base64 elements in policy configurations (CA API Gataway 9.4)

book

Article ID: 141145

calendar_today

Updated On:

Products

CA Mobile API Gateway CA Rapid App Security

Issue/Introduction

There are many policies having base64 encoded elements from configuration management perspective we cannot distinguish actual differences if there are changes within those segments, 

also many references are hidden within those segments, often this is a major issue when analyzing dependencies and tracking differences, 

please use XML so that all configurations are exposes in human readable format, for ex using  CDATA , etc.

We would  like to avoid having these type of "clobs" in our version control.

 

Environment

Release : 9.4

Component : MOBILE API

Resolution

I agree that RESTMAN bundles and policy exports do contain few text details base64 encoded. This can be revisited based on priority. We need to revisit all the existing assertions and their configuration for base64 encoding in use or not. If we decide to address them, we must do it with full backward compatibility.

We've aware of this issue for a long time, the latest configuration tool (Gateway developer plugin) don't export the configuration with base64 encoding anymore. We are reimagining the gateway configuration management using this plugin. More importantly, it comes with additional benefits like exporting the configuration into multiple files grouped by logical projects, provisioning the external version management systems in use, building CI/CD pipelines, etc.