Basic Authentication – LDAP
Basic Authentication is simple and most widely used authentication mechanism in HTTP based services or APIs. The client sends HTTP requests with the Authorization HTTP header that contains the word Basic word followed by a space and a base64-encoded string username:password .
For example, to authorize as username/password the client would send below HTTP header
Authorization: Basic dXNlcm5hbWU6cGFzc3dvcmQ=
Basic Authentication – LDAP is an extension of the Basic Authentication policy where the provided username and password will be authenticate against the target LDAP server
To Start with we first create a sample project in Design Center
Project – basic-auth-sample
RAML –
#%RAML 1.0 title: basic-auth-sample version: 1.0.0 securitySchemes: basic: description: | This API supports Basic Authentication. type: Basic Authentication /booking: get: securedBy: [basic] description: retrieve route list queryParameters: destination: type: string required: false responses: 200: body: application/json:
Design Center
Now publish it to Exchange and API Manager
Exchange –
Provide the asset version
Exchange asset will be created
Now create an API Manager configuration
This will create the API Manager configuration for basic-auth-sample
Click Policies -> Apply New Policy -> Basic Authentication – LDAP policy
Now we have to provide the valid LDAP configuration, against which basic authentication username and password will be validated
We can see below properties
- LDAP server URL – URL and port for the LDAP server
- LDAP user DN – The name of the user or user group with access to the LDAP
- LDAP user password – User password or user group
- LDAP search base – Starting point for search in the directory tree
- LDAP search filter – Filtering criteria
Which we have to update to use our LDAP server
LDAP configuration
Once done, Click apply and then it will come in API policies list
Now create mule application in Anypoint Studio
Add API Auto Discovery configuration – more on API Auto Discovery
Deploy the project on Cloudhub
API Manager Configuration should now come as active
Now if we test our API it will through 401 unauthorized error
Now we will use the user from LDAP server
Now we can see the 200 success response
Design Center project – basic-auth-sample
Sample mule application – basic-auth-sample
Sample SOAP UI project – basic-auth-sample-soapui-project
How to create LDAP server not mentioned. please explain.
please follow this link on how to setup Apache LDAP