-actions[bot]