Customizing HTTP responses and status codes when an HTTP method is not allowed
As of version 8.2.00, the Gateway will return an HTTP 500 Internal Server Error when an inbound request does not adhere to the HTTP method whitelist. Development incident SSG-9565 was opened to address this deficiency and the attached policy was created by the CA API Gateway support team as an interim workaround pending future resolution of this issue.
This policy fragment will perform a JDBC query against the local Gateway cluster's database for information on the acceptable HTTP methods for a particular service. A whitelist of acceptable methods will be stored in the Gateway application's caching implementation. The policy will validate the HTTP method of inbound request against the whitelist and adjudicate the request message accordingly. If the request message does not adhere to the whitelist then a customized HTTP error status and response will be transmitted to the service consumer
This policy should be deployed in a message-received global policy fragment. This policy fragment ensures that the default process for inspecting the HTTP method is bypassed. There are two assertions that should be modified by an administrator or policy author:
Perform the following procedure to publish this policy fragment
The policy will require an existing JDBC connection to the local Gateway. If one does not exist then the Resolve External Dependencies Wizard will appear. If a JDBC connection needs to be created then proceed through that wizard as follows: