Improve the configuration of authentication for HTTP and HTTPS partners
There are several discrepancies in how authentication can be setup for HTTP and HTTPS partners, and when they are client or servers :
- HTTP partners are limited to username/password
- HTTPS partners can use username/password or certificate hen they are clients, but only username/password when they are servers
This needs to be unified (of course, HTTP does not support certificate authentication!).
Note that this is linked to other issues:
- #309 (closed) HTTP and HTTPS should be the same partner type, with interfaces that uses the HTTP or HTTPS protocols (the same way an R66 partner can use the R66 and/or the R66-TLS protocol). Authentication mechanisms are then dependent on the protocol.
-
#313 (closed) username/password is too limiting: it tells what should be used, but not how it should be used. Several authentication mechanisms can be used with HTTP(S). The most common are
basic
,digest
andbearer
(cf. MDN). This must also be combined with methods to acquire the credentials (the token for the bearer method can be acquired with OAUTH or openid for example). This list must however be in sync with what is supported by Gateway)
So maybe this issue is a "meta-issue" to track progress in other related issues!