HTTP Authentication / Authorization does not work with SwitchYard RESTEasy binding in FSW 6.0.0

Solution Verified - Updated -

Issue

  • We are exposing services using RESTEasy binding in SwitchYard applications. We are trying to secure those services.
  • However, we were not able to get the credentials passed via the "Authorization" HTTP header.
  • After additional checking, we found that the ServletRequestCredentialExtractor is only referenced in SOAPBindingData, inside the extractCredentials() method defined by the SecurityBindingData interface.
  • A quick look at the RESTEasyBindingData code showed that it implements BindingData only (and not SecurityBindingData), hence credentials are not extracted from anywhere.

Environment

  • Red Hat JBoss Fuse Service Works (FSW)
    • 6.0.0

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content