all request parameters are accessible via ${request.http.parameter.<name>}
e.g. ${request.http.parameter.username} & ${request.http.parameter.username}
-- At least one folder
-- Add all folder
---- set context variable ${username} = ${request.http.parameter.username}
---- set context variable ${password} = ${request.http.parameter.username}
----- compare variable to see username and password have values compare ${username} & ${password} is not empty [2 compare]
-- Add all folder
----- comment to deal with request body
------ Evaluate JSON path expression ${request} evaluate $.username as user
------ Evaluate JSON path expression ${request} evaluate $.password as pwd
---- set context variable ${username} = ${user.result}
---- set context variable ${password} = ${pwd.result}
------ compare variable to see username and password have values compare ${username} & ${password} is not empty [2 compare]
--- FAIL
Create a context variable creds of type XML
<creds>
<username>${username}</username>
<password>${username}</password>
</creds>
Use xpath credentails
At least
--- Authenticate against idp
----Stop on failure
//post action
------------------------------
Pre-Sales Consultant
CA Southern Africa
------------------------------
Original Message:
Sent: 05-18-2020 02:16 PM
From: Sanjeev Yadav
Subject: Satic Authentication in an API
Thanks for the reply Ronald. Your answer is for the soap request.
What about the REST cases? If user name & password is came through URL like below then
1)How to extract the user name & password from the URL
2) Match the username & password extracted from the url .
3) if success it will go the next level
Please help.
Original Message:
Sent: 05-11-2020 03:40 AM
From: Ronald Dsouza
Subject: Satic Authentication in an API
If you know the username and password, You can create a user in the internal Identity provider
Follow the following steps:-
1. Create a user with the given credentials in the Internal Identity Provider
2. Create the service to cater for this authentication
3. At the very start Use the following assertion
3.1. Require basic authentication or You can use the 'Require XPath Credentials' assertion along with the 'Authenticate Against Internal Identity Provider' assertion.
3.2. Authenticate Against Internal Identity Provider
3.3. If successful pass it on else throw an error
Some Community Links
https://community.broadcom.com/enterprisesoftware/communities/community-home/digestviewer/viewthread?MessageKey=00477952-1e0c-4cc3-95bd-3bb7dea30232&CommunityKey=0f580f5f-30a4-41de-a75c-e5f433325a18&tab=digestviewer#bm00477952-1e0c-4cc3-95bd-3bb7dea30232
https://docops.ca.com/ca-api-gateway/9-3/en/policy-assertions/assertion-palette/access-control-assertions/require-xpath-credentials-assertion/
https://techdocs.broadcom.com/content/broadcom/techdocs/us/en/ca-enterprise-software/layer7-api-management/api-gateway/9-4/security-configuration-in-policy-manager/identity-providers/ldap-identity-providers/ldap-identity-provider-wizard.html
In case you want to authenticate against and IDP
------------------------------
Pre-Sales Consultant
CA Southern Africa
Original Message:
Sent: 05-10-2020 11:51 AM
From: Sanjeev Yadav
Subject: Satic Authentication in an API
How to put static authentication in a API.
Suppose urername & password is coming from the consumer with the message header or with the URL.
now we have to follow the below step:
1)Have to extract the username & password from the header or the URL
2)Compare the username & password which was shared earlier with the consumer
3) If the username & password match then it will route to the provider
please guide .