Hi, I have an application in internal network with no public internet
I want NGINX API gateway deployed in public exposed network that
authenticates incoming HTTP, and rest service traffic and then relays the
traffic to upstream servers.
Similarly I want the NGINX API Gateway to authenticate SOAP requests also.
But SOAP has its own WS security, and I believe SOAP request should not have
any sessionid or token for web authentication. So this means API gateway
will not be able to perform authentication as its doing for
normal http and rest service traffic.
What should be the best solution to secure a SOAP service behind a NGINX API
gateway ? Or it should not be protected by NGINX API Gateway module ?