Good afternoon,
I've reviewed your post and there are a few modifications to what you are attempting to do.
1. How regular expression works and i do not see much information in the documentation. In this case i want to restrict access based on the user name. Please see the screenshot 1.
Response: To check if value exists for a particular context variable, use the Compare assertion to check if the variable is blank and/or that the variable is equal to johnny. You can remove the Regular expression assertion from the first line.
Assertion XML snippet:
<?xml version="1.0" encoding="UTF-8"?>
<wsp:Policy xmlns:L7p="http://www.layer7tech.com/ws/policy" xmlns:wsp="http://schemas.xmlsoap.org/ws/2002/12/policy">
<wsp:All wsp:Usage="Required">
<L7p:ComparisonAssertion>
<L7p:CaseSensitive booleanValue="false"/>
<L7p:Expression1 stringValue="${request.http.parameter.username}"/>
<L7p:Operator operatorNull="null"/>
<L7p:Predicates predicates="included">
<L7p:item dataType="included">
<L7p:Type variableDataType="string"/>
</L7p:item>
<L7p:item binary="included">
<L7p:Negated booleanValue="true"/>
<L7p:Operator operator="EMPTY"/>
<L7p:RightValue stringValue=""/>
</L7p:item>
<L7p:item binary="included">
<L7p:RightValue stringValue="johnny"/>
</L7p:item>
</L7p:Predicates>
</L7p:ComparisonAssertion>
</wsp:All>
</wsp:Policy>
2. I have configured the logs but not able to see anything in the logs in API gateway, do I need to configure anything else?
Response: You can add in the audit detail assertion to see in the audit log and ssg log what transpired.
3. How to debug the assertions step by step in API Gateway?
Response: You can use either the policy debugger or debug tracing as outlined in this documentation link: Debug a Policy - CA API Gateway - 9.2 - CA Technologies Documentation
Sincerely,
Stephen Hughes
Director, CA Support