Message is getting built when basic auth EP security + secure vault is there [APIM 3.2.0]

[Sumudu-Sahan]

Description

Message is getting built when configuring the Basic authentication and secure vault because of a slash at the property mediator level to get the secret from the governance registry via the wso2:vault-lookup() function.

Steps to Reproduce

• Open the deployment.toml file and add the below configuration to enable the secure vault feature for endpoints (Doc [1])

[apim]
enable_secure_vault=true

• Run the below command inside the <APIM_HOME>/bin directory.

sh ciphertool.sh -Dconfigure

• Start the API Manager and go to the carbon management console.
• Create a secondary userstore (For this, you can get a WSO2 IS 5.10.0 pack and use the inbuilt LDAP userstore)
• Now create a user under the secondary LDAP userstore by assigning Internal/creator, Internal/publisher roles.
• Log into the publisher portal by using the newly created secondary user.
• Create an API with a POST method.
• Under the endpoint security, configure the Basic auth security by providing the username and password.
• Publish the API
• Go to the dev portal and make a valid subscription to that API.
• Try to invoke the post method by parsing an access token. When invoking the API, please send an XML payload with the Content-Type: application/json header.

If the message is not getting built, this should go to the backend without any issue even if the content-type header value is wrong when considering the payload content. But in this case, you will get the message building error which indicates that the message is getting built at the gateway level.

Affected Component

APIM

Version

3.2.0

Environment Details (with versions)

No response

Relevant Log Output

No response

Related Issues

No response

Suggested Labels

No response