[wildfly-dev] Accessing an HTTP header in a custom Elytron domain
Martin Choma
mchoma at redhat.com
Mon Aug 27 01:35:58 EDT 2018
This sort of question fits more to wildfly forum, as this is more
developers forum.
In custom http mechanism you can access X-ROLES header in same manner
as you access X-USERNAME header now;
request.getFirstRequestHeaderValue(USERNAME_HEADER)
On Fri, Aug 24, 2018 at 8:18 PM, David van Balen <dvanbale at redhat.com> wrote:
> Hi,
>
> I have a web frontend application that is communicating with a beckend REST
> service. I would like the web frontend to automatically
> authenticate/authorize with the REST services by including the username and
> roles of the authenticated user as HTTP headers in the REST call. I found a
> wildfly quickstart (http-custom-mechanism) which allows me to the
> authentication part. However, I haven't not been able to figure out how to
> provide the roles in the same fashion. In the case of the quickstart I
> mentioned, it would be something like adding an additional HTTP header to
> the curl call, like so:
>
> -H "X-ROLES:admin,ops"
>
> which would result in the user being assigned the "admin" and "ops" roles in
> the REST service.
>
> Does anyone have any pointers on how I can do this?
>
> Thanks in advance.
>
>
> _______________________________________________
> wildfly-dev mailing list
> wildfly-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/wildfly-dev
More information about the wildfly-dev
mailing list