Anonymous Access的理解
内容导读
互联网集市收集整理的这篇技术教程文章主要介绍了Anonymous Access的理解,小编现在分享给大家,供广大互联网技能从业者学习和参考。文章包含4656字,纯文字阅读大概需要7分钟。
内容图文
You’ll now create a Consumer named anonymous_users
启用认证插件后,如果不配置匿名用户,那么如果客户 端不传递凭据,那么就不会通过
每个请求必须要和一个消费者关联,匿名消费者的配置,需要如下:
$ curl -i -X PATCH --url http://localhost:8001/plugins/<your-plugin-id> --data "config.anonymous=<your-consumer-id>"
当客户端不设置apikey的时候,kongm默认取配置的匿名用户转发到后端
我们可以针对匿名用户配置限流策略
PermalinkAnonymous Access
Kong has the ability to configure a given Service to allow both authenticated and anonymous access.
You might use this configuration to grant access to anonymous users with a low rate-limit, and grant access to authenticated users with a higher rate limit.
To configure a Service like this, you first apply your selected authentication plugin, then create a new consumer to represent anonymous users, then configure your authentication plugin to allow anonymous access. Here is an example, which assumes you have already configured a Service named example-service
and the corresponding route:
-
PermalinkCreate an example Service and a Route
Issue the following cURL request to create
example-service
pointing to mockbin.org, which will echo the request:$ curl -i -X POST --url http://localhost:8001/services/ --data ‘name=example-service‘ --data ‘url=http://mockbin.org/request‘
Add a route to the Service:
$ curl -i -X POST --url http://localhost:8001/services/example-service/routes --data ‘paths[]=/auth-sample‘
The url
http://localhost:8000/auth-sample
will now echo whatever is being requested. -
PermalinkConfigure the key-auth Plugin for your Service
Issue the following cURL request to add a plugin to a Service:
$ curl -i -X POST --url http://localhost:8001/services/example-service/plugins/ --data ‘name=key-auth‘
Be sure to note the created Plugin
id
- you’ll need it in step 5. -
PermalinkVerify that the key-auth plugin is properly configured
Issue the following cURL request to verify that the key-auth plugin was properly configured on the Service:
$ curl -i -X GET --url http://localhost:8000/auth-sample
Since you did not specify the required
apikey
header or parameter, and you have not yet enabled anonymous access, the response should be403 Forbidden
:HTTP/1.1 403 Forbidden ... { "message": "No API key found in headers or querystring" }
-
PermalinkCreate an anonymous Consumer
Every request proxied by Kong must be associated with a Consumer. You’ll now create a Consumer named
anonymous_users
(that Kong will utilize when proxying anonymous access) by issuing the following request:$ curl -i -X POST --url http://localhost:8001/consumers/ --data "username=anonymous_users"
You should see a response similar to the one below:
HTTP/1.1 201 Created Content-Type: application/json Connection: keep-alive { "username": "anonymous_users", "created_at": 1428555626000, "id": "bbdf1c48-19dc-4ab7-cae0-ff4f59d87dc9" }
Be sure to note the Consumer
id
- you’ll need it in the next step. -
PermalinkEnable anonymous access
You’ll now re-configure the key-auth plugin to permit anonymous access by issuing the following request (replace the sample uuids below by the
id
values from step 2 and 4):$ curl -i -X PATCH --url http://localhost:8001/plugins/<your-plugin-id> --data "config.anonymous=<your-consumer-id>"
The
config.anonymous=<your-consumer-id>
parameter instructs the key-auth plugin on this Service to permit anonymous access, and to associate such access with the Consumerid
we received in the previous step. It is required that you provide a valid and pre-existing Consumerid
in this step - validity of the Consumerid
is not currently checked when configuring anonymous access, and provisioning of a Consumerid
that doesn’t already exist will result in an incorrect configuration. -
PermalinkCheck anonymous access
Confirm that your Service now permits anonymous access by issuing the following request:
$ curl -i -X GET --url http://localhost:8000/auth-sample
This is the same request you made in step #3, however this time the request should succeed, because you enabled anonymous access in step #5.
The response (which is the request as Mockbin received it) should have these elements:
{ ... "headers": { ... "x-consumer-id": "713c592c-38b8-4f5b-976f-1bd2b8069494", "x-consumer-username": "anonymous_users", "x-anonymous-consumer": "true", ... }, ... }
It shows the request was successful, but anonymous.
Anonymous Access的理解
标签:follow iat ready localhost uuid cte proxy nts rmi
本文系统来源:https://www.cnblogs.com/justart/p/12609004.html
内容总结
以上是互联网集市为您收集整理的Anonymous Access的理解全部内容,希望文章能够帮你解决Anonymous Access的理解所遇到的程序开发问题。 如果觉得互联网集市技术教程内容还不错,欢迎将互联网集市网站推荐给程序员好友。
内容备注
版权声明:本文内容由互联网用户自发贡献,该文观点与技术仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 gblab@vip.qq.com 举报,一经查实,本站将立刻删除。
内容手机端
扫描二维码推送至手机访问。