Closed simon-payne-informa closed 2 years ago
Hi,
RequestHeader is applied at the end of the request processing by default. You can add "early" keyword at the end of the directive to have the header set as soon as possible.
Take a look at "Early and late processing" in https://httpd.apache.org/docs/current/mod/mod_headers.html.
Anthony
Hi,
Thanks for that, it has given me some progress. With the early
keyword added, I now get this:
[auth_jwt:debug] mod_authnz_jwt.c(1120): AH55402: auth_jwt authn: reading Authorization header...
[auth_jwt:debug] mod_authnz_jwt.c(1169): AH55405: auth_jwt authn: checking signature and fields correctness...
[auth_jwt:error] AH55512: Decoding process has failed, token is either malformed or signature is invalid
So it appears to now have the Authorization
header, but I guess the value is garbled or unassigned. I suspect I'll just have to dig away at it to find out why.
thanks for your help.
Simon
Hi Anthony,
I am trying to integrate your module into an Apache 2.4 server on Centos 7 running in a Docker container. This is to meet a requirement for the client to supply a valid JWT before allowing proxying of a request through Apache to a destination API.
The client supplies a header named
X-Custom-Auth-Header
(this is constrained by other components and the header name cannot be changed to be more standard); my idea is to turn it into anAuthorization: Bearer ...
header so thatmod_authnz_jwt
can validate the token before granting the access request.Here is the configuration in the virtual host that contains the proxy:
The error I get in the Apache logs is :
It seems that it is erroring at a stage before the
RequestHeader set Authorization ...
line. Is it possible to work around this, and if so, please can you advise what I need to do in order to get the Authorization header to be detected bymod_authnz_jwt
?Thank you.
Simon Payne