I am following the tutorial: http://wso2.com/library/articles/2015/02/how-to-write-a-web-application-backed-by-wso2-middleware-part-3/.
Some information about my architecture:
IS ports: https:9440 http:9760
ESB ports: https:9444,8242 http:9764,8281
DSS service: http:9764 (inside ESB as feature)
I defined the proxy service as follows:
<?xml version="1.0" encoding="UTF-8"?>
<proxy xmlns="http://ws.apache.org/ns/synapse"
name="WSO2HealthITProxy5"
startOnLoad="true"
statistics="disable"
trace="disable"
transports="https,http">
<target>
<inSequence>
<property name="username" scope="axis2" type="STRING" value="fausto"/>
<entitlementService callbackClass="org.wso2.carbon.identity.entitlement.mediator.callback.UTEntitlementCallbackHandler"
client="basicAuth"
remoteServicePassword="enc:bS+kMgBk0W1nzqVwpAJ3RRkbieLEuMepiGa/sf9mQrVvbyNrAf1vbsJTohkX2KBr6oVVUcwSiT/lNi54B/4WMQMrcXWN+ewktsZTRlj8qE7lwyJZ0kfUvm+9h5rN8MRfJvQ8FQ8gxoHyNuhR4dD2J3l/nWxgjfnfWPpI8LV4zwk="
remoteServiceUrl="https://localhost:9440/services/"
remoteServiceUserName="admin">
<onReject>
<log level="custom">
<property name="FAULT" value="ON REJECT CALLED"/>
</log>
<makefault version="soap11">
<code xmlns:soap11Env="http://schemas.xmlsoap.org/soap/envelope/"
value="soap11Env:Server"/>
<reason value="UNAUTHORIZED"/>
<role/>
<detail>XACML Authorization Failed</detail>
</makefault>
<property name="RESPONSE" scope="default" type="STRING" value="true"/>
<header action="remove" name="To" scope="default"/>
<send/>
</onReject>
<onAccept>
<log level="custom">
<property name="FAULT" value="ON ACCEPT CALLED"/>
</log>
<send>
<endpoint>
<address uri="http://localhost:9764/services/WSO2HealthIT"/>
</endpoint>
</send>
</onAccept>
<obligations/>
<advice/>
</entitlementService>
</inSequence>
<outSequence>
<header xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
action="remove"
name="wsse:Security"/>
<send/>
</outSequence>
</target>
<publishWSDL uri="http://localhost:9764/services/WSO2HealthIT?wsdl2"/>
<description/>
</proxy>
On the IS side, the policies are defined as follows:
EntitlementFilterPolicy.xml
<Policy xmlns="urn:oasis:names:tc:xacml:3.0:core:schema:wd-17" PolicyId="EntitlementFilterPolicy" RuleCombiningAlgId="urn:oasis:names:tc:xacml:1.0:rule-combining-algorithm:first-applicable" Version="1.0">
<Target></Target>
<Rule Effect="Permit" RuleId="Rule1">
<Target>
<AnyOf>
<AllOf>
<Match MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal">
<AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">/WSO2HealthWebApplication2/addPatient.jsp</AttributeValue>
<AttributeDesignator AttributeId="urn:oasis:names:tc:xacml:1.0:resource:resource-id" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="true"></AttributeDesignator>
</Match>
<Match MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal">
<AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">GET</AttributeValue>
<AttributeDesignator AttributeId="urn:oasis:names:tc:xacml:1.0:action:action-id" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:action" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="true"></AttributeDesignator>
</Match>
</AllOf>
</AnyOf>
</Target>
<Condition>
<Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-at-least-one-member-of">
<Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-bag">
<AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">write</AttributeValue>
</Apply>
<AttributeDesignator AttributeId="http://wso2.org/claims/role" Category="urn:oasis:names:tc:xacml:1.0:subject-category:access-subject" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="true"></AttributeDesignator>
</Apply>
</Condition>
</Rule>
<Rule Effect="Permit" RuleId="Rule2">
<Target>
<AnyOf>
<AllOf>
<Match MatchId="urn:oasis:names:tc:xacml:1.0:function:string-regexp-match">
<AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">/WSO2HealthWebApplication2/(patientInfoPage|getPatientDetails).jsp</AttributeValue>
<AttributeDesignator AttributeId="urn:oasis:names:tc:xacml:1.0:resource:resource-id" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="true"></AttributeDesignator>
</Match>
<Match MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal">
<AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">GET</AttributeValue>
<AttributeDesignator AttributeId="urn:oasis:names:tc:xacml:1.0:action:action-id" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:action" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="true"></AttributeDesignator>
</Match>
</AllOf>
</AnyOf>
</Target>
<Condition>
<Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-at-least-one-member-of">
<Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-bag">
<AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">write</AttributeValue>
<AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">read</AttributeValue>
</Apply>
<AttributeDesignator AttributeId="http://wso2.org/claims/role" Category="urn:oasis:names:tc:xacml:1.0:subject-category:access-subject" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="true"></AttributeDesignator>
</Apply>
</Condition>
</Rule>
</Policy>
dssOperationPolicy.xml
<Policy xmlns="urn:oasis:names:tc:xacml:3.0:core:schema:wd-17" PolicyId="dssOperationsPolicy" RuleCombiningAlgId="urn:oasis:names:tc:xacml:1.0:rule-combining-algorithm:first-applicable" Version="1.0">
<Target></Target>
<Rule Effect="Permit" RuleId="Rule1">
<Target>
<AnyOf>
<AllOf>
<Match MatchId="urn:oasis:names:tc:xacml:1.0:function:string-regexp-match">
<AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">.*/WSO2HealthITProxy5/patientDetailsByNumber</AttributeValue>
<AttributeDesignator AttributeId="urn:oasis:names:tc:xacml:1.0:resource:resource-id" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="true"></AttributeDesignator>
</Match>
<Match MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal">
<AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">read</AttributeValue>
<AttributeDesignator AttributeId="urn:oasis:names:tc:xacml:1.0:action:action-id" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:action" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="true"></AttributeDesignator>
</Match>
</AllOf>
</AnyOf>
</Target>
<Condition>
<Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-at-least-one-member-of">
<Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-bag">
<AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">write</AttributeValue>
<AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">read</AttributeValue>
</Apply>
<AttributeDesignator AttributeId="http://wso2.org/claims/role" Category="urn:oasis:names:tc:xacml:1.0:subject-category:access-subject" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="true"></AttributeDesignator>
</Apply>
</Condition>
</Rule>
<Rule Effect="Permit" RuleId="Rule2">
<Target>
<AnyOf>
<AllOf>
<Match MatchId="urn:oasis:names:tc:xacml:1.0:function:string-regexp-match">
<AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">.*/WSO2HealthITProxy5/registerPatient</AttributeValue>
<AttributeDesignator AttributeId="urn:oasis:names:tc:xacml:1.0:resource:resource-id" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="true"></AttributeDesignator>
</Match>
<Match MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal">
<AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">read</AttributeValue>
<AttributeDesignator AttributeId="urn:oasis:names:tc:xacml:1.0:action:action-id" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:action" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="true"></AttributeDesignator>
</Match>
</AllOf>
</AnyOf>
</Target>
<Condition>
<Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-at-least-one-member-of">
<Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-bag">
<AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">write</AttributeValue>
</Apply>
<AttributeDesignator AttributeId="http://wso2.org/claims/role" Category="urn:oasis:names:tc:xacml:1.0:subject-category:access-subject" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="true"></AttributeDesignator>
</Apply>
</Condition>
</Rule>
</Policy>
Login authentication works fine, but when trying to get some patient information though the ESB proxy, I get the following errors on the ESB system log.
TID[-1234] [ESB] [2016-11-25 14:34:04,080] INFO {org.apache.axis2.transport.http.HTTPSender} - Unable to sendViaPost to url[https://192.168.23.250:9440/services/EntitlementService] org.opensaml.ws.soap.client.http.TLSProtocolSocketFactory.verifyHostname(TLSProtocolSocketFactory.java:233) org.opensaml.ws.soap.client.http.TLSProtocolSocketFactory.createSocket(TLSProtocolSocketFactory.java:186) org.apache.commons.httpclient.HttpConnection.open(HttpConnection.java:707) org.apache.commons.httpclient.MultiThreadedHttpConnectionManager$HttpConnectionAdapter.open(MultiThreadedHttpConnectionManager.java:1361) org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(HttpMethodDirector.java:387) org.apache.commons.httpclient.HttpMethodDirector.executeMethod(HttpMethodDirector.java:171) org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) org.apache.axis2.transport.http.AbstractHTTPSender.executeMethod(AbstractHTTPSender.java:659) org.apache.axis2.transport.http.HTTPSender.sendViaPost(HTTPSender.java:195) org.apache.axis2.transport.http.HTTPSender.send(HTTPSender.java:77) org.apache.axis2.transport.http.CommonsHTTPTransportSender.writeMessageWithCommons(CommonsHTTPTransportSender.java:451) org.apache.axis2.transport.http.CommonsHTTPTransportSender.invoke(CommonsHTTPTransportSender.java:278) org.apache.axis2.engine.AxisEngine.send(AxisEngine.java:442) org.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisOperation.java:430) org.apache.axis2.description.OutInAxisOperationClient.executeImpl(OutInAxisOperation.java:225) org.apache.axis2.client.OperationClient.execute(OperationClient.java:149) org.wso2.carbon.identity.entitlement.stub.EntitlementServiceStub.getDecision(EntitlementServiceStub.java:1108) org.wso2.carbon.identity.entitlement.proxy.soap.basicAuth.BasicAuthEntitlementServiceClient.getDecision(BasicAuthEntitlementServiceClient.java:259) org.wso2.carbon.identity.entitlement.proxy.soap.basicAuth.BasicAuthEntitlementServiceClient.getDecision(BasicAuthEntitlementServiceClient.java:123) org.wso2.carbon.identity.entitlement.proxy.PEPProxy.getDecision(PEPProxy.java:94) org.wso2.carbon.identity.entitlement.proxy.PEPProxy.getDecision(PEPProxy.java:66) org.wso2.carbon.identity.entitlement.mediator.EntitlementMediator.mediate(EntitlementMediator.java:185) org.apache.synapse.mediators.AbstractListMediator.mediate(AbstractListMediator.java:97) org.apache.synapse.mediators.AbstractListMediator.mediate(AbstractListMediator.java:59) org.apache.synapse.mediators.base.SequenceMediator.mediate(SequenceMediator.java:158) org.apache.synapse.core.axis2.ProxyServiceMessageReceiver.receive(ProxyServiceMessageReceiver.java:210) org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:180) org.apache.synapse.transport.passthru.ServerWorker.processEntityEnclosingRequest(ServerWorker.java:403) org.apache.synapse.transport.passthru.ServerWorker.run(ServerWorker.java:151) org.apache.axis2.transport.base.threads.NativeWorkerPool$1.run(NativeWorkerPool.java:172) java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145) java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615) java.lang.Thread.run(Thread.java:745)
and
TID[-1234] [ESB] [2016-11-25 14:34:04,082] ERROR {org.wso2.carbon.identity.entitlement.mediator.EntitlementMediator} - Error occurred while evaluating the policy org.apache.axis2.AxisFault.makeFault(AxisFault.java:430) org.apache.axis2.transport.http.HTTPSender.sendViaPost(HTTPSender.java:199) org.apache.axis2.transport.http.HTTPSender.send(HTTPSender.java:77) org.apache.axis2.transport.http.CommonsHTTPTransportSender.writeMessageWithCommons(CommonsHTTPTransportSender.java:451) org.apache.axis2.transport.http.CommonsHTTPTransportSender.invoke(CommonsHTTPTransportSender.java:278) org.apache.axis2.engine.AxisEngine.send(AxisEngine.java:442) org.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisOperation.java:430) org.apache.axis2.description.OutInAxisOperationClient.executeImpl(OutInAxisOperation.java:225) org.apache.axis2.client.OperationClient.execute(OperationClient.java:149) org.wso2.carbon.identity.entitlement.stub.EntitlementServiceStub.getDecision(EntitlementServiceStub.java:1108) org.wso2.carbon.identity.entitlement.proxy.soap.basicAuth.BasicAuthEntitlementServiceClient.getDecision(BasicAuthEntitlementServiceClient.java:259) org.wso2.carbon.identity.entitlement.proxy.soap.basicAuth.BasicAuthEntitlementServiceClient.getDecision(BasicAuthEntitlementServiceClient.java:123) org.wso2.carbon.identity.entitlement.proxy.PEPProxy.getDecision(PEPProxy.java:94) org.wso2.carbon.identity.entitlement.proxy.PEPProxy.getDecision(PEPProxy.java:66) org.wso2.carbon.identity.entitlement.mediator.EntitlementMediator.mediate(EntitlementMediator.java:185) org.apache.synapse.mediators.AbstractListMediator.mediate(AbstractListMediator.java:97) org.apache.synapse.mediators.AbstractListMediator.mediate(AbstractListMediator.java:59) org.apache.synapse.mediators.base.SequenceMediator.mediate(SequenceMediator.java:158) org.apache.synapse.core.axis2.ProxyServiceMessageReceiver.receive(ProxyServiceMessageReceiver.java:210) org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:180) org.apache.synapse.transport.passthru.ServerWorker.processEntityEnclosingRequest(ServerWorker.java:403) org.apache.synapse.transport.passthru.ServerWorker.run(ServerWorker.java:151) org.apache.axis2.transport.base.threads.NativeWorkerPool$1.run(NativeWorkerPool.java:172) java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145) java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615) java.lang.Thread.run(Thread.java:745)
It looks like I can't get through the IS Entitlement Service as the service seems not to exist. I have been looking at the documentation without any useful results.
Does anyone can help or has been facing the same issue?
Thanks in advance.
At the end, I figured out what the problems were.
First, I went to read the wso2carbon.log file, located in $CARBON_HOME/repository/logs and I found the following problem:
TID: [-1234] [] [2016-11-29 16:01:08,502] INFO {org.apache.axis2.transport.http.HTTPSender} - Unable to sendViaPost to url[https://192.168.23.250:9440/services/EntitlementService] {org.apache.axis2.transport.http.HTTPSender}
javax.net.ssl.SSLException: hostname in certificate didn't match: <192.168.23.250> != </localhost>
at org.apache.commons.httpclient.protocol.SSLProtocolSocketFactory.verifyHostName(SSLProtocolSocketFactory.java:341)
at org.apache.commons.httpclient.protocol.SSLProtocolSocketFactory.verifyHostName(SSLProtocolSocketFactory.java:277)
at org.apache.commons.httpclient.protocol.SSLProtocolSocketFactory.verifyHostName(SSLProtocolSocketFactory.java:260)
at org.apache.commons.httpclient.protocol.SSLProtocolSocketFactory.createSocket(SSLProtocolSocketFactory.java:158)
at org.apache.commons.httpclient.HttpConnection.open(HttpConnection.java:707)
at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager$HttpConnectionAdapter.open(MultiThreadedHttpConnectionManager.java:1361)
at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(HttpMethodDirector.java:387)
at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(HttpMethodDirector.java:171)
at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397)
at org.apache.axis2.transport.http.AbstractHTTPSender.executeMethod(AbstractHTTPSender.java:659)
at org.apache.axis2.transport.http.HTTPSender.sendViaPost(HTTPSender.java:195)
at org.apache.axis2.transport.http.HTTPSender.send(HTTPSender.java:77)
at org.apache.axis2.transport.http.CommonsHTTPTransportSender.writeMessageWithCommons(CommonsHTTPTransportSender.java:451)
at org.apache.axis2.transport.http.CommonsHTTPTransportSender.invoke(CommonsHTTPTransportSender.java:278)
at org.apache.axis2.engine.AxisEngine.send(AxisEngine.java:442)
at org.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisOperation.java:430)
at org.apache.axis2.description.OutInAxisOperationClient.executeImpl(OutInAxisOperation.java:225)
at org.apache.axis2.client.OperationClient.execute(OperationClient.java:149)
at org.wso2.carbon.identity.entitlement.stub.EntitlementServiceStub.getDecision(EntitlementServiceStub.java:1108)
at org.wso2.carbon.identity.entitlement.proxy.soap.basicAuth.BasicAuthEntitlementServiceClient.getDecision(BasicAuthEntitlementServiceClient.java:259)
at org.wso2.carbon.identity.entitlement.proxy.soap.basicAuth.BasicAuthEntitlementServiceClient.getDecision(BasicAuthEntitlementServiceClient.java:123)
at org.wso2.carbon.identity.entitlement.proxy.PEPProxy.getDecision(PEPProxy.java:94)
at org.wso2.carbon.identity.entitlement.proxy.PEPProxy.getDecision(PEPProxy.java:66)
at org.wso2.carbon.identity.entitlement.mediator.EntitlementMediator.mediate(EntitlementMediator.java:185)
at org.apache.synapse.mediators.AbstractListMediator.mediate(AbstractListMediator.java:97)
at org.apache.synapse.mediators.AbstractListMediator.mediate(AbstractListMediator.java:59)
at org.apache.synapse.mediators.base.SequenceMediator.mediate(SequenceMediator.java:158)
at org.apache.synapse.core.axis2.ProxyServiceMessageReceiver.receive(ProxyServiceMessageReceiver.java:210)
at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:180)
at org.apache.synapse.transport.passthru.ServerWorker.processEntityEnclosingRequest(ServerWorker.java:403)
at org.apache.synapse.transport.passthru.ServerWorker.run(ServerWorker.java:151)
at org.apache.axis2.transport.base.threads.NativeWorkerPool$1.run(NativeWorkerPool.java:172)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
at java.lang.Thread.run(Thread.java:745)
TID: [-1234] [] [2016-11-29 16:01:08,503] ERROR {org.wso2.carbon.identity.entitlement.mediator.EntitlementMediator} - Error occurred while evaluating the policy {org.wso2.carbon.identity.entitlement.mediator.EntitlementMediator}
org.apache.axis2.AxisFault: hostname in certificate didn't match: <192.168.23.250> != </localhost>
at org.apache.axis2.AxisFault.makeFault(AxisFault.java:430)
at org.apache.axis2.transport.http.HTTPSender.sendViaPost(HTTPSender.java:199)
at org.apache.axis2.transport.http.HTTPSender.send(HTTPSender.java:77)
at org.apache.axis2.transport.http.CommonsHTTPTransportSender.writeMessageWithCommons(CommonsHTTPTransportSender.java:451)
at org.apache.axis2.transport.http.CommonsHTTPTransportSender.invoke(CommonsHTTPTransportSender.java:278)
at org.apache.axis2.engine.AxisEngine.send(AxisEngine.java:442)
at org.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisOperation.java:430)
at org.apache.axis2.description.OutInAxisOperationClient.executeImpl(OutInAxisOperation.java:225)
at org.apache.axis2.client.OperationClient.execute(OperationClient.java:149)
at org.wso2.carbon.identity.entitlement.stub.EntitlementServiceStub.getDecision(EntitlementServiceStub.java:1108)
at org.wso2.carbon.identity.entitlement.proxy.soap.basicAuth.BasicAuthEntitlementServiceClient.getDecision(BasicAuthEntitlementServiceClient.java:259)
at org.wso2.carbon.identity.entitlement.proxy.soap.basicAuth.BasicAuthEntitlementServiceClient.getDecision(BasicAuthEntitlementServiceClient.java:123)
at org.wso2.carbon.identity.entitlement.proxy.PEPProxy.getDecision(PEPProxy.java:94)
at org.wso2.carbon.identity.entitlement.proxy.PEPProxy.getDecision(PEPProxy.java:66)
at org.wso2.carbon.identity.entitlement.mediator.EntitlementMediator.mediate(EntitlementMediator.java:185)
at org.apache.synapse.mediators.AbstractListMediator.mediate(AbstractListMediator.java:97)
at org.apache.synapse.mediators.AbstractListMediator.mediate(AbstractListMediator.java:59)
at org.apache.synapse.mediators.base.SequenceMediator.mediate(SequenceMediator.java:158)
at org.apache.synapse.core.axis2.ProxyServiceMessageReceiver.receive(ProxyServiceMessageReceiver.java:210)
at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:180)
at org.apache.synapse.transport.passthru.ServerWorker.processEntityEnclosingRequest(ServerWorker.java:403)
at org.apache.synapse.transport.passthru.ServerWorker.run(ServerWorker.java:151)
at org.apache.axis2.transport.base.threads.NativeWorkerPool$1.run(NativeWorkerPool.java:172)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
at java.lang.Thread.run(Thread.java:745)
Caused by: javax.net.ssl.SSLException: hostname in certificate didn't match: <192.168.23.250> != </localhost>
at org.apache.commons.httpclient.protocol.SSLProtocolSocketFactory.verifyHostName(SSLProtocolSocketFactory.java:341)
at org.apache.commons.httpclient.protocol.SSLProtocolSocketFactory.verifyHostName(SSLProtocolSocketFactory.java:277)
at org.apache.commons.httpclient.protocol.SSLProtocolSocketFactory.verifyHostName(SSLProtocolSocketFactory.java:260)
at org.apache.commons.httpclient.protocol.SSLProtocolSocketFactory.createSocket(SSLProtocolSocketFactory.java:158)
at org.apache.commons.httpclient.HttpConnection.open(HttpConnection.java:707)
at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager$HttpConnectionAdapter.open(MultiThreadedHttpConnectionManager.java:1361)
at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(HttpMethodDirector.java:387)
at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(HttpMethodDirector.java:171)
at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397)
at org.apache.axis2.transport.http.AbstractHTTPSender.executeMethod(AbstractHTTPSender.java:659)
at org.apache.axis2.transport.http.HTTPSender.sendViaPost(HTTPSender.java:195)
... 24 more
It is evident that the problem is in the certificates and in the https request.
My services were in different Docker containers so I could not use localhost as the caller host, because each service has a different ip.
So, I decided to try the http request instead of the https, but the result was:
TID: [-1234] [] [2016-11-29 16:07:37,192] ERROR {org.wso2.carbon.identity.entitlement.mediator.EntitlementMediator} - Error occurred while evaluating the policy {org.wso2.carbon.identity.entitlement.mediator.EntitlementMediator}
org.apache.axis2.AxisFault: The service cannot be found for the endpoint reference (EPR) http://192.168.23.250:9760/services/EntitlementService
at org.apache.axis2.util.Utils.getInboundFaultFromMessageContext(Utils.java:531)
at org.apache.axis2.description.OutInAxisOperationClient.handleResponse(OutInAxisOperation.java:370)
at org.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisOperation.java:445)
at org.apache.axis2.description.OutInAxisOperationClient.executeImpl(OutInAxisOperation.java:225)
at org.apache.axis2.client.OperationClient.execute(OperationClient.java:149)
at org.wso2.carbon.identity.entitlement.stub.EntitlementServiceStub.getDecision(EntitlementServiceStub.java:1108)
at org.wso2.carbon.identity.entitlement.proxy.soap.basicAuth.BasicAuthEntitlementServiceClient.getDecision(BasicAuthEntitlementServiceClient.java:259)
at org.wso2.carbon.identity.entitlement.proxy.soap.basicAuth.BasicAuthEntitlementServiceClient.getDecision(BasicAuthEntitlementServiceClient.java:123)
at org.wso2.carbon.identity.entitlement.proxy.PEPProxy.getDecision(PEPProxy.java:94)
at org.wso2.carbon.identity.entitlement.proxy.PEPProxy.getDecision(PEPProxy.java:66)
at org.wso2.carbon.identity.entitlement.mediator.EntitlementMediator.mediate(EntitlementMediator.java:185)
at org.apache.synapse.mediators.AbstractListMediator.mediate(AbstractListMediator.java:97)
at org.apache.synapse.mediators.AbstractListMediator.mediate(AbstractListMediator.java:59)
at org.apache.synapse.mediators.base.SequenceMediator.mediate(SequenceMediator.java:158)
at org.apache.synapse.core.axis2.ProxyServiceMessageReceiver.receive(ProxyServiceMessageReceiver.java:210)
at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:180)
at org.apache.synapse.transport.passthru.ServerWorker.processEntityEnclosingRequest(ServerWorker.java:403)
at org.apache.synapse.transport.passthru.ServerWorker.run(ServerWorker.java:151)
at org.apache.axis2.transport.base.threads.NativeWorkerPool$1.run(NativeWorkerPool.java:172)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
at java.lang.Thread.run(Thread.java:745)
That means that the policy EntitlementService is available only through https.
At the end I solved the problem putting IS and ESB in the same Docker container. The request is now at localhost and everything goes fine.
Now, the question is: how can I handle ESB and IS services together when these components are installed in two different machines?
Related
I am creating a WebSphere portal cluster version 8.5. I am using the configuration wizard for this. In the 'Create a cluster' section, the last section is 'Complete the cluster setup'.While running it , I got 'Failed' in it . On checking the log files for this , I found the following error ----
/home/portal/WebSphere/PortalServer/jcr/wp.content.repository.install/config/includes/jcr.install_cfg.xml:1106: java.lang.ArrayIndexOutOf
BoundsException: Array index out of range: 0
at com.ibm.wplc.deploy.tasks.impl.ResourceEnvProviderCreateImpl.execute(ResourceEnvProviderCreateImpl.java:86)
at com.ibm.wplc.deploy.tasks.AbstractBaseAdminTask.executeBean(AbstractBaseAdminTask.java:541)
at com.ibm.wplc.deploy.tasks.AbstractBaseAdminTask.executeTask(AbstractBaseAdminTask.java:525)
at com.ibm.wplc.deploy.tasks.AbstractBaseWsAdminWrapperTask.executeTask(AbstractBaseWsAdminWrapperTask.java:395)
at com.ibm.wplc.deploy.tasks.AbstractBaseAdminTask.execute(AbstractBaseAdminTask.java:175)
at org.apache.tools.ant.UnknownElement.execute(UnknownElement.java:275)
at org.apache.tools.ant.Task.perform(Task.java:364)
at org.apache.tools.ant.Target.execute(Target.java:341)
at org.apache.tools.ant.Target.performTasks(Target.java:369)
at org.apache.tools.ant.Project.executeSortedTargets(Project.java:1216)
at org.apache.tools.ant.Project.executeTarget(Project.java:1185)
at com.ibm.wps.config.tasks.AntCallTask.execute(AntCallTask.java:133)
at org.apache.tools.ant.UnknownElement.execute(UnknownElement.java:275)
at org.apache.tools.ant.Task.perform(Task.java:364)
at com.ibm.wps.config.ForTask.execute(ForTask.java:103)
at org.apache.tools.ant.UnknownElement.execute(UnknownElement.java:275)
at org.apache.tools.ant.Task.perform(Task.java:364)
at org.apache.tools.ant.Target.execute(Target.java:341)
at org.apache.tools.ant.Target.performTasks(Target.java:369)
at org.apache.tools.ant.Project.executeSortedTargets(Project.java:1216)
at org.apache.tools.ant.Project.executeTarget(Project.java:1185)
at com.ibm.wps.config.tasks.AntCallTask.execute(AntCallTask.java:133)
at org.apache.tools.ant.UnknownElement.execute(UnknownElement.java:275)
at org.apache.tools.ant.Task.perform(Task.java:364)
at org.apache.tools.ant.Target.execute(Target.java:341)
at org.apache.tools.ant.Target.performTasks(Target.java:369)
at org.apache.tools.ant.Project.executeSortedTargets(Project.java:1216)
at org.apache.tools.ant.Project.executeTarget(Project.java:1185)
at org.apache.tools.ant.helper.DefaultExecutor.executeTargets(DefaultExecutor.java:40)
at org.apache.tools.ant.Project.executeTargets(Project.java:1068)
at org.apache.tools.ant.Main.runBuild(Main.java:668)
at org.apache.tools.ant.Main.startAnt(Main.java:187)
at org.apache.tools.ant.Main.start(Main.java:150)
at com.ibm.wps.config.ConfigEngine.process(ConfigEngine.java:981)
at com.ibm.wps.config.ConfigEngine.main(ConfigEngine.java:219)
at com.ibm.wps.config.ConfigEngine.main(ConfigEngine.java:219)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:88)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:55)
at java.lang.reflect.Method.invoke(Method.java:618)
at org.python.core.PyReflectedFunction.__call__(PyReflectedFunction.java)
at org.python.core.PyMethod.__call__(PyMethod.java)
at org.python.core.PyObject.__call__(PyObject.java)
at org.python.core.PyInstance.invoke(PyInstance.java)
at org.python.pycode._pyx50.f$0(<string>:78)
at org.python.pycode._pyx50.call_function(<string>)
at org.python.core.PyTableCode.call(PyTableCode.java)
at org.python.core.PyCode.call(PyCode.java)
at org.python.core.Py.runCode(Py.java)
at org.python.core.Py.exec(Py.java)
at org.python.util.PythonInterpreter.exec(PythonInterpreter.java)
at com.ibm.bsf.engines.jython.JythonEngine$BSFPythonInterpreter.exec(Unknown Source)
at com.ibm.bsf.engines.jython.JythonEngine.exec(Unknown Source)
at com.ibm.bsf.BSFManager$6.run(Unknown Source)
at java.security.AccessController.doPrivileged(AccessController.java:330)
at com.ibm.bsf.BSFManager.exec(Unknown Source)
at com.ibm.ws.scripting.AbstractShell.executeScript(AbstractShell.java:1214)
at com.ibm.ws.scripting.AbstractShell.run(AbstractShell.java:2271)
at com.ibm.ws.scripting.WasxShell.main(WasxShell.java:1108)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:88)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:55)
at java.lang.reflect.Method.invoke(Method.java:618)
at com.ibm.wsspi.bootstrap.WSLauncher.launchMain(WSLauncher.java:234)
at com.ibm.wsspi.bootstrap.WSLauncher.main(WSLauncher.java:96)
at com.ibm.wsspi.bootstrap.WSLauncher.run(WSLauncher.java:77)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:88)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:55)
at java.lang.reflect.Method.invoke(Method.java:618)
at org.eclipse.equinox.internal.app.EclipseAppContainer.callMethodWithException(EclipseAppContainer.java:587)
at org.eclipse.equinox.internal.app.EclipseAppHandle.run(EclipseAppHandle.java:198)
at org.eclipse.core.runtime.internal.adaptor.EclipseAppLauncher.runApplication(EclipseAppLauncher.java:110)
at org.eclipse.core.runtime.internal.adaptor.EclipseAppLauncher.start(EclipseAppLauncher.java:79)
at org.eclipse.core.runtime.adaptor.EclipseStarter.run(EclipseStarter.java:369)
at org.eclipse.core.runtime.adaptor.EclipseStarter.run(EclipseStarter.java:179)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:88)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:55)
at java.lang.reflect.Method.invoke(Method.java:618)
at org.eclipse.core.launcher.Main.invokeFramework(Main.java:340)
at org.eclipse.core.launcher.Main.basicRun(Main.java:282)
at org.eclipse.core.launcher.Main.run(Main.java:981)
at com.ibm.wsspi.bootstrap.WSPreLauncher.launchEclipse(WSPreLauncher.java:380)
at com.ibm.wsspi.bootstrap.WSPreLauncher.main(WSPreLauncher.java:151)
Caused by: java.lang.ArrayIndexOutOfBoundsException: Array index out of range: 0
at com.ibm.wplc.deploy.tasks.impl.ResourceEnvProviderCreateImpl.execute(ResourceEnvProviderCreateImpl.java:43)
... 83 more
--- Nested Exception ---
java.lang.ArrayIndexOutOfBoundsException: Array index out of range: 0
at com.ibm.wplc.deploy.tasks.impl.ResourceEnvProviderCreateImpl.execute(ResourceEnvProviderCreateImpl.java:43)
at com.ibm.wplc.deploy.tasks.AbstractBaseAdminTask.executeBean(AbstractBaseAdminTask.java:541)
at com.ibm.wplc.deploy.tasks.AbstractBaseAdminTask.executeTask(AbstractBaseAdminTask.java:525)
at com.ibm.wplc.deploy.tasks.AbstractBaseWsAdminWrapperTask.executeTask(AbstractBaseWsAdminWrapperTask.java:395)
at com.ibm.wplc.deploy.tasks.AbstractBaseAdminTask.execute(AbstractBaseAdminTask.java:175)
at org.apache.tools.ant.UnknownElement.execute(UnknownElement.java:275)
at org.apache.tools.ant.Task.perform(Task.java:364)
at org.apache.tools.ant.Target.execute(Target.java:341)
at org.apache.tools.ant.Target.performTasks(Target.java:369)
at org.apache.tools.ant.Project.executeSortedTargets(Project.java:1216)
at org.apache.tools.ant.Project.executeTarget(Project.java:1185)
at com.ibm.wps.config.tasks.AntCallTask.execute(AntCallTask.java:133)
at org.apache.tools.ant.UnknownElement.execute(UnknownElement.java:275)
at org.apache.tools.ant.Task.perform(Task.java:364)
at com.ibm.wps.config.ForTask.execute(ForTask.java:103)
at org.apache.tools.ant.UnknownElement.execute(UnknownElement.java:275)
at org.apache.tools.ant.Task.perform(Task.java:364)
at org.apache.tools.ant.Target.execute(Target.java:341)
at org.apache.tools.ant.Target.performTasks(Target.java:369)
at org.apache.tools.ant.Project.executeSortedTargets(Project.java:1216)
at org.apache.tools.ant.Project.executeTarget(Project.java:1185)
at com.ibm.wps.config.tasks.AntCallTask.execute(AntCallTask.java:133)
at org.apache.tools.ant.UnknownElement.execute(UnknownElement.java:275)
at org.apache.tools.ant.Task.perform(Task.java:364)
at org.apache.tools.ant.Target.execute(Target.java:341)
at org.apache.tools.ant.Target.performTasks(Target.java:369)
at org.apache.tools.ant.Project.executeSortedTargets(Project.java:1216)
at org.apache.tools.ant.Project.executeTarget(Project.java:1185)
at org.apache.tools.ant.helper.DefaultExecutor.executeTargets(DefaultExecutor.java:40)
at org.apache.tools.ant.Project.executeTargets(Project.java:1068)
at org.apache.tools.ant.Main.runBuild(Main.java:668)
at org.apache.tools.ant.Main.startAnt(Main.java:187)
at org.apache.tools.ant.Main.start(Main.java:150)
at com.ibm.wps.config.ConfigEngine.process(ConfigEngine.java:981)
at com.ibm.wps.config.ConfigEngine.main(ConfigEngine.java:219)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:88)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:55)
at java.lang.reflect.Method.invoke(Method.java:618)
at org.python.core.PyReflectedFunction.__call__(PyReflectedFunction.java)
at org.python.core.PyMethod.__call__(PyMethod.java)
at org.python.core.PyObject.__call__(PyObject.java)
at org.python.core.PyInstance.invoke(PyInstance.java)
at org.python.pycode._pyx50.f$0(<string>:78)
at org.python.pycode._pyx50.call_function(<string>)
at org.python.core.PyTableCode.call(PyTableCode.java)
at org.python.core.PyCode.call(PyCode.java)
at org.python.core.Py.runCode(Py.java)
at org.python.core.Py.exec(Py.java)
at org.python.util.PythonInterpreter.exec(PythonInterpreter.java)
at com.ibm.bsf.engines.jython.JythonEngine$BSFPythonInterpreter.exec(Unknown Source)
at com.ibm.bsf.engines.jython.JythonEngine.exec(Unknown Source)
at com.ibm.bsf.BSFManager$6.run(Unknown Source)
at java.security.AccessController.doPrivileged(AccessController.java:330)
at com.ibm.bsf.BSFManager.exec(Unknown Source)
at com.ibm.ws.scripting.AbstractShell.executeScript(AbstractShell.java:1214)
at com.ibm.ws.scripting.AbstractShell.run(AbstractShell.java:2271)
at com.ibm.ws.scripting.WasxShell.main(WasxShell.java:1108)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:88)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:55)
at java.lang.reflect.Method.invoke(Method.java:618)
at com.ibm.wsspi.bootstrap.WSLauncher.launchMain(WSLauncher.java:234)
at com.ibm.wsspi.bootstrap.WSLauncher.main(WSLauncher.java:96)
at com.ibm.wsspi.bootstrap.WSLauncher.run(WSLauncher.java:77)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:88)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:55)
at java.lang.reflect.Method.invoke(Method.java:618)
at org.eclipse.equinox.internal.app.EclipseAppContainer.callMethodWithException(EclipseAppContainer.java:587)
at org.eclipse.equinox.internal.app.EclipseAppHandle.run(EclipseAppHandle.java:198)
at org.eclipse.core.runtime.internal.adaptor.EclipseAppLauncher.runApplication(EclipseAppLauncher.java:110)
at org.eclipse.core.runtime.internal.adaptor.EclipseAppLauncher.start(EclipseAppLauncher.java:79)
at org.eclipse.core.runtime.adaptor.EclipseStarter.run(EclipseStarter.java:369)
at org.eclipse.core.runtime.adaptor.EclipseStarter.run(EclipseStarter.java:179)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:88)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:55)
at java.lang.reflect.Method.invoke(Method.java:618)
at org.eclipse.core.launcher.Main.invokeFramework(Main.java:340)
at org.eclipse.core.launcher.Main.basicRun(Main.java:282)
at org.eclipse.core.launcher.Main.run(Main.java:981)
at com.ibm.wsspi.bootstrap.WSPreLauncher.launchEclipse(WSPreLauncher.java:380)
at com.ibm.wsspi.bootstrap.WSPreLauncher.main(WSPreLauncher.java:151)
Failed ANT script: /home/portal/WebSphere/PortalServer/jcr/wp.content.repository.install/config/includes/jcr.install_cfg.xml:1106:
Failed target: action-update-cluster-resource-environment-wp.content.repository.install
Failed task: Task name could not be determined. Please check the line number below for target details.
Probable failed component: wp.content.repository.install
------ Target Stack Trace ------
action-update-cluster-resource-environment-wp.content.repository.install
cluster-node-config-cluster-setup
cluster-node-config-dynamic-cluster-setup
------Target Excerpt ------
1056: <condition>
1057: <contains string="${PortalAdminId}" substring="=" casesensitive="false" />
1058: </condition>
1059: <then>
1060: <property name="jcr.admin.uniquename" value="${PortalAdminId}" />
1061: </then>
1062: <else>
1063: <property name="jcr.admin.uniquename" value="${WmmDbUserPrefix}=${PortalAdminId},${WmmDbSuffix}" />
1064: </else>
1065: </if>
1066: <!-- set custom properties common to all db2 platforms -->
1067: <!-- forceScope="true" forces the node scoped REP to be modified, without forceScope then the cluster scoped REP is modified -->
1068: <wplc-create-res-env-custom-property cell="${CellName}" node="${NodeName}" server="${ServerName}" wasuser="${WasUserid}" waspassword="${WasPassword}" conntype="${wsadminConnType}"
1069: providerName="${jcr.rep.name}">
1070: <resource name="jcr.database.type" value="${jcr.database.type}" required="true"/>
1071: <resource name="jcr.database.schema" value="${jcr.DbSchema}" required="true" />
1072: <resource name="jcr.admin.uniqueName" value="${jcr.admin.uniquename}" required="true" />
1073: <resource name="jcr.binaryValueFileDir" value="${wp.content.repository.binaryValues.dir}" required="true" />
1074: <resource name="jcr.query.collation.db2.enabled" value="false" required="false" />
1075: <resource name="jcr.textsearch.enabled" value="false" required="true" />
1076: <resource name="jcr.textsearch.convertor" value="com.ibm.icm.ts.convertor.WpsConvertor" required="true" />
1077: <resource name="jcr.textsearch.indexdirectory" value="${wp.content.repository.searchIndexes.dir}" required="true" />
1078: <resource name="jcr.textsearch.fullcrawl.cleanup.interval" value="120" required="true" />
1079: <resource name="jcr.textsearch.applicationserver.name" value="${WpsHostName}" required="true" />
1080: <resource name="jcr.textsearch.applicationserver.port" value="${WpsHostPort}" required="true" />
1081: <resource name="jcr.textsearch.PSE.type" value="localhost" required="true" />
1082: <resource name="jcr.textsearch.SOAP.url" value="" required="true" />
1083: <resource name="jcr.textsearch.EJB.IIOP.URL" value="" required="true" />
1084: <resource name="jcr.textsearch.EJB.EJBName" value="" required="true" />
1085: </wplc-create-res-env-custom-property>
1086: <!-- update ZOS specific custom properties -->
1087: <if>
1088: <condition>
1089: <equals arg1="${jcr.database.type}" arg2="db2_zos" trim="true" casesensitive="false" />
1090: </condition>
1091: <then>
1092: <antcall target="create-resource-environment-provider-jcr-zos" />
1093: </then>
1094: </if>
1095: </target>
1096: <target name="action-update-cluster-resource-environment-wp.content.repository.install">
1097: <!-- remove cluster properties that are specific to each node -->
1098: <wplc-remove-res-env-custom-property cell="${CellName}" node="${NodeName}" server="${ServerName}" wasuser="${WasUserid}" waspassword="${WasPassword}" providerName="${jcr.rep.name}"
1099: name="jcr.binaryValueFileDir" />
1100: <!-- remove node properties that should be only defined at the cluster level -->
1101: <!-- forceScope="true" forces the node scoped REP to be modified, without forceScope then the cluster scoped REP is modified -->
1102: <wplc-remove-resource-env-provider cell="${CellName}" node="${NodeName}" server="${ServerName}" wasuser="${WasUserid}" waspassword="${WasPassword}" name="${jcr.rep.name}"
1103: forceScope="true" />
1104: <!-- forceScope="true" forces the node scoped REP to be modified, without forceScope then the cluster scoped REP is modified -->
1105: <wplc-create-resource-env-provider cell="${CellName}" node="${NodeName}" server="${ServerName}" wasuser="${WasUserid}" waspassword="${WasPassword}" conntype="${wsadminConnType}"
1106:**> name="${jcr.rep.name}" description="Provider for JCR" forceScope="true">
1107: </wplc-create-resource-env-provider>
1108: <!-- forceScope="true" forces the node scoped REP to be modified, without forceScope then the cluster scoped REP is modified -->
ied -->
1109: <wplc-create-res-env-custom-property cell="${CellName}" node="${NodeName}" server="${ServerName}" wasuser="${WasUserid}" waspassword="${WasPassword}" conntype="${wsadminConnType}"
1110: providerName="${jcr.rep.name}" forceScope="true">
1111: <resource name="jcr.binaryValueFileDir" value="${wp.content.repository.binaryValues.dir}" required="true" />
1112: </wplc-create-res-env-custom-property>
1113: </target>
1114: <target name="create-resource-environment-provider-jcr-zos">
1115: <!-- forceScope="true" forces the node scoped REP to be modified, without forceScope then the cluster scoped REP is modified -->
1116: <wplc-create-res-env-custom-property cell="${CellName}" node="${NodeName}" server="${ServerName}" wasuser="${WasUserid}" waspassword="${WasPassword}" conntype="${wsadminConnType}"
1117: providerName="${jcr.rep.name}">
1118: <resource name="jcr.zos.database.stoGroup" value="${jcr.DbStorageGroup}" required="true" />
1119: <resource name="jcr.zos.database.unicode.enabled" value="${jcr.DbUnicode}" required="true" />
1120: <resource name="jcr.zos.database.blob.bufferpool" value="${jcr.blobBufferpool}" required="true" />
1121: <resource name="jcr.zos.database.bp4k.tables" value="${jcr.Db4KBufferPoolName}" required="true" />
1122: <resource name="jcr.zos.database.bp4k.indexes" value="${jcr.DbIndex4KBufferPoolName}" required="true" />
1123: <resource name="jcr.zos.database.bp32k.tables" value="${jcr.Db32KBufferPoolName}" required="true" />
1124: </wplc-create-res-env-custom-property>
1125: </target>
1126: <target name="action-post-cluster-configuration-wp.content.repository.install">
1127: <!-- Disable TS for primary node only -->
1128: <if>
1129: <condition>
1130: <not>
1131: <equals arg1="${isSecondNode}" arg2="true" trim="true" casesensitive="false" />
1132: </not>
1133: </condition>
1134: <then>
1135: <antcall target="action-disable-textsearch" />
1136: </then>
1137: </if>
1138: </target>
------- Properties and values used in the failed target -------
os.arch=amd64
WasUserid=wasadmin
wsadminConnType=SOAP
jcr.rep.name=JCR ConfigService PortalContent
NodeName=Node01
WasPassword=PASSWORD_REMOVED
ConfigEngineSoapTimeout=${ConfigEngineSoapTimeout}
EngineRootDir=/home/portal/WebSphere/ConfigEngine
enableAawsiTrace=${enableAawsiTrace}
EngineInstallLocation=/home/portal/WebSphere/wp_profile/ConfigEngine
WasRemoteHostName=172.16.100.31
WasSoapPort=8879
CellName=dmgrCell01
ServerName=PortalCluster_Node01
Can please somebody let me know what is the issue and help me to solve it ?
So it is failing on this line
1105: name="${jcr.rep.name}" description="Provider for JCR" forceScope="true">
Did you ensure that the cell node and server name are correct? Usually that error means it cannot find the resource provider to actually set it
I need to send just one request (can be a proxy url) which takes user id as input and call multiple endpoints and return the response after aggregating all of them.
Currently I am using a proxy service implementation to achieve it but is returns just one response(can be from any of the endpoints) and not able to combine responses from other systems/endpoints. Though I can see the response from another endpoint in my server console.
Below is the code I implemented so far:
<?xml version="1.0" encoding="UTF-8"?>
<proxy xmlns="http://ws.apache.org/ns/synapse"
name="ProxyTestTwoW"
transports="http,https"
statistics="disable"
trace="disable"
startOnLoad="true">
<target>
<inSequence>
<log/>
<clone>
<target>
<sequence>
<property name="Application" value="Application1"/>
<property name="messageType"
value="application/xacml+json"
scope="axis2"
type="STRING"/>
<property name="Authorization"
expression="fn:concat('Basic ', base64Encode('username:password'))"
scope="transport"/>
<send>
<endpoint>
<address uri="localhost:8080/iiq/rest/identities/9000070"/>
</endpoint>
</send>
</sequence>
</target>
<target>
<sequence>
<property name="Application" value="Application2"/>
<property name="messageType"
value="application/xacml+json"
scope="axis2"
type="STRING"/>
<property name="Authorization"
expression="fn:concat('Basic ', base64Encode('username:password'))"
scope="transport"/>
<send>
<endpoint>
<address uri="http://localhost:8080/iiq/rest/identities/9000071"/>
</endpoint>
</send>
</sequence>
</target>
</clone>
</inSequence>
<outSequence>
<log level="full" description="">
<property name="Component" expression="get-property('Application')"/>
</log>
<aggregate>
<completeCondition>
<messageCount min="2"/>
</completeCondition>
<onComplete expression="$body/*[1]">
<property name="messageType"
value="application/xacml+json"
scope="axis2"
type="STRING"
description="messageType"/>
<send/>
</onComplete>
</aggregate>
</outSequence>
<faultSequence>
<log level="full" category="WARN"/>
</faultSequence>
</target>
<description/>
</proxy>
Result :
After hitting proxy URL in browser: - Only one response as below:
<jsonObject><viewableIdentityAttributes><Email>Kevin.Mollo#companyb.com</Email><cn>Kevin Mollo</cn><Last Name>Mollo</Last Name><First Name>Kevin</First Name></viewableIdentityAttributes><listAttributes>First Name</listAttributes><listAttributes>Last Name</listAttributes><listAttributes>Email</listAttributes><listAttributes>cn</listAttributes></jsonObject>
In server logs:
[2016-07-14 11:46:35,057] INFO - LogMediator To: http://www.w3.org/2005/08/addr
essing/anonymous, WSAction: , SOAPAction: , MessageID: urn:uuid:3beaaf16-7b94-4e
08-a3e0-7605869572c7, Direction: response, Component = Application1, Payload: {"vi
ewableIdentityAttributes":{"Email":"Kevin.Mollo#companyb.com","cn":"Kevin Mollo"
,"Last Name":"Mollo","First Name":"Kevin"},"assignedRoles":[],"listAttributes":[
"First Name","Last Name","Email","cn"]}
[2016-07-14 11:46:35,057] INFO - LogMediator To: http://www.w3.org/2005/08/addr
essing/anonymous, WSAction: , SOAPAction: , MessageID: urn:uuid:c878c7db-ad4c-49
46-94d6-75aebc75ad8e, Direction: response, Component = Application1, Payload: {"vi
ewableIdentityAttributes":{"Email":"Michelle.Lassauze#companyb.com","cn":"Michel
le Lassauze","Last Name":"Lassauze","First Name":"Michelle"},"assignedRoles":[],
"listAttributes":["First Name","Last Name","Email","cn"]}
As we can see I get responses from both the endpoints in server logs.
As per analysis, I feel to make it work properly and get the responses from both the endpoints, we need change the following:
1. Using call mediator instead of send if we have multiple endpoints to be called.
2. Using enrich mediator to store the responses.
I tried following the above approaches but I am unable to get the expected results as I am not sure how to use enrich mediator in this case.
Please help me in fixing the above issues.
Clone mediator will be used to send identical copies of message to different endpoints.
Iterate mediator will be used to send message chunks of one particular message to different endpoints.
Enrich mediator will be used to change message (Ex: removing content, adding etc.) [1]
Check your endpoints and check whether they provide proper responses to work with aggregate mediator.
I add sample scenario here. You can test that with your ESB pack to understand the above three mediators usage. You just have to start 2 instances of SimpleStockQuote service [2] and publish message to proxy via SOAPUI.
<proxy name="ScatterGatherProxy" startOnLoad="true" trace="disable" transports="https http">
<description/>
<target>
<inSequence>
<clone>
<target>
<sequence>
<send>
<endpoint name="vendorA">
<address uri="http://localhost:9001/services/SimpleStockQuoteService/"/>
</endpoint>
</send>
</sequence>
</target>
<target>
<sequence>
<send>
<endpoint name="vendorB">
<address uri="http://localhost:9002/services/SimpleStockQuoteService/"/>
</endpoint>
</send>
</sequence>
</target>
</clone>
</inSequence>
<outSequence>
<log level="full"/>
<aggregate>
<completeCondition>
<messageCount min="2"/>
</completeCondition>
<onComplete expression="//m0:return"
xmlns:m0="http://services.samples" xmlns:m1="http://services.samples/xsd">
<enrich>
<source clone="true" xpath="//m0:return[not(preceding-sibling::m0:return/m1:last <= m1:last) and not(following-sibling::m0:return/m1:last < m1:last)]"/>
<target type="body"/>
</enrich>
<send/>
</onComplete>
</aggregate>
</outSequence>
</target>
</proxy>
If you need further assistance, please attach more details like responses of your service.
[1] http://dilshanilive.blogspot.com/2016/03/enrich-mediator-wso2-esb.html
[2] https://docs.wso2.com/display/ESB490/Setting+Up+the+ESB+Samples#Starting%20the%20Axis2%20server
i m working with this proxy:
<?xml version="1.0" encoding="UTF-8"?>
<proxy xmlns="http://ws.apache.org/ns/synapse"
name="PubMedDataProxy"
transports="https,http"
statistics="disable"
trace="disable"
startOnLoad="true">
<target>
<inSequence>
<call>
<endpoint>
<http method="get"
uri-template="http://eutils.ncbi.nlm.nih.gov/entrez/eutils/elink.fcgi?dbfrom=omim&Mdb=pubmed&id=230900"/>
</endpoint>
</call>
<log level="custom">
<property name="MyLOg" expression="//eLinkResult/DbFrom/text()"/>
</log>
<respond/>
</inSequence>
<outSequence>
<send/>
</outSequence>
</target>
<description/>
</proxy>
i get this exception:
TID: [0] [ESB] [2015-05-21 13:45:34,838] ERROR {org.apache.synapse.transport.passthru.util.RelayUtils} - Error while building Passthrough stream {org.apache.synapse.transport.passthru.util.RelayUtils}
org.apache.axiom.om.OMException: javax.xml.stream.XMLStreamException: ParseError at [row,col]:[2,142]
Message: DOCTYPE is not allowed
at org.apache.axiom.om.impl.builder.StAXOMBuilder.next(StAXOMBuilder.java:296)
at org.apache.axiom.om.impl.llom.OMDocumentImpl.getOMDocumentElement(OMDocumentImpl.java:109)
at org.apache.axiom.om.impl.builder.StAXOMBuilder.getDocumentElement(StAXOMBuilder.java:570)
at org.apache.axiom.om.impl.builder.StAXOMBuilder.getDocumentElement(StAXOMBuilder.java:566)
at org.apache.axis2.builder.ApplicationXMLBuilder.processDocument(ApplicationXMLBuilder.java:81)
at org.apache.synapse.transport.passthru.util.DeferredMessageBuilder.getDocument(DeferredMessageBuilder.java:118)
at org.apache.synapse.transport.passthru.util.RelayUtils.builldMessage(RelayUtils.java:107)
at org.apache.synapse.transport.passthru.util.RelayUtils.buildMessage(RelayUtils.java:82)
at org.apache.synapse.mediators.AbstractListMediator.mediate(AbstractListMediator.java:68)
at org.apache.synapse.mediators.base.SequenceMediator.mediate(SequenceMediator.java:239)
at org.apache.synapse.core.axis2.Axis2SynapseEnvironment.mediateFromContinuationStateStack(Axis2SynapseEnvironment.java:556)
at org.apache.synapse.core.axis2.Axis2SynapseEnvironment.injectMessage(Axis2SynapseEnvironment.java:198)
at org.apache.synapse.core.axis2.SynapseCallbackReceiver.handleMessage(SynapseCallbackReceiver.java:488)
at org.apache.synapse.core.axis2.SynapseCallbackReceiver.receive(SynapseCallbackReceiver.java:170)
at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:180)
at org.apache.synapse.transport.passthru.ClientWorker.run(ClientWorker.java:225)
at org.apache.axis2.transport.base.threads.NativeWorkerPool$1.run(NativeWorkerPool.java:172)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
at java.lang.Thread.run(Thread.java:745)
Caused by: javax.xml.stream.XMLStreamException: ParseError at [row,col]:[2,142]
Message: DOCTYPE is not allowed
...
Calling the service in a normal REST client i get the XML result withouth any problem.
The issue occured when the proxy tries to parse the resulting xml. Indeed removing the Log mediator with the property inside the proxy returns the result correctly.
What am i missing?
Add the following to your proxy:
<parameter name="ApplicationXMLBuilder.allowDTD">true</parameter>
Add the below parameter to the axis2.xml file under the <axisconfig name="AxisJava2.0"> also working.
<parameter name="ApplicationXMLBuilder.allowDTD">true</parameter>
I am trying to develop an MDB for listening to remote queue in JBoss7, I Didn't receive messages from the queue.
I got warnings in the server log:
11:32:41,882 WARN [org.hornetq.core.protocol.core.impl.RemotingConnectionImpl] (hornetq-failure-check-thread) Connection failure has been detected: Did not receive data from /137.72.223.212:50835. It is likely the client has exited or crashed without closing its connection, or the network between the server and client has failed. You also might have configured connection-ttl and client-failure-check-period incorrectly. Please check user manual for more information. The connection will now be closed. [code=3]
11:32:41,882 WARN [org.hornetq.core.server.impl.ServerSessionImpl] (hornetq-failure-check-thread) Client connection failed, clearing up resources for session a79ee8f8-6a4e-11e4-b696-d65d20524153
11:32:41,882 WARN [org.hornetq.core.server.impl.ServerSessionImpl] (hornetq-failure-check-thread) Cleared up resources for session a79ee8f8-6a4e-11e4-b696-d65d20524153
11:32:41,882 WARN [org.hornetq.core.protocol.core.impl.RemotingConnectionImpl] (hornetq-failure-check-thread) Connection failure has been detected: Did not receive data from /137.72.223.212:50834. It is likely the client has exited or crashed without closing its connection, or the network between the server and client has failed. You also might have configured connection-ttl and client-failure-check-period incorrectly. Please check user manual for more information. The connection will now be closed. [code=3]
11:32:41,897 WARN [org.hornetq.core.server.impl.ServerSessionImpl] (hornetq-failure-check-thread) Client connection failed, clearing up resources for session a797bd07-6a4e-11e4-b696-d65d20524153
11:32:41,897 WARN [org.hornetq.core.server.impl.ServerSessionImpl] (hornetq-failure-check-thread) Cleared up resources for session a797bd07-6a4e-11e4-b696-d65d20524153
11:32:41,897 WARN [org.hornetq.core.protocol.core.impl.RemotingConnectionImpl] (hornetq-failure-check-thread) Connection failure has been detected: Did not receive data from /137.72.223.212:50833. It is likely the client has exited or crashed without closing its connection, or the network between the server and client has failed. You also might have configured connection-ttl and client-failure-check-period incorrectly. Please check user manual for more information. The connection will now be closed. [code=3]
11:32:41,913 WARN [org.hornetq.core.server.impl.ServerSessionImpl] (hornetq-failure-check-thread) Client connection failed, clearing up resources for session a7930216-6a4e-11e4-b696-d65d20524153
11:32:41,913 WARN [org.hornetq.core.server.impl.ServerSessionImpl] (hornetq-failure-check-thread) Cleared up resources for session a7930216-6a4e-11e4-b696-d65d20524153
11:32:41,913 WARN [org.hornetq.core.protocol.core.impl.RemotingConnectionImpl] (hornetq-failure-check-thread) Connection failure has been detected: Did not receive data from /137.72.223.212:50836. It is likely the client has exited or crashed without closing its connection, or the network between the server and client has failed. You also might have configured connection-ttl and client-failure-check-period incorrectly. Please check user manual for more information. The connection will now be closed. [code=3]
My MDB configuration:
#MessageDriven(activationConfig = {
#ActivationConfigProperty( propertyName = "destinationType", propertyValue = "javax.jms.Queue"),
#ActivationConfigProperty(propertyName = "destination", propertyValue = "java:/queue/MyQueue") ,
#ActivationConfigProperty(propertyName = "connectionFactoryJndiName", propertyValue = "RemoteConnectionFactory"),
#ActivationConfigProperty(propertyName = "connectorClassName", propertyValue = "org.hornetq.core.remoting.impl.netty.NettyConnectorFactory"),
#ActivationConfigProperty(propertyName = "connectionParameters", propertyValue = "host=vm-thi-blg-qa2;port=5445"),
#ActivationConfigProperty(propertyName = "acknowledgeMode", propertyValue = "Auto-acknowledge"),
})
The JBoss standalone.xml:
<?xml version='1.0' encoding='UTF-8'?>
<server xmlns="urn:jboss:domain:1.2">
<extensions>
<extension module="org.jboss.as.clustering.infinispan"/>
<extension module="org.jboss.as.cmp"/>
<extension module="org.jboss.as.configadmin"/>
<extension module="org.jboss.as.connector"/>
<extension module="org.jboss.as.deployment-scanner"/>
<extension module="org.jboss.as.ee"/>
<extension module="org.jboss.as.ejb3"/>
<extension module="org.jboss.as.jacorb"/>
<extension module="org.jboss.as.jaxr"/>
<extension module="org.jboss.as.jaxrs"/>
<extension module="org.jboss.as.jdr"/>
<extension module="org.jboss.as.jmx"/>
<extension module="org.jboss.as.jpa"/>
<extension module="org.jboss.as.jsr77"/>
<extension module="org.jboss.as.logging"/>
<extension module="org.jboss.as.mail"/>
<extension module="org.jboss.as.messaging"/>
<extension module="org.jboss.as.naming"/>
<extension module="org.jboss.as.osgi"/>
<extension module="org.jboss.as.pojo"/>
<extension module="org.jboss.as.remoting"/>
<extension module="org.jboss.as.sar"/>
<extension module="org.jboss.as.security"/>
<extension module="org.jboss.as.threads"/>
<extension module="org.jboss.as.transactions"/>
<extension module="org.jboss.as.web"/>
<extension module="org.jboss.as.webservices"/>
<extension module="org.jboss.as.weld"/>
</extensions>
<management>
<security-realms>
<security-realm name="ManagementRealm">
<authentication>
<properties path="mgmt-users.properties" relative-to="jboss.server.config.dir"/>
</authentication>
</security-realm>
<security-realm name="ApplicationRealm">
<authentication>
<properties path="application-users.properties" relative-to="jboss.server.config.dir"/>
</authentication>
</security-realm>
</security-realms>
<management-interfaces>
<native-interface security-realm="ManagementRealm">
<socket-binding native="management-native"/>
</native-interface>
<http-interface security-realm="ManagementRealm">
<socket-binding http="management-http"/>
</http-interface>
</management-interfaces>
</management>
<profile>
<subsystem xmlns="urn:jboss:domain:logging:1.1">
<console-handler name="CONSOLE">
<level name="INFO"/>
<formatter>
<pattern-formatter pattern="%d{HH:mm:ss,SSS} %-5p [%c] (%t) %s%E%n"/>
</formatter>
</console-handler>
<periodic-rotating-file-handler name="FILE">
<formatter>
<pattern-formatter pattern="%d{HH:mm:ss,SSS} %-5p [%c] (%t) %s%E%n"/>
</formatter>
<file relative-to="jboss.server.log.dir" path="server.log"/>
<suffix value=".yyyy-MM-dd"/>
<append value="true"/>
</periodic-rotating-file-handler>
<logger category="com.arjuna">
<level name="WARN"/>
</logger>
<logger category="org.apache.tomcat.util.modeler">
<level name="WARN"/>
</logger>
<logger category="sun.rmi">
<level name="WARN"/>
</logger>
<logger category="jacorb">
<level name="WARN"/>
</logger>
<logger category="jacorb.config">
<level name="ERROR"/>
</logger>
<root-logger>
<level name="INFO"/>
<handlers>
<handler name="CONSOLE"/>
<handler name="FILE"/>
</handlers>
</root-logger>
</subsystem>
<subsystem xmlns="urn:jboss:domain:cmp:1.0"/>
<subsystem xmlns="urn:jboss:domain:configadmin:1.0"/>
<subsystem xmlns="urn:jboss:domain:datasources:1.0">
<datasources>
<datasource jndi-name="java:jboss/datasources/ExampleDS" pool-name="ExampleDS" enabled="true" use-java-context="true">
<connection-url>jdbc:h2:mem:test;DB_CLOSE_DELAY=-1</connection-url>
<driver>h2</driver>
<security>
<user-name>jala1</user-name>
<password>jala</password>
</security>
</datasource>
<drivers>
<driver name="h2" module="com.h2database.h2">
<xa-datasource-class>org.h2.jdbcx.JdbcDataSource</xa-datasource-class>
</driver>
</drivers>
</datasources>
</subsystem>
<subsystem xmlns="urn:jboss:domain:deployment-scanner:1.1">
<deployment-scanner path="deployments" relative-to="jboss.server.base.dir" scan-interval="5000"/>
</subsystem>
<subsystem xmlns="urn:jboss:domain:ee:1.0"/>
<subsystem xmlns="urn:jboss:domain:ejb3:1.2">
<session-bean>
<stateless>
<bean-instance-pool-ref pool-name="slsb-strict-max-pool"/>
</stateless>
<stateful default-access-timeout="5000" cache-ref="simple"/>
<singleton default-access-timeout="5000"/>
</session-bean>
<mdb>
<resource-adapter-ref resource-adapter-name="hornetq-ra"/>
<bean-instance-pool-ref pool-name="mdb-strict-max-pool"/>
</mdb>
<pools>
<bean-instance-pools>
<strict-max-pool name="slsb-strict-max-pool" max-pool-size="20" instance-acquisition-timeout="5" instance-acquisition-timeout-unit="MINUTES"/>
<strict-max-pool name="mdb-strict-max-pool" max-pool-size="20" instance-acquisition-timeout="5" instance-acquisition-timeout-unit="MINUTES"/>
</bean-instance-pools>
</pools>
<caches>
<cache name="simple" aliases="NoPassivationCache"/>
<cache name="passivating" passivation-store-ref="file" aliases="SimpleStatefulCache"/>
</caches>
<passivation-stores>
<file-passivation-store name="file"/>
</passivation-stores>
<async thread-pool-name="default"/>
<timer-service thread-pool-name="default">
<data-store path="timer-service-data" relative-to="jboss.server.data.dir"/>
</timer-service>
<remote connector-ref="remoting-connector" thread-pool-name="default"/>
<thread-pools>
<thread-pool name="default">
<max-threads count="10"/>
<keepalive-time time="100" unit="milliseconds"/>
</thread-pool>
</thread-pools>
<iiop enable-by-default="false" use-qualified-name="false"/>
</subsystem>
<subsystem xmlns="urn:jboss:domain:infinispan:1.2" default-cache-container="hibernate">
<cache-container name="hibernate" default-cache="local-query">
<local-cache name="entity">
<transaction mode="NON_XA"/>
<eviction strategy="LRU" max-entries="10000"/>
<expiration max-idle="100000"/>
</local-cache>
<local-cache name="local-query">
<transaction mode="NONE"/>
<eviction strategy="LRU" max-entries="10000"/>
<expiration max-idle="100000"/>
</local-cache>
<local-cache name="timestamps">
<transaction mode="NONE"/>
<eviction strategy="NONE"/>
</local-cache>
</cache-container>
</subsystem>
<subsystem xmlns="urn:jboss:domain:jacorb:1.1">
<orb>
<initializers security="on" transactions="spec"/>
</orb>
</subsystem>
<subsystem xmlns="urn:jboss:domain:jaxr:1.1">
<connection-factory jndi-name="java:jboss/jaxr/ConnectionFactory"/>
<properties/>
</subsystem>
<subsystem xmlns="urn:jboss:domain:jaxrs:1.0"/>
<subsystem xmlns="urn:jboss:domain:jca:1.1">
<archive-validation enabled="true" fail-on-error="true" fail-on-warn="false"/>
<bean-validation enabled="true"/>
<default-workmanager>
<short-running-threads>
<core-threads count="50"/>
<queue-length count="50"/>
<max-threads count="50"/>
<keepalive-time time="10" unit="seconds"/>
</short-running-threads>
<long-running-threads>
<core-threads count="50"/>
<queue-length count="50"/>
<max-threads count="50"/>
<keepalive-time time="10" unit="seconds"/>
</long-running-threads>
</default-workmanager>
<cached-connection-manager/>
</subsystem>
<subsystem xmlns="urn:jboss:domain:jdr:1.0"/>
<subsystem xmlns="urn:jboss:domain:jmx:1.1">
<show-model value="true"/>
<remoting-connector/>
</subsystem>
<subsystem xmlns="urn:jboss:domain:jpa:1.0">
<jpa default-datasource=""/>
</subsystem>
<subsystem xmlns="urn:jboss:domain:jsr77:1.0"/>
<subsystem xmlns="urn:jboss:domain:mail:1.0">
<mail-session jndi-name="java:jboss/mail/Default">
<smtp-server outbound-socket-binding-ref="mail-smtp"/>
</mail-session>
</subsystem>
<subsystem xmlns="urn:jboss:domain:messaging:1.1">
<hornetq-server>
<persistence-enabled>true</persistence-enabled>
<journal-file-size>102400</journal-file-size>
<journal-min-files>2</journal-min-files>
<connectors>
<netty-connector name="netty" socket-binding="messaging"/>
<netty-connector name="netty-throughput" socket-binding="messaging-throughput">
<param key="batch-delay" value="50"/>
</netty-connector>
<in-vm-connector name="in-vm" server-id="0"/>
</connectors>
<acceptors>
<netty-acceptor name="netty" socket-binding="messaging"/>
<netty-acceptor name="netty-throughput" socket-binding="messaging-throughput">
<param key="batch-delay" value="50"/>
<param key="direct-deliver" value="false"/>
</netty-acceptor>
<in-vm-acceptor name="in-vm" server-id="0"/>
</acceptors>
<security-settings>
<security-setting match="#">
<permission type="send" roles="guest"/>
<permission type="consume" roles="guest"/>
<permission type="createNonDurableQueue" roles="guest"/>
<permission type="deleteNonDurableQueue" roles="guest"/>
</security-setting>
</security-settings>
<address-settings>
<address-setting match="#">
<dead-letter-address>jms.queue.DLQ</dead-letter-address>
<expiry-address>jms.queue.ExpiryQueue</expiry-address>
<redelivery-delay>0</redelivery-delay>
<max-size-bytes>10485760</max-size-bytes>
<address-full-policy>BLOCK</address-full-policy>
<message-counter-history-day-limit>10</message-counter-history-day-limit>
</address-setting>
</address-settings>
<jms-connection-factories>
<connection-factory name="InVmConnectionFactory">
<connectors>
<connector-ref connector-name="in-vm"/>
</connectors>
<entries>
<entry name="java:/ConnectionFactory"/>
</entries>
</connection-factory>
<connection-factory name="RemoteConnectionFactory">
<connectors>
<connector-ref connector-name="netty"/>
</connectors>
<entries>
<entry name="RemoteConnectionFactory"/>
<entry name="java:jboss/exported/jms/RemoteConnectionFactory"/>
</entries>
</connection-factory>
<pooled-connection-factory name="hornetq-ra">
<transaction mode="xa"/>
<connectors>
<connector-ref connector-name="in-vm"/>
</connectors>
<entries>
<entry name="java:/JmsXA"/>
</entries>
</pooled-connection-factory>
</jms-connection-factories>
<jms-destinations>
<jms-queue name="testQueue">
<entry name="queue/test"/>
<entry name="java:jboss/exported/jms/queue/test"/>
</jms-queue>
<jms-queue name="MyQueue">
<entry name="java:/jms/MyQueue"/>
<durable>false</durable>
</jms-queue>
<jms-queue name="q">
<entry name="java:/queue/MyQueue"/>
<durable>true</durable>
</jms-queue>
<jms-topic name="testTopic">
<entry name="topic/test"/>
<entry name="java:jboss/exported/jms/topic/test"/>
</jms-topic>
</jms-destinations>
</hornetq-server>
</subsystem>
<subsystem xmlns="urn:jboss:domain:naming:1.1"/>
<subsystem xmlns="urn:jboss:domain:osgi:1.2" activation="lazy">
<properties>
<property name="org.osgi.framework.startlevel.beginning">
1
</property>
</properties>
<capabilities>
<capability name="javax.servlet.api:v25"/>
<capability name="javax.transaction.api"/>
<capability name="org.apache.felix.log" startlevel="1"/>
<capability name="org.jboss.osgi.logging" startlevel="1"/>
<capability name="org.apache.felix.configadmin" startlevel="1"/>
<capability name="org.jboss.as.osgi.configadmin" startlevel="1"/>
</capabilities>
</subsystem>
<subsystem xmlns="urn:jboss:domain:pojo:1.0"/>
<subsystem xmlns="urn:jboss:domain:remoting:1.1">
<connector name="remoting-connector" socket-binding="remoting" security-realm="ApplicationRealm"/>
</subsystem>
<subsystem xmlns="urn:jboss:domain:resource-adapters:1.0"/>
<subsystem xmlns="urn:jboss:domain:sar:1.0"/>
<subsystem xmlns="urn:jboss:domain:security:1.1">
<security-domains>
<security-domain name="other" cache-type="default">
<authentication>
<login-module code="Remoting" flag="optional">
<module-option name="password-stacking" value="useFirstPass"/>
</login-module>
<login-module code="RealmUsersRoles" flag="required">
<module-option name="usersProperties" value="${jboss.server.config.dir}/application-users.properties"/>
<module-option name="rolesProperties" value="${jboss.server.config.dir}/application-roles.properties"/>
<module-option name="realm" value="ApplicationRealm"/>
<module-option name="password-stacking" value="useFirstPass"/>
<module-option name="unauthenticatedIdentity" value="guest"/>
</login-module>
</authentication>
</security-domain>
<security-domain name="jboss-web-policy" cache-type="default">
<authorization>
<policy-module code="Delegating" flag="required"/>
</authorization>
</security-domain>
<security-domain name="jboss-ejb-policy" cache-type="default">
<authorization>
<policy-module code="Delegating" flag="required"/>
</authorization>
</security-domain>
</security-domains>
</subsystem>
<subsystem xmlns="urn:jboss:domain:threads:1.1"/>
<subsystem xmlns="urn:jboss:domain:transactions:1.1">
<core-environment>
<process-id>
<uuid/>
</process-id>
</core-environment>
<recovery-environment socket-binding="txn-recovery-environment" status-socket-binding="txn-status-manager"/>
<coordinator-environment default-timeout="300"/>
</subsystem>
<subsystem xmlns="urn:jboss:domain:web:1.1" default-virtual-server="default-host" native="false">
<connector name="http" protocol="HTTP/1.1" scheme="http" socket-binding="http"/>
<virtual-server name="default-host" enable-welcome-root="true">
<alias name="localhost"/>
<alias name="example.com"/>
</virtual-server>
</subsystem>
<subsystem xmlns="urn:jboss:domain:webservices:1.1">
<modify-wsdl-address>true</modify-wsdl-address>
<wsdl-host>${jboss.bind.address:127.0.0.1}</wsdl-host>
<endpoint-config name="Standard-Endpoint-Config"/>
<endpoint-config name="Recording-Endpoint-Config">
<pre-handler-chain name="recording-handlers" protocol-bindings="##SOAP11_HTTP ##SOAP11_HTTP_MTOM ##SOAP12_HTTP ##SOAP12_HTTP_MTOM">
<handler name="RecordingHandler" class="org.jboss.ws.common.invocation.RecordingServerHandler"/>
</pre-handler-chain>
</endpoint-config>
</subsystem>
<subsystem xmlns="urn:jboss:domain:weld:1.0"/>
</profile>
<interfaces>
<interface name="management">
<inet-address value="${jboss.bind.address.management:0.0.0.0}"/>
</interface>
<interface name="public">
<inet-address value="${jboss.bind.address:127.0.0.1}"/>
</interface>
<interface name="unsecure">
<inet-address value="${jboss.bind.address.unsecure:127.0.0.1}"/>
</interface>
</interfaces>
<socket-binding-group name="standard-sockets" default-interface="public" port-offset="${jboss.socket.binding.port-offset:0}">
<socket-binding name="management-native" interface="management" port="${jboss.management.native.port:9999}"/>
<socket-binding name="management-http" interface="management" port="${jboss.management.http.port:9990}"/>
<socket-binding name="management-https" interface="management" port="${jboss.management.https.port:9443}"/>
<socket-binding name="ajp" port="8009"/>
<socket-binding name="http" port="8080"/>
<socket-binding name="https" port="8443"/>
<socket-binding name="jacorb" interface="unsecure" port="3528"/>
<socket-binding name="jacorb-ssl" interface="unsecure" port="3529"/>
<socket-binding name="messaging" port="5445"/>
<socket-binding name="messaging-throughput" port="5455"/>
<socket-binding name="osgi-http" interface="management" port="8090"/>
<socket-binding name="remoting" port="4447"/>
<socket-binding name="txn-recovery-environment" port="4712"/>
<socket-binding name="txn-status-manager" port="4713"/>
<outbound-socket-binding name="mail-smtp">
<remote-destination host="localhost" port="25"/>
</outbound-socket-binding>
</socket-binding-group>
<deployments>
<deployment name="loadSimulator.war" runtime-name="loadSimulator.war">
<content sha1="ad5c4080accb0e644bcb0bf2842f8f230fbe8e75"/>
</deployment>
<deployment name="Hops.war" runtime-name="Hops.war" enabled="false">
<content sha1="ba2746c8e115729b37343704b2540d258f0ec614"/>
</deployment>
<deployment name="Agent_Footprint.war" runtime-name="Agent_Footprint.war">
<content sha1="9d9893741e9f24d609c3d39eb9b1bd5ec08d7556"/>
</deployment>
</deployments>
</server>
If the server doesn't receive the ping in a certain time then it closes the connection, in this instance it is an invm connection from the MDB.
The usual causes for this are the server or client becoming unresponsive because of overload, memory issues etc. For that, you must to add the following elements to connection-factory in standalone.xml.
<connection-ttl>-1</connection-ttl>
<client-failure-check-period>-1</client-failure-check-period>
A value of -1 for ConnectionTTL means the server will never time out the connection on the server side.
I've written a policy (contained below) that uses XPath 2.0 features, for use with WSO2 Identity Server. I've specified the correct value in the XPathVersion element, but I'm still getting errors that point to the XPath expression not being evaluated as XPath 2.0.
I'm pretty sure WSO2 Identity Server isn't using the value of the XPathVersion element, as when I change it to something invalid (such as "this-is-not-a-valid-xpath-version") it doesn't complain and still evaluates XPath expressions (albeit as XPath 1.0.)
My policy:
<Policy PolicyId="application-dashu" RuleCombiningAlgId="urn:oasis:names:tc:xacml:3.0:rule-combining-algorithm:deny-overrides" Version="1.0" xmlns="urn:oasis:names:tc:xacml:3.0:core:schema:wd-17">
<PolicyDefaults>
<XPathVersion>http://www.w3.org/TR/2007/REC-xpath20-20070123</XPathVersion>
</PolicyDefaults>
<Target>
<AnyOf>
<AllOf>
<Match MatchId="urn:oasis:names:tc:xacml:1.0:function:anyURI-equal">
<AttributeValue DataType="http://www.w3.org/2001/XMLSchema#anyURI">urn:siphon-io:schema:application:dashu</AttributeValue>
<AttributeDesignator AttributeId="urn:oasis:names:tc:xacml:1.0:resource:target-namespace" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" DataType="http://www.w3.org/2001/XMLSchema#anyURI" MustBePresent="true"/>
</Match>
</AllOf>
</AnyOf>
</Target>
<Rule Effect="Permit" RuleId="permit-index">
<Condition>
<Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:and">
<Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-equal">
<Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-one-and-only">
<AttributeDesignator AttributeId="urn:oasis:names:tc:xacml:1.0:action:action-id" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:action" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="true"/>
</Apply>
<AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">index</AttributeValue>
</Apply>
<Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-subset">
<AttributeSelector
MustBePresent="false"
Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource"
Path="/*[namespace-uri()='urn:siphon-io:schema:application:dashu' and local-name()='Instance']/*[namespace-uri()='urn:siphon-io:schema:application:dashu' and local-name()='Tag']/concat('{', attribute::Name, '}', text())"
DataType="http://www.w3.org/2001/XMLSchema#string"
/>
<AttributeSelector
MustBePresent="false"
Category="urn:oasis:names:tc:xacml:1.0:subject-category:access-subject"
Path="/*[namespace-uri()='urn:oasis:names:tc:SAML:2.0:assertion' and local-name()='Assertion']/*[namespace-uri()='urn:oasis:names:tc:SAML:2.0:assertion' and local-name()='AttributeStatement']/*[namespace-uri()='urn:oasis:names:tc:SAML:2.0:assertion' and local-name()='Attribute']/*[namespace-uri()='urn:oasis:names:tc:SAML:2.0:assertion' and local-name()='AttributeValue']/concat('{', parent::node()/attribute::Name, '}', text())"
DataType="http://www.w3.org/2001/XMLSchema#string"
/>
</Apply>
</Apply>
</Condition>
</Rule>
</Policy>
My request:
<p0:Request CombinedDecision="false" ReturnPolicyIdList="false" xmlns:p0="urn:oasis:names:tc:xacml:3.0:core:schema:wd-17">
<p0:Attributes Category="urn:oasis:names:tc:xacml:1.0:subject-category:access-subject">
<p0:Content>
<saml:Assertion ID="_u5Ik0MW0G5jNlnFsYG6DGvl7j0WEmBJR" IssueInstant="2013-12-12T23:11:02.354Z" Version="2.0" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">
<saml:Issuer>urn:movingdata.auth0.com</saml:Issuer>
<saml:Subject>
<saml:NameID Format="urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified">auth0|b939821bd143c2d075e2feaf0220b6ed09212cc9</saml:NameID>
<saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
<saml:SubjectConfirmationData InResponseTo="request-1386889754280-nusav-zotop-rizul" NotOnOrAfter="2013-12-13T00:11:02.354Z" Recipient="http://dashboard.dbsu.com/auth/saml2/sso/post"/>
</saml:SubjectConfirmation>
</saml:Subject>
<saml:Conditions NotBefore="2013-12-12T23:11:02.354Z" NotOnOrAfter="2013-12-13T00:11:02.354Z">
<saml:AudienceRestriction/>
</saml:Conditions>
<saml:AttributeStatement>
<saml:Attribute Name="urn:siphon-io:customer:dbsu:project">
<saml:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:anyType">99-101</saml:AttributeValue>
</saml:Attribute>
<saml:Attribute Name="urn:siphon-io:customer:dbsu:project">
<saml:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:anyType">99-102</saml:AttributeValue>
</saml:Attribute>
<saml:Attribute Name="urn:siphon-io:customer:dbsu:project">
<saml:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:anyType">99-103</saml:AttributeValue>
</saml:Attribute>
</saml:AttributeStatement>
<saml:AuthnStatement AuthnInstant="2013-12-12T23:11:02.354Z">
<saml:AuthnContext>
<saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:unspecified</saml:AuthnContextClassRef>
</saml:AuthnContext>
</saml:AuthnStatement>
</saml:Assertion>
</p0:Content>
</p0:Attributes>
<p0:Attributes Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource">
<p0:Content>
<p1:Instance xmlns:p1="urn:siphon-io:schema:application:dashu" Host="dashboard.dbsu.com" ID="81ffe0de0ab298abf33f582e3909b9c6de1f7e97">
<p1:Tag Name="urn:siphon-io:customer:dbsu:project">99-101</p1:Tag>
</p1:Instance>
</p0:Content>
<p0:Attribute AttributeId="urn:oasis:names:tc:xacml:1.0:resource:target-namespace" IncludeInResult="false">
<p0:AttributeValue DataType="http://www.w3.org/2001/XMLSchema#anyURI">urn:siphon-io:schema:application:dashu</p0:AttributeValue>
</p0:Attribute>
</p0:Attributes>
<p0:Attributes Category="urn:oasis:names:tc:xacml:3.0:attribute-category:action">
<p0:Attribute AttributeId="urn:oasis:names:tc:xacml:1.0:action:action-id" IncludeInResult="false">
<p0:AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">index</p0:AttributeValue>
</p0:Attribute>
</p0:Attributes>
</p0:Request>
WSO2 Identity Server is shipped with xalan 2.7.1 (which can be found at /lib/endorsed) And xalan 2.7.1 does not support XPath 2.0. Therefore Identity Server would not support Xpath 2.0. This is a know thing with Identity Server. I guess, we can remove the xalan 2.7.1 from distribution and use some thing like saxon. (I did not try it). I guess, It would be done in future release soon. However, I tried your policy and request with latest version 4.5.0. But there was some problem with "concat" function and may be due to XPath 2.0 issue as you have mentioned. Once i remove "concat", It works as expected. Following is the policy that i modified and it returns the expected result as "Permit" with request that you have given.
<Policy PolicyId="application-dashu" RuleCombiningAlgId="urn:oasis:names:tc:xacml:3.0:rule-combining-algorithm:deny-overrides" Version="1.0" xmlns="urn:oasis:names:tc:xacml:3.0:core:schema:wd-17">
<PolicyDefaults>
<XPathVersion>http://www.w3.org/TR/2007/REC-xpath20-20070123</XPathVersion>
</PolicyDefaults>
<Target>
<AnyOf>
<AllOf>
<Match MatchId="urn:oasis:names:tc:xacml:1.0:function:anyURI-equal">
<AttributeValue DataType="http://www.w3.org/2001/XMLSchema#anyURI">urn:siphon-io:schema:application:dashu</AttributeValue>
<AttributeDesignator AttributeId="urn:oasis:names:tc:xacml:1.0:resource:target-namespace" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" DataType="http://www.w3.org/2001/XMLSchema#anyURI" MustBePresent="true"/>
</Match>
</AllOf>
</AnyOf>
</Target>
<Rule Effect="Permit" RuleId="permit-index">
<Condition>
<Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:and">
<Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-equal">
<Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-one-and-only">
<AttributeDesignator AttributeId="urn:oasis:names:tc:xacml:1.0:action:action-id" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:action" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="true"/>
</Apply>
<AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">index</AttributeValue>
</Apply>
<Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-subset">
<AttributeSelector
MustBePresent="false"
Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource"
Path="/*[namespace-uri()='urn:siphon-io:schema:application:dashu' and local-name()='Instance']/*[namespace-uri()='urn:siphon-io:schema:application:dashu' and local-name()='Tag']/text()"
DataType="http://www.w3.org/2001/XMLSchema#string"
/>
<AttributeSelector
MustBePresent="false"
Category="urn:oasis:names:tc:xacml:1.0:subject-category:access-subject"
Path="/*[namespace-uri()='urn:oasis:names:tc:SAML:2.0:assertion' and local-name()='Assertion']/*[namespace-uri()='urn:oasis:names:tc:SAML:2.0:assertion' and local-name()='AttributeStatement']/*[namespace-uri()='urn:oasis:names:tc:SAML:2.0:assertion' and local-name()='Attribute']/*[namespace-uri()='urn:oasis:names:tc:SAML:2.0:assertion' and local-name()='AttributeValue']/text()"
DataType="http://www.w3.org/2001/XMLSchema#string"
/>
</Apply>
</Apply>
</Condition>
</Rule>
</Policy>