Request/Reply with dynamic topics after authenticating with Oauth2

MartinL
MartinL Member Posts: 10

Hye guys,
I' ve set up a request/reply in using the message gateway. Everything runs fine. Now I want my user first to authenticate on my keycloak server and then make the request/reply just for his user. But there are 2 things not completely clear to me. Do I have to do this with a dynamic queue or topic that includes for ex. his name, or is this all done by the message gateway now - so he will definitly get his response? The other thing is, do I have to connect solace plus with keycloak that the user will also be accepted by solace? Maybe someone can give me a hint to this. I read a about the correlation-ID but I am not sure, if this is all I need?!

Tagged:

Best Answer

  • marc
    marc Member, Administrator, Moderator, Employee Posts: 959 admin
    #2 Answer ✓

    Hi @MartinL,

    Sorry for the delayed response. I think I follow your questions and will take a first stab at answering them:
    1. If you are using the broker in microgateway mode the broker will automatically handle the correlation of the response back to your requestor. No need for you to add a client-username or anything like that in the topic hierarchy for the specific purpose of correlating replies. Of course from a best practices perspective please have a well defined topic hierarchy to enable fine grained routing and filtering for other re-use of the events ;)
    2. I believe keycloak is your oauth provider? if so you will need to configure the solace message vpn to use it. Details on that in the docs here: https://docs.solace.com/Configuring-and-Managing/Configuring-OAuth-Authorization.htm

    Hope that helps!

Answers

  • MartinL
    MartinL Member Posts: 10

    @marc Hello Marc, I recognized the last days 1900 views on my message. Maybe you have an idea, how you can help me with this topic. It seems to be interesting for more people.

  • marc
    marc Member, Administrator, Moderator, Employee Posts: 959 admin
    #4 Answer ✓

    Hi @MartinL,

    Sorry for the delayed response. I think I follow your questions and will take a first stab at answering them:
    1. If you are using the broker in microgateway mode the broker will automatically handle the correlation of the response back to your requestor. No need for you to add a client-username or anything like that in the topic hierarchy for the specific purpose of correlating replies. Of course from a best practices perspective please have a well defined topic hierarchy to enable fine grained routing and filtering for other re-use of the events ;)
    2. I believe keycloak is your oauth provider? if so you will need to configure the solace message vpn to use it. Details on that in the docs here: https://docs.solace.com/Configuring-and-Managing/Configuring-OAuth-Authorization.htm

    Hope that helps!

  • MartinL
    MartinL Member Posts: 10

    Hello @marc,

    yes that helps me a lot especially 1. For 2. I have another question. If I use the microgateway with REST the token is just passed trough in the payload and I normally don't need it there?!?? Is that right? So that's what the note on your link (Solace PubSub+ event brokers support OAuth authorization only for MQTT clients) means?