Re: [Dev] Error with Secured/Encrypted VFS Transport Credentials on ESB500Beta2

2016-07-26 Thread Rajith Vitharana 
Hi Chaminda,

On Tue, Jul 26, 2016 at 12:35 PM, Chaminda Jayawardena 
wrote:

> Hi Rajith,
>
> This is worked when I used a keystore with 1024 keysize. I will verify
> with 2048 bit keystore with the next release.
>
> I noticed following warning in the logs while server startup even though
> the param exists.
>
> *[2016-07-26 12:22:12,199]  WARN - PollTableEntry transport.vfs.FileURI
> parameter is missing in the proxy service configuration*
>
As I remember this happens when trying to initialize transports in
axis2.xml, which means this won't happen for proxy services(even if you
don't have any vfs proxy, this will get printed if you enable vfs transport
from axis2.xml)

>
> And when I put *" name="security.provider">BC" *param in axis2.xml, getting
> below exception[1] while server startup. Better to fix these two.
>
> And following information mentioned in the jira should be corrected.
> When we use ciphertool for encryption, it is not needed to put
> *security.provider*  parameter either in axis2.xml or in the proxy
> service.
>
I think this is expected behavior because if you won't use BC to encrypt
username:password part then you can't use BC for decryption. Because you
can't decrypt passwords with BC which are encrypted without BC.

Thanks,

>
> *[1]*
> *[2016-07-26 12:22:15,166] ERROR - VFSTransportListener Unexpected error
> when configuring service StockQuoteProxy for the VFS transport. It will be
> disabled for this transport and marked as faulty.*
> *java.lang.IllegalArgumentException: Illegal group reference*
> * at java.util.regex.Matcher.appendReplacement(Matcher.java:857)*
> * at java.util.regex.Matcher.replaceFirst(Matcher.java:1004)*
> * at
> org.apache.synapse.transport.vfs.PollTableEntry.decryptIfRequired(PollTableEntry.java:701)*
> * at
> org.apache.synapse.transport.vfs.PollTableEntry.loadConfiguration(PollTableEntry.java:414)*
> * at
> org.apache.axis2.transport.base.AbstractTransportListenerEx.startListeningForService(AbstractTransportListenerEx.java:153)*
> * at
> org.apache.axis2.transport.base.AbstractTransportListener.internalStartListeningForService(AbstractTransportListener.java:213)*
> * at
> org.apache.axis2.transport.base.AbstractTransportListener$2.serviceAdded(AbstractTransportListener.java:126)*
> * at
> org.apache.axis2.transport.base.tracker.AxisServiceTracker.serviceAdded(AxisServiceTracker.java:212)*
> * at
> org.apache.axis2.transport.base.tracker.AxisServiceTracker.start(AxisServiceTracker.java:188)*
> * at
> org.apache.axis2.transport.base.AbstractTransportListener.start(AbstractTransportListener.java:178)*
> * at
> org.apache.axis2.transport.base.AbstractTransportListenerEx.start(AbstractTransportListenerEx.java:83)*
> * at
> org.apache.axis2.engine.ListenerManager.start(ListenerManager.java:168)*
> * at
> org.apache.axis2.engine.ListenerManager.startSystem(ListenerManager.java:186)*
> * at
> org.wso2.carbon.core.internal.StartupFinalizerServiceComponent.completeInitialization(StartupFinalizerServiceComponent.java:165)*
> * at
> org.wso2.carbon.core.internal.StartupFinalizerServiceComponent.serviceChanged(StartupFinalizerServiceComponent.java:288)*
> * at
> org.eclipse.osgi.internal.serviceregistry.FilteredServiceListener.serviceChanged(FilteredServiceListener.java:107)*
> * at
> org.eclipse.osgi.framework.internal.core.BundleContextImpl.dispatchEvent(BundleContextImpl.java:861)*
> * at
> org.eclipse.osgi.framework.eventmgr.EventManager.dispatchEvent(EventManager.java:230)*
> * at
> org.eclipse.osgi.framework.eventmgr.ListenerQueue.dispatchEventSynchronous(ListenerQueue.java:148)*
> * at
> org.eclipse.osgi.internal.serviceregistry.ServiceRegistry.publishServiceEventPrivileged(ServiceRegistry.java:819)*
> * at
> org.eclipse.osgi.internal.serviceregistry.ServiceRegistry.publishServiceEvent(ServiceRegistry.java:771)*
> * at
> org.eclipse.osgi.internal.serviceregistry.ServiceRegistrationImpl.register(ServiceRegistrationImpl.java:130)*
> * at
> org.eclipse.osgi.internal.serviceregistry.ServiceRegistry.registerService(ServiceRegistry.java:214)*
> * at
> org.eclipse.osgi.framework.internal.core.BundleContextImpl.registerService(BundleContextImpl.java:433)*
> * at
> org.eclipse.osgi.framework.internal.core.BundleContextImpl.registerService(BundleContextImpl.java:451)*
> * at
> org.wso2.carbon.throttling.agent.internal.ThrottlingAgentServiceComponent.registerThrottlingAgent(ThrottlingAgentServiceComponent.java:123)*
> * at
> org.wso2.carbon.throttling.agent.internal.ThrottlingAgentServiceComponent.activate(ThrottlingAgentServiceComponent.java:100)*
> * at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)*
> * at
> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)*
> * at
> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)*
> * at java.lang.reflect.Method.invoke(Method.java:483)*
> * at
> org.eclipse.equinox.internal.ds.model.ServiceComponent.activate(ServiceComponent.java:260)*
> * at
> org.eclipse.e

Re: [Dev] Error with Secured/Encrypted VFS Transport Credentials on ESB500Beta2

2016-07-26 Thread Chaminda Jayawardena 
Hi Rajith,

This is worked when I used a keystore with 1024 keysize. I will verify with
2048 bit keystore with the next release.

I noticed following warning in the logs while server startup even though
the param exists.

*[2016-07-26 12:22:12,199]  WARN - PollTableEntry transport.vfs.FileURI
parameter is missing in the proxy service configuration*

And when I put *"BC" *param in axis2.xml, getting below
exception[1] while server startup. Better to fix these two.

And following information mentioned in the jira should be corrected.
When we use ciphertool for encryption, it is not needed to put
*security.provider*  parameter either in axis2.xml or in the proxy service.

*[1]*
*[2016-07-26 12:22:15,166] ERROR - VFSTransportListener Unexpected error
when configuring service StockQuoteProxy for the VFS transport. It will be
disabled for this transport and marked as faulty.*
*java.lang.IllegalArgumentException: Illegal group reference*
* at java.util.regex.Matcher.appendReplacement(Matcher.java:857)*
* at java.util.regex.Matcher.replaceFirst(Matcher.java:1004)*
* at
org.apache.synapse.transport.vfs.PollTableEntry.decryptIfRequired(PollTableEntry.java:701)*
* at
org.apache.synapse.transport.vfs.PollTableEntry.loadConfiguration(PollTableEntry.java:414)*
* at
org.apache.axis2.transport.base.AbstractTransportListenerEx.startListeningForService(AbstractTransportListenerEx.java:153)*
* at
org.apache.axis2.transport.base.AbstractTransportListener.internalStartListeningForService(AbstractTransportListener.java:213)*
* at
org.apache.axis2.transport.base.AbstractTransportListener$2.serviceAdded(AbstractTransportListener.java:126)*
* at
org.apache.axis2.transport.base.tracker.AxisServiceTracker.serviceAdded(AxisServiceTracker.java:212)*
* at
org.apache.axis2.transport.base.tracker.AxisServiceTracker.start(AxisServiceTracker.java:188)*
* at
org.apache.axis2.transport.base.AbstractTransportListener.start(AbstractTransportListener.java:178)*
* at
org.apache.axis2.transport.base.AbstractTransportListenerEx.start(AbstractTransportListenerEx.java:83)*
* at
org.apache.axis2.engine.ListenerManager.start(ListenerManager.java:168)*
* at
org.apache.axis2.engine.ListenerManager.startSystem(ListenerManager.java:186)*
* at
org.wso2.carbon.core.internal.StartupFinalizerServiceComponent.completeInitialization(StartupFinalizerServiceComponent.java:165)*
* at
org.wso2.carbon.core.internal.StartupFinalizerServiceComponent.serviceChanged(StartupFinalizerServiceComponent.java:288)*
* at
org.eclipse.osgi.internal.serviceregistry.FilteredServiceListener.serviceChanged(FilteredServiceListener.java:107)*
* at
org.eclipse.osgi.framework.internal.core.BundleContextImpl.dispatchEvent(BundleContextImpl.java:861)*
* at
org.eclipse.osgi.framework.eventmgr.EventManager.dispatchEvent(EventManager.java:230)*
* at
org.eclipse.osgi.framework.eventmgr.ListenerQueue.dispatchEventSynchronous(ListenerQueue.java:148)*
* at
org.eclipse.osgi.internal.serviceregistry.ServiceRegistry.publishServiceEventPrivileged(ServiceRegistry.java:819)*
* at
org.eclipse.osgi.internal.serviceregistry.ServiceRegistry.publishServiceEvent(ServiceRegistry.java:771)*
* at
org.eclipse.osgi.internal.serviceregistry.ServiceRegistrationImpl.register(ServiceRegistrationImpl.java:130)*
* at
org.eclipse.osgi.internal.serviceregistry.ServiceRegistry.registerService(ServiceRegistry.java:214)*
* at
org.eclipse.osgi.framework.internal.core.BundleContextImpl.registerService(BundleContextImpl.java:433)*
* at
org.eclipse.osgi.framework.internal.core.BundleContextImpl.registerService(BundleContextImpl.java:451)*
* at
org.wso2.carbon.throttling.agent.internal.ThrottlingAgentServiceComponent.registerThrottlingAgent(ThrottlingAgentServiceComponent.java:123)*
* at
org.wso2.carbon.throttling.agent.internal.ThrottlingAgentServiceComponent.activate(ThrottlingAgentServiceComponent.java:100)*
* at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)*
* at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)*
* at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)*
* at java.lang.reflect.Method.invoke(Method.java:483)*
* at
org.eclipse.equinox.internal.ds.model.ServiceComponent.activate(ServiceComponent.java:260)*
* at
org.eclipse.equinox.internal.ds.model.ServiceComponentProp.activate(ServiceComponentProp.java:146)*
* at
org.eclipse.equinox.internal.ds.model.ServiceComponentProp.build(ServiceComponentProp.java:345)*
* at
org.eclipse.equinox.internal.ds.InstanceProcess.buildComponent(InstanceProcess.java:620)*
* at
org.eclipse.equinox.internal.ds.InstanceProcess.buildComponents(InstanceProcess.java:197)*
* at
org.eclipse.equinox.internal.ds.Resolver.getEligible(Resolver.java:343)*
* at
org.eclipse.equinox.internal.ds.SCRManager.serviceChanged(SCRManager.java:222)*
* at
org.eclipse.osgi.internal.serviceregistry.FilteredServiceListener.serviceChanged(FilteredServiceListener.java:107)*
* at
org.eclipse.osgi.framework.internal.core.BundleContextImp

Re: [Dev] Error with Secured/Encrypted VFS Transport Credentials on ESB500Beta2

2016-07-23 Thread Chaminda Jayawardena 
Hi Rajith,

I used a new keystore with 2048 of key size. And other configurations are
as below. So then the problem is key size accoring to that.

--encrypted "user:pass" as a whole
--have provided decryption in axis2.xml

On Fri, Jul 22, 2016 at 8:11 PM, Rajith Vitharana  wrote:

> Hi Chaminda,
>
> Config level issues I can think of are as follows,
> Have you encrypted "username:password" as a whole and provided in [1] or
> separately encrypted them and added as colon separated value?
> Have you provided same configs for decryption in axis2.xml
> vfsTransportListner config? (For example if you use bouncycastle(BC) when
> encrypting, then need to provide that for decryption as well)
> Have you used a key with larger keystrength for encryption? (for example
> 2048 key strength). If so there was a issue with that and already fixed
> with [2]
>
>
> [1] - {wso2:vault-decrypt('encryptedValue')}
> [2] - https://wso2.org/jira/browse/ESBJAVA-4770
>
> Thanks,
>
> On Fri, Jul 22, 2016 at 2:59 PM, Chaminda Jayawardena 
> wrote:
>
>> Hi,
>>
>> I followed the steps in [1] and getting below exception[2] when proxy
>> service is invoked.
>> I manually encrypted the username:password using ciphertool.sh and used
>> encrypted value in the proxy service as below. And also I could success
>> when the same user:pass combination is not encrypted.
>> Anything missed here or just a bug ?
>>
>> *> name="transport.vfs.FileURI">smb://{wso2:vault-decrypt('encrypted_user:pass_from_ciphertool')}@localhost/share/test1*
>>
>> [1] https://wso2.org/jira/browse/ESBJAVA-4679
>> [2]
>> [2016-07-22 14:48:11,221] ERROR - VFSTransportListener Error checking for
>> existence and readability : smb://@localhost/share/test1
>> org.apache.commons.vfs2.FileSystemException: Could not determine the type
>> of file "smb://localhost/share/test1".
>> at
>> org.apache.commons.vfs2.provider.AbstractFileObject.attach(AbstractFileObject.java:1523)
>> at
>> org.apache.commons.vfs2.provider.AbstractFileObject.getType(AbstractFileObject.java:490)
>> at
>> org.apache.commons.vfs2.provider.AbstractFileObject.exists(AbstractFileObject.java:478)
>> at
>> org.apache.synapse.transport.vfs.VFSTransportListener.scanFileOrDirectory(VFSTransportListener.java:294)
>> at
>> org.apache.synapse.transport.vfs.VFSTransportListener.poll(VFSTransportListener.java:188)
>> at
>> org.apache.synapse.transport.vfs.VFSTransportListener.poll(VFSTransportListener.java:134)
>> at
>> org.apache.axis2.transport.base.AbstractPollingTransportListener$1$1.run(AbstractPollingTransportListener.java:67)
>> at
>> org.apache.axis2.transport.base.threads.NativeWorkerPool$1.run(NativeWorkerPool.java:172)
>> at
>> java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
>> at
>> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
>> at java.lang.Thread.run(Thread.java:745)
>> Caused by: jcifs.smb.SmbAuthException: Logon failure: unknown user name
>> or bad password.
>> at jcifs.smb.SmbSession.sessionSetup(SmbSession.java:406)
>> at jcifs.smb.SmbSession.send(SmbSession.java:218)
>> at jcifs.smb.SmbTree.treeConnect(SmbTree.java:176)
>> at jcifs.smb.SmbFile.doConnect(SmbFile.java:911)
>> at jcifs.smb.SmbFile.connect(SmbFile.java:954)
>> at jcifs.smb.SmbFile.connect0(SmbFile.java:880)
>> at jcifs.smb.SmbFile.queryPath(SmbFile.java:1335)
>> at jcifs.smb.SmbFile.exists(SmbFile.java:1417)
>> at jcifs.smb.SmbFile.isDirectory(SmbFile.java:1490)
>> at
>> org.apache.commons.vfs2.provider.smb.SmbFileObject.createSmbFile(SmbFileObject.java:119)
>> at
>> org.apache.commons.vfs2.provider.smb.SmbFileObject.doAttach(SmbFileObject.java:71)
>> at
>> org.apache.commons.vfs2.provider.AbstractFileObject.attach(AbstractFileObject.java:1506)
>> ... 10 more
>>
>>
>>
>>
>> --
>> Thanks & Regards
>>
>> *Chaminda Jayawardena*
>> Senior Software Engineer - QA
>> WSO2 Inc. - http://wso2.com
>> +94-77-7725234
>>
>
>
>
> --
> Rajith Vitharana
>
> Senior Software Engineer,
> WSO2 Inc. : wso2.com
> Mobile : +94715883223
> Blog : http://lankavitharana.blogspot.com/
> 
>



-- 
Thanks & Regards

*Chaminda Jayawardena*
Senior Software Engineer - QA
WSO2 Inc. - http://wso2.com
+94-77-7725234
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] Error with Secured/Encrypted VFS Transport Credentials on ESB500Beta2

2016-07-22 Thread Rajith Vitharana 
Hi Chaminda,

Config level issues I can think of are as follows,
Have you encrypted "username:password" as a whole and provided in [1] or
separately encrypted them and added as colon separated value?
Have you provided same configs for decryption in axis2.xml
vfsTransportListner config? (For example if you use bouncycastle(BC) when
encrypting, then need to provide that for decryption as well)
Have you used a key with larger keystrength for encryption? (for example
2048 key strength). If so there was a issue with that and already fixed
with [2]


[1] - {wso2:vault-decrypt('encryptedValue')}
[2] - https://wso2.org/jira/browse/ESBJAVA-4770

Thanks,

On Fri, Jul 22, 2016 at 2:59 PM, Chaminda Jayawardena 
wrote:

> Hi,
>
> I followed the steps in [1] and getting below exception[2] when proxy
> service is invoked.
> I manually encrypted the username:password using ciphertool.sh and used
> encrypted value in the proxy service as below. And also I could success
> when the same user:pass combination is not encrypted.
> Anything missed here or just a bug ?
>
> * name="transport.vfs.FileURI">smb://{wso2:vault-decrypt('encrypted_user:pass_from_ciphertool')}@localhost/share/test1*
>
> [1] https://wso2.org/jira/browse/ESBJAVA-4679
> [2]
> [2016-07-22 14:48:11,221] ERROR - VFSTransportListener Error checking for
> existence and readability : smb://@localhost/share/test1
> org.apache.commons.vfs2.FileSystemException: Could not determine the type
> of file "smb://localhost/share/test1".
> at
> org.apache.commons.vfs2.provider.AbstractFileObject.attach(AbstractFileObject.java:1523)
> at
> org.apache.commons.vfs2.provider.AbstractFileObject.getType(AbstractFileObject.java:490)
> at
> org.apache.commons.vfs2.provider.AbstractFileObject.exists(AbstractFileObject.java:478)
> at
> org.apache.synapse.transport.vfs.VFSTransportListener.scanFileOrDirectory(VFSTransportListener.java:294)
> at
> org.apache.synapse.transport.vfs.VFSTransportListener.poll(VFSTransportListener.java:188)
> at
> org.apache.synapse.transport.vfs.VFSTransportListener.poll(VFSTransportListener.java:134)
> at
> org.apache.axis2.transport.base.AbstractPollingTransportListener$1$1.run(AbstractPollingTransportListener.java:67)
> at
> org.apache.axis2.transport.base.threads.NativeWorkerPool$1.run(NativeWorkerPool.java:172)
> at
> java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
> at
> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
> at java.lang.Thread.run(Thread.java:745)
> Caused by: jcifs.smb.SmbAuthException: Logon failure: unknown user name or
> bad password.
> at jcifs.smb.SmbSession.sessionSetup(SmbSession.java:406)
> at jcifs.smb.SmbSession.send(SmbSession.java:218)
> at jcifs.smb.SmbTree.treeConnect(SmbTree.java:176)
> at jcifs.smb.SmbFile.doConnect(SmbFile.java:911)
> at jcifs.smb.SmbFile.connect(SmbFile.java:954)
> at jcifs.smb.SmbFile.connect0(SmbFile.java:880)
> at jcifs.smb.SmbFile.queryPath(SmbFile.java:1335)
> at jcifs.smb.SmbFile.exists(SmbFile.java:1417)
> at jcifs.smb.SmbFile.isDirectory(SmbFile.java:1490)
> at
> org.apache.commons.vfs2.provider.smb.SmbFileObject.createSmbFile(SmbFileObject.java:119)
> at
> org.apache.commons.vfs2.provider.smb.SmbFileObject.doAttach(SmbFileObject.java:71)
> at
> org.apache.commons.vfs2.provider.AbstractFileObject.attach(AbstractFileObject.java:1506)
> ... 10 more
>
>
>
>
> --
> Thanks & Regards
>
> *Chaminda Jayawardena*
> Senior Software Engineer - QA
> WSO2 Inc. - http://wso2.com
> +94-77-7725234
>



-- 
Rajith Vitharana

Senior Software Engineer,
WSO2 Inc. : wso2.com
Mobile : +94715883223
Blog : http://lankavitharana.blogspot.com/

___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

[Dev] Error with Secured/Encrypted VFS Transport Credentials on ESB500Beta2

2016-07-22 Thread Chaminda Jayawardena 
Hi,

I followed the steps in [1] and getting below exception[2] when proxy
service is invoked.
I manually encrypted the username:password using ciphertool.sh and used
encrypted value in the proxy service as below. And also I could success
when the same user:pass combination is not encrypted.
Anything missed here or just a bug ?

*smb://{wso2:vault-decrypt('encrypted_user:pass_from_ciphertool')}@localhost/share/test1*

[1] https://wso2.org/jira/browse/ESBJAVA-4679
[2]
[2016-07-22 14:48:11,221] ERROR - VFSTransportListener Error checking for
existence and readability : smb://@localhost/share/test1
org.apache.commons.vfs2.FileSystemException: Could not determine the type
of file "smb://localhost/share/test1".
at
org.apache.commons.vfs2.provider.AbstractFileObject.attach(AbstractFileObject.java:1523)
at
org.apache.commons.vfs2.provider.AbstractFileObject.getType(AbstractFileObject.java:490)
at
org.apache.commons.vfs2.provider.AbstractFileObject.exists(AbstractFileObject.java:478)
at
org.apache.synapse.transport.vfs.VFSTransportListener.scanFileOrDirectory(VFSTransportListener.java:294)
at
org.apache.synapse.transport.vfs.VFSTransportListener.poll(VFSTransportListener.java:188)
at
org.apache.synapse.transport.vfs.VFSTransportListener.poll(VFSTransportListener.java:134)
at
org.apache.axis2.transport.base.AbstractPollingTransportListener$1$1.run(AbstractPollingTransportListener.java:67)
at
org.apache.axis2.transport.base.threads.NativeWorkerPool$1.run(NativeWorkerPool.java:172)
at
java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
at
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
at java.lang.Thread.run(Thread.java:745)
Caused by: jcifs.smb.SmbAuthException: Logon failure: unknown user name or
bad password.
at jcifs.smb.SmbSession.sessionSetup(SmbSession.java:406)
at jcifs.smb.SmbSession.send(SmbSession.java:218)
at jcifs.smb.SmbTree.treeConnect(SmbTree.java:176)
at jcifs.smb.SmbFile.doConnect(SmbFile.java:911)
at jcifs.smb.SmbFile.connect(SmbFile.java:954)
at jcifs.smb.SmbFile.connect0(SmbFile.java:880)
at jcifs.smb.SmbFile.queryPath(SmbFile.java:1335)
at jcifs.smb.SmbFile.exists(SmbFile.java:1417)
at jcifs.smb.SmbFile.isDirectory(SmbFile.java:1490)
at
org.apache.commons.vfs2.provider.smb.SmbFileObject.createSmbFile(SmbFileObject.java:119)
at
org.apache.commons.vfs2.provider.smb.SmbFileObject.doAttach(SmbFileObject.java:71)
at
org.apache.commons.vfs2.provider.AbstractFileObject.attach(AbstractFileObject.java:1506)
... 10 more




-- 
Thanks & Regards

*Chaminda Jayawardena*
Senior Software Engineer - QA
WSO2 Inc. - http://wso2.com
+94-77-7725234
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev