In wso2 esb what is the best practice for Endpoint maintenance. From some article I got to know that we can read from file So, if this the best approach how achieve this one.
In a scenario where the endpoint is saved as a file within the carbon registry (You can even upload the file via management console or can use WSO2 EI Tooling to create an endpoint template), we can read the content of the endpoint as follows.
Add the endpoint registry resource.
Log the endpoint content using the following synapse configuration. (Can even retrieve specific attributes within the endpoint using their xpath expressions)
<log level="custom">
<property name="Endpoint Content:" expression="$ctx:endpointFile//*"/>
<property name="Endpoint URL:" expression="$ctx:endpointFile//*[local-name() = 'address'][1]/#uri"/>
</log>
You can see the logged endpoint content as below.
There are 3 ways to Endpoint Maintenance.
Using ESB Tooling
From Command Line
Using a Script
More details can be found in WSO2 Documentation.
Related
I am using WSO2 API Manager (version 3.0.1) as front-end for accessing data via an API call to CKAN (version 2.8.2).
A private CKAN data set requires an authorization token as described here.
"When calling an API function that requires authorization, you must authenticate yourself by providing your API key with your HTTP request."
How is this accomplished in WSO2? Specifically, what configuration files/settings need to change to make this happen?
I see from this documentation that if configured in Eclipse using a tooling plug-in it can be accomplished with something like this (Step 23):
curl -k -H "Authorization: Bearer api-key-for-WSO2-goes-here" -H "Custom: Bearer api-key-for-CKAN-goes-here" https://my-wso2-host-goes-here:8243/test/1.0.0
However, these instructions require using Eclipse. But how can this be accomplished without Eclipse? I.e. what configuration files/settings need to be modified on the server or in the WSO2 API Publisher and/or the WSO2 API Dev Portal to pass the authorization token for CKAN through WSO2 API-M?
You do not have to use Eclipse for this. In the tutorial Eclispse plugin is used as a tool to generate the sequence easily. In that tutorial we needed a sequence
in the first place because the authorization header required by the backend is "Authorization". In WSO2 APIM this is a reserved header to pass the internally generated token. Therefore we first pass the backend token in a custom header with a different header name and then copy this value to Authorization header in the in-sequence.
The sequence would look like below.
<sequence xmlns="http://ws.apache.org/ns/synapse" name="authorization_header_exchange">
<property name="X-Authorization" expression="get-property('transport', 'X-Authorization')" scope="default" type="STRING"/>
<property name="Authorization" expression="get-property('X-Authorization')" scope="transport" type="STRING" description=""/>
<property name="X-Authorization" scope="transport" action="remove"/>
Refer [1] for more info.
However in your case you can send the api key in X-CKAN-API-Key along with the request itself without using a mediation sequence.
[1]. https://docs.wso2.com/display/APICloud/Sample+Mediation+Sequences#SampleMediationSequences-Passinganauthorizationheadertoyourbackend
I'm answering my own question...
TLDR
The answer by #naoko above is correct: to pass CKAN authorization through WSO2 API-M include X-CKAN-API-Key as a header with a value set to your CKAN user's private CKAN API key.
Long Version
Pass the CKAN API key like this:
curl -k -H "Authorization: Bearer wso2-app-key-here" -H "X-CKAN-API-Key: ckan-authorization-key-here" https://myWso2DeveloperPortal.com:8243/daas/3.0.1/action/resource_show?id=resource-id-of-CKAN-dataset-here
(Use -k if the host has a self-signed https certificate)
Where...
wso2-app-key-here is the application key found in the WSO2 Developer Portal.
ckan-authorization-key-here is your user account's private key in CKAN. (It can be found on your user profile page in the CKAN UI.)
resource-id-of-CKAN-dataset-here is the resource id of the dataset you want to query.
The resource_show method in this example will return metadata for the given CKAN resource. Other CKAN methods are invoked in a similar manner.
This is all thanks to CKAN for having an alternative to passing the key in a header named Authorize. In the case of CKAN, the variable X-CKAN-API-Key can be used. And this can be easily passed as shown above.
Mea culpa for not catching that in the CKAN docs in the first place (It's right there in my very own screenshot above!)...had I read thoroughly it would have saved a SO post for better or worse;)
Had CKAN not provided the alternative with X-CKAN-API-Key then this can be accomplished in version 3.0.0 as described in these pages:
"Passing a Custom Authorization Token to the Backend"
https://apim.docs.wso2.com/en/latest/Learn/APIGateway/MessageMediation/passing-a-custom-authorization-token-to-the-backend/
FWIW, I actually tried that before trying the X-CKAN-API-Key solution and it didn't work. Maybe I was doing something wrong. But since the X-CKAN-API-Key solution works for me I'm calling it done.
So i'm working on PER-API log configuration in WSO2, in order to log REQUEST/RESPONSE for an API call, we need to
Modify the file log4j.properties in < APIM HOME >\repository\conf by adding the following lines to it
log4j.appender.TestAPI_APPENDER=org.apache.log4j.RollingFileAppender
log4j.appender.TestAPI_APPENDER.File=${carbon.home}/repository/logs/PerAPI/${instance.log}/wso2-APILogs-service${instance.log}.log
log4j.appender.TestAPI_APPENDER.MaxFileSize=1000KB
log4j.appender.TestAPI_APPENDER.MaxBackupIndex=10
log4j.appender.TestAPI_APPENDER.layout=org.apache.log4j.PatternLayout
log4j.appender.TestAPI_APPENDER.layout.ConversionPattern=%d{ISO8601}
[%X{ip}-%X{host}] [%t] %5p %c{1} %m%n%n
log4j.category.API_LOGGER.admin--APINAME= TRACE,
TestAPI_APPENDER
It logs the following details to a .txt file which is pretty comprehensive and cool
However i do have some questions that i'm stuck in and would like help in, here are they
The HTTP Status Code for the response is not being logged here which i badly need, I've looked here and it says to use %s - HTTP status code of the response however when i put the character %s in the log4j.properties ConversionPattern, those characters are printed as they are, how can i achieve this?
Secondly, does wso2 has some sort of portal in order to visualize these custom logs?
Thirdly, i need to put a line at the end of request/response (4 entries per API CALL) log lines and i'm unable to find any solution, if i hardcode a line into the log4j.properties ConversionPattern, i suppose it would print after each entry, please help?!
Thank you
Please find the below answers for your questions
By enabling wire logs settings you can easily track the HTTP Status Code for the response. You can enable the header and wirelogs by un-commenting following lines in log4j.properties file (located at: \repository\conf)
log4j.logger.org.apache.synapse.transport.http.headers=DEBUG
log4j.logger.org.apache.synapse.transport.http.wire=DEBUG
The third Question, you can achieve this by using log mediator in In-sequence(print a line in request) and out-sequence(print a line in response).For an example you can use custom log in your api synapse configuration file as follows (here I use this custom log in in sequence)
<sequence xmlns="http://ws.apache.org/ns/synapse" name="admin--TwitterSearch:v1.0.0--In">
<log level="custom">
<property name="test" value="your value goes here……….” />
</log>
</sequence>
You can enable wirelogs to track the request and responses of the API when it is getting invoked. To do that uncomment following line in log4j.properties file.
log4j.logger.org.apache.synapse.transport.http.wire=DEBUG
Furthermore if you want to log the http messages you can uncomment following line as well.
log4j.logger.org.apache.synapse.transport.http.headers=DEBUG
In WSO2 API Manager Analytics, a log Analyzer is included. You need to configure WSO2 API Manager Analytics with WSO2 API Manager to get that.
If you want to print a customized log for the API, you can use the Log mediator and add a Log mediator as a mediation extension per API with the required log to be printed in the synapse configuration of the API.
I need to convert my existing SOAP web service to a REST webservice by using WSO2 ESB. I tried with the given samples in the Documentation successfully. And also I created a transformer proxy and set the end point as my existing WSDL url. In my case I'm getting the response as SOAP. SO how can I change that response into Json in the created proxy? I tried with the outsequences a lot. but coudnt make it success. Can anyone tell me the exact steps to do this.
I riffered [enter link description here][1]
[1]: http://wsf.cdyne.com/WeatherWS/Weather.asmx?WSDL as web service.
In your REST API (see the example link given in Samisa's answer above) use the following property in out sequence to convert the message type to JSON.
<property name="messageType" scope="axis2" value="application/json"/>
Good Day!
I have a WSO2 ESB proxy service which is calling WSO2 DSS Service. It is inserting the data to mysql table. it is working as expected. but if there is any issue in the DSS Service, I am getting faults with different soap response formats. like
if the service is inactive or stopped, then getting response like
<soapenv:Body><soapenv:Reason xmlns:soapenv="http://www.w3.org/2003/05/soap-envelope">.......
if the service is facing issue while inserting the data, then getting response like
<soapenv:Body><axis2ns134:DataServiceFault xmlns:axis2ns134="http://ws.wso2.org/dataservice"><axis2ns134:current_params......
and some other cases getting different responses.
but is ESB, those errors are not capturing and not firing "faultsequence" even I explicitly set the below property
<property name="FORCE_ERROR_ON_SOAP_FAULT" value="true" scope="default" type="STRING"/>
Can you please guide me how to handle/catch those errors in ESB Proxy?
Thanks,
Vinoth
see if this documentation helps you.
https://docs.wso2.com/display/ESB490/Fault+Mediator
https://docs.wso2.com/display/ESB490/Error+Handling
Att;
Vitor Darela
I'm trying to setup a proxy for my RESTful API using WSO2 API Manager. My problem is that the responses from the backend API are left untouched so all the urls that connect to other endpoints still reference the backend server rather than the proxy. I need a way to replace those url values in the response body to point to the proxied api. I understand this can be accomplished via Mediation Extensions, using ESB Mediators.
I'm not familiar enough with them to pick the one better suited for the job. URLRewrite mediator looks pretty straightforward, but it doesn't seem to apply to the message body but the headers. Payload Factory seems to require a fixed structure for the message, which is not very convenient for me, since I need it to work on the different responses that my API provides (and I wouldn't want to maintain those structures in the mediator definition).
I've managed to solve it by setting the headers my application checks to build its urls:X-Forwarded-Host and X-Forwarded-Proto.
So I've created a Header Mediator that looks like:
<sequence xmlns="http://ws.apache.org/ns/synapse" name="WSO2AM--Ext--In">
<header name="X-Forwarded-Host" expression="get-property('transport','Host')" scope="transport"/>
<header name="X-Forwarded-Proto" value="https" scope="transport"/>
</sequence>
And that did the trick.