Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Authentication fails always for Optional - Optional scenario #2988

Open
RusJaI opened this issue Jul 5, 2024 · 1 comment · May be fixed by wso2/carbon-apimgt#12501
Open

Authentication fails always for Optional - Optional scenario #2988

RusJaI opened this issue Jul 5, 2024 · 1 comment · May be fixed by wso2/carbon-apimgt#12501
Assignees
@sgayangi
Labels
4.4.0 Affected/APIM-4.3.0 Type/Bug
Milestone
APIM 4.4.0

Comments

@RusJaI
Copy link

RusJaI commented Jul 5, 2024
edited
Loading

Description

When Optional - Optional security is selected in Runtime configurations for an API, it always returns a response that authentication failed.
While further debugging the code it was identified that, although it authenticates both the MTLS and Application level security type, the boolean variable authenticate is still having its default value false because it only gets updated if there's an authenticator with isMandatory=true which is not happening in this particular flow.

Steps to Reproduce

  1. Create API from publisher portal
  2. provide endpoints to the api
  3. Go to run time configurations.
  4. select MTLS as optional
  5. select basic auth as optional
  6. save, deploy and publish the api
  7. invoke and api providing correct cert AND/OR basic auth credentials

Affected Component

APIM

Version

4.3.0

Environment Details (with versions)

No response

Relevant Log Output

No response

Related Issues

No response

Suggested Labels

No response
@RusJaI RusJaI added the Type/Bug label Jul 5, 2024
@RusJaI RusJaI mentioned this issue Jul 5, 2024
Closed
@sgayangi sgayangi self-assigned this Jul 18, 2024
@RakhithaRR RakhithaRR added this to the APIM 4.4.0 milestone Jul 22, 2024
@sgayangi
Copy link

Update [2024-07-23 to 2024-07-25]

  • The issue was reproduced and the fix was identified and is currently being implemented.
  • New integration tests for the optional - optional scenario are also being created.

@sgayangi sgayangi linked a pull request Jul 25, 2024 that will close this issue
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@sgayangi sgayangi

Labels
4.4.0 Affected/APIM-4.3.0 Type/Bug
Projects
None yet
Milestone
APIM 4.4.0
3 participants
@RakhithaRR @RusJaI @sgayangi