Uploaded image for project: 'apiman (API Management)'
  1. apiman (API Management)
  2. APIMAN-1073

API Security > Basic Auth Header Scheme is sent in Upper case and not camelcase according to the Specification

    XMLWordPrintable

Details

    • Bug
    • Resolution: Done
    • Blocker
    • 1.2.3.Final, 1.2.x
    • 1.2.2.Final
    • Gateway API
    • None

    Description

      When securing a downstream API using Basic Auth, APIMan is providing the scheme name in uppercase e.g. BASIC instead of Basic

      "headers": {
    "Authorization": "BASIC dXNlcm5hbWU6cGFzc3dvcmQ=",
  },

      According to the specification, Basic is the correct scheme to use.

      This is preventing the downstream server/service to recognise the Basic authentication header, as it only recognises the Basic scheme and not BASIC that APIMan is sending.

      Is this a configurable property? The majority of articles online refer to the Basic Authorization scheme. This is marked as a blocker as our current servers do not recognise the BASIC scheme.

      Attachments

        Activity

          People

            ewittman@redhat.com Eric Wittmann
            imran.qureshi_jira imran qureshi (Inactive)
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: