[wildfly-dev] Accessing an HTTP header in a custom Elytron domain

David van Balen dvanbale at redhat.com
Fri Aug 24 14:18:35 EDT 2018


Hi,

I have a web frontend application that is communicating with a beckend REST
service. I would like the web frontend to automatically
authenticate/authorize with the REST services by including the username and
roles of the authenticated user as HTTP headers in the REST call. I found a
wildfly quickstart (http-custom-mechanism) which allows me to the
authentication part. However, I haven't not been able to figure out how to
provide the roles in the same fashion. In the case of the quickstart I
mentioned, it would be something like adding an additional HTTP header to
the curl call, like so:

-H "X-ROLES:admin,ops"

which would result in the user being assigned the "admin" and "ops" roles
in the REST service.

Does anyone have any pointers on how I can do this?

Thanks in advance.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/wildfly-dev/attachments/20180824/27f91171/attachment.html 


More information about the wildfly-dev mailing list