I have a CRM application that is using spring integration framework to send out updates to other systems. Currently the integration is running thru JMS, in which an xml message is sent to a JBossMQ queue. This needs to change so that a .Net application can handle the events.
In looking thru the vendor documentation, I found one option is to use an HTTP Adapter, excerpt here
HTTP Adapter Configuration
Ensure that the spring-integration-http-2.2.0.RELEASE.jar file is located in the folder /webapps/WEB-INF/lib.
Add the namespace and schema for the file adapter in the simple-file.xml with the relevant details:
<xmlns:si-http="http://www.springframework.org/schema/integration/http"
http://www.springframework.org/schema/integration/http
http://www.springframework.org/schema/integration/http/spring-integration-http-2.2.xsd>
Add the http outbound channel adapter configuration as follows:
<si-http:outbound-channel-adapter channel="<application_event>" order="2" url="${ http.url }" http-method="POST">
<si-http:request-handler-advice-chain>
</si-http:request-handler-advice-chain>
</si-http:outbound-channel-adapter>
• Channel: Set this value to the location that messages are published.
• Order: This refers to the priority when multiple adapters are configured.
• URL: The setting http.url (http://bfs-product-30:9090/ecmsi/case-events) Within the integration.properties file refers to the location where messages will be pushed and which http inbound adapter is configured to receive the
messages.
• Http-method: This refers to methods through which data is sent to consumer. E.g. Get/post etc..
• Retry: This is done by using
the defCircuitBreakerAdvice bean.
After googling this morning I am sure what the requirements are for the http adapter, all examples appear to be within a spring web application.
Can I create a asp.net .ashx application that reads the xml from the request object.
Related
How can I authenticate with HTTP Basic, via the application server domain/secure realm, using a Session Bean published as a #WebService?
In a Web project one could use web.xml to map Roles to Groups, but I have no idea how to do it in a EJB-JAR project. I don't think it can be done with ejb-jar.xml.
Sample code, which works fine without the roles annotations:
#Stateless
#WebService(portName="RestrictedServicePort")
#DeclareRoles(value = "Administrators")
public class RestrictedServiceBean {
#RolesAllowed(value = "Administrators")
public String restrictedOperation() {
return "Secret information";
}
}
Error:
<faultstring>[EJB:010160]Security Violation: User: '<anonymous>' has insufficient permission to access EJB: type=<ejb>
Basic Credentials Header:
Authorization: Basic d2VibG9naWM6d2VsY29tZTE=
I suspect it must be done via vendor-specific configuration. I am using WebLogic 10.3.6, Java EE 5 / EJB 3.0.
Basic Auth via Policy
From the v10 docs:
A Web service can have zero or more WS-Policy files associated with
it. WS-Policy files follow the guidelines of the WS-Policy
specification. WebLogic Server uses WS-Policy files to specify the
details of the message-level security (digital signatures and
encryption) and reliable messaging capabilities of a Web service. You
can attach a WS-Policy file to a Web service endpoint, which means
that the policy assertions apply to all the operations of a Web
service endpoint. You can also attach a WS-Policy file to an
operation, which means that the policy assertions apply only to the
specific operation. In addition, you can attach a WS-Policy file to
the inbound or outbound SOAP message, or both.
It would appear you can attach a basic auth policy to your service:
<sp:TransportToken>
<wsp:Policy>
<sp:HttpBasicAuthentication/>
</wsp:Policy>
</sp:TransportToken>
You can apply this custom policy via the administrative console via the steps outlined here or you can consider referencing one of the Oracle-preconfigured policies.
Mapping Roles to Groups
The WebLogic (v12) documentation mentions the following when discussing usage of #RolesAllowed in an EJB:
You can also use the annotation to explicitly declare roles that are implicitly declared if you use the #RolesAllowed annotation on the class or a method of the class.
You create security roles in WebLogic Server using the Administration Console. For details, see "Manage Security Roles" in the Oracle WebLogic Server Administration Console Help.
The Manage Security Roles section continues on to discuss scoped roles.
You can then create a scoped role for a specific EJB that contains highly sensitive business logic. When you create a policy for the EJB, you can specify that only the scoped role can access the EJB.
More information on managing scoped roles is here.
Solved adding the role mapping as it is done in any web module, but using the proprietary weblogic-ejb-jar.xml, as follows:
<wls:security-role-assignment>
<wls:role-name>Administrators</wls:role-name>
<wls:principal-name>myweblogicgroup</wls:principal-name>
</wls:security-role-assignment>
The "myweblogicgroup" is the group created in the WebLogic security realm for which the system user used to authenticated to the web service is associated.
This link helped me.
We are currently using ETW to generate all application traces from our web tiers (ASP.NET MVC + WebApi). We want to extend our tracing to automatically record incoming HTTP requests, and outgoing HTTP requests (preferably without having to instrument all our API/MVC code).
Hence, was looking at built-in ETW providers either in IIS or in ASP.NET that I could leverage. Looked at the following ETW providers, and tried to collect traces using PerfView:
Microsoft-Windows-HttpEvent {7B6BC78C-898B-4170-BBF8-1A469EA43FC5}
Microsoft-Windows-HttpLog {C42A2738-2333-40A5-A32F-6ACC36449DCC}
Microsoft-Windows-HttpService {DD5EF90A-6398-47A4-AD34-4DCECDEF795F}
Microsoft-Windows-Runtime-Web-Http {41877CB4-11FC-4188-B590-712C143C881D}
Microsoft-Windows-Runtime-WebAPI {6BD96334-DC49-441A-B9C4-41425BA628D8}
ASP.NET Events {AFF081FE-0247-4275-9C4E-021F3DC1DA35}
Microsoft-Windows-IIS-APPHOSTSVC {CAC10856-9223-48FE-96BA-2A772274FB53}
Microsoft-Windows-IIS-Logging {7E8AD27F-B271-4EA2-A783-A47BDE29143B}
Microsoft-Windows-IIS-W3SVC {05448E22-93DE-4A7A-BBA5-92E27486A8BE}
I'm able to capture events from other processes (including .NET + Kernel, and our own custom traces), but nothing from the above providers.
What am I missing? How do I enable the built-in ASP.NET/IIS ETW providers? Are there other providers/events that would give me the ability to inspect the incoming & outgoing HTTP requests?
Platform: Running Windows 8.1/Windows Server 2012 R2 + ASP.NET 4.5 + IIS 8.5
Making a research myself and i'm able to collect incoming HTTP requests to my IIS Express service with ctrl.guid file containing only one provider (make sure you set 0xffff and 0x5 as flags):
{DD5EF90A-6398-47A4-AD34-4DCECDEF795F} 0xffffffff 5 Microsoft-Windows-HttpService
Deliver event has URL and application pool that will handle request "Clr4IntegratedAppPool{guid}" in my case.
Here are the list of events of ASP.NET, IIS and HTTP events I used.
aff081fe-0247-4275-9c4e-021f3dc1da35
ee799f41-cfa5-550b-bf2c-344747c1c668
de4649c9-15e8-4fea-9d85-1cdda520c334
de4649c9-15e8-4fea-9d85-1cdda520c334
aff081fe-0247-4275-9c4e-021f3dc1da35
06b94d9a-b15e-456e-a4ef-37c984a2cb4b
d55d3bc9-cba9-44df-827e-132d3a4596c2
a1c2040e-8840-4c31-ba11-9871031a19ea
3a2a4e84-4c21-4981-ae10-3fda0d9b0f83
23108b68-1b7e-43fa-94fb-ec3066805744
7b6bc78c-898b-4170-bbf8-1a469ea43fc5
dd5ef90a-6398-47a4-ad34-4dcecdef795f
cac10856-9223-48fe-96ba-2a772274fb53
ab29f35c-8531-42ff-810d-b8552d23bc92
bbb924b8-f415-4f57-aa45-1007f704c9b1
da9a85bb-563d-40fb-a164-8e982ea6844b
05448e22-93de-4a7a-bba5-92e27486a8be
90303b54-419d-4081-a683-6dbcb532f261
23108b68-1b7e-43fa-94fb-ec3066805744
670080d9-742a-4187-8d16-41143d1290bd
de4649c9-15e8-4fea-9d85-1cdda520c334
Edit:-
Here is a post on How I used these additional providers troubleshoot the request and response messages from IIS to external authentication providers.
View the http redirect and response message from an external authentication provider using ETW
I have a REST Service running in Tomcat server. I created this REST Service using Spring RESTTemplate. So is there a component in CAMEL to use this exposed Web service?
i have used http component. i am aware that we cannot use http component to expose a service. So please let me know which component to use.Here is a detailed description of the problem.
Service created in rest Template runs in a server which you can see in from part of camel code
i use camel to expose this service to another http service and the response of this service is the response from the other service.
so my camel code looks like this:
from("http://localhost:8080/rest/emp/dummy").to(http://anotherweservice.com")
I get this error.
Failed to create route route1: Route(route1)[[From[]] -> [process[com.routes..... because of uri must be specified and not empty
Have a look at http://camel.apache.org/how-to-use-camel-as-a-http-proxy-between-a-client-and-server.html.
Using the Jetty component, this looks as follows:
from("jetty:http://0.0.0.0:8080/myapp?matchOnUriPrefix=true")
.log("myapp: httpPath = ${header.CamelHttpPath}")
.to("jetty:http://localhost:8082/remoteapp?bridgeEndpoint=true&throwExceptionOnFailure=false")
In this example, the request is forwarded to another Jetty Camel endpoint:
from("jetty:http://0.0.0.0:8082/remoteapp?matchOnUriPrefix=true")
.log("remoteapp: httpPath = ${header.CamelHttpPath}")
.setBody(simple("${header.CamelHttpPath}"));
The HTTP path /hello/world is transfered to the endpoint, as can be seen when the service is invoked with http://localhost:8080/myapp/hello/world. In this case the body /hello/world is returned. And in the log it says:
INFO myapp: httpPath = /hello/world
INFO remoteapp: httpPath = /hello/world
I am reasonably experienced in BizTalk but new to the ESB Tool kit. We don't really have the need for an ESB solution as such but I would like to use the ESB Portal to display errors, modify messages and resubmit.
I have successfully, as far as I can tell, installed and configured the ESB tool kit correctly on my dev machine.
I have managed to send errors to the portal by enabling routing for failed messages and from within an Orchestration by creating a message thus: FaultMessage = Microsoft.Practices.ESB.ExceptionHandling.ExceptionMgmt.CreateFaultMessage();
The messages display correctly in the portal and on selecting 'Edit' I am given the option to resubmit via WCF OnRamp, SOAP OnRamp and HTTPReceive. This is where my problem starts. I have been using the WCF OnRamp to resubmit and on doing so I get a message:
This message has been successfully resubmitted
However on returning to the home screen of the portal I now have a new error for the Microsoft.Practices.ESB application:
There was a failure executing the receive pipeline: "Microsoft.Practices.ESB.Itinerary.Pipelines.ItinerarySelectReceiveXml, Microsoft.Practices.ESB.Itinerary.Pipelines, Version=2.1.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" Source: "ESB Itinerary Selector" Receive Port: "OnRamp.Itinerary" URI: "/ESB.ItineraryServices.WCF/ProcessItinerary.svc" Reason: Error 135008: The itinerary was not found in the repository.
I presume I need to configure something here, a resolver perhaps for my message but I, so far, have not been able to find a guide that will help me through this issue. Is there a walk through out there some where that shows the full end to end exception handling with ESB Portal? I have managed to find plenty of help with getting messages into it but not for configuring for resubmit. Thanks.
Coincidentally I was trying to make this work today as well...
If you set the Itinerary resolver connection string on the WCF OnRamp's receive pipeline component configuration to use ITINERARY-STATIC:\headerRequired=true; (instead of ITINERARY-STATIC:\headerRequired=false;), then you'll get the following message in the event viewer:
The itinerary name is required and was not provided
Meaning the Itinerary isn't present in the custom SOAP header.
I also traced the message going from the ESB.Portal using Fiddler (after turning off the Message security in both the ESB.Portal and the BizTalk receive location). No Itinerary custom SOAP header.
After going through the ESB.Portal code, I found the cause in MessageResubmitter.cs:
[Serializable]
public static class MessageResubmitter
{
/// <summary>
/// Submits an XML message to the WCF OnRamp. The URL of the WCF OnRamp is defined in the
/// portal web.config. Context properties are not resubmitted, they are expected to be
/// applied by the receiving pipeline.
/// </summary>
/// <param name="doc">The XML document to submit.</param>
/// <returns>True if the submission was successful, false if the submission failed.</returns>
public static bool ResubmitWCF(XmlDocument doc)
{
try
{
ProcessRequestClient onRamp = new ProcessRequestClient();
onRamp.SubmitRequest(**null**, doc.OuterXml);
return true;
}
catch (Exception)
{
return false;
}
}
The first argument of SubmitRequest is the Itinerary, which is set to null. This means the ESB.Portal does not resend the Itinerary as a custom SOAP header to BizTalk when you resubmit the message.
At the moment, I can think of the following options to make this work:
1) Create a (or modify the existing) generic WCF OnRamp to use the BRE to determine the Itinerary to be associated with the resubmitted message. This could however become complex, because you'll need to create your rules to be able to deal with any messages resubmitted from any step within your itineraries.
2) Modify the code of the ESB.Portal to be able to resend the Itinerary + current step as a Custom SOAP header.
I'm probably going for option 2.
The WCF OnRamp uses the ItinerarySelectReceiveXml pipeline this can be configured to point to an Itinerary or Business Rule and thus the message can be easily routed depending on its message type and content.
My issue now is that a third party got there before me on our installation so I am now looking into creating a new OnRamp and configuring the ESB portal to pick that up in its resubmit list.
We had a similar issue recently. While we were exporting our itineraries to a local database, and deploying them, the ESB would not be able to find the itineraries.
It turned out a consultant we had on site had modified the esb.config file in ESB Toolkit to look for itineraries on a server instead of the local machine.
So, if, like me, you are sure the itineraries are being exported to the right place and that they are deployed, modify the esb.config connection string.
<connectionStrings>
<add name="ItineraryDb" connectionString="Data Source=.;Initial Catalog=EsbItineraryDb;Integrated Security=True" providerName="System.Data.SqlClient" />
</connectionString>
I have created an .NET 3.5 web service application project that will be hosted under IIS 7.5 on a Windows Server 2008 R2 server.
I am able to consume the service from an ASP.NET application hosted on the same server and other server throughout our network without any issues. When another employee tries to consumes the service using the SOAP protocol, they receive the following error:
XML Parser failed at linenumber 0, lineposition 0, reason is: Access
is denied.
The authentication configuration is set to Integrated Windows Authentication and the consumer will need to provide a service account's credentials when trying to consumer the service.
Has anyone else experienced this issue and do they know how to resolve it?
UPDATE
After speaking with my co-worker and vendor's customer service regarding consuming my web service, they revealed there are limitations within their INVOKE SOAP step. According to the vendor:
The Invoke SOAP object cannot interpret WSDL's containing In/Out
parameters if the WSDL message definition contains identical part
names for the input an output messages and identical data types.
The web service API contain a method and output parameter that were the same name. If you look at the web service method in a browser, it had the following structure in the response:
<soap:Body>
<MyServiceResponse>
<MyServiceResponse>
<property>...
The question now....Is this a common behavior while using the SOAP protocol or is this just limited to how vendor's product parses the SOAP message?
This appears be a vendor-specific weakness, not a SOAP specification issue. They likely have a half-implemented SOAP stack.