HAProxy community

Validating HTTP Authorization parameters

Hi all,

Looking for guidance to validate if HTTP Authorization request contains digest header, username, nonce, uri values. Should I be using ACL and if so which one.

Thank you,
Sy

Hi,

You can use the b64dec converter to have access to string version of the Authorization header, then you can use ACLs to match.
https://cbonte.github.io/haproxy-dconv/2.0/configuration.html#b64dec

Maybe you can share some Authorization headers example, so we can be also more accurate in our answer…