I am currently working in a AEM 6.5 environment trying to setup the XTM Translation Connector. I have successfully configured this on my local environment by doing the following:
Installing the XTM Translation Connector content package
Configuring credential (Web Service URI, XTM Client Name, User ID, Password) into /mnt/overlay/cq/translation/cloudservices/editor.html/conf/corp/settings/cloudconfigs/translation/xtm/xtm-translation
When I click the Verify button I am prompted with the message:
Connection parameters correct.
That said when I follow these same steps in my dev, stage, prod environments in a different network than my local, I am prompted with the message:
Connection parameters incorrect.
I dove into the logs and found:
[com.xtm.translation.connector.xtm-for-aem.core:1.5.2.SNAPSHOT]
...
Caused by: java.net.SocketTimeoutException: SocketTimeoutException invoking Web_Service_URI: connect timed out
I happen to know that this network uses a proxy server for external connections and reaching out to the internet. So I tried configuring the Apache HTTP Components Proxy Configuration in /system/console/configMgr and then testing the XTM Translation Connector connection again but it doesn't even seems like the XTM Translation Connector is even trying to use the proxy when it tries connecting based on error.log messages.
How can I get this XTM Translation Connector to use this proxy ?
Any thoughts on this are welcomed.
Thanks.
Related
I am learning how to use Spring Cloud Data Flow. A lot of the tutorials make use of the shell so I am trying to get that set up. I am able to start the shell but I get server unknown. I have been trying to point the shell at my local running instance of the server (dataflow config server http://localhost:9393)but I keep getting the errors listed below. I am able to navigate to my server and run applications so I know that it is working on port 9393, not sure why the shell can not see it. I am running version 1.0.0.M3 for the shell.
I have tried the following.
server-unknown:>dataflow config server http://localhost:9393
Unable to contact Data Flow Server at 'http://localhost:9393': 'java.lang.IllegalArgumentException: Deployments relation is required'.
server-unknown:>dataflow config server 'http://localhost:9393'
Unable to contact Data Flow Server at 'http://localhost:9393':
'java.lang.IllegalArgumentException: Deployments relation is required'.
server-unknown:>dataflow config server http://localhost:9393
Unable to contact Data Flow Server at 'http://localhost:9393': 'java.lang.IllegalArgumentException: Deployments relation is required'.
server-unknown:>dataflow config server --uri http://localhost:9393
Unable to contact Data Flow Server at 'http://localhost:9393': 'java.lang.IllegalArgumentException: Deployments relation is required'.
server-unknown:>dataflow config server http://localhost:9393/
Unable to contact Data Flow Server at 'http://localhost:9393/': 'java.lang.IllegalArgumentException: Deployments relation is required'.
server-unknown:>dataflow config server \http://localhost:9393/
Unable to contact Data Flow Server at '\http://localhost:9393/': 'java.lang.IllegalArgumentException: Illegal character in scheme name at index 0: \http://localhost:9393/'.
server-unknown:>dataflow config server https://localhost:9393/
Unable to contact Data Flow Server at 'https://localhost:9393/': 'org.springframework.web.client.ResourceAccessException: I/O error on GET request for "https://localhost:9393/": Unrecognized SSL message, plaintext connection?; nested exception is javax.net.ssl.SSLException: Unrecognized SSL message, plaintext connection?'.
server-unknown:>dataflow config server --uri http://localhost:9393/ --skip-ssl-validation true
Option 'skip-ssl-validation' is not available for this command. Use tab assist or the "help" command to see the legal options
The 1.0.0 M3 version is at least 2yrs old.
Please upgrade to the latest GA release for bot SCDF and the Shell applications. You can get the latest release coordinates for the both from the getting-started guide.
I'm trying to run liquibase update command using
liquibase --driver="com.ibm.db2.jcc.DB2Driver" --changeLogFile="masterchangelog.xml " --url="jdbc:db2://localhost:60001/SMDINTDB:retrieveMessageFromServerOnGetMessage=true;sslConnection=true;" --username="" --password="" --classpath=/home/db2inst1/sqllib/java/db2jcc4.jar validate
But I'm getting following error. Can anyone help me how to resolve this issue? How I can specify the location of certs ?
Unexpected error running Liquibase: com.ibm.db2.jcc.am.DisconnectNonTransientConnectionException: [jcc][t4][2030][11211][4.26.14] A communication error occurred during operations on the connection's underlying socket, socket input stream,
or socket output stream. Error location: Reply.fill() - socketInputStream.read (-1). Message: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target. ERRORCODE=-4499, SQLSTATE=08001
Several pre-requisites exist for on-premises Db2-LUW SSL connectivity with jdbc.
liquibase works correctly with SSL connections to on-premises Db2-LUW, if all the prerequisite configuration completed successfully. Here are some tips.
the target Db2-LUW instance has to be already configured for SSL as per IBM Db2 documentation here. If you are using a cloud based Db2 service from IBM then this is already done for you, although you may need to use the IBM supplied root cert on the client side.
your client side JRE needs to be configured per IBM's Db2-LUW documentation here. I use the IBM JRE (as supplied with the Db2-LUW server) for liquibase.
for on-premises Db2-LUW your client side needs the java keystore created, and the server's certificate imported into it (keytool -importcert -file /your/path/to/server_certificate ... ).
for your specific error, for on-premises Db2-LUW you might try additional options in the connection string to tell the JRE how to access the client side keystore into which you already imported the server certificate. Specifically sslTrustStoreLocation=/path/to/.keystore;sslTrustStorePassword=whatever; . Note that I did not need these options if using Db2-on-cloud (liquibase worked correctly with SSL to Db2-on-cloud once I added DigiCertGlobalRootCA.crt to my keystore (although even that may be unnecessary) , but I did not try Db2-warehouse-on-cloud as I don't use that service.
I can not connect to Google Services from client application if it is trying to communicate with oauth2.googleapis.com (which is probably blocked in my corporate network - I dont know how to test it for sure).
I tried BigQuery with JDBC driver in Dbeaver. With basic settings.
User-based login does this:
It generates link for OAUTH. I open the browser and login with the right google account. Then I insert generated code into the Dbeaver and I recieve that AUTH has failed.
Service-based login does this:
It does not want me to visit any webpage. It just tells me:
[Simba][BigQueryJDBCDriver](100004) HttpTransport IO error : oauth2.googleapis.com.
I also tried to use ODBC, where PROXY can be filled in. But no luck.
When I take a look into 'Proxy Options' the proxy port is always rewritten by proxy host. Weird.
This is what happens when i click on 'catalog' or 'dataset' drop-down field. I cant do any further steps.
BUT!
When I set my HTTP PROXY in GCLOUD CLI APP then communication works. And I can call BQ from it.
Does it mean that GCLOUD communicates through HTTP Proxy and DBeaver or ODBC does not? Or does it mean that GCLOUD does not need oauth2.googleapis.com but ODBC and JDBC do and it is blacklisted? I am confused.
We need to migrate from our internal environment to GCP. We would love to use various applications. I would ask for whitelisting oauth2.googleapis.com but i am not sure this is the only problem as GCLOUD app works without any flaws.
I am not-experienced with networking so i am more than happy to update / correct this question or add any info (if you need) to help me understand this issue. Thank you
According to your description, your corporate network is using a Proxy to reach out Internet, this is the reason why gcloud is capable to reach out BigQuery service when Proxy settings are configured in your system; through Cloud SDK Proxy settings or HTTP PROXY environment variable.
You require to setup the proxy settings within the JDBC connection string as described in Simba JDBC driver documentation, e.g.:
jdbc:bigquery:DataSetId=MyDataSetId;ProjectId=MyProjectId;OAuthType=1;ProxyHost=MyProxyHost;ProxyPort=MyProxyPort;ProxyUID=MyProxyUsername;ProxyPWD=MyProxyPassword
This connection string will indicate the Proxy settings to Simba JDBC driver.
I'm trying to connect to s4 hana system using s4 sdk. While executing calls via .execute() method in cloud foundry environment, i see below error logs:
Caused by: com.sap.cloud.sdk.cloudplatform.connectivity.exception.DestinationAccessException: Failed to get authentication headers. Destination service returned error: Missing private and public key for subaccount ******-****-****-***-*******.
Note: I've already configured trust between subaccount and S4Hana system and created respective communication and business user. The associated authentication method used in the destination is oAuth2SamlBearerAssertion. Note: The call executes fine in both local and cloud foundry environment with basic authentication.
Can someone please suggest what is wrong here.
As correctly pointed out by #Dennis H there was a problem in trust configuration between my subaccount and S4 Hana system, the configuration wrong in my case :
-> The certificate I downloaded for trust was using this URL:
https://.authentication.eu10.hana.ondemand.com/saml/metadata
This is incorrect we need to get the certificate from download trust button in destination tab at subaccount level
->Provider name was incorrect in the communication system.
We are developing a side-by-side extension app and deploying it to CF. Our app is trying to connect to S4HANA cloud system using oAUTH2SAMLBEARERASSERTION. But facing issues while doing it. We are getting below error in logs. Please be noted, we are able to connect to S4HANA Cloud using basic auth.
com.sap.cloud.sdk.cloudplatform.connectivity.exception.DestinationAccessException: Failed to access the configuration of destination
Our destination parameters look as attached screenshotenter image description here
Thank you.
Our project requires Nexus Professional to store and manage artefacts in a centralized repository hosted on Windows server. We were able to install Sonatype Nexus Professional in Windows workstation. However, I got stuck with Nexus' proxy configuration. A repository of type proxy is not able connect to the proxy server (i.e Proxy Blocked ).
Can some one help with configuration of proxy settings in Sonatype Nexus Professional in Windows?
Regs, Syam
This is HTTP error 407, indicating that your corporate http proxy server requires credentials but either none were supplied or incorrect ones were supplied.
Go to "administration/server" in the Nexus web UI, and configure both "default http proxy settings (optional)", and within that "authentication (optional)".
Most like your server is blocked to connect to the remote server via a proxy server or firewall.
Log into the server as the user running Nexus and confirm that you can ping the remote server first. Most likely that does not work.
Once you have fixed that it will either work or if required you will have to configure Nexus to connect via a proxy. This can be done on a Nexus global level as well as per repository.
I could ping to the https proxy server. We have configured the Proxy settings - Override the HTTP proxy setting of proxy repository configurations.
IAS server requires proxy authentication with error message "Access to the Web Proxy filter is denied". Hope this is due to proxy server configuration.
Error Message says:
Unexpected response code while executing GET method [repositoryId="central", requestPath="/.meta/prefixes.txt", remoteUrl="http://repo1.maven.org/maven2/.meta/prefixes.txt"].
Expected: "SUCCESS (200)". Received: 407 : Proxy Authentication Required
( The ISA Server requires authorization to fulfill the request. Access to the Web Proxy filter is denied. )
Regards,
Syam
We have made the configuration updates as per your suggestion.
Some how my user credentials is getting locked out due to fact that login attempt failes multiple times at proxy server...
So will have to check with our manager & see if some thing can be done at the proxy server lever to over come the proxy authentication issue.
We will keep you updated. Ultimarly we are plaing for cenralies nexus server