To Obtain Credentials of Authenticated Users
In some cases, you might want to get information about externally authenticated users who use your API. You can place the following script between the inbound and outbound endpoints of the proxy application to which you applied the policy. The script executes after the enforcement of the policy:
<expression-component>
message.outboundProperties.put('X-Authenticated-userid', _muleEvent.session.securityContext.authentication.principal.username)
</expression-component>This script stores the user name in the mule message as an outbound-property named X-Authenticated-userid. The HTTP Connector, used to generate the proxy’s output, transforms any outbound properties that reach it into HTTP message headers. In this way the message that reaches the API after passing through your proxy includes an HTTP header named X-Authenticated-userid, containing the user name.
You can modify this code to change the name of the header being created.