I have a peculiar problem while contacting a webservice over SSL. I am running my application on a Apache Tomcat instance; I have several instances on different servers. On my test-server I can call the webservice without issues, BUT on one of my other servers it seems like here is a difference. The webservice call fails with the following output:
%% No cached client session
*** ClientHello, TLSv1
RandomCookie: GMT: 1371869704 bytes = { 252, 237, 86, 149, 133, 159, 4, 122, 234, 40, 80, 158, 223, 243, 249, 186, 196, 191, 182, 7, 189, 9, 210, 112, 6, 89, 28, 182 }
Session ID: {}
Cipher Suites: [SSL_RSA_WITH_RC4_128_MD5, SSL_RSA_WITH_RC4_128_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_256_CBC_SHA, TLS_ECDH_ECDSA_WITH_RC4_128_SHA, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA, TLS_
ECDH_RSA_WITH_RC4_128_SHA, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, TLS_ECDH_RSA_WITH_AES_256_CBC_SHA, TLS_ECDHE_ECDSA_WITH_RC4_128_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDHE_RSA_WITH_RC4_128_SHA,
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_256_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_256_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA,
TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_DES_CB
C_SHA, SSL_DHE_RSA_WITH_DES_CBC_SHA, SSL_DHE_DSS_WITH_DES_CBC_SHA, SSL_RSA_EXPORT_WITH_RC4_40_MD5, SSL_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA, SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA]
Compression Methods: { 0 }
Extension elliptic_curves, curve names: {secp256r1, sect163k1, sect163r2, secp192r1, secp224r1, sect233k1, sect233r1, sect283k1, sect283r1, secp384r1, sect409k1, sect409r1, secp521r1, sect571k1, sect571r1, secp160k1, secp160r1, secp160r2,
sect163r1, secp192k1, sect193r1, sect193r2, secp224k1, sect239k1, secp256k1}
Extension ec_point_formats, formats: [uncompressed]
***
ajp-bio-8309-exec-38, WRITE: TLSv1 Handshake, length = 175
**ajp-bio-8309-exec-38, WRITE: SSLv2 client hello message, length = 170**
ajp-bio-8309-exec-38, handling exception: java.net.SocketException: Connection reset
ajp-bio-8309-exec-38, SEND TLSv1 ALERT: fatal, description = unexpected_message
ajp-bio-8309-exec-38, WRITE: TLSv1 Alert, length = 2
ajp-bio-8309-exec-38, Exception sending alert: java.net.SocketException: Broken pipe
ajp-bio-8309-exec-38, called closeSocket()
ajp-bio-8309-exec-38, called close()
ajp-bio-8309-exec-38, called closeInternal(true)
I have generated a keystore with the appropriate certificate.
Like so:
keytool -import -file mysite.cer -keystore mykeystore
I am importing this into my keystore and, like I said, it works on some of my instances.
I haven't been able to any significant difference between my instances but somehow they act differently when it comes to SSL requests.
Turns out the problem was caused by a firewall on the webservice side. Turns out the provider I was using had different policy for their testing environment; the testing environment denied my request over https 443 while their production server did not. Weird.
Related
I'm building a serverless service (AWS lambda) to get/put files in SFTP server on a daily basis.
The only way to access the SFTP server is from another machine (an AWS EC2 instance) which has it's IP whitelisted at the SFTP server.
I did try to use Python SSHTunnelForwarder and paramiko libraries, but I'm not sure if it's possible bind SSH (tunnel forwarding) and SFTP in a single solution.
Script
with SSHTunnelForwarder(
(ssh_instance_ip, 22),
ssh_username=ssh_user,
ssh_private_key='<key_path>',
remote_bind_address=('0.0.0.0', 22),
local_bind_address=('127.0.0.1', 10022),
) as tunnel:
tunnel.start()
client = paramiko.SSHClient()
client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
client.connect(password=sftp_pwd, username=sftp_user, hostname=sftp_host, port='<port_value>', allow_agent=True, disabled_algorithms=dict(pubkeys=["rsa-sha2-512", "rsa-sha2-256"]))
tr = client.get_transport()
tr.default_max_packet_size = 100000000
tr.default_window_size = 100000000
sftp = client.open_sftp()
sftp.listdir('/')
sftp.close
client.close()
Error:
...
DEBUG:paramiko.transport:Sending global request "keepalive#lag.net"
DEBUG:paramiko.transport:[chan 0] EOF sent (0)
DEBUG:paramiko.transport:EOF in transport thread
Traceback (most recent call last):
File "/home/linuxbrew/.linuxbrew/Cellar/python#3.10/3.10.9/lib/python3.10/site-packages/paramiko/sftp_client.py", line 852, in _read_response
t, data = self._read_packet()
File "/home/linuxbrew/.linuxbrew/Cellar/python#3.10/3.10.9/lib/python3.10/site-packages/paramiko/sftp.py", line 201, in _read_packet
x = self._read_all(4)
File "/home/linuxbrew/.linuxbrew/Cellar/python#3.10/3.10.9/lib/python3.10/site-packages/paramiko/sftp.py", line 188, in _read_all
raise EOFError()
EOFError
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/work/scratch/tunnel_test/em_tunnel/app/tunnel_test.py", line 71, in <module>
sftp.listdir('/')
File "/home/linuxbrew/.linuxbrew/Cellar/python#3.10/3.10.9/lib/python3.10/site-packages/paramiko/sftp_client.py", line 218, in listdir
return [f.filename for f in self.listdir_attr(path)]
File "/home/linuxbrew/.linuxbrew/Cellar/python#3.10/3.10.9/lib/python3.10/site-packages/paramiko/sftp_client.py", line 239, in listdir_attr
t, msg = self._request(CMD_OPENDIR, path)
File "/home/linuxbrew/.linuxbrew/Cellar/python#3.10/3.10.9/lib/python3.10/site-packages/paramiko/sftp_client.py", line 822, in _request
return self._read_response(num)
File "/home/linuxbrew/.linuxbrew/Cellar/python#3.10/3.10.9/lib/python3.10/site-packages/paramiko/sftp_client.py", line 854, in _read_response
raise SSHException("Server connection dropped: {}".format(e))
paramiko.ssh_exception.SSHException: Server connection dropped:
I did look for several similar topics and could not find a way to bind SSH and SFTP in a single solution to use in serverless service as AWS Lambda.
Could you help me trying either debugging or suggesting ways (maybe a bash or JavaScript) to bind SSH and SFTP, please?
additional information:
EC2 access is done via user#host and a RSA PRIVATE KEY
SFTP access is done via user#host and a password
I've found a solution using ssh2 lib from JavaScript.
The following script access the SFTP server with a user and password jumping over another machine (an ec2 instance in my case) accessible using an user and a RSA KEY.
The script will list the content of the requested path from the SFTP server and write it's result into my.json file.
Script adapted from those examples ssh2 - npm.
const fs = require('fs');
const path = require('path');
const Client = require('ssh2').Client;
// SSH tunnel details
const sshTunnelIp = "ssh_host";
const sshUser = "ssh_user";
const sshKeyPath = path.resolve(__dirname, "path_to_your_key");
const sshKey = fs.readFileSync(sshKeyPath);
// SFTP server details
const sftpServerIp = "sftp_host";
const sftpUser = "sftp_user";
const sftpPass = "sftp_password";
// Create an SSH client
const sshClient = new Client();
// Connect to the SSH tunnel (EC2 instance)
sshClient.connect({
host: sshTunnelIp,
username: sshUser,
privateKey: sshKey
});
sshClient.on('ready', function() {
// Create an SFTP client and connect to the SFTP server
sshClient.sftp(function(err, sftp) {
if (err) throw err;
// List the content of a given path from the SFTP server
sftp.readdir('path_to_sftp_dir', function(err, list) {
if (err) throw err;
// Write the result to a json file
fs.writeFile(
'./my.json',
JSON.stringify(list),
function (err) {
if (err){
console.error('Something went wrong');
}
}
)
console.log("listing directory", list);
sftp.end();
sshClient.end();
});
});
});
My application is developed in java 7 and i have to access a "https" web service which is developed in java 14.I am getting "Received fatal alert: handshake_failure"
this is stacktrace
*** ClientHello, TLSv1.2
RandomCookie: GMT: 1592616408 bytes = { 12, 135, 232, 24, 158, 109, 182, 182, 90, 77, 217, 233, 239, 161, 116, 121, 128, 150, 234, 201, 224, 14, 34, 171, 199, 213, 212, 98 }
Session ID: {}
Cipher Suites: [TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, TLS_RSA_WITH_AES_256_CBC_SHA256, TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384, TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384, TLS_DHE_RSA_WITH_AES_256_CBC_SHA256, TLS_DHE_DSS_WITH_AES_256_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, TLS_RSA_WITH_AES_256_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDH_RSA_WITH_AES_256_CBC_SHA, TLS_DHE_RSA_WITH_AES_256_CBC_SHA, TLS_DHE_DSS_WITH_AES_256_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_RSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_DSS_WITH_AES_128_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_RC4_128_SHA, TLS_ECDHE_RSA_WITH_RC4_128_SHA, SSL_RSA_WITH_RC4_128_SHA, TLS_ECDH_ECDSA_WITH_RC4_128_SHA, TLS_ECDH_RSA_WITH_RC4_128_SHA, TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA, SSL_RSA_WITH_RC4_128_MD5, TLS_EMPTY_RENEGOTIATION_INFO_SCSV]
Compression Methods: { 0 }
Extension elliptic_curves, curve names: {secp256r1, sect163k1, sect163r2, secp192r1, secp224r1, sect233k1, sect233r1, sect283k1, sect283r1, secp384r1, sect409k1, sect409r1, secp521r1, sect571k1, sect571r1, secp160k1, secp160r1, secp160r2, sect163r1, secp192k1, sect193r1, sect193r2, secp224k1, sect239k1, secp256k1}
Extension ec_point_formats, formats: [uncompressed]
Extension signature_algorithms, signature_algorithms: SHA512withECDSA, SHA512withRSA, SHA384withECDSA, SHA384withRSA, SHA256withECDSA, SHA256withRSA, SHA224withECDSA, SHA224withRSA, SHA1withECDSA, SHA1withRSA, SHA1withDSA, MD5withRSA
Extension server_name, server_name: [host_name: collabdds.gov.in]
***
http-localhost%2F127.0.0.1-8080-7, WRITE: TLSv1.2 Handshake, length = 246
http-localhost%2F127.0.0.1-8080-7, READ: TLSv1.2 Alert, length = 2
http-localhost%2F127.0.0.1-8080-7, RECV TLSv1 ALERT: fatal, handshake_failure
http-localhost%2F127.0.0.1-8080-7, called closeSocket()
http-localhost%2F127.0.0.1-8080-7, handling exception: javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure
http-localhost%2F127.0.0.1-8080-7, called close()
http-localhost%2F127.0.0.1-8080-7, called closeInternal(true)
javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure
at sun.security.ssl.Alerts.getSSLException(Unknown Source)
at sun.security.ssl.Alerts.getSSLException(Unknown Source)
My code is
private static SSLSocketFactory getSSLSocketFactory() {
try
{
final TrustManager[] trustAllCerts = new TrustManager[] {
new X509TrustManager() {
#Override
public void checkClientTrusted(X509Certificate[] x509Certificates, String s) throws CertificateException { }
#Override
public void checkServerTrusted(X509Certificate[] x509Certificates, String s) throws CertificateException { }
#Override
public X509Certificate[] getAcceptedIssuers() {
return new X509Certificate[0];
}
}
};
final SSLContext sslContext = SSLContext.getInstance("TLSv1.2");
sslContext.init(null, null, new SecureRandom());
SSLContext.setDefault(sslContext);
return sslContext.getSocketFactory();
} catch (Exception e) {
e.printStackTrace();
}
return null;
}
somewhere in another function i have written following
((HttpsURLConnection)conn).setSSLSocketFactory(getSSLSocketFactory());
this is my server's VM arguments
In my jre7\lib\security
i have update local_policy.jar and US_export_policy.jar
what am i missing . Do i need to add cipher suits or it can be browser problem ( i am using firefox 84.0) or something else. I cannot upgrade to java8.
According to SSLLabs the server collabdds.gov.in supports only four TLS1.2 ciphers (TLS1.3 is also supported by the server but not supported by Java 7 at all):
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
Your Java version does not support any of those ciphers, hence the connection can not be established and the TLS handshake fails.
Java 7 is a dead horse when it comes to online and web services. If you want to access this server I strongly recommend to you to switch to Java 8. Or you have to use a local proxy that performs the "HTTPS translation" from recent TLS1.2 ciphers to your old and insecure Java version.
In my opinion you should take this to really consider upgrading to Java 8. Earlier or later you have to do this anyway.
Note that the used web browser is totally irrelevant for problems where your application acts as a client for a backend-service. Only if the web browser would directly connects to the back-end server this would matter.
I am running the following setup at AWS:
Elastic Loadbalancer in front of two EC2 machines (Amazon Linux) with a docker container that the salt-master runs in
Two EC2 instances with salt-minions installed
The 'master' value in the minion config is set to the dns of the loadbalancer (SaltMaster-env-vpc-test.szfegmankg.us-east-1.elasticbeanstalk.com)
The ELB accepts all traffic from the minions
The Salt-masters accept all traffic from the ELB as well as from the minions
The Salt-masters PKI Folder is shared between the two masters
The Salt-masters have the same private+public keys
The Salt-masters run on 2017.7.1
The Salt-minions run on 2016.11.5 (I tried it with 2017.7.1, but got the same results)
The Salt-minions accept all traffic from the ELB as well as from the masters
The master config looks as follows:
open_mode: True
worker_threads: 20
auto_accept: True
log_level: error
log_level_logfile: debug
extension_modules: srv/salt/ext
rest_cherrypy:
port: 8000
disable_ssl: True
debug: True
external_auth:
pam:
saltdev:
- .*
- '#runner'
# Setting the job_cache to redis.
# The redis config settings are generated at the start of the docker container and
# will be written into /etc/salt/master.d/redis.conf
master_job_cache: redis
cache: redis
pki_dir: /etc/salt/pki/master/efs
The minion config looks as follows:
id: WIN-AB3GO7BJ72I
log_file: C:\salt.log
multiprocessing: False
log_level_logfile: debug
pki_dir: /conf/pki/minion
master: SaltMaster-env-vpc-test.szfegmankg.us-east-1.elasticbeanstalk.com
master_type: str
master_alive_interval: 30
open_mode: True
root_dir: c:\salt
ipc_mode: tcp
recon_default: 1000
recon_max: 199000
recon_randomize: True
In the master log files, I can see on both masters:
2017-09-05 10:06:18,118 [salt.utils.verify][DEBUG ][35] This salt-master instance has accepted 2 minion keys.
A salt-key -L on both masters yield the same result:
Accepted Keys:
WIN-AB3GO7BJ72I
WIN-EDMP9VB716B
Denied Keys:
Unaccepted Keys:
Rejected Keys:
So it looks like all is fine and everything should work. However, a test.ping is extremely flaky. Sometimes it works, but most of the time it doesnt.
Most of the time neither master gets any return from the minion and on the minion side I can see in the log that the minion never receives the message to execute 'test.ping' from the master.
Example 1:
test.ping from Master1:
root#d7383ff8f8bf:/# salt 'WIN-EDMP9VB716B' test.ping
[ERROR ] Exception raised when processing __virtual__ function for salt.loaded.int.cache.consul. Module will not be loaded: 'module' object has no attribute 'Consul'
[ERROR ] An un-handled exception was caught by salt's global exception handler:
KeyError: 'redis.ls'
Traceback (most recent call last):
File "/usr/bin/salt", line 10, in <module>
salt_main()
File "/usr/lib/python2.7/dist-packages/salt/scripts.py", line 476, in salt_main
client.run()
File "/usr/lib/python2.7/dist-packages/salt/cli/salt.py", line 173, in run
for full_ret in cmd_func(**kwargs):
File "/usr/lib/python2.7/dist-packages/salt/client/__init__.py", line 805, in cmd_cli
**kwargs):
File "/usr/lib/python2.7/dist-packages/salt/client/__init__.py", line 1597, in get_cli_event_returns
connected_minions = salt.utils.minions.CkMinions(self.opts).connected_ids()
File "/usr/lib/python2.7/dist-packages/salt/utils/minions.py", line 577, in connected_ids
search = self.cache.ls('minions')
File "/usr/lib/python2.7/dist-packages/salt/cache/__init__.py", line 244, in ls
return self.modules[fun](bank, **self._kwargs)
File "/usr/lib/python2.7/dist-packages/salt/loader.py", line 1113, in __getitem__
func = super(LazyLoader, self).__getitem__(item)
File "/usr/lib/python2.7/dist-packages/salt/utils/lazy.py", line 101, in __getitem__
raise KeyError(key)
KeyError: 'redis.ls'
Traceback (most recent call last):
File "/usr/bin/salt", line 10, in <module>
salt_main()
File "/usr/lib/python2.7/dist-packages/salt/scripts.py", line 476, in salt_main
client.run()
File "/usr/lib/python2.7/dist-packages/salt/cli/salt.py", line 173, in run
for full_ret in cmd_func(**kwargs):
File "/usr/lib/python2.7/dist-packages/salt/client/__init__.py", line 805, in cmd_cli
**kwargs):
File "/usr/lib/python2.7/dist-packages/salt/client/__init__.py", line 1597, in get_cli_event_returns
connected_minions = salt.utils.minions.CkMinions(self.opts).connected_ids()
File "/usr/lib/python2.7/dist-packages/salt/utils/minions.py", line 577, in connected_ids
search = self.cache.ls('minions')
File "/usr/lib/python2.7/dist-packages/salt/cache/__init__.py", line 244, in ls
return self.modules[fun](bank, **self._kwargs)
File "/usr/lib/python2.7/dist-packages/salt/loader.py", line 1113, in __getitem__
func = super(LazyLoader, self).__getitem__(item)
File "/usr/lib/python2.7/dist-packages/salt/utils/lazy.py", line 101, in __getitem__
raise KeyError(key)
KeyError: 'redis.ls'
I am aware that the redis error will be fixed soon https://github.com/saltstack/salt/issues/43295
Example 2:
test.ping from Master1, ~ 1 Minute after Example 1:
root#d7383ff8f8bf:/# salt 'WIN-EDMP9VB716B' test.ping
WIN-EDMP9VB716B:
True
Also during my tests, a test.ping from Master2 never succeeded.
I would like to know if there is some flaw in my setup that I am not seeing, or if Salt only works with an HA Proxy as an ELB?
Or maybe Salt doesn't work at all behind an ELB?
See https://github.com/saltstack/salt/issues/43368 for more answers.
TL;DR
Because there is no session stickyness for TCP connections, it is currently not possible to work with a saltmaster that is behind an ELB, if you use the ELB's ip/name as an entrypoint.
I am trying out Selenium Grid. My tests are written in Selenium Python.
I have started the Grid hub on my local machine, I have registered the node for IE using a json file on the same machine.
I run a selenium sample test and I get the following error:
Unable to create new remote session desired capabilities
Full error trace:
Traceback (most recent call last):
File "E:\RL Fusion\projects\Selenium Grid\Selenium Grid Sample\Test1 working - try json config file 2\Test1.py", line 21, in setUp
desired_capabilities=desired_cap)
File "C:\Python27\lib\site-packages\selenium\webdriver\remote\webdriver.py", line 89, in __init__
self.start_session(desired_capabilities, browser_profile)
File "C:\Python27\lib\site-packages\selenium\webdriver\remote\webdriver.py", line 138, in start_session
'desiredCapabilities': desired_capabilities,
File "C:\Python27\lib\site-packages\selenium\webdriver\remote\webdriver.py", line 195, in execute
self.error_handler.check_response(response)
File "C:\Python27\lib\site-packages\selenium\webdriver\remote\errorhandler.py", line 170, in check_response
raise exception_class(message, screen, stacktrace)
WebDriverException: Message: Unable to create new remote session. desired capabilities = Capabilities [{browserName=internet explorer, javascriptEnabled=true, platform=WINDOWS}], required capabilities = null
Build info: version: '3.0.0-beta3', revision: 'c7b525d', time: '2016-09-01 14:57:03 -0700'
System info: host: 'OptimusPrime-PC', ip: '192.168.0.2', os.name: 'Windows 8.1', os.arch: 'x86', os.version: '6.3', java.version: '1.8.0_31'
Driver info: driver.version: InternetExplorerDriver
Stacktrace:
at org.openqa.selenium.remote.ProtocolHandshake.createSession (ProtocolHandshake.java:80)
at org.openqa.selenium.remote.HttpCommandExecutor.execute (HttpCommandExecutor.java:141)
at org.openqa.selenium.remote.service.DriverCommandExecutor.execute (DriverCommandExecutor.java:82)
at org.openqa.selenium.remote.RemoteWebDriver.execute (RemoteWebDriver.java:597)
at org.openqa.selenium.remote.RemoteWebDriver.startSession (RemoteWebDriver.java:242)
at org.openqa.selenium.remote.RemoteWebDriver.startSession (RemoteWebDriver.java:228)
at org.openqa.selenium.ie.InternetExplorerDriver.run (InternetExplorerDriver.java:180)
at org.openqa.selenium.ie.InternetExplorerDriver.<init> (InternetExplorerDriver.java:172)
at org.openqa.selenium.ie.InternetExplorerDriver.<init> (InternetExplorerDriver.java:148)
at sun.reflect.NativeConstructorAccessorImpl.newInstance0 (None:-2)
at sun.reflect.NativeConstructorAccessorImpl.newInstance (None:-1)
at sun.reflect.DelegatingConstructorAccessorImpl.newInstance (None:-1)
at java.lang.reflect.Constructor.newInstance (None:-1)
at org.openqa.selenium.remote.server.DefaultDriverProvider.callConstructor (DefaultDriverProvider.java:103)
at org.openqa.selenium.remote.server.DefaultDriverProvider.newInstance (DefaultDriverProvider.java:97)
at org.openqa.selenium.remote.server.DefaultDriverFactory.newInstance (DefaultDriverFactory.java:60)
at org.openqa.selenium.remote.server.DefaultSession$BrowserCreator.call (DefaultSession.java:222)
at org.openqa.selenium.remote.server.DefaultSession$BrowserCreator.call (DefaultSession.java:209)
at java.util.concurrent.FutureTask.run (None:-1)
at org.openqa.selenium.remote.server.DefaultSession$1.run (DefaultSession.java:176)
at java.util.concurrent.ThreadPoolExecutor.runWorker (None:-1)
at java.util.concurrent.ThreadPoolExecutor$Worker.run (None:-1)
at java.lang.Thread.run (None:-1)
json.cfg.json config implementation:
{
"class": "org.openqa.grid.common.RegistrationRequest",
"capabilities": [
{
"seleniumProtocol": "WebDriver",
"browserName": "internet explorer",
"version": "11",
"maxInstances": 1,
"platform" : "WIN7" }
],
"configuration" : {
"port": 5555,
"register": true,
"host": "192.168.0.6",
"proxy": "org.openqa.grid.selenium.proxy. DefaultRemoteProxy",
"maxSession": 2,
"hubHost": "192.168.0.6",
"role": "webdriver",
"registerCycle": 5000,
"hub": "http://192.168.0.6:4444/grid/register",
"hubPort": 4444,
"remoteHost": "http://localhost:4444"
}
}
the setup method in my Selenium Python file is:
def setUp(self):
desired_cap = {'browserName': 'internet explorer',
#'platform': 'WIN8_1',
'platform': 'WIN7',
'javascriptEnabled': True}
self.driver = webdriver.Remote(
command_executor='http://localhost:4444/wd/hub',
desired_capabilities=desired_cap)
What am i doing wrong? Is my desired Capabilities not configured properly?
I notice in the full trace log it says Win 8.1
I have mentioned Win7 for the platform. I do not know why it is trying for Win 8.1
I have now changed desired capabilities to the following:
desired_cap = {'browserName': 'internet explorer',
'platform': 'windows',
'javascriptEnabled': True,
'InternetExplorerDriver.INTRODUCE_FLAKINESS_BY_IGNORING_SECURITY_DOMAINS': True
}
I now get the error:
WebDriverException: Message: Error forwarding the new session cannot find : Capabilities [{browserName=internet explorer, InternetExplorerDriver.INTRODUCE_FLAKINESS_BY_IGNORING_SECURITY_DOMAINS=true, javascriptEnabled=true, platform=XP}]
I need some help please.
Thanks, Riaz
The Grid uses the below three attributes in its DefaultCapabilitiesMatcher to decide on which node should a new session request be routed to :
Platform
BrowserType
Browser version
In your case, based on what you changed, your test is requesting that a node that has IE running on Windows, but in your nodeConfig.json you have basically specified "WIN7".
I dont think specifying "WINDOWS" will work for you. You can try changing your desired capabilities to refer to WIN7 and that should work.
Just keep the setting for Security of IE with middle (middle to high) and enable protected Mode for all.
Then issue got resolved.
I am implementing a code through which i have to get devices connected to all network interfaces on my machine.
For this, i am first getting the ip of all network interfaces and then sending m-search command on them.
After 2.5 seconds port is stopped to listen.
But it is giving me some assertion error.
Code:
class Base(DatagramProtocol):
""" Class to send M-SEARCH message to devices in network and receive datagram
packets from them
"""
SSDP_ADDR = "239.255.255.250"
SSDP_PORT = 1900
MS = "M-SEARCH * HTTP/1.1\r\nHOST: {}:{}\r\nMAN: 'ssdp:discover'\r\nMX: 2\r\nST: ssdp:all\r\n\r\n".format(SSDP_ADDR, SSDP_PORT)
def sendMsearch(self):
""" Sending M-SEARCH message
"""
ports = []
for address in self.addresses:
ports.append(reactor.listenUDP(0, self, interface=address))
for port in ports:
for num in range(4):
port.write(Base.MS, (Base.SSDP_ADDR,Base.SSDP_PORT))
reactor.callLater(2.5, self.stopMsearch, port) # MX + a wait margin
def stopMsearch(self, port):
""" Stop listening on port
"""
port.stopListening()
Error:
Traceback (most recent call last):
File "work\find_devices.py", line 56, in sendMsearch
ports.append(reactor.listenUDP(0, self, interface=address))
File "C:\Python27\lib\site-packages\twisted\internet\posixbase.py", line 374, in listenUDP
p.startListening()
File "C:\Python27\lib\site-packages\twisted\internet\udp.py", line 172, in startListening
self._connectToProtocol()
File "C:\Python27\lib\site-packages\twisted\internet\udp.py", line 210, in _connectToProtocol
self.protocol.makeConnection(self)
File "C:\Python27\lib\site-packages\twisted\internet\protocol.py", line 709, in makeConnection
assert self.transport == None
AssertionError
Please tell what's wrong in this code and how to correct this.
Also on linux machines, if no device is found on network then it doesn't go to stopMsearch() why ?
A protocol can only have one transport. The loop:
for address in self.addresses:
ports.append(reactor.listenUDP(0, self, interface=address))
tries to create multiple UDP transports and associate them all with self - a single protocol instance.
This is what the assertion error is telling you. The protocol's transport must be None (ie, it must not have a transport). But on the second iteration through the loop, it already has a transport.
Try using multiple protocol instances instead.