Hi, what you're looking for is a proxy which can communicate with an OAuth provider, with an OAuth provider (such as "Google+ Sign-In", "Sign in with Twitter", etc), verify the cookies, and pass requests between the browser and Elasticsearch. (See this diagram: http://www.elasticsearch.org/content/themes/elasticsearch-org/images/content/elasticsearch-and-ember-js/notes-app-architecture.png)
There's a full-featured example of such proxy here: https://gist.github.com/karmi/3369662#file-proxy-rb, written in Ruby, using the Goliath library. It was written for the following article on the Elasticsearch.org blog, which you might find useful for getting an overview of concepts and techniques (though it's using Ember.js and not Angular): --> http://www.elasticsearch.org/tutorials/javascript-web-applications-and-elasticsearch/ For a heavy-loaded system, you should consider using Nginx as the proxy, implementing the OAuth support via the Lua integration. See this article for a full example: http://chairnerd.seatgeek.com/oauth-support-for-nginx-with-lua/ (See this article for general overview of using Nginx together with Elasticsearch: http://www.elasticsearch.org/blog/playing-http-tricks-nginx/) Karel On Tuesday, October 7, 2014 11:15:34 PM UTC+2, Zachary Buckholz wrote: > > Is there any work being done to integrating a token lookup service within > ES to see if a request is authorized? > > I'd like to implement an angularjs application that is exposed to the > public internet, and at the same time has direct access to ES; with each > query being encapsulated with a token request and signed. > > > Thanks > Zach > > > > -- You received this message because you are subscribed to the Google Groups "elasticsearch" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/elasticsearch/f999aa2b-9b55-4d0e-8404-d6bc69edadbb%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
