Proxy Endpoint HTTP allow method properties not working

Question

I have following proxy endpoint properties set

<Property name="allow.http.method.POST">false</Property>

<Property name="allow.http.method.PUT">false</Property>

<Property name="allow.http.method.DELETE">false</Property>

<Property name="allow.http.method.HEAD">false</Property>

<Property name="allow.http.method.OPTIONS">false</Property>

<Property name="allow.http.method.TRACE">false</Property>

<Property name="allow.http.method.PATCH">false</Property>

</Properties>

<VirtualHost>default</VirtualHost>

</HTTPProxyConnection>

But no luck, its allowing all methods. I see in trace session that these properties are there, so it is deployed.

Thanks, Sanjay

Answer 1

Best Answer

Answer by Omid Tahouri · Jan 26, 2016 at 10:52 PM

I've not had the time to verify the behaviour of setting those properties, but there may be an alternative solution for what you're trying to achieve...

What about raising a fault based on the request method? You could do this as the first step.

<PreFlow name="PreFlow">
        <Request>
            <Step>
                <Condition>request.verb != "GET"</Condition>
                <Name>fault-method-not-allowed</Name>
            </Step>
	...

Where "method-not-allowed-fault" is a RaiseFault policy that could look like this:

<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<RaiseFault enabled="true" continueOnError="false" async="false" name="fault-method-not-allowed">
	<DisplayName>fault-method-not-allowed</DisplayName>
	<FaultResponse>
		<Set>
			<StatusCode>405</StatusCode>
			<Headers>
				<Header name="Allow">GET</Header>
			</Headers>
		</Set>
	</FaultResponse>    
	<IgnoreUnresolvedVariables>true</IgnoreUnresolvedVariables>
</RaiseFault>

Add comment Show 1 · Link

10 |5000 characters needed characters left characters exceeded

Sanjay Kammili · Jan 27, 2016 at 05:41 PM 0

Link

Thank you Omid for the aleternate solution.

Answer 2

Best Answer

Answer by tskumar@apigee.com · Jan 27, 2016 at 12:00 PM

HTTP properties "allow.http.method.<VERB>" is not supported in the recent releases. We have to handle through "RaiseFault" policy in the message flow, as suggested by Omid.

Add comment Show 3 · Link

10 |5000 characters needed characters left characters exceeded

Anil Sagar @ Google ♦♦

· Jan 27, 2016 at 12:16 PM 0

Link

@docs , We need to update documentation & remove the references. Thank you :)

jonesfloyd ♦♦ Anil Sagar @ Google ♦♦ · Jan 27, 2016 at 03:05 PM 0

Link

Removed from the docs. Thanks for the info.

Anil Sagar @ Google ♦♦ jonesfloyd ♦♦

· Jan 28, 2016 at 04:06 AM 0

Link

Great, Thank you @Floyd Jones. That was super quick !

Get answers, ideas, and support from the Apigee Community

Proxy Endpoint HTTP allow method properties not working

2 Answers

Follow this Question

Related Questions