Authorize Access to a Given OSB Proxy Service Based on the HTTP Host Name (Doc ID 976022.1)

Last updated on SEPTEMBER 19, 2013

Applies to:

Oracle Service Bus - Version 10.3 and later
Information in this document applies to any platform.

Goal

In OSB, you like to authorize access to a given proxy service based on the HTTP host name used.
The documentation allows the use of a context property to check the client IP (com.bea.contextelement.alsb.router.inbound.request.metadata.http.client-host)

But you need a way to check the http host which, apparently, is present in the metadata:

[OSB Tracing] Inbound request was received.

Service Ref = 4way/Test-PS
URI = /FourthWay/Test
Message ID = 3085389641576108130-7396e979.12186e75679.-7f44
Request metadata =
<xml-fragment>
  <tran:headers xsi:type="http:HttpRequestHeaders" xmlns:http="http://www.bea.com/wli/sb/transports/http"     
          xmlns:tran="http://www.bea.com/wli/sb/transports"
          xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
     <http:Connection>Keep-Alive</http:Connection>
     <http:Content-Length>410</http:Content-Length>
     <http:Content-Type>text/xml;charset=UTF-8</http:Content-Type>
     <http:Host>host name</http:Host>
     <http:SOAPAction>""</http:SOAPAction>
     <http:User-Agent>Jakarta Commons-HttpClient/3.1</http:User-Agent>
     </tran:headers>
     <tran:encoding xmlns:tran="http://www.bea.com/wli/sb/transports">UTF-8</tran:encoding>
     <http:client-host xmlns:http="http://www.bea.com/wli/sb/transports/http">client host name</http:client-host>
     <http:client-address xmlns:http="http://www.bea.com/wli/sb/transports/http">10.20.30.40</http:client-address>
     <http:http-method xmlns:http="http://www.bea.com/wli/sb/transports/http">POST</http:http-method>
</xml-fragment>

Solution

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms