CODEWITHSUNDEEP
web-servicescurlsoapwso2wso2-api-manager
Techie
Techie

Reputation: 45124

How to expose a SOAP web service with authentication in WSO2 API Manager

I have a SOAP web service and I can make an API call using below command. It works fine.

curl --user test:test123 --header "Content-Type: text/xml;charset=UTF-8" --data @checkPayment.xml http://192.168.100.10:8081/asywspay/WSDeclarationPayment

Above mentioned SOAP service is exposed via WSO2 API Manager 1.6 and the end-point is http://api.store.com:8280/WSDeclarationPayment/1.0. Then I make an API call using below command.

curl --user test:test123 --header "Content-Type: text/xml;charset=UTF-8" --header "Authorization: Bearer 7bcc2235a6b0bebfbf4ff684f59f97a7" --data @checkPayment.xml http://api.store.com:8280/WSDeclarationPayment/1.0

It gives me error This request requires HTTP authentication. Even though I pass the credentials using --user test:test123 via curl it's not passed through the API Manager.

Given that tried it this way as well. 

curl --header "Content-Type: text/xml;charset=UTF-8" --header "Authorization: Bearer 7bcc2235a6b0bebfbf4ff684f59f97a7" --header "Authorization: Basic dGVzdDp0ZXN0MTIz" --data @checkPayment.xml http://api.store.com:8280/WSDeclarationPayment/1.0

Then I get error <faultcode>S:Client</faultcode><faultstring>Cannot find dispatch method for {

How can I fix this?

Upvotes: 1

Views: 1871

Answers (1)

Rajkumar Rajaratnam
Rajkumar Rajaratnam

Reputation: 925

You have a secured backend SOAP service which needs to be exposed via API Manager. When you create an API, under Endpoints section, you have to click on Show More Options, there you have to select Secured as Endpoint Security Scheme, then you can give the backend service credentials there, as shown in the below image. These credentials will be used when API Manager makes calls to your backend service. Now we have configured the API Manager to communicate with the secured backend.

enter image description here

Then you have to create an Application in the API Store, subscribe that application to an API, generate access tokens and finally you have to use those access tokens when you invoke an API. This whole flow is well documented here [a]. Please go through it. If you want to invoke your API without access token, you can set Auth Type to None for an API resource when you create an API.

[a] https://docs.wso2acom/display/AM160/Application+Developer+Guide

Upvotes: 1

Related Questions