X-Auth-Token header #12
Comments
|
Hi @egobsv Currently the REST Adapter Service does not support sending user defined (custom) HTTP headers - all the user defined HTTP header are dropped. Instead, X-Road's built-in REST implementation supports transferring user defined HTTP headers. The easiest alternative would be to drop the REST Adapter Service and use X-Road's built-in REST implementation instead. In case using the REST Adapter Service is required, it should be further developed to support transferring user defined HTTP headers. We're glad to receive a pull request implementing such a feature. Best regards, |
|
Hi Petteri, Thanks for your comments, |
|
Hi @egobsv Upgrading to the latest X-Road version and using the X-Road's own REST protocol is the recommended way to go. The adapter is most likely the cause of the issue, because it does not forward any HTTP headers set by the client application, except the content type header. This means that the authentication related HTTP headers are dropped by the client side adapter service. Here you can find more information about how HTTP headers are handled in the X-Road REST protocol. There are some filtered and specially handled HTTP headers, but otherwise HTTP headers are forwarded as-is. This applies to both request and response messages. Best regards, |
Hi,
We are trying to use an authorization server behind a security server and rest-adapter, we are able to do do the initial login using rest calls but it fails when we try to use the X-Auth-Token header. I am hoping there might be an easy way to pass this header (or other headers as needed), otherwise I am happy to start a pull request.
regards,
The text was updated successfully, but these errors were encountered: