Unauthorized REST Proxy Service Access Returns HTTP Status Code 500 instead of 403 (Doc ID 2663788.1)

Last updated on NOVEMBER 06, 2023

Applies to:

Oracle Service Bus - Version 12.1.3.0.0 to 12.2.1.4.0
Information in this document applies to any platform.

When an unauthorized user accesses REST proxy service, OSB returns HTTP status code 500, instead of 403 Forbidden.

@REST Proxy Service
$ curl -X GET -u "<USERNAME>:<PASSWORD>" -i
http://localhost:7011/demo/rest
HTTP/1.1 500 Internal Server Error

@SOAP Proxy Service
$ curl -X GET -u "<USERNAME>:<PASSWORD>" -i
http://localhost:7011/demo/soap
HTTP/1.1 403 Forbidden

	To view full details, sign in with your My Oracle Support account.
	Don't have a My Oracle Support account? Click to get started!

In this Document

Symptoms

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.