Introduction to a simple authentication interceptor
The source code for the ehttp protocol server and client is available at the following URL:
https://github.com/mosn/extensions/tree/master/java-quickstart/java-plugin-quickstartehttp-server is the server-side program that starts and listens on port 8089.
ehttp-client is the client program that starts and listens on port 8008.
The ehttp protocol client supports using a REST API to trigger Remote Procedure Calls (RPCs):
curl localhost:8008/hello\?user=admin
# Access local port 8008 to query user informationAn interceptor can directly interrupt the MOSN processing flow:
f.receiveHandler.SendHijackReplyWithBody(200, headers, "403 Forbidden")
return api.StreamFilterStopCode generation provides a script to manually publish and subscribe to services after MOSN starts. You must run the script manually the first time you start MOSN:
cd ~/go/src/quick-start-practice/configs/codecs/ehttp/
bash ./auto_pub_sub.shExercise
Extend the ehttp protocol to implement an authentication interceptor plugin that allows access only to requests containing the user=admin parameter.
Requirement: MOSN must deny access if a request does not contain the user parameter or if the value of the user parameter is not admin.
For example:
curl localhost:8008/hello\?user=adminAccess is allowed.curl localhost:8008/helloAccess is denied.curl localhost:8008/hello\?user=yijiAccess is denied.
Watch the following video to learn the steps and considerations for developing an authentication interceptor: