We've developed a Proxy Service into WSO2 ESB which is an orchestrator, and calls multiple services aggregating the response.
How can I test each single step (or mediator) of the proxy flow, and how the system reacts to each possible situation (e.g. Success, Failure, Slow response time...)?
We are trying to mock the behaviour of each service called by the proxy (with Wiremock), for each step, but we are not able to dynamically change the endpoints (or the ports) pointed by each call.
Example:
Real service is listening on port 8280
Wiremock is listening on port 8281
We need to dynamically change the endpoint within the Proxy, to let it call the Wiremock service (8281) instead of the real one (8280)
If there are other ways to test, I'm happy to explore different solutions...
I am unable to get your question correctly... can't you in Your proxy service you mention the endpoint url with port as 8281...??
Finally found the solution to the problem.
Using the endpoints of the registry, you are able to get the resources from the registry, change them and update it.
For example you could do something like:
AutomationContext esbContext = new AutomationContext("ESB", TestUserMode.SUPER_TENANT_ADMIN);
String esbSession = esbContext.login();
ResourceAdminServiceClient resourceClient = new ResourceAdminServiceClient(esbContext.getContextUrls().getBackEndUrl(),
esbSession);
String endpoint = resourceClient.getTextContent("/_system/governance/endpoints/HelloService.xml")
.replace(":8280", String.format(":%s", port));
resourceClient.updateTextContent("/_system/governance/endpoints/HelloService.xml", endpoint);
Related
Iām using wso2esb-4.9.0, then wso2-5.0.0, and now working on wso2ei-6.0.0
I would like to create a secured proxy service that could be used by different clients.
Required security is scenario 5 (sign and encrypt ā x509 authentication) : Messages are encrypted using service (server) public certificate and signed using client private key. Since multiple client will use the service, each client should sign the message using client private key.
At the server side, the public certificate for each client should be already be in the trust store of the server.
At server side, I can do a hardcoded configuration for rampart in order to respond correctly for incoming request from client1 OR for client2. This means that, for now, the only solution I found in order to support 2 clients, for the same backend service, is through the use of two proxy service, each configured to verify the signature of exactly one client.
I would like to get advice or pointers in order to configure the server side in a dynamic way, where only one proxy service is used. This proxy service should be able to configure at run time correctly rampart, in order to decrypt and verify the signature of the incoming message (one proxy, for N clients).
Thanks,
So, in fact nothing extra needs to be done at configuration level of rampat, since the harcoded configuration is related to the server side, when it would like to consume smthg for other party.
Since the incomming request contains informations related to certificate data, server will dynamically check his keystore in order to verify the incomming signed message... so once again, just configure rampart, at service side, and at client side and let the magic happen.
thanks to wso2 team for great product suite !
I'd like to have the following architecture:
A factory web service that is running all the time under a general URI, say /service.
A set of specific self-hosted application services, running under specific URI, say /service/appA/db1, /service/appA/db2, /service/appB/. The application services are facades on top of legacy applications, and each application-database pair must be in a separate process. I cannot merge them. There may be thousands of combinations of these separate services, so I don't want to kick them all off. I'd like to kick them off on demand.
Now I could have the client ask the factory to kick off the needed service, and then connect to it, but this doesn't work cleanly in a load-balanced environment.
What I would really like to do is for the factory service to listen to requests, and automatically kick off the application services as needed and then stop listening to the portion of the URI that the newly kicked off service is listening to.
For example, say that client wants to call "http://hostname/service/productapp/myproductdb/products/get/byname"
The first call would go to the factory service. It would kick off the application service "productapp-myproductdb" and redirect the initial call to the name URL, and stop listening on the URI "/service/productapp/myproductdb".
Any subsequent calls would go directly to the "productapp-myproductdb" service, which would be listening on the "/service/productapp/myproductdb" uri.
I don't want to redirect calls from the factory service to the application service. I want the client to be able to connect to the application service directly after the initial request.
Is this something that is possible to do?
If it is possible, how can I do it in ASP.NET Core?
thanks,
Alex
While developing a web application I have the following use case:
a 3rd party Web Service with quite a lot of methods is deployed on a test server A (with a single endpoint, e.g. http://3rdPartyServer/3rdPartySvc?WSDL)
a new method is about to be implemented in the near future, but I need to use it now
the rest of the methods are used throughout my code extensively
So I would like to do the following:
Create a mock service in SoapUI locally, based on the new WSDL which includes the new WS method (i.e. a superset of the WS methods currently on server A)
point my local application server to use the SoapUI mock service endpoint
mock only the response of the new WS method (create a dummy response for it in SoapUI)
let the other WS method calls to reach server A and return whatever it returns normally (i.e. use SoapUI as a proxy for these calls)
I've gone through the SoapUI documentation regarding service mocking and have used it numerous times, but could not find an option for such "pass-through" behavior.
When you read in your WSDL, the endpoint will point to your server.
Open your service, and select the service endpoint.
Add a second endpoint, to point to your mock. SoapUI has little bit of documentation showing this here. Only step "2. Getting Started" applies, not step 3!
In each of your tests, where you are using the mocked method, you will need to select the mock endpoint. Further discussion is here.
I have two servlets that access two corresponding Axis2 web services on the same host. One of the servlets is read-only, while the other writes to a database.
Each of the Axis2 web services uses BASIC authentication. The read-only web service uses a system account, while the write web service uses the user's credentials (which are submitted as part of a web form).
The problem I'm running into is that the servlet called second always fails authentication to its web service. For example, I can query the read-only service through it's servlet all I want, but I get a "401: Authorization Required" when I try to use the write service. If I call the write service first, I get the same error when I try to use the read-only service.
Here is how I am setting the credentials for the connections in the servlets:
Stub service = new Stub(serviceUrl);
HttpTransportProperties.Authenticator auth = new HttpTransportProperties.Authenticator();
auth.setUsername(username);
auth.setPassword(password);
auth.setPreemptiveAuthentication(true);
service._getServiceClient().getOptions().setProperty(HTTPConstants.AUTHENTICATE, auth);
The servlet that accesses the read-only service has this code in it's constructor. The servlet that accesses the write service has this code in it's doGet/doPost method.
It seems that the credentials for the first service called are getting cached somewhere, but I can't find where that could be. I saw a possible solution here, but I can't find where WSClientConstants.CACHED_HTTP_STATE is defined. The comments in this JIRA issue seems to imply that it's part of org.apache.axis2.transport.http.HTTPConstants but it's not there.
Specifics:
Axis version: 1.5.1
Tomcat Version: 6.0.26
Java version: 1.6.0_23
It turns out the connections to the two different services were using the same JSESSIONID. Thus, the connection to the second web service was trying to use a session authenticated for the first web service, causing the error.
My solution for this was to define an HttpClient for each service, done by the following
MultiThreadedHttpConnectionManager manager = new MuliThreadedHttpConnectionManager();
HttpClient client = new HttpClient(manager);
ConfigurationContext context = ConfigurationContextFactory.createDefaultConfigurationContext();
context.setProperty(HTTPConstants.CACHED_HTTP_CLIENT, client);
context.setProperty(HTTPConstants.REUSE_HTTP_CLIENT, true);
Stub service = new Stub(context, serviceUrl);
This allows both servlets to have a separate session for their corresponding services.
The important point is to create a dedicated ConfigurationContext.
I've solved in a simpler way using a default config context when creating the stub without the multithreaded connection factory
stub = new MyStub(ConfigurationContextFactory.createDefaultConfigurationContext(), myServicesUrl);
I am trying to call a web service from a BizTalk (2006) orchestration.
Having got the hang of the basics, I have been following this tutorial (page 74 onwards) in which i have a web reference to an external web service (I am using this web service instead of the one in the tutorial), I have my web message in a Send component, and have set up the request / response ports for the web service call.
I'm fairly sure that eveything is set up correctly, but my orchestration fails to call the web service with the following error:
The adapter failed to transmit the message going to send port
"My_Order_Processor.Orchestration-CurrencyConvertPort-36c122f41c5596ae"
with URL "http://www.webservicex/net/CurrencyConvertor.asmx.
WebException: Unable to connect to the remote server.
SocketException: An existing connection was forcibly
closed by the remote host 209.162.186.60:80
The IP 209.162.186.60 is the address for the web service I am trying to connect to. I am trying to narrow down the reasons for the error, e.g.:
Firewall issues
Proxy server issues (I don't know how to configure BizTalk to use a proxy server)
Something else
The BizTalk server can ping the web service, I can access the internet (through IE), I can add the WebReference to the project successfully (meaning at least the orchestration designer can access the web service okay). I have also tried a different web service, with the same result.
Any ideas on finding out why this is happening or how to find out more info? (I'm new to BizTalk)
I've seen this veru vague error before for many different reasons. Two suggestions.
Download something like NetMon and watch what is going on on the wire.
Turn off chunked encoding. For some reason, many web services don't handle this well.
Let us know what you find out.
Could this not be an authentication issue? Check that you can connect to the webservice using the Bts credentials.
This turned out to be a proxy issue.
By navigating to Biz Talk Group -> Platform Settings -> Adapters -> SOAP, I was able to configure the BizTalk server host's SOAP adapter (which is what the web service call uses to make the call) to use our company proxy server correctly. Double click the 'send' SOAP adapter, go to Properties under adapter name.