Running a BizTalk 2013r2 solution, I have the following itinerary:
All is good up to the selected "Auth Endpoint Detail"
This is calling the BRE, passing the following message:
<ns0:MasterCardRequest xmlns:ns0="http://www.EsbToolkit.TargetWebService/Authorization/MasterCardRequest">
<ns0:AuthAmount>300</ns0:AuthAmount>
<ns0:CardNumber>1111-1111-1111-1111</ns0:CardNumber>
<ns0:OrderNumber>130</ns0:OrderNumber>
</ns0:MasterCardRequest>
This should cause the following "MasterCard" rule to fire - which would then send endpoint values in the context of the message:
Problem is - it's not firing! It does fire when I manually "Test Policy" from within the BRE Composer. However, when I run a message through BizTalk and check DebugView, I see the following:
I have doubled checked that the correct version of the policy is Deployed.
I'd be very grateful for any ideas as to which the rule is not firing.
You may check if document type property defined in the BRE ruleset matches to DocType shown in the debugview. The BRE resolver mechanics are not well documented, perhaps this will help: which is the meaning of recognize message format property?
Also when doctype is meant to be generic, avoiding namespace name in rules is recommended.
Related
I can get notes(real contents, not just metadata) from the evernote API. However, calling notestore->update() always gives me a EDAMUserException.
My php code is below, the arguments are self-explanatory:
//add text to note
//if append=true then the text will be appended to the end, else it will be appended to the start
public function addToNote($new_content, $access_token, $note_store, $note_guid, $append = true){
$note = $note_store->getNote($access_token, $note_guid, true, false, false, false);
$note->content +="<en-note>Note updated</en-note>";
$note_store->updateNote($access_token, $note);
}
I've already did a lot of searching before I asked here, and here are the things I know:
According to: https://dev.evernote.com/doc/articles/permissions.php it says that there are two types of api keys, one is the basic access and one is for full access, I have full access, this is proved by no exception was thrown during $note_store->getNote() call, and I did output the data from that call, I can actually get the contents of the note.
In the same page as 1: "Certain API functions are only available to official Evernote applications and services. These functions are described as such in the API Reference and will throw an EDAMUserException with the error code PERMISSION_DENIED if called by a third-party application." I read the API documentation here: https://dev.evernote.com/doc/reference/NoteStore.html#Fn_NoteStore_updateNote
It does not mention that it is blocked by default.
I think I figured out what was wrong. Evernote actually has its own DTD document format, if the "content" section of the note is not a valid document, then the request is denied. In my case it was not denied because my API key's access level, but because the "content" I gave was not a proper evernote format.
if I set:
$note->content='<!DOCTYPE en-note SYSTEM "http://xml.evernote.com/pub/enml2.dtd"><en-note><div>testing complete!!!</div></en-note>';
Then the note will be successfully updated.
However, for other users that are getting this exception and using the right format, it is most likely:
1.your api key does not have full access, choose the full access option while you request an api key.
2.usually you would start testing on the "sandboxed"(https://sandbox.evernote.com) version of their site, you need to register another account on the sandboxed site(you real evernote account doesn't carry over) and test with that account. If you do not do this, your account will not exist on the sandboxed account and anything you do will not work.
I have a working solution for the requirement as stated below. However, I am NOT convinced that it is cleanly implemented. There are a lot of configuration options in DataPower that I am fuzzy on and though the response comes back, I am not confident about it. Can I get some help on how this should be implemented to avoid any quirky behavior.
Requirement
When a SOAP client sends a request that fails schema validation rule in the inbound client->server policy (before going to backend server), our system needs to respond with custom SOAP Fault message and skip backside processing.
Current Solution
My MPG has the following rule configuration:
Client to Server. . .
matches all->sets on-error to call error rule->Validation Action-> . . .
Error rule . . .
matches validation error->sets skip-backside to true->transformation building custom SOAPFault message->results action->sets Content Type header
Any help on this or suggestions for a better way to do this would be helpful. I would like to do the schema validation inside the MPG and not a separate WS Firewall.
Once error rule is triggered it will not go for backend. I think Skip backend is not required.
match function-->transformation action with custom message---> Results action
Just add a validation action for the XSD in the MPGW Processing Policy.
You don't need the skip-backside or on-error actions. Backside will be skipped on Request error and Error rule will always be triggered anyway.
Apart from that your solution is solid.
<xsl:variable name="error" select="dp:variable('var://context/scratch/Response')"/> //invoke to another file as a working backend failed
<error_message>
<code><xsl:value-of select="$error/result/responsecode"/></code>
//this type you can configure other responses
</error_message>
Some of our users are encountering the following error page during the sequence of redirects after authenticating at their IdP.
"Unexpected exception occurred in Response Handling: null"
Partner: ...
Target: ...
This is what I believe is the corresponding info from the the server log.
2015-07-16 07:48:53,458 DEBUG [com.pingidentity.jgroups.MuxInvocationHandler] invocation of saveState on InterReqStateMgmtMapImpl state map size:215 attributes map size4 w/args: [ZkyN3LwNSjurZyfIewu1Kgjbgl7HrB, State(1437050933419){
inMsgCtx=null
outMsgCtx=OutMessageContext
XML: <samlp:AuthnRequest Version="2.0" ID="E6_0yldGrt0iqNKfUpArog6DG8G" IssueInstant="2015-07-16T12:48:53.419Z" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol">
<saml:Issuer xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">#issuer%</saml:Issuer>
<samlp:NameIDPolicy AllowCreate="true"/>
</samlp:AuthnRequest>
entityId: <Id> (IDP)
Binding: urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect
relayState: ZkyN3LwNSjurZyfIewu1Kgjbgl7HrB
Endpoint: <endpoint>
SignaturePolicy: DO_NOT_SIGN
parameters=null}] returned null
Is there an obvious place to look for more details? This happens for around 10% of our users and seems to follow them from device to device.
I figured out what the issue was. We are using account linking using the SAML Subject from the IdP. It turned out that a number of accounts at the IdP didn't have the LDAP attribute mapped to the NameID populated. So we were receiving SAML assertions without any data in the Subject.
Understanding where to look is the key. The audit.log file shows a general "failure". Then you look up corresponding activity details in the server.log file. Then you examine the corresponding SAML assertion in the log to determine what the problem was. The difficult part is noticing omissions in the data. That's harder for the eye/brain to catch imho.
It would be useful if we had an option for directing users to a custom page rather than a Ping-specific error page when this occurs.
I've inherited a BizTalk 2006 application that uses several SOAP ports to request data from a 3rd party web service. The web service is secured by "basic" authentication - username / password. After making a few enhancements to the application I deployed to an integration test server which has access to the 3rd party web service. The BizTalk app was unable to retrieve the data and I soon realised that I had forgotten to set the username / password on the SOAP send ports. I wanted the make deployment of the BizTalk app as automated as possible because I may not be present when it is deployed to the live server. I opened up the binding file, located the 1st of the problem SOAP send ports and looked for the * that BizTalk uses to replace the password - except that it doesn't! It seems that the password for SOAP ports is set to NULL rather than *, see here for more details:
http://msdn.microsoft.com/en-us/library/aa547319.aspx
I proceeded to update the binding but when I came to test, after importing my amended binding file, I found that I had the same problem as before. I've double checked and can confirm that the correct password is now present in the binding file but, although BizTalk doesn't complain during the import, when I run the app I get the following exception:
Details:"ArgumentNullException: String reference not set to an instance of a String.
Parameter name: s
".
If I then manually amend the password through the BizTalk admin console everything work fine.
Has anyone else had a similar problem with the bindings for a SOAP port - does anyone have a solution?
I've been bit by something like this in the past. The password is either put in as '****'. This is ok. I wouldn't want all of my secrets exported with the binding file. What does get you is when you export the bindings and you leave the password NULL. The Variable Type (vt) attribute on the XML element for the password is set to vt="1" which is the same as NULL. It won't matter what you put in for the password. It may even cause the error you described. I would suggest you include a copy of the binding XML for review.
I've never seen this problem before - I'm doing exactly what you are trying to do and it works perfectly.
I've included the <TransportTypeData> element from one of my BizTalk bindings that works. Hopefully having something to compare against helps.
<TransportTypeData>
<CustomProps>
<AuthenticationScheme vt="8">Basic</AuthenticationScheme>
<AssemblyName vt="8">WebService.ProxyClass, Version=1.0.0.0,
Culture=neutral, PublicKeyToken=xyz</AssemblyName>
<Username vt="8">soapUser</Username>
<UseProxy vt="11">0</UseProxy>
<UseSoap12 vt="11">0</UseSoap12><UsingOrchestration vt="11">0</UsingOrchestration>
<UseSSO vt="11">0</UseSSO>
<Password vt="8">MYPASSWORD</Password>
<ProxyPort vt="3">80</ProxyPort><AssemblyPath
vt="8">C:\ProxyClass\bin\Debug\ProxyClass.dll</AssemblyPath>
<TypeName vt="8">ProxyClass.Webservice.servicesService</TypeName>
<MethodName vt="8">PickupRequest</MethodName>
<UseHandlerSetting vt="11">-1</UseHandlerSetting>
</CustomProps>
</TransportTypeData>
I have published the BlazorApp1 app created by the VS2019 Blazor template to a production server. Since it is a sub-site, I made 3 changes:
in _Host.cshtml replaced the base tag with <base href="/BlazorApp1/" >
in Startup.cs added app.UsePathBase("/BlazorApp1")
in web.config, changed the hostingModel to outofprocess and stdoutLogEnabled to true
When navigating to the site I almost always get the following error:
Unhandled Exception Page must be reloaded
This is displayed in the browser console: (replaced my site with contoso)
[2020-06-02T18:39:49.445Z] Information: Normalizing '_blazor' to 'http://www.contoso.com/BlazorApp1/_blazor'. blazor.server.js:1:5212
[2020-06-02T18:39:49.936Z] Information: WebSocket connected to ws://www.contoso.com/BlazorApp1/_blazor?id=5yq6pI_jo1ByPZtskEjjmw. blazor.server.js:1:5212
[2020-06-02T18:39:50.132Z] Error: The circuit failed to initialize. blazor.server.js:15:27309
log http://www.contoso.com/BlazorApp1/_framework/blazor.server.js:15
C http://www.contoso.com/BlazorApp1/_framework/blazor.server.js:8
S http://www.contoso.com/BlazorApp1/_framework/blazor.server.js:8
invokeClientMethod http://www.contoso.com/BlazorApp1/_framework/blazor.server.js:1
invokeClientMethod .../BlazorApp1/_framework/blazor.server.js:1
processIncomingData .../BlazorApp1/_framework/blazor.server.js:1
onreceive .../BlazorApp1/_framework/blazor.server.js:1
onmessage .../BlazorApp1/_framework/blazor.server.js:1
[2020-06-02T18:39:50.141Z] Information: Connection disconnected. blazor.server.js:1:5212
Error: Invocation canceled due to the underlying connection being closed. blazor.server.js:1:20001
I can't find any other clues about what's happening. There are no exceptions shown in the log.
The problem was resolved by using only lowercase characters in the <base> tag:
<base href="/blazorapp1/" >
It has just happened to me as well, but I had the base tag specified correctly. This error can also occur in a rare case when you have ambiguous constructors defined for one of your dependency injected services if both match all the parameters (possibly by accident due to inheritance). The verbose log won't point to that issue. Be aware that purposeful creation of multiple constructors for dependency injected services is considered an anti-pattern.
For me it happened because I put an async call inside a constructor of a class in DI, so, yeah, that's a stupid error which can mean anything.