I would like to ask for help, as you can electronically sign the SOAP message content in WSO2 EI, I really do not find much information. Can you guide me about it?
Not sure if I got ir right, but you can sign SOAP messages using rampart in wso2. You have to define your security policy and add it to the enpoint mediator.
Example:
<send>
<endpoint name="secure">
<address uri="http://localhost:9000/services/SecureStockQuoteService">
<enableSec policy="sec_policy"/>
<enableAddressing/>
</address>
</endpoint>
</send>
You can find further information here.
Signing messages
Rampart
Related
I'm using WSO2 EI 6.3.0 and WSO2 Developer Studio 3.8.0.
I'm working with an ESB Project and a Proxy Service inside it.
The Proxy service is a simple pass through service;
it receives a request from a webapp and forward it to a
Soap Web Service, gets the response from the WS and gives
it back to the web app.
I realized this configuration following this tutorial:
https://youtu.be/3OsuGhEMQgc
The setup is very simple, everything worked fine until I found
a web service whose endpoint has http basic authentication.
I made it work thanks to this article:
https://medium.com/#Jenananthan/wso2-esb-how-to-invoke-basic-auth-protected-endpoint-service-5bcdd8290cb4
Here follows the xml that describes the proxy service:
<?xml version="1.0" encoding="UTF-8"?>
<proxy name="ProxyWithBasicAuth" startOnLoad="true" trace="disable" transports="https" xmlns="http://ws.apache.org/ns/synapse">
<target>
<endpoint name="endpoint_urn_uuid_xxxxxxxx-yyyy-zzzz-1111-234567892345">
<address trace="disable" uri="https://here.goes.the.uri.of.the.ws.endpoint"/>
</endpoint>
<inSequence>
<property value="this_is_the_username" name="username" scope="default" type="STRING"/>
<property value="this_is_the_password" name="password" scope="default" type="STRING"/>
<property expression="fn:concat($ctx:username,':',$ctx:password)" name="credentials" scope="default" type="STRING"/>
<property expression="fn:concat('Basic ', base64Encode($ctx:credentials))" name="Authorization" scope="transport" type="STRING" xmlns:ns="http://org.apache.synapse/xsd"/>
</inSequence>
<outSequence>
<send/>
</outSequence>
<faultSequence/>
</target>
</proxy>
So, this configuration (xml file) is working, but I wrote all
the section that enables basic auth without using any visual or drag and drop element of the gui.
My questions are:
1) is this the right way to setup basic auth on a proxy service?
2) is there any gui (drag and drop) element that allows to do this setup visually?
Note: I do not need to struggle with basic authentication between
"clients" and the ESB Proxy Service; this question is about basic
authentication between ESB Proxy Service and an "external" web service.
What you have done is correct. To invoke a service secured with Basic Auth, we just have to set the Authorization header to the message. You could use Header Mediator[1] or the Property mediator (as you have already used) to do that. There is no special Mediator (or a GUI element in the Tool) specifically designed for setting the Authorization header.
Btw, you could consider storing passwords in the secure-vault[2] rather than having it in plain text in the Synapse configuration.
[1] https://docs.wso2.com/display/EI640/Header+Mediator
[2] https://docs.wso2.com/display/EI640/Working+with+Passwords+in+the+ESB+profile
I am facing an issue where the receiving application (consumer/listener of an IBM MQ) cannot handle MQHRF2 format and is expecting the raw MQSTR format instead.
When put a plain old XML message into the queue using WSO2 Integrator (v. 6.1.1), the receiving application sees:
RFH € zMQSTR z <mcd><Msd>jms_text</Msd></mcd> X<jms>
<Dst>queue://QUEUE_ALIAS</Dst><Tms>1532002363544</Tms><Dlv>2</Dlv></jms>
ahead of my XML message which starts right after the JMS tag.
How can I force WSO2 to put MQSTR instead of MQRFH2 into the Websphere MQ? I have tried the following property just before sending via my endpoint but it has no effect.
<property name="JMS_IBM_FORMAT" value="MQSTR" scope="transport" type="STRING" action="set"/>
<send>
<endpoint key="conf:/endpoints/MY_ENDPOINT.xml"/>
</send>
The endpoint is merely defined as:
<endpoint name="MY_ENDPOINT" xmlns="http://ws.apache.org/ns/synapse">
<address format="pox" uri="jms://QUEUE_ALIAS"/>
</endpoint>
The RFH2 header is added by MQ. If you don't need it, add targetClient=1 to the location URI, like:
queue:///MYQUEUE?targetClient=1
http://www.mqseries.net/phpBB2/viewtopic.php?=&p=171236
Change the queue definition the application gets from as follows:-
ALTER QLOCAL(q-name) PROPCTL(NONE)
I am testing WSO2 Message Broker 3.0 and I miss the functionality of subscribing WS endpoints to topics.
Can this functionality be activated with MB 3.0 as it was in MB 2.x?
I am trying to implement reliable (queued) topic subscription for WS-Endpoints. How can it be implemented using WSO2 MB 3.0?
WS-Eventing removed from WSO2 MB 3.0.0. But you can achieve this by integrating WSO2 MB with WSO2 ESB. This is widely used common integration pattern for reliable messaging and also you could modify/mediate message as necessary in WSO2 ESB before send to actual backend. Let's see how we can do this.
I'll show you how to integrate WSO2 ESB with WSO2 MB in local machine.
Download WSO2 ESB 4.9.0 (latest version) from http://wso2.com/products/enterprise-service-bus/. Hope you have WSO2 MB 3.0.0 (latest version) already in hand.
Once you extract, open wso2esb-4.9.0/repository/conf/carbon.xml file and change <Offset>0</Offset> to <Offset>1</Offset>. This allow you to run multiple carbon servers in single machine. You can access management console https://localhost:9444/carbon
Open wso2esb-4.9.0/repository/conf/axis2/axis2.xml and uncomment section after <!--Uncomment this and configure as appropriate for JMS transport support with WSO2 MB 2.x.x--> for JMS transport receiver and section after <!--uncomment this and configure to use connection pools for sending messages--> for JMS transport sender.
Copy andes-client-3.0.1.jar geronimo-jms_1.1_spec-1.1.0.wso2v1.jar
org.wso2.securevault-1.0.0-wso2v2.jar in wso2mb-3.0.0/client-lib to wso2esb-4.9.0/repository/components/lib
Add below entries to wso2esb-4.9.0/repository/conf/jndi.properties
connectionfactory.QueueConnectionFactory = amqp://admin:admin#clientID/carbon?brokerlist='tcp://localhost:5672'
connectionfactory.TopicConnectionFactory = amqp://admin:admin#clientID/carbon?brokerlist='tcp://localhost:5672'
topic.MyDurableTopic = MyDurbleTopic
First start the WSO2 MB and then start WSO2 ESB by running wso2server.sh or wso2server.bat in bin folder depending on OS you are using
Integration completed.
Let's see how we can create JMS listener proxy which creates durable subscription in WSO2 MB. Go to ESB management console, select Proxy service -> Custom Proxy -> Switch to source view. Then copy and paste below synapse configuration to create the JMS listener.
<?xml version="1.0" encoding="UTF-8"?>
<proxy xmlns="http://ws.apache.org/ns/synapse"
name="MyDurableTopicListenerProxy"
transports="jms"
statistics="disable"
trace="disable"
startOnLoad="true">
<target>
<inSequence>
<property name="OUT_ONLY" value="true"/>
<log level="custom">
<property name="STATE" value="dispatch message..."/>
</log>
<send>
<endpoint>
<address uri="http://localhost:9000/services/SimpleStockQuoteService"/>
</endpoint>
</send>
</inSequence>
<outSequence>
<send/>
</outSequence>
</target>
<parameter name="transport.jms.ContentType">
<rules>
<jmsProperty>contentType</jmsProperty>
<default>text/xml</default>
</rules>
</parameter>
<parameter name="transport.jms.ConnectionFactory">myTopicConnectionFactory</parameter>
<parameter name="transport.jms.DestinationType">topic</parameter>
<parameter name="transport.jms.SubscriptionDurable">true</parameter>
<parameter name="transport.jms.Destination">MyDurbleTopic</parameter>
<parameter name="transport.jms.DurableSubscriberName">subId-x</parameter>
<parameter name="transport.jms.CacheLevel">consumer</parameter>
<parameter name="transport.jms.DurableSubscriberClientID">subId-x</parameter>
<description/>
</proxy>
You can replace whatever the WS endpoint by changing <address uri="http://localhost:9000/services/SimpleStockQuoteService"/>. Here I was used sample axis2 backend. Once you save the proxy service, it'll create durable subscription with MyDurableTopic in WSO2 MB. You don't need to create MyDurableTopic in WSO2 MB. Subscription will create a durable topic (according to JMS spec.).
Now you can send messages to durable topic and see those messages dispatch to WS endpoint. This is JMS to HTTP (cross protocol) transport. Likewise you can integrate standard pattern with this setup.
Hope this would help!
Cheers!
Can a message be sent to multiple endpoints from within the send mediator in a proxy service?
This link from the WSO2 ESB Send Mediator documentation says under the Syntax chapter that If the message is to be sent to one or more endpoints, then the following is used:
<send>
(endpointref | endpoint)+
</send>
where the endpointref token refers to the following:
<endpoint key="name"/>
I've tried to include two endpoints under send, but the second one gets removed automatically when saving the proxy service (inside the Developer Studio or straight in the ESB Stratos interface). I did go to the Synapse page for the Send Mediator to see if they say anything special and their format says:
(endpointref | endpoint)?
Now assuming these characters represent regular expression, ? stands for 0 or 1 times, + is 1 or more times. Did WSO2 implement this extra "one or more endpoints" feature on top of Synapse Send Mediator or is it just a mistake on the documentation pages. If they did, what's the exact syntax to make it work?
Thank you!
Actually you can use Recipienlist endpoint to send a single message to multiple endpoints.
After defining recipient list store taht as localentry and provide that as endpoint key.
You can do something like this:
<send>
<endpoint key="jmsMBendpoint1"/>
</send>
<send>
<endpoint key="jmsMBendpoint2"/>
</send>
.I have used this approach and is working for me.
You can use the clone mediator to send to multiple endpoints with specifying respective endpoints as in the below configuration.
<sequence xmlns="http://ws.apache.org/ns/synapse" name="send_to_all">
<clone sequential="false">
<target endpoint="endpoint1"/>
<target endpoint="endpoint2"/>
<target endpoint="endpoint3"/>
</clone>
<drop/>
</sequence>
I create a simple WSDL proxy in WSO2 to allow Soap 1.2 enabled applications to work with Soap 1.1 only external web service. Everything is fine except WSO2 doesn't transform soap11 replies back to soap12 when I send request via Soap12 WSO endpoint.
<proxy xmlns="http://ws.apache.org/ns/synapse" name="MySOAP" transports="http"
statistics="disable" trace="disable" startOnLoad="true">
<target>
<endpoint>
<wsdl service="ExtService" port="ExtPort" uri="https://my.local/wsdl/current
/ExtService.wsdl"/>
<property name="DISABLE_CHUNKING" value="true" scope="axis2"/>
</endpoint>
</target>
<publishWSDL uri="file:///home/sysadmin/MySOAP.wsdl"/>
<description></description>
</proxy>
Has anybody faced anything similar? WSO2 ESB version 4.6.0
You need to add the format as following.
<endpoint>
<address uri="http://localhost:9000/services/SimpleStockQuoteService" format="soap11" />
</endpoint>
Format - The message format for the endpoint. The available values are:
[format="soap11|soap12|pox|get"]
Leave As-Is - No transformation is done to the outgoing message.
SOAP 1.1 - Transforming message to SOAP 1.1.
SOAP 1.2 - Transforming message to SOAP 1.2.
Plain Old XML (POX) - Transforming to plain old XML format
Representational State Transfer (REST) - Transforming to HTTP Get
Request
GET
http://docs.wso2.org/wiki/display/ESB460/Default+Endpoint
This has been an issue for a while now. See jira https://wso2.org/jira/browse/ESBJAVA-1994.
If you don't want to manually transform your response from the backend, uncomment the relevant NHTTP transport entries in axis2.xml and comment out the HTTP PassThrough transport entries.