Monday, August 28, 2017

Deploy WSO2 products with valid CA (Certificate Authority) signed certificate

This blog post will contain multiple posts as it is too long to have all the information in one post.

Part 1 - Creating a keystore and generating Certificate Signing Request (CSR)


When you are searching for the topic of this post or for the following exception on the internet with related to WSO2, you will come across following article from Amila Jayasekara [1]


 curl: (60) Peer certificate cannot be authenticated with known CA certificates  
 More details here: http://curl.haxx.se/docs/sslcerts.html  
 curl performs SSL certificate verification by default, using a "bundle"  
 of Certificate Authority (CA) public keys (CA certs). If the default  
 bundle file isn't adequate, you can specify an alternate file  
 using the --cacert option.  
 If this HTTPS server uses a certificate signed by a CA represented in  
 the bundle, the certificate verification probably failed due to a  
 problem with the certificate (it might be expired, or the name might  
 not match the domain name in the URL).  
 If you'd like to turn off curl's verification of the certificate, use  
 the -k (or --insecure) option.  


It is a great article from Amila and i followed the same some time back. However, I thought to share my experience on using easy UI tool for the same task.

When it comes to using CA (Certificate Authority) signed certificate in your production server, There are few steps to carry out.

First, you need to decide whether you are going to use your already existing and valid CA signed certificate or whether you are going to create new keystore and generate key pair and get them signed from a CA.

So here we are discussing both of those approaches.

1. Create a keystore and generate keypair and use them for configuring
2. Use existing keypair in default wso2 keystore

The tool which i am going to use here is Keystore Explorer. You can get it from [2]

Creating a keystore and keypair

Launch Keystore Explorer



Select Create a new key store


Choose KeyStore type as JKS and then save (CTRL + S). It will ask for password for keystore.

Note: When using WSO2 products, Key password and Keystore password should be same.


After setting the password, It will ask for the name for the keystore. You can provide any name and save it.


Once you saved it, Generate a key pair from the tools menu as bellow.

It will ask for the algorithm

It will ask for the other fields

You need to provide the host name as your CN when you configuring the name field by clicking on the icon in front of the name field as bellow.

then you have to confirm the information.


Now it will ask for the key alias, By default it will select the given CN name.


Provide a password for the key pair. As in the above given note When using WSO2 products, Key password and Keystore password should be same

Now we done with the process of generating the keypair.

Our next step is to create a Certificate Signing Request (CSR) from the above keypair

Creating a CSR (Certificate Signing Request)

By right clicking on the keypair , you can select the Generate CSR option. It will generate the CSR and ask for saving.



In my case it will generate it as myhostname.net.csr. When you open it with text editor, It will look like follows. This is the one you need to provide to the Certificate Authority (CA) to get it signed.



[1] http://wso2.com/library/knowledge-base/2011/08/adding-ca-certificate-authority-signed-certificate-wso2-products/
[2] http://keystore-explorer.org/

Tuesday, April 4, 2017

WSO2 Server Startup Taking a lot of time on Mac ??? Solved...

With MacOS Sierra, I was experiencing a huge delay in server start ups for WSO2 latest versions. They were like follows.


ServerVersionJava VersionStartup Time
WSO2 ESB4.8.11.7.0_8015 Seconds
WSO2 ESB5.0.01.7.0_8090 Seconds
WSO2 ESB5.0.01.8.0_10189 Seconds
API Manager1.7.01.7.0_8017 seconds
API Manager2.0.01.7.0_80166 seconds
API Manager2.0.01.8.0_101167 seconds


My Processing power was as bellow.



I was in really doubt, Why it took so much of time to start the server.  When researching on that i could locate following discussion [1]. It was really interesting , you can go through it and understand it.

The solution i did as int he above blog post, i added a mapping to the canonical 127.0.0.1 address of my macbook hostname to my /etc/hosts file as bellow.



Once i done that, My ESB 5.0.0 server startup was 13 seconds..  So it reduced from 90 --> 13 seconds... Amazing haa... :D

[1] https://thoeni.io/post/macos-sierra-java/

Wednesday, February 15, 2017

How to get all the default claims when using JWT - WSO2 API Manager

There are situations like we need to pass the enduser's attributes to the backend services when using WSO2 API Manager.  We can use Java Web Tokens (JWT) for that.

You can find the documentation for this in WSO2 site [1]

Here I am going to discuss on how we can get all default claims for JWT token since by just enabling the configuration EnableJWTGeneration it will not give you all claims. 

If you just enable above , the configuration will look like follows. 

   <JWTConfiguration>  
     <!-- Enable/Disable JWT generation. Default is false. -->  
     <EnableJWTGeneration>true</EnableJWTGeneration>  
     <!-- Name of the security context header to be added to the validated requests. -->  
     <JWTHeader>X-JWT-Assertion</JWTHeader>  
     <!-- Fully qualified name of the class that will retrieve additional user claims  
        to be appended to the JWT. If not specified no claims will be appended.If user wants to add all user claims in the  
        jwt token, he needs to enable this parameter.  
        The DefaultClaimsRetriever class adds user claims from the default carbon user store. -->  
     <!--ClaimsRetrieverImplClass>org.wso2.carbon.apimgt.impl.token.DefaultClaimsRetriever</ClaimsRetrieverImplClass-->  
     <!-- The dialectURI under which the claimURIs that need to be appended to the  
        JWT are defined. Not used with custom ClaimsRetriever implementations. The  
        same value is used in the keys for appending the default properties to the  
        JWT. -->  
     <!--ConsumerDialectURI>http://wso2.org/claims</ConsumerDialectURI-->  
     <!-- Signature algorithm. Accepts "SHA256withRSA" or "NONE". To disable signing explicitly specify "NONE". -->  
     <!--SignatureAlgorithm>SHA256withRSA</SignatureAlgorithm-->  
     <!-- This parameter specifies which implementation should be used for generating the Token. JWTGenerator is the  
         default implementation provided. -->  
     <JWTGeneratorImpl>org.wso2.carbon.apimgt.keymgt.token.JWTGenerator</JWTGeneratorImpl>  
     <!-- This parameter specifies which implementation should be used for generating the Token. For URL safe JWT  
        Token generation the implementation is provided in URLSafeJWTGenerator -->  
     <!--<JWTGeneratorImpl>org.wso2.carbon.apimgt.keymgt.token.URLSafeJWTGenerator</JWTGeneratorImpl>-->  
     <!-- Remove UserName from JWT Token -->  
     <!-- <RemoveUserNameFromJWTForApplicationToken>true</RemoveUserNameFromJWTForApplicationToken>-->  
   </JWTConfiguration>  


Then, By enabling wire logs[2], We can get the encrypted JWT Token as bellow when you invoke an API.


When we decode it, It will look like follows.



You can notice that, It is not showing the role claim. Basically, If you need to have all the default claims passed in this JWT token, You need to enable following two configurations in api-manager.xml



  <ClaimsRetrieverImplClass>org.wso2.carbon.apimgt.impl.token.DefaultClaimsRetriever</ClaimsRetrieverImplClass>  


 <ConsumerDialectURI>http://wso2.org/claims</ConsumerDialectURI>  

Once you enable them and restart the server, You will get the all the default claims in the token as bellow.



[1] https://docs.wso2.com/display/AM210/Passing+Enduser+Attributes+to+the+Backend+Using+JWT

[2] http://mytecheye.blogspot.com/2013/09/wso2-esb-all-about-wire-logs.html

Friday, October 14, 2016

Configure WSO2 products for Continuous JFR Recordings



Production systems are daily exposing to huge traffic and sometimes these production systems are not serving requests as expected. In those kind of scenarios, We need a way to figure out what went wrong in the past few hours.

With Java Flight Recorder, If we have already enabled it, It is very easy to figure out what went wrong with information on

  • Memory Usage
  • CPU Usage 
  • Thread Usage 
  • Etc.

In order to configure a WSO2 server to continuously record this information, You can change the startup script of wso2 server as follows.

For that, you need to open wso2server.sh file which is located in the bin directory of the WSO2 server and add following lines to it. 

 -XX:+UnlockCommercialFeatures \  
 -XX:+FlightRecorder \  
 -XX:FlightRecorderOptions=defaultrecording=true,disk=true,maxage=60m,repository=./tmp,dumponexit=true,dumponexitpath=./ \  

Once you add them, It will look like follows.
  -Dfile.encoding=UTF8 \   
  -XX:+UnlockCommercialFeatures \   
  -XX:+FlightRecorder \   
  -XX:FlightRecorderOptions=defaultrecording=true,disk=true,maxage=60m,repository=./tmp,dumponexit=true,dumponexitpath=./ \   
 org.wso2.carbon.bootstrap.Bootstrap $  

Then you can save it and restart the server. It will automatically, Dump records to the tmp directory in  your WSO2 server. 

Acquire Heap Dump of Java Process

When it comes to production troubleshooting with Java Servers, It is a main fact that we need to analyze the memory consumption.  Normally if we have configured following properties , It will automatically create the heap dump when there is an OutOfMemory exception.

 -XX:+HeapDumpOnOutOfMemoryError  
 -XX:HeapDumpPath=<path>  

There are some OOM exceptions which is not creating heap dump since it is not related to memory. You can understand on various OutOfMemory Exceptions in the article [1].


But, If you need to get a heap dump at a time which server is consuming memory but not yet throwing OOM Exception, You can use following command to do that.

Assuming that you have set JAVA_HOME and PID is the Process ID.

In a Linux based system.
 jmap -dump:format=b,file=./heap.hprof <PID>  

In a windows based system

 <JAVA_HOME>/bin/jmap -dump:format=b,file=c:\temp\heap.hprof <PID>  



Once you obtain the heap dump, You can analyze it using tools like MAT, VisualVM.



[1] https://docs.oracle.com/javase/8/docs/technotes/guides/troubleshoot/memleaks002.html

Friday, April 22, 2016

Applying security for ESB proxy services...


Security is a major factor we consider when it comes to each and every deployment. WSO2 Enterprise Service Bus also capable of securing services.

WSO2 ESB 4.8 or previous versions were having the capability of applying the security for a proxy service from Admin Console as in [1]

However, From ESB 4.9.0 , we can no longer apply security for a proxy service from Admin Console of the ESB. We need to use WSO2 Developer Studio version 3.8 for this requirement for ESB 4.9.0.


You can find the documentation on  applying security to ESB 4.9.0 based proxy service here[2].  However, i would like to add a small modification to the doc in [2] at the end.

After securing the proxy according to the document, We need to create the Composite Application Project and export the CAR file. When exporting the CAR file, by default the server role of the Registry project is being selected as GovernanceRegistry as in the bellow image.




When we deploy that CAR file in ESB, We are getting following exception [3] due to above Server Role.

In order to fix the problem, we need to change the server role to ESB as bellow since we are going to deploy it in ESB.






[1] https://docs.wso2.com/display/ESB481/Securing+Proxy+Services
[2] https://docs.wso2.com/display/ESB490/Applying+Security+to+a+Proxy+Service
[3]

 [2016-04-12 14:34:48,658] INFO - ApplicationManager Deploying Carbon Application : MySecondCarProject1_1.0.1.car...  
 [2016-04-12 14:34:48,669] INFO - EndpointDeployer Endpoint named 'SimpleStockQuote' has been deployed from file : /Users/shammi/wso2/Support-Issues/MOTOROLAMOBPROD-44/wso2esb-4.9.0/tmp/carbonapps/-1234/1460496888659MySecondCarProject1_1.0.1.car/SimpleStockQuote_1.0.0/SimpleStockQuote-1.0.0.xml  
 [2016-04-12 14:34:48,670] INFO - ProxyService Building Axis service for Proxy service : myTestProxy  
 [2016-04-12 14:34:48,671] WARN - SynapseConfigUtils Cannot convert null to a StreamSource  
 [2016-04-12 14:34:48,671] ERROR - ProxyServiceDeployer ProxyService Deployment from the file : /Users/shammi/wso2/Support-Issues/MOTOROLAMOBPROD-44/wso2esb-4.9.0/tmp/carbonapps/-1234/1460496888659MySecondCarProject1_1.0.1.car/myTestProxy_1.0.0/myTestProxy-1.0.0.xml : Failed.  
 org.apache.synapse.SynapseException: Cannot convert null to a StreamSource  
      at org.apache.synapse.config.SynapseConfigUtils.handleException(SynapseConfigUtils.java:578)  
      at org.apache.synapse.config.SynapseConfigUtils.getStreamSource(SynapseConfigUtils.java:79)  
      at org.apache.synapse.core.axis2.ProxyService.getPolicyFromKey(ProxyService.java:822)  
      at org.apache.synapse.core.axis2.ProxyService.buildAxisService(ProxyService.java:608)  
      at org.apache.synapse.deployers.ProxyServiceDeployer.deploySynapseArtifact(ProxyServiceDeployer.java:80)  
      at org.wso2.carbon.proxyadmin.ProxyServiceDeployer.deploySynapseArtifact(ProxyServiceDeployer.java:46)  
      at org.apache.synapse.deployers.AbstractSynapseArtifactDeployer.deploy(AbstractSynapseArtifactDeployer.java:194)  
      at org.wso2.carbon.application.deployer.synapse.SynapseAppDeployer.deployArtifacts(SynapseAppDeployer.java:130)  
      at org.wso2.carbon.application.deployer.internal.ApplicationManager.deployCarbonApp(ApplicationManager.java:263)  
      at org.wso2.carbon.application.deployer.CappAxis2Deployer.deploy(CappAxis2Deployer.java:72)  
      at org.apache.axis2.deployment.repository.util.DeploymentFileData.deploy(DeploymentFileData.java:136)  
      at org.apache.axis2.deployment.DeploymentEngine.doDeploy(DeploymentEngine.java:807)  
      at org.apache.axis2.deployment.repository.util.WSInfoList.update(WSInfoList.java:144)  
      at org.apache.axis2.deployment.RepositoryListener.update(RepositoryListener.java:377)  
      at org.apache.axis2.deployment.RepositoryListener.checkServices(RepositoryListener.java:254)  
      at org.apache.axis2.deployment.RepositoryListener.startListener(RepositoryListener.java:371)  
      at org.apache.axis2.deployment.scheduler.SchedulerTask.checkRepository(SchedulerTask.java:59)  
      at org.apache.axis2.deployment.scheduler.SchedulerTask.run(SchedulerTask.java:67)  
      at org.wso2.carbon.core.deployment.CarbonDeploymentSchedulerTask.runAxisDeployment(CarbonDeploymentSchedulerTask.java:93)  
      at org.wso2.carbon.core.deployment.CarbonDeploymentSchedulerTask.run(CarbonDeploymentSchedulerTask.java:138)  
      at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:471)  
      at java.util.concurrent.FutureTask.runAndReset(FutureTask.java:304)  
      at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.access$301(ScheduledThreadPoolExecutor.java:178)  
      at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.run(ScheduledThreadPoolExecutor.java:293)  
      at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)  
      at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)  
      at java.lang.Thread.run(Thread.java:745)  
 [2016-04-12 14:34:48,672] ERROR - AbstractSynapseArtifactDeployer Deployment of the Synapse Artifact from file : /Users/shammi/wso2/Support-Issues/MOTOROLAMOBPROD-44/wso2esb-4.9.0/tmp/carbonapps/-1234/1460496888659MySecondCarProject1_1.0.1.car/myTestProxy_1.0.0/myTestProxy-1.0.0.xml : Failed!  
 org.apache.synapse.deployers.SynapseArtifactDeploymentException: ProxyService Deployment from the file : /Users/shammi/wso2/Support-Issues/MOTOROLAMOBPROD-44/wso2esb-4.9.0/tmp/carbonapps/-1234/1460496888659MySecondCarProject1_1.0.1.car/myTestProxy_1.0.0/myTestProxy-1.0.0.xml : Failed.  
      at org.apache.synapse.deployers.AbstractSynapseArtifactDeployer.handleSynapseArtifactDeploymentError(AbstractSynapseArtifactDeployer.java:475)  
      at org.apache.synapse.deployers.ProxyServiceDeployer.deploySynapseArtifact(ProxyServiceDeployer.java:112)  
      at org.wso2.carbon.proxyadmin.ProxyServiceDeployer.deploySynapseArtifact(ProxyServiceDeployer.java:46)  
      at org.apache.synapse.deployers.AbstractSynapseArtifactDeployer.deploy(AbstractSynapseArtifactDeployer.java:194)  
      at org.wso2.carbon.application.deployer.synapse.SynapseAppDeployer.deployArtifacts(SynapseAppDeployer.java:130)  
      at org.wso2.carbon.application.deployer.internal.ApplicationManager.deployCarbonApp(ApplicationManager.java:263)  
      at org.wso2.carbon.application.deployer.CappAxis2Deployer.deploy(CappAxis2Deployer.java:72)  
      at org.apache.axis2.deployment.repository.util.DeploymentFileData.deploy(DeploymentFileData.java:136)  
      at org.apache.axis2.deployment.DeploymentEngine.doDeploy(DeploymentEngine.java:807)  
      at org.apache.axis2.deployment.repository.util.WSInfoList.update(WSInfoList.java:144)  
      at org.apache.axis2.deployment.RepositoryListener.update(RepositoryListener.java:377)  
      at org.apache.axis2.deployment.RepositoryListener.checkServices(RepositoryListener.java:254)  
      at org.apache.axis2.deployment.RepositoryListener.startListener(RepositoryListener.java:371)  
      at org.apache.axis2.deployment.scheduler.SchedulerTask.checkRepository(SchedulerTask.java:59)  
      at org.apache.axis2.deployment.scheduler.SchedulerTask.run(SchedulerTask.java:67)  
      at org.wso2.carbon.core.deployment.CarbonDeploymentSchedulerTask.runAxisDeployment(CarbonDeploymentSchedulerTask.java:93)  
      at org.wso2.carbon.core.deployment.CarbonDeploymentSchedulerTask.run(CarbonDeploymentSchedulerTask.java:138)  
      at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:471)  
      at java.util.concurrent.FutureTask.runAndReset(FutureTask.java:304)  
      at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.access$301(ScheduledThreadPoolExecutor.java:178)  
      at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.run(ScheduledThreadPoolExecutor.java:293)  
      at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)  
      at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)  
      at java.lang.Thread.run(Thread.java:745)  
 Caused by: org.apache.synapse.SynapseException: Cannot convert null to a StreamSource  
      at org.apache.synapse.config.SynapseConfigUtils.handleException(SynapseConfigUtils.java:578)  
      at org.apache.synapse.config.SynapseConfigUtils.getStreamSource(SynapseConfigUtils.java:79)  
      at org.apache.synapse.core.axis2.ProxyService.getPolicyFromKey(ProxyService.java:822)  
      at org.apache.synapse.core.axis2.ProxyService.buildAxisService(ProxyService.java:608)  
      at org.apache.synapse.deployers.ProxyServiceDeployer.deploySynapseArtifact(ProxyServiceDeployer.java:80)  
      ... 22 more  
 [2016-04-12 14:34:48,673] INFO - AbstractSynapseArtifactDeployer The file has been backed up into : NO_BACKUP_ON_WORKER.INFO  
 [2016-04-12 14:34:48,673] ERROR - AbstractSynapseArtifactDeployer Deployment of synapse artifact failed. Error reading /Users/shammi/wso2/Support-Issues/MOTOROLAMOBPROD-44/wso2esb-4.9.0/tmp/carbonapps/-1234/1460496888659MySecondCarProject1_1.0.1.car/myTestProxy_1.0.0/myTestProxy-1.0.0.xml : ProxyService Deployment from the file : /Users/shammi/wso2/Support-Issues/MOTOROLAMOBPROD-44/wso2esb-4.9.0/tmp/carbonapps/-1234/1460496888659MySecondCarProject1_1.0.1.car/myTestProxy_1.0.0/myTestProxy-1.0.0.xml : Failed.  
 org.apache.axis2.deployment.DeploymentException: ProxyService Deployment from the file : /Users/shammi/wso2/Support-Issues/MOTOROLAMOBPROD-44/wso2esb-4.9.0/tmp/carbonapps/-1234/1460496888659MySecondCarProject1_1.0.1.car/myTestProxy_1.0.0/myTestProxy-1.0.0.xml : Failed.  
      at org.apache.synapse.deployers.AbstractSynapseArtifactDeployer.deploy(AbstractSynapseArtifactDeployer.java:201)  
      at org.wso2.carbon.application.deployer.synapse.SynapseAppDeployer.deployArtifacts(SynapseAppDeployer.java:130)  
      at org.wso2.carbon.application.deployer.internal.ApplicationManager.deployCarbonApp(ApplicationManager.java:263)  
      at org.wso2.carbon.application.deployer.CappAxis2Deployer.deploy(CappAxis2Deployer.java:72)  
      at org.apache.axis2.deployment.repository.util.DeploymentFileData.deploy(DeploymentFileData.java:136)  
      at org.apache.axis2.deployment.DeploymentEngine.doDeploy(DeploymentEngine.java:807)  
      at org.apache.axis2.deployment.repository.util.WSInfoList.update(WSInfoList.java:144)  
      at org.apache.axis2.deployment.RepositoryListener.update(RepositoryListener.java:377)  
      at org.apache.axis2.deployment.RepositoryListener.checkServices(RepositoryListener.java:254)  
      at org.apache.axis2.deployment.RepositoryListener.startListener(RepositoryListener.java:371)  
      at org.apache.axis2.deployment.scheduler.SchedulerTask.checkRepository(SchedulerTask.java:59)  
      at org.apache.axis2.deployment.scheduler.SchedulerTask.run(SchedulerTask.java:67)  
      at org.wso2.carbon.core.deployment.CarbonDeploymentSchedulerTask.runAxisDeployment(CarbonDeploymentSchedulerTask.java:93)  
      at org.wso2.carbon.core.deployment.CarbonDeploymentSchedulerTask.run(CarbonDeploymentSchedulerTask.java:138)  
      at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:471)  
      at java.util.concurrent.FutureTask.runAndReset(FutureTask.java:304)  
      at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.access$301(ScheduledThreadPoolExecutor.java:178)  
      at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.run(ScheduledThreadPoolExecutor.java:293)  
      at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)  
      at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)  
      at java.lang.Thread.run(Thread.java:745)  
 Caused by: org.apache.synapse.deployers.SynapseArtifactDeploymentException: ProxyService Deployment from the file : /Users/shammi/wso2/Support-Issues/MOTOROLAMOBPROD-44/wso2esb-4.9.0/tmp/carbonapps/-1234/1460496888659MySecondCarProject1_1.0.1.car/myTestProxy_1.0.0/myTestProxy-1.0.0.xml : Failed.  
      at org.apache.synapse.deployers.AbstractSynapseArtifactDeployer.handleSynapseArtifactDeploymentError(AbstractSynapseArtifactDeployer.java:475)  
      at org.apache.synapse.deployers.ProxyServiceDeployer.deploySynapseArtifact(ProxyServiceDeployer.java:112)  
      at org.wso2.carbon.proxyadmin.ProxyServiceDeployer.deploySynapseArtifact(ProxyServiceDeployer.java:46)  
      at org.apache.synapse.deployers.AbstractSynapseArtifactDeployer.deploy(AbstractSynapseArtifactDeployer.java:194)  
      ... 20 more  
 Caused by: org.apache.synapse.SynapseException: Cannot convert null to a StreamSource  
      at org.apache.synapse.config.SynapseConfigUtils.handleException(SynapseConfigUtils.java:578)  
      at org.apache.synapse.config.SynapseConfigUtils.getStreamSource(SynapseConfigUtils.java:79)  
      at org.apache.synapse.core.axis2.ProxyService.getPolicyFromKey(ProxyService.java:822)  
      at org.apache.synapse.core.axis2.ProxyService.buildAxisService(ProxyService.java:608)  
      at org.apache.synapse.deployers.ProxyServiceDeployer.deploySynapseArtifact(ProxyServiceDeployer.java:80)  
      ... 22 more  
 [2016-04-12 14:34:48,674] ERROR - ApplicationManager Error occurred while deploying Carbon Application  
 org.apache.axis2.deployment.DeploymentException: ProxyService Deployment from the file : /Users/shammi/wso2/Support-Issues/MOTOROLAMOBPROD-44/wso2esb-4.9.0/tmp/carbonapps/-1234/1460496888659MySecondCarProject1_1.0.1.car/myTestProxy_1.0.0/myTestProxy-1.0.0.xml : Failed.  
      at org.apache.synapse.deployers.AbstractSynapseArtifactDeployer.deploy(AbstractSynapseArtifactDeployer.java:213)  
      at org.wso2.carbon.application.deployer.synapse.SynapseAppDeployer.deployArtifacts(SynapseAppDeployer.java:130)  
      at org.wso2.carbon.application.deployer.internal.ApplicationManager.deployCarbonApp(ApplicationManager.java:263)  
      at org.wso2.carbon.application.deployer.CappAxis2Deployer.deploy(CappAxis2Deployer.java:72)  
      at org.apache.axis2.deployment.repository.util.DeploymentFileData.deploy(DeploymentFileData.java:136)  
      at org.apache.axis2.deployment.DeploymentEngine.doDeploy(DeploymentEngine.java:807)  
      at org.apache.axis2.deployment.repository.util.WSInfoList.update(WSInfoList.java:144)  
      at org.apache.axis2.deployment.RepositoryListener.update(RepositoryListener.java:377)  
      at org.apache.axis2.deployment.RepositoryListener.checkServices(RepositoryListener.java:254)  
      at org.apache.axis2.deployment.RepositoryListener.startListener(RepositoryListener.java:371)  
      at org.apache.axis2.deployment.scheduler.SchedulerTask.checkRepository(SchedulerTask.java:59)  
      at org.apache.axis2.deployment.scheduler.SchedulerTask.run(SchedulerTask.java:67)  
      at org.wso2.carbon.core.deployment.CarbonDeploymentSchedulerTask.runAxisDeployment(CarbonDeploymentSchedulerTask.java:93)  
      at org.wso2.carbon.core.deployment.CarbonDeploymentSchedulerTask.run(CarbonDeploymentSchedulerTask.java:138)  
      at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:471)  
      at java.util.concurrent.FutureTask.runAndReset(FutureTask.java:304)  
      at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.access$301(ScheduledThreadPoolExecutor.java:178)  
      at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.run(ScheduledThreadPoolExecutor.java:293)  
      at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)  
      at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)  
      at java.lang.Thread.run(Thread.java:745)  
 Caused by: org.apache.axis2.deployment.DeploymentException: ProxyService Deployment from the file : /Users/shammi/wso2/Support-Issues/MOTOROLAMOBPROD-44/wso2esb-4.9.0/tmp/carbonapps/-1234/1460496888659MySecondCarProject1_1.0.1.car/myTestProxy_1.0.0/myTestProxy-1.0.0.xml : Failed.  
      at org.apache.synapse.deployers.AbstractSynapseArtifactDeployer.deploy(AbstractSynapseArtifactDeployer.java:201)  
      ... 20 more  
 Caused by: org.apache.synapse.deployers.SynapseArtifactDeploymentException: ProxyService Deployment from the file : /Users/shammi/wso2/Support-Issues/MOTOROLAMOBPROD-44/wso2esb-4.9.0/tmp/carbonapps/-1234/1460496888659MySecondCarProject1_1.0.1.car/myTestProxy_1.0.0/myTestProxy-1.0.0.xml : Failed.  
      at org.apache.synapse.deployers.AbstractSynapseArtifactDeployer.handleSynapseArtifactDeploymentError(AbstractSynapseArtifactDeployer.java:475)  
      at org.apache.synapse.deployers.ProxyServiceDeployer.deploySynapseArtifact(ProxyServiceDeployer.java:112)  
      at org.wso2.carbon.proxyadmin.ProxyServiceDeployer.deploySynapseArtifact(ProxyServiceDeployer.java:46)  
      at org.apache.synapse.deployers.AbstractSynapseArtifactDeployer.deploy(AbstractSynapseArtifactDeployer.java:194)  
      ... 20 more  
 Caused by: org.apache.synapse.SynapseException: Cannot convert null to a StreamSource  
      at org.apache.synapse.config.SynapseConfigUtils.handleException(SynapseConfigUtils.java:578)  
      at org.apache.synapse.config.SynapseConfigUtils.getStreamSource(SynapseConfigUtils.java:79)  
      at org.apache.synapse.core.axis2.ProxyService.getPolicyFromKey(ProxyService.java:822)  
      at org.apache.synapse.core.axis2.ProxyService.buildAxisService(ProxyService.java:608)  
      at org.apache.synapse.deployers.ProxyServiceDeployer.deploySynapseArtifact(ProxyServiceDeployer.java:80)  
      ... 22 more  



Thursday, April 14, 2016

How to get the Client's IP Address in WSO2 API Manager/ WSO2 ESB

Middleware solutions are designed to communicate with multiple parties and most of them are integrations. While integration different systems, It is required to validate the requests and collect statistics. When it comes to collecting statistics, Client's / Request Originator's IP Address plays a vital role.

In order to publish the client's IP to the stat collector, We need to extract the client's IP from the request received to the server.

When the deployment contains WSO2 API Manager or WSO2 Enterprise Service Bus, We can obtain the client's IP address using a property mediator in the InSequence.

If the deployment has a Load Balancer in front of ESB/APIManager, We can use X-Forwarded-For Header property as explained in the blog post of Firzhan.

In a deployment which doest not has Load Balancer in front of WSO2 ESB / API Manager, We can use REMOTE_ADDR to obtain the client's IP Address.

We can extract it as follows with using a property mediator.


 <property name="api.ut.REMOTE_ADDR"
                            expression="get-property('axis2','REMOTE_ADDR')"/&gt

Then we can use it in the sequence. As an example, if we extract the IP Address as above and log it, synapse configuration for it will look like bellow.


<property name="api.ut.REMOTE_ADDR"
                            expression="get-property('axis2','REMOTE_ADDR')"/>
                  <log level="full">
                     <property name="Actual Remote Address"
                               expression="get-property('api.ut.REMOTE_ADDR')"/>
                  </log>

You can use this in the InSequence of ESB or API Manager to obtain the client's IP Address.