On our #apigateway* Version 9.1 I want to add an HMAC-MD5 #hashvalue to a processing instruction in a #activerequest Then the request will be routed to a backend service.
I added the processing instruction using a #xsltransformation and then use the #generatesecurityhash_assertion
Somehow this doesn't work, because the securityhash is not calculated over the request with new processing instruction, but over the original request.mainpart. Even when I set a new context variable to the request.mainpart (which has to be of message type), use the XSLT on this and generate the securityhash it still uses the original requestvalue.
I wonder if this hould work in this way....?
Or is it a bug?
The only solution to this behaviour I see is to send the request with processing instruction to a new internal policy which will calulate the hash.
But is this the way to do it?
With this I have 2 policies who are depending of each other.. Not what I want really...
Sebastian van Voorn.