Protecting a wsdl endpoint only

FidgetingFE · October 27, 2021, 8:26am

Hello,

I am trying to find a way to protect a specific path using basic authentication

/myapp/myservice?wsdl

At the same time, I need to allow anonymous access to

/myapp/myservice

I can either block access with basic auth or allow access to both.

Is there a way of achieving what I want to?

My ingress looks like this:

---
apiVersion: networking.k8s.io/v1beta1
kind: Ingress
metadata:
  name: myapp
  namespace: myapp-services
  annotations:
    kubernetes.io/ingress.class: kong
    konghq.com/plugins: myapp-auth
spec:
  tls:
  - hosts:
    - myapp.com
    secretName: myapp-tls
  rules:
  - http:
      paths:
      - path: /myapp/myservice
        pathType: Exact
        backend:
          serviceName: myapp-svc
          servicePort: 8086

Thank you for your help.

fomm · October 27, 2021, 9:26am

AFAIK question mark is special, it marks the start of the query string and can’t be used for path matching.

So I think there is no way to allow /myapp/myservice and block /myapp/myservice?wsdl

FidgetingFE · October 27, 2021, 10:46am

Thank you @fomm , would you know if there is a way of blocking access altogether to the WSDL via Kong?

fomm · October 27, 2021, 11:14am

If you just want to block requests that has WSDL in query string, maybe you can try using request termination plugin on the route.

FidgetingFE · October 27, 2021, 11:40am

Thank you @fomm I’ll give that a try!

Topic		Replies	Views
Selective authorization and routing on Kong Ingress Kubernetes	1	566	January 5, 2021
How to apply auth to specific path Kubernetes	6	745	March 19, 2020
How to block some subpath and return 401? Request-termination + ingress Kubernetes	2	3401	March 6, 2020
Path only rules ingress resources and ssl termination Kubernetes	2	2078	July 29, 2020
[Question] Secure service backend on kong ingress and proxy path Kubernetes	2	1671	September 11, 2018

Protecting a wsdl endpoint only

Related Topics