New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Expose SecurityLevel on server-side #7719
Comments
API review meeting:
|
General implementation approach:
Over time we'll probably try to make the security level more first-class in our lower-level APIs and delete the ATTR_SECURITY_LEVEL key, but that is completely separate. |
Throwing |
@sanjaypujare, I don't quite agree with "more correct". For security APIs it is normal to lower the perceived level of security in the face of uncertainty. As far as I'm concerned, we can always return a lower security level than actually used, with the understanding that code requiring higher levels may stop functioning. Downgrading can be much more predictable than random exceptions being thrown at times. I think the question is "who benefits?" Debugging the exception is definitely easier and more clear. If the method is not implemented, what will callers generally do? If they will error, then the exception could be convenient and not harmful. But if they will try to continue, then using NONE can be more appropriate. |
Yes, I understand that returning
But I am not opposed to returning |
fixed by #8943 |
This is an out-shoot of #7711. Basically, there is not a generic way of determining the level of security offered by the transport for RPCs on server-side. This can be approximated by looking for the SSLSession, but that doesn't work for ALTS and maybe some future TLS approaches.
CC @pavolloffay
The text was updated successfully, but these errors were encountered: