I am trying to programmatically retrieve the meta data of the end points configured to WSO2 ESB (Eg: ServiceName, WebMethods, Input/Output Parameters with Return types etc). Can someone direct me to some way/docs which could help me fetch this data.
Unfortunately it's not really clear what you want to do. Here some examples how to access properties (Meta-Data?)
inside a proxy/sequence access properties:
<property name="some name" expression="get-property('registry','conf:resource/path')"/>
<property name="some name" expression="get-property('registry',gov:resource/path')"/>
<property name="some name" expression="get-property('registry','resourceName')"/>
Or inside a Custom Mediator:
String property = (String)messageContext.getProperty("nameOfThePropery");
Or inside a Custom Mediator (getting the filename from the Transport Layer):
org.apache.axis2.context.MessageContext axis2messageContext = ((Axis2MessageContext) messageContext).getAxis2MessageContext();
// print the filename of the current transport
myLog.info("FileName: " + axis2messageContext.getTransportIn().getName());
Hope this helps you a little bit further, otherwise improve you question.
To further improve on Abdul's question, we are developing a web-service gateway between a legacy client on side and on the other side are external web-services. We have created a template/sequences in WSo2 where we trap the legacy client request and redirect it to the correct web-service based on a internal protocol.
The external web services are registered in WSo2 as endpoints. So far we have been configuring these endpoints manually using the admin console. We are looking at automating this step so that our gateway will hit WSo2 and provide the WSDL URL. A class mediator would then invoke the WSo2 / Synapse APIs to save this endpoint in the Synapse configuration. We have not been successful in this.
We have also read the docs which say that changing synapse config thru mediator is not recommended, hence would like to see if there are other options that would do this job for us.
One workaround would be to create those endpoints from the client side itself. This can be done by calling the AdminService APIs exposed by the carbon framework. In carbon, a front end of any carbon component talks to its back end through Admin Services. For example, if we take endpoints related functionalities, when you use the management console to create/delete or to do any functionalities, it would in turn call the respective back end via the "EndPointAdmin" admin service. Therefore I believe, if you want to programmatically create those endpoints, you can call the EndPointAdmin backend admin service (via EndPointAdminStub - it is the client stub corresponding to the aforesaid back end service) directly from your client side and get your requirement fulfilled.
Regards,
Prabath
Related
I have a lot of proxies in WSO2 ESB that I have to securize. I need them to be securized using Username Token when deploy, instead of browsing to the dashboard and enabling it one by one.
Any help?
I guess currently, you need to use management console and do it. From the UI, it is calling a backend web service. You can automate process by automating this backend web service. This web service is exposed by following component [1]. You can use soapui or some client program to automate this web service.
[1] http://svn.wso2.org/repos/wso2/carbon/platform/trunk/components/security/org.wso2.carbon.security.mgt/
I had similar requirement, here is how I solved it
Apply Role security to WSO2 ESB Proxy using Java API
Also you can find the test case here on how to use the methods
http://svn.wso2.org/repos/wso2/tags/carbon/3.2.3/products/bps/2.1.1/modules/integration/org.wso2.bps.management.test/src/test/java/org/wso2/bps/management/SecurityTest.java
Well here how the code snippet goes to secure any proxy service with default security scenarios of WSO2 ESB. In WSO2 ESB "scenario1" signifies Usernametoken based security. Now if you wish to secure your proxy with scenario1 follow the below code snippet:
public void applySecurityOnService(String serviceName, String policyId,
String[] userGroups, String[] trustedKeyStoreArray,
String privateStore)
throws SecurityAdminServiceSecurityConfigExceptionException,
RemoteException {
ApplySecurity applySecurity;
applySecurity = new ApplySecurity();
applySecurity.setServiceName(serviceName);
applySecurity.setPolicyId("scenario" + policyId); //scenario1 i.e. for Usernametoken security policyId should be 1
applySecurity.setTrustedStores(trustedKeyStoreArray);
applySecurity.setPrivateStore(privateStore);
applySecurity.setUserGroupNames(userGroups);
stub.applySecurity(applySecurity);
_logger.info("Security Applied Successfully");
}
Here is how you may call this method from your client class:
applySecurityOnService("MyProxy", "1", new String[]{"TestRole"}, new String[]{"wso2carbon.jks"}, "wso2carbon.jks");
Is it possible to register endpoints with URI templates in the API Publisher that ships with WSO2 API Manager version 1.4.0? For example, I would like to register an endpoint such as:
/jobs/{jobid}/pems
After saving an API, I can see this bit in the API config file:
<resource methods="GET" url-mapping="/jobs/{jobid}/pems">
I have tried manually changing the XML file from url-mapping to uri-template, i.e., to:
<resource methods="GET" uri-template="/jobs/{jobid}/pems">
but I still get "No matching resource found in the API for the given request". In any case, this is not a good work around since we need developers to be able to register these endpoints from the publisher application. Whenever changes are saved to an API from within the API Publisher interface, 'uri-template' gets reverted back to 'url-mapping'.
Thanks in advance.
This is due to APIPublisher app only supports URL-Mappings when defining API resources.
If you want to define a uri-template ,instead of a url-mapping,you can achieve this from changing the api xml manually.
But before that make sure,when creating the API,you have define the API with a valid url-mapping.So in your trying API,first please edit the API from APIPublisher as keeping a valid url-mapping pattern for API resources and then change its xml to match with your mentioned uri-template pattern.
Thanks;
we don't currently support uri-template patterns. We support only url-mappings.
Even , if you edit the backend API configuration (that is, api configuration file ) to url-mappings, it wont work, because we validate request before the request get hits the mediation engine.
You can use ESB RESTApi as your backend service endpoint.That is, define the RESTAPI in wso2esb, with uri-templates(it is supported out of the in ESB) and point that API as the service endpoint from wso2APIManager with url-mappings pattern.
I would like to add some more points.As I mentioned earlier,WSO2 APIManager supports uri-templates.Only api-publisher app UI is not allowing to add uri-templates.
When creating the API from the Publisher UI, you have to give the resource mapping as /* or valid url-mapping. Then when the synapse api is created, you have to change that xml file to uri-template and then change the /* to the uri-template pattern.
Hope above will help you to resolve your issue.
Thanks;
I have done a few use cases on WSO2-ESB including protocol mediation with transformation and service-chaining.
In all of them I had to manually write the wsdl for the proxy service. Having experienced other vendor products including Oracle and Tibco where wsdl generation is done by the tool.
Would it be right to assume in WSO2 ESB one needs to manually write the wsdl file to expose a proxy service on any protocol, do not see any documents calling that out.
Considering the usage of wsdl in practical use cases.
I have seen posts stating "you can give the WSDL available at your Axis2 service" but most of real time use cases would not be pass through and have custom request and response.
Thanks,
Wajid
I'm also confused with manual wsdl creation. As far as I can see there are gaps in wsdl proxy description. When I do wsdl proxy with WSO2 I have to indicate wsdl to expose
its either as:
"none" and I have only mediate function exposed
"same contract" and this breaks the whole idea of proxy because after that clients read original wsdl and go straight to original server access point.
or and I have several options to make my own wsdl.
With rich SOAP API (hundreds of methods) none of above work well, considering that manual support of exposed WSDL is rather cumbersome.
I wonder if there is more adequate way for proxying WSDL?
You can use java2wsdl generator tool to achieve the WSDL generation.
For the proxies, if you try to restrict access for some operations in your backend service, you can attach customized wsdl to the proxy.
The customization has to be done by yourself and it is simple..
If you want to generate a wsdl fro your service, jsut deploy the service in wso2as, and check the service dashboard, wsdl option to view the wsdls.
I have a .WSDL file from our client company, for which I need to use to call a web service. Their system is SAP (SAP PI). My application is a C# .NET 3.5 client developed in VS 2008. I added a Service Reference in Visual Studio using their provided .WSDL file. This created a reference class for me to use to call their service, and set up several bindings in the app.config file for me.
I did not change anything in the app.config file, but did create code to call their web service. However, when I call their webservice, I receive the following exception:
The HTTP request is unauthorized with client authentication scheme 'Anonymous'. The authentication header received from the server was 'Basic realm="SAP NetWeaver Application Server ..."'.
(I modified slightly the string used in the 'Basic realm' section so as to not give it out.)
Did the app.config not get built correctly from the WSDL? Am I supposed to modify the app.config file somehow?
Things I've tried:
changed authenticationScheme in app.config from Anonymous to Basic
(as well as all the other authentication types)
changed realm string in app.config to match the realm in the exception message
set username/pw fields in the ClientCredentials.Username object in my code
Any pointers or help would be appreciated.
Edit: After some more investigation, I found that Visual Studio has several warnings about the extension element Policy and Policy assertions:
Custom tool warning: The optional WSDL extension element 'Policy'
from namespace 'http://schemas.xmlsoap.org/ws/2004/09/policy' was not
handled.
Custom tool warning: The following Policy Assertions were not Imported:
XPath://wsdl:definitions[#targetNamespace='urn:sap-com:document:sap:rfc:functions']/wsdl:binding[#name='Binding_FieldValidation']
Assertions: ...
I wasnt able to find out if this was related or not to my current issue with the authentication scheme. It does seem to be related, but I havent been able to find any solutions to getting these policy warnings resolved either. It seems WCF doesnt handle the statements in the wsdl very well.
Most SAP services dont support anonymous.
So pass some form of authentication data with the call.
User and password / X.509 Ticket...
If you are sending auth data with the call the try this
Ask the SAP guy to regenerate the WSDL with
No SAP assertions, No policy, SOAP 1.1.
You can also try and edit the WSDL by hand to remove the extra guff...
As a starting point, I'd verify that you can call the service successfully with the provided username and password. Use something like SoapUI to test that everything works correctly - just create a new project, import the WSDL provided by SAP PI, set the username and password and execute the call. You'll probably get some form of exception with an empty payload, but at least that'll verify that the username and password are correct.
Once you've verified that's working, check that your application is calling the service correctly and that the http basic authentication headers are being sent. You can confirm this by using a network monitoring tool and checking that the http request is being generated correctly. Something like netcat for Windows can do it - just make it listen to a port on your local machine and then specify localhost and the port as your SOAP endpoint.
Once you've verified both of those are correct, your call should succeed.
There must be the Basic authentication header missing or something wrong
with the credentials.
SAP PI always defaults to Basic Authentication if a Service is published via it's SOAP Adapter. I would investigate if WCF really does send out that header (e.g. Point your client endpoint to TCP Gateway and let TCP Gateway point to the SAP PI Endpoint from the WSDL).
About the Warnings: AFAIK the WSDL generated by SAP PI will always contain these Policy Tags, you can't really ommit it. What you can do is simply throw them out as they are not really validated
Working on a docuSign integration with Coldfusion and need assistance in making the SOAP request using WS security.
Your question is a little short on detail, but I presume you mean the Web Services SOAP security extension.
We had to do this a few years back when communicating with a .NET web service. The basic idea is that you provide a set of extra SOAP headers that contains security info such as:
Timestamp
Username
Password
Etc
To do this you need to create a new XML document as per the standard defined here. Next you will need to write code to create the SOAP headers. This means:
Create your remote web service object, e.g.
var objWebSvc = createObject("webservice", "http://remoteURL?WSDL");
Creating an XML document to represent the new headers
Populating it with the required info (such as username and timestamp etc.)
Adding the XML document to the web service object, using addSOAPRequestHeader()
Call your remote web service
Then of course if and when they call your web service you'll need to parse out those headers from their SOAP request and validate them. That can be done by grabbing the XML using getSOAPRequestHeader() and parsing out the info.
I found this to be an error prone task and (basically) a royal pain. The web service we integrated with eventually dropped the requirement, apparently becuase the any web services trying to connect that were not native .NET were having a hard time implementing the specification.
Good luck!
I blogged this a while back. See if this helps:
http://onlineanthony.blogspot.com/2010/05/using-ws-security-for-soap-in.html