I want a set up that would force all requests to be authenticated before reaching the application server. I'm seeing HAProxy support basic HTTP Authentication but I couldn't find any info about making custom authentication. So the scenario would be like
Positive authentication
In-coming Request -> HAProxy -> Authentication Server -> HAProxy -> Application -> Response 200
Negative authentication
In-coming Request -> HAProxy -> Authentication Server -> Response 401
The authentication I have in mind is using JWT for token authentication then check against in-memory caching to see if the login is still valid or not.
Is the set up mentioned possible? Am I on the right track here?
FYI: I'm quite new to the network and ops side so I might misunderstand some concept without realizing it.
