Layer7 API Management

Hi All,

    Request is validating 2 times.

    1. Validating headers -- Failing with 401 error

    2. Getting success

  I am only seeing this in my logs but customer sending only once. Please find the error details below.

When i try to put the service debugger i always seen 401 because first time its validating header and failing then its validating request and providing the output to customer.

Even in dashboard i could see each request 2 times , 600 assertion falsified and other getting success.

Below is the configuration I have done for my service

Please suggest me to over come this.

Thanks in advance.

Thanks&Regards

Rajasekhar

Hi rajasekhar33

The Require HTTP Basic Credential assertion will prompt for username/password from browser like clients, that will appear like tow requests coming into the gateway, first one will respond with 401 no credentails found. If the client is something like a java application, you can add Authorization header for http basic authentication up front to avoid this.

Regards,

Anand

Hi Anand,

   Thanks so much. Could you please provide the Authorization header details to use in Layer7 configuration.

Thanks&Regards

Rajasekhar

Header name: Authorization

Value: base 64 encrypted value of username:password

Thank you Anand,

But Sorry i am unable to understand this.Could you please take my configuration as bench mark and tell me where do i need to make this authorization?

Where I need to add header name?

Will it be under HTTP Basic?

Thanks&Regards

Rajasekhar

Hi Anand,

     Please provide the configuration details. It will be helpful alot.

Thanks&Regards

Rajasekhar

The header needs to be added while making call to your web api. This is not anything to be configured inside your policy

Hi Anand,

     Is there any other way to get the request always one time from customer?

     Any configuration changes in Layer7 may help on this?

Thanks&Regards

Rajasekhar

Rajasekhar,

The "Require HTTP Basic Credentials" assertion is expecting an "Authorization" header to be present in the request. If the header is not present in the request, the API Gateway returns a 401 Unauthorized to the client application (browser). A browser graciously handles this by prompting the end-user with a dialogue box to provide credentials. Once credentials are entered by the user, the browser then recreates a new request with the "Authorization" header this time, and sends through this new request. This is why there are two distinct requests. The only way to have "one request" in this instance is if the client application sends through the Authorization header in the first request.

Note that not all clients graciously handle the 401 Unauthorized like a browser will do. If you use a REST client without specifying credentials beforehand, you will simply get a 401 back with no prompt for credentials.

Regards,

Azad

Hi Azad,

     Thank you for explaining but still when i use SOAPUi with auth type as "Global HTTP Settings" i am seeing 2 times request to Layer7 Gateway. If I use auth type "preemptive" i am getting only single request.

    How can i avoid this? I am unable to track the request in audit logs or service debugger when i try auth type as "Global HTTP Settings".

    Please suggest me.

Thanks&Regards

Rajasekhar

Rajasekhar,

SoapUI's Global HTTP Setting has the following field:

Authenticate Preemptively: "Adds authentication information to outgoing request"

By default, this setting is unchecked, meaning SoapUI does NOT send the Authorization header on the initial request when Auth Type = Global HTTP Settings. You can over-write this for each individual request by selecting Auth Type = Preemptive, or you can check the box in the HTTP Settings so that the default is "preemptive".

If you want the Authorization header to be present in the initial request within SoapUI, then you need to either set the Auth Type to "preemptive", or change the default behavior under File > Preferences > HTTP Settings > and check the box next to "Authenticate Preemptively"

Regards,

Azad

Thank you