Support Basic Auth #49
Comments
|
You should specify your own implementation of |
|
Thanks. Any way to do this via configuration? |
|
Of course you can. Specify the full name of the class, and an instance of that class will be created when the configuration is read. |
|
Closed due to inactivity |
|
@FantasticFiasco do you have any examples of setting up the sink for Auth - the custom implementation of the IHttpClient needs to be injected i guess, but an example would greatly speed up the process :-) |
|
There's a article in the wiki describing how one would create a custom HTTP client that implements Basic Authentication, and then injects that client when configuring the sink, Is that the information you are requesting or is there anything I can append to the article that would help you further? |
|
@FantasticFiasco, can you help with as example of a custom httpclient using "Serilog.Settings.Configuration"? |
|
@brunorsantos The custom client cannot be created in code, as shown on the wiki? |
|
@FantasticFiasco, I was trying to include sinks.http in an application that already uses settings.configuration. |
|
@brunorsantos Since you are using a JSON file to configure your application I assume you're using a dependency injection container, is that correct? Is that container accessible statically, or is its scoped to the application startup? |
|
@FantasticFiasco, I'm using depency injection and the container is scoped to startup. I'm thinking about a creating a pull request with a implementation enabling this option directly by configuration. What do you think about it? |
|
@brunorsantos I don't think providing configuration for basic authentication is the right way to go forward. Sure, it solves your use-case, but basic authentication is just one of many means of authentication, and supporting them all using configuration alternatives would be a nightmare to maintain. Up until now I haven't found the use-case to support the My thinking is that you will have your username and password in public class BasicAuthenticatedHttpClient : IHttpClient
{
private readonly HttpClient client;
public BasicAuthenticatedHttpClient()
{
client = new HttpClient();
}
public void Configure(IConfiguration configuration)
{
var username = configuration["MyConfiguration:Username"];
var password = configuration["MyConfiguration:Password"];
client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue(
"Basic",
Convert.ToBase64String(Encoding.ASCII.GetBytes($"{username}:{password}")));
}
public Task<HttpResponseMessage> PostAsync(string requestUri, HttpContent content) =>
client.PostAsync(requestUri, content);
public void Dispose() =>
client.Dispose();
}Does this seem to be an acceptable solution to you? |
|
Version 7.0.0 has been released, with improved support for custom HTTP clients defined in application settings 🎆 Please see the wiki for a complete sample on how to send log events to a basic authenticated log server. |
The http input for logstash supports basic auth but I can't see anywhere that it can be configured in this plugin. Am I correct?
It is a nice simple way of stopping attackers spamming a logging endpoint with junk events.
The text was updated successfully, but these errors were encountered: