IBM webMethods Hybrid Integration

IBM webMethods Hybrid Integration

Join this online group to communicate across IBM product users and experts by sharing advice and best practices with peers and staying up to date regarding product enhancements.


#TechXchangePresenter
 View Only
Back to discussions
Expand all | Collapse all

How to return 404 http response status code for access denied services - Rest API

  • 1.  How to return 404 http response status code for access denied services - Rest API

    Posted Tue January 07, 2020 02:11 PM

    Hi,

    Is any one knows how to assign 404 http response code for those API methods restricted at server port level.

    Ex: post method


    #webMethods-General
    #webMethods-Architecture
    #webMethods
    #Integration-Server-and-ESB


  • 2.  RE: How to return 404 http response status code for access denied services - Rest API

    Posted Wed January 08, 2020 07:49 PM

    pub.flow:setResponseCode check this if helps?


    #Integration-Server-and-ESB
    #webMethods-General
    #webMethods
    #webMethods-Architecture


  • 3.  RE: How to return 404 http response status code for access denied services - Rest API

    Posted Thu January 09, 2020 02:28 PM

    Hi Mahesh,

    It couldn’t help bcz the method / application code is never getting invoked. The request stops at server level.

    I am providing more inputs here…

    We are allowing only _get method in one of the IS. As part of vulnerability testing some requests are sent by _post method. By default our IS is returning 403 response code back to those unauthorized service requests. But they want 404 response code.


    #webMethods
    #webMethods-Architecture
    #webMethods-General
    #Integration-Server-and-ESB


  • 4.  RE: How to return 404 http response status code for access denied services - Rest API

    Posted Fri January 10, 2020 02:23 AM

    Chandra, for invoking a wrong method, response code must be 405…

    I am not sure when you meant, “API methods restricted at port level”.

    API methods are not restricted at port, but the tokens that are issued will have scopes attached to it and it is allowed only for granted http methods. Do not try to wrap the response code or customize it. API gateway handles it.


    #Integration-Server-and-ESB
    #webMethods-General
    #webMethods
    #webMethods-Architecture


Related Content