APIM 4.1 Publish and Try out - wso2-api-manager

im new with APIM 4.1 product. im trying for try_out my project on APIM. but when i put my request and send request request to backend. i got error details :
CORS
Network Failure
URL scheme must be "http" or "https" for CORS request.
when i try with integration studio 8.1 with micro service server 4.1 hit local endpoint API i make. i always get http 400 bad status
my project code for this :
`<?xml version="1.0" encoding="UTF-8"?>
<api context="/sample2" name="Sample2" xmlns="http://ws.apache.org/ns/synapse">
<resource methods="POST">
<inSequence>
<log description="Request send to endpoint" level="custom">
<property name="Request Log" value="** Send Request To Endpoint **"/>
</log>
<send>
<endpoint key="Test1"/>
</send>
</inSequence>
<outSequence>
<log description="Response back from endpoint" level="custom">
<property name="Response Log" value="** Response Back From Endpoint **"/>
</log>
<send/>
</outSequence>
<faultSequence/>
</resource>
</api>`
<?xml version="1.0" encoding="UTF-8"?>
<endpoint name="Test1" xmlns="http://ws.apache.org/ns/synapse">
<http method="post" uri-template="http://apiceupfdev01.ptap.co.id:31065">
<suspendOnFailure>
<initialDuration>-1</initialDuration>
<progressionFactor>1.0</progressionFactor>
</suspendOnFailure>
<markForSuspension>
<retriesBeforeSuspension>0</retriesBeforeSuspension>
</markForSuspension>
</http>
</endpoint>
maybe anyone can helping me with this case.
i expecting get response from backend endpoint i hit

I tried your project on a 4.1.0 pack with an HTTP URL for the endpoint.It worked with a 200 for API invocation call.
If you are getting CORS-related errors, did you try to create the API from the publisher and disable CORS from the runtime configurations[1]? (It is disabled by default for the new APIs that are created from the publisher portal)
[1] - https://apim.docs.wso2.com/en/latest/design/advanced-topics/enabling-cors-for-apis/#enabling-cors-globally

Related

APIGEE API Proxy - How do I prevent a request from hitting the target based on body content

I am trying to prevent requests that contain a json payload with a certain attribute value from hitting my target backend.
For example:
{"status":"pending"}
If the status is "pending", I don't want it to hit my target backend until I see a status of "delivered".
What is the best way to do this?
I have a step in the proxy endpoint preflow that uses a javascript policy to identify the attribute and its value. Now that I know this, how can I prevent the request from hitting the target backend and instead just return a 200 ok to the requester?
As you have the JS to identify the attribute already, now have a policy "Raise-Fault-Attribute" in your preflow after your JS policy.
<Step>
<Condition>(Status is pending) or (Status is null)</Condition>
<Name>Raise-Fault-Attribute</Name>
</Step>
`<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<RaiseFault async="false" continueOnError="false" enabled="true" name="Raise-Fault-Attribute">
<DisplayName>Raise Fault Attribute</DisplayName>
<Properties/>
<FaultResponse>
<Set>
<Headers/>
<Payload contentType="text/xml">
....
</Payload>
<StatusCode>500</StatusCode>
<ReasonPhrase>Server Error</ReasonPhrase>
</Set>
</FaultResponse>
<IgnoreUnresolvedVariables>true</IgnoreUnresolvedVariables>
</RaiseFault>
`
Hope this helps...

How to invoke a REST service from BPEL in Oracle SOA, with Basic Authentication?

I am working with the Oracle Fusion Middleware 12.1.3, and I am developing a BPEL process which has to invoke a remote REST service that needs a Basic Authentication.
I created an External reference to the Rest Service, and in my composite.xml, it looks like this :
....
<component name="MyCompositeBASProcess" version="2.0">
<implementation.bpel src="BPEL/MyCompositeBASProcess.bpel"/>
<componentType>
<service name="mycompositebasprocess_client" ui:wsdlLocation="WSDLs/MyCompositeBASProcess.wsdl">
<interface.wsdl interface="http://xmlns.oracle.com/myPartitionSOA/MyCompositeBAS/MyCompositeBASProcess#wsdl.interface(MyCompositeBASProcess)"
callbackInterface="http://xmlns.oracle.com/myPartitionSOA/MyCompositeBAS/MyCompositeBASProcess#wsdl.interface(MyCompositeBASProcessCallback)"/>
</service>
<reference name="CMProxyRS" ui:wsdlLocation="WSDLs/CMProxyRS.wsdl">
<interface.wsdl interface="http://xmlns.oracle.com/myPartitionSOA/MyCompositeBAS/CMProxyRS#wsdl.interface(CMProxyRS_ptt)"/>
</reference>
</componentType>
<property name="bpel.config.oneWayDeliveryPolicy" type="xs:string" many="false">async.persist</property>
</component>
<reference name="CMProxyRS" ui:wsdlLocation="WSDLs/CMProxyRS.wsdl">
<interface.wsdl interface="http://xmlns.oracle.com/myPartitionSOA/MyCompositeBAS/CMProxyRS#wsdl.interface(CMProxyRS_ptt)"/>
<binding.rest config="Adapters/CMProxyRS.wadl" location="http://server_WITHOUT_basic-auth/cmproxy/resources/v2/" />
</reference>
....
With this code I invoke a REST service which is not secured by a BASIC_Auth, and it works fine.
Now, when I switch to a remote environment which needs a basic authentication, I did not manage to succeed.
I found some examples to invoke SOAP services with basic auth, but nothing really interesting for REST services. But, in the Oracle Fusion stack 12.1.3, REST services are "adapted" to SOAP services before being used, so I thought that I could use the examples I found.
So, I updated my composite.xml to add the user/password and the policy :
....
<reference name="CMProxyRS" ui:wsdlLocation="WSDLs/CMProxyRS.wsdl">
<interface.wsdl interface="http://xmlns.oracle.com/myPartitionSOA/MyCompositeBAS/CMProxyRS#wsdl.interface(CMProxyRS_ptt)"/>
<binding.rest config="Adapters/CMProxyRS.wadl" location="http://server_WITH_basic-auth/cmproxy/resources/v2/">
<wsp:PolicyReference URI="oracle/wss_username_token_client_policy" orawsp:category="security" orawsp:status="enabled"/>
<!-- <property name="oracle.webservices.auth.username">weblogic</property> -->
<!-- <property name="oracle.webservices.auth.password">password</property> -->
<property name="oracle.webservices.preemptiveBasicAuth">true</property>
<property name="javax.xml.ws.security.auth.username" many="false" override="may">weblogic</property>
<property name="javax.xml.ws.security.auth.password" many="false" override="may">password</property>
</binding.rest>
</reference>
....
As you can see, I tried with the javax.xml.ws.security.auth. properties and with the oracle.webservices.auth. properties. But both failed : on the remote, I do not get any Basic Authentication in the requests.
I also updated my CMProxyRS.wadl to add the Authorization key in the HTTP Header. For example :
<resources>
<resource path="/documents">
<method name="GET" soa:wsdlOperation="searchDocument">
<request>
<param name="Authorization" style="header" soa:expression="$msg.request/tns:Authorization" default="" type="xsd:string"/>
<param name="queryText" style="query" soa:expression="$msg.request/tns:queryText" default="" type="xsd:string"/>
<param name="fields" style="query" soa:expression="$msg.request/tns:fields" default="id,name,originalName,originalFormat,originalExtension,alternateFormat,alternateExtension,revision" type="xsd:string"/>
<param name="waitForIndexing" style="query" soa:expression="$msg.request/tns:waitForIndexing" default="false" type="xsd:boolean"/>
</request>
<response status="200">
....
And this Authorization was "replicated" in the WSDL.CMProxyRS.wsdl :
<element name="searchDocument_params">
<complexType>
<sequence>
<element name="Authorization" type="string"/>
<element name="queryText" type="string"/>
<element name="fields" type="string"/>
<element name="waitForIndexing" type="boolean"/>
</sequence>
</complexType>
</element>
This did not help. In fact, I am really not sure that what I added in my composite.xml (the properties username, password, preemptiveBasicAuth) is used by the SOA Engine to build the REST request.
(I would like to specify that it is not a user/password issue : when I test this REST query with the same user/password from Postman, it work fine.)
How can I manage to invoke a REST service with basic Authentication from a soa-composite ?
You can send custom HTTP headers in BPEL.
Take a look at this post. You need to add oracle.webservices.http.headers on the reference service and then you can populate variables and send them on your REST invoke acticity in BPEL.
You can try OWSM oracle/http_jwt_token_client_policy to pass the required headers in the request.
I had the same issue initially trying to invoke WADL from Oracle SOA 12c.
It started working after applying the following OWSM security policy:
oracle/http_jwt_token_client_policy

Linking the Wso2 Api Manager to Wso2 ESB - 4.8.1 vice versa

Issue: we are not able to confiure the ESB proxy services in the WSO2 API Manager.. We are new this product..
WorkAround Solution explored: We have downloaded the Wso2 API (with version 1.9.0 ) Manager from WSO2 Website and We have started the Wso2 Api Manager and Both ESB and API Manager running successfully. In WSO2 ESB we have created the Proxy services and we want to setup the same in WSO2 Api Manager.
And JAVA Version we are using JDK 1.7 and please check the any version compatablity is there with WSO2 ESB and WSO2 Api manager .
Updated code:
Please find the proxy service:
WSB PROXY SERVICE URL:https://I0025:8247/services/AddAssetService
<?xml version="1.0" encoding="UTF-8"?>
<proxy xmlns="http://ws.apache.org/ns/synapse"
name="AddAssetService"
transports="https"
statistics="disable"
trace="enable"
startOnLoad="true">
<target>
<inSequence>
<log>
<property name="Message" value="testMessage"/>
</log>
<property name="FORCE_SC_ACCEPTED" value="true" scope="axis2"/>
<send>
<endpoint>
<recipientlist>
<endpoint key="EkfAssetStoreEndPoint1"/>
<endpoint key="EkfAssetQueue_EndPoint"/>
</recipientlist>
</endpoint>
</send>
</inSequence>
<outSequence>
<send/>
</outSequence>
</target>
<publishWSDL uri="http://10.xx05.2.77:9765/services/AddAssetService?wsdl"/>
<parameter name="ScenarioID">scenario1</parameter>
<parameter name="serviceType">proxy</parameter>
<enableSec/>
<policy key="conf:/repository/axis2/service-groups/AddAssetService/services/AddAssetService/policies/UTOverTransport"/>
<description/>
</proxy>
Could you please advise the same

WSO2ESB : behaving differently for different Content-Type

I have a proxy flow like the below,
<proxy>
<insequence>
<header name="To" expression="concat('http://localhost:8080/', substring-after(get-property('To'),'services/'))"/>
<send>
<endpoint>
<default/>
</endpoint>
</send>
</insequence>
</proxy>
when i send a request to wso2esb/services/my/sample/url,
if Content-Type is "text/xml", then the request is correctly forwarded to
http://localhost:8080/my/sample/url as expected
but if the Content-Type is "application/xml", then the request is getting forwarded to
http://localhost:8080/my/sample/url/services/my/sample/url
My WSO2ESB version is Version 4.8.1
i don't know where i am getting it wrong..could anyone help me in providing solution?
Thanks in advance!
can you try adding the property REST_URL_POSTFIX
Have a look at https://docs.wso2.com/display/ESB481/HTTP+Transport+Properties#HTTPTransportProperties-REST_URL_POSTFIXREST_URL_POSTFIX
#Senduran: thanks for the answer.
I fixed the issue by doing a slight change
<address uri="http://localhost:8080" format="rest"/>
i.e. it becomes
<proxy>
<insequence>
<send>
<endpoint>
<address uri="http://localhost:8080" format="rest"/>
</endpoint>
</send>
</insequence>
</proxy>
I went with handling 'To' header after an suggestion from forum but it seems that it is not a legible way and it works for particular content type only

How to convert SOAP request to HTTP GET?

I am trying to construct an REST service query parameters from an incoming SOAP request, and I need GET mode request(doGet:http://localhost:8888/XMPPService/recieveMsg?accessId=admin&accessSeq=admin&accessPwd=admin).
I use property REST_URL_POSTFIX.
My config is:
<target>
<inSequence>
<property name="REST_URL_POSTFIX" value="?accessId=accessId&accessSeq=accessSeq" scope="axis2" />
<send>
<endpoint>
<address uri="http://localhost:8888/XMPPService/recieveMsg" >
</endpoint>
</send>
</inSequence>
<outSequence>
<log level="full" />
<send />
</outSequence>
</target>
<publishWSDL key="XMPPService_wsdl" />
But is also POST mode request, it calls doPost method, not GET mode request.
The receive message is also:
<?xml version='1.0' encoding='UTF-8'?>
<soapenv:Envelope xmlns:soapenv="http://www.w3.org/2003/05/soap-envelope">
<soapenv:Body>
<p:XMPPService xmlns:p="http://iag.sdp.coship.com/xmpp/">
<accessId>admin</accessId>
<accessSeq>admin</accessSeq>
<accessPwd>admin</accessPwd>
</p:XMPPService>
</soapenv:Body>
</soapenv:Envelope>
I'm not clear on what you are trying. From my understanding, you are trying to construct an REST service query parameters from an incoming SOAP request.
If that is the case use REST_URL_POSTFIX property to set the query parameters.
I have written this post which may help you.

Resources