marchello
Posts: 81
Joined: Fri Oct 11, 2013 8:59 am

httpbasic + apikey and multitenancy

Sat Oct 08, 2016 4:13 pm

Hi all,

I'm about to implement httpbasic + apikey authentication with multitenancy.
What I mean... I'd like to create procedure with input parameters for username, password and apikey, so that users could use it with their own credentials, not only with stored default creds.

Below is how it works in sql without multitenancy.

Code: Select all

EXEC SYSADMIN.createConnection("name" => 'webservice1',  "jbossCLITemplateName" => 'name1',  "connectionOrResourceAdapterProperties" =>  'EndPoint=https://api.example.com/api/,SecurityType=HTTPBasic,AuthUserName=[EMAIL]',  "encryptedProperties" => 'AuthPassword=[PASSWORD]') ;; 
EXEC SYSADMIN.createDataSource("name" => 'webservice1',  "translator" => 'name1', "modelProperties" => '',  "translatorProperties" => '', "encryptedModelProperties" => '',  "encryptedTranslatorProperties" => '') ;;

Code: Select all

exec  webservice1.invokeHTTP(endpoint=>'2.0/checks',requestHeaders=>  App-Key: myapikey1  ,action=>'GET',requestContentType=>'application/xml')
Now I'm trying to create connection without authusername and authpassword and it does work

Code: Select all

EXEC SYSADMIN.createConnection("name" => 'webservice1',  "jbossCLITemplateName" => 'name1',  "connectionOrResourceAdapterProperties" =>  'EndPoint=https://api.example.com/api/,SecurityType=HTTPBasic') ;; 
EXEC SYSADMIN.createDataSource("name" => 'webservice1',  "translator" => 'name1', "modelProperties" => '',  "translatorProperties" => '', "encryptedModelProperties" => '',  "encryptedTranslatorProperties" => '') ;;
but then I'm trying to call my webservice with credentials entered manually

Code: Select all

exec  webservice1.invokeHTTP(endpoint=>'2.0/checks',requestHeaders=>  AuthUserName: user1 || AuthPassword: pass1 || App-Key:  myapikey1,action=>'GET',requestContentType=>'application/xml')
and receive error:
Server returned HTTP response code: 401 for URL: https://api.example.com/api//2.0/test1** http error stream***{"error":{"statuscode":401,"statusdesc":" Unauthorized","errormessage":"User credentials missing"}}
How do I pass username and password for httpbasic auth properly without need to recreate the connection for different user?
Please advise.

Heater
Posts: 16334
Joined: Tue Jul 17, 2012 3:02 pm

Re: httpbasic + apikey and multitenancy

Sat Oct 08, 2016 8:24 pm

Give me clue. What language is all that unintelligible gobbledygook written in?

And what is running it?
Memory in C++ is a leaky abstraction .

marchello
Posts: 81
Joined: Fri Oct 11, 2013 8:59 am

Re: httpbasic + apikey and multitenancy

Sun Oct 09, 2016 6:01 pm

It's sql.
I got intermediate answer for now...
For http basic x = Base64 encoding of username:password Header Name : Authorization Header Value : Basic x

Heater
Posts: 16334
Joined: Tue Jul 17, 2012 3:02 pm

Re: httpbasic + apikey and multitenancy

Sun Oct 09, 2016 6:11 pm

Does not look like any SQL I have ever seen.

I'm curious. What is that language and what system are you using that should understand it?
Memory in C++ is a leaky abstraction .

User avatar
DougieLawson
Posts: 39613
Joined: Sun Jun 16, 2013 11:19 pm
Location: A small cave in deepest darkest Basingstoke, UK
Contact: Website Twitter

Re: httpbasic + apikey and multitenancy

Sun Oct 09, 2016 6:29 pm

It doesn't look like any SQL I've seen in the last 30 years.
Note: Any requirement to use a crystal ball or mind reading will result in me ignoring your question.

Criticising any questions is banned on this forum.

Any DMs sent on Twitter will be answered next month.
All fake doctors are on my foes list.

marchello
Posts: 81
Joined: Fri Oct 11, 2013 8:59 am

Re: httpbasic + apikey and multitenancy

Sun Oct 09, 2016 7:06 pm

Well, ok, it is indeed sql, but the environment I use (and can not reveal its name, I'm sorry) also has built-in connection to webservices with rest and soap.

My next question was how do I use exec webservice1.invokeHTTP to pass header with header name = Authorization, but as far as I can see, I should direct that question to developers of that environment.

Thanks to all.

Heater
Posts: 16334
Joined: Tue Jul 17, 2012 3:02 pm

Re: httpbasic + apikey and multitenancy

Sun Oct 09, 2016 8:53 pm

marchello,

Well, the SQL we all know and love and has been standardized for decades looks like this: https://en.wikipedia.org/wiki/SQL

Looks like you have some RESTfull/Soap API to what may well be SQL at the back end. If you cannot tell anyone who or what that is how can anyone help?

It's kind of hard to answer your next question when nobody knows what the first question is about:
EXEC SYSADMIN.createConnection("name" => 'webservice1', "jbossCLITemplateName" => 'name1', "connectionOrResourceAdapterProperties" => 'EndPoint=https://api.example.com/api/,SecurityTy ... ame=[EMAIL]', "encryptedProperties" => 'AuthPassword=[PASSWORD]') ;;
EXEC SYSADMIN.createDataSource("name" => 'webservice1', "translator" => 'name1', "modelProperties" => '', "translatorProperties" => '', "encryptedModelProperties" => '', "encryptedTranslatorProperties" => '') ;;
What is that?
Memory in C++ is a leaky abstraction .

Return to “Other programming languages”