Light Dark Auto

Inheaders

Derive Client Certificate HTTP headers

GSLHTTPAvailable since: v1
The Inheaders filter sets up HTTP request headers on all incoming traffic. The headers that will be applied by this filter are outlined in the table below. Inheaders should only be configured on TLS-enabled Listeners to allow Impersonation.

Upon enabling the Inheaders filter, the following headers will be applied to requests passing through the Edge Proxy:

  • USER_DN - Certificate’s DN value (if user_dn header exists in the incoming request, this filter will not alter the header value).
  • SSL_CLIENT_S_DN - Certificate’s DN value.
  • EXTERNAL_SYS_DN - Certificate’s DN value (only if the incoming request has user_dn header set).
  • X-REAL-IP - The remote address of the incoming request.
  • X-FORWARDED-FOR - Certificate’s DN value.

Configuration

The base GSL type is #InheadersFilter

debug

Boolean

If true, filter debug logging is enabled. Default is false.

Example

Setting debug to true is useful for debugging, but is not a replacement for the Audit filters.

gsl.#InheadersFilter{
  #options: {
    debug: true
  }
}