I have a service that recieve the x.509 in the header to authenticate it, Once I client sent a request for the message I want to get the header authentication with rampart with something like this
<ramp:RampartConfig xmlns:ramp="http://ws.apache.org/rampart/policy" >
<ramp:passwordCallbackClass>pe.gob.hndac.util.PasswordCallbackHandler</ramp:passwordCallbackClass>
<ramp:signatureCrypto>
<ramp:crypto provider="org.apache.ws.security.components.crypto.Merlin">
<ramp:property name="org.apache.ws.security.crypto.merlin.keystore.type">JKS</ramp:property>
<ramp:property name="org.apache.ws.security.crypto.merlin.file">client.jks</ramp:property>
<ramp:property name="org.apache.ws.security.crypto.merlin.keystore.password">client</ramp:property>
</ramp:crypto>
</ramp:signatureCrypto>
<ramp:user>client</ramp:user>
</ramp:RampartConfig>
, but I get this error
[2011-07-14 09:51:50,070]ERROR574153[qtp30279879-25] - org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:212) - An unsupported token was provided (Token type "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509") org.apache.axis2.AxisFault: An unsupported token was provided (Token type "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509")
at org.apache.rampart.handler.RampartReceiver.setFaultCodeAndThrowAxisFault(RampartReceiver.java:166)
at org.apache.rampart.handler.RampartReceiver.invoke(RampartReceiver.java:95)
at org.apache.axis2.engine.Phase.invoke(Phase.java:317)
at org.apache.axis2.engine.AxisEngine.invoke(AxisEngine.java:264)
at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:163)
at org.apache.axis2.transport.http.HTTPTransportUtils.processHTTPPostRequest(HTTPTransportUtils.java:275)
at org.apache.axis2.transport.http.AxisServlet.doPost(AxisServlet.java:133)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:754)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:847)
at org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:550)
at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:486)
at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:119)
at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:517)
at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:229)
at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:970)
at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:414)
at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:187)
at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:904)
at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:117)
at org.eclipse.jetty.server.handler.ContextHandlerCollection.handle(ContextHandlerCollection.java:247)
at org.eclipse.jetty.server.handler.HandlerCollection.handle(HandlerCollection.java:149)
at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:110)
at org.eclipse.jetty.server.Server.handle(Server.java:347)
at org.eclipse.jetty.server.HttpConnection.handleRequest(HttpConnection.java:590)
at org.eclipse.jetty.server.HttpConnection$RequestHandler.content(HttpConnection.java:1071)
at org.eclipse.jetty.http.HttpParser.parseNext(HttpParser.java:823)
at org.eclipse.jetty.http.HttpParser.parseAvailable(HttpParser.java:220)
at org.eclipse.jetty.server.HttpConnection.handle(HttpConnection.java:411)
at org.eclipse.jetty.io.nio.SelectChannelEndPoint.handle(SelectChannelEndPoint.java:535)
at org.eclipse.jetty.io.nio.SelectChannelEndPoint$1.run(SelectChannelEndPoint.java:40)
at org.eclipse.jetty.util.thread.QueuedThreadPool$3.run(QueuedThreadPool.java:529)
at java.lang.Thread.run(Thread.java:662) Caused by: org.apache.ws.security.WSSecurityException: An unsupported token was provided (Token type "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509")
at org.apache.ws.security.processor.SignatureProcessor.createSecurityToken(SignatureProcessor.java:486)
at org.apache.ws.security.processor.SignatureProcessor.getCertificatesTokenReference(SignatureProcessor.java:448)
at org.apache.ws.security.processor.SignatureProcessor.verifyXMLSignature(SignatureProcessor.java:230)
at org.apache.ws.security.processor.SignatureProcessor.handleToken(SignatureProcessor.java:85)
at org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:311)
at org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:228)
at org.apache.rampart.RampartEngine.process(RampartEngine.java:146)
at org.apache.rampart.handler.RampartReceiver.invoke(RampartReceiver.java:92)
Please Any idea?
Answering the question requires the security policy you have at the service end...
Thanks...
Related
I'm doing a wso2 migration from version 2.6.0 to 4.1.0.
In version 2.6.0, we have our own com.carus.api.gateway.JwtTokenGenerator class that extends JWTGenerator, in our version certain claims are added there. I don't see a drastic difference in the generator except to update the versions of the dependencies to the latest ones, so I think the current generator should work in the same way on version 4.1.0
I do everything as it says in the documentation here: https://apim.docs.wso2.com/en/latest/deploy-and-publish/deploy-on-gateway/api-gateway/passing-enduser-attributes-to-the-backend-via-api-gateway/#expiry-time-of-the-jwt
I copy the same jar that works on 2.6.0 and extends JWTGenerator to wso2am-4.1.0/repository/components/lib
I start wso2 and make a request on devportal. In the logs, on another machine to which the request and this token are sent, I receive a token and there it appears that the request did not go through my generator. It looks like this:
{
"sub": "APIUSER",
"https://carus.com/claims/enduserTenantId": "-1234",
"https://carus.com/claims/subscriber": "CARCYAYU/apiuser",
"iss": "wso2.org/products/am",
"https://carus.com/claims/apiname": "Bookings Read API",
"https://carus.com/claims/tier": "Unlimited",
"https://carus.com/claims/applicationtier": "Unlimited",
"https://carus.com/claims/version": "v1",
"https://carus.com/claims/enduser": "CARCYAYU/apiuser#carbon.super",
"azp": "sQbDNZgidubfCGlb33IcGiQMJE8a",
"scope": "default",
"https://carus.com/claims/applicationUUId": "ce6354a5-0227-4ca2-b649-e959323dc9bc",
"https://carus.com/claims/apicontext": "/bookings-read/carcyayu/v1",
"https://carus.com/claims/applicationid": "3",
"exp": 1663422523,
"https://carus.com/claims/applicationname": "Yaroslav",
"https://carus.com/claims/keytype": "PRODUCTION",
"iat": 1663421623,
"jti": "42d5a74d-bb07-4608-9a7a-e3723ec834dd",
"https://carus.com/claims/usertype": "Application_User"
}
My config in deployment.toml:
[apim.jwt]
enable = true
encoding = "base64" # base64,base64url
generator_impl ="com.carus.api.gateway.JwtTokenGenerator"
claim_dialect ="https://carus.com/claims"
convert_dialect = true
header ="X-JWT-Assertion"
signing_algorithm = "NONE"
enable_user_claims = true
claims_extractor_impl = "org.wso2.carbon.apimgt.impl.token.DefaultClaimsRetriever"
Can someone explain to me how to make my generator work in this 4.1.0 version as well and how to include logs, where and what config to set so that my generator logs and in which file to look for them?
Also, the question is what is the difference between JWTGenerator and APIMgtGatewayJWTGeneratorImpl in version 2.6.0 was only JWTGenerator, this can be seen in the api-manager.xml file by versions.
The latest update is when I copy my custom generator (jar) to /components/lib.
When I make a request, I receive the same token as above, but in the log file wso2carbon.log I get the following errors:
TID: [-1234] [oauth2] [2022-09-17 22:08:59,608] ERROR {org.wso2.is.notification.EventSender} - Error while sending Revocation Event to https://api-yayu-carc.internal.carus.com:9443/internal/data/v1/notify javax.net.ssl.SSLPeerUnverifiedException: Certificate for <api-yayu-carc.internal.carus.com> doesn't match any of the subject alternative names: [localhost]
at org.apache.http.conn.ssl.SSLConnectionSocketFactory.verifyHostname(SSLConnectionSocketFactory.java:507)
at org.apache.http.conn.ssl.SSLConnectionSocketFactory.createLayeredSocket(SSLConnectionSocketFactory.java:437)
at org.apache.http.conn.ssl.SSLConnectionSocketFactory.connectSocket(SSLConnectionSocketFactory.java:384)
at org.apache.http.impl.conn.DefaultHttpClientConnectionOperator.connect(DefaultHttpClientConnectionOperator.java:142)
at org.apache.http.impl.conn.PoolingHttpClientConnectionManager.connect(PoolingHttpClientConnectionManager.java:376)
at org.apache.http.impl.execchain.MainClientExec.establishRoute(MainClientExec.java:393)
at org.apache.http.impl.execchain.MainClientExec.execute(MainClientExec.java:236)
at org.apache.http.impl.execchain.ProtocolExec.execute(ProtocolExec.java:186)
at org.apache.http.impl.execchain.RetryExec.execute(RetryExec.java:89)
at org.apache.http.impl.execchain.RedirectExec.execute(RedirectExec.java:110)
at org.apache.http.impl.client.InternalHttpClient.doExecute(InternalHttpClient.java:185)
at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:83)
at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:108)
at org.wso2.is.notification.EventSender$EventRunner.run(EventSender.java:116)
at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128)
at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628)
at java.base/java.lang.Thread.run(Thread.java:829)
TID: [-1234] [oauth2] [2022-09-17 22:09:10,256] ERROR {org.wso2.is.notification.EventSender} - Error while sending Revocation Event to https://api-yayu-carc.internal.carus.com:9443/internal/data/v1/notify javax.net.ssl.SSLPeerUnverifiedException: Certificate for <api-yayu-carc.internal.carus.com> doesn't match any of the subject alternative names: [localhost]
at org.apache.http.conn.ssl.SSLConnectionSocketFactory.verifyHostname(SSLConnectionSocketFactory.java:507)
at org.apache.http.conn.ssl.SSLConnectionSocketFactory.createLayeredSocket(SSLConnectionSocketFactory.java:437)
at org.apache.http.conn.ssl.SSLConnectionSocketFactory.connectSocket(SSLConnectionSocketFactory.java:384)
at org.apache.http.impl.conn.DefaultHttpClientConnectionOperator.connect(DefaultHttpClientConnectionOperator.java:142)
at org.apache.http.impl.conn.PoolingHttpClientConnectionManager.connect(PoolingHttpClientConnectionManager.java:376)
at org.apache.http.impl.execchain.MainClientExec.establishRoute(MainClientExec.java:393)
at org.apache.http.impl.execchain.MainClientExec.execute(MainClientExec.java:236)
at org.apache.http.impl.execchain.ProtocolExec.execute(ProtocolExec.java:186)
at org.apache.http.impl.execchain.RetryExec.execute(RetryExec.java:89)
at org.apache.http.impl.execchain.RedirectExec.execute(RedirectExec.java:110)
at org.apache.http.impl.client.InternalHttpClient.doExecute(InternalHttpClient.java:185)
at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:83)
at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:108)
at org.wso2.is.notification.EventSender$EventRunner.run(EventSender.java:116)
at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128)
at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628)
at java.base/java.lang.Thread.run(Thread.java:829)
TID: [-1234] [] [2022-09-17 22:09:16,160] ERROR {org.wso2.carbon.apimgt.impl.jwt.JWTValidatorImpl} - Error while parsing JWT org.apache.http.client.ClientProtocolException: URI does not specify a valid host name: https:9443/oauth2/jwks
at org.apache.http.impl.client.CloseableHttpClient.determineTarget(CloseableHttpClient.java:95)
at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:83)
at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:108)
at org.wso2.carbon.apimgt.impl.utils.JWTUtil.retrieveJWKSConfiguration_aroundBody0(JWTUtil.java:58)
at org.wso2.carbon.apimgt.impl.utils.JWTUtil.retrieveJWKSConfiguration(JWTUtil.java:52)
at org.wso2.carbon.apimgt.impl.jwt.JWTValidatorImpl.retrieveJWKSet_aroundBody22(JWTValidatorImpl.java:227)
at org.wso2.carbon.apimgt.impl.jwt.JWTValidatorImpl.retrieveJWKSet(JWTValidatorImpl.java:224)
at org.wso2.carbon.apimgt.impl.jwt.JWTValidatorImpl.validateSignature_aroundBody8(JWTValidatorImpl.java:145)
at org.wso2.carbon.apimgt.impl.jwt.JWTValidatorImpl.validateSignature(JWTValidatorImpl.java:135)
at org.wso2.carbon.apimgt.impl.jwt.JWTValidatorImpl.validateToken_aroundBody0(JWTValidatorImpl.java:62)
at org.wso2.carbon.apimgt.impl.jwt.JWTValidatorImpl.validateToken(JWTValidatorImpl.java:57)
at org.wso2.carbon.apimgt.impl.jwt.JWTValidationServiceImpl.validateJWTToken_aroundBody0(JWTValidationServiceImpl.java:44)
at org.wso2.carbon.apimgt.impl.jwt.JWTValidationServiceImpl.validateJWTToken(JWTValidationServiceImpl.java:36)
at org.wso2.carbon.apimgt.gateway.handlers.security.jwt.JWTValidator.getJwtValidationInfo_aroundBody32(JWTValidator.java:691)
at org.wso2.carbon.apimgt.gateway.handlers.security.jwt.JWTValidator.getJwtValidationInfo(JWTValidator.java:659)
at org.wso2.carbon.apimgt.gateway.handlers.security.jwt.JWTValidator.authenticate_aroundBody0(JWTValidator.java:174)
at org.wso2.carbon.apimgt.gateway.handlers.security.jwt.JWTValidator.authenticate(JWTValidator.java:142)
at org.wso2.carbon.apimgt.gateway.handlers.security.oauth.OAuthAuthenticator.authenticate_aroundBody4(OAuthAuthenticator.java:301)
at org.wso2.carbon.apimgt.gateway.handlers.security.oauth.OAuthAuthenticator.authenticate(OAuthAuthenticator.java:111)
at org.wso2.carbon.apimgt.gateway.handlers.security.APIAuthenticationHandler.isAuthenticate_aroundBody56(APIAuthenticationHandler.java:522)
at org.wso2.carbon.apimgt.gateway.handlers.security.APIAuthenticationHandler.isAuthenticate(APIAuthenticationHandler.java:516)
at org.wso2.carbon.apimgt.gateway.handlers.security.APIAuthenticationHandler.handleRequest_aroundBody46(APIAuthenticationHandler.java:402)
at org.wso2.carbon.apimgt.gateway.handlers.security.APIAuthenticationHandler.handleRequest(APIAuthenticationHandler.java:353)
at org.apache.synapse.api.API.process(API.java:403)
at org.apache.synapse.api.AbstractApiHandler.apiProcessNonDefaultStrategy(AbstractApiHandler.java:107)
at org.apache.synapse.api.AbstractApiHandler.identifyAPI(AbstractApiHandler.java:127)
at org.apache.synapse.api.AbstractApiHandler.dispatchToAPI(AbstractApiHandler.java:59)
at org.apache.synapse.api.rest.RestRequestHandler.dispatchToAPI(RestRequestHandler.java:90)
at org.apache.synapse.api.rest.RestRequestHandler.process(RestRequestHandler.java:76)
at org.apache.synapse.rest.RESTRequestHandler.process(RESTRequestHandler.java:54)
at org.apache.synapse.core.axis2.Axis2SynapseEnvironment.injectMessage(Axis2SynapseEnvironment.java:344)
at org.apache.synapse.core.axis2.SynapseMessageReceiver.receive(SynapseMessageReceiver.java:101)
at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:180)
at org.apache.synapse.transport.passthru.ServerWorker.processNonEntityEnclosingRESTHandler(ServerWorker.java:376)
at org.apache.synapse.transport.passthru.ServerWorker.run(ServerWorker.java:190)
at org.apache.axis2.transport.base.threads.NativeWorkerPool$1.run(NativeWorkerPool.java:172)
at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128)
at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628)
at java.base/java.lang.Thread.run(Thread.java:829)
I am trying to create account with self user registration in wso2 identity server i get form which asks for username of registration after that I get below error in wso2 identity server logs.
any help appreciated how can i resolve this issue?
[2021-04-09 11:43:46,914] [bfbad83a-f5d2-493a-8ead-66389c76726b] ERROR {org.apache.catalina.core.ContainerBase.[Catalina].[localhost].[/accountrecoveryendpoint].[jsp]} - Servlet.service() for servlet [jsp] threw exception org.wso2.carbon.identity.mgt.endpoint.util.client.SelfRegistrationMgtClientException: Error while retrieving data from https://localhost:9446/api/identity/consent-mgt/v1.0/consents/purposes?group=SELF-SIGNUP&groupType=SYSTEM. Found http status HTTP/1.1 500
at org.wso2.carbon.identity.mgt.endpoint.util.client.SelfRegistrationMgtClient.executeGet(SelfRegistrationMgtClient.java:186)
at org.wso2.carbon.identity.mgt.endpoint.util.client.SelfRegistrationMgtClient.getPurposes(SelfRegistrationMgtClient.java:87)
at org.apache.jsp.self_002dregistration_002dwith_002dverification_jsp._jspService(self_002dregistration_002dwith_002dverification_jsp.java:296)
at org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:71)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:741)
at org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:477)
at org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:385)
at org.apache.jasper.servlet.JspServlet.service(JspServlet.java:329)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:741)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:231)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:53)
[2021-04-09 12:30:10,246] [0cbb334b-2886-46cc-8ea1-70f232fae387] ERROR
{org.apache.catalina.core.ContainerBase.[Catalina].[localhost].
[/accountrecoveryendpoint].[signup.do]} - Servlet.service() for servlet
[signup.do] in context with path [/accountrecoveryendpoint] threw exception
[An exception occurred processing [/self-registration-with-verification.jsp]
at line [127]
124:
125: }
126: }
127: String purposes =
selfRegistrationMgtClient.getPurposes(user.getTenantDomain(),
consentPurposeGroupName,
128: consentPurposeGroupType);
129: boolean hasPurposes = StringUtils.isNotEmpty(purposes);
130: Claim[] claims = new Claim[0];
Stacktrace:] with root cause
org.wso2.carbon.identity.mgt.endpoint.util.client.SelfRegistrationMgtClientException: Error while retrieving data from
https://localhost:9446/api/identity/consent-mgt/v1.0/consents/purposes?group=SELF-SIGNUP&groupType=SYSTEM. Found http status HTTP/1.1 500
I'm trying consume a soap web service through WSO2 ei. When invoke a web service using wso2 obtain a exception.
In WSO2, this web service is created like Proxy Service - Pass Through Service and only send inbound mnessage to endpoint address without any transformation.
But if my client invoke directly web service without wso2, it woiks fine.
This is the wso2 ei logs:
[2018-06-28 08:35:53,701] [EI-Core] ERROR - RelayUtils Error while building Passthrough stream
org.apache.axiom.om.OMException: com.ctc.wstx.exc.WstxUnexpectedCharException: Unexpected character '"' (code 34) in DOCTYPE declaration; expected a space between public and system identifiers
at [row,col {unknown-source}]: [1,50]
at org.apache.axiom.om.impl.builder.StAXOMBuilder.next(StAXOMBuilder.java:296)
at org.apache.axiom.soap.impl.builder.StAXSOAPModelBuilder.getSOAPEnvelope(StAXSOAPModelBuilder.java:204)
at org.apache.axiom.soap.impl.builder.StAXSOAPModelBuilder.<init>(StAXSOAPModelBuilder.java:154)
at org.apache.axiom.om.impl.AbstractOMMetaFactory.createStAXSOAPModelBuilder(AbstractOMMetaFactory.java:73)
at org.apache.axiom.om.impl.AbstractOMMetaFactory.createSOAPModelBuilder(AbstractOMMetaFactory.java:79)
at org.apache.axiom.om.OMXMLBuilderFactory.createSOAPModelBuilder(OMXMLBuilderFactory.java:196)
at org.apache.axis2.builder.SOAPBuilder.processDocument(SOAPBuilder.java:65)
at org.apache.synapse.transport.passthru.util.DeferredMessageBuilder.getDocument(DeferredMessageBuilder.java:177)
at org.apache.synapse.transport.passthru.util.RelayUtils.builldMessage(RelayUtils.java:155)
at org.apache.synapse.transport.passthru.util.RelayUtils.buildMessage(RelayUtils.java:108)
at org.apache.synapse.core.axis2.Axis2Sender.doSOAPFormatConversion(Axis2Sender.java:352)
at org.apache.synapse.core.axis2.Axis2Sender.sendBack(Axis2Sender.java:214)
at org.apache.synapse.core.axis2.Axis2SynapseEnvironment.send(Axis2SynapseEnvironment.java:531)
at org.apache.synapse.mediators.builtin.SendMediator.mediate(SendMediator.java:118)
at org.apache.synapse.mediators.AbstractListMediator.mediate(AbstractListMediator.java:97)
at org.apache.synapse.mediators.AbstractListMediator.mediate(AbstractListMediator.java:59)
at org.apache.synapse.mediators.base.SequenceMediator.mediate(SequenceMediator.java:158)
at org.apache.synapse.core.axis2.Axis2SynapseEnvironment.injectMessage(Axis2SynapseEnvironment.java:337)
at org.apache.synapse.core.axis2.SynapseCallbackReceiver.handleMessage(SynapseCallbackReceiver.java:531)
at org.apache.synapse.core.axis2.SynapseCallbackReceiver.receive(SynapseCallbackReceiver.java:188)
at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:180)
at org.apache.synapse.transport.passthru.ClientWorker.run(ClientWorker.java:262)
at org.apache.axis2.transport.base.threads.NativeWorkerPool$1.run(NativeWorkerPool.java:172)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
at java.lang.Thread.run(Thread.java:748)
Thanks,
José Luis
I'm using org.apache.synapse.commons.json.JsonStreamBuilder and org.apache.synapse.commons.json.JsonStreamFormatter in the wso2am 1.9.1, and I don't have problems with JSON malformed, but in wso2am 1.10.0, I got this error:
[2016-06-30 23:50:22,489] ERROR - AnonymousListMediator javax.xml.stream.XMLStreamException: ParseError at [row,col]:[4,10]
Message: Unexpected symbol: END_OBJECT
org.apache.axiom.om.OMException: javax.xml.stream.XMLStreamException: ParseError at [row,col]:[4,10]
Message: Unexpected symbol: END_OBJECT
at org.apache.axiom.om.impl.builder.StAXOMBuilder.next(StAXOMBuilder.java:296)
at org.apache.axiom.om.impl.llom.OMElementImpl.buildNext(OMElementImpl.java:653)
at org.apache.axiom.om.impl.llom.OMSourcedElementImpl.buildNext(OMSourcedElementImpl.java:880)
at org.apache.axiom.om.impl.llom.OMNodeImpl.getNextOMSibling(OMNodeImpl.java:122)
at org.apache.axiom.om.impl.llom.OMElementImpl.getNextOMSibling(OMElementImpl.java:343)
at org.apache.axiom.om.impl.traverse.OMChildrenIterator.getNextNode(OMChildrenIterator.java:36)
at org.apache.axiom.om.impl.traverse.OMAbstractIterator.hasNext(OMAbstractIterator.java:58)
at org.apache.synapse.commons.json.JsonUtil.removeIndentations(JsonUtil.java:414)
at org.apache.synapse.commons.json.JsonUtil.removeIndentations(JsonUtil.java:421)
at org.apache.synapse.commons.json.JsonUtil.removeJsonPayload(JsonUtil.java:624)
at org.apache.synapse.mediators.transform.PayloadFactoryMediator.mediate(PayloadFactoryMediator.java:158)
at org.apache.synapse.mediators.transform.PayloadFactoryMediator.mediate(PayloadFactoryMediator.java:100)
at org.apache.synapse.mediators.AbstractListMediator.mediate(AbstractListMediator.java:81)
at org.apache.synapse.mediators.AbstractListMediator.mediate(AbstractListMediator.java:48)
at org.apache.synapse.config.xml.AnonymousListMediator.mediate(AnonymousListMediator.java:30)
at org.apache.synapse.mediators.filters.FilterMediator.mediate(FilterMediator.java:203)
at org.apache.synapse.mediators.AbstractListMediator.mediate(AbstractListMediator.java:81)
at org.apache.synapse.mediators.AbstractListMediator.mediate(AbstractListMediator.java:48)
at org.apache.synapse.mediators.base.SequenceMediator.mediate(SequenceMediator.java:155)
at org.apache.synapse.mediators.MediatorFaultHandler.onFault(MediatorFaultHandler.java:86)
at org.apache.synapse.FaultHandler.handleFault(FaultHandler.java:102)
at org.apache.synapse.core.axis2.SynapseMessageReceiver.receive(SynapseMessageReceiver.java:89)
at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:180)
at org.apache.synapse.transport.passthru.ServerWorker.processNonEntityEnclosingRESTHandler(ServerWorker.java:317)
at org.apache.synapse.transport.passthru.ServerWorker.processEntityEnclosingRequest(ServerWorker.java:363)
at org.apache.synapse.transport.passthru.ServerWorker.run(ServerWorker.java:142)
at org.apache.axis2.transport.base.threads.NativeWorkerPool$1.run(NativeWorkerPool.java:172)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
at java.lang.Thread.run(Thread.java:745)
Yes, I have a JSON malformed in my application, but I can't fix this now, there is a way to get the same behavior that wso2am 1.9.1? This is a bug or api manager don't have to pass JSON malformed?
Edited: If I use org.apache.axis2.json.JSONStreamFormatter and org.apache.axis2.json.JSONStreamBuilder, I don't have the problems, but I saw that is cause a fail on the Prototyped APIS, the GET methods don't work after change this configuraton.
Thank you
You probably have wrong value in Content-Lenght header. Remove the header Content-Length.
One workaround is to build the message as a Plaintext content.You can use the following builder.
<messageBuilder contentType="text/plain"
class="org.apache.axis2.format.PlainTextBuilder"/>
I have created a web services with RAMPART implementation.
Flow of the Service :
Sender -> Sign Message Using His private key -> Encrypt Message using Server public Key -> sends to Receiver
Receiver -> authenticate message using sender's Public key -> decrypts Message using his private key -> processes the information.
Issue:
Client is Signing & Encrypting Message & sent to server
Server is authenticating & decypting the message successfully.
Now,
post decrypting the message the server processes the values
& has to respond back to client the status.
on return, I am getting following error:
SEVERE: Servlet.service() for servlet [AxisServlet] in context with path [/webService] threw exception
java.lang.NullPointerException
org.apache.rampart.util.RampartUtil.setKeyIdentifierType(RampartUtil.java:1389)
org.apache.rampart.builder.BindingBuilder.getSignatureBuilder(BindingBuilder.java:266)
org.apache.rampart.builder.BindingBuilder.getSignatureBuilder(BindingBuilder.java:250)
org.apache.rampart.builder.AsymmetricBindingBuilder.doSignature(AsymmetricBindingBuilder.java:760)
org.apache.rampart.builder.AsymmetricBindingBuilder.doSignBeforeEncrypt(AsymmetricBindingBuilder.java:417)
org.apache.rampart.builder.AsymmetricBindingBuilder.build(AsymmetricBindingBuilder.java:88)
org.apache.rampart.MessageBuilder.build(MessageBuilder.java:147)
org.apache.rampart.handler.RampartSender.invoke(RampartSender.java:65)
org.apache.axis2.engine.Phase.invokeHandler(Phase.java:340)
org.apache.axis2.engine.Phase.invoke(Phase.java:313)
org.apache.axis2.engine.AxisEngine.invoke(AxisEngine.java:262)
org.apache.axis2.engine.AxisEngine.sendFault(AxisEngine.java:516)
org.apache.axis2.transport.http.AxisServlet.handleFault(AxisServlet.java:433)
org.apache.axis2.transport.http.AxisServlet.doPost(AxisServlet.java:216)
javax.servlet.http.HttpServlet.service(HttpServlet.java:641)
javax.servlet.http.HttpServlet.service(HttpServlet.java:722)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:306)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:240)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:161)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:164)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:100)
at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:550)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:118)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:380)
at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:243)
at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:188)
at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:166)
at org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:288)
at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(Unknown Source)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
Also, i have implemented the service without RAMPART, in that case the response is successful.
Please advice, I am struggling with from past 2 days..
not able to understand what m i missing since Request decryption is successful, but response is throwing exception.
i added the below block and the error was resolve:
<sp:Wss10 xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
<wsp:Policy>
<sp:MustSupportRefKeyIdentifier/>
<sp:MustSupportRefIssuerSerial/>
</wsp:Policy>
</sp:Wss10>