I want to use WSO2EI 6.4.0 as a proxy for SOAP and REST services authentication platform (later maybe authorization).
I found solution in documentation of wso2 (https://docs.wso2.com/display/EI640/Applying+Security+to+an+API), but unfortunately it is not working.
Adding "handler" element into service definition
<handlers>
<handler class="org.wso2.carbon.integrator.core.handler.RESTBasicAuthHandler"/>
</handlers>
results into exception in design time (eclipse):
Invalid mediator <handler class="org.wso2.carbon.integrator.core.handler.RESTBasicAuthHandler"/> 1d6bbce1-08e3-42d5-b550-6a4e224b0028.xml /.tmp/.org.wso2.developerstudio.eclipse.esb line 15 org.wso2.developerstudio.eclipse.gmf.esb.diagram.synapseerror
Ignoring and deploying such API, makes the API stop working.
Could anyone help please?
The way you are trying to add the Basic authentication for API in WSO2EI 6.4.0 is correct. Developer studio will give a warning as you mentioned, but it should not be an issue. Developer studio will allow setting the handler regardless of the warning and you should be able to create a Composite Application which includes the API and deploy it to ESB. Following is a sample API with the RESTBasicAuthHandler.
<?xml version="1.0" encoding="UTF-8"?>
<api context="/testapi" name="testapi" xmlns="http://ws.apache.org/ns/synapse">
<resource methods="POST" protocol="https" url-mapping="/*">
<inSequence>
<send>
<endpoint name="testapi_EP">
<http uri-template="http://localhost:8080/testapi"/>
</endpoint>
</send>
</inSequence>
<outSequence/>
<faultSequence/>
</resource>
<handlers>
<handler class="org.wso2.carbon.integrator.core.handler.RESTBasicAuthHandler"/>
</handlers>
</api>
Related
We had added Handler to WSO2 ESB 4.9.0 api for Basic Authorization but it is not getting saved permanently. When we check from the UI after sometime we are not able to see the handler and The handler is not working.
<resource methods="GET" uri-template="/{Id}/XXXX">
<inSequence>
<sequence key="XXXXSequence"/>
</inSequence>
</resource>
<handlers>
<handler class="XXXX">
<property name="securityToken" value="XXXX"/>
</handler>
</handlers>
</api>
This is a known issue. https://wso2.org/jira/browse/ESBJAVA-3395
And the solution is to use WSO2 Developer Studio. WSO2 does not recommend using the UI to do development, it is mainly used to monitor and view the instance.
I have this simple example of my rest api, and now I want to add https capabilities to this resource.
<api name="API_FEETIT_VERSION" context="/api_feetit_version">
<resource methods="GET" protocol="https">
<inSequence>
<send>
<endpoint>
<address uri="http://myserver.net/version"/>
</endpoint>
</send>
</inSequence>
</resource>
To do this I just added attribute protocol="https" on resource, but now I cant access the service. Already try on port 8243 but still nothing.
Do I need to do anything else? Or even my endpoint service needs to use https too?
Yes , your backend service will need to be https as well as your endpoint address.
<address uri="https://myserver.net/version"/>
Log in to the ESB Management console.
Under "Service Bus" section/tab , click the last option "Source View".
Search(ctrl-f) for you API , then its resource , and check if protocol="https". This is one of mine:
< resource methods="POST"
protocol="https"
inSequence="ackServiceSeq"
outSequence="hcfRequest"/ >
Weird how the "invokation url" stays the same
I have made a secure proxy service in WSO2 ESB. I followed this tutorial.
Now i want to call this service by using another proxy service. But when i send request from SoapUI to simple proxy service, i encountered an error. What i am unable to figure out is that how to pass security configurations to the proxy service.
Note: I am using WSO2 ESB 4.8.1.
Secure Proxy Service Code:
<?xml version="1.0" encoding="UTF-8"?>
<proxy xmlns="http://ws.apache.org/ns/synapse"
name="EchoProxy2"
transports="https,http"
statistics="disable"
trace="disable"
startOnLoad="true">
<target>
<inSequence>
<log level="full" separator="InSequence Log"/>
</inSequence>
<outSequence>
<log level="full" separator="Out Sequence Called"/>
<send/>
</outSequence>
<endpoint>
<address uri="http://wi1-Inspiron-3521:8280/services/echo"/>
</endpoint>
</target>
<parameter name="disableREST">true</parameter>
<parameter name="ScenarioID">scenario2</parameter>
<enableSec/>
<policy key="conf:/repository/axis2/service-groups/EchoProxy2/services/EchoProxy2/policies/SigOnly"/>
<description/>
</proxy>
Simple Proxy Service Code:
<?xml version="1.0" encoding="UTF-8"?>
<proxy xmlns="http://ws.apache.org/ns/synapse"
name="CallEchoProxy"
transports="https,http"
statistics="disable"
trace="disable"
startOnLoad="true">
<target>
<inSequence>
<log level="full" separator="*Calling Proxy In Sequence"/>
</inSequence>
<outSequence>
<log level="full"
separator="Calling Proxy Out Sequence"/>
</outSequence>
<endpoint>
<address uri="http://wi1-Inspiron-3521:8280/services/EchoProxy2"/>
</endpoint>
</target>
<description/>
</proxy>
Error in Logs:
[2015-02-19 11:22:48,718] ERROR - ServerWorker Error processing POST request for : /services/EchoProxy2
org.apache.axis2.AxisFault: Missing wsse:Security header in request
at org.apache.rampart.handler.RampartReceiver.setFaultCodeAndThrowAxisFault(RampartReceiver.java:180)
at org.apache.rampart.handler.RampartReceiver.invoke(RampartReceiver.java:99)
at org.apache.axis2.engine.Phase.invokeHandler(Phase.java:340)
at org.apache.axis2.engine.Phase.invoke(Phase.java:313)
at org.apache.axis2.engine.AxisEngine.invoke(AxisEngine.java:261)
at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:167)
at org.apache.synapse.transport.passthru.ServerWorker.processEntityEnclosingRequest(ServerWorker.java:411)
at org.apache.synapse.transport.passthru.ServerWorker.run(ServerWorker.java:183)
at org.apache.axis2.transport.base.threads.NativeWorkerPool$1.run(NativeWorkerPool.java:172)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
at java.lang.Thread.run(Thread.java:744)
Caused by: org.apache.rampart.RampartException: Missing wsse:Security header in request
at org.apache.rampart.RampartEngine.process(RampartEngine.java:146)
at org.apache.rampart.handler.RampartReceiver.invoke(RampartReceiver.java:92)
... 10 more
Problem:
I am unable to understand that how to pass security configurations to my simple proxy Service.So that it can communicate with the Secure Service and get back the response.
You have a secured proxy and also you have un-secured proxy. When you sent message to un-secured proxy, it must call the secured proxy. So, your un-secured proxy must call the secured end point. Here, secured end point is your secured-proxy. To call a secured end point, you must attached a WS-Security policy in to the end point configuration. You refer this blog which explains how to call an secured end point. If you follow the steps correctly, i guess you can resolve this issue.
Iteration mediator works with WSo2 Tryit tool but when the same message is sent through SOAP UI the proxy it does not iterate. My proxy service is very simple it has a xslt mediator and then does the iteration. Do I need to change the content type?
Can you paster your proxy service source code.
Try it tool is a evolving tool, but you should always do your testing from SOAP UI.
This is the sample format :-
<iterate expression="//m0:getQuote/m0:request" preservePayload="true"
attachPath="//m0:getQuote"
xmlns:m0="http://services.samples">
<target>
<sequence>
<send>
<endpoint>
<address
uri="http://localhost:9000/services/SimpleStockQuoteService"/>
</endpoint>
</send>
</sequence>
</target>
I have downloaded and I am trying out the WSO2 ESB and setting up proxies for WCF services with wsHttpBindings. When I have Soap Tracing enabled everything works fine - when I turn it off I get a 500 internal server error every time. I am completely stuck with this and can't understand why this would be.
I have tried setting up both pass through proxies and WCF based proxies and I always have the exact same issue - with Soap Tracing enabled everything looks great and works perfectly. If I turn it off and otherwise don't touch anything I get a 500 error:
System.ServiceModel.ProtocolException: An HTTP Content-Type header is required for SOAP messaging and none was found. ---> System.Net.WebException: The remote server returned an error: (500) Internal Server Error.
I have tried it with a basicHttpBinding and it seems to work fine with Soap Tracing on or off. The problem seems to just be with wsHttpBindings.
Here is the full source for the proxy:
<?xml version="1.0" encoding="UTF-8"?>
<proxy xmlns="http://ws.apache.org/ns/synapse"
name="ContactService"
transports="http"
statistics="disable"
trace="disable"
startOnLoad="true">
<target>
<outSequence>
<send/>
</outSequence>
<endpoint>
<wsdl service="ContactService"
port="ContactService_WsHttp"
uri="http://localhost/Actions/ContactService.svc?singleWsdl"/>
</endpoint>
</target>
<publishWSDL uri="http://localhost/Actions/ContactService.svc?singleWsdl"/>
<description/>
</proxy>
can you please try with in the inSequence of the proxy that your are using?
thank you,
1G
I am having the same issue, here is the proxy that is having issues:
<proxy name="cx.partner.usps.RateV4"
transports="https http"
startOnLoad="true"
trace="disable">
<description/>
<target>
<inSequence>
<property name="CONTENT_TYPE"
value="application/xml"
scope="axis2-client"
type="STRING"/>
<property name="FORCE_HTTP_1.0" value="true" scope="axis2"/>
<log level="full"/>
<send>
<endpoint key="partner.usps.prd.endpoint"/>
</send>
</inSequence>
<outSequence>
<class name="cx.wso2.mediators.addNamespace">
<property name="soapPartName" value=""/>
<property name="nsToAdd" value="http://xmlns.usps.com"/>
</class>
<send/>
</outSequence>
</target>
<publishWSDL key="conf:/esb-resources/wsdl/usps/RateV4.wsdl">
<resource location="RateV4.xsd" key="conf:/esb-resources/schema/usps/RateV4.xsd"/>
</publishWSDL>
This was working without tracing on 3.x, but after migrating to 4.7 I have to enable the SOAP tracer.
Try this, it worked for us:
<parameter name="enforceWSAddressing">true</parameter>