Neuron ESB User Network

The Service Bus for the Connected Business

NTLM Authentication and Swagger - Unable to invoke service (401 Unauthorized)

Hello everyone,

we are exposing a set of REST endpoint with NTLM authentication enabled. All these services are also described through Swagger, giving the developers a nice and easy tool to test them.

I have set up the swagger definition to include the specific security definitions, allowing the authentication on each specific service. When a user tries to invoke one of the service, the portal correctly highlights the need for authentication ( a red warning next to the operation). Through the portal popup it is possible to input the NTLM token to authentication. (as in the attached picture) 

However, when testing the service this fails...

The CORS protection has a preflight OPTIONS request that does not allow to include custom headers into it, and this result in a 401 Unauthorized error.

Option1

Looking around seems like there could be a workaround of allowing all options requests and including the Access-Control-Allow-Credentials header (it does not seems to be included at the moment).

I'm not sure this is something could be solved through a configuration within Neuron .. do you have any thoughts or idea?

Option2

What about disabling the authentication for a specific deployment group (ex. TEST )? I ave tried setting an empty ACL through binding, but this does not disable the Security Model. What about making the Security Model configurable through property?

Thank you very much

Regards

Fabrizio

Tags: NTLM, authentication, swagger

Views: 1247

Attachments:

Reply to This

Replies to This Discussion

Hi everyone,

any thoughts, idea or suggestion on this?

Thanks

Fabrizio

Hi Fabrizio, 

I am still looking into it, will update you later today...

for Option 1) Unfortunately our current implementation of CORS extention to REST endpoint lacks the support for NTLM authentication, we will work on getting this in place.

I think Option 2) will be easy to implement, I will update the binding for security section of ServiceConnector so you can use environment variable for that as well.

Thanks Manoj.

I think those are two alternative solutions. It would be nice to have them both supported.

I'll wait for some update on this.

Fabrizio

RSS

Neuron ESB Product Support Forums and Communities

Latest Activity

Anupama Nair posted a discussion

Marketo Adapter Invalid Token

Hi,We are using the Marketo adapter to push account updates to Marketo. It works well for some time then starts failing with Invalid Token unless restarted. Is there a configuration that can be done so it can auto refresh the token when required?Thanks!See More
Nov 6, 2023
Sayantini Basak posted a discussion

Maximum payload size(REST API) for requests interfacing to NeuronESB

I am new to Neuron ESB and in our current scenario,We need to process batch transactions comprising of ~1000 records and send them to Neuron ESB for further processing. I would like to understand what is the maximum size of payload that can be transferred using REST interface to Neuron ESB.See More
Jul 22, 2022
Profile IconRobert E Dunie and Sayantini Basak joined Neuron ESB User Network
Apr 28, 2022
Profile IconDayanand, Frederic C, Steffen Greve-Oksfeldt and 1 more joined Neuron ESB User Network
Mar 16, 2022
Profile IconCam Vong and Mitja Luznar joined Neuron ESB User Network
Jan 27, 2022
Profile IconWill Hitzges, Chad Parsons, michael larsen and 4 more joined Neuron ESB User Network
Jun 11, 2021
Anupama Nair posted a discussion

ODBC stored proc polling with temporary tables

We have set up an ODBC adapter to poll a stored proc.We found that if the stored proc has a temporary table defined the rows returned are always 0.Any idea why this would be and what we can do to get around it?See More
Dec 14, 2020
Prasanth Kharade is now a member of Neuron ESB User Network
Dec 30, 2019

Badge

Loading…

© 2024   Created by Neuron Admin.   Powered by

Badges  |  Report an Issue  |  Terms of Service