Passing Username and Password to a REST API in WSO2 ESB

Question

I am using and REST API in wso2 ESB to call another service with Basic authentication.

This is my API code:

<resource methods="POST" uri-template="/deleteZoneFromEnrolment/">
  <inSequence>
     <property xmlns:ns="http://org.apache.synapse/xsd" name="Authorization" expression="fn:concat('Basic ', base64Encode('user:password'))" scope="transport"></property>
     <property name="DISABLE_CHUNKING" value="true" scope="axis2"></property>
     <payloadFactory media-type="xml">
        <format>
           <enr:DeleteZoneFromEnrolment xmlns:enr="http://someURL/Enrolment.xsd">
              <Enrolment>$1</Enrolment>
              <Zone>$2</Zone>
           </enr:DeleteZoneFromEnrolment>
        </format>
        <args>
           <arg evaluator="json" expression="$.enrolment"></arg>
           <arg evaluator="json" expression="$.zone"></arg>
        </args>
     </payloadFactory>
     <send>
        <endpoint key="dev_enrolmentEndpoint"></endpoint>
     </send>
     <log level="full"></log>
  </inSequence>
  <outSequence>
     <property name="messageType" value="application/json" scope="axis2" type="STRING"></property>
     <send></send>
  </outSequence>
  <faultSequence>
     <sequence key="esb_error_handling_response"></sequence>
  </faultSequence>

I call this REST API using a json POST like this:

{
 'enrolment':'whatever',
 'zone':'1'
}

If I hardcode the user and password, It work nicely. But I`m going one step forward. I need to pass this Basic Authorization with a post JSON that I use to call the REST API in the ESB or setting up this API to pass Authentication through a GET/POST call.

Does anyone know how to do it? This is what I am trying but no success:

In my app before I call my API (POST http://esbUrl:8280/api/deleteZoneFromEnrolment), I code in Base64 the string 'user:password', the result, something like this: 'cHJhYmF0aDpwcmFiYXRo'. I change my API code like this:

<resource methods="POST" uri-template="/deleteZoneFromEnrolment/">
  <inSequence>
     <property xmlns:ns="http://org.apache.synapse/xsd" name="Authorization" expression="fn:concat('Basic ', json-eval($.user))" scope="transport"></property>
     <property name="DISABLE_CHUNKING" value="true" scope="axis2"></property>
     <payloadFactory media-type="xml">
        <format>
           <enr:DeleteZoneFromEnrolment xmlns:enr="http://someURL/Enrolment.xsd">
              <Enrolment>$1</Enrolment>
              <Zone>$2</Zone>
           </enr:DeleteZoneFromEnrolment>
        </format>
        <args>
           <arg evaluator="json" expression="$.enrolment"></arg>
           <arg evaluator="json" expression="$.zone"></arg>
           <arg evaluator="json" expression="$.user"></arg>
        </args>
     </payloadFactory>
     <send>
        <endpoint key="dev_enrolmentEndpoint"></endpoint>
     </send>
     <log level="full"></log>
  </inSequence>
  <outSequence>
     <property name="messageType" value="application/json" scope="axis2" type="STRING"></property>
     <send></send>
  </outSequence>
  <faultSequence>
     <sequence key="esb_error_handling_response"></sequence>
  </faultSequence>

And the POST json:

{
 'enrolment':'whatever',
 'zone':'1',
 'user':'cHJhYmF0aDpwcmFiYXRo'
}

Answer 1

I finally resolved. It is easier than I thought, just adding Basic Auth header inside my app (when I'm calling my ESB API) with username and password and the credentials are passing through my API to the external service.