Kong: ACL White list synchronisation in Kong hybrid mode
Summary
I’m facing an issue when I use ACL and white list in hybrid mode
The data plan seems to not synchronize white list modification
Kong version used : 2.0.1
Steps To Reproduce
My test is as following
- I create a service and a route
- I add a JWT plugin to the service
- I create a consumer
- I create a JWT credential
- I generate a JWT on https://jwt.io/
- I add ACL plugin to my service with a whitelist array containing one group
- I add the consumer in the group
- I consume the api
With a standard Kong configuration (not hybrid) it works fine
In hybrid mode After adding the ACL plugin I can’t consume the api anymore
The data plan doesn’t take care about group modification made on control plan
My request to add the ACL on control plan is
curl --location --request POST ‘https://{my_kong}/services/{id}/plugins’
–header ‘Authorization: Basic {my basic}’
–form ‘name=acl’
–form ‘config.whitelist={group_name}’
My request to add consumer in the group on control plan
curl --location --request POST ‘https://{my_kong}/consumers/{id}/acls’
–header ‘Authorization: Basic {my basic}’
–form ‘group={group_name}’
Additional Details & Logs
- Kong version (
2.0.1) - Operating system : docker image
ypscotto
All 3 comments
Kong Nation also reported this: https://discuss.konghq.com/t/acl-plugin-not-working-in-db-less-mode/6033
hbagdi
on 17 Apr 2020
@ypscotto Can you try with 2.0.4. I know some fixes went to releases after 2.0.1 to fix some hybrid issues. Meanwhile I can try to reproduce it.
bungle
on 19 May 2020
@bungle well done ! It' fixed in 2.0.4 version
The issue can be closed
Thank you
ypscotto
on 25 May 2020
Related issues
jason-riddle
·
40Comments
jeremyjpj0916
·
34Comments
noamelf
·
36Comments
DavidTPate
·
35Comments
daviesf1
·
39Comments