WSO2 IS / AGW update challenge questions only updating "admin" account - wso2-identity-server

We are using WSO2 IS 5.0.0 / API Manager 1.9.1. We created a Rest API to handle the call for the internal WSO2 soap call setChallengeQuestionsOfUser in the UserIdentityManagementAdminService, however when we call this method with a specific userName the method will always update the Admin account.
Here is a code we are using to invoke the soap service
<resource methods="POST" url-mapping="/updatechallengequestionofuser" faultSequence="fault"> <!-- Only Updating admin -->
<inSequence>
<class name="org.wso2.carbon.apimgt.gateway.mediators.TokenPasser"/>
<property name="USERNAME" expression="//userName" scope="default" type="STRING"/>
<property name="USERANSWER1" expression="//userAnswer1" scope="default" type="STRING"/>
<property name="QUESTIONSETID1" expression="//questionSetId1" scope="default" type="STRING"/>
<property name="QUESTIONTEXT1" expression="//questionText1" scope="default" type="STRING"/>
<property name="USERANSWER2" expression="//userAnswer2" scope="default" type="STRING"/>
<property name="QUESTIONSETID2" expression="//questionSetId2" scope="default" type="STRING"/>
<property name="QUESTIONTEXT2" expression="//questionText2" scope="default" type="STRING"/>
<property name="USERANSWER3" expression="//userAnswer3" scope="default" type="STRING"/>
<property name="QUESTIONSETID3" expression="//questionSetId3" scope="default" type="STRING"/>
<property name="QUESTIONTEXT3" expression="//questionText3" scope="default" type="STRING"/>
<payloadFactory media-type="xml">
<format>
<ser:setChallengeQuestionsOfUser xmlns:ser="http://services.mgt.identity.carbon.wso2.org" xmlns:xsd="http://dto.mgt.identity.carbon.wso2.org/xsd">
<ser:userName>$1</ser:userName>
<ser:challengesDTOs>
<xsd:answer>$2</xsd:answer>
<xsd:id>$3</xsd:id>
<xsd:question>$4</xsd:question>
</ser:challengesDTOs>
<ser:challengesDTOs>
<xsd:answer>$5</xsd:answer>
<xsd:id>$6</xsd:id>
<xsd:question>$7</xsd:question>
</ser:challengesDTOs>
<ser:challengesDTOs>
<xsd:answer>$8</xsd:answer>
<xsd:id>$9</xsd:id>
<xsd:question>$10</xsd:question>
</ser:challengesDTOs>
</ser:setChallengeQuestionsOfUser>
</format>
<args>
<arg evaluator="xml" expression="get-property('USERNAME')"/>
<arg evaluator="xml" expression="get-property('USERANSWER1')"/>
<arg evaluator="xml" expression="get-property('QUESTIONSETID1')"/>
<arg evaluator="xml" expression="get-property('QUESTIONTEXT1')"/>
<arg evaluator="xml" expression="get-property('USERANSWER2')"/>
<arg evaluator="xml" expression="get-property('QUESTIONSETID2')"/>
<arg evaluator="xml" expression="get-property('QUESTIONTEXT2')"/>
<arg evaluator="xml" expression="get-property('USERANSWER3')"/>
<arg evaluator="xml" expression="get-property('QUESTIONSETID3')"/>
<arg evaluator="xml" expression="get-property('QUESTIONTEXT3')"/>
</args>
</payloadFactory>
<header name="Action" scope="default" value="urn:setChallengeQuestionsOfUser"/>
<property name="Authorization" expression="fn:concat('Basic ', '<base64String>')" scope="transport"/>
<property name="Accept" expression="text/xml" scope="transport"/>
<property name="ContentType" value="text/xml" scope="axis2"></property>
<property name="messageType" value="text/xml" scope="axis2"></property>
<send>
<endpoint name="UserManagement_APIproductionEndpoint_4">
<address uri="https://wso2dev.comp.org/services/UserIdentityManagementAdminService" format="soap11">
</address>
</endpoint>
</send>
</inSequence>
<outSequence>
<class name="org.wso2.carbon.apimgt.usage.publisher.APIMgtResponseHandler"/>
<property name="ContentType" value="application/json" scope="axis2"></property>
<property name="messageType" value="application/json" scope="axis2"></property>
<send/>
</outSequence>
</resource>
There are no error messages in the wso2carbon.log file but we see that only the account named "admin" is getting updated. We can clear the challengeQuestion fields and run the Rest call again with a valid userName and see it fill out the questions for the admin account again.
This looks to be an issue with the underlying soap call setChallengeQuestionsOfUser. Has anyone identified a way to update the challenge questions for specific users?

If we are going to change the challenge questions of user1, then user1 should be authenticated to call this method.
However in IS 5.1.0 alpha2, users who are having permission "/permission/admin/configure/security" can change other users' challenge questions too.
Isura

Related

Filter mediator not working Properly in WSO2 EI 6.6

I'm trying to handle the response in the out sequence by using filter mediator with condition as (Vin number Updated Successfully) if it's satisfy Then block needs to be excluded but instead of Then block the else block is executed so Please tell me what did I mistaken in the below mentioned code. Thanks!
<outSequence>
<log level="custom">
<property expression="json-eval($.)" name="===Response from COMS==="/>
</log>
<log level="custom">
<property expression="json-eval($)" name="ComsResponse"/>
</log>
<property expression="json-eval($.ComsResponse)" name="Response" scope="default" type="STRING"/>
<filter regex="Vin number Updated Successfully" source="$ctx:Response">
<then>
<payloadFactory description="Form Response Payload" media-type="json">
<format>{"StatusCode":"$1","Message":"$2"}</format>
<args>
<arg value="200"/>
<arg value="Updated Sucessfully"/>
</args>
</payloadFactory>
</then>
<else>
<payloadFactory description="Form Response Payload" media-type="json">
<format>{"StatusCode":"$1","Message":"$2"}</format>
<args>
<arg value="400"/>
<arg value="Unable to Created or Vin Number already exist"/>
</args>
</payloadFactory>
</else>
</filter>
<respond/>
<property description="HTTPStatusCode" name="HTTP_SC" scope="axis2" type="STRING" value="200"/>
<property description="HttpMessageType" name="messageType" scope="axis2" type="STRING" value="application/json"/>
</outSequence>
The property ComsResponse is probably empty.
<property expression="json-eval($.ComsResponse)" name="Response" scope="default" type="STRING"/>
The json-eval statement is looking for a ComsResponse element/key within the message. This does not exist as the result of just $. is only a string.
So currently the filter is testing the regex against an empty string. Try setting the Response property as follows:
<property expression="json-eval($.)" name="Response" scope="default" type="STRING"/>
For more details on the json-eval function check the WSO2 documentation.

WSO2 change reply to send to the caller

Sorry for my English, I'm using Google Translate to help myself.
I'm writing an API call to a web service. The call is ok and the api returns the response to the caller service, but the client wants that the output of the end-point must be changed from WSO2.
I added this outSequence to the api but the return is a returncode 202 without body.
Can someone help me please?
<outSequence>
<sequence key="">
<payloadFactory media-type="json">
<format>
{ "status": "1",
"message": $2
}
</format>
<args>
<arg evaluator="xml" expression="get-property('ERROR_CODE')"/>
<arg evaluator="xml" expression="get-property('ERROR_MESSAGE')"/>
<arg evaluator="xml" expression="get-property('ERROR_DETAIL')"/>
</args>
</payloadFactory>
<property name="messageType" scope="axis2" type="STRING" value="application/json"/>
<send/>
</sequence>
</outSequence>
I think you should try something like this instead
<inSequence>
<sequence key="">
<payloadFactory media-type="json">
<format>
{ "status": "1",
"message": $2
}
</format>
<args>
<arg evaluator="xml" expression="get-property('ERROR_CODE')"/>
<arg evaluator="xml" expression="get-property('ERROR_MESSAGE')"/>
<arg evaluator="xml" expression="get-property('ERROR_DETAIL')"/>
</args>
</payloadFactory>
<property name="messageType" scope="axis2" type="STRING" value="application/json"/>
<send/>
</inSequence>
<outSequence>
<property expression="json-eval($)" name="body-before-aggreg" scope="default" type="STRING"/>
<aggregate>
<completeCondition>
<messageCount max="-1" min="-1"/>
</completeCondition>
<onComplete aggregateElementType="root" expression="json-eval($)">
<!--get back from send body here in outsequence!-->
<respond/>
</onComplete>
</aggregate>
</outSequence>
<faultSequence>
<log level="custom">
<property name="text" value="An unexpected error occured for service"/>
<property expression="get-property('ERROR_MESSAGE')" name="message"/>
</log>
<respond/>
</faultSequence>
</resource>
</api>
please note that when you use send -> response messages will go through the Out mediator.

How to create a Global Variable in Wso2 ESB

I am new to the WSO2 esb,Am working with wso2esb 4.7.0,wso2dss 3.0.0.
I want to create a global variable and call that variable into my proxy services
My proxy is as shown below
<proxy xmlns="http://ws.apache.org/ns/synapse" name="Get_details" transports="https,http" statistics="disable" trace="disable" startOnLoad="true">
<target endpoint="Endpoint">
<inSequence>
<property name="messageType" value="application/json" scope="axis2" type="STRING"/>
<property name="username" expression="//username/text()" scope="default" type="STRING"/>
<property name="password" expression="//password/text()" scope="default" type="STRING"/>
<log>
<property name="username" expression="get-property('username')"/>
<property name="password" expression="get-property('password')"/>
</log>
<payloadFactory media-type="xml">
<format>
<p:select_login_op xmlns:p="http://ws.wso2.org/dataservice">
<p:username>$1</p:username>
<p:password>$2</p:password>
</p:select_login_op>
</format>
<args>
<arg evaluator="xml" expression="get-property('username')"/>
<arg evaluator="xml" expression="get-property('password')"/>
</args>
</payloadFactory>
<property name="Get" expression="fn:concat('http://192.168.1.201:9764/services/', 'Get_details')"/>
<header name="To" expression="get-property('Get')"/>
<send>
<endpoint>
<default/>
</endpoint>
</send>
</inSequence>
<outSequence>
<send/>
</outSequence>
</target>
<description/>
</proxy>
In the above proxy i have used concat function to combine my Url and Service name,here what i want to do is i want to use a variable instead of url by creating a global variable and assign the url as its value and use that variable in the concat function instead of url in this proxy and several other proxy also.
How can this be done?
You can save the value as a Local Registry Entry and use it from inside proxy services. For example if I have a Local Entry called 'MyURL' I can use it as below
synapse:get-property('MyURL')
Another example;
<log level="custom">
<property name="MyURL" expression="synapse:get-property('MyURL')"/>
</log>
A sample for ESB 5.0.0:
Suppose we have the current time in a property named nowTimeProp.
<property name="nowTimeProp" expression="get-property('SYSTEM_TIME')" scope="default"/>
Storing the property in the registry:
<property name="conf:/resource/yourResourceName" type="STRING" expression="$ctx:nowTimeProp" scope="registry"/>
Later, we'd like to read the property from the registry:
<property name="lastStoredInstantProp" expression="get-property('registry', 'conf:/resource/yourResourceName')"/>

Issue regarding filter in wso2esb

I'm using wso2dss3.1.0 and wso2esb 4.7.0.
I wish to filter the condition for that I have user filter mediator.
My proxy is like :
<filter xpath="get-property('mailid1')=''">
<then>
<log level="custom">
<property name="service called" value="then of inner filter"/>
<property name="mailid exist" value="creating new entry in muser with phonenumber as username"/>
</log>
<payloadFactory>
<format>
<p:Capp_insert_emercontactid xmlns:p="http://ws.wso2.org/dataservice">
<p:username>$1</p:username>
<p:firstname>$2</p:firstname>
<p:lastname>$3</p:lastname>
<p:phonenumber>$4</p:phonenumber>
<p:mailid>$5</p:mailid>
</p:Capp_insert_emercontactid>
</format>
<args>
<arg expression="get-property('phoneno1')" evaluator="xml"/>
<arg expression="get-property('firstname')" evaluator="xml"/>
<arg expression="get-property('lastname')" evaluator="xml"/>
<arg expression="get-property('phoneno1')" evaluator="xml"/>
<arg expression="get-property('mailid1')" evaluator="xml"/>
</args>
</payloadFactory>
<property name="HTTP_METHOD" value="POST" scope="axis2" type="STRING"/>
<property name="RESPONSE" value="true" scope="default" type="STRING"/>
<property name="NO_ENTITY_BODY" action="remove" scope="axis2"/>
<log level="full"/>
<send receive="UpdateEmergencyContact_seq3">
<endpoint>
<address uri="http://localhost:9764/services/Capp_MuserDataservice/" format="soap11"/>
</endpoint>
</send>
</then>
<else>
<log level="custom">
<property name="service called" value="else of inner filter"/>
<property name="Phonenumber exist" value="creating new entry in muser with mailid as username"/>
</log>
<payloadFactory>
<format>
<p:Capp_insert_emercontactid xmlns:p="http://ws.wso2.org/dataservice">
<p:username>$1</p:username>
<p:firstname>$2</p:firstname>
<p:lastname>$3</p:lastname>
<p:phonenumber>$4</p:phonenumber>
<p:mailid>$5</p:mailid>
</p:Capp_insert_emercontactid>
</format>
<args>
<arg expression="get-property('mailid1')" evaluator="xml"/>
<arg expression="get-property('firstname')" evaluator="xml"/>
<arg expression="get-property('lastname')" evaluator="xml"/>
<arg expression="get-property('phoneno1')" evaluator="xml"/>
<arg expression="get-property('mailid1')" evaluator="xml"/>
</args>
</payloadFactory>
<property name="HTTP_METHOD" value="POST" scope="axis2" type="STRING"/>
<property name="RESPONSE" value="true" scope="default" type="STRING"/>
<property name="NO_ENTITY_BODY" action="remove" scope="axis2"/>
<log level="full"/>
<send receive="UpdateEmergencyContact_seq3">
<endpoint>
<address uri="http://localhost:9764/services/Capp_MuserDataservice/" format="soap11"/>
</endpoint>
</send>
</else>
</filter>
I wish to do:
If mailid and phonenumber present in request then insert mailid as
username.
If only mailid present insert it as username.
if mailid absent insert phonenumber as username.
and configuration I have written is eorkinh fine for else part.
When mailid present proxy allow to insert it as username.
But problem occurred while mailid absent.In this case it sends blank username.. Even not accept hardcoded value.
Log for above at server side is like:
[2014-06-25 10:29:29,676] INFO - LogMediator phoneno1 = 111, mailid1 =
[2014-06-25 10:29:29,677] INFO - LogMediator service called = else of inner filter, Phonenumber exist = creating new entry in muser with mailid as username
[2014-06-25 10:29:29,681] INFO - LogMediator To: http://www.w3.org/2005/08/addressing/anonymous, WSAction: , SOAPAction: , MessageID: urn:uuid:f7e63fab-168c-4364-b49b-6c68d6e84eff, Direction: response, Envelope: <?xml version='1.0' encoding='utf-8'?><soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"><soapenv:Body><p:Capp_insert_emercontactid xmlns:p="http://ws.wso2.org/dataservice"><p:username> </p:username><p:firstname>y1</p:firstname><p:lastname>y2</p:lastname><p:phonenumber/><p:mailid> </p:mailid></p:Capp_insert_emercontactid></soapenv:Body></soapenv:Envelope>
[2014-06-25 10:29:29,723] INFO - LogMediator service called = UpdateEmergencyContact_seq3, userid exist = updating appusers emergency contact with newly insert userid, userid of new entry = 391529635516515404
Where is exact problem?
Am I missing something or doing some wrong while writing filter?
Please let me know soon.
it is simple error ..In your else condition . you are passing mail id as username..So, if mailid is not there, username also empty. Check your payload fcatory argument expression
in your filter xpath use boolean(get-property('mailid1')) and compare it with true and false.

How we can count the objects in Iterator using wso2esb

I am getting array list from my front end that i need to insert into a table using Wso2esb and dss i have almost done that functionality using iterator.I need to give response to front end whenever insertion over of that array list. i wish to count the any obejects which is iterating number of times
my code is like this
<iterate continueParent="true"
id="QuestionListMobile"
expression="//QuestionsList">
<target>
<sequence>
<property name="ttemplateformid"
expression="get-property('ttemplateformid')"
scope="default"
type="STRING"/>
<payloadFactory>
<format>
<p:Insert_ttemplatedetails_Mobile_Op xmlns:p="http://ws.wso2.org/dataservice">
<xs:templateformid xmlns:xs="http://ws.wso2.org/dataservice">$1</xs:templateformid>
<xs:formtemplatesectiondetailid xmlns:xs="http://ws.wso2.org/dataservice">$2</xs:formtemplatesectiondetailid>
<xs:questionid xmlns:xs="http://ws.wso2.org/dataservice">$3</xs:questionid>
<xs:weightage xmlns:xs="http://ws.wso2.org/dataservice">0</xs:weightage>
<xs:rank xmlns:xs="http://ws.wso2.org/dataservice">$4</xs:rank>
<xs:score xmlns:xs="http://ws.wso2.org/dataservice">$5</xs:score>
<xs:remarks xmlns:xs="http://ws.wso2.org/dataservice">$6</xs:remarks>
<xs:feedback xmlns:xs="http://ws.wso2.org/dataservice">$7</xs:feedback>
</p:Insert_ttemplatedetails_Mobile_Op>
</format>
<args>
<arg expression="get-property('ttemplateformid')"/>
<arg expression="//sectionQuestionMapId/text()"/>
<arg expression="//QuestionId/text()"/>
<arg expression="//Rank/text()"/>
<arg expression="//answer/text()"/>
<arg expression="//remark/text()"/>
<arg expression="//Feedback/text()"/>
</args>
</payloadFactory>
<log level="full"/>
<send receive="QuestionsInsertion_Seq3">
<endpoint>
<address uri="http://localhost:9764/services/ttemplatesectiondetail_DataService/"
format="soap11"/>
</endpoint>
</send>
<log level="full"/>
</sequence>
</target>
</iterate>
i am doing well how can i know above how many arrays i got
<sequence xmlns="http://ws.apache.org/ns/synapse"
name="QuestionsInsertion_Seq3"
onError="fault">
<property name="FORCE_ERROR_ON_SOAP_FAULT"
value="true"
scope="axis2"
type="STRING"/>
<property xmlns:f="http://ws.wso2.org/dataservice"
xmlns:ns="http://org.apache.synapse/xsd"
name="ttemplatedetailid"
expression="//f:ttemplatedetailid/text()"
scope="default"
type="STRING"/>
<log>
<property xmlns:ns="http://org.apache.synapse/xsd"
name="Total"
expression="count(//QuestionId/text())"
scope="default"
type="STRING"/>
<property xmlns:f="http://ws.wso2.org/dataservice"
xmlns:ns="http://org.apache.synapse/xsd"
name="ttemplatedetailid"
expression="//f:ttemplatedetailid/text()"/>
</log>
I am loging QuesionId count but i am not getting i am getting as total is 1.0 only
i need to count in proxy only or in sequence
thanx in advance
You can not count the iteration..What you are trying now is, you are getting DS response in your receive sequence, and from the response you are trying to read a value. So, check your response, and see what you are getting from endpoint