问题
So that a browser would show the login page if no authentication is provided, but the backend would accept calls with a valid bearer token header as well.
Is that possible? If so, how?
We have several kubernetes services in the same namespace behind an ingress and annotated the ingress with
ingress.bluemix.net/appid-auth: "bindSecret=binding-appidname namespace=somenamespace requestType=api serviceName=service-a"
requestType=web will work too, but requestType=api,web does not work, neither does adding the annotation twice with the respective request types.
The AppId Documentation (https://console.bluemix.net/docs/services/appid/tutorial-kubernetes-auth.html) states in the descriptino of "serviceName": To use multiple request types in the same cluster, configure an instance of App ID to use web and another to use api., so I got the impression it should be possible to use both at the same time.
回答1:
You can protect multiple services with different requestTypes in the same namespace using Ingress annotation. The syntax is:
ingress.bluemix.net/appid-auth: "bindSecret=binding-appid-01 requestType=web serviceName=service1;bindSecret=binding-appid-01 requestType=api serviceName=service2;bindSecret=binding-appid-02 requestType=web serviceName=service3;"
来源:https://stackoverflow.com/questions/55050105/is-it-possible-to-configure-appid-in-kubernetes-ingress-with-both-types-web-and