The headers of an HTTP request sent to Apache are set as environment variables, and can be accessed by an RPGLE CGI-program through the QtmhGetEnv API
The names of custom HTTP-headers are prefixed with “HTTP_”, which means that if you want to to retrieve a header called
XTOKEN you have to request the environment variable HTTP_XTOKEN.
However, when you want to retrieve the header
Authorization, which is commonly used as an authentication header, you will find that is is not passed to the CGI program. Neither
AUTHORIZATION will give you the value of the header. Apache simply doesn’t pass the Authorization header to the CGI program.
This can fortunately be solved by adding this line to your Apache config file:
SetEnvIf Authorization "(.*)" HTTP_AUTHORIZATION=$1
This line will set the value of the environment variable
HTTP_AUTHORIZATION to the value the authorization header received by Apache. This can now be retrieved by QtmhGetEnv.
I hope this helps you!