The SOAP Authorization Policy is nearly identical to the Authorization policy, with the exception that it accepts a SOAPAction in the HTTP header. Make sure to set either the Basic Authentication or the Keycloak OAuth policy as a precondition. Option Forwarding roles must be enabled on the used policy.
This policy will only accept a single SOAP Action header. It will not extract the operation name from the SOAP body.
Configuration Options
Basic Configuration
| Option | Description | Possible Values | Default |
|---|---|---|---|
| SOAP Action | Defines the SOAPAction the policy should be applicable to. Regular expressions must be written in Java syntax. | a string | - |
| Role | The role that must be assigned to the user if this pattern matches the request. | a string | - |
Click Add to create more rows in the table. Click Delete to remove selected rows. | |||
| Multiple Match Action | Define the action for when authorization rules match. |
| any |
| Unmatched Request Action | Define the action for when authorization rules do not match. |
| pass |
Overview
Content Tools