I have an application that calls a Https web service (as it seems created with java, not sure though). I get an error as response:
"Error on verifying message against security policy Error code:1000"
Now I don't exactly understand the error code and currently cannot find any responsible to answer me correctly. I don't ask for the error ofcourse cause this could be something about certificates, security from server etc.
Though I would like to catch the request client call I make, and see the whole envelope message to compare with a couple of samples I have so I might catch something.
How can I do this....I remember there is a tool that u can do such things when debugging a WCF service call, can this tool be used in this situation? Can someone rember me the name of the tool :)
I created the client using Add Service Reference, from VS 2010 and it created some custom bindings. On these bindings it created this a tag with an attribute decompressionEnabled="true" but I deleted because VS was complaining attribute is not allowed!!!
The documentation I have for these services says about authentication credential inside the message transport object that serialized in the request (requestObject) but refers to another couple of password and username properties I cannot seem to find them. Tried to add the in client.ClientCredentials.UserName.UserName and Password properties, but I get a read only error there (strange not always).
They also mention in the specifications about Connect with SOAP Security Extensions (WS-Security) which I don't understand if me, the client, has to do something from it's side, aren't these supposed to extract in the config file when generated?
Any hints and tips are welcome.
Thank you.
Related
We have a strange situation. It's a web service (svc1) that calls another web service (svc2) on a different box, both in websphere. Works in every previous environment.
But recently they built out another staging environment as largely a clone of a working one. The service is failing with this message everytime svc1 attempts to call svc2.
Caused by: org.apache.axis2.AxisFault: The system cannot infer the transport information from the [svc2's URL] URL.
at org.apache.axis2.description.ClientUtils.inferOutTransport(ClientUtils.java:81)
at org.apache.axis2.client.OperationClient.prepareMessageContext(OperationClient.java:304)
at org.apache.axis2.description.OutInAxisOperationClient.executeImpl(OutInAxisOperation.java:180)
at org.apache.axis2.client.OperationClient.execute(OperationClient.java:165)
at org.apache.axis2.jaxws.core.controller.impl.AxisInvocationController.execute(AxisInvocationController.java:578)
at org.apache.axis2.jaxws.core.controller.impl.AxisInvocationController.doInvoke(AxisInvocationController.java:127)
at org.apache.axis2.jaxws.core.controller.impl.InvocationControllerImpl.invoke(InvocationControllerImpl.java:93)
at org.apache.axis2.jaxws.client.proxy.JAXWSProxyHandler.invokeSEIMethod(JAXWSProxyHandler.java:419)
... 45 more
The URL is correct. We can point the not-working apps at a database supporting a working set of apps and it works, but when we point the working apps from that other environment at the not-working environment's DB, it stops working.
This seems to indict the DB, yet the error has nothing to do with the DB. Svc1's only DB call BEFORE the call to svc2 happens well before the service call and works fine according to logs. The logs indicate svc2 never gets the request. So how can database be the problem?
I know this isn't alot to go on, but does anyone even have suggestions on where to look to narrow this down? I can't believe the DB is the problem based on the code and when it's failing...yet the DB swapping test seems to imply it is.
I might be pointing out the obvious, but the error message is telling you one of two things: either svc1 isn't configured correctly to invoke svc2, or svc2 isn't up and running.
For clarity, if I label the working environment: enviornmentA and the not-working environment: environmentB.
Based on what you said, you were able to use environmentB.svc1 to invoke environmentA.svc2? If that is true, than environmentB.svc1 is configured correctly and working. Which leaves svc2. You said svc2 doesn't receive the request, which means its up at least. Well, like you'd mention this isn't much to go on but I'd make sure you configured svc2 correctly, since it is up. Configuring a Web Service can be complicated, but one of the things that can be configured is making a Web Service available to client invocation. So you might want to check out this link for information on how to configure it:
https://www.ibm.com/support/knowledgecenter/SSAW57_9.0.0/com.ibm.websphere.nd.multiplatform.doc/ae/twbs_publishwsdl.html.
There are a bunch of similar articles on configuring your Web Service that might help you to solve what's missing, so I would verify that the configuration for enviornmentB.svc2 matches enviornmentA.svc2 since you know that one is working.
I am trying to implement a partner link with a dynamically determined endpoint address in a WSO2 BPS BPEL process. The idea is that the request sent to the process contains an endpoint URL and that this URL is used as the address for a certain partner link. I have successfully used endpoint references stored in the registry before, but I can't use that approach here as the address can be different every time the process is called.
I have tried a number of different approaches (using WSO2 BPS 3.5.1 and WS02 Developer Studio 3.8.0):
The approach used in the DynPartner example referenced in https://stackoverflow.com/questions/11092515/dynamic-partner-links-and-dynamic-addressing-with-ode-bpel. This gives me the following validation error in Developer Studio: The from-spec of "<xs:simpleType "string">" is not compatible with to-spec of "<wsdl:portType
"DynResponderPortType">". Also, when I deploy and invoke the process, I get an error stating that the endpoint cannot be created (Couldnt create any endpoint for element ...)
Assigning a fixed value to the partner link, e.g. like this:
<wsa:EndpointReference xmlns:wsa="http://www.w3.org/2005/08/addressing" xmlns:wsdl11="http://schemas.xmlsoap.org/wsdl/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.w3schools.com uep_schema.xsd">
<wsa:Address>http://localhost:8281/services/serviceaddress</wsa:Address>
</wsa:EndpointReference>
This works and does not give a validation error, but I haven't found a way to dynamically change the address that is used here based on the input my process is called with.
Create a variable that holds the endpoint reference, using a type that defines the content of an endpoint reference. I've tried several XSDs (http://docs.oasis-open.org/wsbpel/2.0/OS/serviceref/ws-bpel_serviceref.xsd, http://svn.wso2.org/repos/wso2/carbon/platform/branches/turing/components/unified-endpoint/org.wso2.carbon.unifiedendpoint.core/4.2.0/src/main/resources/schema/uep_schema.xsd (which doesn't get validated without errors), the ws-addr.xsd from w3c, my own very simple XSD). I've had varying success with regarding how well Developer Studio could handle them and for instance generate initializations, but they all share the problem that I get a validation error stating something like The from-spec of "<element "EndpointReference">" is not compatible with to-spec of "<wsdl:portType
"ThisIsThePartnerLinkPortType">" -.
At this point, I am using the last approach with my own simple XSD. The process is actually working the way I intend it to, but I am still getting validation errors in Developer Studio which I would like to get rid of. Is there another and better way to approach this?
Thanks in advance for your help.
For anyone who is having the same issue: The approach is use now is that the BPS calls a specific proxy in the ESB (at a fixed location) and provides the endpoint URL to that proxy. The proxy then performs the actual call to the endpoint.
This has a number of advantages for me:
I get rid of the validation errors in the BPEL designer
Passing through the ESB allows me to perform validation on the message that I receive from the service located at the dynamic URL. Note that this is not possible in the BPS at the moment, as validation is not yet properly implemented. See also https://docs.wso2.com/display/BPS351/WS-BPEL+2.0+Specification+Compliance
How do I get a registration code or otherwise solve this problem?
While writing this question, I realized the crux of this problem is the bottom-most part of this question: I'm not getting the popup I'm supposed to get and when I enter the URL in a browser it says invalid registration code.
I'm attempting to develop an Alexa Voice Service application. Website/companion service only. I have gone through the Reference Implementation Guide twice and have double checked that all of the setup has been done correctly.
This is the server error I get: invalid registration code. I never did anything with a registration code and can't seem to find anything about a registration code (relevant to Alexa) anywhere after googling quite a bit.
Listening on port 3000
error: { [InvalidRegistrationCode: The provided registration code was invalid.]
name: 'InvalidRegistrationCode',
message: 'The provided registration code was invalid.',
status: 401 }
Error: Can't set headers after they are sent.
Here's the client output:
vlcj: (DefaultMediaPlayer.java:183)
addMediaPlayerEventListener(listener=com.amazon.alexa.avs.AVSAudioPlayer$1#4b3a4950)
There was a problem connecting to the Companion Service. Trying again in 2 seconds. Please make sure it is up and running.
[DEBUG] joining on thread Thread[Timer-0,5,com.amazon.alexa.avs.AVSApp]
There was a problem connecting to the Companion Service.
Trying again in 2 seconds. Please make sure it is up and running.
The AVS launcher opens too, and when I record something and send it I get:
com.amazon.alexa.avs.AVSException: 403 Invalid Access Token
The instructions mention (at the very bottom of the reference guide) that I need to:
Please register your device by visiting the following website on any system and following the instructions: https://localhost:3000/provision/************** That URL is supposed to pop something up once the companion service but that hasn't happened.
Any thoughts on how can I fix this?
I was following a good document Project: Raspberry Pi + Alexa Voice Service at https://github.com/amzn/alexa-avs-raspberry-pi . It describes all steps very well.
Please take a look at the following steps:
3 - Getting started with Alexa Voice Service
3.1 Register for a free Amazon Developer Account
3.4 Register your product and create a security profile.
6 - Enable Security Profile
This thread on the Amazon developer forums seems related: http://forums.developer.amazon.com/forums/thread.jspa?threadID=11327&tstart=0
Quoted response:
There are a number of potential issues causing that error.
You might be sending an invalid scope. Are you sending "alexa:all" as
the scope? Or, your security profile might not be correctly linked. Is
it selected in the dropdown on the developer portal?
Are you getting an access token from the companion service, or is the
text box blank? If you're not getting an access token, check that your
device serial number matches between the companion service and the
java client. If you're getting an access token, the problem is more
likely with your security profile.
You should also look at these threads to see if they're helpful...
(links removed due to reputation requirement)
If that doesn't help, you'll probably have more luck asking the AVS team directly on their forum site.
I am using jetty version 7.5.1 .
My webservice works fine with a "http://..." endpoint, but when I change it to "https://..." things go wrong.
Endpoint e = Endpoint.create(webservice);
e.publish("https://localhost:" + serverPort + "/ws/mywebservice);
I get the following error message:
"https protocol based address is not supported".
I've tried using an SslChannelConnector, a SelectChannelConnector and the combination of both.
Connector connector = new SelectChannelConnector();
connector.setPort(59180);
SslContextFactory factory = new SslContextFactory();
factory.setKeyStore("keystore");
factory.setKeyStorePassword("password");
factory.setKeyManagerPassword("password");
factory.setTrustStore("keystore");
factory.setTrustStorePassword("password");
SslSelectChannelConnector sslConnector = new SslSelectChannelConnector(factory);
sslConnector.setPort(443);
sslConnector.setMaxIdleTime(30000);
server.setConnectors(new Connector[]{connector, sslConnector});
I also tried modifying the port in the publish path. But without success.
Could it be that something went wrong with the creation of my keystore file?
Even I put the wrong password though, it does show a different error message, explaining that my password is wrong.
My options are running out. Any ideas?
EDIT: More information:
Servlets work fine with HTTPS now. But the webservices are not. Am I maybe publishing it the wrong way ?
I found several threads on various forums with similar problems. But never found a solution. I would like to write down my solution for future victims:
The publish method only accepts the http protocol. Even if you are publishing for https, this should still be "http://...". On the other hand, you should use the port of your SSL connector.
Endpoint e = Endpoint.create(webservice);
e.publish("http://localhost:443/ws/mywebservice);
Use any other protocol and you will always get the "xxx protocol based address is not supported" exception. See source code.
Note 1: The webservice already works fine at this point. However there is a point of discussion: The generated wsdl file (at https://localhost:443/ws/mywebservice?wsdl) will reference the http://... path. You could argue if the wsdl file is a requirement or just documentation.
Correcting a hostname in a WSDL file is not that hard, but replacing the protocol is harder. The easiest solution is probably to just edit the wsdl file and host the file, which is not very "dynamic" of course.
Alternatively, I solved it by creating a WsdlServlet which replaces the address. On the other hand, it does feel bad to create an entire class just to fix 1 character. :)
Note 2: Another bug in this jetty release, is the authentication. It's impossible to offer the webservice without any authentication. The best thing you can get, after turning off all possible authentication: you will still have to use 'preemptive authentication' and enter a random username and password.
I am trying to learn webservices in .NET mvc4. I tried creating a new Internet application and adding a Web service (asmx) to the project.
By default, the VS adds a "HelloWorld" Webservice. When I try to run it in the browser, I do get the list of operations, service description(WSDL) and the details of the HellowWorld operation. However, when I try invoking the webservice, it gives the following error :
Server Error in '/' Application.
The resource cannot be found.
Description: HTTP 404. The resource you are looking for (or one of its
dependencies) could have been removed, had its name changed, or is
temporarily unavailable. Please review the following URL and make
sure that it is spelled correctly.
I might be missing some basic step/setting I guess. Could some body help please. Thanks.
I got the answer from one of my colleagues :) .
When we invoke the service, the MVC tries to resolve the path as specified in RegisterRoutes.
Hence it tries to find a controller with that name and a method with the name same as that of the operation inside that controller. The resolution, ignore the paths with .asmx extension. You can do that by adding the following line in RouteConfig.cs :
routes.IgnoreRoute("{*x}", new { x = #".*\.asmx(/.*)?" });
and it worked. Thanks.