Layer7 API Management

  • 1.  Require HTTP BASIC Credentials Assertion

    Posted Jan 04, 2018 06:33 AM

    Hi,

    We are trying to implement authentication for below cases.

     

    1. If API services gets authorisation header with Token .* then token will be routed to one target system for authentication validation.

    2. If service does not get authorisation header with Token .* then included Require HTTP BASIC Credentials Assertion and LDAP for authentication validation.

    During the testing we are not passing authorisation header with Token .* hence service is not prompting for login credentials. Above logic is written is as follows.

     At least one Assertion condition
          All Assertion
             compare statement for authorisation header with Token
             Route via assertion to route token for authentication
       All Assertion
             Require HTTP BASIC Credentials Assertion
             LDAP for basic authentication validation
       All Assertion
          Error throwing logic

     

    Regards, Suneel



  • 2.  Re: Require HTTP BASIC Credentials Assertion

    Broadcom Employee
    Posted Jan 04, 2018 11:23 AM

    Hi Suneel,

     

    Is the above logic not working as you expect? Can you provide a sample of the policy you have put together?

     

    Regards,

    Joe



  • 3.  Re: Require HTTP BASIC Credentials Assertion
    Best Answer

    Broadcom Employee
    Posted Jan 04, 2018 02:57 PM
      |   view attached

    A small sample of what I believe you are looking for. This policy assumes you are passing a bearer token in the authorization header and looks specifically for it.

    If it exists it will route to google, if not it will prompt for UID/PW and authenticate against the internal IDP (can easily be modified for LDAP), else it fails with a custom message.

     

    Regards,

    Joe



  • 4.  Re: Require HTTP BASIC Credentials Assertion

    Broadcom Employee
    Posted Jan 08, 2018 09:42 AM

    Hi saisuneel,

     

    Please let me know if the policy provided has proven useful.

     

    Regards,

    Joe   



  • 5.  Re: Require HTTP BASIC Credentials Assertion

    Posted Jan 10, 2018 01:41 AM

    Hi Joe,

     

    I'm able to handle what I'have looked by changing logic in policy.

    Thank you for your help.

     

     

    Regards,

    Suneel