HTTP Authentication / Authorization does not work with SwitchYard RESTEasy binding in FSW 6.0.0

Solution Verified - Updated -

Issue

  • We are exposing services using RESTEasy binding in SwitchYard applications. We are trying to secure those services.
  • However, we were not able to get the credentials passed via the "Authorization" HTTP header.
  • After additional checking, we found that the ServletRequestCredentialExtractor is only referenced in SOAPBindingData, inside the extractCredentials() method defined by the SecurityBindingData interface.
  • A quick look at the RESTEasyBindingData code showed that it implements BindingData only (and not SecurityBindingData), hence credentials are not extracted from anywhere.

Environment

  • Red Hat JBoss Fuse Service Works (FSW)
    • 6.0.0

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Close

Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.