I would like to be able to disable external authorization for a specific path of my App.
Similiar to this SO: Kubernetes NGINX Ingress: Disable Basic Auth for specific path
Only difference is using an external Auth provider (OAuth via Microsoft Azure) and there is a
This is the path that should be reachable by the public
/MyPublicPath
My ingress.yaml:
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: myIngressName
annotations:
nginx.ingress.kubernetes.io/auth-signin: https://externalprovider/oauth2/sign_in
nginx.ingress.kubernetes.io/auth-url: https://externalprovider/oauth2/auth
nginx.ingress.kubernetes.io/auth-request-redirect: https://myapp/context_root/
nginx.ingress.kubernetes.io/auth-response-headers: X-Auth-Request-User, X-Auth-Request-Email, X-Auth-Request-Access-Token, Set-Cookie, Authorization
spec:
rules:
- host: myHostName
http:
paths:
- backend:
serviceName: myServiceName
servicePort: 9080
path: /
Can I have it not hit the https://externalprovider/oauth2/auth url for just that path?
I've tried using ingress.kubernetes.io/configuration-snippet to set auth_basic to value "off" but that appears to be tied to the basic auth directives not the external ones.
Because you already have ingress in place and the path is /, there will be no way of disabling the basic auth on your https://externalprovider/oauth2/auth.
For best explanation please refer to answer provided by @VAS below.
To do that, you need to set up another ingress and configure it to disable basic auth.
You can also check this question on Stack Two ingress controllers on same K8S cluster and this one Kubernetes NGINX Ingress: Disable external auth for specific path.