I had reports from users with Android 8 that my app (that uses back-end feed) does not show content. After investigation I found following Exception happening on Android 8:
08-29 12:03:11.246 11285-11285/ E/: [12:03:11.245, main]: Exception: IOException java.io.IOException: Cleartext HTTP traffic to * not permitted
at com.android.okhttp.HttpHandler$CleartextURLFilter.checkURLPermitted(HttpHandler.java:115)
at com.android.okhttp.internal.huc.HttpURLConnectionImpl.execute(HttpURLConnectionImpl.java:458)
at com.android.okhttp.internal.huc.HttpURLConnectionImpl.connect(HttpURLConnectionImpl.java:127)
at com.deiw.android.generic.tasks.AbstractHttpAsyncTask.doConnection(AbstractHttpAsyncTask.java:207)
at com.deiw.android.generic.tasks.AbstractHttpAsyncTask.extendedDoInBackground(AbstractHttpAsyncTask.java:102)
at com.deiw.android.generic.tasks.AbstractAsyncTask.doInBackground(AbstractAsyncTask.java:88)
at android.os.AsyncTask$2.call(AsyncTask.java:333)
at java.util.concurrent.FutureTask.run(FutureTask.java:266)
at android.os.AsyncTask$SerialExecutor$1.run(AsyncTask.java:245)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1162)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:636)
at java.lang.Thread.run(Thread.java:764)
(I've removed package name, URL and other possible identifiers)
On Android 7 and lower everything works, I do not set android:usesCleartextTraffic in Manifest (and setting it to true does not help, that is the default value anyway), neither do I use Network Security Information. If I call NetworkSecurityPolicy.getInstance().isCleartextTrafficPermitted(), it returns false for Android 8, true for older version, using the same apk file.
I tried to find some mention of this on Google info about Android O, but without success.
According to Network security configuration -
Starting with Android 9 (API level 28), cleartext support is disabled
by default.
Also have a look at Android M and the war on cleartext traffic
Codelabs explanation from Google
Option 1 -
First try hitting the URL with https:// instead of http://
Option 2 -
Create file res/xml/network_security_config.xml -
<?xml version="1.0" encoding="utf-8"?>
<network-security-config>
<domain-config cleartextTrafficPermitted="true">
<domain includeSubdomains="true">api.example.com(to be adjusted)</domain>
</domain-config>
</network-security-config>
AndroidManifest.xml -
<?xml version="1.0" encoding="utf-8"?>
<manifest ...>
<uses-permission android:name="android.permission.INTERNET" />
<application
...
android:networkSecurityConfig="#xml/network_security_config"
...>
...
</application>
</manifest>
Option 3 -
android:usesCleartextTraffic Doc
AndroidManifest.xml -
<?xml version="1.0" encoding="utf-8"?>
<manifest ...>
<uses-permission android:name="android.permission.INTERNET" />
<application
...
android:usesCleartextTraffic="true"
...>
...
</application>
</manifest>
Also as #david.s' answer pointed out android:targetSandboxVersion can be a problem too -
According to Manifest Docs -
android:targetSandboxVersion
The target sandbox for this app to use. The higher the sandbox version
number, the higher the level of security. Its default value is 1; you
can also set it to 2. Setting this attribute to 2 switches the app to
a different SELinux sandbox. The following restrictions apply to a
level 2 sandbox:
The default value of usesCleartextTraffic in the Network Security Config is false.
Uid sharing is not permitted.
So Option 4 -
If you have android:targetSandboxVersion in <manifest> then reduce it to 1
AndroidManifest.xml -
<?xml version="1.0" encoding="utf-8"?>
<manifest android:targetSandboxVersion="1">
<uses-permission android:name="android.permission.INTERNET" />
...
</manifest>
My problem in Android 9 was navigating on a webview over domains with http
The solution from this answer
<application
android:networkSecurityConfig="#xml/network_security_config"
...>
and:
res/xml/network_security_config.xml
<?xml version="1.0" encoding="utf-8"?>
<network-security-config>
<base-config cleartextTrafficPermitted="true">
<trust-anchors>
<certificates src="system" />
</trust-anchors>
</base-config>
</network-security-config>
In the AndroidManifest I found this parameter:
android:networkSecurityConfig="#xml/network_security_config"
and #xml/network_security_config is defined in network_security_config.xml as:
<?xml version="1.0" encoding="utf-8"?>
<network-security-config>
<!--Set application-wide security config using base-config tag.-->
<base-config cleartextTrafficPermitted="false"/>
</network-security-config>
just I changed cleartextTrafficPermitted to true
You might only want to allow cleartext while debugging, but keep the security benefits of rejecting cleartext in production. This is useful for me because I test my app against a development server that does not support https. Here is how to enforce https in production, but allow cleartext in debug mode:
In build.gradle:
// Put this in your buildtypes debug section:
manifestPlaceholders = [usesCleartextTraffic:"true"]
// Put this in your buildtypes release section
manifestPlaceholders = [usesCleartextTraffic:"false"]
In the application tag in AndroidManifest.xml
android:usesCleartextTraffic="${usesCleartextTraffic}"
Ok, that's ⇒⇒ NOT ⇐⇐ the thousands repeat of add it to your Manifest, but an hint which based on this, but give you additional Benefit (and maybe some Background Info).
Following solution allow you to set the protocol (HTTP / HTTPS) per ENVIRONMENT.
This way you are able to use http for your DEV-Environment, and https for your PRODUCTION-Environment, without the need to change it all the time!
And this is needed, because generally you don't have an https-certificate for your local or dev environment, but it's a MUST-HAVE for production (and maybe for staging) environments.
Android has a kind of overwriting functionality for the src-Directory.
By default, you have
/app/src/main
But you can add additional directories to overwrite your AndroidManifest.xml. Here is how it works:
Create the Directory /app/src/debug
Inside create the AndroidManifest.xml
Inside of this File, you don't have to put all the Rules inside, but only the ones you like to overwrite from your /app/src/main/AndroidManifest.xml
Here an Example how it looks like for the requested CLEARTEXT-Permission:
<manifest xmlns:android="http://schemas.android.com/apk/res/android"
package="com.yourappname">
<application
android:usesCleartextTraffic="true"
android:name=".MainApplication"
android:label="#string/app_name"
android:icon="#mipmap/ic_launcher"
android:allowBackup="false"
android:theme="#style/AppTheme">
</application>
</manifest>
With this knowledge it's now easy as 1,2,3 for you to overload your Permissions depending on your debug | main | release Enviroment.
The big benefit on it... you don't have debug-stuff in your production-Manifest and you keep an straight and easy maintainable structure
If possible change your url's from HTTP to HTTPS;
It works out!!!
<?xml version="1.0" encoding="utf-8"?>
<network-security-config>
<domain-config cleartextTrafficPermitted="true">
<domain includeSubdomains="true">***Your URL(ex: 127.0.0.1)***</domain>
</domain-config>
</network-security-config>
In the suggestion provided above I was providing my URL as http://xyz.abc.com/mno/
I changed that to xyz.abc.com then it started working.
It could be useful for someone.
We recently had the same issue for Android 9, but we only needed to display some Urls within WebView, nothing very special. So adding android:usesCleartextTraffic="true" to Manifest worked, but we didn't want to compromise security of the whole app for this.
So the fix was in changing links from http to https
For React Native projects
It was already fixed on RN 0.59.
You can find on upgrade diff from 0.58.6 to 0.59
You can apply it without upgrading you RN versionust follow the below steps:
Create files:
android/app/src/debug/res/xml/react_native_config.xml -
<?xml version="1.0" encoding="utf-8"?>
<network-security-config>
<domain-config cleartextTrafficPermitted="true">
<domain includeSubdomains="false">localhost</domain>
<domain includeSubdomains="false">10.0.2.2</domain>
<domain includeSubdomains="false">10.0.3.2</domain>
</domain-config>
</network-security-config>
android/app/src/debug/AndroidManifest.xml -
<?xml version="1.0" encoding="utf-8"?>
<manifest xmlns:android="http://schemas.android.com/apk/res/android"
xmlns:tools="http://schemas.android.com/tools">
<uses-permission android:name="android.permission.SYSTEM_ALERT_WINDOW"/>
<application tools:targetApi="28"
tools:ignore="GoogleAppIndexingWarning"
android:networkSecurityConfig="#xml/react_native_config" />
</manifest>
Check the accepted answer to know the root cause.
I have removed this line from the android manifest file which is already there
android:networkSecurityConfig="#xml/network_security_config"
and added
android:usesCleartextTraffic="true"
this in to application tag in manifest
<application
android:usesCleartextTraffic="true"
android:allowBackup="true"
android:label="#string/app_name"
android:largeHeap="true"
android:supportsRtl="true"
android:theme="#style/AppTheme"
>
then this error Cleartext HTTP traffic to overlay.openstreetmap.nl not permitted is gone for me in android 9 and 10.I hope this will work for android 8 also if it is helped you don't forget to vote thank you
Adding ...
android:usesCleartextTraffic="true"
... to your manifest file may appear to fix the problem but it opens a threat to data integrity.
For security reasons I used manifest placeholders with android:usesCleartextTraffic inside the manifest file (like in Option 3 of the accepted answer i.e #Hrishikesh Kadam's response) to only allow cleartext on debug environment.
Inside my build.gradle(:app) file, I added a manifest placeholder like this:
buildTypes {
release {
minifyEnabled false
proguardFiles getDefaultProguardFile('proguard-android-optimize.txt'), 'proguard-rules.pro'
}
debug {
manifestPlaceholders.cleartextTrafficPermitted ="true"
}
}
Note the placeholder name cleartextTrafficPermitted at this line above
manifestPlaceholders.cleartextTrafficPermitted ="true"
Then in my Android Manifest, I used the same placeholder ...
AndroidManifest.xml -
<?xml version="1.0" encoding="utf-8"?>
<manifest ...>
<uses-permission android:name="android.permission.INTERNET" />
<application
...
android:usesCleartextTraffic="${cleartextTrafficPermitted}"
...>
...
</application>
</manifest>
With that, cleartext traffic is only permitted under the debug environment.
Simple and Easiest Solution [Xamarin Form]
For Android
Goto Android Project, then Click on Properties,
Open AssemblyInfo.cs and paste this code right there:
[assembly: Application(UsesCleartextTraffic =true)]
For iOS
Use NSAppTransportSecurity:
You have to set the NSAllowsArbitraryLoads key to YES under NSAppTransportSecurity dictionary in your info.plist file.
<key>NSAppTransportSecurity</key>
<dict>
<key>NSAllowsArbitraryLoads</key>
<true/>
</dict>
Okay, I have figured this out. It is due to the Manifest parameter android:targetSandboxVersion="2", that I have added because we also have Instant App version - it should make sure than once user upgrades from Instant App to regular app, he will not loose his data with the transfer. However as the vague description suggest:
Specifies the target sandbox this app wants to use. Higher sanbox versions will have increasing levels of security.
The default value of this attribute is 1.
It obviously also adds new level of security policy, at least on Android 8.
To apply these various answers to Xamarin.Android, you can use class and assembly level Attributes vs. manually editing the AndroidManifest.xml
Internet permission of course is needed (duh..):
[assembly: UsesPermission(Android.Manifest.Permission.Internet)]
Note: Typically assembly level attributes are added to your AssemblyInfo.cs file, but any file, below the using and above the namespace works.
Then on your Application subclass (create one if needed), you can add NetworkSecurityConfig with a reference to an Resources/xml/ZZZZ.xml file:
#if DEBUG
[Application(AllowBackup = false, Debuggable = true, NetworkSecurityConfig = "#xml/network_security_config")]
#else
[Application(AllowBackup = true, Debuggable = false, NetworkSecurityConfig = "#xml/network_security_config"))]
#endif
public class App : Application
{
public App(IntPtr javaReference, Android.Runtime.JniHandleOwnership transfer) : base(javaReference, transfer) { }
public App() { }
public override void OnCreate()
{
base.OnCreate();
}
}
Create a file in the Resources/xml folder (create the xml folder if needed).
Example xml/network_security_config file, adjust as needed (see other answers)
<?xml version="1.0" encoding="utf-8"?>
<network-security-config>
<domain-config cleartextTrafficPermitted="true">
<domain includeSubdomains="true">www.example.com</domain>
<domain includeSubdomains="true">notsecure.com</domain>
<domain includeSubdomains="false">xxx.xxx.xxx</domain>
</domain-config>
</network-security-config>
You can also use the UsesCleartextTraffic parameter on the ApplicationAttribute:
#if DEBUG
[Application(AllowBackup = false, Debuggable = true, UsesCleartextTraffic = true)]
#else
[Application(AllowBackup = true, Debuggable = false, UsesCleartextTraffic = true))]
#endif
While the working answer, for me, was this by #PabloCegarra:
<?xml version="1.0" encoding="utf-8"?>
<network-security-config>
<base-config cleartextTrafficPermitted="true">
<trust-anchors>
<certificates src="system" />
</trust-anchors>
</base-config>
</network-security-config>
You may receive a security warning regarding the cleartextTrafficPermitted="true"
If you know the domains to 'white list' you should mix both accepted answer and the above one:
<?xml version="1.0" encoding="utf-8"?>
<network-security-config>
<base-config cleartextTrafficPermitted="false">
<trust-anchors>
<certificates src="system" />
</trust-anchors>
</base-config>
<domain-config cleartextTrafficPermitted="true">
<domain includeSubdomains="true">books.google.com</domain>
<trust-anchors>
<certificates src="system" />
</trust-anchors>
</domain-config>
</network-security-config>
This code is working for me, but my app needs to retrieve data from books.google.com only.
By this way the security warning disappears.
I am also got the same "Cleartext HTTP traffic not permitted" error while developing my Application. I am using Retrofit2 for network calls in my application and I have two project environments(dev & production). My Production domain is having SSL certificate with HTTPS calls and dev won't have https. The configuration is added in the build flavors. But when I change to dev, this issue will trigger. So I have added below-solution for that.
I have added cleartext traffic in the manifest
android:usesCleartextTraffic="true"
Then I have added a connection spec in the retrofit configuration class OKHttp creation time.
.connectionSpecs(CollectionsKt.listOf(ConnectionSpec.MODERN_TLS, ConnectionSpec.CLEARTEXT))
Complete OkHttpClient creation is given below
OkHttpClient okHttpClient = new OkHttpClient.Builder()
.readTimeout(10, TimeUnit.SECONDS)
.connectTimeout(10, TimeUnit.SECONDS)
.cache(null)
.connectionSpecs(CollectionsKt.listOf(ConnectionSpec.MODERN_TLS, ConnectionSpec.CLEARTEXT))
.addInterceptor(new NetworkInterceptor(context))
.addInterceptor(createLoggingInterceptor())
.addInterceptor(createSessionExpiryInterceptor())
.addInterceptor(createContextHeaderInterceptor())
.build();
Update December 2019 ionic - 4.7.1
<manifest xmlns:tools=“http://schemas.android.com/tools”>
<application android:usesCleartextTraffic=“true” tools:targetApi=“28”>
Please add above content in android manifest .xml file
Previous Versions of ionic
Make sure you have the following in your config.xml in Ionic Project:
<edit-config file="app/src/main/AndroidManifest.xml" mode="merge" target="/manifest/application" xmlns:android="http://schemas.android.com/apk/res/android">
<application android:networkSecurityConfig="#xml/network_security_config" />
<application android:usesCleartextTraffic="true" />
</edit-config>
Run ionic Cordova build android. It creates Android folder under Platforms
Open Android Studio and open the Android folder present in our project
project-platforms-android. Leave it for few minutes so that it builds the gradle
After gradle build is finished we get some errors for including minSdVersion in manifest.xml.
Now what we do is just remove <uses-sdk android:minSdkVersion="19" /> from manifest.xml.
Make sure its removed from both the locations:
app → manifests → AndroidManifest.xml.
CordovaLib → manifests → AndroidManifest.xml.
Now try to build the gradle again and now it builds successfully
Make sure you have the following in Application tag in App → manifest → Androidmanifest.xml:
<application
android:networkSecurityConfig="#xml/network_security_config" android:usesCleartextTraffic="true" >
Open network_security_config (app → res → xml → network_security_config.xml).
Add the following code:
<?xml version="1.0" encoding="utf-8"?>
<network-security-config>
<domain-config cleartextTrafficPermitted="true">
<domain includeSubdomains="true">xxx.yyyy.com</domain>
</domain-config>
</network-security-config>
Here xxx.yyyy.com is the link of your HTTP API. Make sure you don't include any Http before the URL.
Note: Now build the app using Android Studio (Build -- Build Bundle's/APK -- Build APK) and now you can use that App and it works fine in Android Pie. If you try to build app using ionic Cordova build android it overrides all these settings so make sure you use Android Studio to build the Project.
If you have any older versions of app installed, Uninstall them and give a try or else you will be left with some error:
App not Installed
Create file - res / xml / network_security.xml
In network_security.xml ->
<?xml version="1.0" encoding="utf-8"?>
<network-security-config>
<domain-config cleartextTrafficPermitted="true">
<domain includeSubdomains="true">192.168.0.101</domain>
</domain-config>
</network-security-config>
Open AndroidManifests.xml :
android:usesCleartextTraffic="true" //Add this line in your manifests
<application
android:allowBackup="true"
android:icon="#mipmap/ic_launcher"
android:label="#string/app_name"
android:roundIcon="#mipmap/ic_launcher_round"
android:supportsRtl="true"
android:usesCleartextTraffic="true"
android:theme="#style/AppTheme">
cleartext support is disabled by default.Android in 9 and above
Try This one I hope It will work fine
1 Step:-> add inside android build gradle (Module:App)
useLibrary 'org.apache.http.legacy'
android {
compileSdkVersion 28
useLibrary 'org.apache.http.legacy'
}
Then 2 Step:-> manifest
add inside manifest application tag
<application
android:networkSecurityConfig="#xml/network_security_config">//add drawable goto Step 4
// Step --->3 add to top this line
<uses-library
android:name="org.apache.http.legacy"
android:required="false" />
</application>
//Step 4-->> Create Drawable>>Xml file>>name as>> network_security_config.xml
<?xml version="1.0" encoding="utf-8"?>
<network-security-config>
<base-config cleartextTrafficPermitted="true">
<trust-anchors>
<certificates src="system" />
</trust-anchors>
</base-config>
</network-security-config>
Put following into your resources/android/xml/network_security_config.xml :
<?xml version="1.0" encoding="utf-8"?>
<network-security-config>
<base-config cleartextTrafficPermitted="true" />
</network-security-config>
This solves Failed to load resource: net::ERR_CLEARTEXT_NOT_PERMITTED problem on Android for Cordova / Ionic.
I would suggest to add both dev and prod network configs:
add res/xml/network_security_config_dev.xml
<?xml version="1.0" encoding="utf-8"?>
<network-security-config>
<domain-config cleartextTrafficPermitted="true">
<domain includeSubdomains="true">10.0.2.2</domain>
</domain-config>
</network-security-config>
addres/xml/network_security_config_prod.xml
<?xml version="1.0" encoding="utf-8"?>
<network-security-config>
<domain-config cleartextTrafficPermitted="false">
<domain includeSubdomains="true">yourdomain.com</domain>
</domain-config>
</network-security-config>
under Gradle Scripts (in android studio), find build.gradle (android.app) and look for buildTypes: release and debug (create if not exists):
buildTypes {
release {
minifyEnabled false
manifestPlaceholders.securityConfig = "#xml/network_security_config_prod"
}
debug {
manifestPlaceholders.securityConfig = "#xml/network_security_config_dev"
}
}
in AndroidManifest.xml use securityConfig placeholder as following (which was defined in build.gradle):
<application
android:allowBackup="true"
android:icon="#mipmap/ic_launcher"
android:label="#string/app_name"
android:roundIcon="#mipmap/ic_launcher_round"
android:supportsRtl="true"
android:networkSecurityConfig="${securityConfig}" <------- here
Just add android:usesCleartextTraffic="true" inside the in AndroidManifest.xml file
In my case that URL is not working in browser also.
I check with https://www.google.com/
webView.loadUrl("https://www.google.com/")
And it worked for me.
For Xamarin.Android developers make sure HttpClient implementation and SSL/TLS is set to Default.
It can be found under Andorid Options -> Advanced Android Options.
This is done for security reasons, you should always prefer to use HTTPS (HTTP Secure) where possible.
You can read more about it here
There are multiple solutions for this issue depending on your condition.
If you are trying to communicate with a first party service, IE: your own web server
Server side: You should add HTTPS support to that server and use HTTPS instead of HTTP. These days you can even do it for free using services like LetsEncrypt and others
Client side: If you are using the HttpURLConnection from the java.net package you can switch to HttpsURLConnection of the java.net.ssl package, it has a similar if not identical API, so the switch should be effortless.
If you are using a third party service, like Google, Facebook, a weather service, etc.
In case that the service you are communicating with supports HTTPS (which it most likely does) you can just change your request URL from http://abc.xyz to https://abc.xyz.
As a last resort, if the third party service that you want to communicate with does not support HTTPS or any other form of secure communication, you can use this answer, but again, this is not recommended as it defeats the purpose of this much needed security feature.
If you are using ionic and getting this error during native http plugin, following fix needs to be done-
goto resources/android/xml/network_security_config.xml
Change it to-
<?xml version="1.0" encoding="utf-8"?>
<network-security-config>
<domain-config cleartextTrafficPermitted="true">
<domain includeSubdomains="true">localhost</domain>
<domain includeSubdomains="true">api.example.com(to be adjusted)</domain>
</domain-config>
</network-security-config>
That worked for me!
I using Cordova 8 with cordova-plugin-whitelist 1.3.4
and it default configuration my app no access to internet and i only add a parameter in the manifest.xml -> android:usesCleartextTraffic="true"
The path of mainfest changed in Cordova 8: platform/android/app/src/main/AndroidManifest.xml.
<?xml version='1.0' encoding='utf-8'?>
<manifest android:hardwareAccelerated="true" android:versionCode="10000" android:versionName="1.0.0" package="io.cordova.hellocordova" xmlns:android="http://schemas.android.com/apk/res/android">
<supports-screens android:anyDensity="true" android:largeScreens="true" android:normalScreens="true" android:resizeable="true" android:smallScreens="true" android:xlargeScreens="true" />
<application
android:hardwareAccelerated="true"
android:icon="#mipmap/ic_launcher"
android:label="#string/app_name"
android:supportsRtl="true"
android:usesCleartextTraffic="true">
<activity android:configChanges="orientation|keyboardHidden|keyboard|screenSize|locale|smallestScreenSize|screenLayout|uiMode" android:label="#string/activity_name" android:launchMode="singleTop" android:name="MainActivity" android:theme="#android:style/Theme.DeviceDefault.NoActionBar" android:windowSoftInputMode="adjustResize">
<intent-filter android:label="#string/launcher_name">
<action android:name="android.intent.action.MAIN" />
<category android:name="android.intent.category.LAUNCHER" />
</intent-filter>
</activity>
</application>
<uses-permission android:name="android.permission.INTERNET" />
<uses-permission android:name="android.permission.ACCESS_NETWORK_STATE" />
</manifest>
this is a real stupid because it obvious that your app need access to internet....
videoView can't open this video Online video
Create file res/xml/network_security_config.xml
<?xml version="1.0" encoding="utf-8"?>
<network-security-config>
<base-config cleartextTrafficPermitted="true">
<trust-anchors>
<certificates src="system" />
</trust-anchors>
</base-config>
</network-security-config>
New in the AndroidManifest.xml file under application:
android:networkSecurityConfig="#xml/network_security_config"
https://techprogrammingideas.blogspot.com/2021/02/android-code-for-displaying-video-with.html
https://youtu.be/90hWWAqfdUU
Upgrade to React Native 0.58.5 or higher version.
They have includeSubdomain in their config files in RN 0.58.5.
ChangeLog
In Rn 0.58.5 they have declared network_security_config with their server domain. Network security configuration allows an app to permit cleartext traffic from a certain domain. So no need to put extra effort by declaring android:usesCleartextTraffic="true" in the application tag of your manifest file. It will be resolved automatically after upgrading the RN Version.
After changed API version 9.0 getting the error Cleartext HTTP traffic to YOUR-API.DOMAIN.COM not permitted (targetSdkVersion="28"). in xamarin, xamarin.android and android studio.
Two steps to solve this error in xamarin, xamarin.android and android studio.
Step 1: Create file resources/xml/network_security_config.xml
In network_security_config.xml
<?xml version="1.0" encoding="utf-8" ?>
<network-security-config>
<domain-config cleartextTrafficPermitted="true">
<domain includeSubdomains="true">mobapi.3detrack.in</domain>
</domain-config>
</network-security-config>
Step 2: update AndroidManifest.xml -
Add android:networkSecurityConfig="#xml/network_security_config" on application tag.
e.g:
<application android:label="your App Name" android:icon="#drawable/icon" android:networkSecurityConfig="#xml/network_security_config">
I have a C# ASP.NET project with 15 WCF/ASMX Service References. Each service is deployed to three different servers; test, staging and live.
Often we need to change the URLs of these service references to different servers, to be able to debug using the correct service with the correct implementation and data.
When managing these Service References I'm having a hard time keeping the URL in sync. When creating a Service Reference FooService it stores the URL in three seperate files:
FooService.disco
configuration.svcinfo
Reference.svcmap
Along with creating an endpoint node with the URL in the Web.config.
If I change the endpoint URL in the Web.config and rebuild the project, it doesn't update the URL in the other files, so it's out of sync. So when I right-click the FooService and click Update Service Reference it doesn't use the URL stored in the Web.config, it uses the URL in the other files.
So the only way is to right-click the FooService and click on Configure Service Reference and enter the new URL. But that doesn't always work, because sometimes it creates a new node in Web.config named FooService1, so I get an error when running my application saying that there are two instances of the same endpoints.
So often I need to skim through the Web.config and delete duplicates of endpoints, which is very frustrating.
What is the best way to manage multiple WCF service references when changing the URL to the service often?
First an overview
The way I handle it is to not add the service reference via Visual Studio. What I have is each service has it's own Proxy project in the solution, to proxy is created using a simple one line batch file. Each of these is then included in the website(s) as a "vanilla" reference. The end point is configured manually in the web config. I have three deployment options: Debug (local), Staging and Release. At the web.config level the different addresses are handled by web.config transformations . The proxy project files are configured so that the correct end point address is used depending on the solution configuration. However it is important to note that web.config transformations only apply on publishing the solution.
In pre-VS2010 I had 3 variations of the web.config files which would overwrite the active web.config; however overwriting the web.config in this way always felt "risky" to me. In this case I think that using transforms for publish will still work, but in the actual web.config file have block of connections that you can comment in and out on those occasions when you want to debug the staging or development servers.
I only have 2 services, so my set up was pretty easy, with 15 there will be a fair bit of work involved to set up, but it will save you head aches in the long run.
Implementation
Back Up Everything First!!
Also keep handy a copy of the existing web.config to help with configuring the end points later on.
Also note that the batch files won't work if your solution is in a path with a space in its name, e.g. the default location VS puts its' projects. All my projects are in the following structure C:\Source\vs2008\, C:\Source\vs2010\ etc. I'll see if I can find a better solution for this.
0 Run VisualStudio as an administrator
Right click Visual Studio from the start menu and select "Run as Administrator". We need to do this as VS will be writing files.
1 Delete Existing service references
You shouldn't need any help on this one.
2 Add Proxy Projects
Doing this now means you only need configure the solution for test|staging|live once.
From the File menu select "Add" then "New Project" and from unser the "Visual C#" tmplates select "Class Library" and name it something sensible. I'll be using FooService.proxy for this example. Rename the class file, I'll be using FooService_proxy.cs in this example.
Add the following references to the project:
System.Runtime.Serialization
System.ServiceModel
Add one project for each service. We will comeback and update these projects later.
3 Configure The Solution to handle test|staging|live
I'm assuming you use test when developing the asp.net website on your local machine.
Open the "Configuration Manager" by selecting it in the Build Configuration dropdown menu.
Under the "Active Solution Configuration" dropdown select "New"
For the Name I'd suggest "Staging" and check the "Create new project configurations" check box.
In the Solution Explorer, right click on Web.Config and select "Add config transforms". This will add a new file for the staging web.config transformation. Click the expander arrow and you will see three sub files: Web.Debug.Config, Web.Release.Config, Web.Staging Config.
4 Set Up Proxies
Add a batch file to each proxy project by Clicking on the project in the solution explorer and selecting "Add > New Item". Use a text file and name it "CreateProxy.bat.
Insert the following into the new file and save:
:: ============================================================================================
:: Create the proxy file from the service wsdl
:: Input parameters
:: SDK Path The location of svcutil.exe
:: WSDL File Arg1 (%1)
:: Output Proxy .CS file Arg2 (%2)
::
:: Called by the build process of the BeforeBuild target to re-gen the proxy code.
:: Make sure to change FooService.proxy
:: ============================================================================================
svcutil %1 /ct:System.Collections.Generic.List`1 /serializer:DataContractSerializer /tcv:Version35 /n:*,FooService.Proxy /out:%2
Now right click on the proxy project and click "Unload Project", saving if prompted. This will enable us to get in and modify the project file. Right Click the now greyed out proxy project name and select "Edit".
Add the following just befor the closing </project> tag. Note you may need to change the
path SDKPath depending on your location of svcutil. Also make sure to name FooService_proxy.cs whatever you named the proxy file.
<PropertyGroup>
<!-- These properties are used by the svcutil batch file task in the BeforeBuild Target to regen the proxy code -->
<SDKPath Condition="'$(SDKPath)'==''">C:\Program Files\Microsoft SDKs\Windows\v6.0A\bin</SDKPath>
<WSDLPath Condition="'$(WSDLPath)'=='' and '$(Configuration)' == 'Debug'">http://[Path to TEST Server Service]</WSDLPath>
<WSDLPath Condition="'$(WSDLPath)'=='' and '$(Configuration)' == 'Staging'">http://[Path to STAGING server Service]</WSDLPath>
<WSDLPath Condition="'$(WSDLPath)'=='' and '$(Configuration)' == 'Release'">http://[Path to LIVE Server Service]</WSDLPath>
<SkipProxyRegen Condition="'$(SkipProxyRegen)'==''">false</SkipProxyRegen>
</PropertyGroup>
<Target Name="BeforeBuild">
<Message Importance="normal" Text="Rebuilding the proxy code from batch file '$(ProjectDir)CreateProxy.bat'" Condition="'$(SkipProxyRegen)'=='false'" />
<Exec Command="$(ProjectDir)CreateProxy.bat $(WSDLPath) $(ProjectDir)FooService_proxy.cs" WorkingDirectory="$(SDKPath)" Condition="'$(SkipProxyRegen)'=='false'" />
</Target>
Save the changes and then right click on the greyed out project name and select "Reload Project".
Right click on the project and select build, make sure that your proxy file is now populated.
Set each proxy project so that it always build into only its' \bin directory, e.g. not bin\debug etc. Right click on the proxy project and select "Properties". Select the "Build" tab and change the "Configuration" drop down to "All Configurations". Set the "Output path" to bin\
5 Add Proxy References and End Points To Your Website
Add a reference to each proxy project to your website by right clicking "References > Add reference" and then going to the "Projects" Tab.
Now open up your web.config file and add the bindings, use your previous web.config as a guide.
<system.serviceModel>
<bindings>
<basicHttpBinding>
<binding name="fooServiceEndpoint" closeTimeout="00:01:00" openTimeout="00:01:00"
receiveTimeout="00:10:00" sendTimeout="00:01:00" allowCookies="false"
bypassProxyOnLocal="false" hostNameComparisonMode="StrongWildcard"
maxBufferSize="2147483647" maxBufferPoolSize="524288" maxReceivedMessageSize="2147483647"
messageEncoding="Text" textEncoding="utf-8" transferMode="Buffered"
useDefaultWebProxy="true">
<readerQuotas maxDepth="32" maxStringContentLength="2147483647" maxArrayLength="2147483647"
maxBytesPerRead="8192" maxNameTableCharCount="2147483647" />
<security mode="None">
<transport clientCredentialType="None" proxyCredentialType="None"
realm="" />
<message clientCredentialType="UserName" algorithmSuite="Default" />
</security>
</binding>
<!-- Insert other binding as required -->
</basicHttpBinding>
</bindings>
<client>
<!-- Test Server Endpoints - Used for day-to-day development -->
<endpoint address="http:[Path to TEST Server service]"
binding="basicHttpBinding" bindingConfiguration="fooServiceEndpoint"
contract="FooService.Proxy.IFooService" name="fooServiceEndpoint" />
<!-- Add Other endpoints as required -->
<!-- Staging Server End Points - Used Occasionaly
<endpoint address="http:[Path to STAGING Server service]"
binding="basicHttpBinding" bindingConfiguration="fooServiceEndpoint"
contract="FooService.Proxy.IFooService" name="fooServiceEndpoint" />
<other end points here too />
-->
<!-- LIVEServer End Points - Used Rarely and with CAUTION
<endpoint address="http:[Path to LIVE Server service]"
binding="basicHttpBinding" bindingConfiguration="fooServiceEndpoint"
contract="FooService.Proxy.IFooService" name="fooServiceEndpoint" />
<other end points here too />
-->
</client>
</system.serviceModel>
Now you can simply modify the web config with comments depending on which server you want to be debugging on.
6 Set up web.config transformation for deployment
Expand the web.config node in the solution explorer.
Open the web.staging.config file and add the following:
<system.serviceModel>
<client>
<endpoint address="http:[Path to STAGING server Service]"
binding="basicHttpBinding" bindingConfiguration="fooServiceEndpoint"
contract="FooService.Proxy.IFooService" name="fooServiceEndpoint" xdt:Transform="SetAttributes" xdt:Locator="Match(name)" />
</client>
<!-- Repeat for additional end points -->
</system.serviceModel>
Now add the same to Web.Release.Config changing the paths to tho the LIVE server paths. This will now use the appropriate endpoints when published using the VisualStudio publish command.
E.g. If deploying a STAGING version of the web site, select "Staging" from the Build Configuration drop down. Right click on the WebSite project in the solution explorer and select "Publish". Choose how you wish to publish and click the "Publish" button. The whole solution will then rebuild, proxies will be generated form the Staging server and the web.config file will be published with the Staging setting.
That's it, you're done
You now have proxies that will generate based on your build configuration, one location to change paths via commenting for debugging purposes, and automatic web.config updating on publishing.
Update
Gaui, the OP, has created a small exe that simplifies this somewhat. It is available on GitHub.
I've had a lot of problems with this, too. But I ended up in finding a nice and easy way. My example with a fictious service address:
Create a command line EXE
Add service reference with address https://service.somePortal.com/FooConnector.svc and namespace "MyServiceReference"
Let's say the service is offering an Interface "IFooConnector". Choose OK to generate (a lot of) code to consume the service.
After that, in your App.config file you will see a new serviceModel section:
<system.serviceModel>
<bindings>
<customBinding>
<binding name="NetHttpsBinding_IFooConnector">
<binaryMessageEncoding />
<httpsTransport />
</binding>
</customBinding>
</bindings>
<client>
<endpoint address="https://service.somePortal.com/FooConnector.svc"
binding="customBinding" bindingConfiguration="NetHttpsBinding_IFooConnector"
contract="MyServiceReference.IFooConnector" name="NetHttpsBinding_IFooConnector" />
</client>
</system.serviceModel>
You can now use a service method like this:
using TestClient.MyServiceReference;
namespace TestClient
{
class Program
{
static void Main(string[] args)
{
using (var client = new FooConnector())
{
client.DoSomething();
}
}
}
}
Now the important part:
To use three inkarnations of the same service, like DEV (Development), TEST (Testing) and PROD (Production) at different addresses, but having the same interface, you only have to manually edit your App.config and use a different constructor to instantiate the client!
Here's the new App.config with the changed serviceModel section:
<system.serviceModel>
<bindings>
<customBinding>
<binding name="NetHttpsBinding_IFooConnector">
<binaryMessageEncoding />
<httpsTransport />
</binding>
</customBinding>
</bindings>
<client>
<endpoint address="https://dev-service.somePortal.com/FooConnector.svc"
binding="customBinding" bindingConfiguration="NetHttpsBinding_IFooConnector"
contract="MyServiceReference.IFooConnector" name="DEV" />
<endpoint address="https://test-service.somePortal.com/FooConnector.svc"
binding="customBinding" bindingConfiguration="NetHttpsBinding_IFooConnector"
contract="MyServiceReference.IFooConnector" name="TEST" />
<endpoint address="https://service.somePortal.com/FooConnector.svc"
binding="customBinding" bindingConfiguration="NetHttpsBinding_IFooConnector"
contract="MyServiceReference.IFooConnector" name="PROD" />
</client>
</system.serviceModel>
As you see, we're now having three endpoint sections with different service addresses. I've also changed the endpoints name properties to match my desired DEV, TEST and PROD naming.
To call the required service you can now use a different constructor of the client, having one parameter: string endpointConfigurationName.
So you can now use the same service method in its three inkarnations like this:
using TestClient.MyServiceReference;
namespace TestClient
{
class Program
{
static void Main(string[] args)
{
using (var client = new FooConnector("DEV"))
{
//Call method in DEV
client.DoSomething();
}
using (var client = new FooConnector("TEST"))
{
//Call method in TEST
client.DoSomething();
}
using (var client = new FooConnector("PROD"))
{
//Call method in PROD
client.DoSomething();
}
}
}
}
That's it! :-)
P.S.: In my real project, I have an enum user setting to choose DEV, TEST, PROD to change the used service by configuration.
One technique is to get the endpoint and replace the URL in code (e.g., you can do it from a database), with something like this:
endpoint.Endpoint.Address = new System.ServiceModel.EndpointAddress(remoteUrl);
I have followed Google's tutorial to use a SyncAdapter with a dummyAccount and no ContentProvider.
The tutorial is quite straight forward, and I'm aware of the limitations of using stubs for the Account and ContentProvider. I implemented it and when run on the emulator, it works wonderfully. I see the message in the Log of when it is periodically called with periodicSync(..) and when I request specifically to be called with requestSync(..).
Here is the mind-blowing part, when I run the app on my BQ 5 HD (Android 4.1.2) the SyncAdapter is never ever called. If re-installed the app, but nothing seems to be happening. I've wasted weeks with this, and I can´t figure it out.
Here is the my manifestFile
<?xml version="1.0" encoding="utf-8"?>
<uses-sdk
android:minSdkVersion="10"
android:targetSdkVersion="18" />
<uses-permission android:name="android.permission.INTERNET" />
<uses-permission android:name="android.permission.AUTHENTICATE_ACCOUNTS" />
<uses-permission android:name="android.permission.MANAGE_ACCOUNTS" />
<uses-permission android:name="android.permission.GET_ACCOUNTS" />
<uses-permission android:name="android.permission.READ_SYNC_SETTINGS" />
<uses-permission android:name="android.permission.WRITE_SYNC_SETTINGS" />
<uses-permission android:name="android.permission.WRITE_EXTERNAL_STORAGE" />
<uses-permission android:name="android.permission.CAMERA" />
<uses-permission android:name="android.permission.ACCESS_NETWORK_STATE" />
<uses-permission android:name="android.permission.READ_CONTACTS" />
<application
android:allowBackup="true"
android:icon="#drawable/ic_launcher"
android:label="#string/app_name"
android:theme="#style/AppTheme" >
....Whole bunch of activities...
<provider
android:name="com.sf.app_name.stubs.StubProvider"
android:authorities="com.sf.app_name.provider"
android:exported="false"
android:syncable="true" />
<service android:name="com.sf.app_name.stubs.AuthenticatorService"
android:exported="false">
<intent-filter>
<action android:name="android.accounts.AccountAuthenticator" />
</intent-filter>
<meta-data
android:name="android.accounts.AccountAuthenticator"
android:resource="#xml/authenticator" />
</service>
<service
android:name="com.sf.app_name.sync.SyncService"
android:exported="false"
android:process=":sync" >
<intent-filter>
<action android:name="android.content.SyncAdapter" />
</intent-filter>
<meta-data
android:name="android.content.SyncAdapter"
android:resource="#xml/syncadapter" />
</service>
</application>
authenticator.xml
<?xml version="1.0" encoding="utf-8"?>
<account-authenticator xmlns:android="http://schemas.android.com/apk/res/android"
android:accountType="com.sf.app_name"
android:userVisible="false" />
syncadapter.xml
<?xml version="1.0" encoding="utf-8"?>
<sync-adapter
xmlns:android="http://schemas.android.com/apk/res/android"
android:contentAuthority="com.sf.app_name.provider"
android:accountType="com.sf.app_name"
android:userVisible="false"
android:supportsUploading="false"
android:allowParallelSyncs="true"
android:isAlwaysSyncable="true"/>
Input is very much appreciated.
Finally figured out what's wrong thanks to ye-old-faithful Log.d(...). It's a definite noob mistake and I'm posting the answer to prevent other beginners from committing the same mistake.
In my code where I create and add the "dummyAccount" needed by the SyncAdapter framework, I did the following:
Account[] accounts = accountManager.getAccounts();
if(accounts.length == 0){
Account newAccount = new Account(ACCOUNT, ACCOUNT_TYPE);
ContentResolver.setIsSyncable(newAccount, AUTHORITY, 1);
ContentResolver.setSyncAutomatically(newAccount, AUTHORITY, true);
ContentResolver.addPeriodicSync(newAccount, AUTHORITY, new Bundle(), 40l);
accountManager.addAccountExplicitly(newAccount, null, null);
Log.d("serverSync", "ContetResolver set periodic sync");
}
The methodgetAccounts() returns all of the accounts associated to the device. Obviously it is going to return ZERO when run in the emulator because the emulator has no account associated whatsoever. So I thought it save to do it like this. I create my account of type ACCOUNT_TYPE add it, and go merrily along my way. (By the way, the reason for the addPeriodicSync on top of the setIsSyncable and setSyncAutomatially is to solve a problem that pertains to another matter.
Ofcourse, the SyncAdapter of my APP was getting called when the following was executed:
ContentResolver.requestSync(signedInAccountInstance.getDummyAccount(),
AccountManagerActivity.AUTHORITY, bundle);
They getDummyAccount(..) was gotten like so:
Account[] accounts = accountManager.getAccounts();
return accounts[0];
When this was run on the actual physical device, I should have realized that getAccounts(..) would also return (atleast) the gmail account associated to my Android device. Hence when I would do
ContentResolver.requestSync(signedInAccountInstance.getDummyAccount(),
AccountManagerActivity.AUTHORITY, bundle);
the "dummyAccount" sent would be Google's AccountType, and hence why my app's SyncAdapter would never be called. Instead, it was the gmail app's SyncAdapter who was getting called with my bundle.
How did I discover this? By printing out my dummyAccount in Log after looking into the Accounts of my physical device under Settings>Accounts, and realizing that for some reason when I executed my app on my mobile, my gmail account would display a "sync error".
All this could have been prevented by doing things correctly the first time:
Account[] accounts = accountManager.getAccountsByType(ACCOUNT_TYPE);
Where ACCOUNT_TYPE is static final variable used in my app.
// An account type, in the form of a domain name
public static final String ACCOUNT_TYPE = "com.sf.app_name";
Hope this helps save someone some headaches.
I have installed Tridion UI and getting below warning in the log file. Except this warning nothing is logged wrong in the log files even in debug mode.
“WARN AmbientDataContext - There is no current ambient data context -
the ambient data framework is not properly initialised”
This warning get logged in my session preview web service cd_core.2012-11-11.log file and in same log file of staging web application also.
I am suspecting that due to this warning I am not getting updated preview of page in the UI interface. Please see below attached screenshot for the UI error –
I also tried to update the preview by clicking on "update the page preview" button, but no luck.
To resolve this error I followed almost all answers related to this in the stack overflow.
If I refer the answer in this below question.
Tridion UI - Preview Not Updating
So we are correct on this point as content get published in the right place always. I would like to explore the similar point from the setting in the cd_dynamic_conf.xml of Session Preview service is something like below –
<URLMappings>
<StaticMappings>
<Publications>
<Publication Id="241">
<Host Domain="xyz" Port="80" Protocol="http" Path="/" />
</Publication>
<Publication Id="121">
<Host Domain="xyz" Port="80" Protocol="http" Path="/" />
</Publication>
</Publications>
</StaticMappings>
<StorageMapping IdentifyPublicationByProperty="publicationUrl"/>
</URLMappings>
And in the of the staging application
<URLMappings>
<StaticMappings>
<Publications>
<Publication Id="241">
<Host Domain="xyz" Port="80" Protocol="http" Path="/" />
</Publication>
</Publications>
</StaticMappings>
<StorageMapping IdentifyPublicationByProperty="publicationUrl"/>
</URLMappings>
And SiteEdit mark-up get created something like this –
For component presentation
<!-- Start SiteEdit Component Presentation: {"ID":"cp_5", "ComponentID":"tcm:240-22393", "ComponentVersion":19, "ComponentTemplateID":"tcm:240-23899-32", "IsQueryBased":false} -->
For page setting
<!-- SiteEdit Settings: {"PageID":"tcm:240-22507-64", "PageVersion":49, "TargetTypeID":"tcm:0-1-65438", "ComponentPresentationLocation":1} -->
Here I want to highlight few Important points as below -
1- I have web site in 2 languages one with /en and one with /fr under the same IIS directory.
In above setting publication id 241 is for my en version of website .so I also tried below setting
<Publication Id="240">
<Host Domain="xyz" Port="80" Protocol="http" Path="/en" />
</Publication>
But again no luck.
I can provide more information such as log files etc., if they are still required to investigate the issue.
Please help me to get rid of this very irritating issue on very earlier basis.
Edit -1 Please also find below config files for same
cd_ambient_conf.xml for Session Preview webservice
<?xml version="1.0" encoding="UTF-8" standalone="no" ?>
<Configuration xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" Version="6.1" xsi:noNamespaceSchemaLocation="schemas/cd_ambient_conf.xsd">
<!-- Cookies settings -->
<!-- <Cookies> <Cookie Type="Tracking" Name="myTrackingCookie" Path="/"/> <Cookie Type="Session" Name="mySessionCookie" Path="/"/> </Cookies> -->
<Cartridges>
<!-- Example cartridge definition -->
<!--
<Cartridge File="cd_ambient_cartridge_conf.xml"/>
-->
<Cartridge File="cd_webservice_preview_cartridge.xml"/>
</Cartridges>
</Configuration>
cd_ambient_conf.xml for stagging website
<?xml version="1.0" encoding="UTF-8"?>
<Configuration Version="6.1"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:noNamespaceSchemaLocation="schemas/cd_ambient_conf.xsd">
<Cartridges>
<Cartridge File="cd_webservice_preview_cartridge.xml"/>
<Cartridge File="footprint_cartridge_conf.xml"/>
</Cartridges>
<ClaimStoreProvider>com.tridion.siteedit.preview.PreviewClaimStoreProvider</ClaimStoreProvider>
</Configuration>
cd_ambient_cartridge_conf.xml for Staging website
<ClaimProcessorDefinitions>
<ClaimProcessorDefinition Uri="tcd:claimprocessor:example:userdetails" ImplementationClass="com.tridion.ambientdata.processing.ExampleClaimProcessor1"
Description="Example claim processor that gets user details.">
<RequestStart>
<InputClaims>
<ClaimDefinition Uri="tcd:claim:userid" />
</InputClaims>
<OutputClaims>
<ClaimDefinition Uri="tcd:claim:username" />
<ClaimDefinition Uri="tcd:claim:usersex" />
<ClaimDefinition Uri="tcd:claim:userage" />
</OutputClaims>
</RequestStart>
</ClaimProcessorDefinition>
<ClaimProcessorDefinition Uri="tcd:claimprocessor:example:example2"
ConfigProviderClass="com.tridion.ambientdata.processing.ExampleClaimProcessorConfigProvider" />
</ClaimProcessorDefinitions>
</CartridgeDefinition>
NOTE:- Reason why we have cd_ambient_cartridge_conf.xml for staging website and not for
Session preview website
during setting UI up , staging website was throwing an error in which it was expecting cd_ambient_cartridge_conf.xml file.So we put a sample file in this website.Even it is no where mentioned in the documentation to have this file. but in case of session preview website ,it was not expecting any such file.
You can safely ignore the WARN message in the log. Preview is not up to date message is unrelated to this WARN message.
If you are using virtual paths for your web sites (like /en, /fr etc..) then you need to have the hotfix "CD_2011.1.1.81686" installed on preview application. You do not need to add virtual paths to cd_dynamic_conf.xml file. You should keep it just "/"
Lastly, related to "preview is not up to date", You need to add the cd_ambient_catridge_conf.xml to your web service also in addition to your preview too. I don't believe this is documented but AFAIR you need to add this, I don't have my VM readily accessible but I can confirm this later. Please make sure you comment out all the Example ClaimProcessors.
Also, make sure you have Session Preview enabled in CMS , Inline Editing settings (Disable Session Preview should be NO)
Hope this helps.