I am using AWS EC2 for last pair of years. now I want to enable HTTPS on my lotion developed in ASP. NET WEB API with front-end in AngularJS. For that I made a CloudFront distribution. It has successfully loaded the electrostatic files and called the REST API on EC2 hosted in IIS. But unfortunately the custom headers have null as a value when the requests came from CloudFront to my beginning .
I have done the following relevant configurations on CloudFront distribution .
Following is my setting for custom origin headers. origin
Following is my setting for cache behaviors. cache behav

further setting included the take after :

  • Whitelist Cookies: Authorization, VDName
  • Query String Forwarding and Caching: Forward all, cache based on all
  • Origin Protocol Policy: HTTP Only
  • Viewer Protocol Policy: Redirect HTTP to HTTPS

My app has a login page where no Authorization is required. On successful login the app sets three custom-made headers .

  1. Authorization
  2. x-working-company
  3. x-working-branch

My app is successfully logging in the users but then logging them out automatically. so, To check this write out I wrote the watch little code in my Authorization class to check the header values .

valToUpd.Add("S6", "CHK1");
valToUpd.Add("S7", "Before Null");
valToUpd.Add("S8", request.Headers.Count().ToString());
valToUpd.Add("S9", request.Headers.GetValues("Authorization").Single());
valToUpd.Add("S10", request.Headers.GetValues("x-working-company").Single());
valToUpd.Add("S11", request.Headers.GetValues("x-working-branch").Single());
var toUpdt = "";
if (request.Headers.Any(x => x.Key == "Authorization"))
    toUpdt = "A-";
if (request.Headers.Any(x => x.Key == "x-working-company"))
    toUpdt += "C-";
if (request.Headers.Any(x => x.Key == "x-working-branch"))
    toUpdt += "B-";
var ds = request.Headers.Where(x => x.Key == "x-working-branch").Select(c => c.Value);
toUpdt += " br val = ";
foreach (var item in ds)
    foreach (var i in item)
        toUpdt += i + " - ";
valToUpd.Add("S12", toUpdt);
usersHelperAdo.Update("Users", whereClause, valToUpd); // Its my DAL method to update values in Users table as per the where clause.

And as expected the CloudFront do ahead the headers to my beginning but with nothing values. The results are as follows :
Database vals
Following is the FireFox developer modality, where my battlefront end is sending the request to CloudFront with all the custom headers with appropriate values. But then CloudFront is forwarding those headers to origin but making the values null .
FireFox developer mode

so, what am I doing ill-timed ? Why CloudFront pass null as a respect in my headers. Any help is highly appreciated. many Thanks !
I tried to hit the API ‘s with Postman and following are the screenshots .
The keep up shows my call to the Login method acting and as expected it returns the Auth nominal with other custom headers set in the reaction .
Postman Login
I extracted the ask headers from reply and send another GET request and received the pursue.

Postman GET call
It throws 403 forbidden mistake. Its weird that in browser dev mode it throws 401 Unauthorized error and in Postman it is 403 Forbidden .
Any serve. Thanks

Leave a Reply

Your email address will not be published.