I am waiting for Sandapas explanation..
On Wed, Jul 9, 2014 at 10:26 AM, Rukshani Weerasinha <[email protected]> wrote: > Hi, > > I tried applying basic authentication (UsernameToken security scenario) in > ESB 4.8.1 as well as ESB 4.6.0. It worked in both versions. So shall we > specify page [1] as the solution for Documentation-280 jira? > > [1] > http://docs.wso2.com/display/ESB481/Service-Level+Security+Implementation > > Best Regards, > Rukshani. > > > On Wed, Jul 9, 2014 at 8:43 AM, Dushan Abeyruwan <[email protected]> wrote: > >> Hi >> Regarding $subject any reason for workaround ? did we test 4.8.0 >> onwards, I tried with 4.9.0 pack and seems basic auth working for proxy. >> >> <proxy xmlns="http://ws.apache.org/ns/synapse"; >> name="EchoProxy" >> transports="https" >> statistics="disable" >> trace="disable" >> startOnLoad="true"> >> <target> >> <inSequence> >> <log/> >> <respond/> >> </inSequence> >> </target> >> <parameter name="ScenarioID">scenario1</parameter> >> <enableSec/> >> <policy >> key="conf:/repository/axis2/service-groups/EchoProxy/services/EchoProxy/policies/UTOverTransport"/> >> <description/> >> </proxy> >> >> >> Failure Invalid UN or PW >> ======================= >> >> HTTP/1.1 401 Unauthorized >> WWW-Authenticate: BASIC realm="WSO2 Enterprise Service Bus" >> Content-Type: application/json; charset=UTF-8 >> Date: Wed, 09 Jul 2014 03:10:00 GMT >> Transfer-Encoding: chunked >> Connection: Keep-Alive >> >> {"Fault":{"faultcode":"axis2ns2:FailedAuthentication","faultstring":"The >> security token could not be authenticated or authorized; nested exception >> is: \n\tjavax.security.auth.callback.UnsupportedCallbackException: Check >> failed : System error","detail":null}} >> >> >> [2014-07-09 08:36:53,042] DEBUG - headers http-incoming-4 >> POST >> /services/EchoProxy HTTP/1.1 >> [2014-07-09 08:36:53,042] DEBUG - headers http-incoming-4 >> >> Accept-Encoding: gzip,deflate >> [2014-07-09 08:36:53,043] DEBUG - headers http-incoming-4 >> >> Content-Type: application/json >> [2014-07-09 08:36:53,043] DEBUG - headers http-incoming-4 >> >> Content-Length: 1109 >> [2014-07-09 08:36:53,043] DEBUG - headers http-incoming-4 >> Host: >> kit:8243 >> [2014-07-09 08:36:53,043] DEBUG - headers http-incoming-4 >> Connection: >> Keep-Alive >> [2014-07-09 08:36:53,043] DEBUG - headers http-incoming-4 >> User-Agent: >> Apache-HttpClient/4.1.1 (java 1.5) >> [2014-07-09 08:36:53,045] DEBUG - headers http-incoming-4 << HTTP/1.1 401 >> Unauthorized >> [2014-07-09 08:36:53,046] DEBUG - headers http-incoming-4 << >> WWW-Authenticate: BASIC realm="WSO2 Enterprise Service Bus" >> [2014-07-09 08:36:53,046] DEBUG - headers http-incoming-4 << Date: Wed, >> 09 Jul 2014 03:06:53 GMT >> [2014-07-09 08:36:53,046] DEBUG - headers http-incoming-4 << >> Transfer-Encoding: chunked >> [2014-07-09 08:36:53,046] DEBUG - headers http-incoming-4 << Connection: >> Keep-Alive >> [2014-07-09 08:36:53,051] DEBUG - headers http-incoming-4 >> POST >> /services/EchoProxy HTTP/1.1 >> [2014-07-09 08:36:53,051] DEBUG - headers http-incoming-4 >> >> Accept-Encoding: gzip,deflate >> [2014-07-09 08:36:53,051] DEBUG - headers http-incoming-4 >> >> Content-Type: application/json >> [2014-07-09 08:36:53,051] DEBUG - headers http-incoming-4 >> >> Content-Length: 1109 >> [2014-07-09 08:36:53,052] DEBUG - headers http-incoming-4 >> Host: >> kit:8243 >> [2014-07-09 08:36:53,052] DEBUG - headers http-incoming-4 >> Connection: >> Keep-Alive >> [2014-07-09 08:36:53,053] DEBUG - headers http-incoming-4 >> User-Agent: >> Apache-HttpClient/4.1.1 (java 1.5) >> [2014-07-09 08:36:53,053] DEBUG - headers http-incoming-4 >> >> Authorization: Basic YWRtaW46YWRtaW4x >> [2014-07-09 08:36:53,064] ERROR - AxisEngine The security token could not >> be authenticated or authorized; nested exception is: >> javax.security.auth.callback.UnsupportedCallbackException: Check failed >> : System error >> org.apache.axis2.AxisFault: The security token could not be authenticated >> or authorized; nested exception is: >> javax.security.auth.callback.UnsupportedCallbackException: Check failed >> : System error >> at >> org.apache.rampart.handler.RampartReceiver.setFaultCodeAndThrowAxisFault(RampartReceiver.java:180) >> at >> org.apache.rampart.handler.RampartReceiver.invoke(RampartReceiver.java:95) >> at org.apache.axis2.engine.Phase.invokeHandler(Phase.java:340) >> at org.apache.axis2.engine.Phase.invoke(Phase.java:313) >> at org.apache.axis2.engine.AxisEngine.invoke(AxisEngine.java:261) >> at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:167) >> at >> org.apache.synapse.transport.passthru.ServerWorker.processNonEntityEnclosingRESTHandler(ServerWorker.java:344) >> at >> org.apache.synapse.transport.passthru.ServerWorker.processEntityEnclosingRequest(ServerWorker.java:385) >> at >> org.apache.synapse.transport.passthru.ServerWorker.run(ServerWorker.java:183) >> at >> org.apache.axis2.transport.base.threads.NativeWorkerPool$1.run(NativeWorkerPool.java:172) >> at >> java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:886) >> at >> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:908) >> at java.lang.Thread.run(Thread.java:662) >> Caused by: org.apache.ws.security.WSSecurityException: The security token >> could not be authenticated or authorized; nested exception is: >> javax.security.auth.callback.UnsupportedCallbackException: Check failed : >> System error >> at >> org.apache.ws.security.processor.UsernameTokenProcessor.handleUsernameToken(UsernameTokenProcessor.java:180) >> at >> org.apache.ws.security.processor.UsernameTokenProcessor.handleToken(UsernameTokenProcessor.java:61) >> at >> org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:332) >> at >> org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:249) >> at org.apache.rampart.RampartEngine.process(RampartEngine.java:214) >> at >> org.apache.rampart.handler.RampartReceiver.invoke(RampartReceiver.java:92) >> ... 11 more >> Caused by: javax.security.auth.callback.UnsupportedCallbackException: >> Check failed : System error >> at >> org.wso2.carbon.security.util.ServicePasswordCallbackHandler.handle(ServicePasswordCallbackHandler.java:117) >> at >> org.apache.rampart.TokenCallbackHandler.handle(TokenCallbackHandler.java:116) >> at >> org.apache.ws.security.processor.UsernameTokenProcessor.handleUsernameToken(UsernameTokenProcessor.java:168) >> ... 16 more >> [2014-07-09 08:36:53,066] ERROR - ServerWorker Error processing POST >> request for : /services/EchoProxy >> org.apache.axis2.AxisFault: The security token could not be authenticated >> or authorized; nested exception is: >> javax.security.auth.callback.UnsupportedCallbackException: Check failed >> : System error >> at >> org.apache.rampart.handler.RampartReceiver.setFaultCodeAndThrowAxisFault(RampartReceiver.java:180) >> at >> org.apache.rampart.handler.RampartReceiver.invoke(RampartReceiver.java:95) >> at org.apache.axis2.engine.Phase.invokeHandler(Phase.java:340) >> at org.apache.axis2.engine.Phase.invoke(Phase.java:313) >> at org.apache.axis2.engine.AxisEngine.invoke(AxisEngine.java:261) >> at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:167) >> at >> org.apache.synapse.transport.passthru.ServerWorker.processNonEntityEnclosingRESTHandler(ServerWorker.java:344) >> at >> org.apache.synapse.transport.passthru.ServerWorker.processEntityEnclosingRequest(ServerWorker.java:385) >> at >> org.apache.synapse.transport.passthru.ServerWorker.run(ServerWorker.java:183) >> at >> org.apache.axis2.transport.base.threads.NativeWorkerPool$1.run(NativeWorkerPool.java:172) >> at >> java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:886) >> at >> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:908) >> at java.lang.Thread.run(Thread.java:662) >> Caused by: org.apache.ws.security.WSSecurityException: The security token >> could not be authenticated or authorized; nested exception is: >> javax.security.auth.callback.UnsupportedCallbackException: Check failed : >> System error >> at >> org.apache.ws.security.processor.UsernameTokenProcessor.handleUsernameToken(UsernameTokenProcessor.java:180) >> at >> org.apache.ws.security.processor.UsernameTokenProcessor.handleToken(UsernameTokenProcessor.java:61) >> at >> org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:332) >> at >> org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:249) >> at org.apache.rampart.RampartEngine.process(RampartEngine.java:214) >> at >> org.apache.rampart.handler.RampartReceiver.invoke(RampartReceiver.java:92) >> ... 11 more >> Caused by: javax.security.auth.callback.UnsupportedCallbackException: >> Check failed : System error >> at >> org.wso2.carbon.security.util.ServicePasswordCallbackHandler.handle(ServicePasswordCallbackHandler.java:117) >> at >> org.apache.rampart.TokenCallbackHandler.handle(TokenCallbackHandler.java:116) >> at >> org.apache.ws.security.processor.UsernameTokenProcessor.handleUsernameToken(UsernameTokenProcessor.java:168) >> ... 16 more >> [2014-07-09 08:36:53,070] DEBUG - headers http-incoming-4 << HTTP/1.1 401 >> Unauthorized >> [2014-07-09 08:36:53,070] DEBUG - headers http-incoming-4 << >> WWW-Authenticate: BASIC realm="WSO2 Enterprise Service Bus" >> [2014-07-09 08:36:53,070] DEBUG - headers http-incoming-4 << >> Content-Type: application/json; charset=UTF-8 >> [2014-07-09 08:36:53,070] DEBUG - headers http-incoming-4 << Date: Wed, >> 09 Jul 2014 03:06:53 GMT >> [2014-07-09 08:36:53,070] DEBUG - headers http-incoming-4 << >> Transfer-Encoding: chunked >> [2014-07-09 08:36:53,070] DEBUG - headers http-incoming-4 << Connection: >> Keep-Alive >> >> success >> ========== >> >> HTTP/1.1 200 OK >> Authorization: Basic YWRtaW46YWRtaW4= >> Host: kit:8243 >> Accept-Encoding: gzip,deflate >> Content-Type: application/json; charset=UTF-8 >> Date: Wed, 09 Jul 2014 03:09:04 GMT >> Transfer-Encoding: chunked >> Connection: Keep-Alive >> >> >> [2014-07-09 08:39:04,912] DEBUG - headers http-incoming-5 >> POST >> /services/EchoProxy HTTP/1.1 >> [2014-07-09 08:39:04,912] DEBUG - headers http-incoming-5 >> >> Accept-Encoding: gzip,deflate >> [2014-07-09 08:39:04,912] DEBUG - headers http-incoming-5 >> >> Content-Type: application/json >> [2014-07-09 08:39:04,913] DEBUG - headers http-incoming-5 >> >> Content-Length: 1109 >> [2014-07-09 08:39:04,913] DEBUG - headers http-incoming-5 >> Host: >> kit:8243 >> [2014-07-09 08:39:04,913] DEBUG - headers http-incoming-5 >> Connection: >> Keep-Alive >> [2014-07-09 08:39:04,913] DEBUG - headers http-incoming-5 >> User-Agent: >> Apache-HttpClient/4.1.1 (java 1.5) >> [2014-07-09 08:39:04,917] DEBUG - headers http-incoming-5 << HTTP/1.1 401 >> Unauthorized >> [2014-07-09 08:39:04,917] DEBUG - headers http-incoming-5 << >> WWW-Authenticate: BASIC realm="WSO2 Enterprise Service Bus" >> [2014-07-09 08:39:04,917] DEBUG - headers http-incoming-5 << Date: Wed, >> 09 Jul 2014 03:09:04 GMT >> [2014-07-09 08:39:04,917] DEBUG - headers http-incoming-5 << >> Transfer-Encoding: chunked >> [2014-07-09 08:39:04,917] DEBUG - headers http-incoming-5 << Connection: >> Keep-Alive >> [2014-07-09 08:39:04,926] DEBUG - headers http-incoming-5 >> POST >> /services/EchoProxy HTTP/1.1 >> [2014-07-09 08:39:04,926] DEBUG - headers http-incoming-5 >> >> Accept-Encoding: gzip,deflate >> [2014-07-09 08:39:04,926] DEBUG - headers http-incoming-5 >> >> Content-Type: application/json >> [2014-07-09 08:39:04,927] DEBUG - headers http-incoming-5 >> >> Content-Length: 1109 >> [2014-07-09 08:39:04,927] DEBUG - headers http-incoming-5 >> Host: >> kit:8243 >> [2014-07-09 08:39:04,927] DEBUG - headers http-incoming-5 >> Connection: >> Keep-Alive >> [2014-07-09 08:39:04,927] DEBUG - headers http-incoming-5 >> User-Agent: >> Apache-HttpClient/4.1.1 (java 1.5) >> [2014-07-09 08:39:04,927] DEBUG - headers http-incoming-5 >> >> Authorization: Basic YWRtaW46YWRtaW4= >> [2014-07-09 08:39:05,170] INFO - LogMediator To: /services/EchoProxy, >> MessageID: urn:uuid:7ff37db2-8b0c-45df-ad7a-424c1abfdfb4, Direction: request >> [2014-07-09 08:39:05,175] DEBUG - headers http-incoming-5 << HTTP/1.1 200 >> OK >> [2014-07-09 08:39:05,175] DEBUG - headers http-incoming-5 << >> Authorization: Basic YWRtaW46YWRtaW4= >> [2014-07-09 08:39:05,175] DEBUG - headers http-incoming-5 << Host: >> kit:8243 >> [2014-07-09 08:39:05,175] DEBUG - headers http-incoming-5 << >> Accept-Encoding: gzip,deflate >> [2014-07-09 08:39:05,175] DEBUG - headers http-incoming-5 << >> Content-Type: application/json; charset=UTF-8 >> [2014-07-09 08:39:05,175] DEBUG - headers http-incoming-5 << Date: Wed, >> 09 Jul 2014 03:09:04 GMT >> [2014-07-09 08:39:05,175] DEBUG - headers http-incoming-5 << >> Transfer-Encoding: chunked >> [2014-07-09 08:39:05,175] DEBUG - headers http-incoming-5 << Connection: >> Keep-Alive >> >> >> -- >> Dushan Abeyruwan | Associate Tech Lead >> Integration Technologies Team >> PMC Member Apache Synpase >> WSO2 Inc. http://wso2.com/ >> Blog:http://dushansview.blogspot.com/ >> Mobile:(0094)713942042 >> >> >> _______________________________________________ >> Dev mailing list >> [email protected] >> http://wso2.org/cgi-bin/mailman/listinfo/dev >> >> > > > -- > Rukshani Weerasinha > > WSO2 Inc. > Web:http://wso2.com > Mobile: 0777 683 738 > > -- Dushan Abeyruwan | Associate Tech Lead Integration Technologies Team PMC Member Apache Synpase WSO2 Inc. http://wso2.com/ Blog:http://dushansview.blogspot.com/ Mobile:(0094)713942042
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
