Taxonomy Icon

API Management

Implement digest authentication in unsupported tools

Get the code Watch the demo.

Summary

Digest authentication is a common authentication method that enables web servers to authenticate a user to his or her web browser. In this code pattern, I show you how to implement digest authentication in development tools that don’t include this authentication natively. IBM Integration Bus is one such tool, so I will use it as an example. After walking through the steps of this pattern, you will be able to apply similar logic to any development tools you are using that don’t have built-in digest authentication.

In this code pattern, learn how to build a service in IBM Integration Bus which can be exposed as a proxy to achieve digest authentication. We cover how digest authentication mechanism works in background and what logic needs to be built for a platform which doesn’t support digest authentication of its own. We will also learn how to expose the IBM Integration Bus service on an IBM Cloud Kubernetes cluster and consume it via a sample client. The sample application and client application is built on IBM Integration Bus and deployed on a Kubernetes node using a Docker image.

After completing the code pattern, you will understand how to:

  • Create a message flow and build logic for digest authentication
  • Deploy and test your application locally
  • Expose the IBM Integration Bus digest authentication service to Kubernetes

Flow

flow

  1. User sends a request to the IBM Integration Bus application on the cloud.
  2. Application sends the request to the server seeking authorization.
  3. The request is rejected by the server asking for authorization. The server responds with the details to create authorization.
  4. Application builds authorization logic.
  5. Application sends another request to the server seeking authorization.
  6. The request is successfully authorized.
  7. The application saves the authorization header or cookies in a cache for the next http request and responds with success.
  8. User sends next request to IBM Integration Bus application on the cloud.
  9. Application synchronizes the request and cache before seeking server authorization.
  10. Request sent to server, server authorizes user, and a “success” response is sent back to the user.

Instructions

Follow the detailed steps in the ReadMe to complete the pattern. Here is an overview of the steps you’ll take:

  1. Create a digest authentication service.
  2. Deploy the service locally and test it.
  3. Create the cluster and deploy it on IBM Cloud.
  4. Test a sample API on IBM App Connect on IBM Cloud.