Hi Chaminda, On Tue, Jul 26, 2016 at 12:35 PM, Chaminda Jayawardena <[email protected]> wrote:
> Hi Rajith, > > This is worked when I used a keystore with 1024 keysize. I will verify > with 2048 bit keystore with the next release. > > I noticed following warning in the logs while server startup even though > the param exists. > > *[2016-07-26 12:22:12,199] WARN - PollTableEntry transport.vfs.FileURI > parameter is missing in the proxy service configuration* > As I remember this happens when trying to initialize transports in axis2.xml, which means this won't happen for proxy services(even if you don't have any vfs proxy, this will get printed if you enable vfs transport from axis2.xml) > > And when I put *"<parameter locked="false" > name="security.provider">BC</parameter>" *param in axis2.xml, getting > below exception[1] while server startup. Better to fix these two. > > And following information mentioned in the jira should be corrected. > When we use ciphertool for encryption, it is not needed to put > *security.provider* parameter either in axis2.xml or in the proxy > service. > I think this is expected behavior because if you won't use BC to encrypt username:password part then you can't use BC for decryption. Because you can't decrypt passwords with BC which are encrypted without BC. Thanks, > > *[1]* > *[2016-07-26 12:22:15,166] ERROR - VFSTransportListener Unexpected error > when configuring service StockQuoteProxy for the VFS transport. It will be > disabled for this transport and marked as faulty.* > *java.lang.IllegalArgumentException: Illegal group reference* > * at java.util.regex.Matcher.appendReplacement(Matcher.java:857)* > * at java.util.regex.Matcher.replaceFirst(Matcher.java:1004)* > * at > org.apache.synapse.transport.vfs.PollTableEntry.decryptIfRequired(PollTableEntry.java:701)* > * at > org.apache.synapse.transport.vfs.PollTableEntry.loadConfiguration(PollTableEntry.java:414)* > * at > org.apache.axis2.transport.base.AbstractTransportListenerEx.startListeningForService(AbstractTransportListenerEx.java:153)* > * at > org.apache.axis2.transport.base.AbstractTransportListener.internalStartListeningForService(AbstractTransportListener.java:213)* > * at > org.apache.axis2.transport.base.AbstractTransportListener$2.serviceAdded(AbstractTransportListener.java:126)* > * at > org.apache.axis2.transport.base.tracker.AxisServiceTracker.serviceAdded(AxisServiceTracker.java:212)* > * at > org.apache.axis2.transport.base.tracker.AxisServiceTracker.start(AxisServiceTracker.java:188)* > * at > org.apache.axis2.transport.base.AbstractTransportListener.start(AbstractTransportListener.java:178)* > * at > org.apache.axis2.transport.base.AbstractTransportListenerEx.start(AbstractTransportListenerEx.java:83)* > * at > org.apache.axis2.engine.ListenerManager.start(ListenerManager.java:168)* > * at > org.apache.axis2.engine.ListenerManager.startSystem(ListenerManager.java:186)* > * at > org.wso2.carbon.core.internal.StartupFinalizerServiceComponent.completeInitialization(StartupFinalizerServiceComponent.java:165)* > * at > org.wso2.carbon.core.internal.StartupFinalizerServiceComponent.serviceChanged(StartupFinalizerServiceComponent.java:288)* > * at > org.eclipse.osgi.internal.serviceregistry.FilteredServiceListener.serviceChanged(FilteredServiceListener.java:107)* > * at > org.eclipse.osgi.framework.internal.core.BundleContextImpl.dispatchEvent(BundleContextImpl.java:861)* > * at > org.eclipse.osgi.framework.eventmgr.EventManager.dispatchEvent(EventManager.java:230)* > * at > org.eclipse.osgi.framework.eventmgr.ListenerQueue.dispatchEventSynchronous(ListenerQueue.java:148)* > * at > org.eclipse.osgi.internal.serviceregistry.ServiceRegistry.publishServiceEventPrivileged(ServiceRegistry.java:819)* > * at > org.eclipse.osgi.internal.serviceregistry.ServiceRegistry.publishServiceEvent(ServiceRegistry.java:771)* > * at > org.eclipse.osgi.internal.serviceregistry.ServiceRegistrationImpl.register(ServiceRegistrationImpl.java:130)* > * at > org.eclipse.osgi.internal.serviceregistry.ServiceRegistry.registerService(ServiceRegistry.java:214)* > * at > org.eclipse.osgi.framework.internal.core.BundleContextImpl.registerService(BundleContextImpl.java:433)* > * at > org.eclipse.osgi.framework.internal.core.BundleContextImpl.registerService(BundleContextImpl.java:451)* > * at > org.wso2.carbon.throttling.agent.internal.ThrottlingAgentServiceComponent.registerThrottlingAgent(ThrottlingAgentServiceComponent.java:123)* > * at > org.wso2.carbon.throttling.agent.internal.ThrottlingAgentServiceComponent.activate(ThrottlingAgentServiceComponent.java:100)* > * at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)* > * at > sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)* > * at > sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)* > * at java.lang.reflect.Method.invoke(Method.java:483)* > * at > org.eclipse.equinox.internal.ds.model.ServiceComponent.activate(ServiceComponent.java:260)* > * at > org.eclipse.equinox.internal.ds.model.ServiceComponentProp.activate(ServiceComponentProp.java:146)* > * at > org.eclipse.equinox.internal.ds.model.ServiceComponentProp.build(ServiceComponentProp.java:345)* > * at > org.eclipse.equinox.internal.ds.InstanceProcess.buildComponent(InstanceProcess.java:620)* > * at > org.eclipse.equinox.internal.ds.InstanceProcess.buildComponents(InstanceProcess.java:197)* > * at > org.eclipse.equinox.internal.ds.Resolver.getEligible(Resolver.java:343)* > * at > org.eclipse.equinox.internal.ds.SCRManager.serviceChanged(SCRManager.java:222)* > * at > org.eclipse.osgi.internal.serviceregistry.FilteredServiceListener.serviceChanged(FilteredServiceListener.java:107)* > * at > org.eclipse.osgi.framework.internal.core.BundleContextImpl.dispatchEvent(BundleContextImpl.java:861)* > * at > org.eclipse.osgi.framework.eventmgr.EventManager.dispatchEvent(EventManager.java:230)* > * at > org.eclipse.osgi.framework.eventmgr.ListenerQueue.dispatchEventSynchronous(ListenerQueue.java:148)* > * at > org.eclipse.osgi.internal.serviceregistry.ServiceRegistry.publishServiceEventPrivileged(ServiceRegistry.java:819)* > * at > org.eclipse.osgi.internal.serviceregistry.ServiceRegistry.publishServiceEvent(ServiceRegistry.java:771)* > * at > org.eclipse.osgi.internal.serviceregistry.ServiceRegistrationImpl.register(ServiceRegistrationImpl.java:130)* > * at > org.eclipse.osgi.internal.serviceregistry.ServiceRegistry.registerService(ServiceRegistry.java:214)* > * at > org.eclipse.osgi.framework.internal.core.BundleContextImpl.registerService(BundleContextImpl.java:433)* > * at > org.eclipse.osgi.framework.internal.core.BundleContextImpl.registerService(BundleContextImpl.java:451)* > * at > org.wso2.carbon.core.init.CarbonServerManager.initializeCarbon(CarbonServerManager.java:514)* > * at > org.wso2.carbon.core.init.CarbonServerManager.start(CarbonServerManager.java:219)* > * at > org.wso2.carbon.core.internal.CarbonCoreServiceComponent.activate(CarbonCoreServiceComponent.java:94)* > * at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)* > * at > sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)* > * at > sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)* > * at java.lang.reflect.Method.invoke(Method.java:483)* > * at > org.eclipse.equinox.internal.ds.model.ServiceComponent.activate(ServiceComponent.java:260)* > * at > org.eclipse.equinox.internal.ds.model.ServiceComponentProp.activate(ServiceComponentProp.java:146)* > * at > org.eclipse.equinox.internal.ds.model.ServiceComponentProp.build(ServiceComponentProp.java:345)* > * at > org.eclipse.equinox.internal.ds.InstanceProcess.buildComponent(InstanceProcess.java:620)* > * at > org.eclipse.equinox.internal.ds.InstanceProcess.buildComponents(InstanceProcess.java:197)* > * at > org.eclipse.equinox.internal.ds.Resolver.getEligible(Resolver.java:343)* > * at > org.eclipse.equinox.internal.ds.SCRManager.serviceChanged(SCRManager.java:222)* > * at > org.eclipse.osgi.internal.serviceregistry.FilteredServiceListener.serviceChanged(FilteredServiceListener.java:107)* > * at > org.eclipse.osgi.framework.internal.core.BundleContextImpl.dispatchEvent(BundleContextImpl.java:861)* > * at > org.eclipse.osgi.framework.eventmgr.EventManager.dispatchEvent(EventManager.java:230)* > * at > org.eclipse.osgi.framework.eventmgr.ListenerQueue.dispatchEventSynchronous(ListenerQueue.java:148)* > * at > org.eclipse.osgi.internal.serviceregistry.ServiceRegistry.publishServiceEventPrivileged(ServiceRegistry.java:819)* > * at > org.eclipse.osgi.internal.serviceregistry.ServiceRegistry.publishServiceEvent(ServiceRegistry.java:771)* > * at > org.eclipse.osgi.internal.serviceregistry.ServiceRegistrationImpl.register(ServiceRegistrationImpl.java:130)* > * at > org.eclipse.osgi.internal.serviceregistry.ServiceRegistry.registerService(ServiceRegistry.java:214)* > * at > org.eclipse.osgi.framework.internal.core.BundleContextImpl.registerService(BundleContextImpl.java:433)* > * at > org.eclipse.equinox.http.servlet.internal.Activator.registerHttpService(Activator.java:81)* > * at > org.eclipse.equinox.http.servlet.internal.Activator.addProxyServlet(Activator.java:60)* > * at > org.eclipse.equinox.http.servlet.internal.ProxyServlet.init(ProxyServlet.java:40)* > * at > org.wso2.carbon.tomcat.ext.servlet.DelegationServlet.init(DelegationServlet.java:38)* > * at > org.apache.catalina.core.StandardWrapper.initServlet(StandardWrapper.java:1282)* > * at > org.apache.catalina.core.StandardWrapper.loadServlet(StandardWrapper.java:1195)* > * at > org.apache.catalina.core.StandardWrapper.load(StandardWrapper.java:1085)* > * at > org.apache.catalina.core.StandardContext.loadOnStartup(StandardContext.java:5318)* > * at > org.apache.catalina.core.StandardContext.startInternal(StandardContext.java:5610)* > * at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:147)* > * at > org.apache.catalina.core.ContainerBase$StartChild.call(ContainerBase.java:1572)* > * at > org.apache.catalina.core.ContainerBase$StartChild.call(ContainerBase.java:1562)* > * at java.util.concurrent.FutureTask.run(FutureTask.java:266)* > * at > java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)* > * at > java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)* > * at java.lang.Thread.run(Thread.java:745)* > > > > > On Sat, Jul 23, 2016 at 11:11 PM, Chaminda Jayawardena <[email protected]> > wrote: > >> Hi Rajith, >> >> I used a new keystore with 2048 of key size. And other configurations are >> as below. So then the problem is key size accoring to that. >> >> --encrypted "user:pass" as a whole >> --have provided decryption in axis2.xml >> >> On Fri, Jul 22, 2016 at 8:11 PM, Rajith Vitharana <[email protected]> >> wrote: >> >>> Hi Chaminda, >>> >>> Config level issues I can think of are as follows, >>> Have you encrypted "username:password" as a whole and provided in [1] or >>> separately encrypted them and added as colon separated value? >>> Have you provided same configs for decryption in axis2.xml >>> vfsTransportListner config? (For example if you use bouncycastle(BC) when >>> encrypting, then need to provide that for decryption as well) >>> Have you used a key with larger keystrength for encryption? (for example >>> 2048 key strength). If so there was a issue with that and already fixed >>> with [2] >>> >>> >>> [1] - {wso2:vault-decrypt('encryptedValue')} >>> [2] - https://wso2.org/jira/browse/ESBJAVA-4770 >>> >>> Thanks, >>> >>> On Fri, Jul 22, 2016 at 2:59 PM, Chaminda Jayawardena <[email protected] >>> > wrote: >>> >>>> Hi, >>>> >>>> I followed the steps in [1] and getting below exception[2] when proxy >>>> service is invoked. >>>> I manually encrypted the username:password using ciphertool.sh and used >>>> encrypted value in the proxy service as below. And also I could success >>>> when the same user:pass combination is not encrypted. >>>> Anything missed here or just a bug ? >>>> >>>> *<parameter >>>> name="transport.vfs.FileURI">smb://{wso2:vault-decrypt('encrypted_user:pass_from_ciphertool')}@localhost/share/test1</parameter>* >>>> >>>> [1] https://wso2.org/jira/browse/ESBJAVA-4679 >>>> [2] >>>> [2016-07-22 14:48:11,221] ERROR - VFSTransportListener Error checking >>>> for existence and readability : smb://@localhost/share/test1 >>>> org.apache.commons.vfs2.FileSystemException: Could not determine the >>>> type of file "smb://localhost/share/test1". >>>> at >>>> org.apache.commons.vfs2.provider.AbstractFileObject.attach(AbstractFileObject.java:1523) >>>> at >>>> org.apache.commons.vfs2.provider.AbstractFileObject.getType(AbstractFileObject.java:490) >>>> at >>>> org.apache.commons.vfs2.provider.AbstractFileObject.exists(AbstractFileObject.java:478) >>>> at >>>> org.apache.synapse.transport.vfs.VFSTransportListener.scanFileOrDirectory(VFSTransportListener.java:294) >>>> at >>>> org.apache.synapse.transport.vfs.VFSTransportListener.poll(VFSTransportListener.java:188) >>>> at >>>> org.apache.synapse.transport.vfs.VFSTransportListener.poll(VFSTransportListener.java:134) >>>> at >>>> org.apache.axis2.transport.base.AbstractPollingTransportListener$1$1.run(AbstractPollingTransportListener.java:67) >>>> at >>>> org.apache.axis2.transport.base.threads.NativeWorkerPool$1.run(NativeWorkerPool.java:172) >>>> at >>>> java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) >>>> at >>>> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) >>>> at java.lang.Thread.run(Thread.java:745) >>>> Caused by: jcifs.smb.SmbAuthException: Logon failure: unknown user name >>>> or bad password. >>>> at jcifs.smb.SmbSession.sessionSetup(SmbSession.java:406) >>>> at jcifs.smb.SmbSession.send(SmbSession.java:218) >>>> at jcifs.smb.SmbTree.treeConnect(SmbTree.java:176) >>>> at jcifs.smb.SmbFile.doConnect(SmbFile.java:911) >>>> at jcifs.smb.SmbFile.connect(SmbFile.java:954) >>>> at jcifs.smb.SmbFile.connect0(SmbFile.java:880) >>>> at jcifs.smb.SmbFile.queryPath(SmbFile.java:1335) >>>> at jcifs.smb.SmbFile.exists(SmbFile.java:1417) >>>> at jcifs.smb.SmbFile.isDirectory(SmbFile.java:1490) >>>> at >>>> org.apache.commons.vfs2.provider.smb.SmbFileObject.createSmbFile(SmbFileObject.java:119) >>>> at >>>> org.apache.commons.vfs2.provider.smb.SmbFileObject.doAttach(SmbFileObject.java:71) >>>> at >>>> org.apache.commons.vfs2.provider.AbstractFileObject.attach(AbstractFileObject.java:1506) >>>> ... 10 more >>>> >>>> >>>> >>>> >>>> -- >>>> Thanks & Regards >>>> >>>> *Chaminda Jayawardena* >>>> Senior Software Engineer - QA >>>> WSO2 Inc. - http://wso2.com >>>> +94-77-7725234 >>>> >>> >>> >>> >>> -- >>> Rajith Vitharana >>> >>> Senior Software Engineer, >>> WSO2 Inc. : wso2.com >>> Mobile : +94715883223 >>> Blog : http://lankavitharana.blogspot.com/ >>> <http://wso2.com/signature> >>> >> >> >> >> -- >> Thanks & Regards >> >> *Chaminda Jayawardena* >> Senior Software Engineer - QA >> WSO2 Inc. - http://wso2.com >> +94-77-7725234 >> > > > > -- > Thanks & Regards > > *Chaminda Jayawardena* > Senior Software Engineer - QA > WSO2 Inc. - http://wso2.com > +94-77-7725234 > -- Rajith Vitharana Senior Software Engineer, WSO2 Inc. : wso2.com Mobile : +94715883223 Blog : http://lankavitharana.blogspot.com/ <http://wso2.com/signature>
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
