How to enable 2 authentication plugins for a single service on kong

Hello,

I have enabled 2 authentication plugins for a single service. When I try to make a request with basic auth it fails and request via jwt-keycloak works (vice versa). Is there a way to make both of them work?
Authentication plugins used: basic-auth and jwt-keycloak
Kong version : 1.0.3

Regards
Ashish

I ran into a similar ask from my technical product owner, I came up with one idea in my head how to do it with custom plugins I think: Multiple Kong Authentication methods on a single route?

@jeremyjpj0916 were you able to find a solution for the same?
In my situation, I have consumers only associated with basic auth, but jwt-keycloak does not associate to a consumer object

@vaishno.avi , yeah the way to do it if using the native programmatic auth patterns is the anonymous user pattern(outlined in my reply to my original thread). Which will work in terms of the Basic-Auth plugin I believe probably supports the anon user, but you need to ensure the jwt-keycloak can also support the annoynmous user logic. Might require forking and re-writing w/e this jwt-keycloak plugin you are referring to does to suppor the anon-user setting. Or if you only support basic and jwt-keycloak maybe forcing it to run after basic auth and checking in its code if basic auth is already set to valid user in the context then return out of that other plugin without doing any extra logic. Just depends on how you want to implement it.


© 2019 Kong Inc.    Terms  •  Privacy  •  FAQ