New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
How to add multiple headers with the same name from extauth response to upstream #2983
Comments
unfortunately, the way envoy ext_authz filter is written today, it only allows setting a header, or appending (value will be added to existing header, separated by a comma). this is the relevant code: to enable this use-case, an envoy PR will be needed to support |
Thanks for the reply! |
…tream (#11158) This patch adds allowed_upstream_headers_to_append to allow sending multiple headers with the same name to upstream. Relevant issue: solo-io/gloo#2983. Risk Level: Low Testing: Unit tests. Docs Changes: Added. Release Notes: Added. Fixes #11156 Signed-off-by: weixiao-huang <hwx.simle@gmail.com>
…tream (#11158) This patch adds allowed_upstream_headers_to_append to allow sending multiple headers with the same name to upstream. Relevant issue: solo-io/gloo#2983. Risk Level: Low Testing: Unit tests. Docs Changes: Added. Release Notes: Added. Fixes #11156 Signed-off-by: weixiao-huang <hwx.simle@gmail.com> Mirrored from https://github.com/envoyproxy/envoy @ dcf34972d1bc15324835c40dfd7a780e8fc69d72
…tream (envoyproxy#11158) This patch adds allowed_upstream_headers_to_append to allow sending multiple headers with the same name to upstream. Relevant issue: solo-io/gloo#2983. Risk Level: Low Testing: Unit tests. Docs Changes: Added. Release Notes: Added. Fixes envoyproxy#11156 Signed-off-by: weixiao-huang <hwx.simle@gmail.com>
…tream (envoyproxy#11158) This patch adds allowed_upstream_headers_to_append to allow sending multiple headers with the same name to upstream. Relevant issue: solo-io/gloo#2983. Risk Level: Low Testing: Unit tests. Docs Changes: Added. Release Notes: Added. Fixes envoyproxy#11156 Signed-off-by: weixiao-huang <hwx.simle@gmail.com> Signed-off-by: yashwant121 <yadavyashwant36@gmail.com>
As mentioned in gloo's documentation: https://docs.solo.io/gloo/1.2.0/api/github.com/solo-io/gloo/projects/gloo/api/v1/enterprise/options/extauth/v1/extauth.proto.sk/#response, I can set
allowedUpstreamHeaders
to ask gloo to add headers sent from extauth response then send to upstream. But I can't add multiple headers with the same name becaseNote that coexistent headers will be overridden.
However, in kubernetes authenticating proxy: https://kubernetes.io/docs/reference/access-authn-authz/authentication/#authenticating-proxy, I have to add multiple headers with the same
--requestheader-group-headers
name if this user belongs to multiple groups.Any chances that I can use gloo as kubernetes authenticating proxy?
The text was updated successfully, but these errors were encountered: