000035080 - RSA Identity Governance and Lifecycle Access Fulfillment Express (AFX) REST Connector does not send the request body for DELETE requests

Document created by RSA Customer Support Employee on May 1, 2017Last modified by RSA Customer Support Employee on May 1, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000035080
Applies ToRSA Product Set: RSA Identity Governance and Lifecycle
RSA Version/Condition: 6.9.1, 7.0.x
Issue
  • AFX REST connector fails when a DELETE request is sent.
  • The AFX REST connector is not sending the request body in the DELETE request.
  • When you test it through curl DELETE, it works successfully.

The following error is seen in the UI:


Error code = 2 
Failure - Error processing RESTful web service response
Cause:
Error processing RESTful wev service response: org.xml.sax.SAXParseException: Content is not allowed.

AFX REST Connector does not send body of DELETE request.


The reason this does not work within RSA Identity Governance and Lifecycle is that the underlying third-party code that we use does not send the request body for DELETE requests.


 


RSA Identity Governance and Lifecycle uses MuleSoft which is a third party integration software for connecting applications, data and devices.


The Access Fulfillment Express on RSA Identity Governance and Lifecycle versions makes use of the following Mule versions:


  • RSA Identity Governance and Lifecycle v6.9.1 - Mule ESB and Integration Platform Version: 3.3.2
  • RSA Identity Governance and Lifecycle v7.0.0, v7.0.1, v7.0.2 - Mule ESB and Integration Platform Version: 3.5.2
Mule v3.3.2 and v3.5.2 do not allow HTTP/HTTPS DELETE body.

This issue is logged as MuleSoft ticket MULE-8328.
 

 

MuleSoft's underlying code that RSA Identity Governance and Lifecycle uses within our AFX connector to issue HTTP/HTTPS requests only sends the request body for POST and PUT requests, i. e., the request body is ignored for DELETE requests.
Resolution
MuleSoft has applied the fix to resolve this on the following Mule versions:

  • 3.5.4 (EE Only)
  • 3.6.3 (EE Only)
  • 3.7.1 (EE Only)
  • 3.8.0
RSA Identity Governance and Lifecycle Engineering has had discussions about moving to Mule 3.7 or 3.8 after RSA Identity Governance and Lifecycle v7.0.2, however that is currently unscheduled.
The possible workarounds are:

  • If customer has control over the endpoint, they should switch it to use the PUT method or perhaps keep it a DELETE request but receive the data that they need as request parameters and/or headers rather than the request body.
  • Develop a custom Java code based connector.

Attachments

    Outcomes