JWT和KONG具有自定义身份验证

本文介绍了JWT和KONG具有自定义身份验证的处理方法，对大家解决问题具有一定的参考价值，需要的朋友们下面随着小编来一起学习吧！ 问题描述

我在KONG上阅读了本教程 getkong/plugins/jwt/

I went through this tutorial on KONG getkong/plugins/jwt/

我对JWT和授权概念有所了解.我已经用Spring Boot原型化了JWT，可以在其中放置自己的键值，例如{{authorizations:"role_admin，role_user"}.

I have an understanding of JWT and authorization concepts. I have prototyped JWT with Spring Boot where I could put my own key value like this {"authorizations":"role_admin, role_user"}.

在Spring Boot中很容易做到这一点，但是我找不到有关如何使用KONG进行此操作的信息.有人有任何信息吗?

It is easy to do that in Spring Boot but I am not able to find information on how to do this with KONG. Anyone has any info about it?

推荐答案

Kong社区版只能处理身份验证过程((允许或拒绝与客户联系).

Kong community edition can handle only the authentication process, (give or deny access to a customer).

授权过程(给定客户可以在您的应用程序中执行的操作)由您的应用程序或 getkong/plugins/ee-oauth2-introspection/仅限企业版的oauth2自省插件

Authorization process (what a given customer can do in your application) is handled by your application or by getkong/plugins/ee-oauth2-introspection/ oauth2 introspection plugin which is enterprise edition only

如果用户通过身份验证或由kong代理的原始令牌头，则可以基于X-Consumer-Username请求头编写自己的授权服务器

you can write your own authorization server based on X-Consumer-Username request header if user passed authentication or original token header proxied by kong

希望有帮助