Hi community,
I have a simple policy where i'm using a "Route via HTTP(S)" assertion.
In the case where the backend returns a SOAP Fault with a HTTP error 500 code I want this to be returned to the requestor.
My understanding is that the checkbox in front of "Pass through SOAP faults with error status 500" should do this. But it's not. When i select this checkbox I get this error:
HTTP/1.1 500 Internal Server Error
Content-Type: text/xml;charset=utf-8
Content-Length: 590
Date: Thu, 15 Aug 2019 11:23:11 GMT
Connection: close
Server: CA-API-Gateway/9.0
<?xml version="1.0" encoding="UTF-8"?>
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
<soapenv:Body>
<soapenv:Fault>
<faultcode>soapenv:Server</faultcode>
<faultstring>Policy Falsified</faultstring>
<faultactor>https://foo/bar</faultactor>
<detail>
<l7:policyResult status="Assertion Falsified" xmlns:l7="http://www.layer7tech.com/ws/policy/fault"/>
</detail>
</soapenv:Fault>
</soapenv:Body>
</soapenv:Envelope>
If I select "Never fail as long as target returns an answer" the original SOAP fault from the backend is returned:
HTTP/1.1 500 Internal Server Error
Set-Cookie: JSESSIONID=12345ABC; Path=/foo/bar; Secure; HttpOnly; Domain=foo.bar
Content-Encoding: gzip
Content-Type: text/xml;charset=utf-8
Content-Length: 211
Date: Thu, 15 Aug 2019 11:26:10 GMT
Connection: close
Server: CA-API-Gateway/9.0
<?xml version='1.0' encoding='UTF-8'?><S:Envelope xmlns:S="http://schemas.xmlsoap.org/soap/envelope/"><S:Body><S:Fault xmlns:ns4="http://www.w3.org/2003/05/soap-envelope"><faultcode>S:Server</faultcode><faultstring>Bad credentials (userId is null)</faultstring></S:Fault></S:Body></S:Envelope>
Why is this SOAP fault not returned when i check "Pass through SOAP faults with error status 500"?