http-header

Edit online

Use the http-header stanza entry to add HTTP headers to the OAuth introspection request.

Syntax

http-header = <header-name>:<header-data>

Description

Controls the addition of HTTP headers into the OAuth introspection request.

This configuration item may be customized for a particular junction by adding the adjusted configuration item to a [oauth-introspection:{jct_id}] stanza, where '{jct-id}' refers to the junction point for a standard junction (include the leading '/'), or the virtual host label for a virtual host junction.

Multiple headers can be specified by including this configuration entry multiple times.

Options

<header-name>
The name of the HTTP header that holds the data. Valid strings are limited to the following characters: A-Z, a-z, 0–9, hyphen ( - ), or underscore ( _ ).
<header-data>
The type of data that WebSEAL adds to the <header-name> header of the request. The valid values for this entry are as follows:
server_name
The Security Verify Access authorization server name for the WebSEAL server. This name is the name of the authorization API administration server that is used in the server task commands.
client-ip-v4
The IPv4 address of the client of this request.
client-ip-v6
The IPv6 address of the client of this request.
client-port
The port that is used by the client of this request. This port is the client source port and not the destination port.
host-name
The host name of the WebSEAL server. WebSEAL obtains this host name from the web-host-name configuration entry in the [server] stanza if specified. Otherwise, WebSEAL returns the host name of the server itself.
httphdr{<name>}
An HTTP header from the request as specified by the <name> field. If the HTTP header is not found in the request, WebSEAL uses the value in the [server] tag-value-missing-attr-tag configuration entry as the value for the header.
text{<value>}
The literal value which is to be assigned to the specified header.
credattr{<name>}
An attribute from the user’s credential, as specified by the <name> field. If the specified attribute does not exist, the value contained within the [server] tag-value-missing-attr-tag configuration entry will be used as the value for the header. If the specified attribute is a multi-valued attribute the values will be added to a single HTTP header, with each value separated by a comma.

Usage

This stanza entry is optional.

Default Value

None

Example

http-header = X-Forwarded-For:client-ip-v4
http-header = X-Forwarded-Host:httphdr{host}
http-header = X-Forwarded-Server:host-name
http-header = X-Deployment-Status:text{green}
http-header = X-Principal:credattr{AZN_CRED_PRINCIPAL_NAME}