Open gcdev373 opened 4 months ago
This feature is needed in Stroom Proxy and probably in stroom as well. A usage example would be to allow cloud based load balancers to perform mTLS authentication. See https://docs.aws.amazon.com/elasticloadbalancing/latest/application/mutual-authentication.html for details of an existing implementation.
The headers and their expected values should be configured in config, as should the list of trusted proxies, as it should not be possible for non-trusted clients to provide these headers and so assert identity!
This feature is needed in Stroom Proxy and probably in stroom as well. A usage example would be to allow cloud based load balancers to perform mTLS authentication. See https://docs.aws.amazon.com/elasticloadbalancing/latest/application/mutual-authentication.html for details of an existing implementation.
The headers and their expected values should be configured in config, as should the list of trusted proxies, as it should not be possible for non-trusted clients to provide these headers and so assert identity!