The endpoint is OAuth protected and requires a SOAP message body in POST request in order to process the request successfully. Please advise.
You can implement a mediation sequence [1] to get an Access token for the backend.
To support SOAP backends, create a SOAP API in API Manager. [2]
[1] https://medium.com/#menakajayawardena/wso2-how-to-using-oauth2-protected-back-ends-with-api-manager-5d7e234c61c
[2] https://docs.wso2.com/display/AM210/Create+and+Publish+a+SOAP+API
Related
I have question on wso2 EI 6.6.0 and preemptive/non-preemptive authentication. Can I check which incoming calls to wso2 use preemptive and nonpreemtive authentication in Synapse handler? Some systems don't send the HTTP authorization header on the first call and generate error logs in wso2. Is there an attribute in wso2 to determine what kind of authentication it is?
Thank you
In a non-preemptive scenario, the client sends a request without the Authorization header and the server responds to the client with a WWW_Authenticate header indicating that the server requires Authentication details. So the client will read this header and send another request with the required authentication headers.
To answer your question the only way the server can identify whether the request is a non-preemptive request is to check the existence of the Authorization header. So in your Authentication Handler you can check the existence of the Authorization header and respond the client accordingly. You can refer this Authorization Handler implementation where the non-preemptive scenario is handled.
I am having WCF client which consumes SOAP based web service which has OAuth authentication. My WCF service gets consumed by some other service but my issue is about authentication when it consumes web service.
My WCF client, consumes web service using proxy generated classes approach. I am able to get Bearer token for OAuth authentication and pass it to request http header as well however, proxy generated class expects binding configuration as well.
var client = new ExchangeServicePortTypeClient("EndPointConfigurationName", "WebServiceURL")
I have tried basicHttpBinding, customBinding (AuthenticationMode="IssuedToken/IssuedTokenForCertificate/IssuedTokenOverTransport"), wsHttpBinding (security mode Message & ClientCredentialType 'IssuedToken" but no luck.
I am assuming due to wrong not supported binding configuration authorization bearer token I am sending is not getting accounted.
I am able to consume this web service from console application successfully where I am not using proxy generated classes approach. So I just required to pass authorization bearer token in header and no binding information.
request.Headers.Add("Authorization", "Bearer " + accessToken);
Can someone please suggest what binding information I should add in my WCF client which can support OAuth authentication ?
Thanks,
I have a post restful client which I need to publish.I am able to publish the same and post subscription, what would be the payload parameters as its a restful client.As I go through the WSO2 docs, they all refer to SOAP requests.
You do not have to send SOAP requests to WSO2 api manager. You can configure api manager to build the message to send to the backend service using you incoming request body (either json or SOAP request)
for example try this sample. This shows how a JSON request is converted to a SOAP payload to access SOAP web service backend. Here payload factory mediator is used to convert the JSON message to SOAP message. if you do not use that mediators, you would be able to send the incomming JSON body directly to backend service (if backend accepts JSON)
Our Requirement is that I had Backend Api Service (Rest Services) which have Http Method Post, and Request as JSON which will call wso2APi Manager as Reqest and Response as SOAP
what i had tested was
For Creating API i had used ,Already wsdl of our Dummy Services,also Sequence and Out Sequence.
But when i am calling Rest Back-end Services ,it is not Response Any OutPut to me
Please guide me how i will meet this Scinario
Can you directly call the backend service? If so , then you can compare the request going from AM t0 Backend verser the direct backend call (headers, body etc.) and check what is missing. to check the AM-Backend request you can enable wirelogs. see http://mytecheye.blogspot.com/2013/09/wso2-esb-all-about-wire-logs.html
How to send the post request in wso2 api manager? What would be the content type, parameters etc.
I am publishing Rest APIs in WSO2 API Manager , I would like to intercept my own API input field validations for each API like input parameter format and value etc. If validation success then API Manager should allow the request to invoke back-end , else reject the request with error message.
You can create a custom handler or custom sequence and deploy it for that api. You can implement the validation logic inside that.
see following product documentation
https://docs.wso2.com/display/AM1100/Writing+Custom+Handlers
https://docs.wso2.com/display/AM1100/Adding+Mediation+Extensions