I'm having a question about using a "Resuts Asyncronous" - action in a response-rule and propagating user-credentials.
This is my environment:
- I have a XML-FW for my busines-service called "ServiceA"
- The XML-FW-Policy has a client-to-server-rule and a server-to-client-rule where I'm doing xsd-validation and logging
- the business-service "ServiceA" needs user-authentication. Therefore, the user-credentials are in the HTTP-Basic-Auth-Header of the request to "ServiceA"
- Until here, everything works fine...
Now, I would like to add the following behaviour to my policy:
- In our company, we have a central statistics-service for "meta-information" about requests (user, duration, result, ...)
- In the response-rule of my xml-fw-policy I want to add a "Resuts Asyncronous" - action for a call-out the the statistics-service
- This has to be an asyncronous call ("fire&forget"), because problems with the statistics-service should not influence the business-service
- My statistics-service also needs user-authentication, so I have to propagate the HTTP-Basic-Auth-Header from the request-to "ServiceA" to my call-out
Now my problem:
- The HTTP-Headers of the request are not propagated to the "Results Asynchronous" - action by default. Maybe that is the way it should be, because I'm in the response rule, where the Basic-Auth-Header is not set.
And finaly my question:
How could I tweak the HTTP-Headers of a "Result Asynchronous" - action? Especially in a response rule?
Thanks for your help!