Support a way to auth client-server connection.
I think it's necessary, such as, When using Claude Desktop to connect to a remote MCP Server, only one URL can be filled in. If identity authentication and authorization are implemented, passing information from the request parameters is a good choice.
Claude mcp config example:
{
"mcpServers": {
"mcp-remote-server-example": {
"url": "http://127.0.0.1:8080/sse"
}
}
}
[discard] support request params such as:
{
"mcpServers": {
"mcp-remote-server-example": {
"url": "http://127.0.0.1:8080/sse?key=value"
}
}
}
support 'HTTP Basic Auth' such as:
{
"mcpServers": {
"mcp-remote-server-example": {
"url": "http://user:password@127.0.0.1:8080/sse"
}
}
}
Comment From: lambochen
PR: https://github.com/spring-projects/spring-ai/pull/2886
Comment From: lambochen
CC: @tzolov thx
Comment From: lambochen
related mcp issue: https://github.com/modelcontextprotocol/java-sdk/issues/204 PR: https://github.com/modelcontextprotocol/java-sdk/pull/205
Comment From: quaff
Why not http://user:password@127.0.0.1:8080/sse?
Comment From: lambochen
Thank you for your comment. HTTP Basic Auth is indeed a more suitable solution for authentication scenarios
Why not
http://user:password@127.0.0.1:8080/sse?
Comment From: quaff
It is indeed not possible to pass the username and password via query parameters in standard HTTP auth. Instead, you use a special URL format, like this: http://username:password@example.com/ -- this sends the credentials in the standard HTTP "Authorization" header.
See https://serverfault.com/a/371918
Comment From: lambochen
It is indeed not possible to pass the username and password via query parameters in standard HTTP auth. Instead, you use a special URL format, like this: http://username:password@example.com/ -- this sends the credentials in the standard HTTP "Authorization" header.
See https://serverfault.com/a/371918
Thank you for your related sharing, I will adjust the plan to achieve authentication more securely
Comment From: funs690
How to validate custom auth header in the sse server, such as token
client setting: WebFluxSseClientTransport transport = new WebFluxSseClientTransport(WebClient.builder().baseUrl("http://127.0.0.1:9090").defaultHeader("token", "123456"));
Comment From: funs690
This will be work
package com.zctech_ai.mcp_weather_server.config;
import lombok.extern.slf4j.Slf4j; import org.springframework.context.annotation.Configuration; import org.springframework.web.server.ServerWebExchange; import org.springframework.web.server.WebFilter; import org.springframework.web.server.WebFilterChain; import reactor.core.publisher.Mono;
@Slf4j @Configuration public class AuthConfig implements WebFilter {
/**
* auth filter
* @param exchange
* @param chain
* @return
*/
@Override
public Mono<Void> filter(ServerWebExchange exchange, WebFilterChain chain) {
// 获取请求头
String token = exchange.getRequest().getHeaders().getFirst("token");
log.debug("=================================================");
log.debug("token: " + token);
log.debug("=================================================");
// 可以在此做校验、拒绝请求等逻辑
if (token == null || token.isEmpty() || !"123456".equals(token)) {
exchange.getResponse().setStatusCode(org.springframework.http.HttpStatus.UNAUTHORIZED);
return exchange.getResponse().setComplete();
}
return chain.filter(exchange);
}
}
Comment From: lambochen
rel: MCP Specification - Security and Trust & Safety
Comment From: Kehrlann
As you pointed out in the previous comment, userinfo is not passed in the URL but in the authorization header. On the server-side, this can be consumed by Spring Security to authenticate incoming requests, like so:
@Bean
SecurityWebFilterChain securityFilterChain(ServerHttpSecurity http) {
return http
.authorizeExchange(auth -> auth.anyExchange().authenticated())
.httpBasic(Customizer.withDefaults())
.build();
}
With this, the authentication stays at the "security" layer of the app and does not mix with MCP concerns.
On the client-side, you can provide authentication in the code, not in config. You would need to provide a WebClient.Builder that would be picked up by Spring AI:
@Bean
WebClient.Builder webClientBuilder() {
return WebClient.builder()
.defaultHeaders(h -> h.setBasicAuth("your-username", "your-password"));
}
I don't know whether Claude Desktop supports passing basic auth in the URL ; it may work but it does not seem supported.
Please note that authentication for MCP is a work in progress in the spec. The solution we seem to be converging towards is using OAuth2 for securing MCP servers.
Comment From: lambochen
MCP authorization:https://modelcontextprotocol.io/specification/2025-03-26/basic/authorization#2-6-access-token-usage
Comment From: songyuwong
When does Oauth2 authentication be supported and then different authentication connections are supported? See the tool list is different. After I customized the filter, I found that there was no pointcut to modify the list tool response. or I could do it some other way.