Layer7 API Management

Hello All,

We have developed a generic service in API Gateway which allows authentication. Once authentication successful ,based on parameter request has to be routed to another service with in gateway itself.

We are able to route request to second service and getting response as "Authentication Required" to generic response even though sending valid credentials to it.

Two services are allowing same type of authentication mechanism.How to get proper response from second service when send request from generic.

Thanks in advance.

Regards,

Suneel

Hi Suneel,

What "authentication" required for the 2nd service? Basic authentication? client certificate authentication?

BTW: since the generic service has done the authentication, why you need authentication again on 2nd service? -- maybe just remove the authentication part in 2nd service?

Regards,

Mark

Hello Mark,

Both services  are required basic authentication.We want to expose either generic service or internal service based on customer i.e.internal or external type.

How do we do successful authentication for two services. 

What exactly the difference in making calls from browser and generic service mean browser can make two call once it got "Authentication Required" error.

Regards,

Suneel

Hello Suneel,

First, in generic policy, the route via http needs to be configured as "Never fail as long as target returns an answer" (on "Other" tab of its properties window).

Second, in generic policy, is the "Request Resource" of  the route via http = <Default Request> ?, or a context variable message?

If it's a context variable message, you need to add Authorization header = ${request.http.header.Authorization} to that context variable message. (using "Manage Transport Properties/Headers" assertion)

Regards,

Mark

Hi Mark,

Thanks for your response.

As suggested by you tried to send authorization in request header and got same issue.

I have changed slightly to meet the requirement by sending authorization header in  Headers tab Route Via HTTPS assertion.Now message got processed by second service successfully.

Regards,

Suneel

Glad to hear that the problem had been resolved.

Using "Manage Transport Properties/Headers" assertion should be good, too, just to remind that you may need to right click on the assertion to set the target message to the context variable, otherwise it will add the header to default request message.