We Keep Coding

Custom Basic Auth not working in WSO2 EI 6.5.0 - ERROR: java.lang.ArrayIndexOutOfBoundsException: 1

I am trying to implement Basic Auth in WSO2 EI 6.5.0.
Below mentioned Class Mediator code is bundled and placed it into <WSO2EI_HOME>/lib and product restart done.
Lib:
CustomBasicAuth:
package com.basic.auth.handler;
import org.apache.commons.codec.binary.Base64;
import org.apache.synapse.MessageContext;
import org.apache.synapse.core.axis2.Axis2MessageContext;
import org.apache.synapse.core.axis2.Axis2Sender;
import org.apache.synapse.rest.Handler;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import java.util.Map;
public class CustomBasicAuth implements Handler {
private static final Log log = LogFactory.getLog(CustomBasicAuth.class);
public void addProperty(String s, Object o) {
//To change body of implemented methods use File | Settings | File Templates.
}
public Map getProperties() {
return null; //To change body of implemented methods use File | Settings | File Templates.
}
public boolean handleRequest(MessageContext messageContext) {
log.info("Inside CustomBasicAuth Class **** " );
org.apache.axis2.context.MessageContext axis2MessageContext
= ((Axis2MessageContext) messageContext).getAxis2MessageContext();
Object headers = axis2MessageContext.getProperty(
org.apache.axis2.context.MessageContext.TRANSPORT_HEADERS);
if (headers != null && headers instanceof Map) {
Map headersMap = (Map) headers;
if (headersMap.get("Authorization") == null) {
headersMap.clear();
axis2MessageContext.setProperty("HTTP_SC", "401");
headersMap.put("WWW-Authenticate", "Basic realm=\"WSO2 ESB\"");
axis2MessageContext.setProperty("NO_ENTITY_BODY", new Boolean("true"));
messageContext.setProperty("RESPONSE", "true");
messageContext.setTo(null);
Axis2Sender.sendBack(messageContext);
return false;
} else {
String authHeader = (String) headersMap.get("Authorization");
if (processSecurity(authHeader)) {
return true;
} else {
headersMap.clear();
axis2MessageContext.setProperty("HTTP_SC", "403");
axis2MessageContext.setProperty("NO_ENTITY_BODY", new Boolean("true"));
messageContext.setProperty("RESPONSE", "true");
messageContext.setTo(null);
Axis2Sender.sendBack(messageContext);
return false;
}
}
}
return false;
}
public boolean handleResponse(MessageContext messageContext) {
return true;
}
public boolean processSecurity(String credentials) {
log.info("encoded credentials**** " + credentials);
String decodedCredentials = new String(new Base64().decode(credentials.getBytes()));
log.info("decoded Credentials**** " + decodedCredentials);
String username = decodedCredentials.split(":")[0];
String password = decodedCredentials.split(":")[1];
if ("wso2user".equals(username) && "wso2user".equals(password)) {
return true;
} else {
return false;
}
}
}
When I invoke API, below ERROR found in wso2carbon log file
Wire Log:
[2023-01-16 17:21:26,873] [] DEBUG - wire HTTP-Listener I/O dispatcher-1 >> "POST /basicauthapi HTTP/1.1[\r][\n]"
[2023-01-16 17:21:26,873] [] DEBUG - wire HTTP-Listener I/O dispatcher-1 >> "Authorization: Basic d3NvMnVzZXI6d3NvMnVzZXI=[\r][\n]"
[2023-01-16 17:21:26,873] [] DEBUG - wire HTTP-Listener I/O dispatcher-1 >> "Content-Type: application/json[\r][\n]"
[2023-01-16 17:21:26,873] [] DEBUG - wire HTTP-Listener I/O dispatcher-1 >> "User-Agent: PostmanRuntime/7.30.0[\r][\n]"
[2023-01-16 17:21:26,873] [] DEBUG - wire HTTP-Listener I/O dispatcher-1 >> "Accept: */*[\r][\n]"
[2023-01-16 17:21:26,873] [] DEBUG - wire HTTP-Listener I/O dispatcher-1 >> "Cache-Control: no-cache[\r][\n]"
[2023-01-16 17:21:26,873] [] DEBUG - wire HTTP-Listener I/O dispatcher-1 >> "Postman-Token: 330c0efb-1ded-41ca-b078-81a0869604a5[\r][\n]"
[2023-01-16 17:21:26,873] [] DEBUG - wire HTTP-Listener I/O dispatcher-1 >> "Host: 192.168.43.128:8281[\r][\n]"
[2023-01-16 17:21:26,873] [] DEBUG - wire HTTP-Listener I/O dispatcher-1 >> "Accept-Encoding: gzip, deflate, br[\r][\n]"
[2023-01-16 17:21:26,873] [] DEBUG - wire HTTP-Listener I/O dispatcher-1 >> "Connection: keep-alive[\r][\n]"
[2023-01-16 17:21:26,873] [] DEBUG - wire HTTP-Listener I/O dispatcher-1 >> "Content-Length: 22[\r][\n]"
[2023-01-16 17:21:26,873] [] DEBUG - wire HTTP-Listener I/O dispatcher-1 >> "[\r][\n]"
[2023-01-16 17:21:26,873] [] DEBUG - wire HTTP-Listener I/O dispatcher-1 >> "{[\r][\n]"
[2023-01-16 17:21:26,873] [] DEBUG - wire HTTP-Listener I/O dispatcher-1 >> " "Test":"API"[\r][\n]"
[2023-01-16 17:21:26,873] [] DEBUG - wire HTTP-Listener I/O dispatcher-1 >> "}"
[2023-01-16 17:21:26,904] [] ERROR - ServerWorker Error processing POST request for : /basicauthapi.
java.lang.ArrayIndexOutOfBoundsException: 1
at com.basic.auth.handler.CustomBasicAuth.processSecurity(CustomBasicAuth.java:73)
at com.basic.auth.handler.CustomBasicAuth.handleRequest(CustomBasicAuth.java:47)
at org.apache.synapse.rest.API.process(API.java:357)
at org.apache.synapse.rest.RESTRequestHandler.apiProcess(RESTRequestHandler.java:135)
at org.apache.synapse.rest.RESTRequestHandler.dispatchToAPI(RESTRequestHandler.java:113)
at org.apache.synapse.rest.RESTRequestHandler.process(RESTRequestHandler.java:71)
at org.apache.synapse.core.axis2.Axis2SynapseEnvironment.injectMessage(Axis2SynapseEnvironment.java:325)
at org.apache.synapse.core.axis2.SynapseMessageReceiver.receive(SynapseMessageReceiver.java:92)
at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:180)
at org.apache.synapse.transport.passthru.ServerWorker.processNonEntityEnclosingRESTHandler(ServerWorker.java:338)
at org.apache.synapse.transport.passthru.ServerWorker.processEntityEnclosingRequest(ServerWorker.java:383)
at org.apache.synapse.transport.passthru.ServerWorker.run(ServerWorker.java:152)
at org.apache.axis2.transport.base.threads.NativeWorkerPool$1.run(NativeWorkerPool.java:172)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
at java.lang.Thread.run(Thread.java:748)
[2023-01-16 17:21:26,920] [] DEBUG - wire HTTP-Listener I/O dispatcher-1 << "HTTP/1.1 500 Internal Server Error[\r][\n]"
[2023-01-16 17:21:26,920] [] DEBUG - wire HTTP-Listener I/O dispatcher-1 << "Content-Type: application/json; charset=UTF-8[\r][\n]"
[2023-01-16 17:21:26,920] [] DEBUG - wire HTTP-Listener I/O dispatcher-1 << "Date: Mon, 16 Jan 2023 11:51:26 GMT[\r][\n]"
[2023-01-16 17:21:26,920] [] DEBUG - wire HTTP-Listener I/O dispatcher-1 << "Transfer-Encoding: chunked[\r][\n]"
[2023-01-16 17:21:26,920] [] DEBUG - wire HTTP-Listener I/O dispatcher-1 << "Connection: keep-alive[\r][\n]"
[2023-01-16 17:21:26,920] [] DEBUG - wire HTTP-Listener I/O dispatcher-1 << "[\r][\n]"
[2023-01-16 17:21:26,920] [] DEBUG - wire HTTP-Listener I/O dispatcher-1 << "46[\r][\n]"
[2023-01-16 17:21:26,920] [] DEBUG - wire HTTP-Listener I/O dispatcher-1 << "{"Fault":{"faultcode":"soapenv:Server","faultstring":1,"detail":null}}[\r][\n]"
[2023-01-16 17:21:26,920] [] DEBUG - wire HTTP-Listener I/O dispatcher-1 << "0[\r][\n]"
[2023-01-16 17:21:26,920] [] DEBUG - wire HTTP-Listener I/O dispatcher-1 << "[\r][\n]"
WSO2 EI API:
<?xml version="1.0" encoding="UTF-8"?>
<api context="/basicauthapi" name="BasicAuthAPI" xmlns="http://ws.apache.org/ns/synapse">
<resource methods="POST">
<inSequence>
<log level="custom">
<property name="====BasicAuthAPI" value="caleed====="/>
</log>
<payloadFactory media-type="json">
<format>{"Status":"success"}</format>
<args/>
</payloadFactory>
<respond/>
</inSequence>
<outSequence/>
<faultSequence/>
</resource>
<handlers>
<handler class="com.basic.auth.handler.CustomBasicAuth"/>
</handlers>
</api>
POSTMAN HIT:
Referrence link
Please let me know why custom basic auth not working.

When you extract the Auth header like String authHeader = (String) headersMap.get("Authorization"); you will get the value as Basic d3NvMnVzZXI6d3NvMnVzZXI=. This is not a valid Base64 encoded value, hence when you try to decode the value (new Base64().decode(credentials.getBytes())) it's failing, eventually throwing an error when trying to split(decodedCredentials.split(":")[0]) the credentials string.
So from the Auth header, you need to extract the credentials part. Multiple ways to do this. Following is using substring. Update the credentials extraction part to following.
String authHeader = (String) headersMap.get("Authorization").substring(6).trim();
On a different note, this code needs improvements and better error handling. For example, what if the Header is invalid? What if the password/username is missing? What if the encoding is wrong?
Update
It seems the product already packs a Auth handler by default. Which authenticates using the connected userstore. Hence you should be able to use this as well.
<handlers>
<handler class="org.wso2.carbon.integrator.core.handler.RESTBasicAuthHandler"/>
</handlers>

As suggested by #ycr, I have created required User(ie wso2user) in WSO2 EI Management console and assign required Role(ie admin)
Added org.wso2.carbon.integrator.core.handler.RESTBasicAuthHandler as Auth Handler inside API.
API:
<?xml version="1.0" encoding="UTF-8"?>
<api context="/basicauthapi" name="BasicAuthAPI" xmlns="http://ws.apache.org/ns/synapse">
<resource methods="POST">
<inSequence>
<log level="custom">
<property name="====BasicAuthAPI" value="caleed====="/>
</log>
<payloadFactory media-type="json">
<format>{"Status":"success"}</format>
<args/>
</payloadFactory>
<respond/>
</inSequence>
<outSequence/>
<faultSequence/>
</resource>
<handlers>
<handler class="org.wso2.carbon.integrator.core.handler.RESTBasicAuthHandler"/>
</handlers>
</api>
Post above changes, API hits happen as expected shown below.

WSO2 APIM connecting to backend service secured with QWAC certificate

I am implementing an API gateway for a backend service which requires QWAC certificate.
I followed the instructions at: https://apim.docs.wso2.com/en/3.1.0/administer/product-security/mutual-ssl-between-api-gateway-and-backend/ and imported the public key to client keystore in WSO APIM.
When I try to reach the endpoint in question I am getting the following error response:
{"errorCode":"bad_request","errorText":"400 - {\"status\":\"INVALID\",\"errorCode\":\"unspecified_error\",\"errorText\":\"Mapping error\"}"}, which seems to be coming from the
backend service.
Here is the output from wso2carbon wire logs:
2 Message direction=IN Server name=localhost Timestamp=1587116916556 Service name=__SynapseService Operation Name=mediate
TID: [-1] [] [2020-04-17 11:48:36,823] DEBUG {org.apache.synapse.transport.http.wire} - HTTPS-Sender I/O dispatcher-2 << "GET /api/slsp/sandbox/v1/psd2-ais/v1/accounts HTTP/1.1[\r][\n]"
TID: [-1] [] [2020-04-17 11:48:36,890] DEBUG {org.apache.synapse.transport.http.wire} - HTTPS-Sender I/O dispatcher-2 << "Authorization: ewogICJ0eXBlIjogInRva2VuIiwKICAibmFtZSI6ICJTTFNQIGNsaWVudDEiLAogICJzZXNzaW9uVVVJRCI6ICIyMzI1YzFkMS01ZTMwLTQ2NGQtOGM0Ni1kYzc5Y2E2NTkzMDAiLAogICJzY29wZXMiOiBbXSwKICAiY29uc2VudCI6IFsKICAgIHsKICAgICAgImlkIjogIjExMTExIiwKICAgICAgImNvbnRlbnQiOiAibm9uZSIKICAgIH0KICBdLAogICJsaW1pdHMiOiB7CiAgICAiYWNjZXNzU2Vjb25kcyI6IDM2MDAsCiAgICAicmVmcmVzaFNlY29uZHMiOiA3Nzc2MDAwCiAgfSwKICAiYWNjZXNzVHlwZSI6ICJudWxsIiwKICAiZXhwaXJhdGlvbiI6ICIyMDIwLTA0LTE3VDA5OjUxOjI2LjQ1MVoiCn0=[\r][\n]"
TID: [-1] [] [2020-04-17 11:48:36,954] DEBUG {org.apache.synapse.transport.http.wire} - HTTPS-Sender I/O dispatcher-2 << "activityID: 490325399145411914682[\r][\n]"
TID: [-1] [] [2020-04-17 11:48:37,017] DEBUG {org.apache.synapse.transport.http.wire} - HTTPS-Sender I/O dispatcher-2 << "web-api-key: b5830b00-772f-4e94-8a4a-be370d4e5481[\r][\n]"
TID: [-1] [] [2020-04-17 11:48:37,082] DEBUG {org.apache.synapse.transport.http.wire} - HTTPS-Sender I/O dispatcher-2 << "accept: application/json[\r][\n]"
TID: [-1] [] [2020-04-17 11:48:37,145] DEBUG {org.apache.synapse.transport.http.wire} - HTTPS-Sender I/O dispatcher-2 << "Host: webapi.developers.erstegroup.com[\r][\n]"
TID: [-1] [] [2020-04-17 11:48:37,208] DEBUG {org.apache.synapse.transport.http.wire} - HTTPS-Sender I/O dispatcher-2 << "Connection: Keep-Alive[\r][\n]"
TID: [-1] [] [2020-04-17 11:48:37,273] DEBUG {org.apache.synapse.transport.http.wire} - HTTPS-Sender I/O dispatcher-2 << "User-Agent: Synapse-PT-HttpComponents-NIO[\r][\n]"
TID: [-1] [] [2020-04-17 11:48:37,336] DEBUG {org.apache.synapse.transport.http.wire} - HTTPS-Sender I/O dispatcher-2 << "[\r][\n]"
TID: [-1] [] [2020-04-17 11:48:37,642] DEBUG {org.apache.synapse.transport.http.wire} - HTTPS-Sender I/O dispatcher-2 >> "HTTP/1.1 400 [\r][\n]"
TID: [-1] [] [2020-04-17 11:48:37,706] DEBUG {org.apache.synapse.transport.http.wire} - HTTPS-Sender I/O dispatcher-2 >> "Date: Fri, 17 Apr 2020 09:48:37 GMT[\r][\n]"
TID: [-1] [] [2020-04-17 11:48:37,771] DEBUG {org.apache.synapse.transport.http.wire} - HTTPS-Sender I/O dispatcher-2 >> "Server: Apache[\r][\n]"
TID: [-1] [] [2020-04-17 11:48:37,835] DEBUG {org.apache.synapse.transport.http.wire} - HTTPS-Sender I/O dispatcher-2 >> "Strict-Transport-Security: max-age=31536000; includeSubDomains[\r][\n]"
TID: [-1] [] [2020-04-17 11:48:37,900] DEBUG {org.apache.synapse.transport.http.wire} - HTTPS-Sender I/O dispatcher-2 >> "cz-transactionId: 197173439577254[\r][\n]"
TID: [-1] [] [2020-04-17 11:48:37,966] DEBUG {org.apache.synapse.transport.http.wire} - HTTPS-Sender I/O dispatcher-2 >> "Content-Type: application/json;charset=utf-8[\r][\n]"
TID: [-1] [] [2020-04-17 11:48:38,031] DEBUG {org.apache.synapse.transport.http.wire} - HTTPS-Sender I/O dispatcher-2 >> "Content-Length: 140[\r][\n]"
TID: [-1] [] [2020-04-17 11:48:38,095] DEBUG {org.apache.synapse.transport.http.wire} - HTTPS-Sender I/O dispatcher-2 >> "Set-Cookie: 48f65e4d401373b3b03cb2a02b953e21=425c12b91ee874d67b6799357c467562; path=/; HttpOnly; Secure[\r][\n]"
TID: [-1] [] [2020-04-17 11:48:38,158] DEBUG {org.apache.synapse.transport.http.wire} - HTTPS-Sender I/O dispatcher-2 >> "Connection: close[\r][\n]"
TID: [-1] [] [2020-04-17 11:48:38,221] DEBUG {org.apache.synapse.transport.http.wire} - HTTPS-Sender I/O dispatcher-2 >> "[\r][\n]"
TID: [-1] [] [2020-04-17 11:48:38,286] DEBUG {org.apache.synapse.transport.http.wire} - HTTPS-Sender I/O dispatcher-2 >> "{"errorCode":"bad_request","errorText":"400 - {\"status\":\"INVALID\",\"errorCode\":\"unspecified_error\",\"errorText\":\"Mapping error\"}"}"
I have tried to reach the same service with Postman, after I imported the client certificate in postman , the service was responding without errors.
So it looks like the isssue is not with the certificate itself, as the SSL connection was established with the backend server, but what could have gone wrong? (When the OAuth2.0 token expires I get the following error "OAUTH2 failed to TOKEN_INFO with response: {\\"active\\":false}", which is the same as what I get with Postman.)
Here is the swagger spec from WSO2 APIM:
paths:
/accounts:
get:
parameters:
-
name: "withBalance"
in: "query"
required: false
style: "form"
explode: true
schema:
type: "string"
-
name: "web-api-key"
in: "query"
required: true
style: "form"
explode: true
schema:
type: "string"
-
name: "access_token"
in: "query"
required: true
style: "form"
explode: true
schema:
type: "string"
responses:
200:
description: "ok"
security:
-
default: []
x-auth-type: "None"
x-throttling-tier: "Unlimited"
components:
securitySchemes:
default:
type: "oauth2"
flows:
implicit:
authorizationUrl: "https://test.com"
scopes: {}
x-wso2-auth-header: "Authorization"
x-throttling-tier: "Unlimited"
x-wso2-cors:
corsConfigurationEnabled: false
accessControlAllowOrigins:
- "*"
accessControlAllowCredentials: false
accessControlAllowHeaders:
- "authorization"
- "Access-Control-Allow-Origin"
- "Content-Type"
- "SOAPAction"
accessControlAllowMethods:
- "GET"
- "PUT"
- "POST"
- "DELETE"
- "PATCH"
- "OPTIONS"
x-wso2-sandbox-endpoints:
urls:
- "https://webapi.developers.erstegroup.com/api/slsp/sandbox/v1/psd2-ais/v1"
type: "http"
x-wso2-basePath: "/slsp_ais/1.0"
x-wso2-transports:
- "http"
I tried to pass the 2 mandatory parameters in HTTP headers as well, but I get the same results:
curl -X GET "http://localhost:8280/slsp_ais/1.0/accounts" -H "accept: application/json" -H "web-api-key: b5830b00-772f-4e94-8a4a-be370d4e5481" -H "Authorization: Bearer ewogICJ0eXBlIjogInRva2VuIiwKICAibmFtZSI6ICJTTFNQIGNsaWVudDEiLAogICJzZXNzaW9uVVVJRCI6ICIyMzI1YzFkMS01ZTMwLTQ2NGQtOGM0Ni1kYzc5Y2E2NTkzMDAiLAogICJzY29wZXMiOiBbXSwKICAiY29uc2VudCI6IFsKICAgIHsKICAgICAgImlkIjogIjExMTExIiwKICAgICAgImNvbnRlbnQiOiAibm9uZSIKICAgIH0KICBdLAogICJsaW1pdHMiOiB7CiAgICAiYWNjZXNzU2Vjb25kcyI6IDM2MDAsCiAgICAicmVmcmVzaFNlY29uZHMiOiA3Nzc2MDAwCiAgfSwKICAiYWNjZXNzVHlwZSI6ICJudWxsIiwKICAiZXhwaXJhdGlvbiI6ICIyMDIwLTA0LTE3VDA5OjUxOjI2LjQ1MVoiCn0=" -H "apikey: eyJ4NXQiOiJaalJtWVRNd05USmpPV1U1TW1Jek1qZ3pOREkzWTJJeU1tSXlZMkV6TWpkaFpqVmlNamMwWmc9PSIsImtpZCI6ImdhdGV3YXlfY2VydGlmaWNhdGVfYWxpYXMiLCJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJzdWIiOiJhZG1pbiIsImFwcGxpY2F0aW9uIjp7Im93bmVyIjoiYWRtaW4iLCJ0aWVyIjoiVW5saW1pdGVkIiwibmFtZSI6IlRlc3RfYXBwIiwiaWQiOjIsInV1aWQiOiIyNDUxZWMyNy02ZDllLTRjN2YtODcwYi0xOWIxZGNiMDI2MzQifSwidGllckluZm8iOnsiVW5saW1pdGVkIjp7InN0b3BPblF1b3RhUmVhY2giOnRydWUsInNwaWtlQXJyZXN0TGltaXQiOjAsInNwaWtlQXJyZXN0VW5pdCI6bnVsbH19LCJrZXl0eXBlIjoiU0FOREJPWCIsInN1YnNjcmliZWRBUElzIjpbeyJzdWJzY3JpYmVyVGVuYW50RG9tYWluIjoiY2FyYm9uLnN1cGVyIiwibmFtZSI6IkFQSU9CIiwiY29udGV4dCI6Ilwvb3Blbi1iYW5raW5nXC92My4xXC9haXNwXC92My4xLjUiLCJwdWJsaXNoZXIiOiJhZG1pbiIsInZlcnNpb24iOiJ2My4xLjUiLCJzdWJzY3JpcHRpb25UaWVyIjoiVW5saW1pdGVkIn0seyJzdWJzY3JpYmVyVGVuYW50RG9tYWluIjoiY2FyYm9uLnN1cGVyIiwibmFtZSI6Ik1vY2tUYXJnZXRBUEkiLCJjb250ZXh0IjoiXC9BcGlnZWVfTW9ja19UYXJnZXRcLzEuMC4wIiwicHVibGlzaGVyIjoiYWRtaW4iLCJ2ZXJzaW9uIjoiMS4wLjAiLCJzdWJzY3JpcHRpb25UaWVyIjoiVW5saW1pdGVkIn0seyJzdWJzY3JpYmVyVGVuYW50RG9tYWluIjoiY2FyYm9uLnN1cGVyIiwibmFtZSI6IlNMU1BfUFNEMl9BSVMiLCJjb250ZXh0IjoiXC9zbHNwX2Fpc1wvMS4wIiwicHVibGlzaGVyIjoiYWRtaW4iLCJ2ZXJzaW9uIjoiMS4wIiwic3Vic2NyaXB0aW9uVGllciI6IlVubGltaXRlZCJ9XSwiaWF0IjoxNTg3MTEzMTgzLCJqdGkiOiI0ZmFhYTQ4Ny0yODNjLTQ3ZjMtYTdlNi05OGQ1YmI2NjFmN2YifQ==.QJ8-ODdRueTtDKDfWYVFeI3I6YJGfCtRGIg64nGdewQP9jW8KzyFLmkt14i7OGXkKpA4e2Yowa9lidxN0qrdRmUjJLKpZmBOn6TjN5auE8TcvxyeSlOigK0N-J-eLB6DuHnqg6Rf918d2oJS2bJBmqbzqs0BPMuEj5Y9ImS7F1CdMcRaDTOYt6G-GxmwpScU4dlxOrxZGu8uD5Nnz2SHikXSqGcrF-KLmNUFJuFKTitEMEaHz8N9M-MYsTDlOnvu0BeEFiW60NRCPumzCOzs5wL7dMTcCXOGd40-OKcUkS2KpH-YEh7cl0ALz9wi0vgFRqN0V2CAndbCUwppmkzo9w=="
{"errorCode":"bad_request","errorText":"400 - {\"status\":\"INVALID\",\"errorCode\":\"unspecified_error\",\"errorText\":\"Mapping error\"}"}
I also intercepted the working Postman request via Burp:
GET /api/slsp/sandbox/v1/psd2-ais/v1/accounts?web-api-key=b5830b00-772f-4e94-8a4a-be370d4e5481&access_token=ewogICJ0eXBlIjogInRva2VuIiwKICAibmFtZSI6ICJTTFNQIGNsaWVudDEiLAogICJzZXNzaW9uVVVJRCI6ICIyMzI1YzFkMS01ZTMwLTQ2NGQtOGM0Ni1kYzc5Y2E2NTkzMDAiLAogICJzY29wZXMiOiBbXSwKICAiY29uc2VudCI6IFsKICAgIHsKICAgICAgImlkIjogIjExMTExIiwKICAgICAgImNvbnRlbnQiOiAibm9uZSIKICAgIH0KICBdLAogICJsaW1pdHMiOiB7CiAgICAiYWNjZXNzU2Vjb25kcyI6IDM2MDAsCiAgICAicmVmcmVzaFNlY29uZHMiOiA3Nzc2MDAwCiAgfSwKICAiYWNjZXNzVHlwZSI6ICJudWxsIiwKICAiZXhwaXJhdGlvbiI6ICIyMDIwLTA0LTE3VDA5OjUxOjI2LjQ1MVoiCn0= HTTP/1.1
User-Agent: PostmanRuntime/7.24.1
Accept: */*
Cache-Control: no-cache
Postman-Token: b925ae09-0b5b-440f-a1e9-98bc5f79b043
Host: webapi.developers.erstegroup.com:443
Accept-Encoding: gzip, deflate
Connection: close
Here is the whole thing via Postman console:
GET /api/slsp/sandbox/v1/psd2-ais/v1/accounts?web-api-key=b5830b00-772f-4e94-8a4a-be370d4e5481&access_token=ewogICJ0eXBlIjogInRva2VuIiwKICAibmFtZSI6ICJTTFNQIGNsaWVudDEiLAogICJzZXNzaW9uVVVJRCI6ICI4MWJlZDMwMS1lMGFkLTQwMzAtODMxMC0wNThmZDViYWIyMDkiLAogICJzY29wZXMiOiBbXSwKICAiY29uc2VudCI6IFsKICAgIHsKICAgICAgImlkIjogIjExMTExIiwKICAgICAgImNvbnRlbnQiOiAibm9uZSIKICAgIH0KICBdLAogICJsaW1pdHMiOiB7CiAgICAiYWNjZXNzU2Vjb25kcyI6IDM2MDAsCiAgICAicmVmcmVzaFNlY29uZHMiOiA3Nzc2MDAwCiAgfSwKICAiYWNjZXNzVHlwZSI6ICJudWxsIiwKICAiZXhwaXJhdGlvbiI6ICIyMDIwLTA0LTE3VDExOjU0OjQ5LjA4OFoiCn0%3D HTTP/1.1
User-Agent: PostmanRuntime/7.24.1
Accept: */*
Cache-Control: no-cache
Postman-Token: fc30b165-7571-4efe-96fe-e23b1cf1c20e
Host: webapi.developers.erstegroup.com:443
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
HTTP/1.1 200 OK
Date: Fri, 17 Apr 2020 10:55:37 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000; includeSubDomains
accept: */*
Access-Control-Allow-Origin: *
correlation-id: 6b27116c-15e6-4410-8ff7-87afd9bbd92b
forwarded: for=10.198.136.200;host=webapi.prod.eapihub.microp.cs.eb.lan.at;proto=https;proto-version=
ip-address: 178.41.84.88
origin-transaction-id: 185078296373260
postman-token: fc30b165-7571-4efe-96fe-e23b1cf1c20e
TPP-QWAC-Body: MIIFSTCCAzGgAwIBAgIEAQIDBDANBgkqhkiG9w0BAQsFADCBgDELMAkGA1UEBhMCQ1oxDjAMBgNVBAcTBUN6ZWNoMRMwEQYDVQQKEwpFcnN0ZUdyb3VwMRUwEwYDVQQLEwxFcnN0ZUh1YlRlYW0xETAPBgNVBAMTCEVyc3RlSHViMSIwIAYJKoZIhvcNAQkBFhNpbmZvQGVyc3RlZ3JvdXAuY29tMB4XDTE5MDkxNzA4NTA1MFoXDTIyMTIxNzA4NTA1MFowUjEaMBgGA1UEYRMRUFNEQ1otQ05CLTEyMzQ1NjcxCzAJBgNVBAYTAkNaMRYwFAYDVQQDEw1UUFAgVGVzdCBRV0FDMQ8wDQYDVQQKEwZNeSBUUFAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDJZunh6Nj5aBtbhJJ9eaSDjDiiERBOZfVrmEwz9Ea5ldLAf8NUy+t71etzGeHtCKyTuSlhj1Clhla+iG/r1uz25H3T6wUQbmw1+pFsaSovkamQaKy+2GJSPCx66li6z2JBv0I66DtoGl6QXcy5JO2sBjZaO4m11bcFFVkvo9lh2QCC2x68w8bHeBuPUMnU6rupVQfgPPWMH+WqqaPgxoQr5KmQ03ItY2/TBqoX6xTTbL6+B8OMbX41Lxah+g+5XPOlDoC64HiBO2T+FL62W+51ehUCORuuUt6/AYzXcCHSu1FXsk25KeObe9Na2AfobGNL83I68Bl0K2WtjbEtHs1FAgMBAAGjgfcwgfQwCwYDVR0PBAQDAgHGMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjCBrwYIKwYBBQUHAQMEgaIwgZ8wCAYGBACORgEBMAsGBgQAjkYBAwIBFDAIBgYEAI5GAQQwEwYGBACORgEGMAkGBwQAjkYBBgMwZwYGBACBmCcCMF0wTDARBgcEAIGYJwEBDAZQU1BfQVMwEQYHBACBmCcBAgwGUFNQX1BJMBEGBwQAgZgnAQMMBlBTUF9BSTARBgcEAIGYJwEEDAZQU1BfSUMMBUVyc3RlDAZBVC1FUlMwFAYDVR0RBA0wC4IJbXl0cHAuY29tMA0GCSqGSIb3DQEBCwUAA4ICAQCRs+caFpc9s1v1bK1kTQI0aA7lbyuzcd+zMkDOVvyN1h6d6BCv41XksB25tgzn8WeUl+2p08rxQJzobjm+e210fgqDC8KVjbnzzbsut11aFjIZN8qgs5ZBQrujABXGCSOyo4R+AxTpSBmM++gdrR+Kp4H+BV3bpFjtGfrzyN2pfPXj5M6t/CAMk6mAmHzZT7MXSRMltM+xbEkMniUW856lLo1YxPBF8zEIg8bicTyV2fJkDCGxnaJpJ2+vSt9s8WDB4qw5/hRKDcpT/TyZ6136SldlsbsMNYAC0Vd//2CSeT5yPG3970skf797zTtLNWtWjZUZtXaHHCfJDkVCMjFSEw/+LKDhmorQmv+4ZYgKVUDMCcjjaAOPF1Gwq2U57Jg96E3gBY0h/jMhzQPCDQfR7jBvYRYtpaykNBNXsITCvrXYn88FKEJK9qqLmAifFB/QF+EkXN2PUgl+VXC4ly2eHj6JTI7Xy0MbiF/m861mRQ1i6YOsB+GG3X1gPCMxbyXMYwDB9/22JftRjo2d9h/sNjpXdowJokFNLXAzq4shmasUvaIE+BpGScVuO0/3gnMW06MbSB2kSR1+m7r4pFs/ND8/WcckteSrKXD94b8feClzA5H83t+uI0EOXzO7qpbZOkAHPfioA1F4P4JewDJ9HpKu96VO5uZUN6M0DK4dnQ==
transaction-id: 185078296373260
web-api-correlation-id: 6b27116c-15e6-4410-8ff7-87afd9bbd92b
web-api-transaction-id: 185078296373260
x-forwarded-for: 178.41.84.88, 178.41.84.88
x-forwarded-host: webapi.prod.eapihub.microp.cs.eb.lan.at
x-forwarded-port: 443
x-forwarded-proto: https
x-forwarded-server: webapi.developers.erstegroup.com
X-Traits: TPP_ONLY;PSD2_QWAC;DELEGATE_QSEAL_VALIDATION
x-webapi-client-ip: 178.41.84.88
x-webapi-message-id: 185078296373260
Content-Type: application/json;charset=utf-8
Vary: Accept-Encoding
Content-Encoding: br
Content-Length: 276
Keep-Alive: timeout=60, max=99
Connection: Keep-Alive
{"accounts":[{"resourceId":"CCA4F9863D686D04","iban":"SK5409000000005037706253","currency":"EUR","name":"Mag. A. M. Tester","cashAccountType":"CACC","status":"enabled","bic":"GIBASKBX","_links":{"detail":{"href":"/v1/accounts/CCA4F9863D686D04"},"balances":{"href":"/v1/accounts/CCA4F9863D686D04/balances"},"transactions":{"href":"/v1/psd2-ais/v1/transactions"}}},{"resourceId":"AF500F1000071A0A0","iban":"SK0209000000005037645497","currency":"USD","name":"Adam Tester","cashAccountType":"CACC","status":"enabled","bic":"GIBASKBX","_links":{"balances":{"href":"/v1/accounts/AF500F1000071A0A0/balances"},"transactions":{"href":"/v1/accounts/AF500F1000071A0A0/transactions"}}}]}
I would appreciate any feedback. Thank you for your help.

In the keystore in WSO2-AM side you need to import the private key, not just the certifiate
Refer to the sample at https://apim.docs.wso2.com/en/3.1.0/administer/product-security/mutual-ssl-between-api-gateway-and-backend/
<!-- For Mutual SSL Handshake configure both trust store and key store-->
<profile>
<servers>10.100.5.130:9444</servers>
<TrustStore>
<Location>repository/resources/security/client-truststore.jks
</Location>
<Type>JKS</Type>
<Password>wso2carbon</Password>
</TrustStore>
<KeyStore>
<Location>repository/resources/security/wso2carbon.jks</Location>
<Type>JKS</Type>
<Password>xxxxxx</Password>
<KeyPassword>xxxxxx</KeyPassword>
</KeyStore>
</profile>
</parameter>
In the keystore file repository/resources/security/wso2carbon.jks you need to have private key of your client certificate.

Is there a way to send Payload in HTTP Delete in WSO2 EI v6.4

I am currently trying to access any REST service for deleting a resource from my WSO2 EI sequence. The code looks something like below
<?xml version="1.0" encoding="UTF-8"?>
<sequence name="DELETE_COMPANY_INFO" trace="disable" xmlns="http://ws.apache.org/ns/synapse">
<log level="custom">
<property name="Sequence" value="DELETE COMPANY INFO started"/>
</log>
<log level="custom">
<property expression="json-eval($)" name="Request Payload"/>
</log>
<property name="NO_ENTITY_BODY" action="set" value="false" type="BOOLEAN" scope="axis2"/>
<call blocking="true">
<endpoint>
<http method="delete" uri-template="http://<IP>:<Port>/companyinfo/<id>">
</http>
</endpoint>
</call>
</sequence>
As can be seen I wish to send the message payload to this endpoint. However I am not able to send this as the payload is dropped by WSO2 EI v6.4
Logs are below
[2020-02-21 14:00:33,127] [micro-integrator] INFO - LogMediator Sequence = DELETE COMPANY INFO started
[2020-02-21 14:00:33,128] [micro-integrator] INFO - LogMediator Request Payload = {"CompanyName":"test123"}
[2020-02-21 14:00:33,131] [micro-integrator] DEBUG - header >> "DELETE /companyinfo/123 HTTP/1.1[\r][\n]"
[2020-02-21 14:00:33,131] [micro-integrator] DEBUG - header >> "Content-Type: application/json; charset=UTF-8[\r][\n]"
[2020-02-21 14:00:33,132] [micro-integrator] DEBUG - header >> "User-Agent: Axis2[\r][\n]"
[2020-02-21 14:00:33,132] [micro-integrator] DEBUG - header >> "Host: <IP>:<Port>[\r][\n]"
[2020-02-21 14:00:33,132] [micro-integrator] DEBUG - header >> "[\r][\n]"
[2020-02-21 14:00:33,136] [micro-integrator] DEBUG - header << "HTTP/1.1 200 [\r][\n]"
[2020-02-21 14:00:33,136] [micro-integrator] DEBUG - header << "HTTP/1.1 200 [\r][\n]"
[2020-02-21 14:00:33,136] [micro-integrator] DEBUG - header << "Content-Type: application/json[\r][\n]"
[2020-02-21 14:00:33,136] [micro-integrator] DEBUG - header << "Content-Length: 25[\r][\n]"
[2020-02-21 14:00:33,137] [micro-integrator] DEBUG - header << "Date: Fri, 21 Feb 2020 08:30:32 GMT[\r][\n]"
[2020-02-21 14:00:33,137] [micro-integrator] DEBUG - header << "[\r][\n]"
[2020-02-21 14:00:33,137] [micro-integrator] DEBUG - content << "{"CompanyName":"test123"}"
I know that REST Webservice implementation should not use Payload for HTTP DELETE operation, however I think ESB should not make the decision to drop the Payload if the underlying transport allows it.
Additionally, I know that this issue was reported earlier (https://wso2.org/jira/browse/ESBJAVA-5060) and marked as resolved in v6.2 of WSO2 EI. However I am facing this in 6.4 version of EI.
Is there a solution to allow Payload with HTTP DELETE call using Call Mediator in WSO2 EI v6.4?

It seems the fix has gone to the Passthrough transport (non blocking) and not to the blocking transport. If you remove the blocking="true" mode, it should work.

Soap Header is removed in payload factory in wso2 esb

I am using WSO2 Payload factory to create one soap request in which some information is sent to third party. This payload removes my soap header value. Can anyone please help me out in this. I can see only body is being passed and header is getting removed.
I have to use below request to get some token
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:oas="http://www.docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:sec="http://schemas.cdi.ltsa.govt.nz/SecurityService.xsd" xmlns:sec1="http://schemas.cdi.ltsa.govt.nz/SecurityService" xmlns:oas1="http://www.docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:acc="http://schemas.cdi.ltsa.govt.nz/Security/AccessControl/" xmlns:sec2="http://localhost/Schema/SecurityService">
<soapenv:Header>
<oas:Security>
<oas:UserNameToken>
<oas:UserName>XXXX</oas:UserName>
<oas:Password>XXXX</oas:Password>
</oas:UserNameToken>
</oas:Security>
</soapenv:Header>
<soapenv:Body>
<acc:AuthenticateClient>
<sec2:AuthenticateClientRequest>
<sec2:RequestBody></sec2:RequestBody>
</sec2:AuthenticateClientRequest>
</acc:AuthenticateClient>
</soapenv:Body>
</soapenv:Envelope>
<header name="SOAPAction" scope="transport" value="http://schemas.cdi.ltsa.govt.nz/Security/AccessControl/AuthenticateClient"/>
<script language="js"><![CDATA[var envelope = mc.getEnvelopeXML();
var oas = new Namespace('http://www.docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd');
mc.addHeader(false, <oas:Security xmlns:oas="http://www.docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<oas:UserNameToken>
<oas:UserName>XXXX</oas:UserName>
<oas:Password>XXXX</oas:Password>
</oas:UserNameToken>
</oas:Security>
);]]></script>
<payloadFactory media-type="xml">
<format>
<Body>
<AuthenticateClient>
<AuthenticateClientRequest>
<RequestBody/>
</AuthenticateClientRequest>
</AuthenticateClient>
</Body>
</format>
<args>
<arg evaluator="xml" expression="$ctx:UserName" xmlns:ns="http://org.apache.synapse/xsd"/>
<arg evaluator="xml" expression="$ctx:Password" xmlns:ns="http://org.apache.synapse/xsd"/>
</args>
</payloadFactory>
<log level="full"/>
<call>
<endpoint>
<address trace="disable" uri="http://XXXX:28080/services/XXXX"/>
</endpoint>
</call>
<respond/>
Logs:
wire << "POST /services/B2BProxyVechicle HTTP/1.1[\r][\n]"
[2017-09-18 16:38:12,230] DEBUG - wire << "SOAPAction: http://XXXXX/AccessControl/AuthenticateClient[\r][\n]"
[2017-09-18 16:38:12,225] DEBUG - SequenceMediator End : Sequence key=<Value {name ='null', keyValue ='PPSR_VehicleInfo_IN_SEQ'}>
[2017-09-18 16:38:12,245] DEBUG - SequenceMediator End : Sequence <anonymous>
[2017-09-18 16:38:12,238] DEBUG - wire << "Accept-Encoding: gzip,deflate[\r][\n]"
[2017-09-18 16:38:12,253] DEBUG - wire << "Content-Type: text/xml; charset=UTF-8[\r][\n]"
[2017-09-18 16:38:12,257] DEBUG - wire << "Transfer-Encoding: chunked[\r][\n]"
[2017-09-18 16:38:12,261] DEBUG - wire << "Host: 1r][\n]"
[2017-09-18 16:38:12,265] DEBUG - wire << "Connection: Keep-Alive[\r][\n]"
[2017-09-18 16:38:12,268] DEBUG - wire << "User-Agent: Synapse-PT-HttpComponents-NIO[\r][\n]"
[2017-09-18 16:38:12,273] DEBUG - wire << "[\r][\n]"
[2017-09-18 16:38:12,275] DEBUG - wire << "a3[\r][\n]"
[2017-09-18 16:38:12,278] DEBUG - wire << "<Body xmlns="http://ws.apache.org/ns/synapse"><AuthenticateClient><AuthenticateClientRequest><RequestBody/></AuthenticateClientRequest></AuthenticateClient></Body>[\r][\n]"
[2017-09-18 16:38:12,292] DEBUG - wire << "0[\r][\n]"
[2017-09-18 16:38:12,294] DEBUG - wire << "[\r][\n]"
[2017-09-18 16:38:12,305] DEBUG - wire >> "HTTP/1.1 200 OK[\r][\n]"
[2017-09-18 16:38:12,309] DEBUG - wire >> "Host: 3[\r][\n]"
[2017-09-18 16:38:12,313] DEBUG - wire >> "SOAPAction: "http://XXXXXX/AccessControl/AuthenticateClient"[\r][\n]"
[2017-09-18 16:38:12,321] DEBUG - wire >> "Accept-Encoding: gzip,deflate[\r][\n]"
[2017-09-18 16:38:12,325] DEBUG - wire >> "Content-Type: text/xml; charset=UTF-8[\r][\n]"
[2017-09-18 16:38:12,330] DEBUG - wire >> "Date: Mon, 18 Sep 2017 04:38:12 GMT[\r][\n]"
[2017-09-18 16:38:12,334] DEBUG - wire >> "Transfer-Encoding: chunked[\r][\n]"
[2017-09-18 16:38:12,337] DEBUG - wire >> "Connection: Keep-Alive[\r][\n]"
[2017-09-18 16:38:12,341] DEBUG - wire >> "[\r][\n]"
[2017-09-18 16:38:12,343] DEBUG - wire >> "94[\r][\n]"
[2017-09-18 16:38:12,346] DEBUG - wire >> "<?xml version='1.0' encoding='UTF-8'?><soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"><soapenv:Body/></soapenv:Envelope>[\r][\n]"
[2017-09-18 16:38:12,360] DEBUG - wire >> "0[\r][\n]"
[2017-09-18 16:38:12,362] DEBUG - wire >> "[\r][\n]"
[2017-09-18 16:38:12,364] DEBUG - SynapseCallbackReceiver Callback removed for request message id : urn. Pending callbacks count : 0
[2017-09-18 16:38:12,375] DEBUG - SynapseCallbackReceiver Synapse received an asynchronous response message

Try to add the following properties.
<property name="PRESERVE_WS_ADDRESSING" value="true"/>
<property name="preserveProcessedHeaders" value="true" scope="default"/>
You can also add custom headers, like described here.
https://docs.wso2.com/display/ESB490/Custom+SOAP+Headers

WSO2 FHIR Connector: error on handling FHIR server response after create resource

I have send to the server a request for create operation. After the creation of the resource the server response is not returned to the client due to the follows error: Axis2Sender Unexpected error during sending message out
The server response is HTTP/1.1 201 Created
[2017-05-11 09:44:06,745] [] DEBUG - LoggingNHttpClientConnection http-outgoing-8: Consume input
[2017-05-11 09:44:06,746] [] DEBUG - wire HTTPS-Sender I/O dispatcher-4 >> "HTTP/1.1 201 Created[\r][\n]"
[2017-05-11 09:44:06,747] [] DEBUG - wire HTTPS-Sender I/O dispatcher-4 >> "Cache-Control: private[\r][\n]"
[2017-05-11 09:44:06,747] [] DEBUG - wire HTTPS-Sender I/O dispatcher-4 >> "Content-Length: 1155[\r][\n]"
[2017-05-11 09:44:06,748] [] DEBUG - wire HTTPS-Sender I/O dispatcher-4 >> "Content-Type: application/fhir+json; charset=utf-8[\r][\n]"
[2017-05-11 09:44:06,749] [] DEBUG - wire HTTPS-Sender I/O dispatcher-4 >> "Content-Location: https://sqlonfhir-stu3.azurewebsites.net/fhir/Patient/d1ecfb4f816d
466ab94479c662b1b448/_history/1[\r][\n]"
[2017-05-11 09:44:06,749] [] DEBUG - wire HTTPS-Sender I/O dispatcher-4 >> "Last-Modified: Thu, 11 May 2017 07:44:17 GMT[\r][\n]"
[2017-05-11 09:44:06,750] [] DEBUG - wire HTTPS-Sender I/O dispatcher-4 >> "ETag: W/"1"[\r][\n]"
[2017-05-11 09:44:06,750] [] DEBUG - wire HTTPS-Sender I/O dispatcher-4 >> "Location: https://sqlonfhir-stu3.azurewebsites.net/fhir/Patient/d1ecfb4f816d466ab944
79c662b1b448/_history/1[\r][\n]"
[2017-05-11 09:44:06,751] [] DEBUG - wire HTTPS-Sender I/O dispatcher-4 >> "Server: Microsoft-IIS/8.0[\r][\n]"
[2017-05-11 09:44:06,751] [] DEBUG - wire HTTPS-Sender I/O dispatcher-4 >> "X-AspNet-Version: 4.0.30319[\r][\n]"
[2017-05-11 09:44:06,751] [] DEBUG - wire HTTPS-Sender I/O dispatcher-4 >> "Request-Context: appId=cid-v1:db89bf18-68ce-4c00-a208-3700054b56ad[\r][\n]"
[2017-05-11 09:44:06,752] [] DEBUG - wire HTTPS-Sender I/O dispatcher-4 >> "X-Powered-By: ASP.NET[\r][\n]"
[2017-05-11 09:44:06,752] [] DEBUG - wire HTTPS-Sender I/O dispatcher-4 >> "Set-Cookie: ARRAffinity=db0274c056695d20e92cbf53a580c5fe334eaf55b913573afc6435767938
c334;Path=/;Domain=sqlonfhir-stu3.azurewebsites.net[\r][\n]"
[2017-05-11 09:44:06,753] [] DEBUG - wire HTTPS-Sender I/O dispatcher-4 >> "Date: Thu, 11 May 2017 07:44:16 GMT[\r][\n]"
[2017-05-11 09:44:06,753] [] DEBUG - wire HTTPS-Sender I/O dispatcher-4 >> "[\r][\n]"
[2017-05-11 09:44:06,754] [] DEBUG - wire HTTPS-Sender I/O dispatcher-4 >> "{"resourceType":"Patient","id":"d1ecfb4f816d466ab94479c662b1b448","meta":{"versionId
":"1"...
but on handling the response WSO2 throws the follows error:
[2017-05-11 09:44:06,763] [] DEBUG - headers http-outgoing-8 << Date: Thu, 11 May 2017 07:44:16 GMT
[2017-05-11 09:44:06,764] [] DEBUG - TargetHandler http-outgoing-8: HTTP/1.1 201 Created
[2017-05-11 09:44:06,764] [] DEBUG - TargetHandler http-outgoing-8: Input ready
[2017-05-11 09:44:06,765] [] DEBUG - TargetHandler http-outgoing-8: Content decoder [content length: 1155; pos: 1155; completed: true]
[2017-05-11 09:44:06,769] [] DEBUG - RelayUtils Content Type is application/fhir+json; charset=utf-8
[2017-05-11 09:44:06,771] [] ERROR - Axis2Sender Unexpected error during sending message out
java.lang.NullPointerException
at org.apache.coyote.http11.InternalNioOutputBuffer.addToBB(InternalNioOutputBuffer.java:211)
at org.apache.coyote.http11.InternalNioOutputBuffer.commit(InternalNioOutputBuffer.java:203)
at org.apache.coyote.http11.AbstractHttp11Processor.action(AbstractHttp11Processor.java:776)
at org.apache.coyote.Response.action(Response.java:174)
at org.apache.coyote.Response.sendHeaders(Response.java:348)
at org.apache.catalina.connector.OutputBuffer.doFlush(OutputBuffer.java:352)
at org.apache.catalina.connector.OutputBuffer.close(OutputBuffer.java:311)
at org.apache.catalina.connector.CoyoteOutputStream.close(CoyoteOutputStream.java:108)
at org.apache.synapse.transport.passthru.PassThroughHttpSender.sendUsingOutputStream(PassThroughHttpSender.java:308)
at org.apache.synapse.transport.passthru.PassThroughHttpSender.invoke(PassThroughHttpSender.java:271)
at org.apache.axis2.engine.AxisEngine.send(AxisEngine.java:442)
at org.apache.synapse.core.axis2.DynamicAxisOperation$DynamicOperationClient.send(DynamicAxisOperation.java:185)
at org.apache.synapse.core.axis2.DynamicAxisOperation$DynamicOperationClient.executeImpl(DynamicAxisOperation.java:167)
at org.apache.axis2.client.OperationClient.execute(OperationClient.java:149)
at org.apache.synapse.core.axis2.Axis2FlexibleMEPClient.send(Axis2FlexibleMEPClient.java:595)
at org.apache.synapse.core.axis2.Axis2Sender.sendOn(Axis2Sender.java:83)
at org.apache.synapse.core.axis2.Axis2SynapseEnvironment.send(Axis2SynapseEnvironment.java:548)
at org.apache.synapse.mediators.builtin.SendMediator.mediate(SendMediator.java:118)
at org.apache.synapse.mediators.AbstractListMediator.mediate(AbstractListMediator.java:97)
at org.apache.synapse.mediators.base.SequenceMediator.mediate(SequenceMediator.java:281)
at org.apache.synapse.core.axis2.Axis2SynapseEnvironment.mediateFromContinuationStateStack(Axis2SynapseEnvironment.java:775)
at org.apache.synapse.core.axis2.Axis2SynapseEnvironment.injectMessage(Axis2SynapseEnvironment.java:282)
at org.apache.synapse.core.axis2.SynapseCallbackReceiver.handleMessage(SynapseCallbackReceiver.java:554)
at org.apache.synapse.core.axis2.SynapseCallbackReceiver.receive(SynapseCallbackReceiver.java:188)
at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:180)
at org.apache.synapse.transport.passthru.ClientWorker.run(ClientWorker.java:262)
at org.apache.axis2.transport.base.threads.NativeWorkerPool$1.run(NativeWorkerPool.java:172)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
at java.lang.Thread.run(Thread.java:745)
I have added in EI_HOME/conf/axis2.xml
<messageFormatter contentType="application/fhir+json" class="org.wso2.carbon.integrator.core.json.JsonStreamFormatter"/>
and
<messageBuilder contentType="application/fhir+json" class="org.wso2.carbon.integrator.core.json.JsonStreamBuilder"/>
but without success.
Without add messageBuilder and messageFormatter for "application/fhir+json" I have the follows error:
[2017-05-11 11:29:18,247] [] DEBUG - TransportUtils Could not find a Builder for type (application/fhir+json). Using SOAP.
[2017-05-11 11:29:18,257] [] INFO - BuilderUtil OMException in getSOAPBuilder
org.apache.axiom.om.OMException: com.ctc.wstx.exc.WstxUnexpectedCharException: Unexpected character '{' (code 123) in prolog; expected '<'
at [row,col {unknown-source}]: [2,1]
at org.apache.axiom.om.impl.builder.StAXOMBuilder.next(StAXOMBuilder.java:296)...

Can you try with following builder and formatter?
<messageFormatter contentType="application/fhir+json" class="org.apache.synapse.commons.json.JsonStreamFormatter"/>
<messageBuilder contentType="application/fhir+json" class="org.apache.synapse.commons.json.JsonStreamBuilder"/>