WSO2 Open Banking Accelerator is a collection of technologies that increases the speed and reduces the complexity of adopting open banking compliance. Instead of building a solution from scratch, you can use WSO2 Open Banking Accelerator to meet all legislative requirements with additional benefits beyond compliance.
Apache License 2.0
7
stars
20
forks
source link
[OB3] Prevent overriding MTLS Cert Header at TokenFilter #99
[OB3] Prevent overriding MTLS Cert Header at TokenFilter
When a proxy is added to IS APIs through gateway, TLS is terminated at gateway and the Gateway transport certificate is passed to the IS. This causes client authentication failures. The certificate is added to the request as a header by GatewayClientAuthenticationHandler. This PR adds changes to the TokenFilter to prevent overriding that header if it is available.
[OB3] Prevent overriding MTLS Cert Header at TokenFilter
Issue link: https://github.com/wso2-enterprise/ob-compliance-toolkit-cds/issues/511
Doc Issue: Optional, link issue from documentation repository
Applicable Labels: Spec, product, version, type (specify requested labels)
Development Checklist
Secure Development Checklist
Testing Checklist
Automation Test Details
Conformance Tests Details
Resources
Knowledge Base: https://sites.google.com/wso2.com/open-banking/
Guides: https://sites.google.com/wso2.com/open-banking/developer-guides