We Keep Coding

Auth.net Hosted Accept: User authentication failed due to invalid authentication values

I created an Accept hosted integartion. This integration works fine in sandbox mode, but fails in LIVE mode with the following error:
User authentication failed due to invalid authentication values.
I verified that my transactionKey and api_login_id are correct and that I am using the correct URL.
The settings on the auth.net account are set to LIVE.
What else could be the issue? I see banter about requiring a signature key also, but nothing in the docs.
Below is the code for the request:
<getHostedPaymentPageRequest xmlns="AnetApi/xml/v1/schema/AnetApiSchema.xsd">
<merchantAuthentication>
<name>{hidden api_login_id}</name>
<transactionKey>{hidden transaction key}</transactionKey>
</merchantAuthentication>
<transactionRequest>
<transactionType>authCaptureTransaction</transactionType>
<amount>7.94</amount>
<order>
<invoiceNumber>138437174</invoiceNumber>
</order>
<billTo>
<firstName>First</firstName>
<lastName>Last</lastName>
<company>Company</company>
<address>Address</address>
<city>City</city>
<state>ST</state>
<zip>11111</zip>
<country>US</country>
</billTo>
<shipTo>
<firstName>First</firstName>
<lastName>Last</lastName>
<company>Company</company>
<address>Address</address>
<city>City</city>
<state>ST</state>
<zip>11111</zip>
<country>US</country>
</shipTo>
</transactionRequest>
<hostedPaymentSettings>
<setting>
<settingName>hostedPaymentBillingAddressOptions</settingName>
<settingValue>{"show": true, "required":true}</settingValue>
</setting>
<setting>
<settingName>hostedPaymentButtonOptions</settingName>
<settingValue>{"text": "Pay"}</settingValue>
</setting>
<setting>
<settingName>hostedPaymentReturnOptions</settingName>
<settingValue>{"showReceipt" : false, "url":"https://www.hiddendomain.com/plugins/authnet_iframe_communicator.html","urlText":"Continue","cancelUrl":"https://www.hiddendomain.com/plugins/authnet_response.php?action=cancel","cancelUrlText":"Cancel"}</settingValue>
</setting>
<setting>
<settingName>hostedPaymentShippingAddressOptions</settingName>
<settingValue>{"show": false, "required":false}</settingValue>
</setting>
<setting>
<settingName>hostedPaymentStyleOptions</settingName>
<settingValue>{"bgColor":"#B00"}</settingValue>
</setting>
<setting>
<settingName>hostedPaymentIFrameCommunicatorUrl</settingName>
<settingValue>{"url": "https://www.hiddendomain.com/plugins/authnet_iframe_communicator.html"}</settingValue>
</setting>
</hostedPaymentSettings>
</getHostedPaymentPageRequest>

Mule getting list of objects from s3 bucket

Need to retrieve the list of objects from S3 bucket through MULE ESB. But when getting the payload.getkey(), it's throws the error: unable to resolve method: org.mule.module.s3.model.ObjectListing.getKey() [arglength=0]]
<http:listener-config name="HTTP_Listener_Configuration" host="localhost" port="9090" doc:name="HTTP Listener Configuration"/>
<s3:config name="Amazon_S3__Configuration" accessKey="XXXXXXX" secretKey="XXXXXXXX" doc:name="Amazon S3: Configuration"/>
<flow name="s3bucket-downloadfilesFlow">
<http:listener config-ref="HTTP_Listener_Configuration" path="/getfiles" doc:name="HTTP"/>
<s3:list-objects config-ref="Amazon_S3__Configuration" bucketName="ge-datastaging-dev" prefix="Mule/inbound/" maxKeys="5" doc:name="Amazon S3"/>
<logger level="INFO" doc:name="Logger"/>
<foreach collection="#[payload]" doc:name="For Each">
<logger level="INFO" doc:name="Logger" message=" inside foreach...... #[payload.getCommonPrefixes()] ...."/>
<logger level="INFO" doc:name="Logger" message=" ################...... #[payload.getNextMarker()] ...."/>
<logger level="INFO" doc:name="Logger" message=" ################...... #[payload.getKey()] ...."/>
</foreach>
</flow>

Instead of looping on payload, do <foreach> on ObjectSummaries object in ObjectListing like this:
<s3:list-objects config-ref="Amazon_S3__Configuration" bucketName="ge-datastaging-dev" prefix="Mule/inbound/" maxKeys="5" doc:name="Amazon S3"/>
<foreach doc:name="For Each" collection="#[payload.objectSummaries]">
<s3:get-object-content config-ref="Amazon_S3__Configuration" bucketName="#[payload.getBucketName()]" key="#[payload.getKey()]" doc:name="Amazon S3"/>
</foreach>

Axis web service consumer and Mule 3.6

I'm going to try latest mule runtime to consume an old Axis web service.
Just trying to use "Web service consumer" component without success.
My first try on a method without parameters result in
org.apache.cxf.interceptor.Fault: Failed to load transport: org/mule/transport axis (org.mule.api.registry.ServiceException). Message payload is of type: MuleUniversalConduit$1
at org.mule.module.cxf.transport.MuleUniversalConduit$2.handleMessage(MuleUniversalConduit.java:194) ~[mule-module-cxf-3.6.1.jar:3.6.1]
...
this is my actual config
mule xmlns:scripting="http://www.mulesoft.org/schema/mule/scripting" xmlns:tls="http://www.mulesoft.org/schema/mule/tls"
xmlns:ws="http://www.mulesoft.org/schema/mule/ws" xmlns:json="http://www.mulesoft.org/schema/mule/json" xmlns:http="http://www.mulesoft.org/schema/mule/http" xmlns:mulexml="http://www.mulesoft.org/schema/mule/xml" xmlns="http://www.mulesoft.org/schema/mule/core" xmlns:doc="http://www.mulesoft.org/schema/mule/documentation"
xmlns:spring="http://www.springframework.org/schema/beans" version="CE-3.6.1"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.mulesoft.org/schema/mule/tls http://www.mulesoft.org/schema/mule/tls/current/mule-tls.xsd
http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-current.xsd
http://www.mulesoft.org/schema/mule/core http://www.mulesoft.org/schema/mule/core/current/mule.xsd
http://www.mulesoft.org/schema/mule/ws http://www.mulesoft.org/schema/mule/ws/current/mule-ws.xsd
http://www.mulesoft.org/schema/mule/http http://www.mulesoft.org/schema/mule/http/current/mule-http.xsd
http://www.mulesoft.org/schema/mule/xml http://www.mulesoft.org/schema/mule/xml/current/mule-xml.xsd
http://www.mulesoft.org/schema/mule/json http://www.mulesoft.org/schema/mule/json/current/mule-json.xsd
http://www.mulesoft.org/schema/mule/scripting http://www.mulesoft.org/schema/mule/scripting/current/mule-scripting.xsd">
<tls:context name="MyWSTLS_Context" doc:name="TLS Context">
<tls:trust-store path="trustStore/truststore.ts" password="secret"/>
<tls:key-store path="trustStore/keystore.jks" password="secret" keyPassword="toosecret"/>
</tls:context>
<ws:consumer-config name="MyWS_WS_getVersion_Consumer" wsdlLocation="Version.wsdl" service="VersionService" port="Version" serviceAddress="axis:http://staging.myws.com/myws/services/Version" doc:name="Web Service Consumer" connectorConfig="HTTPS_MyWSRequest_Configuration"/>
<http:request-config name="HTTPS_MyWSRequest_Configuration" protocol="HTTPS" host="staging.myws.com" port="443" basePath="/MyWS/services" doc:name="HTTP Request Configuration" tlsContext-ref="MyWSTLS_Context"/>
<http:listener-config name="MyWS_Listener_Configuration" host="0.0.0.0" port="8081" doc:name="HTTP Listener Configuration"/>
<flow name="wsconsumerFlow">
<http:listener config-ref="MyWS_Listener_Configuration" path="/consumer" doc:name="HTTP"/>
<ws:consumer config-ref="MyWS_WS_getVersion_Consumer" operation="getVersion" doc:name="Web Service Consumer"/>
<logger level="INFO" doc:name="Logger"/>
</flow>
</mule>
The service is an rpc style an requires array of strings as parameters.
Any hint appreciated.

The deprecated but still shipped for backwards compatibility transport for axis is getting into your way.
Just change the axis: from the service address, hopefully it should work if there are no other problems.

Use Topic object when communicating with amazon SNS api through mule

I'm using Anypoint Studio to experiment with connectors. At this point, i'm trying to make a simple flow that lists topics available at the amazon SNS endpoint and searches if a certain topic is available.
So far, i'm able to get a response from the API with the list of topics, which i then transform to json using Object to JSON transformer, but i want to iterate through the list to search for a certain topic(using java or whatever filter). The topic entity already exists in the amazon API in Anypoint Studio but i can't find out how to map it to the response returned by the API. Any hint would be appreciated.
EDIT: Here is the code of the flow, removed access keys.
<?xml version="1.0" encoding="UTF-8"?>
<sns:config name="Amazon_SNS" accessKey="" secretKey="" doc:name="Amazon SNS" region="EUWEST1">
<sns:connection-pooling-profile initialisationPolicy="INITIALISE_ONE" exhaustedAction="WHEN_EXHAUSTED_GROW"/>
</sns:config>
<http:listener-config name="HTTP_Listener_Configuration" host="localhost" port="8081" doc:name="HTTP Listener Configuration"/>
<json:object-to-json-transformer name="Object_to_JSON" doc:name="Object to JSON"/>
<flow name="CreateTopic">
<http:listener config-ref="HTTP_Listener_Configuration" path="/createtopic" doc:name="HTTP"/>
<sns:create-topic config-ref="Amazon_SNS" doc:name="Amazon SNS">
<sns:create-topic-request name="#[message.inboundProperties.'http.query.params'.name]"/>
</sns:create-topic>
<json:object-to-json-transformer doc:name="Object to JSON"/>
</flow>
<flow name="Subscribe">
<http:listener config-ref="HTTP_Listener_Configuration" path="/Subscribe" doc:name="HTTP"/>
<sns:subscribe config-ref="Amazon_SNS" doc:name="Amazon SNS">
<sns:subscribe-request topicArn="#[message.inboundProperties.'http.query.params'.topic]" protocol="email" endpoint="#[message.inboundProperties.'http.query.params'.subscriber]"/>
</sns:subscribe>
<json:object-to-json-transformer doc:name="Object to JSON"/>
</flow>
<flow name="ListTopics">
<http:listener config-ref="HTTP_Listener_Configuration" path="/listTopics" doc:name="HTTP"/>
<sns:list-topics config-ref="Amazon_SNS" doc:name="Amazon SNS">
</sns:list-topics>
<json:object-to-json-transformer doc:name="Object to JSON"/>
</flow>
<flow name="Publish">
<http:listener config-ref="HTTP_Listener_Configuration" path="/publish" doc:name="HTTP"/>
<sns:publish config-ref="Amazon_SNS" doc:name="Amazon SNS">
<sns:publish-request topicArn="#[message.inboundProperties.'http.query.params'.topic]" message="There's new content in the topic #[message.inboundProperties.'http.query.params'.topic]" subject="New comments on an idea - Crowdsourcing Forums" messageStructure="Raw"/>
</sns:publish>
<json:object-to-json-transformer doc:name="Object to JSON"/>
</flow>
<flow name="checkTopic">
<http:listener config-ref="HTTP_Listener_Configuration" path="/checkTopic" doc:name="HTTP"/>
<sns:get-topic-attributes config-ref="Amazon_SNS" doc:name="Amazon SNS">
<sns:get-topic-attributes-request topicArn="#[message.inboundProperties.'http.query.params'.topic]"/>
</sns:get-topic-attributes>
</flow>

The message payload you get from sns:list-topics is a com.amazonaws.services.sns.model.ListTopicsResult.
So you can use a MEL transformer to filter the topic list with an expression like:
($ in message.payload.topics if $.topicArn contains 'my-topic')
Reference: Projections and folds in MVEL 2.0

Axis 2 and Rampart- why does service return wsse:Security header in request?

I'm connecting to a secure service.
I have a SOAP UI project configured to use a jks file to provide the certificate, along with appropriate security settings to allow me to get a valid response.
I've have used AXIS 2 and Rampart to create a SOAP request from a JAVA project.
Using TCPMon I've managed to grab the SOAP request.
When the request runs in the JAVA project, I just get the response:
org.apache.axis2.AxisFault: Missing wsse:Security header in request
but if I take the same request, captured in TCPMon and put it in a SOAP UI project, I get a response successfully.
Anyone got any ideas?
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"> <soapenv:Header>
<wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
soapenv:mustUnderstand="1">
<wsu:Timestamp xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
wsu:Id="Timestamp-1">
<wsu:Created>2012-06-01T15:09:12.520Z</wsu:Created>
<wsu:Expires>2012-06-01T15:14:12.520Z</wsu:Expires>
</wsu:Timestamp>
<wsse:BinarySecurityToken xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary"
ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"
wsu:Id="CertId-ECDB0E....01">
MIID4DCCA0mgAwIBAgIBFjAN....</wsse:BinarySecurityToken>
<ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
Id="Signature-2">
<ds:SignedInfo>
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
<ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" />
<ds:Reference URI="#Id-15..93">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
<ds:DigestValue>
3wgvhJ8SI2soC..IA=</ds:DigestValue>
</ds:Reference>
<ds:Reference URI="#Timestamp-1">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
<ds:DigestValue>
VlzDT69YEl..qTlbj0=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>
ZCRypw/..=</ds:SignatureValue>
<ds:KeyInfo Id="KeyId-ECD..2">
<wsse:SecurityTokenReference xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
wsu:Id="STRId-ECDB0E6..6193">
<wsse:Reference URI="#CertId-ECDB0E..01"
ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3" />
</wsse:SecurityTokenReference>
</ds:KeyInfo>
</ds:Signature>
</wsse:Security></soapenv:Header><soapenv:Body xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="Id-15..3"><ns2:ProductSearchV2Request xmlns:ns2="http://product.webservice.sxc.com">
<ns2:Strength>900</ns2:Strength>
<ns2:MaximumResultSetInd>true</ns2:MaximumResultSetInd>
<ns2:MaximumResultSet>100</ns2:MaximumResultSet>
</ns2:ProductSearchV2Request>
This is the WS-POLICY document that I'm using:
<?xml version="1.0" encoding="UTF-8"?>
<!--
!
! Copyright 2006 The Apache Software Foundation.
!
! Licensed under the Apache License, Version 2.0 (the "License");
! you may not use this file except in compliance with the License.
! You may obtain a copy of the License at
!
! http://www.apache.org/licenses/LICENSE-2.0
!
! Unless required by applicable law or agreed to in writing, software
! distributed under the License is distributed on an "AS IS" BASIS,
! WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
! See the License for the specific language governing permissions and
! limitations under the License.
!-->
<wsp:Policy wsu:Id="SigOnly"
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy">
<wsp:ExactlyOne>
<wsp:All>
<sp:AsymmetricBinding xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
<wsp:Policy>
<sp:InitiatorToken>
<wsp:Policy>
<sp:X509Token
sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient">
<wsp:Policy>
<sp:RequireThumbprintReference/>
<sp:WssX509V3Token10/>
</wsp:Policy>
</sp:X509Token>
</wsp:Policy>
</sp:InitiatorToken>
<sp:RecipientToken>
<wsp:Policy>
<sp:X509Token
sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Never">
<wsp:Policy>
<sp:RequireThumbprintReference/>
<sp:WssX509V3Token10/>
</wsp:Policy>
</sp:X509Token>
</wsp:Policy>
</sp:RecipientToken>
<sp:AlgorithmSuite>
<wsp:Policy>
<sp:TripleDesRsa15/>
</wsp:Policy>
</sp:AlgorithmSuite>
<sp:Layout>
<wsp:Policy>
<sp:Strict/>
</wsp:Policy>
</sp:Layout>
<sp:IncludeTimestamp/>
<sp:OnlySignEntireHeadersAndBody/>
</wsp:Policy>
</sp:AsymmetricBinding>
<sp:Wss10 xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
<wsp:Policy>
<sp:MustSupportRefKeyIdentifier/>
<sp:MustSupportRefIssuerSerial/>
</wsp:Policy>
</sp:Wss10>
<sp:SignedParts xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
<sp:Body/>
</sp:SignedParts>
<ramp:RampartConfig xmlns:ramp="http://ws.apache.org/rampart/policy">
<ramp:user>ctr</ramp:user>
<ramp:encryptionUser>ctr</ramp:encryptionUser>
<ramp:passwordCallbackClass>com.gtnet.rampart.PWCBHandler
</ramp:passwordCallbackClass>
<ramp:signatureCrypto>
<ramp:crypto provider="org.apache.ws.security.components.crypto.Merlin">
<ramp:property name="org.apache.ws.security.crypto.merlin.keystore.type">JKS</ramp:property>
<ramp:property name="org.apache.ws.security.crypto.merlin.file">build\resources\qa.jks</ramp:property>
<ramp:property name="org.apache.ws.security.crypto.merlin.keystore.password">123123</ramp:property>
</ramp:crypto>
</ramp:signatureCrypto>
</ramp:RampartConfig>
</wsp:All>
</wsp:ExactlyOne>
</wsp:Policy>
Thanks
Alan

It looks as if the error isn't with the outbound request, but with handling the response.
The response doesn't have a security header and when we're trying to unencrypt it, an exception occurs.
I need to somehow change my Rampart configuration to only do outbound security, not inbound
I'll report back :)
Ok the problem was that once Rampart is engaged, it expects the response to have the same security header.
The way I solved the problem was by removing the handler to the Inflow security in the Rampart.mar file.
I'm not sure if this is the best fix, but it worked for us.
To remove the inflow handler:
Unpack the rampart.mar file
Comment out the Inflow section
Zip up the META_INF folder. Then rename the .zip file to be .mar
Now when you use this as there are no handlers defined for inflow, it will just use the standard Axis2 response handler.
I guess if you had several projects using Rampart where some had the security header in the response and some didn't you would need a different approach.
Another approach is detailed here.
It's probably a better approach :
http://blog.rampartfaq.com/2009/11/how-to-generate-non-secure-response-to.html
Exception:
org.apache.axis2.AxisFault: Missing wsse:Security header in request
at
org.apache.rampart.handler.RampartReceiver.setFaultCodeAndThrowAxisFault(RampartReceiver.java:180)
at
org.apache.rampart.handler.RampartReceiver.invoke(RampartReceiver.java:99)
at org.apache.axis2.engine.Phase.invoke(Phase.java:318) at
org.apache.axis2.engine.AxisEngine.invoke(AxisEngine.java:251) at
org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:160) at
org.apache.axis2.description.OutInAxisOperationClient.handleResponse(OutInAxisOperation.java:364)
at
org.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisOperation.java:417)
at
org.apache.axis2.description.OutInAxisOperationClient.executeImpl(OutInAxisOperation.java:229)

After navigating a lot, and reading the same pages several times, I finally got a solution that satisfied me.
From previous post I Quote: "Ok the problem was that once Rampart is engaged, it expects the response to have the same security header." (as the request)
This is absolutely true!
I feel that the best approach is found in the following link: http://xacmlinfo.org/2012/11/09/disabling-ws-security-for-in-or-out-messages-in-axis2/
However, in my case, I didn't want to make a new module, so I decided to emulate the module in my code. I tried to explain it in three steps.
(First) I used a default policy (take from the previous link), as a method in my code. (It's worked for Axis 1.6.2 and the compatible version of Rampart)
private String getPolicy()
{
return "xml for policy"
}
Important the method must return the following xml as String (better reading)
<wsp:Policy wsu:Id="emptryPolicy"
xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<wsp:ExactlyOne>
<wsp:All>
<sp:TransportBinding xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
<wsp:Policy>
</wsp:Policy>
</sp:TransportBinding>
</wsp:All>
</wsp:ExactlyOne>
</wsp:Policy>
(Second) I created a Policy (object) based on the previous method.
InputStream stream = new ByteArrayInputStream(getPolicy().getBytes());
Policy p = PolicyEngine.getPolicy(stream);
(Third) I used the properties of KEY_RAMPART_IN_POLICY and KEY_RAMPART_OUT_POLICY.
Stub._getServiceClient().getOptions().setProperty(RampartMessageData.KEY_RAMPART_OUT_POLICY, the security policy of the web service);
Stub._getServiceClient().getOptions().setProperty(RampartMessageData.KEY_RAMPART_IN_POLICY, p);
Important
The security policy of the web service, depends on the security that the web service uses... If your provider supplied the policy in the wsdl, you would not have to struggle with this... but in other cases, you just use the Rampart Policies. In the rampart site, are examples described very clear for each type of security policy. (UsernameToken Authentication, AsymmetricBinding, etc.)
This example fashions a request with security and response without security.
It Works for me!

In my case same problem but i got success response by changing the soap request version name space uri in the stub. i have change the name space uri from "http://www.w3.org/2003/05/soap-envelope" to "http://schemas.xmlsoap.org/soap/envelope/".