Till now, I understand that we can view messages from any channel using history() command in pubnub.
I am using Periscope API to fetch broadcasts.It uses pubnub for comments.
I have subscriber-key,auth-token and 'channel-name'.
Can I fetch comments(or messages) for a particular channel ?
My trials:
I tried using history command but it resulted :
Array
(
[status] => 403
[service] => Access Manager
[error] => 1
[message] => Forbidden
[payload] => Array
(
[channels] => Array
(
[0] => 'my_channel'
)
)
)
I would add that this channel doesnot belong to my own pubnub application.I accessed it externally.
Now I found out that read access must be granted on 'subscriber_key' or 'channel' so that a user can access this. But I am pretty sure they have granted.
Is there any method to check permissions for 'subscriber_key' ?
Solved !!
For an external channel or subscriber, you need to pass auth_key values as well while initiating pubnub instance.
var pubnub = PUBNUB({
subscribe_key: 'subkey_value',
auth_key: 'auth_key_value' });
Running any command will not generate auth error.
Then you have the whole gem of punub !
Related
For my mobile applications (Android and iOS), I am using Firebase Cloud Messaging (FCM) for push notifications.
My backend server, uses the FCM Admin Python SDK to send the notification to a particular device with some additional data. The code responsible for sending the notification is as follows:
import firebase_admin
from firebase_admin import credentials
from firebase_admin import messaging
cred = credentials.Certificate('cert.json')
firebase_admin.initialize_app(cred)
def sendNotification(token, sessionId, authenticationUrl, deviceId):
# This registration token comes from the client FCM SDKs.
registration_token = token
message = messaging.Message(
token=registration_token,
data={
'sessionId': sessionId,
'authenticationUrl': authenticationUrl,
'deviceId': deviceId
},
android=messaging.AndroidConfig(ttl=0, priority='high'),
apns=messaging.APNSConfig(
headers={'apns-priority': '10'},
payload=messaging.APNSPayload(
aps=messaging.Aps(content_available=True)
)
)
)
# Send a message to the device corresponding to the provided registration token.
try:
response = messaging.send(message)
print('Successfully sent message:', response)
except Exception as e:
print(e)
Before, I had the follwing also as part of Aps object but I removed it as the message and body is generated by the mobile application now (depending on mobile language):
alert=messaging.ApsAlert(title='Authentication Request', body='Would you like to authenticate?')
Since removing the ApsAlert, the above code fails randomly with the error:
Request contains an invalid argument.
If I call the same function again without any changes, it succeeds after few attempts and again fails on some runs. There is no common pattern due to which this fails.
Is there a way, I can get some more information regarding the error in order to resolve it?
Maybe, which is the invalid arguement.
Update
Based on #Hiranya's comment, I added some error handling and I was able to determine for which arguement it returns "Invalid arguement".
It does that for registration_token but interestingly, the token is never modified during consecutive runs that fail and succeed.
So, still no clue regarding this behavior.
For info:
Python version: 3.8
firebase-admin version: 4.5.2
Got a trouble:
IBM MQ Server v9.1.0.0
pymqi==1.11.1
When trying connect to server got an error:
pymqi.MQMIError: MQI Error. Comp: 2, Reason 2035: FAILED: MQRC_NOT_AUTHORIZED
When I check traffic in Wireshark i got that:
And in server log this:
07/31/2020 10:08:02 AM - Process(27333.5) User(mqm) Program(amqrmppa)
Host(host) Installation(Installation1)
VRMF(9.1.0.0) QMgr(queue_manager)
Time(2020-07-31T07:08:02.253Z)
ArithInsert1(2) ArithInsert2(2035)
CommentInsert1(haha)
AMQ9557E: Queue Manager User ID initialization failed for 'haha'.
EXPLANATION:
The call to initialize the User ID 'haha' failed with CompCode 2 and Reason
2035. If an MQCSP block was used, the User ID in the MQCSP block was ''.
ACTION:
Correct the error and try again.
My code sample:
import pymqi
host = "host"
port = 1416
conn_info = f"{host}({port})"
channel = "channel"
queue_manager = "queue_manager"
def main():
manager = pymqi.connect(queue_manager=queue_manager, channel=channel, conn_info=conn_info)
if __name__ == '__main__':
main()
I tried to execute the code from other devices and there, accordingly, the account under which I ran was taken as the UserID.
After that I asked our support to deal with the problem, after which I was able to connect with an account haha, but the solution with the creation of a list of allowed users does not suit me. Is there any way to control the UserID that is sent by pymqi?
UPD 04.08.2020
The support team said that the user phoenix was created on the IBM MQ server with the password 123456789, tried to send an MQSCP:
manager = pymqi.connect(queue_manager=queue_manager, channel=channel,
conn_info=conn_info, user="phoenix", password="123456789")
And got similar error MQRC_NOT_AUTHORIZED and server log contains error as above with username of machine where code launches (not phoenix).
I'm able to correctly set up and monitor any changes to docusign envelopes.
However, I'm trying to get this edge case working: if my listener is not active, I want docusign to retry.
I've tried adding "requireAcknowledgment" to true when creating my envelope, however, that does not seem to change anything. I can see the failures on my admin panel's connect tab. But they only retry if I manually trigger them.
event_notification = DocuSign_eSign::EventNotification.new({
:url => webhook_url,
:includeDocuments => false,
:envelopeEvents => [
DocuSign_eSign::EnvelopeEvent.new({:envelopeEventStatusCode => "sent"}),
DocuSign_eSign::EnvelopeEvent.new({:envelopeEventStatusCode => "delivered"}),
DocuSign_eSign::EnvelopeEvent.new({:envelopeEventStatusCode => "completed"}),
DocuSign_eSign::EnvelopeEvent.new({:envelopeEventStatusCode => "declined"}),
DocuSign_eSign::EnvelopeEvent.new({:envelopeEventStatusCode => "voided"}),
],
:loggingEnabled => true,
:requireAcknowledgment => true #retry on failure
})
# create the envelope definition with the template_id
envelope_definition = DocuSign_eSign::EnvelopeDefinition.new({
:status => 'sent',
:eventNotification => event_notification,
:templateId => #template_id
})
Some related threads that I've looked into: Docusign webhook listener - is there a retry?
DocuSign Connect webhook system has two queuing / retry models. The standard one is the "aggregate" model. The new one is "send individual messages" (SIM) model.
You probably have the aggregate queuing model. Its retry procedure is:
The first retry for envelope "1" will not happen until (24 hours have passed and an additional message for the configuration for an envelope 2 succeeded.)
But, if an envelope 1 message fails, and then there is a different message (different event) also for envelope 1, the second message will be tried whenever its event occurs (even if less than 24 hours). If it succeeds, then the first message will never be re-sent (since it was superseded by message 2).
(Drew is partly describing the SIM retry model.)
To switch to the SIM model
Use the eSignatures Administration tool. See the Updates section in the Account part of the navigation menu.
Connect will retry automatically once a successful publish to the same endpoint has occurred. If the first retry fails, a second will not be attempted until 24 hours have passed.
I am trying to get the example snippet to publish and subscribe below, I can't get it to run with Node JS 6 and mqlight v2.0
https://www.npmjs.com/package/mqlight?cm_mc_uid=47189062138014548006442&cm_mc_sid_50200000=1490060435
// Receive:
var mqlight = require('mqlight');
var recvClient = mqlight.createClient({service: 'amqp://user:user#localhost:5672'});
recvClient.on('started', function() {
recvClient.subscribe('/TEST/#','sub1');
recvClient.on('message', function(data, delivery) {
console.log(data);
});
});
// Send:
var sendClient = mqlight.createClient({service: 'amqp://user:user#localhost:5672'});
sendClient.on('started', function() {
sendClient.send('TEST');
});
i run the sample code mqlight 2.0 with node js v6
$node mqlight_sample.js
events.js:160
throw er; // Unhandled 'error' event
^
SecurityError: AMQXR0100E: A connection from 172.17.0.1 was not authorized.
at lookupError (/media/Data/mqlight/node_modules/mqlight/mqlight.js:1034:11)
at AMQPClient.<anonymous> (/media/anonim/Data/mqlight/node_modules/mqlight/mqlight.js:1925:13)
at emitOne (events.js:96:13)
at AMQPClient.emit (events.js:188:7)
at Connection.<anonymous> (/media/anonim/Data/mqlight/node_modules/amqp10/lib/amqp_client.js:388:10)
at emitOne (events.js:96:13)
at Connection.emit (events.js:188:7)
at Connection._processCloseFrame (/media/anonim/Data/mqlight/node_modules/amqp10/lib/connection.js:495:10)
at Connection._receiveAny (/media/anonim/Data/mqlight/node_modules/amqp10/lib/connection.js:423:12)
at Connection._receiveData (/media/anonim/Data/mqlight/node_modules/amqp10/lib/connection.js:357:8)
at NetTransport.<anonymous> (/media/anonim/Data/mqlight/node_modules/amqp10/lib/connection.js:515:38)
at emitOne (events.js:96:13)
at NetTransport.emit (events.js:188:7)
at Socket.<anonymous> (/media/anonim/Data/mqlight/node_modules/amqp10/lib/transport/net_transport.js:26:49)
at emitOne (events.js:96:13)
at Socket.emit (events.js:188:7)
this one error log from MQ Server
# tail -100f /var/mqm/qmgrs/QM1/errors/amqp_0.log
3/31/17 19:14:44.115 AMQXR0041E: A connection was not authorized for channel SYSTEM.DEF.AMQP received from 172.17.0.1. MQRC 2035 MQRC_NOT_AUTHORIZED
3/31/17 19:14:45.142 AMQXR0041E: A connection was not authorized for channel SYSTEM.DEF.AMQP received from 172.17.0.1. MQRC 2035 MQRC_NOT_AUTHORIZED
actually authenticate for AMQP is enabled if CONNAUTH and CHCKCLNT required changed to disabled i can connected with Node JS 6
START SERVICE(SYSTEM.AMQP.SERVICE)
SET CHLAUTH(SYSTEM.DEF.AMQP) TYPE(BLOCKUSER) USERLIST('nobody')
SET CHLAUTH(SYSTEM.DEF.AMQP) TYPE(ADDRESSMAP) ADDRESS(*) USERSRC(CHANNEL) CHCKCLNT(REQUIRED)
REFRESH SECURITY TYPE(CONNAUTH)
START CHANNEL(SYSTEM.DEF.AMQP)
DISPLAY CHSTATUS(SYSTEM.DEF.AMQP) CHLTYPE(AMQP)
below the error log from /var/mqm/qmgrs/QM1/errors/AMQERR01.LOG
04/02/17 07:10:16 - Process(587.6) User(mqm) Program(java)
Host(770e29171038) Installation(Installation1)
VRMF(9.0.1.0) QMgr(QM1)
AMQ5534: User ID 'user' authentication failed
EXPLANATION:
The user ID and password supplied by the 'AMQP' program could not be
authenticated.
Additional information: 'N/A'.
ACTION:
Ensure that the correct user ID and password are provided by the application.
Ensure that the authentication repository is correctly configured. Look at
previous error messages for any additional information.
----- amqzfuca.c : 4486 -------------------------------------------------------
04/02/17 07:10:16 - Process(587.6) User(mqm) Program(java)
Host(770e29171038) Installation(Installation1)
VRMF(9.0.1.0) QMgr(QM1)
AMQ5542: The failed authentication check was caused by the queue manager
CONNAUTH CHCKCLNT(REQDADM) configuration.
EXPLANATION:
The user ID 'user' and its password were checked because the queue manager
connection authority (CONNAUTH) configuration refers to an authentication
information (AUTHINFO) object named 'USE.OS' with CHCKCLNT(REQDADM).
This message accompanies a previous error to clarify the reason for the user ID
and password check.
ACTION:
Refer to the previous error for more information.
Ensure that a password is specified by the client application and that the
password is correct for the user ID. The authentication configuration of the
queue manager connection determines the user ID repository. For example, the
local operating system user database or an LDAP server.
If the CHCKCLNT setting is OPTIONAL, the authentication check can be avoided by
not passing a user ID across the channel. For example, by omitting the MQCSP
structure from the client MQCONNX API call.
To avoid the authentication check, you can amend the authentication
configuration of the queue manager connection, but you should generally not
allow unauthenticated remote access.
-------------------------------------------------------------------------------
04/02/17 07:10:17 - Process(587.6) User(mqm) Program(java)
Host(770e29171038) Installation(Installation1)
VRMF(9.0.1.0) QMgr(QM1)
AMQ5534: User ID 'user' authentication failed
EXPLANATION:
The user ID and password supplied by the 'AMQP' program could not be
authenticated.
Additional information: 'N/A'.
ACTION:
Ensure that the correct user ID and password are provided by the application.
Ensure that the authentication repository is correctly configured. Look at
previous error messages for any additional information.
----- amqzfuca.c : 4486 -------------------------------------------------------
04/02/17 07:10:17 - Process(587.6) User(mqm) Program(java)
Host(770e29171038) Installation(Installation1)
VRMF(9.0.1.0) QMgr(QM1)
AMQ5542: The failed authentication check was caused by the queue manager
CONNAUTH CHCKCLNT(REQDADM) configuration.
EXPLANATION:
The user ID 'user' and its password were checked because the queue manager
connection authority (CONNAUTH) configuration refers to an authentication
information (AUTHINFO) object named 'USE.OS' with CHCKCLNT(REQDADM).
This message accompanies a previous error to clarify the reason for the user ID
and password check.
ACTION:
Refer to the previous error for more information.
Ensure that a password is specified by the client application and that the
password is correct for the user ID. The authentication configuration of the
queue manager connection determines the user ID repository. For example, the
local operating system user database or an LDAP server.
If the CHCKCLNT setting is OPTIONAL, the authentication check can be avoided by
not passing a user ID across the channel. For example, by omitting the MQCSP
structure from the client MQCONNX API call.
To avoid the authentication check, you can amend the authentication
configuration of the queue manager connection, but you should generally not
allow unauthenticated remote access.
-------------------------------------------------------------------------------
SASL flow has been changed within the new Node JS client version. The new SASL flow is currently not supported by the IBM AMQP server. The AMQP server thinks that at this moment it should already have enough data for authentication and authorization of the client user. However, because of the change in the new Node JS client, the rest of the required data has not yet been sent when the server tries to authenticate the client. This is why the logs show that only the user 'mqm' has been set and no password supplied to the QMgr. Thus causing an authorization error APAR IT20283
In reviewing the error logs from the queue manager it appears that MQ is not able to authenticate the user being passed to the AMQP channel via the mqlight_sample.js program.
Please try the following two commands and note the output:
echo 'goodpassword' | /opt/mqm/bin/security/amqoamax user ; echo $?
echo 'badpassword' | /opt/mqm/bin/security/amqoamax user ; echo $?
OP noted the output was 0 and 1 for the above commands. This means that MQ can properly authenticate the the UserId "user" with a correct password since it returns 0.
Next please create a normal SVRCONN channel on the queue manager and try the following sample program, this would again rule out MQ and CONNAUTH being an issue.
echo 'goodpassword' | amqscnxc -x 'localhost(5672)' -c SVRCONN.CHANNEL -u user QM1; echo $?
The output if good should look like this:
Sample AMQSCNXC start
Connecting to queue manager QM1
using the server connection channel SVRCONN.CHANNEL
on connection name localhost(5672).
Enter password: Connection established to queue manager QM1
Sample AMQSCNXC end
0
If output if it fails should look like this:
Sample AMQSCNXC start
Connecting to queue manager QM1
using the server connection channel SVRCONN.CHANNEL
on connection name localhost(5672).
Enter password: MQCONNX ended with reason code 2035
243
If the above test is also successful then please verify that the mqlight_sample.js has the same user and goodpassword values that worked with the two tests.
If you find that the UserID and password are correct, then it would appear that the amqp program is not passing the password correctly and someone else with more AMQP knowledge would need to help.
Update 2017-04-28
OP #dhaavhincy has posted a new answer that per IBM the issue was a result of the SASL flow in Node JS v6 being changed and incompatible with IBM MQ AMQP. IBM has provided that this will be fixed via APAR IT20283 which has not been published to the web.
Update 2017-06-20
APAR IT20283 was published to the web around May 22nd.
I try to integrate Spring Session and Hazelcast. I am using very simple configuration:
com.hazelcast.config.Config cfg = new com.hazelcast.config.Config();
NetworkConfig netConfig = new NetworkConfig();
netConfig.setPort(SocketUtils.findAvailableTcpPort());
System.out.println("Hazelcast port #: " + netConfig.getPort());
cfg.setNetworkConfig(netConfig);
SerializerConfig serializer = new SerializerConfig().setTypeClass(Object.class)
.setImplementation(new ObjectStreamSerializer());
cfg.getSerializationConfig().addSerializerConfig(serializer);
return Hazelcast.newHazelcastInstance(cfg);
It is from Spring docs example. Everything ok, but when I try to get session from Hazelcast with its Rest APi it returns empty values 0curl: (52) Empty reply from server
$ curl -X GET http://localhost:port/hazelcast/rest/maps/spring:session:sessions/session-id
Where port is port, selected with SocketUtils.findAvailableTcpPort() and session-id is session id in browser.
How I can access my saved sessions with Hazelcast REST API?
Update:
By adding cfg.setProperty("hazelcast.rest.enabled","true"); all problems disappeared.
You have to activate the REST API service which is disabled by default (for security reasons). Please see http://docs.hazelcast.org/docs/3.6/manual/html-single/index.html#system-properties and search for hazelcast.rest.enabled.