Getting a 400 Bad Request for sending messages to a Layer7 SOAP policy but works with the SOAP API directly
search cancel

Getting a 400 Bad Request for sending messages to a Layer7 SOAP policy but works with the SOAP API directly

book

Article ID: 244504

calendar_today

Updated On:

Products

CA API Gateway

Issue/Introduction

We have an external SOAP API that requires basic authentication, and when we use SOAPUI to test it, it works going directly to the API. 

When we update SOAPUI to point to the Layer7 policy, we don't see anything in the logs or in the debugger.  We just get a 400 Bad Request error.

Environment

Release : 10.0

Component : API GATEWAY

Cause

The Xpath assertion was wrongly configured and not grabbing the specific elements to evaluate on the policy flow.

Resolution

- We explained how to configure the Xpath assertion, testing the policy shows the output from a payload you could work with.

<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">    <soap:Header>	        <U>ImaUser</U><AuthHeader MyAttribute="" xmlns="https://safe.abdc.dot.com/MasterWebService/DataDownloadService">            <Username>ns_defect_test</Username>            <Password>1Pass$$1234524097</Password>        </AuthHeader>    </soap:Header></soap:Envelope>

-  suggested and explained how to configure a "Regular expression" to grab/evaluate the Username, Password as needed.  You will need to customize according to your use case (context variable to pass into the request header as an example).

 

ref: 

https://techdocs.broadcom.com/us/en/ca-enterprise-software/layer7-api-management/api-gateway/10-1/policy-assertions/how-to-assertions/specify-xpaths-in-assertions.html

https://techdocs.broadcom.com/us/en/ca-enterprise-software/layer7-api-management/api-gateway/10-1/policy-assertions/assertion-palette/message-validation-transformation-assertions/evaluate-regular-expression-assertion.html