Use a security profile to configure HTTPRequest and SOAPRequest nodes to authenticate with a remote server.
Basic authentication is a common extension in the HTTP protocol that allows a client to provide identity information to a remote web server in the form of a username and password that are sent in the HTTP header data. Security profiles in IBM® Integration Bus provide a way for message flow designers to provide these credentials without building the HTTP headers in a Compute node.
To enable basic authentication, select an appropriate security profile for the output node or the message flow in the BAR file editor. The credentials are picked up from the following Properties tree locations if set:
Properties.IdentityMappedType
Properties.IdentityMappedToken
Properties.IdentityMappedPassword
If the mapped identity fields are not set, the credentials are picked up from the following Properties tree locations:
Properties.IdentitySourceType
Properties.IdentitySourceToken
Properties.IdentitySourcePassword
For basic authentication both a username and password are required, therefore the appropriate Type field must be set to the string usernameAndPassword. For example:
SET OutputRoot.Properties.IdentitySourceType='usernameAndPassword';
SET OutputRoot.Properties.IdentitySourceToken = 'myUser';
SET OutputRoot.Properties.IdentitySourcePassword = 'myPassw0rd';
SET OutputRoot.Properties.IdentitySourceIssuedBy = 'myDomain';
These fields are interpreted by a subsequent HTTPRequest or SOAPRequest node and converted into a basic authentication HTTP header.
You can also propagate credentials from an input message by setting a security profile, which includes propagation on an input node, and then using the input node properties Identity token type, Identity Token location, and Identity password location. These three properties take an XPath expression that specifies the location in the input message to retrieve the appropriate token or password from. When configured correctly, these properties place the identity information in the Properties.IdentitySourceType, Properties.IdentitySourceToken, and Properties.IdentitySourcePassword fields. HTTPRequest or SOAPRequest nodes then use these values directly, with an appropriate security policy.
You can override the configuration of the security profile by selecting the build option Override configurable property values in the BAR file editor.