I have an axis2 service deployed on WSO2 AS 5 which I've secured with UT basic auth using the server. I want to invoke the service with an Axis client. I generated the stub and tried this,
String trustStore = "/home/dumidu/wso2carbon.jks";
System.setProperty("javax.net.ssl.trustStore", trustStore );
System.setProperty("javax.net.ssl.trustStorePassword", "test123");
HttpTransportProperties.Authenticator basicAuthentication = new HttpTransportProperties.Authenticator();
basicAuthentication.setUsername("admin");
basicAuthentication.setPassword("admin");
OrderProcessorStub ordPros = new OrderProcessorStub();
ordPros._getServiceClient().getOptions().setProperty(org.apache.axis2.transport.http.HTTPConstants.AUTHENTICATE, basicAuthentication);
OrderProcessorStub.GetOrder req = new OrderProcessorStub.GetOrder();
req.setOrdID(1);
OrderProcessorStub.GetOrderResponse resp = ordPros.getOrder(req);
System.out.println("resp \t"+resp.get_return());
Im getting this error on client side,
INFO: basic authentication scheme selected
Apr 30, 2015 6:02:58 PM org.apache.axis2.engine.AxisEngine receive
SEVERE: Must Understand check failed for header http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd : Security
org.apache.axis2.AxisFault: Must Understand check failed for header http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd : Security
at org.apache.axis2.engine.AxisEngine.checkMustUnderstand(AxisEngine.java:105)
at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:171)
at org.apache.axis2.description.OutInAxisOperationClient.handleResponse(OutInAxisOperation.java:364)
at org.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisOperation.java:421)
at org.apache.axis2.description.OutInAxisOperationClient.executeImpl(OutInAxisOperation.java:229)
at org.apache.axis2.client.OperationClient.execute(OperationClient.java:165)
....
....
and this on server,
[2015-04-30 18:02:58,250] ERROR - AxisEngine System error
org.apache.axis2.AxisFault: System error
at org.wso2.carbon.security.pox.POXSecurityHandler.invoke(POXSecurityHandler.java:303)
at org.apache.axis2.engine.Phase.invokeHandler(Phase.java:340)
at org.apache.axis2.engine.Phase.invoke(Phase.java:313)
at org.apache.axis2.engine.AxisEngine.invoke(AxisEngine.java:261)
at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:167)
at org.apache.axis2.transport.http.HTTPTransportUtils.processHTTPPostRequest(HTTPTransportUtils.java:172)
at org.apache.axis2.transport.http.AxisServlet.doPost(AxisServlet.java:146)
at org.wso2.carbon.core.transports.CarbonServlet.doPost(CarbonServlet.java:231)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:755)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:848)
....
....
what am i doing wrong here? how can i write an axis client for a service secured with UT in WSO2 AS? Thanks in advance.
According to the your error, It seems to be bug in the product. In this jira, It says that there is an issue with POX handler.. WSO2AS also using same handler and it must be the reason for your issue as well. In jira it says If client request does not include empty soap header, that conversion fails with following error. So as a workaround, you can try with empty SOAP header.
Related
I try to add (and consume) an REST api on HTTPS through API Manager.
So, with a little schema :
Client (SoapUi) --HTTPS--> APIM --HTTPS--> REST API
Result: Failed
Client (SoapUi) --HTTP--> APIM --HTTPS--> REST API
Result: Failed
Here the stack :
2019-05-17 10:31:02,090 [-] [HTTPS-Listener I/O dispatcher-1] ERROR SourceHandler I/O error: Received fatal alert: certificate_unknown
javax.net.ssl.SSLException: Received fatal alert: certificate_unknown
at sun.security.ssl.Alerts.getSSLException(Alerts.java:208)
at sun.security.ssl.SSLEngineImpl.fatal(SSLEngineImpl.java:1666)
at sun.security.ssl.SSLEngineImpl.fatal(SSLEngineImpl.java:1634)
at sun.security.ssl.SSLEngineImpl.recvAlert(SSLEngineImpl.java:1800)
at sun.security.ssl.SSLEngineImpl.readRecord(SSLEngineImpl.java:1083)
at sun.security.ssl.SSLEngineImpl.readNetRecord(SSLEngineImpl.java:907)
at sun.security.ssl.SSLEngineImpl.unwrap(SSLEngineImpl.java:781)
at javax.net.ssl.SSLEngine.unwrap(SSLEngine.java:624)
at org.apache.http.nio.reactor.ssl.SSLIOSession.doUnwrap(SSLIOSession.java:245)
at org.apache.http.nio.reactor.ssl.SSLIOSession.doHandshake(SSLIOSession.java:280)
at org.apache.http.nio.reactor.ssl.SSLIOSession.isAppInputReady(SSLIOSession.java:410)
at org.apache.http.impl.nio.reactor.AbstractIODispatch.inputReady(AbstractIODispatch.java:119)
at org.apache.http.impl.nio.reactor.BaseIOReactor.readable(BaseIOReactor.java:159)
at org.apache.http.impl.nio.reactor.AbstractIOReactor.processEvent(AbstractIOReactor.java:338)
at org.apache.http.impl.nio.reactor.AbstractIOReactor.processEvents(AbstractIOReactor.java:316)
at org.apache.http.impl.nio.reactor.AbstractIOReactor.execute(AbstractIOReactor.java:277)
at org.apache.http.impl.nio.reactor.BaseIOReactor.execute(BaseIOReactor.java:105)
at org.apache.http.impl.nio.reactor.AbstractMultiworkerIOReactor$Worker.run(AbstractMultiworkerIOReactor.java:586)
at java.lang.Thread.run(Thread.java:745)
I think the problem is between API Manager and the REST API
The REST API Certificate is composed like this :
CA Root Sectigo
|
--> Gandi
|
--> wildcard's Company
I try to add (via publisher's site) the Wildcard's company => no change
I try to add CA root to jvm keystore => no change
Actually, API Manager had the default Self Signed certificate.
Maybe it's a part of the problem.
Any ideas?
Regards,
Mike
Canario:
APIM and APIM-Analytics (both in 2.6.0) at the same localhost machine.
Identity Server in other Machine
Use the doc to make configuration between APIM and Analytics.
Setup te Datasources for external Oracle DB instance:
IS strat Ok, Analytics Worker start ok, Analytics Dashboard Start Ok, Analytics Manager Start Ok
After default configuration, Apim start with connection issue:
...
ERROR{org.wso2.carbon.databridge.agent.endpoint.DataEndpointConnectionWorker} -
Error while trying to connect to the endpoint. Cannot borrow client for
ssl://localhost:7712.
{org.wso2.carbon.databridge.agent.endpoint.DataEndpointConnectionWorker}
org.wso2.carbon.databridge.agent.exception.DataEndpointLoginException:
Cannot borrow client for ssl://localhost:7712.
at
org.wso2.carbon.databridge.agent.endpoint.DataEndpointConnectionWorker.connect(DataEndpointConnectionWorker.java:134)
at org.wso2.carbon.databridge.agent.endpoint.DataEndpointConnectionWorker.run(DataEndpointConnectionWorker.java:59)
at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511)
at java.util.concurrent.FutureTask.run(FutureTask.java:266)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
at java.lang.Thread.run(Thread.java:748)
Caused by: org.wso2.carbon.databridge.agent.exception.DataEndpointLoginException: Error while trying to login to the data receiver.
at org.wso2.carbon.databridge.agent.endpoint.thrift.ThriftDataEndpoint.login(ThriftDataEndpoint.java:54)
at org.wso2.carbon.databridge.agent.endpoint.DataEndpointConnectionWorker.connect(DataEndpointConnectionWorker.java:128)
... 6 more
Caused by: org.apache.thrift.transport.TTransportException: java.net.SocketTimeoutException: Read timed out
at org.apache.thrift.transport.TIOStreamTransport.flush(TIOStreamTransport.java:161)
at org.apache.thrift.TServiceClient.sendBase(TServiceClient.java:65)
at org.wso2.carbon.databridge.commons.thrift.service.secure.ThriftSecureEventTransmissionService$Client.send_connect(ThriftSecureEventTransmissionService.java:104)
at org.wso2.carbon.databridge.commons.thrift.service.secure.ThriftSecureEventTransmissionService$Client.connect(ThriftSecureEventTransmissionService.java:95)
at org.wso2.carbon.databridge.agent.endpoint.thrift.ThriftDataEndpoint.login(ThriftDataEndpoint.java:47)
... 7 more
Caused by: java.net.SocketTimeoutException: Read timed out
at java.net.SocketInputStream.socketRead0(Native Method)
at java.net.SocketInputStream.socketRead(SocketInputStream.java:116)
at java.net.SocketInputStream.read(SocketInputStream.java:171)
at java.net.SocketInputStream.read(SocketInputStream.java:141)
at sun.security.ssl.InputRecord.readFully(InputRecord.java:465)
at sun.security.ssl.InputRecord.read(InputRecord.java:503)
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:975)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1367)
at sun.security.ssl.SSLSocketImpl.writeRecord(SSLSocketImpl.java:750)
at sun.security.ssl.AppOutputStream.write(AppOutputStream.java:123)
at java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:82)
at java.io.BufferedOutputStream.flush(BufferedOutputStream.java:140)
at org.apache.thrift.transport.TIOStreamTransport.flush(TIOStreamTransport.java:159)
... 11 more
...
When I had access the consoles Analytics (PUBLISHER, STORE or ADMIN), the API Usage analtyics interface become stucked.
I try to mak few changes inside api-manager.xml. Now the ANALYTICS part is lik follows:
<!-- Enable Analytics for API Manager -->
<Enabled>true</Enabled>
<StreamProcessorServerURL>{tcp://localhost:7612}</StreamProcessorServerURL>
<!--StreamProcessorAuthServerURL>{ssl://localhost:7712}</StreamProcessorAuthServerURL-->
<!-- Administrator username to login to the remote StreamProcessor server. -->
<StreamProcessorUsername>admin</StreamProcessorUsername>
<!-- Administrator password to login to the remote StreamProcessor server. -->
<StreamProcessorPassword>admin</StreamProcessorPassword>
<!-- For APIM implemented Statistic client for RDBMS -->
<StatsProviderImpl>org.wso2.carbon.apimgt.usage.client.impl.APIUsageStatisticsRestClientImpl</StatsProviderImpl>
<!-- StreamProcessor REST API configuration -->
<StreamProcessorRestApiURL>https://localhost:9444</StreamProcessorRestApiURL>
<StreamProcessorRestApiUsername>admin</StreamProcessorRestApiUsername>
<StreamProcessorRestApiPassword>admin</StreamProcessorRestApiPassword>
I expect to discovery why this is happen, If i follow de default documentation (https://docs.wso2.com/display/AM260/Configuring+APIM+Analytics)
thanks
This problem it was solved by import the Analytics certificate to wso2carbon.jks and client-truststore.jks.
In the beginning I just import to client-truststore.jks and miss wso2carbon.jks.
It's important to use the full qualified name to create the new certificates and keystore, and use to make correct link between tools at api-manager.xml
Remember to add the full qualified name at hosts file.
Thanks
Using WSO2 API Manager (V1.10), I published a API and I imported the SSL certificate to client-truststore.jks. But When I call this API, I 'm receving this error:
2016-07-11 11:42:11,296 [-] [HTTPS-Sender I/O dispatcher-7] ERROR TargetHandler I/O error: Received fatal alert: handshake_failure
javax.net.ssl.SSLException: Received fatal alert: handshake_failure
at sun.security.ssl.Alerts.getSSLException(Alerts.java:208)
at sun.security.ssl.SSLEngineImpl.fatal(SSLEngineImpl.java:1650)
at sun.security.ssl.SSLEngineImpl.fatal(SSLEngineImpl.java:1618)
at sun.security.ssl.SSLEngineImpl.recvAlert(SSLEngineImpl.java:1787)
at sun.security.ssl.SSLEngineImpl.readRecord(SSLEngineImpl.java:1071)
at sun.security.ssl.SSLEngineImpl.readNetRecord(SSLEngineImpl.java:893)
at sun.security.ssl.SSLEngineImpl.unwrap(SSLEngineImpl.java:767)
at javax.net.ssl.SSLEngine.unwrap(SSLEngine.java:624)
at org.apache.http.nio.reactor.ssl.SSLIOSession.doUnwrap(SSLIOSession.java:228)
at org.apache.http.nio.reactor.ssl.SSLIOSession.doHandshake(SSLIOSession.java:263)
at org.apache.http.nio.reactor.ssl.SSLIOSession.isAppInputReady(SSLIOSession.java:391)
at org.apache.http.impl.nio.reactor.AbstractIODispatch.inputReady(AbstractIODispatch.java:119)
at org.apache.http.impl.nio.reactor.BaseIOReactor.readable(BaseIOReactor.java:159)
at org.apache.http.impl.nio.reactor.AbstractIOReactor.processEvent(AbstractIOReactor.java:338)
at org.apache.http.impl.nio.reactor.AbstractIOReactor.processEvents(AbstractIOReactor.java:316)
at org.apache.http.impl.nio.reactor.AbstractIOReactor.execute(AbstractIOReactor.java:277)
at org.apache.http.impl.nio.reactor.BaseIOReactor.execute(BaseIOReactor.java:105)
at org.apache.http.impl.nio.reactor.AbstractMultiworkerIOReactor$Worker.run(AbstractMultiworkerIOReactor.java:586)
at java.lang.Thread.run(Thread.java:745)
I suspect your API calling client program does not have the API server's certificate. (Usually you import your certificate into your JRE's jacerts or other trust store)
But When I call this API, I 'm receving this error:
When you call this API, did this API calling client program (Java, for example) also get this WSO2 server's certificate imported? This may solve your problem.
According to the error log this happens in http sender. i.e when api manger invokes the back-end . if your backend is "HTTPS" you need to import its public certificate to trustore of APIM
Had same issue in Java 1.7. Java 1.8 has resolved my problem
I have a webservice with some input only operations. In the ESB i've created a proxy and sets the properties OUT_ONLY and FORCE_SC_ACCEPTED to true. Everytime I call the proxied operation I get the following error message in the wso2carbon.log:
TID: [0] [ESB] [2015-04-02 09:52:45,307] ERROR {org.apache.axis2.transport.base.threads.NativeWorkerPool} - Uncaught exception {org.apache.axis2.transport.base.threads.NativeWorkerPool}
java.lang.UnsupportedOperationException: Not yet implemented
at org.apache.axis2.description.OutOnlyAxisOperation.getMessage(OutOnlyAxisOperation.java:124)
at org.wso2.carbon.core.multitenancy.MultitenantMessageReceiver.processResponse(MultitenantMessageReceiver.java:125)
at org.wso2.carbon.core.multitenancy.MultitenantMessageReceiver.receive(MultitenantMessageReceiver.java:81)
at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:180)
at org.apache.synapse.transport.passthru.ClientWorker.run(ClientWorker.java:225)
at org.apache.axis2.transport.base.threads.NativeWorkerPool$1.run(NativeWorkerPool.java:172)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
at java.lang.Thread.run(Thread.java:745)
Althought everything seems to work OK, I am worried about this message. What am I doing wrong. These input only will be called very frequently in production, so I'd like them to be error free.
WSO2 ESB: 4.8.1
Thanks,
Danny
this exception will occur if OUT_ONLY=true and your backend sending a response back to the esb.if OUT_ONLY is set true, your are getting a response from the backend then it is not a valid scenarion for if OUT_ONLY property.check this post[1]
1.https://mohanadarshan.wordpress.com/2013/05/05/out_only-scenario-in-proxy-service-wso2-esb/
Out-only property is set to inform that this service does not return a response back. For instance if you are sending messages to a message broker. Force-sc-accepted flag causes ESB to send HTTP Accepted status response back to the client (which calls ESB) since otherwise client will timeout without a reaponse. So please make sure your backend service does not send a response and it is accessible to ESB.
Solved this issue for now: My ESB was running in multi-tenant mode. The proxy service were created in the tenant. I did a fresh install and put the config in (so no tenants). The error disappears immediately. When I remove the config and create a tenant and put the config into the tenant the error reappears. So might this be a bug. I can try to verify with running sample 253 (OneWayProxy) in a tenant.
I am Developing a webservice using JAXWS #webserviceprovider notation. when i try to deploy this service into JBoss eap 6.1 i got an error that client supports SOap1.2 messages.
so i included the binding type to the service. but when i deploy this service to JBoss eap 6.1
I get this error
Could not resolve a binding for http://java.sun.com/xml/ns/jaxws/2003/05/soap/bindings/HTTP/
logs:
[org.jboss.msc.service.fail] (MSC service thread 1-6) MSC000001: Failed to start service jboss.deployment.subunit."cifapp.ear"."Test.war".INSTALL: org.jboss.msc.service.StartException in service jboss.deployment.subunit."cifapp.ear"."Test.war".INSTALL: JBAS018733: Failed to process phase INSTALL of subdeployment "Test.war" of deployment "cifapp.ear"
at org.jboss.as.server.deployment.DeploymentUnitPhaseService.start(DeploymentUnitPhaseService.java:127) [jboss-as-server-7.2.0.Final-redhat-8.jar:7.2.0.Final-redhat-8]
at org.jboss.msc.service.ServiceControllerImpl$StartTask.startService(ServiceControllerImpl.java:1811) [jboss-msc-1.0.4.GA-redhat-1.jar:1.0.4.GA-redhat-1]
at org.jboss.msc.service.ServiceControllerImpl$StartTask.run(ServiceControllerImpl.java:1746) [jboss-msc-1.0.4.GA-redhat-1.jar:1.0.4.GA-redhat-1]
at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:886) [rt.jar:1.6.0_30]
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:908) [rt.jar:1.6.0_30]
at java.lang.Thread.run(Thread.java:662) [rt.jar:1.6.0_30]
Caused by: javax.xml.ws.WebServiceException: org.apache.cxf.service.factory.ServiceConstructionException: Could not resolve a binding for http://java.sun.com/xml/ns/jaxws/2003/05/soap/bindings/HTTP/
at org.apache.cxf.jaxws.EndpointImpl.doPublish(EndpointImpl.java:368)
at org.jboss.wsf.stack.cxf.deployment.EndpointImpl.doPublish(EndpointImpl.java:67)
at org.apache.cxf.jaxws.EndpointImpl.publish(EndpointImpl.java:250)
at org.apache.cxf.jaxws.EndpointImpl.publish(EndpointImpl.java:536)
at org.jboss.wsf.stack.cxf.configuration.NonSpringBusHolder.configure(NonSpringBusHolder.java:116)
at org.jboss.wsf.stack.cxf.deployment.aspect.BusDeploymentAspect.startDeploymentBus(BusDeploymentAspect.java:128)
at org.jboss.wsf.stack.cxf.deployment.aspect.BusDeploymentAspect.start(BusDeploymentAspect.java:67)
at org.jboss.as.webservices.deployers.AspectDeploymentProcessor.deploy(AspectDeploymentProcessor.java:74)
at org.jboss.as.server.deployment.DeploymentUnitPhaseService.start(DeploymentUnitPhaseService.java:120) [jboss-as-server-7.2.0.Final-redhat-8.jar:7.2.0.Final-redhat-8]
... 5 more
Caused by: org.apache.cxf.service.factory.ServiceConstructionException: Could not resolve a binding for http://java.sun.com/xml/ns/jaxws/2003/05/soap/bindings/HTTP/
at org.apache.cxf.frontend.AbstractWSDLBasedEndpointFactory.createBindingInfo(AbstractWSDLBasedEndpointFactory.java:350)
at org.apache.cxf.jaxws.JaxWsServerFactoryBean.createBindingInfo(JaxWsServerFactoryBean.java:182)
at org.apache.cxf.frontend.AbstractWSDLBasedEndpointFactory.createEndpointInfo(AbstractWSDLBasedEndpointFactory.java:258)
at org.apache.cxf.frontend.AbstractWSDLBasedEndpointFactory.createEndpoint(AbstractWSDLBasedEndpointFactory.java:143)
at org.apache.cxf.frontend.ServerFactoryBean.create(ServerFactoryBean.java:159)
at org.apache.cxf.jaxws.JaxWsServerFactoryBean.create(JaxWsServerFactoryBean.java:211)
at org.apache.cxf.jaxws.EndpointImpl.getServer(EndpointImpl.java:453)
at org.apache.cxf.jaxws.EndpointImpl.doPublish(EndpointImpl.java:333)
... 13 more
Caused by: org.apache.cxf.BusException: No binding factory for namespace http://java.sun.com/xml/ns/jaxws/2003/05/soap/bindings/HTTP/ registered.
at org.apache.cxf.bus.managers.BindingFactoryManagerImpl.getBindingFactory(BindingFactoryManagerImpl.java:123)
at org.apache.cxf.frontend.AbstractWSDLBasedEndpointFactory.createBindingInfo(AbstractWSDLBasedEndpointFactory.java:338)
... 20 more
Please can someone help
Thanks
Just replaced the binding URL, Actually binding URL Represent the SOAP
Service Version
#BindingType(value="http://java.sun.com/xml/ns/jaxws/2003/05/soap/bindings/HTTP/")
Above BindingType URL Replaced with
#BindingType(value = "http://www.w3.org/2003/05/soap/bindings/HTTP/")
OR
#BindingType(value = SOAPBinding.SOAP12HTTP_BINDING)
Detail:
The BindingType annotation is applied to an endpoint implementation
class. It specifies the binding to use when publishing an endpoint of
this type.
The default binding for an endpoint is the SOAP 1.1/HTTP one
SOAP 1.1/HTTP
#BindingType(value = "http://schemas.xmlsoap.org/wsdl/soap/http")
OR
#BindingType(value = SOAPBinding.SOAP11HTTP_BINDING)
SOAP 1.2/HTTP
#BindingType(value = "http://www.w3.org/2003/05/soap/bindings/HTTP/")
OR
#BindingType(value = SOAPBinding.SOAP12HTTP_BINDING)