I have an api with query parameter:
http://host:9080/xpress/services/getdata?recLimit=10
trying to read it in squence/custom mediator. please advise whether following syntax is correct ? Thank you.
<property name="recLimit" expression="$url:recLimit" />
Yes, it should work.
Ref: https://docs.wso2.com/display/ESB481/Synapse+XPath+Variables#SynapseXPathVariables-$url
Another options is
<property name="uri.var.val1" expression="get-property('uri.var.recLimit')"></property>
Related
It's possible to set a variable of mediator configuration field with a file? I just don't want to hard code the timeout field of a cache mediator, it is possible?
Thanks!
It seems that we are not able to pass an expression to timeout value. [1] only expects an integer to be provided not an expression.
[1]-https://github.com/wso2/carbon-mediation/blob/master/components/mediation-ui/mediators-ui/org.wso2.carbon.mediator.cache.ui/src/main/java/org/wso2/carbon/mediator/cache/ui/CacheMediator.java#L419
You can read a file stored in the registry like this, but I'm not sure if it's possible to change the cache timeout using a variable.
<property name="xmlFile" expression="get-property('registry','gov:/test.xml')" scope="default" type="OM"></property>
<log level="custom">
<property name="Book_Name" expression="$ctx:xmlFile//book"></property>
</log>
Ref: https://movingaheadblog.blogspot.com/2015/09/wso2-esb-how-to-read-value-from-xml.html
I am implementing handler for REST API in Java (org.apache.synapse.rest.Handler interface). And there is a case, when I need to access Secure Vault and get a value.
I know that you are able to achieve this by expression="wso2:vault-lookup('YOUR.KEY.HERE')" in sequence, but can't find api to do this in handler. I believe that org.apache.synapse.MessageContext can help, but not sure how.
You can use below code segment in the custom handler.
public String getSecretPassword(String alias, MessageContext messageContext){
RegistrySecretRepository regRepo = new RegistrySecretRepository();
regRepo.setSynCtx(messageContext);
return regRepo.getSecret(alias);
}
Dependency for pom.xml, the version needs to be changed according to your product version.
<dependency>
<groupId>org.wso2.carbon</groupId>
<artifactId>org.wso2.carbon.mediation.security</artifactId>
<version>4.2.0</version>
</dependency
Please refer - http://malantech.blogspot.com/2016/10/basic-authentication-handler-with.html
Thanks
I believe you will not be able to get the value of the security vault directly from your handler so I advise you to recover the password and put it in a property and inside your handler to retrieve the property.
<property name="passwordvault"
expression="wso2:vault-lookup('YOUR.KEY.HERE')"
scope="default"/>
And use the MessageContext to get the propertie like this:
context.getProperty("passwordvault");
That's just a workaround which is not advisable , i believe you can try below code as i have used similar earlier as well and it worked
<property expression="wso2:vault-lookup('ei.training.userid')" name="UserID" scope="default" type="STRING"/>
<log>
<property expression="wso2:vault-lookup('ei.training.userid')" name="UID"/>
</log>
And I will answer my own question.
I've created a dummy sequence and placed it into Registry
<sequence name="SecureVaultSeq" trace="disable" xmlns="http://ws.apache.org/ns/synapse">
<property expression="wso2:vault-lookup('MY.PASS')" name="NAME"
scope="default" type="STRING"
xmlns:ns="http://org.apache.synapse/xsd" xmlns:ns3="http://org.apache.synapse/xsd"/>
</sequence>
Then in my handler i retrieved it like this:
messageContext.getConfiguration().getSequence("conf:Resources/sequences/SecureVaultSeq.xml").mediate(messageContext);
key = (String) messageContext.getProperty("NAME");
Hope this will help someone.
To prevent Log injection, I need to validate the query parameters (country, pesticide and crop) in WSO2 AM. the API looks like below,
http://172.17.100.149/api/mrldatabase/v1/reports?country=AUS&pesticide=ABew30000&crop=22020347
Really appreciate if someone can show me a way of validation.
You can write a custom mediation sequence for this. See docs.
You can read query params like this. See this for more details.
<sequence xmlns="http://ws.apache.org/ns/synapse" name="admin--Temp:v1.0.0--In">
<log level="custom">
<property name="SubPath" expression="$ctx:REST_SUB_REQUEST_PATH"/>
</log>
</sequence>
I'm looking for a way to communicate the user and the subscribed application name from the WSO2 API Manager to specific API's. I already found documentation on using JWT for this, but that would imply that all connected API's get this information, something that is not desirable in our scenario.
Can the same be accomplished using some sort of mediation sequence? I can't find any proper documentation on what parameters and fields are available there.
Thanks in advance.
Yes you can write a custom mediation sequence like this.
<sequence xmlns="http://ws.apache.org/ns/synapse" name="admin--Temp:v1.0.0--In">
<property name="UserName" scope="transport" expression="$ctx:api.ut.userName"/>
<property name="AppName" scope="transport" expression="$ctx:api.ut.application.name"/>
<log level="custom">
<property name="User" expression="$trp:UserName"/>
<property name="App" expression="$trp:AppName"/>
</log>
</sequence>
Here I'm creating 2 transport headers with user name and app name.
I have the config with development and production sections. This sections contain the URLs of backends. In my inSequence i need it to Callout to these backends several times per request.
<config>
<env>prod</env>
<backend env="prod">http://localhost:1234/</backend>
<backend env="dev">http://localhost:2345/</backend>
</config>
I read this config from Local Entry (as XML) and want to set Callout's URL as an Property.
I don't want to hardcode these backends inside my code with "Switch" statement, because it's possible to use more than two environments.
Could you please show me an example?
Thank you.
You can read xml file in registry. Simply define property of OM type like this:
<property name="test" expression="get-property('registry','conf:/test.xml')" scope="default" type="OM" />
Then you can see the value by logging like this:
<log level="custom"> <property name="test.b" expression="$ctx:test//b" /> </log>
And in the xml file that you have put in the root of registry, you would fill it like:
<a>Hello<b>WSO2</b></a>
I have learned it from this link.
I found the answer. According to source of Callout mediator:
CalloutMediator.java
It uses "To" header if URL is not specified.