How can I resolve a proxy error for Cloud Foundry? - proxy

I want to push changes to the application hosted on IBM Cloud using CLI. When I try to login I have a proxy error
PS C:\Users\user1\folder1\myapp> cf login
API endpoint: https://api.eu-de.bluemix.net
API endpoint: https://api.eu-de.bluemix.net (API version: 2.128.0)
Not logged in. Use 'cf login' to log in.
FAILED
Error performing request: Get https://login.eu-de.cf.cloud.ibm.com/UAALoginServerWAR/login: Proxy Authentication Required
I set environnement variables HTTPS_PROXY and HTTP_PROXY: http://XXXXXX.XXX:1234
Thanks in advance for any help.

You should be using the https://api.eu-de.cf.cloud.ibm.com API endpoint instead. While mybluemix.net should continue to work, bluemix.net should usually be replaced with the cloud.ibm.com equivalent.

Related

Spring Boot issue with AWS SES authentication

I have a Spring Boot app where on some occasions I am sending automated emails. My App is hosted on AWS ECS(Fargate) and is using AWS SES for sending emails. I added a role to my Fargate task with all needed permissions for AWS SES. Most of the time, the app is able to authenticate and send emails correctly however on some occasions authentication fails and because of that email/s are not sent. The error I am receiving is:
> Unable to load AWS credentials from any provider in the chain:
> EnvironmentVariableCredentialsProvider: Unable to load AWS credentials
> from environment variables (AWS_ACCESS_KEY_ID (or AWS_ACCESS_KEY) and
> AWS_SECRET_KEY (or AWS_SECRET_ACCESS_KEY)),
> SystemPropertiesCredentialsProvider: Unable to load AWS credentials
> from Java system properties (aws.accessKeyId and aws.secretKey),
> WebIdentityTokenCredentialsProvider: To use assume role profiles the
> aws-java-sdk-sts module must be on the class path.,
> com.amazonaws.auth.profile.ProfileCredentialsProvider#6fa01606:
> profile file cannot be null,
> com.amazonaws.auth.EC2ContainerCredentialsProviderWrapper#4ca2c1d:
> Failed to connect to service endpoint
Now, if this would happen each time I would conclude that I configured something incorrectly. However, since authentication fails only sometimes I am not sure what the problem is.
I am using the following aws-sdk version: 1.12.197
When I am initializing a client, I am doing it on the following way:
AmazonSimpleEmailService client = AmazonSimpleEmailServiceClientBuilder.standard() .withRegion(Regions.US_EAST_1).build();
Does anyone has any idea why authentication would fail only sometimes?
Thank you for help.
It appears that one of my ECS tasks used an older version of the Task definition and it didn't have the correct permissions set. After I updated it, it seems to work fine no.

WSO2 API Manager - TypeError Failed to Fetch in API Try Out

I have configured WSO2 API Manager 4.0.0 in an AWS EC2 which runs on Amazon Linux 2. I am following this WSO2 documentation to setup my first API. I am accessing the API Manager's Dev Portal via my local machine. I am in Step 3 : Invoking my API.
When I click the Execute button under Try Out for GET requests, I get a 200 OK response, but with an error saying TypeError: Failed to fetch. I have attached a screenshot here.
I feel that the request URL mentioned here ( https://localhost:8243/hello/1.0.0 ) should have the EC2 server's IP address, instead of localhost , but I cannot find a way to modify that. What am I doing wrong here?
Output
Browser's Inspect Console Tab
The Swagger was not able to make the invocation, as it is getting refused. Try updating the API Gateway Environment configurations in the deployment.toml to the Hostnames / IP address (publicly accessible) of the EC2 instance.
Following is a sample TOML configuration of API Gateway Environments. Update the <change-this> with appropriate hostnames.
[[apim.gateway.environment]]
...
ws_endpoint = "ws://<change-this>:9099"
wss_endpoint = "wss://<change-this>:8099"
http_endpoint = "http://<change-this>:${http.nio.port}"
https_endpoint = "https://<change-this>:${https.nio.port}"
websub_event_receiver_http_endpoint = "http://<change-this>:9021"
websub_event_receiver_https_endpoint = "https://<change-this>:8021"
Once the configurations are done, restart the server and invoke the API from the Devportal Swagger UI.

Elastic Cloud, Filebeat, and Key/Token Authentication

Is it possible configure filebeat to communicate with an Elastic Cloud instance using token authentication?
According to the docs, if I'm using a cloud instance I should configure cloud.id and cloud.auth in filebeat.yml
cloud.id: "..."
cloud.auth: "filebeat_setup:YOUR_PASSWORD"
The docs say that cloud.auth should be a username and password from my Elastic Cloud instance. I'd like to use an api_key instead. However, when I configure an API key
output.elasticsearch:
# Authentication credentials - either API key or username/password.
api_key: "key-id:key-value"
and attempt to test my connection,
$ sudo filebeat test output
elasticsearch: https://...:443...
parse url... OK
connection...
parse host... OK
dns lookup... OK
addresses: 52.202.123.120, 18.214.74.184, 50.19.154.221
dial up... OK
TLS...
security: server's certificate chain verification is enabled
handshake... OK
TLS version: TLSv1.2
dial up... OK
talk to server... ERROR 401 Unauthorized: {"error":{"root_cause":[{"type":"security_exception","reason":"missing authentication credentials for REST request [/]","header":{"WWW-Authenticate":["Basic realm=\"security\" charset=\"UTF-8\"","Bearer realm=\"security\"","ApiKey"]}}],"type":"security_exception","reason":"missing authentication credentials for REST request [/]","header":{"WWW-Authenticate":["Basic realm=\"security\" charset=\"UTF-8\"","Bearer realm=\"security\"","ApiKey"]}},"status":401}
It appears that filebeat doesn't acknowledge my API Key
"root_cause":[
{
"type":"security_exception",
"reason":"missing authentication credentials for REST request [/]"
/* ... */
I've had success connecting to my cloud instance with the #elastic/elasticsearch javascript package using this token.
Before I continue to debug this probiem -- is it even possible to use token authentication to connection to Elasticsearch via filebeat? Or does filebeat only support username/password authentication?
The answer to this question turned out to be: Yes, you can use an api_key with filebeat, even if you're using elastic cloud.
While the error message received during my config test
missing authentication credentials for REST request
indicated the authentication was missing, the real problem was the key I had had previous success with had recently expired. I presume filebeat tried the API key, was rejected, and then fell back to trying the user credentials. When those credentials were missing, it gave the above error.

Unable to execute odata calls using S4Hana SDK in cloud foundry environment with oAuth2SAMLBearerAssertion authentication

I'm trying to connect to s4 hana system using s4 sdk. While executing calls via .execute() method in cloud foundry environment, i see below error logs:
Caused by: com.sap.cloud.sdk.cloudplatform.connectivity.exception.DestinationAccessException: Failed to get authentication headers. Destination service returned error: Missing private and public key for subaccount ******-****-****-***-*******.
Note: I've already configured trust between subaccount and S4Hana system and created respective communication and business user. The associated authentication method used in the destination is oAuth2SamlBearerAssertion. Note: The call executes fine in both local and cloud foundry environment with basic authentication.
Can someone please suggest what is wrong here.
As correctly pointed out by #Dennis H there was a problem in trust configuration between my subaccount and S4 Hana system, the configuration wrong in my case :
-> The certificate I downloaded for trust was using this URL:
https://.authentication.eu10.hana.ondemand.com/saml/metadata
This is incorrect we need to get the certificate from download trust button in destination tab at subaccount level
->Provider name was incorrect in the communication system.
We are developing a side-by-side extension app and deploying it to CF. Our app is trying to connect to S4HANA cloud system using oAUTH2SAMLBEARERASSERTION. But facing issues while doing it. We are getting below error in logs. Please be noted, we are able to connect to S4HANA Cloud using basic auth.
com.sap.cloud.sdk.cloudplatform.connectivity.exception.DestinationAccessException: Failed to access the configuration of destination
Our destination parameters look as attached screenshotenter image description here
Thank you.

Firebase 3 database debug output when connecting from node.js SDKerv

Recently upgrading to run the firebase 3 sdk both in the client, in e2e tests and on the server.
Previously when using the firebase 2.x sdk you could connect to firebase in the same was as a client using signInWithCustomToken. This meant I could generate a token with the {debug: true} flag and use this for my mocha tests. Meaning I would get verbose output from firebase in the invent of security rejection.
Firebase 3 does not allow you to use client types of auth when running the sdk from node (i.e mocha). You must use service accounts. I have created the service account and have serviceaccount.json. I can connect and spoof the UID by using databaseAuthVariableOverride and everything is running AOK but I cannot figure out how to get firebase to send verbose database output so I can debug new firebase rules from my tests.
I have tried things like adding "Log Viewer" permission to my service account. I have also tried (in vein) to add debug: true to the serviceaccount.json
Any help appreciated.
Have you tried the following (in Node.js):
firebase.database.enableLogging(true);

Resources