I recently developped a SOAP web service.
I started to implement it without authentication. It works fine : the service, the call with SOAP UI and the gatling tests.
I added a digest authentication and now I cannot make my gatling test work (the test with SOAP UI is still successful).
According to the gatling documentation (here), I am supposed to call .digestAuth(login, pass) on my http request:
val scn = scenario("scenario")
.feed(feeder)
.feed(feeder2)
.forever{
exec(
http("myRequest")
.post(target)
.digestAuth("login","pass")
.body(ELFileBody("Request.wsdl"))
.headers(headers_2)
)
}
The answer from the server is always a 500 error with the message :
Jul 07, 2015 4:27:31 PM com.sun.xml.wss.impl.SecurityRecipient processMessagePolicy
SCHWERWIEGEND: WSS0253: Message does not conform to configured policy: No Security Header found in message
UPDATE :
I'm using the latest version of gatling 2.1.6
I cannot share my webservice but here is how it is configured.
spring-servlet.xml
<sws:interceptors>
<bean id="wsSecurityInterceptor"
class="org.springframework.ws.soap.security.xwss.XwsSecurityInterceptor">
<property name="policyConfiguration" value="classpath:securityPolicy.xml" />
<property name="callbackHandlers">
<list>
<ref bean="passwordValidationHandler" />
</list>
</property>
</bean>
</sws:interceptors>
<bean id="passwordValidationHandler"
class="org.springframework.ws.soap.security.xwss.callback.SimplePasswordValidationCallbackHandler">
<property name="users">
<props>
<prop key="user">password</prop>
</props>
</property>
</bean>
And the securityPolicy.xml
<?xml version="1.0" encoding="UTF-8"?>
<xwss:SecurityConfiguration xmlns:xwss="http://java.sun.com/xml/ns/xwss/config">
<xwss:RequireUsernameToken passwordDigestRequired="true" nonceRequired="true" />
</xwss:SecurityConfiguration>
UPDATE 2:
Here is the full request and response from gatling logs:
10:06:57.243 [WARN ] i.g.h.a.AsyncHandlerActor - Request 'post_Addresscheck' failed:
status.find.in(200,304,201,202,203,204,205,206,207,208,209), but
actually found 500
10:06:57.244 [TRACE] i.g.h.a.AsyncHandlerActor - http://localhost:8000/ROOT/checkAddresshttp://localhost:8000/ROOT/checkAddress
headers=
Accept-Encoding: gzip,deflate
Content-Type: text/xml;charset=UTF-8
Content-Length: 1830
Connection: keep-alive
Host: localhost:8000
Accept: */*
realm=Realm{principal='user', password='password', scheme=DIGEST, realmName='', nonce='', algorithm='MD5', response='', qop='auth', nc='00000001', cno
nce='', uri='null', methodName='GET', useAbsoluteURI='true', omitQuery='false'}
=========================
HTTP response:
status=
500 Internal Server Error
headers=
Server: [Apache-Coyote/1.1]
Accept: [text/xml, text/html, image/gif, image/jpeg, *; q=.2, */*; q=.2]
SOAPAction: [""]
Content-Type: [text/xml;charset=utf-8]
Content-Length: [605]
Date: [Thu, 09 Jul 2015 08:06:57 GMT]
Connection: [close]
Did I miss something in my test definition?
I think there might be a confusion here: Gatling supports HTTP digest auth, not WSS digest auth (where creds are passed as a SOAP header, inside the body, instead of a HTTP header).
Related
According to official docs defining a custom out sequence and adding <property name="CustomTransportHeader" scope="transport" action="remove"/> would remove any unwanted header from api response, yet I'm not getting any success defining a custom global out sequence and trying to remove Server out of response headers nor any other headers as well.
* Mark bundle as not supporting multiuse
< HTTP/1.1 200
< X-Content-Type-Options: nosniff
< X-XSS-Protection: 1; mode=block
< Date: Tue, 18 May 2021 14:37:47 GMT
< Content-Type: application/json
< Transfer-Encoding: chunked
< Server: WSO2 Carbon Server
Here's the custom out sequence which I placed in{$APIM_HOME}/repository/deployment/server/synapse_configs/sequences folder as a new xml file and got acknowledged of it's deployment by log:
<sequence xmlns="http://ws.apache.org/ns/synapse" name="WSO2AM--Ext--Out">
<property name="Server" scope="transport" action="remove"/>
<log level="custom">
<property name="TRACE" value="API Mediation Extension"/>
</log>
</sequence>
how should one get this done? what's the problem here?
For anybody struggling with this, all you have to do is to add this Entry into your deployment.toml file:
[transport.https.properties]
server = "something"
this would change the Server in response headers to your desired value. using custom sequences can do no good as you don't want to modify your own defined APIs and your request is not passing through it at all.
I need to build message in proxy on wso2 esb 4.8.1 with MessageType="multipart/form-data" and send to http endpoint.
Somethin like this:
POST /cgi-bin/maillist.cgi HTTP/1.0
Content-type: multipart/form-data; boundary=---------------------------7cd1d6371ec
Cache-Control: no-cache
Content-Length: 25852
-----------------------------7cd1d6371ec
Content-Disposition: form-data; name="realname"
Steve Johnson
-----------------------------7cd1d6371ec
Content-Disposition: form-data; name="email"
steevo#idocs.com
Could you give me just examlpe or link to solution?
You can Set message type property as follows.
<property name="messageType" value="multipart/form-data" scope="axis2"/>
So it will invoke the multipart/form-data formatter and send out as a multipart/ form-data message.
You can use builder mediator(https://docs.wso2.com/display/ESB481/Builder+Mediator) for this purpose. Builder mediator will build the message within WSO2 ESB such that the message is converted to the desired Content-Type.
We are trying to remove the end end of HTTP chunk character inserted by WSO2 APIM Gateway in HTTP body responses even if the Response Body should be empty (204 Status code).
We are using WSO2 API manager 1.6.0, whenever it receives a message without Content Type (example response Status code 204 No Content) , WSO2 API Manager Gateway includes the Header "Transfer-Encoding : chunked" with a Content Body with 0 (length 5) end of chunk 0\r\n.
In this case a Content-Length of 0 is expected with a completely empty content body.
1) We tried without success first to insert the the following lines in our API definition to enforce a content length of 0 :
under $CARBON_HOME/repository/deployment/server/synapse-configs/default/api/ :
<outsequence>
<property name="FORCE_HTTP_CONTENT_LENGTH" scope="axis2" value="true"></property>
<property name="COPY_CONTENT_LENGTH_FROM_INCOMING" scope="axis2" value="true"> </property>
<send></send>
</outsequence>
2) We tried also without success to insert the following lines to disable chunk encoding as described in the WSO2 doc (https://docs.wso2.com/display/ESB450/HTTP+Transport+Specific+Properties) :
<outsequence>
<property name="FORCE_HTTP_1.0" value="true" scope="axis2" />
<property name="DISABLE_CHUNKING" value="true" scope="axis2" />
<send></send>
</outsequence>
3) We also tried to insert these lines within the markups of the API xml definition without success.
Incoming HTTP reponse to WSO2 APIM Gateway :
HTTP/1.1 204 No Content
Server: Apache-Coyote/1.1
Date: Fri, 08 Aug 2014 14:02:57 GMT
Outgoing HTTP response out of WSO2 APIM Gateway :
HTTP/1.1 204 No Content
Access-Control-Allow-Headers: authorization,Access-Control-Allow-Origin,Content-Type
Access-Control-Allow-Methods: GET,POST,PUT,DELETE,OPTIONS
Date: Fri, 08 Aug 2014 13:56:50 GMT
Server: WSO2-PassThrough-HTTP
Transfer-Encoding: chunked
0
Could you please help us to solve this issue ?
Thanks a lot for your support
JS
Try adding this property mediator to disable chunking:
<property name="DISABLE_CHUNKING" value="true" scope="axis2"/>
This property mediator can be used in custom insequences and outsequences. You can also add it to your API templates. Here is a blog post about applying this to the templates:
http://hoosierapi.blogspot.com/2014/07/wso2-api-manager-proxing-without.html
Cheers,
Colin
I am using a SAP odata service and I added it as a web reference in visual studio 2012.
Uri serviceUri = new Uri("http://zbc.net:4521/sap/opu/odata/sap/Emp/", UriKind.Absolute);
Emp context = new Emp(serviceUri);
context.Credentials = new System.Net.NetworkCredential("loginanme", "pass");
var query = from b in context.Employees
where b.Role == "Admin"
select b;
foreach (var myObject in query)
{
Console.WriteLine("\n name: {0} | role: {1}", myObject.name, myObject.Role);
}
When I execute the code above, I get the following error:
"An error occurred while processing this request."
InnerException: "A missing or empty content type header was found when trying to read a message. The content type header is required."
this is the query that VS2012 produces:
Query: {http://zbc.net:4521/sap/opu/odata/sap/Emp/Employees()?$filter=Role eq 'Admin'}
StackTrace:
at Microsoft.Data.OData.ODataMessageReader.GetContentTypeHeader()
at Microsoft.Data.OData.ODataMessageReader.TryGetSinglePayloadKindResultFromContentType(IEnumerable`1& payloadKindResults, MediaType& contentType, Encoding& contentEncoding)
at Microsoft.Data.OData.ODataMessageReader.DetectPayloadKind()
at System.Data.Services.Client.Materialization.ODataMaterializer.CreateODataMessageReader(IODataResponseMessage responseMessage, ResponseInfo responseInfo, Boolean projectionQuery, ODataPayloadKind& payloadKind)
at System.Data.Services.Client.Materialization.ODataMaterializer.CreateMaterializerForMessage(IODataResponseMessage responseMessage, ResponseInfo responseInfo, Type materializerType, QueryComponents queryComponents, ProjectionPlan plan, ODataPayloadKind payloadKind)
at System.Data.Services.Client.MaterializeAtom..ctor(ResponseInfo responseInfo, QueryComponents queryComponents, ProjectionPlan plan, IODataResponseMessage responseMessage, ODataPayloadKind payloadKind)
at System.Data.Services.Client.QueryResult.CreateMaterializer(ProjectionPlan plan, ODataPayloadKind payloadKind)
at System.Data.Services.Client.QueryResult.ProcessResult[TElement](ProjectionPlan plan)
at System.Data.Services.Client.DataServiceRequest.Execute[TElement](DataServiceContext context, QueryComponents queryComponents)
Response from RESTClient (firefox add-on)
Status Code: 200 OK
Content-Encoding: gzip
Content-Length: 566
Content-Type: application/xml
Last-Modified: Tue, 09 Jul 2013 13:03:22 GMT
Server: SAP NetWeaver Application Server / ABAP 731
dataserviceversion: 2.0
Response body
<?xml version="1.0" encoding="utf-8"?>
<edmx:Edmx Version="1.0" xmlns:edmx="http://schemas.microsoft.com/ado/2007/06/edmx"
xmlns:m="http://schemas.microsoft.com/ado/2007/08/dataservices/metadata"
xmlns:sap="http://www.sap.com/Protocols/SAPData">
<edmx:DataServices m:DataServiceVersion="2.0">
<Schema Namespace="Emp" xml:lang="en" xmlns="http://schemas.microsoft.com/ado/2008/09/edm">
<EntityType Name="Bank" sap:content-version="1">
<Key>
<PropertyRef Name="Admin"/>
</Key>
<Property Name="Name" Type="Edm.String" MaxLength="35" sap:label="Name"/>
<Property Name="street" Type="Edm.String" MaxLength="35" sap:label="Street"/>
<Property Name="Role" Type="Edm.String" MaxLength="35" sap:label="Role"/>
<Property Name="Region" Type="Edm.String" MaxLength="3" sap:label="Region"/>
</EntityType>
<EntityContainer Name="Emp" m:IsDefaultEntityContainer="true">
<EntitySet Name="Employees" EntityType="Emp.Employee" sap:deletable="false" sap:content-version="1"/>
</EntityContainer>
<atom:link rel="self" href="http://zbc.net:4521/sap/opu/odata/sap/Emp/$metadata" xmlns:atom="http://www.w3.org/2005/Atom"/>
<atom:link rel="latest-version" href="http://zbc.net:4521/sap/opu/odata/sap/Emp/$metadata"
xmlns:atom="http://www.w3.org/2005/Atom"/>
</Schema>
</edmx:DataServices>
</edmx:Edmx>
From Fiddler I get the following response:
HTTP/1.1 401 Unauthorized
www-authenticate: Basic realm="SAP NetWeaver Application Server [SVD/800]"
content-length: 2180
content-type: text/html; charset=utf-8
server: SAP NetWeaver Application Server / ABAP 731
How come in fiddler I get a 401? How can I provide a login and pass in Fiddler so that I don't get a 401?
Thanks Vitek Karas MSFT for your suggestion. The issue is sovled by installing the latest version of WCF Data Services 5.6.0. and thanks to Maikel who tried in on our dev and was able to solve the issue.
I m working on wso2 admin services. I get url as http://localhost:9763/services/AuthenticationAdmin?wsdl for AuthencticationAdmin.
Now, when I hit the login operation, with admin,admin,127.0.0.1, I get true as return.
ESB console shows logged in.
Now, when I hit logout operation, I dont get any response.
Also I notice that header of the response does not contain any session ID.
My ESB is 4.6.0.
login request :
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:aut="http://authentication.services.core.carbon.wso2.org">
<soapenv:Header/>
<soapenv:Body>
<aut:login>
<!--Optional:-->
<aut:username>admin</aut:username>
<!--Optional:-->
<aut:password>admin</aut:password>
<!--Optional:-->
<aut:remoteAddress>127.0.0.1</aut:remoteAddress>
</aut:login>
</soapenv:Body>
</soapenv:Envelope>
login response :
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
<soapenv:Body>
<ns:loginResponse xmlns:ns="http://authentication.services.core.carbon.wso2.org">
<ns:return>true</ns:return>
</ns:loginResponse>
</soapenv:Body>
</soapenv:Envelope>
In the response, when I hit login I see, at bottom I only get 6 elements in header as follows :
> Date Tue, 25 Jun 2013 14:31:42 GMT
> Transfer-Encoding chunked
> #status# HTTP/1.1 200 OK
> Content-Type text/xml; charset=UTF-8
> Connection Keep-Alive
> Server WSO2-PassThrough-HTTP
Now, I dont get session ID. Can you please point out where m I going wrong?
My scenario is that I want to login to WSO2 and then hit some other admin service operation.
After some time debugging with the java client (see my other answer), I noticed that the SOAPUI Endpoint was not using the 9443 port that I was using in the Java client. See the image below.
The 8243 port was picked up from the WSDL by SOAPUI.
When I changed the SOAP UI Endpoint port from 8243 to 9443, the JSESSIONID gets returned in the response, as seen below:
HTTP/1.1 200 OK
Set-Cookie: JSESSIONID=573D42750DE6C0A287E1582239EB5847; Path=/; Secure; HttpOnly
Content-Type: text/xml;charset=UTF-8
Transfer-Encoding: chunked
Date: Wed, 26 Jun 2013 22:14:20 GMT
Server: WSO2 Carbon Server
<?xml version='1.0' encoding='UTF-8'?><soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"><soapenv:Body><ns:loginResponse xmlns:ns="http://authentication.services.core.carbon.wso2.org"><ns:return>true</ns:return></ns:loginResponse></soapenv:Body></soapenv:Envelope>
I have no idea what the difference is between the ports 8243 and 9443, or why one returns a JSESSIONID and the other doesn't.
You could try accessing the server using a java client. There is an example here. You could try this example and dump out the SOAP message to see the difference against what you are seeing in SOAPUI.
I'm wondering if the example axis client's setManageSession(true) does some magic on the session:
public static void main(String[] args) throws
RemoteException, AuthenticationAdminAuthenticationExceptionException {
System.setProperty("javax.net.ssl.trustStore",
SampleConstants.CLIENT_TRUST_STORE_PATH);
System.setProperty("javax.net.ssl.trustStorePassword",
SampleConstants.KEY_STORE_PASSWORD);
System.setProperty("javax.net.ssl.trustStoreType",
SampleConstants.KEY_STORE_TYPE);
AuthenticationAdminStub stub =
new AuthenticationAdminStub(
"https://localhost:9443/services/AuthenticationAdmin");
ServiceClient client = stub._getServiceClient();
Options options = client.getOptions();
options.setManageSession(true);
Login login = new Login();
login.setUsername("admin");
login.setPassword("admin");
stub.login(login);
ServiceContext serviceContext = stub.
_getServiceClient().getLastOperationContext().getServiceContext();
String sessionCookie = (String) serviceContext
.getProperty(HTTPConstants.COOKIE_STRING);
System.out.println(sessionCookie);
}
The above code prints out something similar to the following:
JSESSIONID=844ECBED015805A24FF9DBD5F5A56C8D; Path=/; Secure=null; HttpOnly=null