We are getting below exception with Kafka 2.11 and wso2 esb 6.2 with sasl enabled. SASL mechanism in wso2 esb and Kafka clsuter is PALIN but randmoly seeing Error 2 in logs.
Does anybody experienced this error and any help is appreciated.
Error 1:
java.util.concurrent.ExecutionException: org.apache.kafka.common.errors.TimeoutException: Expiring 1 record(s) for TESTTOPIC: 30051 ms has passed since batch creation plus linger time
Error 2:
[2019-11-02 01:36:50,265] ERROR - [Producer clientId=producer-4526] Connection to node -1 failed authentication due to: Unexpected handshake request with client mechanism PLAIN, enabled mechanisms are [GSSAPI] {org.apache.kafka.clients.NetworkClient}
Based on the Second Error Message *Unexpected handshake request with client mechanism PLAIN, enabled mechanisms are [GSSAPI]*, it would seem that the saslMechanism has not been configured properly on the ESB side. It is configured to GSSAPI Kerberos by default.
I would recommend getting the latest version of the Kafka Connector. You can find the documentation and the relevant links here
One such example of a PLAIN configuration with the Kafka Connector would be :
<kafkaTransport.init>
<bootstrapServers>localhost:9092</bootstrapServers>
<keySerializerClass>org.apache.kafka.common.serialization.StringSerializer</keySerializerClass>
<valueSerializerClass>org.apache.kafka.common.serialization.StringSerializer</valueSerializerClass>
<securityProtocol> SASL_PLAINTEXT </securityProtocol>
<saslMechanism> PLAIN </saslMechanism>
<saslJaasConfig>org.apache.kafka.common.security.plain.PlainLoginModule required username="admin" password="12345"</saslJaasConfig>
<maxPoolSize>100</maxPoolSize>
</kafkaTransport.init>
This is the relevant configuration required to make use of the Kafka Connector. The Security Protocol can be configured to SASL_SSL as well.
Here is one such proxy configuration
<?xml version="1.0" encoding="UTF-8"?>
<proxy xmlns="http://ws.apache.org/ns/synapse"
name="KafkaTransport"
startOnLoad="true"
statistics="disable"
trace="disable"
transports="http,https">
<target>
<inSequence>
<kafkaTransport.init>
<bootstrapServers>localhost:9092</bootstrapServers>
<keySerializerClass>org.apache.kafka.common.serialization.StringSerializer</keySerializerClass>
<valueSerializerClass>org.apache.kafka.common.serialization.StringSerializer</valueSerializerClass>
<securityProtocol>SASL_SSL</securityProtocol>
<saslMechanism>PLAIN</saslMechanism>
<sslKeystoreLocation>/Users/Ibaqu/kafka.client.keystore.jks</sslKeystoreLocation>
<sslKeystorePassword>admin123</sslKeystorePassword>
<sslTruststoreLocation>/Users/Ibaqu/kafka.client.trustore.jks</sslTruststoreLocation>
<sslTruststorePassword>admin123</sslTruststorePassword>
<saslJaasConfig>org.apache.kafka.common.security.plain.PlainLoginModule required username="admin" password="12345";</saslJaasConfig>
<maxPoolSize>100</maxPoolSize>
</kafkaTransport.init>
<kafkaTransport.publishMessages>
<topic>test</topic>
</kafkaTransport.publishMessages>
</inSequence>
</target>
<description/>
</proxy>
You can give this particular proxy a try to test your connection.
Related
I'm trying to write a SFTP location through a jms/http proxy. However when there is an error on SFTP endpoint (wrong password, network connectivity issue, remote Dir not exists) I want to trigger fault sequence and handle this error (Try some DLC kind of scenario). I found that fault Sequcence is not invoking for FTP errors unless you set OUT_ONLY=false. However WSO2 docs recommends set OUT_ONLY=true for ftp writes. Similar Question is asked here too. How to handle VFS proxy error in WSO2 EI 6.4?
If I set OUT_ONLY=false it triggers faultSquence for both failures and success FTP writes.
Any workaround to catch FTP errors and trigger faultSequence ?
You can define a responseAction in the endpoint configuration. Please refer to the following sample configuration. The responseAction spedifies when a response comes to a timed out request specifies whether to discard it or invoke the fault handler. Apart from defining the responseAction in the endpoint, you can replace the send mediator with the file connector and it will also invoke the fault sequence during an error.
<send>
<endpoint name="wms-fault-endpoint">
<address uri="vfs:ftp://admin:admin1#localhost:2121/testJ/out">
<timeout>
<duration>10000</duration>
<responseAction>fault</responseAction>
</timeout>
</address>
</endpoint>
</send>
[1]-https://docs.wso2.com/display/EI611/Endpoint+Error+Handling
[2]- https://docs.wso2.com/display/ESBCONNECTORS/File+Connector
I am trying to configure wso2 esb5.0.0 with esb analytics. I used default configs as given in the wso2 documentation. ESB is running on 9443 and esb analytics is running on 9444. I am invoking my test proxy but there is not entry in analytics dashboard. Below are the configs and proxy.
Synapse.properties
# Configuration to enable mediation flow analytics
mediation.flow.statistics.enable=true
mediation.flow.statistics.tracer.collect.payloads=true
mediation.flow.statistics.tracer.collect.properties=true
mediation.flow.statistics.event.consume.interval=1000
mediation.flow.statistics.event.clean.interval=15000
# Configuration to enable statistics globally irrespective of the individual artifact level setting
mediation.flow.statistics.collect.all=true
Proxy:
<?xml version="1.0" encoding="UTF-8"?>
<proxy xmlns="http://ws.apache.org/ns/synapse"
name="test"
startOnLoad="true"
statistics="enable"
trace="enable"
transports="http,https">
<target>
<inSequence>
<log level="full" separator="*****"/>
</inSequence>
<outSequence>
<respond/>
</outSequence>
</target>
<description/>
</proxy>
Can anyone help what I am missing?
You configured publishing analytics correctly and didn't miss anything. As analytics server retrieving data, you may have to wait around few minutes while publishing data.
And you can verify whether your events are publishing to analytics node via Data explorer in management console.
You have to navigate to management console (https://localhost:9444/carbon) and then to data explorer (Home > Manage > Interactive Analytics > Data Explorer). And check for table values.
Tested sample scenario as you indicated in the question and it works properly.
I am testing WSO2 Message Broker 3.0 and I miss the functionality of subscribing WS endpoints to topics.
Can this functionality be activated with MB 3.0 as it was in MB 2.x?
I am trying to implement reliable (queued) topic subscription for WS-Endpoints. How can it be implemented using WSO2 MB 3.0?
WS-Eventing removed from WSO2 MB 3.0.0. But you can achieve this by integrating WSO2 MB with WSO2 ESB. This is widely used common integration pattern for reliable messaging and also you could modify/mediate message as necessary in WSO2 ESB before send to actual backend. Let's see how we can do this.
I'll show you how to integrate WSO2 ESB with WSO2 MB in local machine.
Download WSO2 ESB 4.9.0 (latest version) from http://wso2.com/products/enterprise-service-bus/. Hope you have WSO2 MB 3.0.0 (latest version) already in hand.
Once you extract, open wso2esb-4.9.0/repository/conf/carbon.xml file and change <Offset>0</Offset> to <Offset>1</Offset>. This allow you to run multiple carbon servers in single machine. You can access management console https://localhost:9444/carbon
Open wso2esb-4.9.0/repository/conf/axis2/axis2.xml and uncomment section after <!--Uncomment this and configure as appropriate for JMS transport support with WSO2 MB 2.x.x--> for JMS transport receiver and section after <!--uncomment this and configure to use connection pools for sending messages--> for JMS transport sender.
Copy andes-client-3.0.1.jar geronimo-jms_1.1_spec-1.1.0.wso2v1.jar
org.wso2.securevault-1.0.0-wso2v2.jar in wso2mb-3.0.0/client-lib to wso2esb-4.9.0/repository/components/lib
Add below entries to wso2esb-4.9.0/repository/conf/jndi.properties
connectionfactory.QueueConnectionFactory = amqp://admin:admin#clientID/carbon?brokerlist='tcp://localhost:5672'
connectionfactory.TopicConnectionFactory = amqp://admin:admin#clientID/carbon?brokerlist='tcp://localhost:5672'
topic.MyDurableTopic = MyDurbleTopic
First start the WSO2 MB and then start WSO2 ESB by running wso2server.sh or wso2server.bat in bin folder depending on OS you are using
Integration completed.
Let's see how we can create JMS listener proxy which creates durable subscription in WSO2 MB. Go to ESB management console, select Proxy service -> Custom Proxy -> Switch to source view. Then copy and paste below synapse configuration to create the JMS listener.
<?xml version="1.0" encoding="UTF-8"?>
<proxy xmlns="http://ws.apache.org/ns/synapse"
name="MyDurableTopicListenerProxy"
transports="jms"
statistics="disable"
trace="disable"
startOnLoad="true">
<target>
<inSequence>
<property name="OUT_ONLY" value="true"/>
<log level="custom">
<property name="STATE" value="dispatch message..."/>
</log>
<send>
<endpoint>
<address uri="http://localhost:9000/services/SimpleStockQuoteService"/>
</endpoint>
</send>
</inSequence>
<outSequence>
<send/>
</outSequence>
</target>
<parameter name="transport.jms.ContentType">
<rules>
<jmsProperty>contentType</jmsProperty>
<default>text/xml</default>
</rules>
</parameter>
<parameter name="transport.jms.ConnectionFactory">myTopicConnectionFactory</parameter>
<parameter name="transport.jms.DestinationType">topic</parameter>
<parameter name="transport.jms.SubscriptionDurable">true</parameter>
<parameter name="transport.jms.Destination">MyDurbleTopic</parameter>
<parameter name="transport.jms.DurableSubscriberName">subId-x</parameter>
<parameter name="transport.jms.CacheLevel">consumer</parameter>
<parameter name="transport.jms.DurableSubscriberClientID">subId-x</parameter>
<description/>
</proxy>
You can replace whatever the WS endpoint by changing <address uri="http://localhost:9000/services/SimpleStockQuoteService"/>. Here I was used sample axis2 backend. Once you save the proxy service, it'll create durable subscription with MyDurableTopic in WSO2 MB. You don't need to create MyDurableTopic in WSO2 MB. Subscription will create a durable topic (according to JMS spec.).
Now you can send messages to durable topic and see those messages dispatch to WS endpoint. This is JMS to HTTP (cross protocol) transport. Likewise you can integrate standard pattern with this setup.
Hope this would help!
Cheers!
I want to proxy RemoteUserStoreManagerService (exposed on WSO2 IS) over WSO2 ESB.
When I call getUserClaimValuesForClaims operation I get the response. I tested the WSO2 IS (connected to my Active Directory) for performance. I sent requests in 100 threads (each thread with 250ms delay) and it gave me an average response of 250ms (which is ok for me).
So I proxied the getUserClaimValuesForClaims operation using the Transformation proxy and it also worked. But during the performace testing (with the same or smaller load) I have got following errors and not all the messages have returned (on average 1 of 100 messages).
[2014-01-06 19:28:21,047] INFO - LogMediator To: http://www.w3.org/2005/08/addressing/anonymous, WSAction: , SOAPAction: , MessageID: urn:uuid:d2b85c03-beaf-409b-bf39-2e8143bd9e0b, Direction: response
[2014-01-06 19:28:38,441] ERROR - SourceHandler I/O error: An established connection was aborted by the software in your host machine
java.io.IOException: An established connection was aborted by the software in your host machine
at sun.nio.ch.SocketDispatcher.read0(Native Method)
at sun.nio.ch.SocketDispatcher.read(SocketDispatcher.java:25)
at sun.nio.ch.IOUtil.readIntoNativeBuffer(IOUtil.java:202)
at sun.nio.ch.IOUtil.read(IOUtil.java:175)
at sun.nio.ch.SocketChannelImpl.read(SocketChannelImpl.java:243)
at org.apache.http.nio.reactor.ssl.SSLIOSession.receiveEncryptedData(SSLIOSession.java:348)
at org.apache.http.nio.reactor.ssl.SSLIOSession.isAppInputReady(SSLIOSession.java:376)
at org.apache.http.impl.nio.reactor.AbstractIODispatch.inputReady
[2014-01-06 19:29:14,051] WARN - TargetHandler http-outgoing-66: Connection time out while in state: REQUEST_DONE
[2014-01-06 19:29:14,061] WARN - EndpointContext Endpoint : AnonymousEndpoint will be marked SUSPENDED as it failed
[2014-01-06 19:29:15,041] WARN - EndpointContext Suspending endpoint : AnonymousEndpoint - last suspend duration was : 30000ms and current suspend duration is : 30000ms - Next retry after : Mon
[2014-01-06 19:29:14,451] WARN - SourceHandler Connection time out after request is read: http-incoming-57
I thing that it says, it timeouts on backend; but I get the response logged in faultSeuence.
I noticed that the problem is caused by the XSLT mediator in proxy implementation, because when I removed the xslt mediators the log is empty. I tried xquery and it was the same. Even the log mediator in outSequence causes this issues.
Here is my final Proxy.
<?xml version="1.0" encoding="UTF-8"?>
<proxy xmlns="http://ws.apache.org/ns/synapse" name="GetUserProxy" transports="https http" startOnLoad="true" trace="disable">
<target>
<endpoint>
<address uri="https://localhost:9443/services/RemoteUserStoreManagerService.RemoteUserStoreManagerServiceHttpsSoap12Endpoint/"/>
</endpoint>
<inSequence/>
<outSequence>
<log/>
<send/>
</outSequence>
<faultSequence/>
</target>
</proxy>
When I remove the log mediator, the WARN messages disapears from log and ALL response messages are returned to SoapUI.
Could anybody tell me why it behaves this way?
Thank you very much.
David
RemoteUserStoreManagerService is an admin service. Therefore, you need to send Identity Server's user name/password in a basic authentication header or session cookie. I can not see setting of authorization headers in your proxy configuration such as following
<property expression="fn:concat('Basic ', base64Encode('username:password'))" name="Authorization" scope="transport"></property>
More details would be here. Also you need to create a message body to send to the "RemoteUserStoreManagerService" and read the response messages. These must be implemented using ESB configuration. However, you can write an custom ESB mediator to do this also. Sample java code to call this service can be found here. You can find the detail on writing custom mediator from here
We have figured out, that the problem is probably more general and doesn't relate only to WSO2 IS, because we have the same problem when similating the WSO2 IS service as SoapUI mock.
The problem is probably in HTTP-passthru transport in axis configuration, because when we switched to HTTP-NIO the problem disapears and it is even faster.
There is a post about performance tunnig that helped us.
Howevever, I would like to know what transport we should use in production or where the problem is. Because now it seems that we cannot use HTTP-passthru transport for production environment.
Is anyone experiencing this problem?
what are the versions of ESB and IS your working with..?
try to restart the ESB and call the Service again. Do remember call to Identity server is a secure call.
How do I configure WSO2ESB such that I can proxy a service that I currently have hosted on Windows Azure?
On my local development machine I have an instance of WSO2ESB, I can use this to proxy WCF services also on my local development machine, but now I need to take this proof of concept work further and show how WSO2ESB could be used to proxy for WCF services hosted externally, in this instance on Windows Azure.
I have tried to add a new Proxy Service for my Azure service selecting Specify source URL for the Publishing WSDL and then entering the .svc address for my Azure service, but when I Test URI (which takes about a minute) it returns
Invalid WSDL URI (Unable to establish a connection)
I believe this to be caused by our corporate proxy and my machine needing to supply basic information in order to punch a hole out but I cannot see how / where to do this.
I am using WSO2ESB 4.5.1 and my Proxy Service source is:
<proxy xmlns="http://ws.apache.org/ns/synapse" name="Azure"
transports="https,http"
statistics="disable" trace="disable" startOnLoad="true">
<target>
<outSequence>
<send/>
</outSequence>
<endpoint>
<address uri="http://myazureservice.cloudapp.net/Service.svc"/>
</endpoint>
</target>
<description></description>
</proxy>
Update
I have also tried importing the WSDL the service generates by copying it to the clipboard and pasting it into WSO2 but this is rejected.
You can download the wsdl to your local filesystem with the extension of *.wsdl, and provide its link to the "publishWSDL" option