Hi,
We've been developing gRPC services for our backend. We would like to
prevent direct access to these services when in production, by having all
clients go through a proxy. We have a custom proxy setup now (based on
Jetty) that handles http/1 traffic - it also applies authentication and
handles sessions. What we'd like to do, is find a way to do the same thing
for our gRPC services.
My initial thought was to somehow develop a simple pass-thru ("dumb")
handler for the http/2 (grpc) requests to the backend services. So requests
coming into the proxy would be routed to the backend services without any
inspection/manipulation of the data. But I'm unsure of how we'd do this
really. Is this approach possible?
Another idea was to just import grpc into the proxy, startup a grpc server
and use the generated client libs to handle the proxying. But I wouldn't
want to do this if it required that we have to manually wire up each
request to the specific client class etc.. Is there a way to do this
dynamically?
And lastly, we would like to reuse some of the auth handling we have in our
http/1 proxy - mainly, JWTs. Are there examples out there of using JWT
w/gRPC?
Cheers,
- Matt
--
You received this message because you are subscribed to the Google Groups
"grpc.io" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
Visit this group at https://groups.google.com/group/grpc-io.
To view this discussion on the web visit
https://groups.google.com/d/msgid/grpc-io/0dea0808-f103-45ff-90a5-1b78dbd49933%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
