Stopping a Processing Request on Authentication Failure

Procedure

  1. Get the headers from the HTTPServerRequest.
  2. Check for authentication header.
  3. Validate the value of authentication header. On validation failure, set the TrafficManagerResponse to complete.
  4. Mashery would terminate the request and would not send it to Customer's target sever and returns ERROR as "ERR_403_NOT_AUTHORIZED".
    Note: You would not be able to change the status code or status message from the adapter.
    Unsuccessful Authentication 
    private void doAuthenticateEvent(AuthenticationEvent event)
            throws ProcessorException {
        //For example request doesn't contain the authorization header then user can terminate the call by marking response as complete
        // in order to thrown 403 ERR_403_NOT_AUTHORIZED for the incoming request.
           HTTPHeaders headers = event.getServerRequest().getHeaders();
           if (headers != null) {
            String authorization = headers.get(HEADER_AUTHORIZATION);
            if ((null == authorization || authorization == "")
                    || !authorization.startsWith(AUTH_BASIC)) {
                Logger.warn(MyCustomAuthenticator.class,"Error validating the authentication header {}",HEADER_AUTHORIZATION);
                event.getCallContext().getResponse().setComplete();
            }
    }
    Note: If the authentication fails to prevent further processing, set the following: 
    event.getCallContext().getResponse().setComplete();

    Refer to the working code in examples/MyCustomAuthenticatorFailed.java.