Hi there,
it seems we have some APIs, which will be accessed with a JWT, but where the client is not using a compliant header format. Means the type of authentication is missing. In this case the word "Bearer" is missing. The policy seems to be successfully, but a WARNING error will be logged in the ssg-log like this:
WARNING 9267 com.l7tech.common.http.prov.apache.components.HttpComponentsClient: Bad Authorization header presenteyJhbGciOiJSUzI1N.....
This is flooding our ssg-log and other maybe more important errors are hard to find. Therefor the question, if it's somehow possible to exclude this error from being logged. Or something like decreasing the severity of this type of error, that it will not be catched anymore.
Yes, we already informed our customers about that, but reacting and fixing this on there side will take a while.
Thank you!
Ciao Stefan