Using soap services(.asmx) with Azure Service fabric - web-services

I am migrating my existing services to Azure service fabric. My existing application support the soap service(asmx) for the legacy users. I want to use the same web service as part of my microservice. That web service test.asmx(say) can be called from Rest Apis as well(If soln is there). But I'm not finding any way to use the soap service as part of Azure service fabric microservice approach. Help me out of possible solutions for tackling the web service scenario. Thanks!

I recommend converting your ASMX service into a WCF service with a BasicHttpBinding. You can then host your WCF service inside a stateless SF service, like shown here.
private static ICommunicationListener CreateRestListener(StatelessServiceContext context)
{
string host = context.NodeContext.IPAddressOrFQDN;
var endpointConfig = context.CodePackageActivationContext.GetEndpoint("CalculatorEndpoint");
int port = endpointConfig.Port;
string scheme = endpointConfig.Protocol.ToString();
string uri = string.Format(CultureInfo.InvariantCulture, "{0}://{1}:{2}/", scheme, host, port);
var listener = new WcfCommunicationListener<ICalculatorService>(
serviceContext: context,
wcfServiceObject: new WcfCalculatorService(),
listenerBinding: new BasicHttpBinding(BasicHttpSecurityMode.None),
address: new EndpointAddress(uri)
);
return listener;
}

Related

Azure web service as a client to an external service, using a client-side certificate

I need to write a web service and host it in Azure. This service in turn consumes another service from an external site. Therefore, my azure-hosted service is a client to this externally-hosted service. When I make a request of the other service, I need to include a client-side certificate in my request.
Has anybody successfully done this? Is it possible to install a certificate in a web instance in azure? Would it survive the instance restarting? If so, pointers would be appreciated.
I have never worked with client-side certificates (even on a "real" client) so please forgive me if this is a newbee question.
The certificates that are uploaded in the cloud service (see the certificates tab under that cloud service in azure portal), which will host your webrole, will be available in the VM of that webrole. So you can access it from the certificate store and use it while making the external web service call.
A sample is given in this stackoverflow post.
Accessing a web service and a HTTP interface using certificate authentication
You can either add certificate via azure management portal, and azure will add it to machine certificate store once it deploy your application on the VM, or you can keep it with your application, for example as embedded resource and load it manually and use with your webservice call. Like this :
private X509Certificate2 GetAuthCertificate()
{
var assembly = Assembly.GetExecutingAssembly();
Stream stream = null;
var resources = assembly.GetManifestResourceNames();
foreach (var resource in resources)
{
if (resource.EndsWith(certificateFilename))
{
stream = assembly.GetManifestResourceStream(resource);
break;
}
}
if (stream == null)
throw new Exception("Certificate not found in embedded rersources");
using (var ms = new MemoryStream())
{
stream.CopyTo(ms);
var result = new X509Certificate2(ms.ToArray(), "password", X509KeyStorageFlags.Exportable);
return result;
}
}

WSO2 ESB how to securize a proxy by default when deploy

I have a lot of proxies in WSO2 ESB that I have to securize. I need them to be securized using Username Token when deploy, instead of browsing to the dashboard and enabling it one by one.
Any help?
I guess currently, you need to use management console and do it. From the UI, it is calling a backend web service. You can automate process by automating this backend web service. This web service is exposed by following component [1]. You can use soapui or some client program to automate this web service.
[1] http://svn.wso2.org/repos/wso2/carbon/platform/trunk/components/security/org.wso2.carbon.security.mgt/
I had similar requirement, here is how I solved it
Apply Role security to WSO2 ESB Proxy using Java API
Also you can find the test case here on how to use the methods
http://svn.wso2.org/repos/wso2/tags/carbon/3.2.3/products/bps/2.1.1/modules/integration/org.wso2.bps.management.test/src/test/java/org/wso2/bps/management/SecurityTest.java
Well here how the code snippet goes to secure any proxy service with default security scenarios of WSO2 ESB. In WSO2 ESB "scenario1" signifies Usernametoken based security. Now if you wish to secure your proxy with scenario1 follow the below code snippet:
public void applySecurityOnService(String serviceName, String policyId,
String[] userGroups, String[] trustedKeyStoreArray,
String privateStore)
throws SecurityAdminServiceSecurityConfigExceptionException,
RemoteException {
ApplySecurity applySecurity;
applySecurity = new ApplySecurity();
applySecurity.setServiceName(serviceName);
applySecurity.setPolicyId("scenario" + policyId); //scenario1 i.e. for Usernametoken security policyId should be 1
applySecurity.setTrustedStores(trustedKeyStoreArray);
applySecurity.setPrivateStore(privateStore);
applySecurity.setUserGroupNames(userGroups);
stub.applySecurity(applySecurity);
_logger.info("Security Applied Successfully");
}
Here is how you may call this method from your client class:
applySecurityOnService("MyProxy", "1", new String[]{"TestRole"}, new String[]{"wso2carbon.jks"}, "wso2carbon.jks");

Axis2 multiple connection authentication issue

I have two servlets that access two corresponding Axis2 web services on the same host. One of the servlets is read-only, while the other writes to a database.
Each of the Axis2 web services uses BASIC authentication. The read-only web service uses a system account, while the write web service uses the user's credentials (which are submitted as part of a web form).
The problem I'm running into is that the servlet called second always fails authentication to its web service. For example, I can query the read-only service through it's servlet all I want, but I get a "401: Authorization Required" when I try to use the write service. If I call the write service first, I get the same error when I try to use the read-only service.
Here is how I am setting the credentials for the connections in the servlets:
Stub service = new Stub(serviceUrl);
HttpTransportProperties.Authenticator auth = new HttpTransportProperties.Authenticator();
auth.setUsername(username);
auth.setPassword(password);
auth.setPreemptiveAuthentication(true);
service._getServiceClient().getOptions().setProperty(HTTPConstants.AUTHENTICATE, auth);
The servlet that accesses the read-only service has this code in it's constructor. The servlet that accesses the write service has this code in it's doGet/doPost method.
It seems that the credentials for the first service called are getting cached somewhere, but I can't find where that could be. I saw a possible solution here, but I can't find where WSClientConstants.CACHED_HTTP_STATE is defined. The comments in this JIRA issue seems to imply that it's part of org.apache.axis2.transport.http.HTTPConstants but it's not there.
Specifics:
Axis version: 1.5.1
Tomcat Version: 6.0.26
Java version: 1.6.0_23
It turns out the connections to the two different services were using the same JSESSIONID. Thus, the connection to the second web service was trying to use a session authenticated for the first web service, causing the error.
My solution for this was to define an HttpClient for each service, done by the following
MultiThreadedHttpConnectionManager manager = new MuliThreadedHttpConnectionManager();
HttpClient client = new HttpClient(manager);
ConfigurationContext context = ConfigurationContextFactory.createDefaultConfigurationContext();
context.setProperty(HTTPConstants.CACHED_HTTP_CLIENT, client);
context.setProperty(HTTPConstants.REUSE_HTTP_CLIENT, true);
Stub service = new Stub(context, serviceUrl);
This allows both servlets to have a separate session for their corresponding services.
The important point is to create a dedicated ConfigurationContext.
I've solved in a simpler way using a default config context when creating the stub without the multithreaded connection factory
stub = new MyStub(ConfigurationContextFactory.createDefaultConfigurationContext(), myServicesUrl);

Rich client (swing) application which connects to Remote database over http

i have a local client j2se application and backend is derby(javadb) database and dao is jpa eclipselink .
how do i send these database pojo to a remote database which linked with spring ( jsp) application on tomcat server
simply this is a rich client with swing which connects to tomcat deployed web application. The client should receive data and send data through HTTP requests to the server-side of the service,
what would be the best solution ??
01) direct database connection/transaction through socket using Eclipselink
02) web service ??
03) just send post request to spring web application and convert it to POJO and persist to database
how do i achieve this??
DISCLAIMER I am not suggesting you port your app from Spring to EJB. Despite how people like to compare them as exclusively one or the other, you can use them both. Its your app, you can be as pragmatic as you want to be :)
You don't necessarily have to use Web Services if you wanted. You could drop the OpenEJB war file into Tomcat as well and create an Remote EJB to send data back and forth.
Once you drop in OpenEJB you can put a remote #Stateless bean in your app like so:
#Stateless
#Remote
public class MyBean implements MyBeanRemote {
//...
}
public interface MyBeanRemote {
// any methods you want remotely invoked
}
Then look it up and execute it over HTTP from your Swing app like so:
Properties p = new Properties();
p.put("java.naming.factory.initial", "org.apache.openejb.client.RemoteInitialContextFactory");
p.put("java.naming.provider.url", "http://tomcatserver:8080/openejb/ejb");
// user and pass optional
p.put("java.naming.security.principal", "myuser");
p.put("java.naming.security.credentials", "mypass");
InitialContext ctx = new InitialContext(p);
MyBean myBean = (MyBean) ctx.lookup("MyBeanRemote");
Client-side all you need are the openejb-client.jar and javaee-api.jar from the OpenEJB war file and your own classes.
Since it's already a Spring app don't bother trying to use #PersistenceContext to get a reference to the EntityManager so the EJB can use it. Just figure out how to expose the EntityManagerFactory that Spring creates (or you create) to the EJB via any means possible. The direct and ugly, but effective, approach would be a static on the MyBean class and a bit of startup logic that sets it. You'd just be using the EJB for remoting so no need for fancier integration.
If you did really need web services for non-java communication or something, you can add #WebService to the top of your bean and then it will have WSDL and all that generated for it:
#Stateless
#Remote
#WebService(portName = "MyBeanPort",
serviceName = "MyBeanService",
targetNamespace = "http://superbiz.org/wsdl"
endpointInterface = "org.superbiz.MyBeanRemote")
public class MyBean implements MyBeanRemote {
//...
}
public interface MyBeanRemote {
// any methods you want remotely invoked
}
Then you can also use the same bean as a web service like:
Service service = Service.create(
new URL("http://tomcatserver:8080/MyBeanImpl?wsdl"),
new QName("http://superbiz.org/wsdl", "MyBeanService"));
assertNotNull(service);
MyBeanRemote myBean = service.getPort(MyBeanRemote.class);
Both approaches are over http, but the web service approach will be a bit slower as it isn't a binary protocol.

How to dynamic create service proxy with JAX-WS

I have common web service interface on each endpoint applications (server and client).
How can I create port on client side without connecting to server for "the same" wsdl?
I search something what present this pseudocode:
MagicProxyFactory proxy = MagicProxyFactory.newInstance(MyServiceInterface.class);
/* then bind service address like that
((BindingProvider)proxy).getRequestContext()
.put(BindingProvider.ENDPOINT_ADDRESS_PROPERTY, "http address");
*/
MyServiceInterface port = (MyServiceInterface) proxy.getPort();
Steps include:
Create the Service instance using the Service.create method
for which you need to know wsdl location, service name, and name space URL of the service.
e.g.
URL wsdlLocation = new URL("http://example.org/my.wsdl");
QName serviceName = new QName("http://example.org/sample", "MyService");
Service s = Service.create(wsdlLocation, serviceName);
Get the service proxy (service port for connecting) using Service.getPort() method.
For this you need to know endpoint implemenattion class name.
e.g. MyService port = s.getPort(MyService.class);
you can now call methods through proxy.
Using Metro? You can't. You need the WSDL to create the proxy. Either bundle the WSDL with your client (preferred) or use a URL from where the WSDL can be downloaded during proxy creation.