The WSO2 Server is configured to be accessed via SSL. We have deployed several services on the ESB. When we use the Carbon Admin console the services are shown. The Carbon console is access over SSL. When clicking on the WSDL 1.1 or 2.0 the link is shown as http and not https.
Could this be a configuration mistake in carbon.xml or axis2.xml?
You can access https by giving the required port (8243 , assume not set the offset).
ex:
http://my.hotname:8280/services/TestMyService?wsdl
https://my.hostname:8243/services/TestMyService?wsdl
Also you can see sample service links including http/https on endpoint section, when you click the service name and see the right top corner.
Related
I have a WCF services hosted on IIS on one of our windows 2019 server and it is working properly. Now as per our new architecture we should not expose this service to outside directly. Like if any user tries to hit my WCF service from outside (via internet) it should not directly hit my server to get the response rather the request should first come to DMZ zone windows server and from this DMZ server I need to route to our actual windows server where my wcf service is hosted.
To achieve this I tried with IIS URL Rewrite on my DMZ server. If request comes from outside it will first hit the DMZ server IIS and from there I am using URL rewrite to route the service to my actual server where the services are hosted. But this approach is not working I am getting 404 and 502 errors. Below is the Inbound rule screenshot.
How can I achieve this WCF service routing from one windows server to another windows server?
1)Install Application Request Routing feature.
2)Open iis-> Application Request Routing -> server proxy setting-> enable proxy
3)Add below code in the web.config file:
<system.serviceModel>
<serviceHostingEnvironment aspNetCompatibilityEnabled="true" multipleSiteBindingsEnabled="true" />
</system.serviceModel>
4)Open iis, select site(which has public binding)
5)Double click URL Rewrite.
6)Using the “Add Rule(s)…” template that is opened from the right-hand actions pane, create a new Reverse Proxy rule.
7)In reverse proxy template add an internal server or site IP or server name.
You can choose whether to perform SSL Offloading or not. If you leave this checked then all requests to the internal server will be over HTTP regardless of the original web request. This can help with performance and SSL bindings if all requests are within a trusted network. If the network path between the two web servers is not completely trusted and safe then uncheck this.
Next, enable Outbound rules. You can enter your friendly public URL for the outbound rule.
Click ok to save the rule.
You could refer to the below link for more detail:
https://weblogs.asp.net/owscott/creating-a-reverse-proxy-with-url-rewrite-for-iis
WCF using Reverse proxy
Based on WSO2 Architecture blog posts
http://wso2.com/blogs/architecture/2013/05/a-pragmatic-approach-to-the-api-faade-pattern/
http://wso2.com/blogs/architecture/2013/05/implementing-an-api-faade-with-the-wso2-api-management-platform/
I tried to publish API, but exposed WSDL is direct link to back-end ESB.
I planned to expose to outer Internet just API Manager so all calls will be proxied through it. Access to ESB should be limited to internal services and not to public.
Did I something wrong in configuration or API Manager doesn't support this function?
I use WSO2 API Manager 1.4.0 and WSO2 ESB 4.7.0.
DO NOT expose the WSDL of ESB proxy service. The use case for exposing wsdl to allow users to get to know the service contract. You can host the wsdl in a separate location and provide that in the APIManager.
But i think, when we host a WSDL from APIManager, it's port bindings need to be changed according to the gateway node.SO,the requests will be routed via gateway..But that feature is not available in the released versions..We will consider that in the future release.
I have deployed Mule as a web-application. I use Mule to access my webservices over HTTPS. For which I have HTTPS implemented on Mule, which works fine.
Now, I want to integrate another Web-Application instead of a webservice and want to use the same HTTPS implemented on Mule instead of implementing SSL again on my Weblogic server. But when I try the URL gets redirected to my outbound HTTP URL though my inbound endpoint is HTTPS.
What I would like to do is have a wcf service be anonymous accessible using a https url.
I have created a WCF in a .net 4.0. Deployed the wcf on a server that is set up to use HTTPS. The server's IIS is set to allow anonymous calls. I can access the WCF's Service.svc's website url and the Service.svc page comes up with no issues. When I click on the wsdl url link on the Service.svc, I get back either a HTTP 404 error or HTTP 401 error. The wcf's wsdl virtual directory, (I am guessing), won't allow me to get to the wsdl file.
I have set the serviceMetadata's property httpsGetEnabled to true.
wsHttpBinding's security to transport and the clientCredentialType is set to none.
basicHttpBinding's security to transport and the clientCredentialType is set to none.
Is it absolutely certain, I need to create a certificate? Because when I use VS2010 in another project and add the WCF as a Service Reference, a pop-up certificate dialog box appears and I click okay and it continues onward. But it stops when the project can't grab the wsdl flie.
How can I get to the service.svc's wsdl?
Thanks.
If you browse to the deployed service endpoint, you'll see a screen that has a link to generating the WSDL. You do need a certificate for SSL -- just create a self-signed one (it's pretty easy). Don't forget to set up your https bindings too for your site in IIS.
I have WCF service that has http and net.tcp endpoints. I have deployed the service to IIS 7.5 (Server 2008R2), everything is working good.
My question is this, is there a way to set enabled protocols for the IIS application through Web.config?? Right now I have to go to the Application in IIS and manually change the Advanced settings and add net.tcp to the list of available protocols before the service can be activated, see pic for the screenshot.
No, this setting isn't available via web.config. It can be set either via the IIS Manager as you're doing, or via the AppCmd.exe command-line utility, as in the example below:
%windir%\system32\inetsrv\appcmd.exe set app "Default Web Site/FirstWcfHost" /enabledProtocols:http,net.tcp
No, this is not a web-scoped setting. It is web application (app pool) scoped one, so it is in the applicationHost.config file.