digital-asset/daml
1
1
Fork 0
mirror of https://github.com/digital-asset/daml.git synced 2024-09-20 01:07:18 +03:00
Code Issues Projects Releases Wiki Activity
a71762780e
daml/ledger/ledger-api-auth
History
Robert Autenrieth 46b87c392d
Log all authorization errors (#6857) 
* Log all authorization errors

CHANGELOG_BEGIN
- [Ledger API Server] The ledger API server now prints detailed log messages
  whenever a request was rejected due to a failed
  authorization.
CHANGELOG_END
2020-07-28 06:39:39 +02:00
..
src Log all authorization errors (#6857) 2020-07-28 06:39:39 +02:00
BUILD.bazel Add basic participant integration API scaladoc (#6790) 2020-07-20 21:31:32 +02:00
README.md Move AuthService (#3272) 2019-10-29 15:46:43 +00:00

README.md

Ledger API authorization

General authorization in gRPC

An Interceptor reads HTTP headers, and stores relevant information (e.g., claims) in a Context.

GRPC services read the stored data from the Context in order to validate the requests.

Authorization in the ledger API

The AuthService defines an interface for decoding HTTP headers into Claims.

The ledger API server takes an AuthService implementation as an argument.

The ledger API server uses a call interceptor and the given AuthService implementation to to store decoded Claims in the gRPC Context.

All ledger API services use the Claims to validate their requests.