i agree with johannes It seems AWS-cloud json sends YOUR_AWS_ACCOUNT_ID as cleartext since Authorization header is allowed:
"x-amazon-apigateway-integration": { "responses": { "default": { "statusCode": "200", "responseParameters": { "method.response.header.Access-Control-Allow-Methods": "'GET,OPTIONS'", "method.response.header.Access-Control-Allow-Headers": "'Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token'", "method.response.header.Access-Control-Allow-Origin": "'*'" } } }, to avoid MIM interception..could we populate username+password to the AWS service using Node.js ? var requestPromise = require('request-promise');var user = 'user';var password = 'password';var base64encodedData = new Buffer(user + ':' + password).toString('base64'); requestPromise.get({ uri: 'https://example.org/whatever', headers: { 'Authorization': 'Basic ' + base64encodedData }, json: true}) https://stackoverflow.com/questions/18264601/how-to-send-a-correct-authorization-header-for-basic-authentication [https://cdn.sstatic.net/Sites/stackoverflow/img/apple-touch-i...@2.png?v=73d79a89bded]<https://stackoverflow.com/questions/18264601/how-to-send-a-correct-authorization-header-for-basic-authentication> jquery - How to send a correct authorization header for ...<https://stackoverflow.com/questions/18264601/how-to-send-a-correct-authorization-header-for-basic-authentication> Join Stack Overflow to learn, share knowledge, and build your career. stackoverflow.com ? ________________________________ From: Johannes Geppert <jo...@apache.org> Sent: Wednesday, October 17, 2018 4:30 AM To: Struts Users Mailing List Subject: Re: A book of Struts +1 for new Struts2 book! Count on me for any help as well. Maybe Struts2 as micro service could be a topic as well? I made some experiments with Struts2 as AWS Lambda functions in the last time and it will be soon hopefully supported by AWS itself. See: http://www.jgeppert.com/2018/05/serverless-aws-lambda-performance-of-apache-struts2-vs-spring-boot/ https://github.com/awslabs/aws-serverless-java-container/issues/149 https://github.com/struts-community-plugins/struts2-cloud-support Best Regards Johannes Am Mi., 17. Okt. 2018 um 10:05 Uhr schrieb Yasser Zamani < yasserzam...@apache.org>: > Wow! No idea but please feel free to count on me (if you liked) on any > aspect of the book where I'm able to assist (if you needed or wished any). > > Kind regards. > > >-----Original Message----- > >From: Lukasz Lenart <lukaszlen...@apache.org> > >Sent: Wednesday, October 17, 2018 11:08 AM > >To: Struts Users Mailing List <user@struts.apache.org> > >Subject: A book of Struts > > > >Hi everyone, > > > >I would like to (finally ;-) write a book about the latest version of the > Apache > >Struts, probably targeting Struts 2.6. I wonder what kind of book this > should be: > >- an introduction from zero to a full blown app > >- a 101 good practices/examples > >- any other idea > > > >I hope you will give me some positive feedback to start working on this > task :) > > > > > >Kind regards > >-- > >Ćukasz > >+ 48 606 323 122 http://www.lenart.org.pl/ > > > >--------------------------------------------------------------------- > >To unsubscribe, e-mail: user-unsubscr...@struts.apache.org > >For additional commands, e-mail: user-h...@struts.apache.org > >