Hi, I have copied this solution
http://wso2.com/library/knowledge-base/convert-http-basic-authentication-ws-security-username-token/ However, I don't want to send back a SOAP fault, but a 401 HTTP status code. However, the following code in the mediate(MessageContext) method returns a 200 OK, when my mediator is configured in the insequence of my REST proxy: headers.clear(); msgCtx.setProperty("HTTP_SC", "401"); headers.put("WWW-Authenticate", "Basic realm=\"WSO2 ESB\""); msgCtx.setProperty("NO_ENTITY_BODY", new Boolean("true")); msgCtx.setProperty("RESPONSE", "true"); msgCtx.setTo(null); // Axis2Sender.sendBack(synCtx); // return false; msgCtx.setProperty(SynapseConstants.ISRESPONSE_PROPERTY, true); msgCtx.setProperty(NhttpConstants.HTTP_SC, "401"); synCtx.setResponse(true); synCtx.setTo(null); SendMediator send = new SendMediator(); send.mediate(synCtx); return false; part of the synapse config: <proxy name="test" transports="https http" startOnLoad="true" trace="disable"> <target endpoint="test-ws-ep"> <inSequence> <class name="org.wso2.carbon.esb.mediator.basicauth.BasicAuthWSSecMediator"> <property name="MediatorBehavior" value="CreateWSSecurityAndForward"/> </class> <xslt key="xslt-json-in-transform"/> <property name="messageType" value="text/xml" scope="axis2"/> </inSequence> <outSequence> <xslt key="xslt-json-out-transform-remove-namespace"/> <property name="messageType" value="application/json" scope="axis2"/> <property name="ContentType" value="application/json" scope="axis2"/> <send/> </outSequence> </target> <publishWSDL uri="file:repository/resources/TestService.wsdl"/> </proxy> How can I make the mediator return a 401 to the caller immediately? Thank you Kambiz Kambiz Darabi <[email protected]> wrote: > > Hello, > > I found this > > http://docs.wso2.org/wiki/display/ESB460/Securing+REST+APIs > > which uses a handler with hard-coded admin/admin. > > Is there a mediator which does the same and delegates to > AuthenticationAdmin? > > Thank you > > > Kambiz > > Kambiz Darabi <[email protected]> wrote: >> >> Hello, >> >> using ESB 4.6, calling the proxy defined below without an Authorization >> header returns a HTTP 500 error code and a soap fault with the message: >> >> Missing wsse:Security header in request >> >> Is there a simple way of making it return a 401 in case of a missing >> Authorization header? >> >> Thank you >> >> >> Kambiz >> >> >> Kambiz Darabi >> -- >> m-creations gmbh >> Acker 2 >> 55116 Mainz >> Germany >> >> W: http://www.m-creations.com >> T: +49 6131 6224417 >> F: +49 6131 6224418 >> -- >> Registered Office: Mainz, HRB Mainz 7382 >> Managing Directors: Frank Pacholak, Kambiz Darabi >> >> >> >> <proxy xmlns="http://ws.apache.org/ns/synapse"; name="shop" >> transports="https" statistics="disable" trace="disable" startOnLoad="true"> >> <target endpoint="shop-ws-ep"> >> <inSequence> >> <xslt key="xslt-json-in-transform"/> >> <property name="messageType" value="text/xml" scope="axis2"/> >> </inSequence> >> <outSequence> >> <xslt key="xslt-json-out-transform-remove-namespace"/> >> <property name="messageType" value="application/json" >> scope="axis2"/> >> <property name="ContentType" value="application/json" >> scope="axis2"/> >> <send/> >> </outSequence> >> </target> >> <publishWSDL uri="file:repository/resources/ShopService.wsdl"/> >> <enableSec/> >> <policy >> key="conf:/repository/axis2/service-groups/shop/services/shop/policies/UTOverTransport"/> >> <description></description> >> </proxy> _______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
