WSO2 ESB - How to secure API with Basic Auth

01. You can download basicAuth JAR file from the following location[1], copy it to the repository/component/lib directory, and restart the ESB. 
02. Please copy this configuration to your synapse configuration 
03. Invoke it with following curl command or any client(please note you must send basic auth header with request and invoke through https ports). 
      curl -v -k -H "Authorization: Basic YWRtaW46YWRtaW4=" https://localhost:8243/RESTWebService/dept/1

[1]https://svn.wso2.org/repos/wso2/carbon/platform/branches/4.1.0/products/esb/4.7.0/modules/samples/integration-scenarios/starbucks_sample/bin/WSO2-REST-BasicAuth-Handler-1.0-SNAPSHOT.jar 

configuration 
========== 
   <api name="test-api" context="/RESTWebService"> 
      <resource methods="GET" protocol="https" uri-template="/dept/{id}"> 
         <inSequence> 
            <log level="full"/> 
            <log> 
               <property name="REST_URL_POSTFIX" expression="get-property('uri.var.id')"/> 
            </log> 
            <property name="POST_TO_URI" value="true" scope="axis2"/> 
            <send> 
               <endpoint name="test-api_APIEndpoint_0"> 
                  <address uri="http://service_host:port/RESTWebService/rest/departments/"/> 
               </endpoint> 
            </send> 
         </inSequence> 
         <outSequence> 
            <send/> 
         </outSequence> 
      </resource> 
      <handlers> 
         <handler class="org.wso2.rest.BasicAuthHandler"/> 
      </handlers> 
   </api>
-

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Empowering the Future of API Management: Unveiling the Journey of WSO2 API Platform for Kubernetes (APK) Project and the Anticipated Alpha Release

  Introduction In the ever-evolving realm of API management, our journey embarked on the APK project eight months ago, and now, with great a...