Provider that can extract username from a (any) header. This provider can also propagate username. This can be used for cases when user/service is authenticated on perimeter (e.g. we resolve client certificates on an apache instance and just get X-AUTH-USER header). For more modern frameworks, we can expect a JWT (JSON web token) and that is processed by a dedicated security provider.