Layer7 API Management

Hi Team,

The issue is related to CA API Gateway - Require Xpath Credentials assertion 

Gateway Version 9.3v

We are using Require Xpath Credentials assertion in our policy.This assertion not working if the password has special characters like ‘&,<’. Its straight way says ‘Failed to authenticate the user and in the logs it shows as

Logs: 20190328 10:20:42.980 WARNING 6600 Request not XML

It’s because ‘&’ and ‘<’ is not permitted in the XML. This is expected behaviour of XML.

How to make this work if the password has '&' and '<'

Please help.

Thanks,

Bhargavi.

Good morning Bhargavi,

The XPath Credential Assertion can also use context variables without the {} included. Swap out your assertion with the XML below and see if it works.

<?xml version="1.0" encoding="UTF-8"?>
<wsp:Policy xmlns:L7p="http://www.layer7tech.com/ws/policy" xmlns:wsp="http://schemas.xmlsoap.org/ws/2002/12/policy">
<wsp:All wsp:Usage="Required">
<L7p:XpathCredentialSource>
<L7p:OtherTargetMessageVariable stringValue="credentials"/>
<L7p:PasswordExpression xpathExpressionValue="included">
<L7p:Expression stringValue="$request.http.header.password"/>
<L7p:Namespaces mapValue="included">
<L7p:entry>
<L7p:key stringValue="s"/>
<L7p:value stringValue="http://schemas.xmlsoap.org/soap/envelope/"/>
</L7p:entry>
</L7p:Namespaces>
</L7p:PasswordExpression>
<L7p:Target target="OTHER"/>
<L7p:XpathExpression xpathExpressionValue="included">
<L7p:Expression stringValue="$request.http.header.username"/>
<L7p:Namespaces mapValue="included">
<L7p:entry>
<L7p:key stringValue="s"/>
<L7p:value stringValue="http://schemas.xmlsoap.org/soap/envelope/"/>
</L7p:entry>
</L7p:Namespaces>
</L7p:XpathExpression>
</L7p:XpathCredentialSource>
</wsp:All>
</wsp:Policy>

Sincerely,

Stephen Hughes

Broadcom Support

Hi Stephen,

It worked . 

Thank you.

Thanks,

Bhargavi.