API Gateway Kong User's Guide (IV)-AUTH Plug-in Configuration

In order to improve the security of the system, it is very urgent and necessary to introduce the authentication function. Because authentication is a universal function, it is not necessary to implement each system separately, which will cause duplication of work. So we configured the authentication plug-in when forwarding the hole.

Kong official website provides many authentication plug-ins, including 17. We selected three suitable plug-ins for comparison:

Referring to the api protocol rules of Taobao and Zhongtong open platforms, the signature authentication method similar to HMAC is also adopted to realize the tamper-proof function. Therefore, we decided to use the hmac-auth plug-in to provide authentication function.

Because we are not sure that all services must support authentication in the future, we cannot configure this authentication plug-in as a global plug-in for the time being. Therefore, the steps to configure the plug-in are as follows:

Although the plug-in has taken effect, it can't be used effectively without relevant certificates, so add consumers and certificates at this time. The steps here are relatively simple.

series connection

What skills should e-commerce have?

2022 College Entrance Examination Essay Materials Excerpts Excellent Examples

Jay Chou said he is not Chinese

Introduce some funny personality signatures of hooligans.

How to write blue cursive script?

What are the benefits of Tik Tok Blue V opening?

Lenovo forgot the screen lock password. What if u *** can't open it?

Zhongrong 8.2 List of victims and injured persons

What are the second-tier brands of ceramic tiles in China?

Why are all current labor contracts signed electronically? Is the electronic contract valid?