How do I capture HTTP headers set by Web Agents (All versions) in Apache HTTP server using a Perl script?
The purpose of this article is to guide you through creating and executing a Perl® script that will capture user profile attributes set in HTTP headers by Apache™ Web Agents.
2 readers recommend this article
Configuring the Web agent to publish User profile attributes
You can configure user profile attributes to be set as HTTP headers, such as 'name', 'mail' etc. See Attribute processing for further information.
Creating a Perl script to capture HTTP headers in the Apache HTTP server
- Enable the CGI module in the Apache HTTP server. Instructions are available here.
- Update the main server configuration file as follows to allow the Apache HTTP server to execute Perl scripts: <Directory /var/www/> Options Indexes FollowSymLinks Options +ExecCGI AddHandler cgi-script .cgi .pl AllowOverride None Require all granted </Directory>
- Add the following Perl script (dumpHeaders.pl) to the required site: #!/usr/bin/perl print "Content-type: text/html\n\n"; print "HTTP Header: \n"; print "\n"; for (sort(keys(%ENV))) { print "$_ = $ENV{$_}<br>\n"; }
- Restart the Apache HTTP server.
- Update your AM policies to allow user access to the Perl script you created: http://<HTTPServerIP:HTTPServerPort>/dumpHeaders.pl
- Navigate to your Perl script: http://<HTTPServerIP:HTTPServerPort>/dumpHeaders.pl. After successful authentication, the HTTP headers will be displayed, for example: HTTP Header: AUTH_TYPE = AM CONTEXT_DOCUMENT_ROOT = /var/www/html CONTEXT_PREFIX = DOCUMENT_ROOT = /var/www/html GATEWAY_INTERFACE = CGI/1.1 HTTP_ACCEPT = text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 HTTP_ACCEPT_ENCODING = gzip, deflate HTTP_ACCEPT_LANGUAGE = en-US,en;q=0.5 HTTP_CONNECTION = keep-alive HTTP_COOKIE = amlbcookie=01; iPlanetDirectoryPro=AQIC5wM2LY4SfcyL0lPgoiFi2wGeyg4Kw_xuyekSlb1_YX0.*AAJTSQACMDIAAlNLABQtNzMxNDgyNjAxNjIyNTI5OTM1MQACUzEAAjAx* HTTP_EMAIL = user1@gmail.com HTTP_HOST = customers.sample.com:8443 HTTP_NAME = user1 HTTP_REFERER = https://customerslogin.sample.com/am/UI/Login?goto=http%3A%2F%2Fcustomers.sample.com%3A8443%2FdumpHeaders.pl HTTP_USER_AGENT = Mozilla/5.0 (Macintosh; Intel Mac OS X 10.11; rv:44.0) Gecko/20100101 Firefox/44.0 PATH = /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin QUERY_STRING = REMOTE_ADDR = 192.168.56.1 REMOTE_PORT = 55212 REMOTE_USER = user1 REQUEST_METHOD = GET REQUEST_SCHEME = http REQUEST_URI = /dumpHeaders.pl SCRIPT_FILENAME = /var/www/html/dumpHeaders.pl SCRIPT_NAME = /dumpHeaders.pl SERVER_ADDR = 192.168.56.104 SERVER_ADMIN = webmaster@localhost SERVER_NAME = customers.sample.com SERVER_PORT = 8443 SERVER_PROTOCOL = HTTPS/1.1 SERVER_SIGNATURE = Apache/2.4.7 (Ubuntu) Server at customers.sample.com Port 8000 SERVER_SOFTWARE = Apache/2.4.7 (Ubuntu)
Note
These HTTP headers can't be captured by tools like LiveHTTP headers, SAML tracer etc as they are not visible in the user's browser. HTTP headers are injected by the agent just before redirecting the user to the requested resource. This is explained in more detail in FAQ: Configuring Agents in Identity Cloud and AM (Q. Why can't I see the http_header attributes in the browser?).
See Also
FAQ: Configuring Agents in Identity Cloud and AM
Apache Tutorial: Dynamic Content with CGI
Related Training
N/A
Related Issue Tracker IDs
N/A