Thursday, November 21, 2013

Invoking Secure Service (UT enabled) Via Non Secure Client -Part 2

Enabling policy

<?xml version="1.0" encoding="UTF-8"?>
<proxy xmlns="http://ws.apache.org/ns/synapse"
       name="NonSecureProxyPolicy"
       transports="https,http"
       statistics="disable"
       trace="disable"
       startOnLoad="true">
   <target>
      <inSequence>
         <log level="full">
            <property name="INNNNN" value="***********INNNN sequence proxy2***********"/>
         </log>
         <send>
            <endpoint>
               <address uri="https://localhost:8243/services/SecureService">
                  <enableSec policy="conf:/security-policy/UT-Policy1"/>
               </address>
            </endpoint>
         </send>
      </inSequence>
      <outSequence>
         <send/>
      </outSequence>
   </target>
   <description/>
</proxy>


Rampart policy

<wsp:Policy xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="UTOverTransport">
   <wsp:ExactlyOne>
      <wsp:All>
         <sp:TransportBinding xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
            <wsp:Policy>
               <sp:TransportToken>
                  <wsp:Policy>
                     <sp:HttpsToken RequireClientCertificate="false"/>
                  </wsp:Policy>
               </sp:TransportToken>
               <sp:AlgorithmSuite>
                  <wsp:Policy>
                     <sp:Basic256/>
                  </wsp:Policy>
               </sp:AlgorithmSuite>
               <sp:Layout>
                  <wsp:Policy>
                     <sp:Lax/>
                  </wsp:Policy>
               </sp:Layout>
               <sp:IncludeTimestamp/>
            </wsp:Policy>
         </sp:TransportBinding>
         <sp:SignedSupportingTokens xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
            <wsp:Policy>
               <sp:UsernameToken sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient"/>
            </wsp:Policy>
         </sp:SignedSupportingTokens>
         <rampart:RampartConfig xmlns:rampart="http://ws.apache.org/rampart/policy">
            <rampart:user>dushan</rampart:user>
            <rampart:timestampPrecisionInMilliseconds>true</rampart:timestampPrecisionInMilliseconds>
            <rampart:timestampTTL>300</rampart:timestampTTL>
            <rampart:timestampMaxSkew>300</rampart:timestampMaxSkew>
            <rampart:timestampStrict>false</rampart:timestampStrict>          <rampart:passwordCallbackClass>org.wso2.samples.pwcb.PWCBHandler</rampart:passwordCallbackClass>
                        <rampart:nonceLifeTime>300</rampart:nonceLifeTime>
         </rampart:RampartConfig>
      </wsp:All>
   </wsp:ExactlyOne>
</wsp:Policy>      
                                

Invoking Secure Service (UT enabled) Via Non Secure Client -Part 1

When client would require to invoke Secure Services via Non secure services, one possible solution is to enable encrypt the basic headers and them to the Authorization header in transport scope then to invoke the given service


<proxy xmlns="http://ws.apache.org/ns/synapse"
       name="NonSecureProxy"
       transports="https,http"
       statistics="disable"
       trace="disable"
       startOnLoad="true">
   <target>
      <inSequence>
         <log level="full">
            <property name="INNNNN" value="***********INNNN sequence proxy2***********"/>
         </log>
         <property name="Authorization"
                   expression="fn:concat('Basic ', base64Encode('dushan:dushan'))"
                   scope="transport"/>
         <send>
            <endpoint>
               <address uri="https://localhost:8243/services/SecureService/getQuote"
                        format="pox"/>
            </endpoint>
         </send>
      </inSequence>
      <outSequence>
         <send/>
      </outSequence>
   </target>
   <description/>
</proxy>


<proxy xmlns="http://ws.apache.org/ns/synapse"
       name="SecureService"
       transports="https"
       statistics="disable"
       trace="disable"
       startOnLoad="true">
   <target>
      <inSequence>
         <send>
            <endpoint>
               <address uri="http://localhost:9000/services/SimpleStockQuoteService"/>
            </endpoint>
         </send>
      </inSequence>
      <outSequence>
         <send/>
      </outSequence>
   </target>
   <enableSec/>
   <policy key="conf:/repository/axis2/service-groups/SecureService/services/SecureService/policies/UTOverTransport"/>
   <description/>
</proxy>



[2013-11-21 14:12:30,620] DEBUG - wire >> "[\r][\n]"
[2013-11-21 14:12:30,636] DEBUG - wire << "POST /services/SimpleStockQuoteService/getQuote HTTP/1.1[\r][\n]"
[2013-11-21 14:12:30,637] DEBUG - wire << "Authorization: Basic ZHVzaGFuOmR1c2hhbg==[\r][\n]"
[2013-11-21 14:12:30,637] DEBUG - wire << "Accept-Encoding: gzip,deflate[\r][\n]"
[2013-11-21 14:12:30,638] DEBUG - wire << "Content-Type: application/xml[\r][\n]"
[2013-11-21 14:12:30,638] DEBUG - wire << "SOAPAction: urn:getQuote[\r][\n]"
[2013-11-21 14:12:30,638] DEBUG - wire << "Transfer-Encoding: chunked[\r][\n]"
[2013-11-21 14:12:30,638] DEBUG - wire << "Host: localhost:9000[\r][\n]"
[2013-11-21 14:12:30,639] DEBUG - wire << "Connection: Keep-Alive[\r][\n]"
[2013-11-21 14:12:30,639] DEBUG - wire << "User-Agent: Synapse-PT-HttpComponents-NIO[\r][\n]"
[2013-11-21 14:12:30,639] DEBUG - wire << "[\r][\n]"
[2013-11-21 14:12:30,639] DEBUG - wire << "fe[\r][\n]"
[2013-11-21 14:12:30,639] DEBUG - wire << "<ser:getQuote xmlns:ser="http://services.samples">[\n]"
[2013-11-21 14:12:30,639] DEBUG - wire << "         <!--Optional:-->[\n]"
[2013-11-21 14:12:30,639] DEBUG - wire << "         <ser:request>[\n]"
[2013-11-21 14:12:30,640] DEBUG - wire << "            <!--Optional:-->[\n]"
[2013-11-21 14:12:30,640] DEBUG - wire << "            <xsd:symbol xmlns:xsd="http://services.samples/xsd">11</xsd:symbol>[\n]"
[2013-11-21 14:12:30,640] DEBUG - wire << "         </ser:request>[\n]"
[2013-11-21 14:12:30,640] DEBUG - wire << "      </ser:getQuote>[\r][\n]"
[2013-11-21 14:12:30,640] DEBUG - wire << "0[\r][\n]"
[2013-11-21 14:12:30,640] DEBUG - wire << "[\r][\n]"
[2013-11-21 14:12:30,644] DEBUG - wire >> "HTTP/1.1 200 OK[\r][\n]"
[2013-11-21 14:12:30,644] DEBUG - wire >> "Content-Type: application/xml; charset=UTF-8[\r][\n]"
[2013-11-21 14:12:30,645] DEBUG - wire >> "Date: Thu, 21 Nov 2013 08:42:30 GMT[\r][\n]"
[2013-11-21 14:12:30,645] DEBUG - wire >> "Transfer-Encoding: chunked[\r][\n]"
[2013-11-21 14:12:30,645] DEBUG - wire >> "Connection: Keep-Alive[\r][\n]"
[2013-11-21 14:12:30,645] DEBUG - wire >> "[\r][\n]"
[2013-11-21 14:12:30,647] DEBUG - wire >> "368[\r][\n]"
[2013-11-21 14:12:30,647] DEBUG - wire >> "<ns:getQuoteResponse xmlns:ns="http://services.samples"><ns:return xmlns:ax21="http://services.samples/xsd" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="ax21:GetQuoteResponse"><ax21:change>4.423747490453758</ax21:change><ax21:earnings>13.080465575691782</ax21:earnings><ax21:high>183.72455511877618</ax21:high><ax21:last>177.25933516401494</ax21:last><ax21:lastTradeTimestamp>Thu Nov 21 14:12:30 IST 2013</ax21:lastTradeTimestamp><ax21:low>-176.6775010130566</ax21:low><ax21:marketCap>1797692.482250683</ax21:marketCap><ax21:name>11 Company</ax21:name><ax21:open>183.25648908841202</ax21:open><ax21:peRatio>-17.898897366819455</ax21:peRatio><ax21:percentageChange>-2.6156190500725063</ax21:percentageChange><ax21:prevClose>-169.12812629695176</ax21:prevClose><ax21:symbol>11</ax21:symbol><ax21:volume>5447</ax21:volume></ns:return></ns:getQuoteResponse>[\r][\n]"
[2013-11-21 14:12:30,648] DEBUG - wire >> "0[\r][\n]"
[2013-11-21 14:12:30,648] DEBUG - wire >> "[\r][\n]"
[2013-11-21 14:12:30,655] DEBUG - wire << "HTTP/1.1 200 OK[\r][\n]"
[2013-11-21 14:12:30,655] DEBUG - wire << "Content-Type: application/xml[\r][\n]"
[2013-11-21 14:12:30,656] DEBUG - wire << "Date: Thu, 21 Nov 2013 08:42:30 GMT[\r][\n]"
[2013-11-21 14:12:30,656] DEBUG - wire << "Server: WSO2-PassThrough-HTTP[\r][\n]"
[2013

Wednesday, November 20, 2013

Callout Meditor to Invoke REST Services

Following configuration allows you to invoke RESTful services via CalloutMeditator

P.N you need to change axis2_client.xml Required to add JSON message formatter in ESB_470_HOME/samples/axis2Client/client_repo/conf/axis2.xml



<?xml version="1.0" encoding="UTF-8"?>
<proxy xmlns="http://ws.apache.org/ns/synapse"
       name="CalloutProxy"
       transports="https,http"
       statistics="disable"
       trace="disable"
       startOnLoad="true">
   <target>
      <inSequence>
         <property name="enableREST"
                   value="true"
                   scope="axis2-client"
                   type="BOOLEAN"/>
         <property name="messageType"
                   value="application/json"
                   scope="axis2-client"
                   type="STRING"/>
         <property name="contentType"
                   value="application/json"
                   scope="axis2-client"
                   type="STRING"/>
         <callout serviceURL="http://localhost:9001/services/SimpleStockQuoteService"
                  action="urn:getQuote"
                  initAxis2ClientOptions="false">
            <source xmlns:s12="http://www.w3.org/2003/05/soap-envelope"
                    xmlns:s11="http://schemas.xmlsoap.org/soap/envelope/"
                    xpath="s11:Body/child::*[fn:position()=1] | s12:Body/child::*[fn:position()=1]"/>
            <target xmlns:s12="http://www.w3.org/2003/05/soap-envelope"
                    xmlns:s11="http://schemas.xmlsoap.org/soap/envelope/"
                    xpath="s11:Body/child::*[fn:position()=1] | s12:Body/child::*[fn:position()=1]"/>
         </callout>
         <property name="RESPONSE" value="true"/>
         <header name="To" action="remove"/>
         <send/>
         <drop/>
      </inSequence>
   </target>
   <description/>
</proxy>


Wire logs

log4j.logger.httpclient.wire.header=DEBUG
log4j.logger.httpclient.wire.content=DEBUG

logs seen in console

[2013-11-20 17:38:18,840]  INFO - CarbonUIServiceComponent Mgt Console URL  : https://10.100.1.122:9443/carbon/
[2013-11-20 17:39:39,459] DEBUG - header >> "POST /services/SimpleStockQuoteService HTTP/1.1[\r][\n]"
[2013-11-20 17:39:39,468] DEBUG - header >> "Content-Type: application/json; charset=UTF-8[\r][\n]"
[2013-11-20 17:39:39,469] DEBUG - header >> "Accept-Encoding: gzip,deflate[\r][\n]"
[2013-11-20 17:39:39,469] DEBUG - header >> "User-Agent: Axis2[\r][\n]"
[2013-11-20 17:39:39,469] DEBUG - header >> "Host: localhost:9001[\r][\n]"
[2013-11-20 17:39:39,469] DEBUG - header >> "Transfer-Encoding: chunked[\r][\n]"
[2013-11-20 17:39:39,469] DEBUG - header >> "[\r][\n]"
[2013-11-20 17:39:39,480] DEBUG - content >> "27[\r][\n]"
[2013-11-20 17:39:39,480] DEBUG - content >> "{"getQuote":{"request":{"symbol":"?"}}}"
[2013-11-20 17:39:39,480] DEBUG - content >> "[\r][\n]"
[2013-11-20 17:39:39,480] DEBUG - content >> "0"
[2013-11-20 17:39:39,480] DEBUG - content >> "[\r][\n]"
[2013-11-20 17:39:39,480] DEBUG - content >> "[\r][\n]"