CloudStreams 10.5 | webMethods CloudStreams | Administering webMethods CloudStreams | Policies | The Policy Actions | The Policy Action Reference | Require HTTP Basic Authentication
 
Require HTTP Basic Authentication
This action uses HTTP Basic authentication to verify the consumer's authentication credentials contained in the request's Authorization header. CloudStreams authorizes the credentials against the list of users registered in the Integration Server on which CloudStreams is running. This action supports WS-SecurityPolicy 1.2.
If the user/password value in the Authorization header cannot be authenticated as a valid Integration Server user (or if the Authorization header is not present in the request), a 500 SOAP fault is returned, and the client is presented with a security challenge. If the client successfully responds to the challenge, the user is authenticated. If the client does not successfully respond to the challenge, a 401 WWW-Authenticate: Basic response is returned, and the invocation is not routed to the policy engine. As a result, no events are recorded for that invocation, and its key performance indicator (KPI) data are not included in the performance metrics.
If you choose to omit the Require HTTP Basic Authentication action (regardless of whether an Authorization header is present in the request or not), then:
*CloudStreams forwards the request to the native service, without attempting to authenticate the request.
*The native service returns a 401 WWW-Authenticate: Basic response, which CloudStreams will forward to the client; the client is presented with a security challenge. If the client successfully responds to the challenge, the user is authenticated.
In the case where a consumer is sending a request with both transport credentials (HTTP Basic authentication) and message credentials (WSS Username or X.509 token), the message credentials take precedence over the transport credentials when Integration Server is determining which credentials it should use for the session. For more information, see Require WSS Username Token and Require X.509 Token. In addition, you must ensure that the consumer that connects to the virtual service has an Integration Server user account.
Input Parameters
Authenticate Credentials
Authorizes consumers against the list of users registered in the Integration Server on which CloudStreams is running. If you select this option, you must also include the Identify Consumer action in the policy.