| |
|
RSS Feed - WebSphere MQ Support
|
RSS Feed - Message Broker Support
|
  |
|
| Basic Auth Problem |
« View previous topic :: View next topic » |
| Author |
Message
|
| freddyquirozsolano |
 Posted: Thu Mar 15, 2018 9:10 am Post subject: |
 |
|
Newbie
Joined: 13 Mar 2018
Posts: 3
|
Hi.
I have a question, could you please help?
My swagger file included two more parameters, not only user and password.
"security" : [ {
"busiID" : [ ],
"chanID" : [ ],
"user" : [ ],
"password" : [ ]
} ]
I can make a call via SoapUI, but for that i need to add the four parameters in the header section.
Do I need to create a security definition on the broker and change the swagger file to reflect it?
If this is the case, how can add the aditional parameters when i use the command:
mqsisetdbparms EIB001 -n rest::CHECKMOBILE -u <username> -p <password>
Or do I Need to pass the parameter in the header section? If this is the case, how i have to do it with ESQL?
Or how could you manage this scenario?
Thank you in advance. |
|
| Back to top |
|
 |
| Vitor |
| Posted: Thu Mar 15, 2018 9:14 am Post subject: |
|
|
Grand High Poobah
Joined: 11 Nov 2005
Posts: 26093
Location: Texas, USA
|
| freddyquirozsolano wrote: |
| how could you manage this scenario? |
Are you actually trying to authorize / authenticate with all 4 parameters, or is your problem that user id & password are not the 1st 2 parameters?
Do you really have user id & password in clear text in the JSON payload (as described by your SWAGGER document) rather than in a more secure location? If so, does your site's security team know & have they signed off on this?
_________________
Honesty is the best policy.
Insanity is the best defence. |
|
| Back to top |
|
|
| freddyquirozsolano |
| Posted: Thu Mar 15, 2018 10:35 am Post subject: |
|
|
Newbie
Joined: 13 Mar 2018
Posts: 3
|
Hi.
Yes I'm trying to authenticate with all 4 parameters (they aren't optional). Just to clarify, Its a webservice outside my company, we did not programm this. There are other measures already taken for security.
To the other question, Yes its just like that. The parameters in that section of the swagger document, but not in the body content as I see.
When I make the call from soapui i have to add the 4 parameter in the headers section, like this:
[img]https://ibb.co/moecQH[/img]
https://ibb.co/moecQH
So Im new to the rest request node. Im always using soap and one time a rest request but simple throught http node request.
Really dont know how to pass the 4 parameters using ESQL for the header.
Really, thank you in advance for your advice. |
|
| Back to top |
|
|
| Vitor |
| Posted: Thu Mar 15, 2018 11:16 am Post subject: |
|
|
Grand High Poobah
Joined: 11 Nov 2005
Posts: 26093
Location: Texas, USA
|
| freddyquirozsolano wrote: |
| To the other question, Yes its just like that. The parameters in that section of the swagger document, but not in the body content as I see. |
I think the swagger snippet you posted is misleading 
| freddyquirozsolano wrote: |
When I make the call from soapui i have to add the 4 parameter in the headers section, like this:
[img]https://ibb.co/moecQH[/img]
https://ibb.co/moecQH |
Ok, so understand I can't see those screen prints (my site is a little paranoid on web sites - don't take it personally).
| freddyquirozsolano wrote: |
| Really dont know how to pass the 4 parameters using ESQL for the header. |
The same way you do for a SOAP request that uses Basic Auth rather than WS-Security. Both SOAP and REST travel over HTTP and therefore have the header structure in common.
_________________
Honesty is the best policy.
Insanity is the best defence. |
|
| Back to top |
|
|
|
|
|
| |
|
Page 1 of 1 |
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
|
|
|
