Hi.

 

I have following scenario in which I currently face a problem with Undertow:

 

I use Undertow as a Reverse-Proxy (via SimpleProxyClientProvider).

I want to enable a Signature-based authentication where the client can sign the HTTP request with its private key and the Reverse-Proxy (implemented with Undertow) can check with the client’s public key if it was signed correctly.

 

I do not only want to include HTTP headers (Host, Date, ..) and Method/Path, but also the request body.

For that I need to consume the HttpServerExchange’s InputStream:

 

if (isHttpMethodWithBody(method))
{
  exchange.startBlocking();

  final String body = new Scanner(exchange.getInputStream(), "UTF-8").useDelimiter("\\A").next();

  ..

Unfortunately in this scenario, the Exchange’s “getRequestChannel()” returns null as “another party already acquired the channel”.

 

I found “Connectors.resetRequestChannel(exchange)”;

 

But just calling this results after the InputStream was consumed results in a “IOException : UT001000: Connection closed”.

 

 

Is there any way to “consume” the request’s payload, but afterwards simply forward to the proxy target?

 

 

Any help is really appreciated, Thanks!

 

--

Thomas Jäckle