Uploaded image for project: 'apiman (API Management)'
  1. apiman (API Management)
  2. APIMAN-1073

API Security > Basic Auth Header Scheme is sent in Upper case and not camelcase according to the Specification

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Done
    • Icon: Blocker Blocker
    • 1.2.3.Final, 1.2.x
    • 1.2.2.Final
    • Gateway API
    • None

      When securing a downstream API using Basic Auth, APIMan is providing the scheme name in uppercase e.g. BASIC instead of Basic

      "headers": {
    "Authorization": "BASIC dXNlcm5hbWU6cGFzc3dvcmQ=",
  },

      According to the specification, Basic is the correct scheme to use.

      This is preventing the downstream server/service to recognise the Basic authentication header, as it only recognises the Basic scheme and not BASIC that APIMan is sending.

      Is this a configurable property? The majority of articles online refer to the Basic Authorization scheme. This is marked as a blocker as our current servers do not recognise the BASIC scheme.

              ewittman@redhat.com Eric Wittmann
              imran.qureshi_jira imran qureshi (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Created:
                Updated:
                Resolved: