How to automatically redirect access denied requests in tRestRequest
I've created a web service that I'm running in the Talend Open Studio ESB Runtime environment. I used the tRestrequest component and set the "Use Authentication" to Basic HTTP. Everything is working well. What I'm trying to do is catch the requests that are denied access (http status code: 403) and automatically redirect them to a default URL. Is there a way of doing this? - ESB runtime configuration - catch tRestRequest "rejects" and send a response using tRestResponse
Hi
tRESTRequest has onWrongRequest flow which captures all the escaped exceptions - you can check the status there and return a response with a custom Location header
HTH, Sergey
I tried it out. I'm now able to catch the wrong calls (even when not authorized), however the headers I define in the tRestResponse are not passed. Only if it follows a defined output flow (tRestRequest). I tested it out and the issue seems to be that the headers set in the "Response Headers" under advanced setting on the tRestResponse component don't get set if following a "wrong call" flow. Can anyone confirm the same behavior? is so, I can enter it as a defect. Otherwise, it must be something that I'm doing wrong on my end.
I have tested this out in the Studio and verified in the generated code that the headers are being added to the response. However, the console output doesn't indicate the correct headers. However, the payload and status code are correct. INFO: Outbound Message --------------------------- ID: 1 Response-Code: 301 Content-Type: application/xml Headers: {Content-Type=, Date=} Payload: <?xml version="1.0" encoding="UTF-8"?> <root><uri>r</uri><method>GET</method><status>404</status><error>HTTP 404 Not Found</error></root> --------------------------------------
Sorry I did not get the notifications...
Hmm, this response is wrong:
<root><uri>r</uri><method>GET</method><status>404</status><error>HTTP 404 Not Found</error></root>
If it is a redirect then returning the body is not correct, how to you process the authorization failure ?
Cheers, Sergey
Sergey - I think you misunderstood me. I'm trying to handle the Wrong Calls by sending back a payload message that explains the error (in the case you references, a bad path) and then to redirect by adding a status code of 3xx and a header with the Location set to our login page.
The issue seems to be that the Wrong Call flow works fine and the response is sent back, however, the headers that I set in the tRESTResponse component are being ignored (or overwritten). I would think that a tRESTResponse would use the custom headers defined in the component regardless of the flow (e.g.: Wrong Call).
I searched through the component plugin code (jet files) and couldn't find where the headers are being ignored. When I debugged the flow, the global response object has the custom headers in it, but they're just not sent.
What do you mean and "...then to redirect" ? You are sending a 404 first so that has gone out to the client, when do you follow up it with 301, and who is receiving this 301 if the client has already got the response back by now ?
Sergey
For now forget the 404. I was just using it to test the wrong call flow. The situation is like this... 1. Client (browser) call the rest endpoint with a bad SAML token in the header (e.g.: Authorization: SAML xxxddccvv1234). 2. The tRESTRequest is set to authenticate using SAML. 3. The tRestRequest denies access (403) and the Wrong Call flow is used 4. The Wrong Call flow is connected to a tXMLMap component that builds the xml document for the payload. 5. The output from the tXMLMap is connected to the tRestResponse 6. tRestResonse is configured as follows: a. schema - document b. return code - custom : 403 c. headers - Location: http://:8040/services/login 7. The client receives the response with the payload and correct status code, but Location is not in the header
