Skip to content
This repository has been archived by the owner on Jul 22, 2024. It is now read-only.

Home

Jump to bottom
rranagit edited this page Oct 31, 2018 · 6 revisions

Summary

IBM integration bus(App Connect) provides variety of integration framework and uses various nodes to implement those framework. So far IIB has not introduced the functionality to integrate with the APIs which are using Digest authentication. This tutorial describes how to build a solution to interact with Digest APIs within currently available nodes of IBM integration bus.

Description

Digest authentication is an authentication mechanism where the client sends a request to the server and the server responds with a session key. This key is then further used to create an authenticated session key with the combination of user name, password and algorithms. Once the authenticated session key is verified by the server then an authenticated session is established between the client and server. The session can be then further continue with use of cookies for an existing session. In this code pattern, we will create a REST API in IBM integration bus and build the authentication logic within the application. This application will be exposed as a façade and can be consumed by other APIs. This code pattern is beneficial for platforms which doesn’t support in-built digest authentication. In this code pattern the authentication logic is built using nodes available to Integration bus but it can be built on any other language. For this code pattern we will deploy and test a client API and façade service locally as well as on IBM cloud. We will be using the inbuilt cache mechanism of IBM integration bus to show how the performance can be enhanced.

Flow

  1. User sends request to application.
  2. Application sends request to server seeking authorisation.
  3. Request is rejected by the server asking for an authorisation and server responds with the details to create authorisation.
  4. Application builds authorisation logic.
  5. Application sends another request to server seeking authorisation.
  6. Request is successfully authorised.
  7. Application saves authorisation header or cookies in cache for next http request and respond with success.
  8. User sends next request to IIB application on cloud.
  9. Application synchronise request and cache before seeking server authorisation.
  10. Request sent to server, server authorises user and success response sent back to user.
Clone this wiki locally