[ https://issues.apache.org/jira/browse/IGNITE-20814?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Ivan Gagarkin reassigned IGNITE-20814: -------------------------------------- Assignee: Ivan Gagarkin > Replace AuthorizationHeaderFilter with own implementation of SecurityFilter > --------------------------------------------------------------------------- > > Key: IGNITE-20814 > URL: https://issues.apache.org/jira/browse/IGNITE-20814 > Project: Ignite > Issue Type: Improvement > Components: rest > Reporter: Ivan Gagarkin > Assignee: Ivan Gagarkin > Priority: Major > Labels: ignite-3 > Time Spent: 10m > Remaining Estimate: 0h > > *Current Behavior:* We're currently injecting an empty Authorization header > in requests lacking one, as Micronaut filters out requests without > authentication headers. This is handled by the AuthorizationHeaderFilter. > *Problem:* This workaround is not ideal and could lead to maintainability > issues. > *Proposed Solution:* Develop a custom SecurityFilter that: > * Checks whether authentication is enabled. > * Forwards requests to {{io.micronaut.security.filters.SecurityFilter}} if > authentication is required. > * Allows requests to proceed without authentication if it's not required. > *Objective:* To replace the AuthorizationHeaderFilter with a more robust and > maintainable custom SecurityFilter implementation. -- This message was sent by Atlassian Jira (v8.20.10#820010)