That's very interesting because I don't believe Apiman is stripping out any
headers from the request (at any point). If that's happening I can't think
of what the root cause might be. IIRC we just copy all request headers
from the inbound HttpServletRequest into the ApiRequest bean.
GitHub is currently down so I can't send a link to the relevant code....
On Fri, Aug 18, 2017 at 11:16 PM, Stephen Henrie <stephen(a)saasindustries.com
wrote:
I have Apiman running in an openshift environment, which is essentially a
similar configuration to running in kubernetes. Each container/pod is
always receiving http/s requests through an HA Proxy server, so that the
x-forwarded-* set of headers get added to each request by the proxy server.
Unfortunately, it appears that the headers which are provided in the
ApiRequet bean when the policy chain processor doApply() method is called
does not include these proxy related headers. This means that the standard
policies for the IP white and black listing policies do not work when the
apiman gateway is behind a proxy server. The request.getRemoteAddr()
method returns the ip address to the proxy server, so there is no way to
get the ip address of the originator since the x-forwarded-for header ( and
related headers ) are not found.
Has anyone else experienced this? If so, is this by design?
Thanks!
Stephen
_______________________________________________
Apiman-user mailing list
Apiman-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/apiman-user