How to configure Dynamic Basic Authentication for BW 6
Article ID: KB0074891
Updated On:
| Products | Versions |
|---|---|
| TIBCO ActiveMatrix BusinessWorks | TIBCO ActiveMatrix BusinessWorks 6.x |
Description
Basic Authentication is achieved in a static way when a HTTP Client resource uses an Identity resource which stores the Username/Password credentials.
Basic Authentication can be achieved in a dynamic way where the credentials can be provided at runtime.
Basic Authentication can be achieved in a dynamic way where the credentials can be provided at runtime.
Issue/Introduction
How to configure Dynamic Basic Authentication for BW 6
Environment
All
Resolution
To achieve Dynamic Basic Authentication without requiring a restart of the BW application you can configure the request sent by BW to include the Dynamic Header "Authorization" and the respective value which would contain the required credentials.
With this dynamic approach when using the HTTP Client resource you shouldn't use an Identity resource for it because the Username/Password values will be provided via the Dynamic Header rather than the Identity resource.
Furthermore if the dynamic approach is used in combination with using an Identity resource then it is observed that the "Authorization" header is sent 2 times in the request.
Please see the attached demo application "DynamicBasicAuthenticaionSOAP" where the SOAP over HTTP sample "ZipCodeServiceProvider" is modified accordingly.
A Set Context activity before Invoke SOAP is used to generate and also to store the value for the Authorization header.
The Dynamic Header "Authorization" is added for each required Operation of the respective Service via Binding > ... > Request Context.
A Policy has been added to the SOAP service ZipPort to enforce Basic Authentication by utilising XML File Authentication.
Using the XML file approach is for demonstrative purposes for this demo application, in many scenarios it is recommended and more appropriate to use LDAP Authentication.
For an example of how this is done with HTTP Request activity instead of using Invoke SOAP please see the attached demo application "DynamicBasicAuthentication" where the sample "HTTPReceiver" is modified accordingly.
Please see the attached screenshot "REST" for where the Dynamic Header "Authorization" can be added accordingly for Invoke REST.
With this dynamic approach when using the HTTP Client resource you shouldn't use an Identity resource for it because the Username/Password values will be provided via the Dynamic Header rather than the Identity resource.
Furthermore if the dynamic approach is used in combination with using an Identity resource then it is observed that the "Authorization" header is sent 2 times in the request.
Please see the attached demo application "DynamicBasicAuthenticaionSOAP" where the SOAP over HTTP sample "ZipCodeServiceProvider" is modified accordingly.
A Set Context activity before Invoke SOAP is used to generate and also to store the value for the Authorization header.
The Dynamic Header "Authorization" is added for each required Operation of the respective Service via Binding > ... > Request Context.
A Policy has been added to the SOAP service ZipPort to enforce Basic Authentication by utilising XML File Authentication.
Using the XML file approach is for demonstrative purposes for this demo application, in many scenarios it is recommended and more appropriate to use LDAP Authentication.
For an example of how this is done with HTTP Request activity instead of using Invoke SOAP please see the attached demo application "DynamicBasicAuthentication" where the sample "HTTPReceiver" is modified accordingly.
Please see the attached screenshot "REST" for where the Dynamic Header "Authorization" can be added accordingly for Invoke REST.
Attachments
Feedback
Yes
No
Powered by
