问题
I have apimanger v1.5.0. It authorize request by access_token and forward to backend. Backend need enduser name for processing request. I do not want add JWT-headers to request because that insecure.
Apimanager can add optional headers to request, if add to file repository/deployment/server/synapse-configs/default/api/admin--common_v1.0.1.xml in section <outSequence><header> some data for example uri.var.accessToken. But I dont know name of variable with enduser name.
Does somebody know?
回答1:
Variable name is END_USER_NAME.
Example of use:
<inSequence>
<property name="POST_TO_URI" value="true" scope="axis2"/>
<property name="X-Test-Username" scope="transport" expression="get-property('END_USER_NAME')"></property>
<filter source="$ctx:AM_KEY_TYPE" regex="PRODUCTION">
And result in http headers:
GET http://backend.server:8080/sm/api/v1/common/user/example?access_token=4d758b64d5de15029c467dcd6feb354& HTTP/1.1
Accept-Language: ru-RU,ru;q=0.8,en-US;q=0.6,en;q=0.4
Username: rudesu@example.com
Referer: https://example.com/src-jssip-osdk-test/
Accept-Encoding: gzip,deflate,sdch
THIS METHOD DOESN`T WORK IN APIM 1.7.0
In 1.7.0 work:
<property name="X-Test-Username" scope="transport" expression="get-property('END_USER_NAME')"/>
来源:https://stackoverflow.com/questions/23755852/add-header-with-username-into-request-to-backend-in-wso2-apimanager