Expand my Community achievements bar.

Don’t miss the AEM Skill Exchange in SF on Nov 14—hear from industry leaders, learn best practices, and enhance your AEM strategy with practical tips.
SOLVED

Set and Pass Mulesoft client id and client secret in Proxy call

Avatar

Community Advisor

Hello members,

 

We have a requirement, where we need to route FE - Mulesoft calls via AEM Dispatcher. So, we are using Dispatcher rewrites 301 Redirect to pass FE request (which is AEM SPA components only) to Mule system.

Now, we need to set Mule client id and client secret in incoming request and redirect to Mule system from Dispatcher.

 

Any pointers would be helpful and sample code example will be add on

 

Thanks!

cc: @aanchal-sikka @Tanika02

1 Accepted Solution

Avatar

Correct answer by
Level 4

I've never done something like that. Only updated once request/response headers for the current request, not for remote.

Does it work with rewrite rules? I thought there must be a path on the same server, not a remote address. 

Or do you use some Apache module, like mod_proxy?

To update response headers I used this one:

 

<IfModule mod_headers.c>
  Header always set CLIENT_ID ${CLIENT_ID}			
</IfModule>

 

but it will update the headers that you send to the client. For the request it will be `RequestHeader set`, but I don't know if it works if you put it before RewriteRule.

 

Update: found a sample on Stackoverflow, you can try using <Location> directive.

<Location /api/mule/>
    Header set MULE_CLIENT_ID "clientId"
</Location>
...
RewriteRule ^/api/mule/(.*)$ https://mule.website/$1 [P]  

 

View solution in original post

9 Replies

Avatar

Community Advisor

301 redirects are cached by browsers, so these requests wouldn't even go to dispatcher once cached in browser. Any reason you are trying to do 301?

And I assume you want to pass client id and secret in headers?

Avatar

Level 4

Hi @iamnjain ,

 

I would create that not on dispatcher but using a proxy servlet on AEM, which will receive all requests from your fronted, fulfill it with that secure data that you don't want your website visitors to see (clientId, password, etc.), send to Mule or whatever and return the response back to the website. It won't be processed on the dispatcher, but you can configure rewrites or caching for those requests if you wish.

Avatar

Community Advisor

Hi @yuriy_shestakov 

 

I agree with you. So you are saying to hit AEM Publisher Instance server each time, these request comes in from Front-end using a Servlet which is deployed on AEM Publish Instance. Will it not create unnecessary load on AEM Instance?

Avatar

Level 4

It depends on how many requests you will have (it will be not ok if there are thousands of requests per second) + how many of them you can cache (if that is possible) - you can create a rewrite rule for such requests on the dispatcher to avoid cache skipping, like https://website.com/api/read-from-mule/some-param1-value/some-param2-value for frontend, which will be cached on browser and finally will be rewritten to something like https://mule-server/some/rest-api?param1=some-param1-value&param2=some-param2-value for Mule API and will be cached on dispatcher as well in the folder like /mnt/var/www/api/read-from-mule/some-param1-value... However, it needs to test and play with the dispatcher configuration to make it work well.

 

I didn't work with Mule, so don't know which authorization schemes it can work with, maybe you can create a servlet that will generate a new time-limited token per session or per user, so on frontend, you can hit that servlet once, store the token in browser's storage or cookies and then send requests directly to mule with that token?

Avatar

Community Advisor

Thanks @yuriy_shestakov for pointers.

So, I am trying to do that using rewrite rule to send request to Mule server. I need to set RequestHeader with client_id and client_secret.

 

How can I do that?

cc: @arunpatidar 

Avatar

Correct answer by
Level 4

I've never done something like that. Only updated once request/response headers for the current request, not for remote.

Does it work with rewrite rules? I thought there must be a path on the same server, not a remote address. 

Or do you use some Apache module, like mod_proxy?

To update response headers I used this one:

 

<IfModule mod_headers.c>
  Header always set CLIENT_ID ${CLIENT_ID}			
</IfModule>

 

but it will update the headers that you send to the client. For the request it will be `RequestHeader set`, but I don't know if it works if you put it before RewriteRule.

 

Update: found a sample on Stackoverflow, you can try using <Location> directive.

<Location /api/mule/>
    Header set MULE_CLIENT_ID "clientId"
</Location>
...
RewriteRule ^/api/mule/(.*)$ https://mule.website/$1 [P]  

 

Avatar

Community Advisor

I believe having AEM publisher as proxy is possible but not ideal as it is very expensive. We dont want to send traffic to publish that is unnecessary and can simply be handled by other system. Adobe IO could possible be one avenue you could check