According to official docs defining a custom out sequence and adding <property name="CustomTransportHeader" scope="transport" action="remove"/> would remove any unwanted header from api response, yet I'm not getting any success defining a custom global out sequence and trying to remove Server out of response headers nor any other headers as well.
* Mark bundle as not supporting multiuse
< HTTP/1.1 200
< X-Content-Type-Options: nosniff
< X-XSS-Protection: 1; mode=block
< Date: Tue, 18 May 2021 14:37:47 GMT
< Content-Type: application/json
< Transfer-Encoding: chunked
< Server: WSO2 Carbon Server
Here's the custom out sequence which I placed in{$APIM_HOME}/repository/deployment/server/synapse_configs/sequences folder as a new xml file and got acknowledged of it's deployment by log:
<sequence xmlns="http://ws.apache.org/ns/synapse" name="WSO2AM--Ext--Out">
<property name="Server" scope="transport" action="remove"/>
<log level="custom">
<property name="TRACE" value="API Mediation Extension"/>
</log>
</sequence>
how should one get this done? what's the problem here?
For anybody struggling with this, all you have to do is to add this Entry into your deployment.toml file:
[transport.https.properties]
server = "something"
this would change the Server in response headers to your desired value. using custom sequences can do no good as you don't want to modify your own defined APIs and your request is not passing through it at all.
Related
I am pretty new in WSO2 ESB and I have the following problem.
In my code I have a call mediator performing a request towards an external web service (represented by an endpoint), then the result obtained by this exterla web service (an XML document) is put into a mesage store.
Something like this:
<!-- Call GLIS API -->
<call>
<endpoint key="transferFromGLISAPI"/>
</call>
<log level="full"/>
<!-- Store result into transferFromResultMessageStore -->
<store messageStore="transferFromResultMessageStore"/>
It works fine, the external web service represented by the transferFromGLISAPI endpoint is correctly called and the retrieved XML document is correctly put into my message store.
My problem is that, after the call mediator execution I want retrieve also some headers value from the received response.
If I perform the call to this exterla web service using cURL infact I have something like this:
$ curl -i -k https://XXX.YYY.ZZZ.WWW/glisapi/v1/pgrfas?doi=10.0155/1M
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 103 100 103 0 0 164 0 --:--:-- --:--:-- --:--:-- 164HTTP/1.1 200 OK
Date: Tue, 11 Jul 2017 07:51:08 GMT
Server: Apache/2.4.7 (Ubuntu)
X-Rate-Limit-Limit: 3
X-Rate-Limit-Remaining: 2
X-Rate-Limit-Reset: 0
X-Pagination-Total-Count: 0
X-Pagination-Page-Count: 0
X-Pagination-Current-Page: 1
X-Pagination-Per-Page: 10
Link: <https://XXX.YYY.ZZZ.WWW/glisapi/v1/pgrfas?doi=10.0155%2F1M&page=1&per-page=10>; rel=self
Vary: Accept-Encoding
Content-Length: 103
Content-Type: application/xml; charset=UTF-8
<?xml version="1.0" encoding="UTF-8"?>
<pgrfas xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"/>
As you can see in my cURL output I also have some headers.
I want to retrieve and store into two properties the values of the X-Rate-Limit-Remaining and of the X-Rate-Limit-Reset headers. Then I want to log these value into the Carbon console.
How can I do it? How can I extract these 2 values from the obtained response and put it into properties that will be logged?
Try setting BLOCKING_SENDER_PRESERVE_REQ_HEADERS=false just before call mediator, like this.
<property name="BLOCKING_SENDER_PRESERVE_REQ_HEADERS" value="false"/>
<call blocking="true">
<endpoint key="xxxx"/>
</call>
<log level="full"/>
Ref: https://docs.wso2.com/display/ESB490/Call+Mediator
I recently developped a SOAP web service.
I started to implement it without authentication. It works fine : the service, the call with SOAP UI and the gatling tests.
I added a digest authentication and now I cannot make my gatling test work (the test with SOAP UI is still successful).
According to the gatling documentation (here), I am supposed to call .digestAuth(login, pass) on my http request:
val scn = scenario("scenario")
.feed(feeder)
.feed(feeder2)
.forever{
exec(
http("myRequest")
.post(target)
.digestAuth("login","pass")
.body(ELFileBody("Request.wsdl"))
.headers(headers_2)
)
}
The answer from the server is always a 500 error with the message :
Jul 07, 2015 4:27:31 PM com.sun.xml.wss.impl.SecurityRecipient processMessagePolicy
SCHWERWIEGEND: WSS0253: Message does not conform to configured policy: No Security Header found in message
UPDATE :
I'm using the latest version of gatling 2.1.6
I cannot share my webservice but here is how it is configured.
spring-servlet.xml
<sws:interceptors>
<bean id="wsSecurityInterceptor"
class="org.springframework.ws.soap.security.xwss.XwsSecurityInterceptor">
<property name="policyConfiguration" value="classpath:securityPolicy.xml" />
<property name="callbackHandlers">
<list>
<ref bean="passwordValidationHandler" />
</list>
</property>
</bean>
</sws:interceptors>
<bean id="passwordValidationHandler"
class="org.springframework.ws.soap.security.xwss.callback.SimplePasswordValidationCallbackHandler">
<property name="users">
<props>
<prop key="user">password</prop>
</props>
</property>
</bean>
And the securityPolicy.xml
<?xml version="1.0" encoding="UTF-8"?>
<xwss:SecurityConfiguration xmlns:xwss="http://java.sun.com/xml/ns/xwss/config">
<xwss:RequireUsernameToken passwordDigestRequired="true" nonceRequired="true" />
</xwss:SecurityConfiguration>
UPDATE 2:
Here is the full request and response from gatling logs:
10:06:57.243 [WARN ] i.g.h.a.AsyncHandlerActor - Request 'post_Addresscheck' failed:
status.find.in(200,304,201,202,203,204,205,206,207,208,209), but
actually found 500
10:06:57.244 [TRACE] i.g.h.a.AsyncHandlerActor - http://localhost:8000/ROOT/checkAddresshttp://localhost:8000/ROOT/checkAddress
headers=
Accept-Encoding: gzip,deflate
Content-Type: text/xml;charset=UTF-8
Content-Length: 1830
Connection: keep-alive
Host: localhost:8000
Accept: */*
realm=Realm{principal='user', password='password', scheme=DIGEST, realmName='', nonce='', algorithm='MD5', response='', qop='auth', nc='00000001', cno
nce='', uri='null', methodName='GET', useAbsoluteURI='true', omitQuery='false'}
=========================
HTTP response:
status=
500 Internal Server Error
headers=
Server: [Apache-Coyote/1.1]
Accept: [text/xml, text/html, image/gif, image/jpeg, *; q=.2, */*; q=.2]
SOAPAction: [""]
Content-Type: [text/xml;charset=utf-8]
Content-Length: [605]
Date: [Thu, 09 Jul 2015 08:06:57 GMT]
Connection: [close]
Did I miss something in my test definition?
I think there might be a confusion here: Gatling supports HTTP digest auth, not WSS digest auth (where creds are passed as a SOAP header, inside the body, instead of a HTTP header).
I need to build message in proxy on wso2 esb 4.8.1 with MessageType="multipart/form-data" and send to http endpoint.
Somethin like this:
POST /cgi-bin/maillist.cgi HTTP/1.0
Content-type: multipart/form-data; boundary=---------------------------7cd1d6371ec
Cache-Control: no-cache
Content-Length: 25852
-----------------------------7cd1d6371ec
Content-Disposition: form-data; name="realname"
Steve Johnson
-----------------------------7cd1d6371ec
Content-Disposition: form-data; name="email"
steevo#idocs.com
Could you give me just examlpe or link to solution?
You can Set message type property as follows.
<property name="messageType" value="multipart/form-data" scope="axis2"/>
So it will invoke the multipart/form-data formatter and send out as a multipart/ form-data message.
You can use builder mediator(https://docs.wso2.com/display/ESB481/Builder+Mediator) for this purpose. Builder mediator will build the message within WSO2 ESB such that the message is converted to the desired Content-Type.
We are trying to remove the end end of HTTP chunk character inserted by WSO2 APIM Gateway in HTTP body responses even if the Response Body should be empty (204 Status code).
We are using WSO2 API manager 1.6.0, whenever it receives a message without Content Type (example response Status code 204 No Content) , WSO2 API Manager Gateway includes the Header "Transfer-Encoding : chunked" with a Content Body with 0 (length 5) end of chunk 0\r\n.
In this case a Content-Length of 0 is expected with a completely empty content body.
1) We tried without success first to insert the the following lines in our API definition to enforce a content length of 0 :
under $CARBON_HOME/repository/deployment/server/synapse-configs/default/api/ :
<outsequence>
<property name="FORCE_HTTP_CONTENT_LENGTH" scope="axis2" value="true"></property>
<property name="COPY_CONTENT_LENGTH_FROM_INCOMING" scope="axis2" value="true"> </property>
<send></send>
</outsequence>
2) We tried also without success to insert the following lines to disable chunk encoding as described in the WSO2 doc (https://docs.wso2.com/display/ESB450/HTTP+Transport+Specific+Properties) :
<outsequence>
<property name="FORCE_HTTP_1.0" value="true" scope="axis2" />
<property name="DISABLE_CHUNKING" value="true" scope="axis2" />
<send></send>
</outsequence>
3) We also tried to insert these lines within the markups of the API xml definition without success.
Incoming HTTP reponse to WSO2 APIM Gateway :
HTTP/1.1 204 No Content
Server: Apache-Coyote/1.1
Date: Fri, 08 Aug 2014 14:02:57 GMT
Outgoing HTTP response out of WSO2 APIM Gateway :
HTTP/1.1 204 No Content
Access-Control-Allow-Headers: authorization,Access-Control-Allow-Origin,Content-Type
Access-Control-Allow-Methods: GET,POST,PUT,DELETE,OPTIONS
Date: Fri, 08 Aug 2014 13:56:50 GMT
Server: WSO2-PassThrough-HTTP
Transfer-Encoding: chunked
0
Could you please help us to solve this issue ?
Thanks a lot for your support
JS
Try adding this property mediator to disable chunking:
<property name="DISABLE_CHUNKING" value="true" scope="axis2"/>
This property mediator can be used in custom insequences and outsequences. You can also add it to your API templates. Here is a blog post about applying this to the templates:
http://hoosierapi.blogspot.com/2014/07/wso2-api-manager-proxing-without.html
Cheers,
Colin
I am really struggling to understand how the heck WSO2 ESB works. The documentation - especially for the graphical tools - is severely wanting. I'm hoping someone can point me down the right path.
I have a SOAP API with a RPC/Encoded WSDL. I was able to successfully set it up as a WSDL based proxy and the tools to test it within the ESB admin panel indicate that it's working just fine - I'm able to get a session back, etc.
I went in to set up an API to handle REST requests and forward them to the SOAP API. To test this, I'm starting with our login() function. You can see that as a resource in the source view of the API below:
<api xmlns="http://ws.apache.org/ns/synapse" name="VRRestAPI" context="/vrrest">
<resource methods="GET" uri-template="/session/{username}/{password}">
<inSequence>
<log level="full"/>
<payloadFactory>
<format>
<m0:login xmlns:m0="http://services.samples">
<m0:request>
<m0:username>$1</m0:username>
<m0:password>$2</m0:password>
</m0:request>
</m0:login>
</format>
<args>
<arg xmlns:ns="http://org.apache.synapse/xsd" expression="get-property('uri.var.username')"/>
<arg xmlns:ns="http://org.apache.synapse/xsd" expression="get-property('uri.var.password')"/>
</args>
</payloadFactory>
</inSequence>
<outSequence>
<log level="full"/>
<send/>
</outSequence>
</resource>
</api>
It saves fine and says the API is now running. So I try calling it using curl:
curl -v http://10.0.6.223:8280/vrrest/session/user#emailaddress.com/password
And get the following:
* About to connect() to 10.0.6.223 port 8280 (#0)
* Trying 10.0.6.223... connected
* Connected to 10.0.6.223 (10.0.6.223) port 8280 (#0)
> GET /vrrest/session/user#emailaddress.com/password HTTP/1.1
> User-Agent: curl/7.19.7 (universal-apple-darwin10.0) libcurl/7.19.7 OpenSSL/0.9.8r zlib/1.2.3
> Host: 10.0.6.223:8280
> Accept: */*
>
< HTTP/1.1 202 Accepted
< Date: Fri, 05 Oct 2012 21:06:54 GMT
< Server: Synapse-HttpComponents-NIO
< Transfer-Encoding: chunked
<
* Connection #0 to host 10.0.6.223 left intact
* Closing connection #0
What I'm expecting to see is a POX representation of the output of my SOAP endpoint's login() method. I'm not even getting so much as an error here. There are no logs showing me any details about the mediation or anything. I'm pretty lost and am about to just give up. Any hints on what I should try next here?
I think you're missing "send" at the end of your "inSequence" ... basically you're not sending your carefully crafted message anywhere :-). See: http://synapse.apache.org/userguide/samples/sample800.html.