I have a TIBCO Web Service that I want to publish on a WSO2 UDDI Server.
I configure the UDDI server on the Infrastructure -> Servers tab and I try to publish my application on the server.
I tried authenticating as root, admin and uddi but I always get the same error on WSO2 Side:
TID: [0] [Greg] [2015-09-10 15:25:28,108] INFO {org.apache.cxf.phase.PhaseInterceptorChain} - Application {urn:uddi-org:v3_service}UDDIPublicationService#{urn:uddi-org:v3_service}save_tModel has thrown exception, unwinding now: org.apache.juddi.v3.error.FatalErrorException: A Key Generator cannot be added for the root publisher. Try signing in as a different user {org.apache.cxf.phase.PhaseInterceptorChain}
I tried to google a bit but I found only answers relevant to WSO2 API Server (which I don't have).
As far as I can remember, the WSO2 server doesn't have any custom configuration. This is the content of my tomcat-user.xml:
<user username="admin" password="admin" roles="tomcat,manager,admin"/>
<user username="root" password="root" roles="tomcat,manager,admin"/>
<user username="uddi" password="uddi" roles="tomcat,manager,admin"/>
jUDDI doesn't allow you to create tModels key generators as the root user. Try it again using a different user name. This is probably in WSO2's configuration. Since it's probably an integration issue between the two, contact WS02 for support.
Alternatively, you can just download jUDDI and use the standalone server and use the the jUDDI web user interface to publish the service.
~ jUDDI PMC
Related
I've got WSO2 IS running and a service provider that has SAML inbound authentication set up. I've enabled the "Enable Signature Validation in Authentication Requests and Logout Requests" checkbox for the SAMl service provider.
If I send an AuthnRequest that is not properly signed, it will error. However, if I send a LogoutRequest with no signature (or with a signature made from a completely different cert/key), it will log my user out without error. How can I enable actual signature validation WSO2 IS?
I'm running the latest WSO2 Docker Container. I believe that is IS 5.7.0 according to this startup logging:
Starting WSO2 Carbon...
Operating System : Linux 4.9.93-linuxkit-aufs, amd64
Java Home : /home/wso2carbon/java/jre
Java Version : 1.8.0_144
Java VM : Java HotSpot(TM) 64-Bit Server VM 25.144-b01,Oracle Corporation
Carbon Home : /home/wso2carbon/wso2is-5.7.0
Java Temp Dir : /home/wso2carbon/wso2is-5.7.0/tmp
Seems the signature validation [1] is skipping in the logout request due to an issue in the code. Please refer the git issue [2] to track this.
[1] https://github.com/wso2-extensions/identity-inbound-auth-saml/blob/ee338982c1add8f75f1132a6b3bacb30cee7989b/components/org.wso2.carbon.identity.sso.saml/src/main/java/org/wso2/carbon/identity/sso/saml/processors/SPInitLogoutRequestProcessor.java#L130
[2] https://github.com/wso2/product-is/issues/4048
I'm looking for help on how to call WS-Trust secured SOAP service from WSO2 ESB.
The idea is to create a non-secure proxy-service which would call WS-Trust secured back-end service, so our SOAP clients wouldn't have to worry about authentication.
I've been going though the documentation and have found nothing of much value. The documentation mentions that WSO2 ESB uses Apache Rampart and more specifically Rahas module to engage WS-Trust secured services, yet there are no examples on how to configure, for example - security token service address.
So far i've found this blog post http://xacmlinfo.org/2012/11/05/how-to-invoke-secured-backend-service-using-wso2-esb/
It runs a similar scenario but without WS-Trust. It uses Rampart configuration inside WS-Policy files, but Rampart configuration doesn't support any WS-Trust attributes.
I've also found this: http://ask.programmershare.com/279_17604398/
Which is more in line with what i'm looking for, but this example is doing the STS calls programmatically and even then unsuccesfully.
Is anyone aware of any examples of a succesfull configuration to call security token service -> service call itself using WSO2 ESB?
Does WSO2 ESB support web services for system management?
I want to develop a desktop program to connect to ESB server and do the administration tasks without using web application.
There is already existing services in side the ESB which is also used by the admin GUI.
Step 1: Make admin services WSDL visible by editing carbon XML ({ESB_HOME}/repository/conf/carbon.xml)
<HideAdminServiceWSDLs>false</HideAdminServiceWSDLs>
Step 2: See which services available for you to use by starting ESB with osgiConsole
sh {ESB_HOME}/bin/wso2server.sh -DosgiConsole
Step 3: See the list of services ( you can type this in ESB command window, just type enter you will get osgi command mode )
osgi> listAdminServices
you can see sample java client login to ESB and listing user roles in below link, just refer this for your service implementation. Basically first need to login to ESB before calling any admin service and use login cookie to call other services on next step.
http://blog.facilelogin.com/2011/03/invoking-wso2-carbon-admin-services.html
WSO2 Identity Server : I am new to WSO2 Identity Server. Could somebody help to get list of REST call and soap call supported by WSO2 Identity Server
This blog post has an example of using WSO2-IS APIs.
Take a look at the answer to the following question also. WSO2 identity server api
WSO2 products are manage internally SOAP web services known as admin services. The admin service wsdl as bellow.
https://localhost:9443/services/UserAdmin?wsdl
Note: you cannot view the wsdl of admin service by default due to security reason. Configure the following steps to enable and invoke the admin service wsdl.
Set the <HideAdminServiceWSDLs> element to false in <IS_HOME>/repository/conf/carbon.xml file.
<HideAdminServiceWSDLs>false</HideAdminServiceWSDL>
Restart the server.
Also you can use OSGi console to get the list of SOAP Services exposed in Identity Server and view the available service components details. To enable osgi console doing following steps.
Get osgi console by executing the following command.
<IS_Home>/bin/wso2server.bat –DosgiConsole
After successfully started the server press ‘Enter’ key and osgi>console will be displayed.
To get all admin services that are deployed on this server.
osgi> listAdminServices
List down all hidden services that are deployed on this server.
osgi>listHiddenServices
All services expose Web Service APIs which can be used for to gain access to back end functionality.
I have written my web services using apache axis2. Now I want to make my web services secure to avoid unauthorized access.
Is there any way in apache axis by which we can redirect each web service request to a particular web service ? so that it will do authentication and on successful authentication it will forward the request to respective web service.
Thanks,
Ajinkya.
you can use Apache Rampart[1] for this. Instead of redirecting to another web service you can use UT (user name token) to authenticate the uses. Using WS-Security is the correct way to secure a web service. This[2] would help you.
If you interested WSO2 AS[3] provides a integrated environment for web service deployment and add security using its GUI. Further since it is based on WSO2 carbon platform you can integrate your user store with WSO2 AS and then authentication is provided out of the box.
[1] http://axis.apache.org/axis2/java/rampart/
[2] http://wso2.org/library/240
[3] http://wso2.org/library/application-server