Thanks for the answer,As I see these are Coordinator endpoints. But what I wanted to secure (using JWT) is the JaxRs compensate and complete endpoints which are called by the Coordinator. So that only the coordinator is able to call those endpoints.
On Tuesday, September 19, 2023 at 11:56:26 AM UTC+2 narayana-users wrote:And another option we'd recommend is JWT (JSON Web Tokens). We do provide an example of how to secure the coordinator so you could use a similar technique to secure your own service.On Tuesday, 19 September 2023 at 10:51:17 UTC+1 Michael Musgrove wrote:Can't you just use SSL?On Tuesday, 19 September 2023 at 10:09:13 UTC+1 narayana-users wrote:Hi,I wanted to send the compensation and complete requests with an auth HTTP header so I can secure the jax-rs compensate and complete endpoints so only the coordinator is able to call them.One way that I can think of is adding an interceptor to all the points where the client is created in the LRAParticipantRecord class like this:Response response = client.target(endPath)
.register(HeaderInterceptor.class)
.request()
.header(LRA_HTTP_CONTEXT_HEADER, lraId.toASCIIString())
.header(LRA_HTTP_PARENT_CONTEXT_HEADER, parentId) // make the context available to participants
.header(LRA_HTTP_RECOVERY_HEADER, recoveryURI.toASCIIString())
.header(NARAYANA_LRA_PARTICIPANT_DATA_HEADER_NAME, compensatorData)
.async()
.put(Entity.text(""))
.get(PARTICIPANT_TIMEOUT, TimeUnit.SECONDS);and in the interceptor send a request get the token and add it to the header like this:context.getHeaders().add("Authorization", "Bearer " + getAccessToken());Would this interfere with how the coordinator works? Does it make issues? Are there better alternatives to achieve this?BestMil
--
You received this message because you are subscribed to the Google Groups "narayana-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to narayana-user...@googlegroups.com.
To view this discussion on the web, visit https://groups.google.com/d/msgid/narayana-users/2caa4732-fdf1-44ce-be90-f2156853425dn%40googlegroups.com.
To view this discussion on the web, visit https://groups.google.com/d/msgid/narayana-users/d5c8e570-756f-4a42-ba4d-28ca2d8bbdean%40googlegroups.com.