1

My Angular 2 application is behind a reverse proxy that add HTTP headers like: 

Auth-User: somebody 
Auth-Groups: something, something, ...

How can I read these values from my Angular 2 application? Note that I am not:

  • making a new http call,
  • doing a username/password login, add something to sessionStorage that I can use in a CanActivate

Basically I need to support a SSO scheme based on trusted HTTP headers from the very first time a browser hits my server.

Any ideas?

Lars

Lars Nielsen
  • 365
  • 1
  • 2
  • 14
  • It is not possible to get the headers from current page with JS. See this http://stackoverflow.com/questions/220231/accessing-the-web-pages-http-headers-in-javascript – Estus Flask Jul 15 '16 at 13:52

1 Answers1

1

I realize that it cannot be done directly. Angular is client oriented and heavily sandboxed by the browser, so it is only the server that is able to access the necessary headers. What I have come up with is:

  • get some user settings service on the server. Includes the user and groups information the response. Service calls to the server cannot of course trust the client's view on who is the current user and group membership. The is the one I chose
  • Use Universal Angular, which is server side oriented. In my case it didn't fit the culture of the company.

So instead of doing a basic authentication scheme like most examples/tutorials use, the solution is just getting the headers values wrapped in a service call.

Lars Nielsen
  • 365
  • 1
  • 2
  • 14