WSO2 Proxy Service URL not working with SOAPUI - axis2

We have CXF based SOAP web services and we are hitting these services from SOAP UI with no problem. With one of these services, I setup a ProxyService on barebone WSO2 ESB 4.6.0. The proxy service seems to be working with the "Try It" option from the admin console. When I try to access it from SOAPUI, the WSO2 ESB starts complaining that
"The endpoint reference (EPR) for the Operation not found is /services/HelloWorldProxyService and the WSA Action = . If this EPR was previously reachable, please contact the server administrator."
Now, when I change the endpoint URL in SOAPUI as http:// hostname:8280/services/service-name.port-name/operation-name things start to work.
Does anyone know how to fix this issue? Are there configuration options on the WSO2 ESB which will let us use traditional SOAPUI with WSO2 ESB?

You can point the proxy service url(you can view this, via service dashboard of the particular proxy) in soapui and for the "action", in the insequence of the proxy define a property call;
. header name="Action" value="soap action"
Here is the guide on vailable properties
http://wso2.org/project/esb/java/3.0.0/docs/properties_guide.html

I have the same problem if I put operation1 at the end of WS URI (http://somedomain.com/WebServiceProxyName/operation1), but post a SOAP message body with constructs for another operation(operation2,3,4,5...) it works!!!
Sample
POST http://somedomain.com/..../operation1 HTTP/1.1
....
....
<soap:Envelope ...>
<soap:Header/>
<soap:Body>
<ws:operation2>
</ws:operation2>
</soap:Body>
</soap:Envelope>

Try to change the (original) WSDL and put the soapAction there:
You can define it as an attribute of the http://schemas.xmlsoap.org/wsdl/soap/:operation element in the binding section, e.g.
<wsdl:binding name="healthcheck-1.0.0SOAP" type="tns:HealthCheck100PortType">
<soap:binding style="document" transport="http://schemas.xmlsoap.org/soap/http"/>
<wsdl:operation name="doHealthCheck">
<soap:operation soapAction="http://www.xyz.ch/healthcheck-1.0.0/doHealthCheck"/>

Related

Https soap service in mule

I have a requirement where soap based service needs to be consumed and in order to achieve that I had used WSConsumer component in Mule.
Where we give the service URL in the properties file and refer to it.
<ws:consumer-config name="Web_Service_Consumer" wsdlLocation="serviceApi.wsdl"
service="serviceAPI" port="serviceApiSoap12Port" serviceAddress="${serviceurl}"
doc:name="Web Service Consumer"/>
Now after the development we came to know that QA web service is a HTTPS web service and while hitting the service following exception is received
SSLHandshakeException: General SSLEngine problem
I'm able to hit the service with Http:request connector as following
<http:request-config name="HTTP_Request_Configuration" host="${host}" port="${port}"
doc:name="HTTP Request Configuration" protocol="HTTPS">
<tls:context>
<tls:trust-store insecure="true" />
</tls:context>
</http:request-config>
But the issue with above config is it won't work for HTTP configuration.
I should be able to connect to both HTTP & HTTPS as I have different environments.
Is there a way where I can achieve this with ws:consumer??
I assume the HTTP connector configuration shown is the one queried by your WS Consumer connector. A simple solution would be to configure the protocol of your HTTP config via property file but Mule doesn't play well with it because you may end-up with a TLS Context configured with HTTP and your connector won't work. There is a little trick you can do however: create 2 HTTP configurations - one for HTTP and one for HTTPS:
<http:listener-config name="HTTPS_Config"
protocol="HTTPS"
host="${host}"
port="${port}"
doc:name="HTTPS Config" >
<tls:context>
<tls:key-store type="${keystore.type}"
path="${keystore.path}"
keyPassword="${keystore.keyPassword}"
password="${keystore.password}"/>
</tls:context>
</http:listener-config>
<http:listener-config name="HTTP_Config"
host="${host}"
port="${port}"
doc:name="HTTP Config" >
</http:listener-config>
In a property file, define which configuration (i.e. which protocol) should be used:
host=localhost
port=443
protocol=HTTPS # or HTTP
And finally in your flow, use your property to reference the proper HTTP(S) config:
<flow name="http-testFlow">
<http:listener config-ref="${protocol}_Config" path="/test" doc:name="HTTP"/>
...
</flow>
The trick is to name your configuration ${protocol}_Config such as HTTP_Config and HTTPS_Config so the proper one is used at runtime via config-ref="${protocol}_Config". Mule will then dynamically use the proper configuration when your app is launched. This is entirely transparent for the user as only the protocol (HTTP vs. HTTPS) needs to be configured, and it can be used in any environment.
You can use this differently, the idea is to have Mule pick your HTTP or HTTPS dynamically at runtime.
EDIT: to configure your WS Consumer with HTTPS you'll need to reference a proper HTTP Requester Configuration such as:
<ws:consumer-config name="Web_Service_Consumer"
...
connectorConfig="HTTP_Request_Configuration"/>
<http:request-config name="HTTP_Request_Configuration"
...
<tls:context>
...
</tls:context>
...
/>
See Web Service Consumer documentation for details.
Note: though this solution works I would recommend using HTTPS all the time, for security reasons and to have less differences between your dev/QA/Prod/... environments - among other things.
I faced similar issues, we finally chose to have only an HTTPS config and define via property which keystore to use at runtime. In dev we would use a self-signed certificate and a proper keystore in environments requiring proper security.
Hope this helps.

WSO2 ESB: Proxy Service - how to use faultsequence

I wish all my Proxy Services to log a standard ERROR when the endpoint publishes a soapfault. Setting faultSequence to a valid logging sequence doesn't seem to be doing anything. I know the endpoint is publishing fault responses & the faultlogger sequence is a simply FULL log.
<SOAP-ENV:Fault...> </SOAP-ENV:Fault>
<proxy ... >
<target faultSequence="faultlogger" endpoint="conf:/myService>
...
</target>
</proxy>
How does faultSequence work?
I also tried to use a out, filter + log but wasn't sure what the xpath expression I should use to filter for faults.
faultSequence is executed when there is a technical error (in your xpath for exemple, or can't connect to an address configured in an endpoint)
A SOAPFault is not a technical problem and the out sequence is executed : you can verify response message to find potentials soap faults.
An other solution is to set the property named FORCE_ERROR_ON_SOAP_FAULT :
<property name="FORCE_ERROR_ON_SOAP_FAULT" value="true"/>

Webservice is not working anymore after changed firewall hardware (Dell sonicwall)

We have built for a customer websiteB in c# asp.net. There is also another website in php which is builded by another company. This is websiteA. The enduser is try to log in on websiteA. Underwater there is a request to a webservice on websiteB with username/password as parameters. WebsiteB try to get authenticate the credentials and return a message. WebsiteA is running on some server of another company. WebsiteB is running on our server in the datacenter. This scenario was always working!
No we have changed the firewall hardware in our datacenter. We have now Dell SonicWall. In the beginning the certificates were not working of our webservice. We have fix this. When you run our webservice in the browser the certifcate is OK (there is no red background in the url).
This is the url of my webservice:
https://service.myCompany.com/PortalService.svc
I ask the other company to give me some logging or an exception from there side. They do not get an exception. They got an empty array. They have printed some logging for me after a request:
We have also enabled the logging on the webservice. This is the logging after trying to login on websiteA.
Request to webservice:
<MessageLogTraceRecord>
<HttpRequest xmlns="http://schemas.microsoft.com/2004/06/ServiceModel/Management/MessageTrace">
<Method>POST</Method>
<QueryString></QueryString>
<WebHeaders>
<Connection>Keep-Alive</Connection>
<Content-Length>574</Content-Length>
<Content-Type>text/xml;charset=UTF-8</Content-Type>
<Accept>*/*</Accept>
<Authorization>Basic bWlqbnNlaF9uZXRieXRlczojbjN0Ynl0MzU=</Authorization>
<Host>service.MyCompany.com</Host>
<User-Agent>Jakarta Commons-HttpClient/3.1</User-Agent>
<SOAPAction>"http://schemas.MyCompany.com/SecurityService/SecurityService/LoginUsernamePassword"</SOAPAction>
</WebHeaders>
</HttpRequest>
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:test="http://schemas.MyCompany.com/SecurityService">
<soapenv:Header>
<To soapenv:mustUnderstand="1" xmlns="http://schemas.microsoft.com/ws/2005/05/addressing/none">https://mycompanyapp01.dmz.mycompany.local/SecurityService.svc</To>
<Action soapenv:mustUnderstand="1" xmlns="http://schemas.microsoft.com/ws/2005/05/addressing/none">http://schemas.MyCompany.com/SecurityService/SecurityService/LoginUsernamePassword</Action>
</soapenv:Header>
<soapenv:Body>
<test:LoginUsernamePassword>
<test:Username><![CDATA[testuser#mycompany.com]]></test:Username>
<test:Password><![CDATA[#test!]]></test:Password>
<test:ReturnToken>true</test:ReturnToken>
<test:ReturnProfile>true</test:ReturnProfile>
<test:ReturnRoles>true</test:ReturnRoles>
</test:LoginUsernamePassword>
</soapenv:Body>
</soapenv:Envelope>
</MessageLogTraceRecord>
Response from webservice:
<MessageLogTraceRecord>
<s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/">
<s:Header>
<Action s:mustUnderstand="1" xmlns="http://schemas.microsoft.com/ws/2005/05/addressing/none">http://schemas.MyCompany.com/SecurityService/SecurityService/LoginUsernamePasswordResponse</Action>
</s:Header>
<s:Body>
<LoginUsernamePasswordResponse xmlns="http://schemas.MyCompany.com/SecurityService">
<LoginUsernamePasswordResult xmlns:d4p1="http://schemas.MyCompany.com/datacontracts" xmlns:i="http://www.w3.org/2001/XMLSchema-instance">
<d4p1:Token>PJ%2bNtW0Kpy%2frd945r3Q0ziQpoax%2bNIiPNXC8obx%2fl73D2MPTvwFA9TqDtHNzXPq7</d4p1:Token>
<d4p1:UserProfile>
<d4p1:DisplayNameFormal>Test</d4p1:DisplayNameFormal>
<d4p1:DisplayNameInformal>Test</d4p1:DisplayNameInformal>
<d4p1:Email>test#mycompany.com</d4p1:Email>
<d4p1:IsErkendAdviseur>false</d4p1:IsErkendAdviseur>
<d4p1:UserID>testuser#mycompany.com</d4p1:UserID>
</d4p1:UserProfile>
<d4p1:UserRoles xmlns:d5p1="http://schemas.microsoft.com/2003/10/Serialization/Arrays">
<d5p1:string>Test Medewerker</d5p1:string>
</d4p1:UserRoles>
</LoginUsernamePasswordResult>
</LoginUsernamePasswordResponse>
</s:Body>
</s:Envelope>
</MessageLogTraceRecord>
I have also started the wcf client tool (wcfTestClient.exe). I add the webservice url (https://service.myCompany.com/PortalService.svc). I got this exception:
Error: Cannot obtain Metadata from https://service.MyCompany.com/SecurityService.svc?wsdl
If this is a Windows (R) Communication Foundation service to which you have access, please check that you have enabled metadata publishing at the specified address. For help enabling metadata publishing, please refer to the MSDN documentation at http://go.microsoft.com/fwlink/?LinkId=65455.WS-Metadata Exchange
Error URI: https://service.MyCompany.com/SecurityService.svc?wsdl Metadata contains a reference that cannot be resolved: 'https://service.MyCompany.com/SecurityService.svc?wsdl'.
The HTTP request is unauthorized with client authentication scheme 'Anonymous'. The authentication header received from the server was 'Basic realm="service.MyCompany.com"'.
The remote server returned an error: (401) Unauthorized.HTTP GET Error URI: https://service.MyCompany.com/SecurityService.svc?wsdl
The document was understood, but it could not be processed. - The WSDL document contains links that could not be resolved. - There was an error downloading 'https://myCompanyapp01.dmz.myCompany.local/SecurityService.svc?wsdl=wsdl0'. - The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel. - The remote certificate is invalid according to the validation procedure.
Why do I see the intern url in the exception while I testing the public url:
intern url: https://myCompanyapp01.dmz.myCompany.local/SecurityService.svc?wsdl
public url: https://service.MyCompany.com/SecurityService.svc?wsdl
The public url has a certificate. The intern url not. When you try the intern url you got a red background in the browser.
I think this whole problem is our firewall. I think there is some restricted option on SOAP outbound messages. Because websiteA which is doing the request dont get an exception. They get also an answer, but it is empty. So it looks like the firewall has make it empty.
What do you think of this problem?
Your WSDL is referencing/including files on the internal app server. Try using a flattened wsdl.

Error accesing published WS proxy in WSO2 ESB 4.6: EPR not found

I deployed exactly the same WS-proxy in 4.5.1 and 4.6. With 4.5.1 it works correctly, but with 4.6 I get:
ERROR - AxisEngine The endpoint reference (EPR) for the Operation not found is /services/registro.registroHttpSoap11Endpoint and the WSA Action = . If this EPR was previously reachable, please contact the server administrator.
The source is the following:
<proxy xmlns="http://ws.apache.org/ns/synapse" name="registro" transports="http" statistics="disable" trace="disable" startOnLoad="true">
<target>
<outSequence>
<send/>
</outSequence>
<endpoint>
<address uri="http://localhost:15080/SIGEM_RegistroPresencialWS/services/ServicioRegistroWebService"/>
</endpoint>
</target>
<publishWSDL uri="http://localhost:15080/SIGEM_RegistroPresencialWS/services/ServicioRegistroWebService?wsdl"/>
<description></description>
</proxy>
What do I have to do for 4.6. to make it work?
Thanx.
To enhance ESB performance pass-through transport has been enabled by default starting from ESB 4.6.0 version that is not the case for ESB 4.5.1. It seems your proxy service depends on SOAP body based dispatching but pass-through transport does not support for SOAP body based dispatching. SOAP body based dispatching build the message body and use first element's local name for dispatching which effect to proxy performance badly that is the reason it was not supported in pass-through transport. We are in a process to fix this limitation for future ESB releasees without loosing any advantage of pass-through transport.
BTW for the moment you can use one of the following workarounds.
When sending a messages to the proxy service append operation name to the endpoint URL
e.g - http://serverName/app/serviceName/operationName
Modify client level code to send expected SOAPAction value ( like Try-It case)
I'm not sure your backend service's WSDL defined "" as the value of SOAPAction if that is the case you may modified the backend service to have value other than "" per each operation. AS an example for JAX-WS services you can use #WebMethod annotation for this.
e.g - #WebMethod(action="XXXX")
Note : In case if your backend WSDL defining a value other than "" for SOAPAction while your client send message with SOAPAction="" then it's a violation of service contract by the client and need to be fixed on client level.
I have faced the same problem with wso2 ESB 4.7 and the web service is also developed by me for the company.
What worked for me is adding soapAction attribute to wsdl soap:operation element like below.
<soap:operation soapAction="http://localhost:8080/MyWebApp/services/hello" style="document"/>

Submitting WCF-generated XML through SoapUI

I have a WCF service that I'm testing with SoapUI. I'm using a VS-generated proxy class on the client, and I'm using an IClientMessageInspector class to intercept the XML just before the request and save it. Later on, I paste this XML into SoapUI to replay the transaction.
However, when submitting the XML with SoapUI, I get the following response: HTTP/1.1 400 Bad Request
I found that if I remove the contents of the <Header> tag by setting it to empty, then the call succeeds. But I don't know why.
Here is how the Header tag is generated by the client proxy:
<s:Header />
<Action xmlns="http://schemas.microsoft.com/ws/2005/05/addressing/none" s:mustUnderstand="1">http://app.company.com/IApp/Foo</Action>
</s:Header>
Here is what I change it to in order for it to work:
<s:Header />