Securing a web service

[Simkiw]

Hi,

Can docker auth mange access control to resources hosted by any service and not necessarily docker?
Say I have a web service that returns hello when called on localhost/5002/api/v1/hello.
I would like to secure it with this component and experience the same behavior as in https://github.com/distribution/distribution/blob/main/docs/spec/auth/token.md:

1- Postman calls that hello service
2- Hello services returns 401 + where you should make the authentication request
3- Postman makes the authentication request and receives a token
4- Postman uses the token when calling hello service
5- Hello services grants access and responds with hello

All i can do now is launch docker_auth container and receive a token when reaching localhost:5001/auth as described in my config_file. Then I got stuck there and i don't seem to find a way to secure my hello service with cesanta docker auth service.

Maybe I misunderstood the documentation and is only related to docker registries (or maybe not).

[Simkiw]

Ps: I followed the simplest config as suggested in the docs.

server:
  addr: ":5001"
  certificate: "/config/server.crt"
  key: "/config/server.key"

token:
  issuer: "moha x cesanta x issuer"  # Must match issuer in the Registry config.
  expiration: 900

users:
  # Password is specified as a BCrypt hash. Use `htpasswd -nB USERNAME` to generate.
  "admin":
    password: "$2y$05$LO.vzwpWC5LZGqThvEfznu8qhb5SGqvBSWY1J3yZ4AxtMRZ3kN5jC"  
  # bob is not a valid password
  "bob":
    password: "bob"  

acl:
  - match: {account: "admin"}
    actions: ["*"]
    comment: "Admin has full access to everything."