Conjur - HTTP(S)

The Conjur handler exposes an HTTP proxy which will authenticate requests made to Conjur without revealing credentials to the consumer.

Handler Parameters

  • type
    Required
    This parameter indicates the type of service proxied by the handler. For Conjur, the value of type should always be conjur.

  • match
    Required
    An array of regex patterns which match a request URI, either partially or fully. Requests which are matched by a regex in this array will be authenticated by this handler.

Credentials

  • accessToken
    Required
    Conjur access token

  • forceSSL
    Optional
    Boolean; forces connection over HTTPS if true

Examples

Authenticates all requests proxied through this handler

 
listeners:  
  -  name:  http_listener  
    protocol:  http  
    address:  0.0.0.0:8080  
handlers:  
  -  name:  conjur_handler  
    listener:  http_listener  
    type:  conjur  
    match:  
      -  .*  
    credentials:  
      -  name:  accessToken  
        provider:  file  
        id:  /run/conjur/conjur-access-token

Authenticate requests to a particular hostname

 
listeners:  
  -  name:  http_listener  
    protocol:  http  
    address:  0.0.0.0:8080  
handlers:  
  -  name:  conjur_handler  
    listener:  http_listener  
    type:  conjur  
    match:  
      -  ^https\:\/\/conjur.myorg.com\/.*  
    credentials:  
      -  name:  accessToken  
        provider:  file  
        id:  /run/conjur/conjur-access-token
 
 
9.7