我有一个我想要保护的API。我跟着Example。 API是安全的,但请求不会转发到API,我也没有看到API的响应。 API有一些动态URI变量可以设置。如果我对uri-template进行硬编码,那么API可以工作,但如果我不这样做就会挂起!
package com.pru.basicauth.handler.rest;
import java.util.Map;
import org.apache.commons.codec.binary.Base64;
import org.apache.synapse.MessageContext;
import org.apache.synapse.core.axis2.Axis2MessageContext;
import org.apache.synapse.core.axis2.Axis2Sender;
import org.apache.synapse.rest.Handler;
public class BasicAuthHandler1 implements Handler {
public void addProperty(String s, Object o) {
//To change body of implemented methods use File | Settings | File Templates.
}
public Map getProperties() {
return null; //To change body of implemented methods use File | Settings | File Templates.
}
public boolean handleRequest(MessageContext messageContext) {
org.apache.axis2.context.MessageContext axis2MessageContext
= ((Axis2MessageContext) messageContext).getAxis2MessageContext();
Object headers = axis2MessageContext.getProperty(
org.apache.axis2.context.MessageContext.TRANSPORT_HEADERS);
if (headers != null && headers instanceof Map) {
Map headersMap = (Map) headers;
if (headersMap.get("Authorization") == null) {
headersMap.clear();
axis2MessageContext.setProperty("HTTP_SC", "401");
headersMap.put("WWW-Authenticate", "Basic realm=\"WSO2 ESB\"");
axis2MessageContext.setProperty("NO_ENTITY_BODY", new Boolean("true"));
messageContext.setProperty("RESPONSE", "true");
messageContext.setTo(null);
Axis2Sender.sendBack(messageContext);
return false;
} else {
String authHeader = (String) headersMap.get("Authorization");
String credentials = authHeader.substring(6).trim();
if (processSecurity(credentials)) {
**headersMap.clear(); //This worked for me!**
return true;
} else {
headersMap.clear();
axis2MessageContext.setProperty("HTTP_SC", "403");
axis2MessageContext.setProperty("NO_ENTITY_BODY", new Boolean("true"));
messageContext.setProperty("RESPONSE", "true");
messageContext.setTo(null);
Axis2Sender.sendBack(messageContext);
return false;
}
}
}
return true;
}
public boolean handleResponse(MessageContext messageContext) {
return true;
}
public boolean processSecurity(String credentials) {
String decodedCredentials = new String(new Base64().decode(credentials.getBytes()));
String userName = decodedCredentials.split(":")[0];
String password = decodedCredentials.split(":")[1];
if ("admin".equals(userName) && "admin".equals(password)) {
return true;
} else {
return false;
}
}
}
<api xmlns="http://ws.apache.org/ns/synapse" name="TApi" context="/ta">
<resource methods="GET" url-mapping="/city" protocol="https" outSequence="conf:/taOut">
<inSequence>
<sequence key="conf:/taConf"/>
<property name="ContentType" value="text/plain" scope="axis2"/>
<property name="POST_TO_URI" value="true" scope="axis2"/>
<send>
<endpoint>
<http trace="enable" method="GET" uri-template="http://abcd:1234/html/en/default/rest/Integration?USERNAME=XXXXXX&PASSWORD=xxxxxxx&ioName=Geography%20-%20Database%20-%20Create%20City%20Inbound"/>
</endpoint>
</send>
</inSequence>
<faultSequence/>
</resource>
</api>
<api xmlns="http://ws.apache.org/ns/synapse" name="TApi" context="/ta">
<resource methods="GET" url-mapping="/city" protocol="https" outSequence="conf:/taOut">
<inSequence>
<sequence key="conf:/taConf"/>
<property name="ContentType" value="text/plain" scope="axis2"/>
<property name="POST_TO_URI" value="true" scope="axis2"/>
<send>
<endpoint>
<http trace="enable" method="GET" uri-template="{uri.var.service.host}:{uri.var.service.port}/html/en/default/rest/Integration?USERNAME={uri.var.service.user}&PASSWORD={uri.var.service.pass}&ioName=Geography%20-%20Database%20-%20Create%20City%20Inbound"/>
</endpoint>
</send>
</inSequence>
<faultSequence/>
</resource>
</api>
<?xml version="1.0" encoding="UTF-8"?>
<sequence xmlns="http://ws.apache.org/ns/synapse" name="conf:taConf">
<property name="uri.var.service.user"
value="XXXXX"
scope="default"
type="STRING"/>
<property name="uri.var.service.pass"
value="XXXXXXXX"
scope="default"
type="STRING"/>
<property name="uri.var.service.host"
value="XXXXXXX"
scope="default"
type="STRING"/>
<property name="uri.var.service.port"
value="XXXXX"
scope="default"
type="STRING"/>
</sequence>
<?xml version="1.0" encoding="UTF-8"?>
<sequence xmlns="http://ws.apache.org/ns/synapse"
name="conf:taOut"
trace="enable">
<out>
<filter xmlns:ns="http://org.apache.synapse/xsd"
source="get-property('axis2', 'HTTP_SC')"
regex="^(2[0-9][0-9])$">
<then>
<payloadFactory media-type="text">
<format>RetCode=C;Message=Success</format>
</payloadFactory>
<send/>
</then>
<else>
<payloadFactory media-type="text">
<format>RetCode=F;Message=Failed because Itegration Exception</format>
</payloadFactory>
</else>
</filter>
</out>
</sequence>
[2016-05-19 09:20:52,020] DEBUG - wire >> "GET /t/city HTTP/1.1[\r][\n]"
[2016-05-19 09:20:52,021] DEBUG - wire >> "Host: 48.123.84.5:8243[\r][\n]"
[2016-05-19 09:20:52,021] DEBUG - wire >> "Connection: Keep-Alive[\r][\n]"
[2016-05-19 09:20:52,021] DEBUG - wire >> "User-Agent: Apache-HttpClient/4.3.1 (java 1.5)[\r][\n]"
[2016-05-19 09:20:52,021] DEBUG - wire >> "Accept-Encoding: gzip,deflate[\r][\n]"
[2016-05-19 09:20:52,022] DEBUG - wire >> "[\r][\n]"
[2016-05-19 09:20:52,024] DEBUG - wire << "HTTP/1.1 401 Unauthorized[\r][\n]"
[2016-05-19 09:20:52,024] DEBUG - wire << "WWW-Authenticate: Basic realm="WSO2 ESB"[\r][\n]"
[2016-05-19 09:20:52,024] DEBUG - wire << "Date: Thu, 19 May 2016 13:20:52 GMT[\r][\n]"
[2016-05-19 09:20:52,024] DEBUG - wire << "Transfer-Encoding: chunked[\r][\n]"
[2016-05-19 09:20:52,025] DEBUG - wire << "Connection: Keep-Alive[\r][\n]"
[2016-05-19 09:20:52,025] DEBUG - wire << "[\r][\n]"
[2016-05-19 09:20:52,025] DEBUG - wire << "0[\r][\n]"
[2016-05-19 09:20:52,025] DEBUG - wire << "[\r][\n]"
[2016-05-19 09:20:52,048] DEBUG - wire >> "G"
[2016-05-19 09:20:52,049] DEBUG - wire >> "ET /tririga/city HTTP/1.1[\r][\n]"
[2016-05-19 09:20:52,049] DEBUG - wire >> "Host: 48.123.84.5:8243[\r][\n]"
[2016-05-19 09:20:52,050] DEBUG - wire >> "Connection: Keep-Alive[\r][\n]"
[2016-05-19 09:20:52,050] DEBUG - wire >> "User-Agent: Apache-HttpClient/4.3.1 (java 1.5)[\r][\n]"
[2016-05-19 09:20:52,050] DEBUG - wire >> "Accept-Encoding: gzip,deflate[\r][\n]"
[2016-05-19 09:20:52,051] DEBUG - wire >> "Authorization: Basic YWaaaa6YWRtaW4=[\r][\n]"
[2016-05-19 09:20:52,051] DEBUG - wire >> "[\r][\n]"
[2016-05-19 09:20:52,055] INFO - LogMediator host = localhost, port = 1234, user = XXXXXX, pass = XXXXXX
[2016-05-19 09:20:52,065] DEBUG - wire << "GET http://localhost:1234/aaaa?USERNAME=XXXXXX&PASSWORD=XXXXXX&ioName=Geogra
phy%20-%20Database%20-%20Create%20City%20Inbound HTTP/1.1[\r][\n]"
[2016-05-19 09:20:52,065] DEBUG - wire << "Authorization: Basic YWRtaaaaaaRtaW4=[\r][\n]"
[2016-05-19 09:20:52,066] DEBUG - wire << "Accept-Encoding: gzip,deflate[\r][\n]"
[2016-05-19 09:20:52,066] DEBUG - wire << "Host: localhost:1234[\r][\n]"
[2016-05-19 09:20:52,066] DEBUG - wire << "Connection: Keep-Alive[\r][\n]"
[2016-05-19 09:20:52,066] DEBUG - wire << "User-Agent: Synapse-PT-HttpComponents-NIO[\r][\n]"
[2016-05-19 09:20:52,066] DEBUG - wire << "[\r][\n]"
[2016-05-19 09:20:52,076] DEBUG - wire >> "HTTP/1.1 401 Unauthorized[\r][\n]"
[2016-05-19 09:20:52,076] DEBUG - wire >> "Date: Thu, 19 May 2016 13:20:51 GMT[\r][\n]"
[2016-05-19 09:20:52,077] DEBUG - wire >> "Content-Length: 13[\r][\n]"
[2016-05-19 09:20:52,077] DEBUG - wire >> "Content-Type: text/html;charset=UTF-8[\r][\n]"
[2016-05-19 09:20:52,077] DEBUG - wire >> "WWW-Authenticate: Basic[\r][\n]"
[2016-05-19 09:20:52,077] DEBUG - wire >> "Set-Cookie: JSESSIONID=8p3JLQcWIB7Y97_t6gSnVCJ2zze328m0-vRF1-QajTGg3pn5T-Fj!1643223368; path=/[\r][\n]"
[2016-05-19 09:20:52,077] DEBUG - wire >> "X-UA-Compatible: IE=edge[\r][\n]"
[2016-05-19 09:20:52,078] DEBUG - wire >> "[\r][\n]"
[2016-05-19 09:20:52,078] DEBUG - wire >> "Login Failed."
由于
答案 0 :(得分:0)
我已经使用WSO2 ESB 4.9.0测试了提到的场景,它对我有用(参考博客文章[1])。你能再次检查URI变量的值吗? 您可以先将日志中介添加到API配置中的发送中介。
<log level="custom" xmlns="http://ws.apache.org/ns/synapse">
<property name="host"
expression="get-property('uri.var.service.user')"/>
</log>
<log level="custom" xmlns="http://ws.apache.org/ns/synapse">
<property name="host"
expression="get-property('uri.var.service.pass')"/>
</log>
<log level="custom" xmlns="http://ws.apache.org/ns/synapse">
<property name="host"
expression="get-property('uri.var.service.host')"/>
</log>
<log level="custom" xmlns="http://ws.apache.org/ns/synapse">
<property name="host"
expression="get-property('uri.var.service.port')"/>
</log>
您还可以在ESB中启用线路日志,然后您可以在碳日志中查看完整的端点URL。 您可以使用以下步骤在ESB中启用wirelog。
1)打开位于ESB_HOME / repository / conf目录中的“log4j.properties”文件。 2)取消注册以下行并保存文件。
log4j.logger.org.apache.synapse.transport.http.wire=DEBUG
3)启动ESB服务器。
启用有线日志后,您可以调用API,在碳日志中,您可以看到URI变量的值和完整的端点URL。 然后,您可以将这些值与
进行比较