We are hosting a REST service and have used BASIC authentication in service package. We have a specific service operator in Pega to be used for this authentication. While trying to test this REST service from SOAP ui, if I try the userid and password as embedded in Service URL(eg. http://Pega7:8080/prweb/PRRestService/ADVPurchasingWorkPurchaseRequest/… ) , authentication is working and am able to get the response.
But if we try to use the user id and password in header(as mentioned in REST tutorial in pega academy: "If the service package is configured to require authentication the request must include username and password of an Operator ID. The external system can send these either in the header, or appended to the URL query string as name/value pairs for the parameters UserIdentifier and Password.") in SOAP ui, are getting a response as "Credentials not found". Please refer screen shot as well.
***Updated by moderator: Marissa to remove group tag: #helpme. Apologies for confusion, shouldn't have been an end-user option.***
**Moderation Team has archived post**
This post has been archived for educational purposes. Contents and links will no longer be updated. If you have the same/similar question, please write a new post.
Checked the engine code (7.2.1), we only look for the specific Basic http "authorization" header first (which you can specify in the soap ui request properties Username and Password else look for query string of UserIdentifier/Password as you have indicated.
How are you constructing the Authorization header? Are you doing it yourself or are you relying on a library to generate it for you by passing username and password? Just so you know, if you are doing it yourself, the Authorization header value must be of this form:
Basically, you need to form a string using your username and password separated by : and then base 64 encode it. For example, if your username is foo and password is bar, the Authorization header value is:
which is nothing but
When you sniff your request using a tool such as TCPMON, you must see this HTTP header:
Thank you Praneeth for your suggestion. It works. If I try to test the Pega REST service using SOAP UI, I just need to mention the Userid and Password for Basic authentication in SOAP UI AUth tab. It automatically converts the id and password using base64 encoding as you have mentioned, and adds it to the header of the request. We are able to view the encoded auth parameters in RAW message. Thanks for your help.
Hi Jeff. I am the original poster of the other thread.
Lately i found that the basic authentication using the auth header is working fine in my PVS (on laptop) but failing with 401 in project environment.I ll check this is its something to do with the environment.
Yes Muthu. My problem seems to be resolved. If I try to test the Pega REST service using SOAP UI, I just need to mention the Userid and Password for Basic authentication in SOAP UI AUth tab. It automatically converts the id and password using base64 encoding as you have mentioned, and adds it to the header of the request. We are able to view the encoded auth parameters in RAW message. If you are testing your service using SOAP UI, the below URL might be helpful: