I´m working with a backend service in AS 5.0.1, that it´s exposed to the outside using ESB 4.5.0 with a UT security policy. this proxy service use an entitlement mediator to validated the user authorization to access to this service, so I use the IS 4.0.0. This scenario work fine with previous wso2 product versions.
I implemented this scenario in my laptop with IS 3.2.3 and it work fine. now when I uploaded the configuration to the production servers I saw this error: NOTE: in the production servers I used two tenant for AS and ESB.
The error:
TID: [] [WSO2 Enterprise Service Bus] [2012-11-14 00:14:43,787] ERROR {org.wso2.carbon.identity.entitlement.mediator.EntitlementMediator} - org.apache.synapse.SynapseException: User name not provided for the Entitlement mediator - can't proceed {org.wso2.carbon.identity.entitlement.mediator.EntitlementMediator}
TID: [] [WSO2 Enterprise Service Bus] [2012-11-14 00:14:43,791] WARN {org.apache.synapse.FaultHandler} - ERROR_CODE : 0 {org.apache.synapse.FaultHandler}
TID: [] [WSO2 Enterprise Service Bus] [2012-11-14 00:14:43,791] WARN {org.apache.synapse.FaultHandler} - ERROR_MESSAGE : User name not provided for the Entitlement mediator - can't proceed {org.apache.synapse.FaultHandler}
TID: [] [WSO2 Enterprise Service Bus] [2012-11-14 00:14:43,791] WARN {org.apache.synapse.FaultHandler} - ERROR_DETAIL : org.apache.synapse.SynapseException: User name not provided for the Entitlement mediator - can't proceed
at org.wso2.carbon.identity.entitlement.mediator.EntitlementMediator.mediate(EntitlementMediator.java:135)
at org.apache.synapse.mediators.AbstractListMediator.mediate(AbstractListMediator.java:60)
at org.apache.synapse.mediators.base.SequenceMediator.mediate(SequenceMediator.java:114)
at org.apache.synapse.core.axis2.ProxyServiceMessageReceiver.receive(ProxyServiceMessageReceiver.java:144)
at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:181)
at org.wso2.carbon.core.multitenancy.MultitenantMessageReceiver.doSOAP(MultitenantMessageReceiver.java:233)
at org.wso2.carbon.core.multitenancy.MultitenantMessageReceiver.processRequest(MultitenantMessageReceiver.java:181)
at org.wso2.carbon.core.multitenancy.MultitenantMessageReceiver.receive(MultitenantMessageReceiver.java:77)
at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:181)
at org.apache.axis2.transport.http.HTTPTransportUtils.processHTTPPostRequest(HTTPTransportUtils.java:172)
at org.apache.synapse.transport.nhttp.ServerWorker.processEntityEnclosingMethod(ServerWorker.java:409)
at org.apache.synapse.transport.nhttp.ServerWorker.run(ServerWorker.java:261)
at org.apache.axis2.transport.base.threads.NativeWorkerPool$1.run(NativeWorkerPool.java:172)
at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(Unknown Source)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
{org.apache.synapse.FaultHandler}
TID: [] [WSO2 Enterprise Service Bus] [2012-11-14 00:14:43,792] WARN {org.apache.synapse.FaultHandler} - ERROR_EXCEPTION : org.apache.synapse.SynapseException: User name not provided for the Entitlement mediator - can't proceed {org.apache.synapse.FaultHandler}
TID: [] [WSO2 Enterprise Service Bus] [2012-11-14 00:14:43,793] WARN {org.apache.synapse.FaultHandler} - FaultHandler : org.apache.synapse.mediators.MediatorFaultHandler@563ac83c {org.apache.synapse.FaultHandler}
TID: [] [WSO2 Enterprise Service Bus] [2012-11-14 00:14:43,793] WARN {org.apache.synapse.mediators.MediatorFaultHandler} - Executing fault handler mediator : fault {org.apache.synapse.mediators.MediatorFaultHandler}
TID: [] [WSO2 Enterprise Service Bus] [2012-11-14 00:14:43,794] INFO {org.apache.synapse.mediators.builtin.LogMediator} - To: local://axis2services/Profesor_Proxy.Profesor_ProxyHttpsSoap11Endpoint, WSAction: http://cdae.uci.cu/servicios/Servicio_Profesor/obtenerDatosProfesor, SOAPAction: http://cdae.uci.cu/servicios/Servicio_Profesor/obtenerDatosProfesor, MessageID: urn:uuid:D4E74AEA911A3C697B1352870083848, Direction: request, Envelope: <?xml version='1.0' encoding='utf-8'?><soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:prof="http://cdae.uci.cu/schemas/Profesor"><soapenv:Header xmlns:wsa="http://www.w3.org/2005/08/addressing"><wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"><wsse:UsernameToken xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="UsernameToken-20"><wsse:Username>admin</wsse:Username><wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">*****</wsse:Password><wsse:Nonce EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary">Rs/AfaxxkrPr6FbTKaKUUg==</wsse:Nonce><wsu:Created>2012-11-14T05:14:46.624Z</wsu:Created></wsse:UsernameToken><wsu:Timestamp xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="Timestamp-19"><wsu:Created>2012-11-14T05:14:46.623Z</wsu:Created><wsu:Expires>2012-11-14T05:48:06.623Z</wsu:Expires></wsu:Timestamp></wsse:Security><wsa:Action>http://cdae.uci.cu/servicios/Servicio_Profesor/obtenerDatosProfesor</wsa:Action><wsa:MessageID>uuid:20a1b0e1-43f6-49ab-b523-8da4b36043ad</wsa:MessageID><wsa:To>https://server:8243/services/t/ptesisesb.cdae.uci.cu/Profesor_Proxy.Profesor_ProxyHttpsSoap11Endpoint</wsa:To></soapenv:Header><soapenv:Body>
<prof:obtenerDatosProfesor>
<prof:solapin>****</prof:solapin>
</prof:obtenerDatosProfesor>
</soapenv:Body></soapenv:Envelope> {org.apache.synapse.mediators.builtin.LogMediator}
my soap message:
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:prof="http://cdae.uci.cu/schemas/Profesor">
<soapenv:Header xmlns:wsa="http://www.w3.org/2005/08/addressing">
<wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<wsse:UsernameToken xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="UsernameToken-20">
<wsse:Username>admin</wsse:Username>
<wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">****</wsse:Password>
<wsse:Nonce EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary">Rs/AfaxxkrPr6FbTKaKUUg==</wsse:Nonce>
<wsu:Created>2012-11-14T05:14:46.624Z</wsu:Created>
</wsse:UsernameToken>
<wsu:Timestamp xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="Timestamp-19">
<wsu:Created>2012-11-14T05:14:46.623Z</wsu:Created>
<wsu:Expires>2012-11-14T05:48:06.623Z</wsu:Expires>
</wsu:Timestamp>
</wsse:Security>
<wsa:Action>http://cdae.uci.cu/servicios/Servicio_Profesor/obtenerDatosProfesor</wsa:Action>
<wsa:MessageID>uuid:20a1b0e1-43f6-49ab-b523-8da4b36043ad</wsa:MessageID>
<wsa:To>https://server:8243/services/t/ptesisesb.cdae.uci.cu/Profesor_Proxy.Profesor_ProxyHttpsSoap11Endpoint</wsa:To>
</soapenv:Header>
<soapenv:Body>
<prof:obtenerDatosProfesor>
<prof:solapin>*****</prof:solapin>
</prof:obtenerDatosProfesor>
</soapenv:Body>
</soapenv:Envelope>
my proxy service:
<proxy xmlns="http://ws.apache.org/ns/synapse" name="Profesor_Proxy" transports="https" statistics="enable" trace="enable" startOnLoad="true">
<target inSequence="conf:/secuenciasutiles/log_seguridad_mejorado" outSequence="conf:/gestion_tesis/servicioProfesor/secuencias/centralAssetsOUT" faultSequence="fault"/>
<publishWSDL key="conf:/gestion_tesis/servicioProfesor/wsdl/Servicio_Profesor1.wsdl"/>
<parameter name="addressingRequirementParameter">required</parameter>
<description></description>
</proxy>
and the sequence with the entitlement mediator inside:
<sequence xmlns="http://ws.apache.org/ns/synapse" onError="conf:/secuenciasutiles/falla_de_conexion">
<entitlementService remoteServiceUrl="https://server:9448/services/" remoteServiceUserName="admin" remoteServicePassword="*****" onReject="conf:/secuenciasutiles/log_cuando_no_pasa" onAccept="conf:/secuenciasutiles/log_cuando_pasa" advice=""/>
</sequence>
In this sequence I also see that the onAccept sequence disappear time to time.
What could be the problem? I use the UT policy and I see the username in the incoming message to the ESB.
I can fix this error but now I´m facing another one. I have the same configuration in different servers in one it work, in the another one not. in this particular case i see the request/response in the IS 4.0.0 with the Permit value so the entitlement work.
the error:
TID: [] [WSO2 Enterprise Service Bus] [2012-11-15 20:10:49,359] ERROR {org.apache.synapse.core.axis2.Axis2Sender} - Unexpected error during sending message out {org.apache.synapse.core.axis2.Axis2Sender}
org.apache.axis2.AxisFault: No user value in the rampart configuration policy
at org.apache.rampart.handler.RampartSender.invoke(RampartSender.java:117)
at org.apache.axis2.engine.Phase.invokeHandler(Phase.java:340)
at org.apache.axis2.engine.Phase.invoke(Phase.java:313)
at org.apache.axis2.engine.AxisEngine.invoke(AxisEngine.java:262)
at org.apache.axis2.engine.AxisEngine.send(AxisEngine.java:427)
at org.apache.synapse.core.axis2.DynamicAxisOperation$DynamicOperationClient.send(DynamicAxisOperation.java:193)
at org.apache.synapse.core.axis2.DynamicAxisOperation$DynamicOperationClient.executeImpl(DynamicAxisOperation.java:175)
at org.apache.axis2.client.OperationClient.execute(OperationClient.java:165)
at org.apache.synapse.core.axis2.Axis2FlexibleMEPClient.send(Axis2FlexibleMEPClient.java:445)
at org.apache.synapse.core.axis2.Axis2Sender.sendOn(Axis2Sender.java:57)
at org.apache.synapse.core.axis2.Axis2SynapseEnvironment.send(Axis2SynapseEnvironment.java:281)
at org.apache.synapse.endpoints.AbstractEndpoint.send(AbstractEndpoint.java:297)
at org.apache.synapse.endpoints.AddressEndpoint.send(AddressEndpoint.java:59)
at org.apache.synapse.core.axis2.ProxyServiceMessageReceiver.receive(ProxyServiceMessageReceiver.java:165)
at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:181)
at org.apache.axis2.transport.http.HTTPTransportUtils.processHTTPPostRequest(HTTPTransportUtils.java:172)
at org.apache.synapse.transport.nhttp.ServerWorker.processEntityEnclosingMethod(ServerWorker.java:409)
at org.apache.synapse.transport.nhttp.ServerWorker.run(ServerWorker.java:261)
at org.apache.axis2.transport.base.threads.NativeWorkerPool$1.run(NativeWorkerPool.java:172)
at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(Unknown Source)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
Caused by: org.apache.rampart.RampartException: No user value in the rampart configuration policy
at org.apache.rampart.builder.BindingBuilder.addUsernameToken(BindingBuilder.java:210)
at org.apache.rampart.builder.TransportBindingBuilder.build(TransportBindingBuilder.java:95)
at org.apache.rampart.MessageBuilder.build(MessageBuilder.java:140)
at org.apache.rampart.handler.RampartSender.invoke(RampartSender.java:106)
... 21 more
TID: [] [WSO2 Enterprise Service Bus] [2012-11-15 20:10:49,366] WARN {org.apache.synapse.FaultHandler} - ERROR_CODE : 0 {org.apache.synapse.FaultHandler}
TID: [] [WSO2 Enterprise Service Bus] [2012-11-15 20:10:49,367] WARN {org.apache.synapse.FaultHandler} - ERROR_MESSAGE : Unexpected error during sending message out {org.apache.synapse.FaultHandler}
TID: [] [WSO2 Enterprise Service Bus] [2012-11-15 20:10:49,367] WARN {org.apache.synapse.FaultHandler} - ERROR_DETAIL : org.apache.synapse.SynapseException: Unexpected error during sending message out
at org.apache.synapse.core.axis2.Axis2Sender.handleException(Axis2Sender.java:170)
at org.apache.synapse.core.axis2.Axis2Sender.sendOn(Axis2Sender.java:69)
at org.apache.synapse.core.axis2.Axis2SynapseEnvironment.send(Axis2SynapseEnvironment.java:281)
at org.apache.synapse.endpoints.AbstractEndpoint.send(AbstractEndpoint.java:297)
at org.apache.synapse.endpoints.AddressEndpoint.send(AddressEndpoint.java:59)
at org.apache.synapse.core.axis2.ProxyServiceMessageReceiver.receive(ProxyServiceMessageReceiver.java:165)
at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:181)
at org.apache.axis2.transport.http.HTTPTransportUtils.processHTTPPostRequest(HTTPTransportUtils.java:172)
at org.apache.synapse.transport.nhttp.ServerWorker.processEntityEnclosingMethod(ServerWorker.java:409)
at org.apache.synapse.transport.nhttp.ServerWorker.run(ServerWorker.java:261)
at org.apache.axis2.transport.base.threads.NativeWorkerPool$1.run(NativeWorkerPool.java:172)
at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(Unknown Source)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
Caused by: org.apache.axis2.AxisFault: No user value in the rampart configuration policy
at org.apache.rampart.handler.RampartSender.invoke(RampartSender.java:117)
at org.apache.axis2.engine.Phase.invokeHandler(Phase.java:340)
at org.apache.axis2.engine.Phase.invoke(Phase.java:313)
at org.apache.axis2.engine.AxisEngine.invoke(AxisEngine.java:262)
at org.apache.axis2.engine.AxisEngine.send(AxisEngine.java:427)
at org.apache.synapse.core.axis2.DynamicAxisOperation$DynamicOperationClient.send(DynamicAxisOperation.java:193)
at org.apache.synapse.core.axis2.DynamicAxisOperation$DynamicOperationClient.executeImpl(DynamicAxisOperation.java:175)
at org.apache.axis2.client.OperationClient.execute(OperationClient.java:165)
at org.apache.synapse.core.axis2.Axis2FlexibleMEPClient.send(Axis2FlexibleMEPClient.java:445)
at org.apache.synapse.core.axis2.Axis2Sender.sendOn(Axis2Sender.java:57)
... 12 more
Caused by: org.apache.rampart.RampartException: No user value in the rampart configuration policy
at org.apache.rampart.builder.BindingBuilder.addUsernameToken(BindingBuilder.java:210)
at org.apache.rampart.builder.TransportBindingBuilder.build(TransportBindingBuilder.java:95)
at org.apache.rampart.MessageBuilder.build(MessageBuilder.java:140)
at org.apache.rampart.handler.RampartSender.invoke(RampartSender.java:106)
... 21 more
{org.apache.synapse.FaultHandler}
TID: [] [WSO2 Enterprise Service Bus] [2012-11-15 20:10:49,368] WARN {org.apache.synapse.FaultHandler} - ERROR_EXCEPTION : org.apache.synapse.SynapseException: Unexpected error during sending message out {org.apache.synapse.FaultHandler}
TID: [] [WSO2 Enterprise Service Bus] [2012-11-15 20:10:49,368] WARN {org.apache.synapse.FaultHandler} - FaultHandler : Endpoint [conf/HelloServiceAS] {org.apache.synapse.FaultHandler}