I'm using an API that works as a gateway between my back-end service and external clients. i'm trying to secure the access to my API with basic authentication using user/password base encoding. After following some guides, i added the handler section in my API in order to manage the auth module.
I tried this section :
<handlers>
<handler class="org.wso2.rest.BasicAuthHandler"/>
</handlers>
The Auth handler is working good for me but only with admin/admin credentials even if i change the password of the user admin.
How can i add a user and let him consume my API with specefic credentials?
I created a user using the WSO2 EI Management console following the below steps.
Click Configure in the menu tab on the left side and click Add under Users and Roles.
Select Add new user
Enter Username and Password and click Next
Select Roles of the User and click Finish (I selected admin privileges)
Then I deployed following API as mentioned in 1
<api xmlns="http://ws.apache.org/ns/synapse" name="StockQuoteAPI"
context="/stockquote">
<resource methods="GET" uri-template="/view/{symbol}">
<inSequence>
<payloadFactory media-type="xml">
<format>
<m0:getQuote xmlns:m0="http://services.samples">
<m0:request>
<m0:symbol>$1</m0:symbol>
</m0:request>
</m0:getQuote>
</format>
<args>
<arg evaluator="xml" expression="get-property('uri.var.symbol')"/>
</args>
</payloadFactory>
<header name="Action" scope="default" value="urn:getQuote"/>
<send>
<endpoint>
<address uri="http://localhost:9000/services/SimpleStockQuoteService" format="soap11"/>
</endpoint>
</send>
</inSequence>
<outSequence>
<send/>
</outSequence>
<faultSequence/>
</resource>
<handlers>
<handler class="org.wso2.carbon.integrator.core.handler.RESTBasicAuthHandler"/>
</handlers>
</api>
Then I could send the request using postman with the new username/password.
1 https://docs.wso2.com/display/EI650/Applying+Security+to+an+API#ApplyingSecuritytoanAPI-BasicAuthUsingaBasicAuthhandler
Thank you for the response. i tried to change "org.wso2.rest.BasicAuthHandler by "org.wso2.carbon.integrator.core.handler.RESTBasicAuthHandler" in my api and redeployed it. I got this error
Caused by: java.lang.ClassNotFoundException: org.wso2.carbon.integrator.core.handler.RESTBasicAuthHandler cannot be found by synapse-core_2.1.7.wso2v60
It seems that i need the .jar file in order to load it but i cannot find it. Can you please provide a link to download please?
I upgraded to 6.5.0 version of the ESB and it worked. thanks !
Related
As you know, by default, WSO2 add a "activityid" Parameter to each response header which would be passed from API-Manager.
Reference:
https://docs.wso2.com/display/EMM210/Getting+Operation+Details+by+the+Activity+ID
For some reason, I need to remove this parameter from the response for client. As I searched, I find out the following link
https://apim.docs.wso2.com/en/4.0.0/deploy-and-publish/deploy-on-gateway/api-gateway/message-mediation/removing-specific-request-headers-from-response/
So I added following code into Main.XML and Fault.XML, However it doesn't work
<property name="activityid" scope="transport" action="remove"/>
I also add the following property to the data flow of a specific API through Integrator Studio. However it doesnt work
<resource methods="POST" uri-template="/attachment">
<inSequence>
<call>
<endpoint key="attachment"/>
</call>
<send/>
</inSequence>
<outSequence>
<property action="remove" name="TRANSPORT_HEADERS" scope="default"/>
<property action="remove" name="activityid" scope="default"/>
</outSequence>
<faultSequence/>
</resource>
Anybody can Give me some advice about this matter??
You can use the message mediation for API Manager. Add the above property mediator to the response path 1 of the API.
Under runtime configurations of the API, there is a message mediation section for both request and response paths. Here you can upload a mediation sequence which will be executed in the request flow as well as response flow. You can save the mediation you need to an xml file and upload the file for the response flow.
1 - https://apim.docs.wso2.com/en/4.0.0/deploy-and-publish/deploy-on-gateway/api-gateway/message-mediation/changing-the-default-mediation-flow-of-api-requests/
In wso2 ESB after calling an endpoint I am getting the response as number(ex: 78) with header application/json, if without processing the response if i send in out sequence it works fine i'll get the same response. But if I include any mediators for processing in between it'll throw exceptions like Could not save JSON payload. Invalid input stream found. A single string or number is not valid in some cases So, it may throwing the exception but this bug is resolved in wso2 EI 6.2.
So now I am able to process the response but if I use script mediator to get that value it shows {}. If i use json-eval($.) then also i am not able to get the value, also with xpath i am not able to get.
So how to get that response(the value in number) for further processing in wso2 ei, by using script mediator or by using json path.
If you are certain that the response only contains a number with the content-type header with application/json. you can take the value to a property as below.
<property name="RESPONSE_NUMBER" expression="//jsonValue" scope="default" type="INTEGER"/>
When you need this value somewhere else in the mediation flow you can take the value from the property(in this case RESPONSE_NUMBER) as below.
$ctx:RESPONSE_NUMBER
Here is a sample API which demonstrates how you can take the response value and use it in the mediation flow.
<api xmlns="http://ws.apache.org/ns/synapse" name="SampleAPI" context="/getNumber">
<resource methods="GET">
<inSequence>
<send>
<endpoint>
<http method="GET" uri-template="http://www.mocky.io/v2/5b02cc2c3000006600cee384"/>
</endpoint>
</send>
</inSequence>
<outSequence>
<property name="RESPONSE_NUMBER" expression="//jsonValue" scope="default" type="INTEGER"/>
<payloadFactory media-type="json">
<format>{"Id": $1}</format>
<args>
<arg evaluator="xml" expression="$ctx:RESPONSE_NUMBER"/>
</args>
</payloadFactory>
<send/>
</outSequence>
</resource>
</api>
You can call the API with below curl command:
curl -v http://localhost:8280/getNumber
I have and scenario where I want to extract dynamically Issues from Jira in order to save them on ElasticSearch. I use a custom Proxy Service that connect with Jira (via Jira connector), get a project (first I want to save the project's information) and pass this information to Elastic. Following is the in Sequence of the proxy service:
<?xml version="1.0" encoding="UTF-8"?>
<inSequence xmlns="http://ws.apache.org/ns/synapse">
<property expression="json-eval($.username)" name="username"/>
<property expression="json-eval($.password)" name="password"/>
<property expression="json-eval($.uri)" name="uri"/>
<property expression="json-eval($.id)" name="id"/>
<property expression="json-eval($.uriEl)" name="uriEl"/>
<property expression="json-eval($.indexName)" name="indexName"/>
<property expression="json-eval($.type)" name="type"/>
<property expression="json-eval($.message)" name="message"/>
<jira.init>
<username>{$ctx:username}</username>
<password>{$ctx:password}</password>
<uri>{$ctx:uri}</uri>
</jira.init>
<jira.getProject>
<projectIdOrKey>{$ctx:id}</projectIdOrKey>
</jira.getProject>
<property expression="json-eval($.project)" name="project"
scope="default" type="STRING"/>
<elasticsearch.init>
<apiUrl>{$ctx:uriEl}</apiUrl>
</elasticsearch.init>
<elasticsearch.createDocumentWithIndex>
<indexName>{$ctx:indexName}</indexName>
<type>{$ctx:type}</type>
<message>{$ctx:message}</message>
<body>{$ctx:project}</body>
</elasticsearch.createDocumentWithIndex>
<respond/>
</inSequence>
And here is the sample request:
{
"username":"MyName",
"password":"AnStrongPassword",
"uri":"JiraURL",
"id":"MyProject",
"uriEl":"http://localhost:9200",
"indexName":"jira",
"type":"project",
"message":"Testing"
}
The other parameters (Endpoint, out Sequence and Fault Sequence) are by default.
The problem is that when I try to send this request via 'Try the Test service' option on WSO2 ESB, i get the following error:
Error connecting to the Tryit ajax proxy
I have tested the same code but only using the Jira connection (without get a project or connect to Elastic), and the same error occurs.
Looking to this error, I suppose that the problem is before to read the JSON request, but I don't know if it is related to the endpoint (I think that it is not necessary an endpoint for this scenario).
Thanks in advance.
This problem is totally independent of the jira connector etc. Problem is with the "try it" tool. This tool is not that much recommended for testing purposes. Instead of that, try invoking the proxy service via soap ui.
If you share a screenshot when the try it error occurs, I'll be able to comment on that as well.
After a few days I have found another solution to my problem without using proxy services. To connect ESB with Jira, I created this API on ESB:
<api xmlns="http://ws.apache.org/ns/synapse" name="transport_service" context="/transport_service">
<resource methods="GET">
<inSequence>
<jira.init>
<uri>MyURL</uri>
<username>MyUser</username>
<password>3MyPass</password>
</jira.init>
<jira.searchJira>
<query>project=MyProject</query>
<maxResults>50000</maxResults>
<fields>MyField1,MyField2,etc</fields>
</jira.searchJira>
<respond/>
</inSequence>
<outSequence>
<log level="full"/>
<property name="messageType" value="application/xml" scope="axis2"/>
<send/>
</outSequence>
</resource>
</api>
The command to call this API is simple:
curl -v -X GET http://localhost:8280/transport_service > jira-db.json
Finally, if you want to insert this json on elastic, you can follow the typical PUT via curl:
curl -XPUT 'http://localhost:9200/jira/jira/1' -d #jira-db.json
Additionally, you can write both commands on a daily bash script (using your scheduled task list), getting the same result that scheduling your proxy service on WSO2ESB:
#!/bin/bash
curl -v -X GET http://localhost:8280/transport_service > jira-db.json
curl -XPUT 'http://localhost:9200/jira-dev/jira/1' -d #jira-db.json
echo "Daily load completed"
I developed a SOAP Web Service and Client for file upload (a base64binary string that i want to write on my database) and everithing works fine. I wrote REST api interface with Wso2 ESB and a Rest Client to use my SOAP services with the JSON to XML conversion provided by Wso2 and i succeeded in most of cases.
The problem occurs when i try to upload a base64binary String, obtained from a file grater than 16385 byte (with smaller files works fine) through REST API interface.
After few seconds the connection is reset by the server (Wso2 i think, since my application server doesn't gets the request) and no error is shown other than connection timeout.
I use Apache cxf2 for web service and client generation, Tomcat 8 as apllication server and Wso2 ESB to comunicate with Tomcat.
Here is my Socket Exception in Rest Client
java.net.SocketException: Connection reset
at java.net.SocketInputStream.read(SocketInputStream.java:196)
at java.net.SocketInputStream.read(SocketInputStream.java:122)
at sun.security.ssl.InputRecord.readFully(InputRecord.java:442)
at sun.security.ssl.InputRecord.read(InputRecord.java:480)
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:927)
at sun.security.ssl.SSLSocketImpl.readDataRecord(SSLSocketImpl.java:884)
at sun.security.ssl.AppInputStream.read(AppInputStream.java:102)
at org.apache.http.impl.io.SessionInputBufferImpl.streamRead(SessionInputBufferImpl.java:139)
at org.apache.http.impl.io.SessionInputBufferImpl.fillBuffer(SessionInputBufferImpl.java:155)
at org.apache.http.impl.io.SessionInputBufferImpl.readLine(SessionInputBufferImpl.java:284)
at org.apache.http.impl.conn.DefaultHttpResponseParser.parseHead(DefaultHttpResponseParser.java:140)
at org.apache.http.impl.conn.DefaultHttpResponseParser.parseHead(DefaultHttpResponseParser.java:57)
at org.apache.http.impl.io.AbstractMessageParser.parse(AbstractMessageParser.java:261)
at org.apache.http.impl.DefaultBHttpClientConnection.receiveResponseHeader(DefaultBHttpClientConnection.java:165)
at org.apache.http.impl.conn.CPoolProxy.receiveResponseHeader(CPoolProxy.java:167)
at org.apache.http.protocol.HttpRequestExecutor.doReceiveResponse(HttpRequestExecutor.java:272)
at org.apache.http.protocol.HttpRequestExecutor.execute(HttpRequestExecutor.java:124)
at org.apache.http.impl.execchain.MainClientExec.execute(MainClientExec.java:271)
at org.apache.http.impl.execchain.ProtocolExec.execute(ProtocolExec.java:184)
at org.apache.http.impl.execchain.RetryExec.execute(RetryExec.java:88)
at org.apache.http.impl.execchain.RedirectExec.execute(RedirectExec.java:110)
at org.apache.http.impl.client.InternalHttpClient.doExecute(InternalHttpClient.java:184)
at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:82)
at rest.RestClient.main(RestClient.java:190)
and the Rest API interface with some censure:
<resource methods="POST"
protocol="https"
uri-template="/loadDoc?user={user}&pwd={pwd}">
<inSequence>
<header name="Action" value="loadDoc"/>
<payloadFactory media-type="xml">
<format>
<m0:loadDoc xmlns:m0="my service location">
<username xmlns="">$1</username><password xmlns="">$2</password>$3
</m0:loadDoc>
</format>
<args>
<arg evaluator="xml" expression="get-property('uri.var.user')"/>
<arg evaluator="xml" expression="get-property('uri.var.pwd')"/>
<arg evaluator="json" expression="$."/>
</args>
</payloadFactory>
<send>
<endpoint>
<address uri="my wsdl location uri"
format="soap12"/>
</endpoint>
</send>
</inSequence>
<outSequence>
<property name="messageType" value="application/json" scope="axis2"/>
<send/>
</outSequence>
WSO2 ESB has a default size of the buffer through which data passes.
This default is 16384 bytes.
Go to WSO2_HOME/repository/conf/passthru-http.properties and adjust io_buffer_size property as you need.
I am trying to access external web services (outside of intranet) using WSO2 ESB 4.0.3 but I do not know how to configure the proxy to let the request go outside. I can send SOAP messages over HTTP from my basic Java client app without issues; I could specify teh proxy details using Apache HttpComponents. So, connection details are OK.
I tried:
Editing <transportSender name="http" ... > and specifying parameters like "http.proxyHost" and "http.proxyPort".
Setting up a global parameter <parameter name="Proxy"> ...
Configuring the HTTP Transport Sender and specifying the appropriate parameters.
The best I got was:
ERROR_CODE = 101503, ERROR_MESSAGE = Connection refused or failed for : ...
So, what did I wrong and what should I do instead? Thanks.
Does your proxy server has any authentication? If yes and it uses Basic Auth you need to specify followoing properties before sending out the request..
<property name="Proxy-Authorization" expression="fn:concat('Basic', base64Encode('userName:password'))" scope="transport"/>
<property name="POST_TO_URI" value="true" scope="axis2"/>
The first property sets the Proxy-Authorization HTTP transport header with the base64 encoded user name and password as expected by the HTTP basic authentication.
The second property makes the out-going URL a complete URL understandable by the Proxy Server.
Following is an example proxy config...
<proxy name="StockQuoteProxy" startOnLoad="true">
<target>
<inSequence>
<property name="Proxy-Authorization" expression="fn:concat('Basic ', base64Encode('udayanga:test123'))" scope="transport"/>
<property name="POST_TO_URI" value="true" scope="axis2"/>
<send>
<endpoint>
<address uri="http://www.wso2.com:9000/services/SimpleStockQuoteService"/>
</endpoint>
</send>
</inSequence>
<outSequence>
<send/>
</outSequence>
</target>
<publishWSDL uri="file:repository/samples/resources/proxy/sample_proxy_1.wsdl"/>
</proxy>