I am trying to develop a authorization plugin to restrict usage of specific docker api-calls. I based my code on the example implementation of an authorization plugin using uwsgi:
I am already cabable of restricting the overall usage of some api-calls but I would like to have a user-distinct restriction level, so e.g. only some users should have access to some containers, or should be allowed to run or stop containers.
Therefore I need to get the information about the requesting user. The Twistlock-Auth-Plugin already implements user-distinct behaviour but I cannot find any parameters in the retrieved requests I get by the docker-daemon which give me any information about the requesting user.
I found HTTP-Headers called ‘REMOTE_ADDRESS’ which is always 0.0.0.0 even if I use a remote docker-client.
Another Param is ‘User-Agent’ which is always 'Docker-Client/y.
How can I get the requesting docker-user-information as described in
the sequence diagram points out that some user-specific information would be passed over, but I cannot find them.
Thank you for your patience in reading my request.