Hello,
As Emmanuel.Champommier said, we already are in this configuration.
Here is a description of the different tests we made. In each case, the configuration of the “Route via HTTP” assertion is the following:
- Authentication: Use http Credentials from Request
- Headers: Nothing checked
- HTTP: Use Keep-Alive
- Proxy: Do not use an HTTP proxy
- Other:
- Request WS-Security Header Handling: Don’t modify the request Security header
- Assertion Outcome: Never fail as long as target returns an answer
Test 1: Direct call: Result is OK
The service is responding correctly with the authentication process (two 401 results and one 200 result).
Test 2: Including the “Route via HTTP” in an “Handle Errors” assertion: Result is OK
In this case, the HTTP authentication is processed correctly, with 401 result codes and WWW-Authenticate headers transmission between CA API Gateway and client application (checked using Fiddler proxy):
==> Problem: When the “Route via HTTP” returns an error (401 for authentication for example), the service execution process is automatically stopped right after the assertion, and then some actions are not executed (logs, etc)
Test 3: Including the “Route via HTTP” in a “At least one assertion must evaluate to true” and with an error processing action after: Result is KO
In this case, WWW-Authenticate headers are missing in the response to the client application, while response from backend to gateway is correct:
==> Errors returned by “Route via HTTP” are intercepted correctly, but it seems the error response from gateway to client in this case does not contains the response from backend to gateway headers.
Is there a way to catch all the “Route via HTTP” errors, and then access and return the full content of the response from backend? Are we treating our log/error problem the right way?