Close

REST with Basic Authentication in BizTalk 2010

Initial setup:

• WCF-Custom send port with WebHttpBinding
• Transport security, client credential type Basic
• Custom Endpoint Behavior
o Method = PUT
o UrlTemplate = /MessageType
• Credentials via WCF-Custom properties tab

Result: No authorization header sent to target service.

First attempt to resolve the issue:

• Method POST instead of method PUT.
• Extra parameter in Custom Endpoint Behavior: BasicAuthorization.
• Basic Authorization parameter contains username:password.
• Code added to MessageInspector:

//Add Http Header
if (!String.IsNullOrEmpty(BasicAuthorization))
{
string encoded =
System.Convert.ToBase64String(System.Text.Encoding.GetEncoding(“ISO-8859-1”).GetBytes(BasicAuthorization));
requestMessageProperty.Headers.Add(“Authorization”, “Basic ” + encoded);
}

Also found the following code which I didn’t try out in the end:

//Add SOAP Header
//MessageHeader header = MessageHeader.CreateHeader(“Authorization”, “”, “Basic Y19udGk6Q29udGlfQjNTVA==”);
//OperationContext.Current.OutgoingMessageHeaders.Add(header);

Result: No authorization header sent to target service.

Second attempt to resolve the issue:

• Replacing method PUT with method POST allowed the use of a HTTP send port instead of a WCF-Custom send port.
• HTTP send port in binding file.
o Http method is always POST.
o SecurityMode (Transport/Message) cannot be specified. It’s derived from the endpoint address.
o AuthenticationMode Basic and UserName/Password can be specified on the Authentication tab of the Http Transport properties.

Result: Authorization header sent to target service.