Protecting a wsdl endpoint only

Hello,

I am trying to find a way to protect a specific path using basic authentication

/myapp/myservice?wsdl

At the same time, I need to allow anonymous access to

/myapp/myservice

I can either block access with basic auth or allow access to both.

Is there a way of achieving what I want to?

My ingress looks like this:

---
apiVersion: networking.k8s.io/v1beta1
kind: Ingress
metadata:
  name: myapp
  namespace: myapp-services
  annotations:
    kubernetes.io/ingress.class: kong
    konghq.com/plugins: myapp-auth
spec:
  tls:
  - hosts:
    - myapp.com
    secretName: myapp-tls
  rules:
  - http:
      paths:
      - path: /myapp/myservice
        pathType: Exact
        backend:
          serviceName: myapp-svc
          servicePort: 8086

Thank you for your help.

AFAIK question mark is special, it marks the start of the query string and can’t be used for path matching.

So I think there is no way to allow /myapp/myservice and block /myapp/myservice?wsdl

Thank you @fomm , would you know if there is a way of blocking access altogether to the WSDL via Kong?

If you just want to block requests that has WSDL in query string, maybe you can try using request termination plugin on the route.

Thank you @fomm I’ll give that a try!


© 2019 Kong Inc.    Terms  •  Privacy  •  FAQ