[
https://issues.apache.org/jira/browse/IGNITE-20814?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Ivan Gagarkin reassigned IGNITE-20814:
--------------------------------------
Assignee: Ivan Gagarkin
> Replace AuthorizationHeaderFilter with own implementation of SecurityFilter
> ---------------------------------------------------------------------------
>
> Key: IGNITE-20814
> URL: https://issues.apache.org/jira/browse/IGNITE-20814
> Project: Ignite
> Issue Type: Improvement
> Components: rest
> Reporter: Ivan Gagarkin
> Assignee: Ivan Gagarkin
> Priority: Major
> Labels: ignite-3
> Time Spent: 10m
> Remaining Estimate: 0h
>
> *Current Behavior:* We're currently injecting an empty Authorization header
> in requests lacking one, as Micronaut filters out requests without
> authentication headers. This is handled by the AuthorizationHeaderFilter.
> *Problem:* This workaround is not ideal and could lead to maintainability
> issues.
> *Proposed Solution:* Develop a custom SecurityFilter that:
> * Checks whether authentication is enabled.
> * Forwards requests to {{io.micronaut.security.filters.SecurityFilter}} if
> authentication is required.
> * Allows requests to proceed without authentication if it's not required.
> *Objective:* To replace the AuthorizationHeaderFilter with a more robust and
> maintainable custom SecurityFilter implementation.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
