I want to add caching to the application we have exposed over APIM. My preferable way would be to add cache-control headers to the responses from the client. Can I configure Azure APIM to respect Cache-Control headers that are part of the response from the underlying service? All the documentaition I can find is how to configure all caching policies and rules in APIM, where I just want a simple rule that says "respect the headers from the underlying service".
There is no built-in policy just for that, but you can craft such mechanism yourself using the policies you have available. Here is the example how to control API Management response cache duration with Cache-Control headers sent by the backend service.
By looking at the example above you can try to handle other directives.
Related
I am trying to call the Azure-hosted API endpoint using a 3rd party application. Application sends the HTTP request with the header values ContentType = "*/*";
Azure Application Gateway WAF blocks the request showing the below diagnostics logs.
I am aware that, I can add an exclusion in the Web Application Firewall settings, however, I am not able to extract the Request Header Name since the logs do not show the value due to the wildcard(ContentType = "*/*";) content type sent by the 3rd party app.
I added the below rule, but it is still blocking the request.
How can I allow the request via the AGW?
Please find the logs below.
Thanks in advance.
Is CORS supported in Standard edition of Azure CDN or is it only available in premium tier. I am looking for "wildcard or single origin scenario"
This is what they mention in the below link
CORS on Azure CDN will work automatically with no additional
configuration when the Access-Control-Allow-Origin header is set to
wildcard (*) or a single origin.
https://learn.microsoft.com/en-us/azure/cdn/cdn-cors#wildcard-or-single-origin-scenarios
#juunas, As the comment, the document states that, standard Azure CDN allows for multiple origins is to use query string caching.
Enable the query string setting for the CDN endpoint and then use a
unique query string for requests from each allowed domain. Doing so
will result in the CDN caching a separate object for each unique query
string. This approach is not ideal, however, as it will result in
multiple copies of the same file cached on the CDN.
So, the best way is to use Azure CDN Premium from Verizon, which exposes some advanced functionality. If so, you will need to create a rule to check the Origin header on the request. If it's a valid origin, the Access-Control-Allow-Origin header with the origin provided will be set in the request. If it's not, this header will be omitted by the rule and the browser also will reject the request.
Just set the Access-Control-Allow-Origin on your origin server. Standard Azure CDN will respect your CORS header. Its working just fine for me. I am glad I tried setting the header on the origin server instead of upgrading to the Premium CDN.
We have API exposed to our customers through API Management. The security is handled using subscription key which is expected in "Ocp-Apim-Subscription-Key" header.
One of our methods supports polling trigger specifications, with "Location" and "Retry-After" header in response. For one of our customers we want to create Logic Apps, that would fire some actions on this trigger.
We set up HTTP trigger where we provided "Ocp-Apim-Subscription-Key" header in inputs parameters.
Here is the problem. The header is added only to the first request. Subsequent requests using "Location" url don't have this "Ocp-Apim-Subscription-Key" header, so they are rejected by API Management proxy.
I verified that header is in fact missing with some mock API, so it's definitely on Logic Apps end.
Does anyone have any idea how to resolve it?
I need to call a rest service using HTTPS as part of my SI flow. I may additionally have to send user name and password as headers to authorize my access. What are the tools available to configure this in spring integration?
Thank You
HTTPS should "just work".
You can set headers with a header enricher and set mapped-request-headers on the outbound gateway to ensure your headers are mapped.
For more sophistication, you can customize the RestTemplate and inject it into the outbound endpoint.
See here for an example of configuring the underlying request factory.
ETags are required to be quoted but Azure CDN generates ETags that are not quoted. Has anyone seen or do you expect problems with intermediate caches because of this?
How do you distribute your CDN content? Are you using a Windows Azure Web Role or just CDN configuration? It would be interesting to see how do you verify the ETAG does not have quote.
I just check with both the sources and in the HTTP header they both shows within the quote so would u please check the HTTP Headers and verify how it is listed.