We have a couple of Mule 3.9 flows that I am trying to convert to Mule 4.5 (Community Editon). They're SOAP services that need WSSE username password authentication. In Mule 3.9, we handled it by adding an interceptor to a CXF:proxy-service component. Since CXF component is now removed in Mule 4 I have used API Kit router for SOAP to expose the services, but I am not able to find any reference/documentation on how to enable the authentication. Any hints would be much appreciated.
To implement WSSE Username Password Authentication with APIkit for SOAP in Mule 4.5 (Community Edition):
- Extract WSSE Header: Use a DataWeave script to parse the SOAP header and retrieve UsernameToken.
- Validate Credentials: Compare the extracted credentials against your database or properties file.
- Error Handling: If authentication fails, use the Mule Error Handling scope to return a SOAP Fault.
Example DataWeave for extracting credentials:
%dw 2.0 output application/json --- { username:
payload.ns0__Envelope.ns0__Header.Security.UsernameToken.Username, password: payload.ns0__Envelope.ns0__Header.Security.UsernameToken.Password }
For advanced setups, consider using MuleSoft Custom Policies for reusable authentication logic.
