Bin In that case its really easy.
This blog shows how to read those headers in the ESB and then you can simply write a filter mediator or router to send the message to the right place: http://warunapw.blogspot.co.uk/2011/11/how-to-read-http-headers-through.html Paul On 3 September 2012 08:27, Maeglin Vardamir <[email protected]> wrote: > Hi Paul, > > Yes. You are right. I did customize my reverse proxy to store CN in http > header. > > Regards, > Bin > > > On Mon, Sep 3, 2012 at 2:26 PM, Paul Fremantle <[email protected]> wrote: > >> Hi >> >> Is the reverse proxy part of the WSO2 ESB config or a separate server >> instance? >> >> I'm not sure this is possible to do if you have a reverse proxy in the >> way, because the reverse proxy will terminate the SSL connection and the >> SSL connection coming into the WSO2 ESB will just be the reverse proxies >> connection. If the client connects directly to the WSO2 ESB its possible to >> do what you want. If you must have a reverse proxy then you need a way of >> getting the CN from the reverse proxy to the WSO2 ESB (e.g. you could add >> it into an HTTP header). But this only works if you can customize the >> reverse proxy. >> >> Paul >> >> On 3 September 2012 03:13, Maeglin Vardamir <[email protected]> wrote: >> >>> Hello there, >>> >>> Here is my case. >>> >>> Client-------->Reverse Proxy-------->WSO2ESB proxy >>> service------->Backend webservices >>> https https >>> https >>> >>> I got several clients which connected the backend web service through >>> https connection. I have a local CA service to deliver certificates to >>> client, Reverse Proxy, Receiver and Sender of proxy service and backend >>> apache. >>> For now, I can get response from web service after making some changes >>> to configuration files. >>> >>> But I want more features. I want to re-direct request to different >>> endpoint according Common Name of the client's certificate. >>> >>> For example, I got one client. And I had two certificate for it to do >>> testing. One common name is Client1, the other one is Client2. The client >>> sent request to https://wso2esb_server:8243/services/echo. The WSO2ESB >>> proxy service would re-direct request to https://backend1/services/echoif >>> Common Name of the client's certificate is Client1. Otherwise, re-direct >>> the request to https://backend2/services/echo. >>> >>> Is it doable? How to do that? Any suggestion would be welcomed. >>> >>> Regards, >>> Bin >>> >>> _______________________________________________ >>> User mailing list >>> [email protected] >>> http://wso2.org/cgi-bin/mailman/listinfo/user >>> >>> >> >> >> -- >> Paul Fremantle >> CTO and Co-Founder, WSO2 >> OASIS WS-RX TC Co-chair, VP, Apache Synapse >> >> UK: +44 207 096 0336 >> US: +1 646 595 7614 >> >> blog: http://pzf.fremantle.org >> twitter.com/pzfreo >> [email protected] >> >> wso2.com Lean Enterprise Middleware >> >> Disclaimer: This communication may contain privileged or other >> confidential information and is intended exclusively for the addressee/s. >> If you are not the intended recipient/s, or believe that you may have >> received this communication in error, please reply to the sender indicating >> that fact and delete the copy you received and in addition, you should not >> print, copy, retransmit, disseminate, or otherwise use the information >> contained in this communication. Internet communications cannot be >> guaranteed to be timely, secure, error or virus-free. The sender does not >> accept liability for any errors or omissions. >> >> > -- Paul Fremantle CTO and Co-Founder, WSO2 OASIS WS-RX TC Co-chair, VP, Apache Synapse UK: +44 207 096 0336 US: +1 646 595 7614 blog: http://pzf.fremantle.org twitter.com/pzfreo [email protected] wso2.com Lean Enterprise Middleware Disclaimer: This communication may contain privileged or other confidential information and is intended exclusively for the addressee/s. If you are not the intended recipient/s, or believe that you may have received this communication in error, please reply to the sender indicating that fact and delete the copy you received and in addition, you should not print, copy, retransmit, disseminate, or otherwise use the information contained in this communication. Internet communications cannot be guaranteed to be timely, secure, error or virus-free. The sender does not accept liability for any errors or omissions.
_______________________________________________ User mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/user
