Re: [grpc-io] [java] Challenge-Response / Digest Auth for GRPC
Thank you for the tips. I found an implementation here https://github.com/grpc/grpc-java/pull/1570 and will study it for inspiration. Regards, William On 20 September 2017 at 06:59, Eric Anderson <ej...@google.com> wrote: > On Mon, Sep 18, 2017 at 3:51 AM, William Shallum <wshal...@bbmtek.com> > wrote: >> >> * Is this a good way of doing challenge/response over GRPC? > > > Yeah, an interceptor seems like a good approach. > >> >> * Is it possible in the Java API to have an interceptor that can retry >> requests transparently? > > > Yes. It can be a bit painful, but essentially you call channel.newCall() > more than once. You have to save the request in order to replay it though. I > think there are some retrying interceptors floating around; you may search > for one. -- You received this message because you are subscribed to the Google Groups "grpc.io" group. To unsubscribe from this group and stop receiving emails from it, send an email to grpc-io+unsubscr...@googlegroups.com. To post to this group, send email to grpc-io@googlegroups.com. Visit this group at https://groups.google.com/group/grpc-io. To view this discussion on the web visit https://groups.google.com/d/msgid/grpc-io/CADExRQb7Tq0%3Diw_8_XFGHXbGej%2BjcwevJs-4xXRzDcb6CzVUug%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
[grpc-io] [java] Challenge-Response / Digest Auth for GRPC
Hi, Has anyone attempted to do a challenge-response / digest authentication implementation for GRPC? Our current services use a token and HTTP Digest authentication to prove ownership of the token's associated secret without passing it over the wire. >From what I see in the examples, most of the available authentication samples is using bearer tokens. We have locally built a server side interceptor (using the Java API) that does digest authentication based on metadata in headers. The client side interceptor also has been created but it does not have transparent retry capability (e.g. if the nonce expires or on initial request). My questions are: * Is this a good way of doing challenge/response over GRPC? * Is it possible in the Java API to have an interceptor that can retry requests transparently? Your input is greatly appreciated. Thanks, William -- You received this message because you are subscribed to the Google Groups "grpc.io" group. To unsubscribe from this group and stop receiving emails from it, send an email to grpc-io+unsubscr...@googlegroups.com. To post to this group, send email to grpc-io@googlegroups.com. Visit this group at https://groups.google.com/group/grpc-io. To view this discussion on the web visit https://groups.google.com/d/msgid/grpc-io/CADExRQaCjmLk7jAvn5fUq9hm%3DhYVRBeBpWSMbqMoJdR6YinNbg%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
