Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Application level auth token verification on Seldon Core #1562

Closed
axsaucedo opened this issue Mar 19, 2020 — with Board Genius Sync · 5 comments
Closed

Application level auth token verification on Seldon Core #1562

axsaucedo opened this issue Mar 19, 2020 — with Board Genius Sync · 5 comments
Labels
priority/p2

Comments

@axsaucedo Board Genius Sync
Copy link
Contributor

This issue aims to explore the advantages / disadvantages of adding application level auth token verification with standard OICD provider options, with the objective of verifying or rejecting requests that have a token that is not valid. Currently the best practice and suggested authentication implementation is by ensuring the cluster has ingress-level authentication, so the token is actually validated on the ingress, instead to having it on an application-level.
@axsaucedo axsaucedo added the triage Needs to be triaged and prioritised accordingly label Mar 19, 2020
@ukclivecox ukclivecox removed the triage Needs to be triaged and prioritised accordingly label Apr 2, 2020
@seldondev
Copy link
Collaborator

Issues go stale after 30d of inactivity.
Mark the issue as fresh with /remove-lifecycle stale.
Stale issues rot after an additional 30d of inactivity and eventually close.
If this issue is safe to close now please do so with /close.
/lifecycle stale

@seldondev seldondev added the lifecycle/stale Denotes an issue or PR has remained open with no activity and has become stale. label May 3, 2020
@axsaucedo
Copy link
Contributor Author

/remove-lifecycle stale

@seldondev seldondev removed the lifecycle/stale Denotes an issue or PR has remained open with no activity and has become stale. label May 3, 2020
@axsaucedo axsaucedo added the triage Needs to be triaged and prioritised accordingly label May 3, 2020
@ukclivecox ukclivecox added priority/p2 and removed triage Needs to be triaged and prioritised accordingly labels May 7, 2020
@SachinVarghese
Copy link
Contributor

I have been exploring this for quite some time and now started working on an example for clusters with istio enabled https://github.com/SachinVarghese/seldon-core/blob/auth/examples/auth/README.md

@ukclivecox
Copy link
Contributor

This is great. Can you create a PR?

@SachinVarghese SachinVarghese mentioned this issue May 17, 2020
Merged
@axsaucedo axsaucedo changed the title Application level auth token verification on Seldon Core OSS-44: Application level auth token verification on Seldon Core Apr 26, 2021
@axsaucedo axsaucedo changed the title OSS-44: Application level auth token verification on Seldon Core Application level auth token verification on Seldon Core Apr 28, 2021
@ukclivecox
Copy link
Contributor

Closing. Please reopen if we still need this or not done by @SachinVarghese PRs

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
priority/p2
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@axsaucedo @ukclivecox @SachinVarghese @seldondev