When crafting services that make use of the "Require HTTP Basic Credentials" assertion you may have noticed that the realm for the challenge that is returned when the client does not preemptively authenticate is "L7SSGBasicRealm".
You can add a WWW-Authenticate basic realm to the header of the response before enforcing the require HTTP credentials, however this results in the first authentication challenge having two authenticate headers, and while the first one appears in the prompt, both are visible when examining the traffic; furthermore if the client cancels or fails the first challenge then the following two will still present only the L7BasicRealm.
The solution is to edit the assertion in notepad to the following format:
<?xml version="1.0" encoding="UTF-8"?>
<wsp:Policy xmlns:L7p="http://www.layer7tech.com/ws/policy" xmlns:wsp="http://schemas.xmlsoap.org/ws/2002/12/policy">
<wsp:All wsp:Usage="Required">
<L7p:HttpBasic>
<L7p:AssertionComment assertionComment="included">
<L7p:Properties mapValue="included">
<L7p:entry>
<L7p:key stringValue="RIGHT.COMMENT"/>
<L7p:value stringValue="//realm your.domain.com"/>
</L7p:entry>
</L7p:Properties>
</L7p:AssertionComment>
<L7p:Realm stringValue="your.domain.com"/>
</L7p:HttpBasic>
</wsp:All>
</wsp:Policy>
This will result in the challenge returned to the client to have only one authenticate header with the realm of "your.domain.com" (appears twice in the xml, once for the realm and once for the comment) and the same for the two following challenges.
This was tested on 8.1.02 and was not tested using a context variable.
