ASG
IBM
Zystems
Cressida
Icon
Netflexity
 
  MQSeries.net
Search  Search       Tech Exchange      Education      Certifications      Library      Info Center      SupportPacs      LinkedIn  Search  Search                                                                   FAQ  FAQ   Usergroups  Usergroups
 
Register  ::  Log in Log in to check your private messages
 
RSS Feed - WebSphere MQ Support RSS Feed - Message Broker Support

MQSeries.net Forum IndexWebSphere Message Broker SupportRESTRequest Node and HTTP Basic Authentication

Post new topicReply to topic
RESTRequest Node and HTTP Basic Authentication View previous topic :: View next topic
Author Message
catshout
PostPosted: Mon Jan 23, 2017 6:21 am Post subject: RESTRequest Node and HTTP Basic Authentication Reply with quote

Acolyte

Joined: 15 May 2012
Posts: 57

Dear community,

I'm trying to setup a REST call against an external resource that is secured by HTTP Basic Authentication.

The common thing described here
http://www.ibm.com/support/knowledgecenter/en/SSMKHH_10.0.0/com.ibm.etools.mft.doc/bp19260_.htm

is working in an usual way.

The RESTRequest Node should also allow the use of a Security Identity. This one I've created with the following command
Code:
mqsisetdbparms EIB001 -n rest::CHECKMOBILE -u <username> -p <password>


As described here
https://developer.ibm.com/integration/blog/2016/09/27/consuming-rest-apis-by-using-the-new-rest-request-nodes-in-ibm-integration-bus/#pnext_collapsible_7

the promise is

Quote:
The HTTP request nodes support HTTP Basic Authentication, but it is not a simple experience. The options include placing usernames and passwords into the Properties message tree, or using security policies, or building your own Authorization header.

The REST request node improves this by providing support for automatically handling HTTP Basic Authentication and API authentication keys using security credentials defined using the familiar mqsisetdbparms command.

This support requires that the Swagger document includes information on the security requirements for the REST APIs. ...


So far I've added a section to the Swagger that I'm using like

Code:
  "securityDefinitions" : {
    "CHECKMOBILE": {
      "type": "basic"
    }
  }


With this done the authentication doesn't work. Did I miss something here? Many thanks for any hints.

Best
- Gerald
Back to top
View user's profile Send private message
catshout
PostPosted: Mon Jan 23, 2017 7:02 am Post subject: Reply with quote

Acolyte

Joined: 15 May 2012
Posts: 57

Found it.

It's necessary to add the use of the security definition to the path definition in the Swagger file as well like

Code:
  "paths" : {
    "/v1/checkmobile/artikel" : {
      "get" : {
        "operationId" : "getArtikel",
        "responses" : {
          "200" : {
            "description" : "OK",
            "schema" : {
              "$ref" : "#/definitions/artikel"
            }
          },
          "401" : {
            "description" : "Authentifizierung erforderlich",
            "schema" : {
              "type" : [ "string", "null" ]
            }
          },
          "403" : {
            "description" : "Zugriff nicht gestattet",
            "schema" : {
              "type" : [ "string", "null" ]
            }
          },
          "404" : {
            "description" : "Ressource nicht gefunden",
            "schema" : {
              "type" : [ "string", "null" ]
            }
          },
          "500" : {
            "description" : "Interner Serverfehler",
            "schema" : {
              "type" : [ "string", "null" ]
            }
          }
        },
        "produces" : [ "application/json" ],
        "description" : "Retrieve artikel",
        "parameters" : [ ],
        "security" : [
          { "CHECKMOBILE": [ ] }
        ]


Last edited by catshout on Mon Jan 23, 2017 7:12 am; edited 1 time in total
Back to top
View user's profile Send private message
Vitor
PostPosted: Mon Jan 23, 2017 7:07 am Post subject: Reply with quote

Grand High Poobah

Joined: 11 Nov 2005
Posts: 25810
Location: Ohio, USA

On behalf of the greater community. thank you for posting the solution for the benefit of future readers.
_________________
Honesty is the best policy.
Insanity is the best defence.
Back to top
View user's profile Send private message
mqjeff
PostPosted: Mon Jan 23, 2017 8:15 am Post subject: Reply with quote

Grand Master

Joined: 25 Jun 2008
Posts: 17447

Vitor wrote:
On behalf of the greater community. thank you for posting the solution for the benefit of future readers.




_________________
chmod -R ugo-wx /
Back to top
View user's profile Send private message
Display posts from previous:
Post new topicReply to topic Page 1 of 1

MQSeries.net Forum IndexWebSphere Message Broker SupportRESTRequest Node and HTTP Basic Authentication
Jump to:



You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
Protected by Anti-Spam ACP


Theme by Dustin Baccetti
Powered by phpBB 2001, 2002 phpBB Group

Copyright MQSeries.net. All rights reserved.