I setup jolokia with jmx on my spring boot application, so I can get jmx information over HTTP.
However I can't get the data by javascript ajax with the error "No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:8080' is therefore not allowed access."
I want to make jolokia endpoint return 'Access-Control-Allow-Origin: *' header to allow any origin or at lease return the header with allowed origin I specified on jolokia-access.xml, but I don't get the header on response and I'm not sure what I missed
The monitoring javascript I'm running is not on same server which has my spring boot application, since I want to make the script run remotely.
Below is my spring boot application setup.
application.properties and jolokia-access.xml both are in classpath, so I can see the change I made for management.port on application.properties and remote post access restriction on jolokia-access.xml are applied
pom.xml
<parent>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-parent</artifactId>
<version>1.2.4.RELEASE</version>
</parent>
<dependencies>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-actuator</artifactId>
</dependency>
<dependency>
<groupId>org.jolokia</groupId>
<artifactId>jolokia-core</artifactId>
</dependency>
:
application.properties
management.port=8888
endpoints.jolokia.path=/jolokia
endpoints.jolokia.enabled=true
endpoints.jmx.enabled=true
endpoints.cors.allowed-origins=*
endpoints.cors.allowed-methods=*
endpoints.cors.allowed-headers=*
jolokia-access.xml
<?xml version="1.0" encoding="UTF-8"?>
<restrict>
<remote>
<host>127.0.0.1</host>
<host>localhost</host>
</remote>
<http>
<method>post</method>
<method>get</method>
</http>
<commands>
<command>read</command>
<command>list</command>
<command>version</command>
</commands>
<cors>
<allow-origin>http://localhost:*</allow-origin>
<allow-origin>http://127.0.0.1:*</allow-origin>
</cors>
</restrict>
When I hit the jolokia endpoint by curl, I can have jmx data on response as json like below
$ curl -X POST http://127.0.0.1:8888/jolokia -d '{
"type":"read",
"mbean":"org.springframework.boot:type=Endpoint,name=healthEndpoint",
"attribute":"Data"
}'
{"request":{"mbean":"org.springframework.boot:name=healthEndpoint,type=Endpoint","attribute":"Data","type":"read"},
"value":{"diskSpace":{"threshold":10485760,"free":204441415680,"status":"UP"},"db":{"database":"H2","hello":1,"status":"UP"},"status":"UP"},
"timestamp":1433908260,"status":200}
$ curl -X POST http://127.0.0.1:8888/jolokia -d '{
"type":"read",
"mbean":"java.lang:type=Memory",
"attribute":"HeapMemoryUsage",
"path":"used"
}'
{"request":{"path":"used","mbean":"java.lang:type=Memory","attribute":"HeapMemoryUsage","type":"read"},
"value":69036712,"timestamp":1434075946,"status":200}
However below javascipt failed since resposne from jolokia endpoint doesn't have Access-Control-Allow-Origin' header.
Even if I setup 'endpoints.cors.allowed-origins=*' properties, but I don't see the header on the response
Monitoring javascript
var j4p = new Jolokia({url: "http://127.0.0.1:8888/jolokia", fetchInterval: 1000});
var context = cubism.context()
.serverDelay(0)
.clientDelay(0)
.step(1000)
.size(594);
var jolokia = context.jolokia(j4p);
var memory = jolokia.metric(
function (resp1, resp2) {
return Number(resp1.value) / Number(resp2.value);
},
{type:"read", mbean:"java.lang:type=Memory", attribute:"HeapMemoryUsage", path:"used"},
{type:"read", mbean:"java.lang:type=Memory", attribute:"HeapMemoryUsage", path:"max"}, "Heap-Memory"
);
Request header the javascript sent
Accept:*/*
Accept-Encoding:gzip, deflate, sdch
Accept-Language:en-US,en;q=0.8
Access-Control-Request-Headers:accept, content-type
Access-Control-Request-Method:POST
Connection:keep-alive
Host:127.0.0.1:8888
Origin:http://127.0.0.1:8080
Referer:http://127.0.0.1:8080/monitor/
User-Agent:Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/43.0.2357.124 Safari/537.36
Response header the javascript received
Allow:GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
Cache-Control:no-cache, no-store, max-age=0, must-revalidate
Content-Length:0
Date:Fri, 12 Jun 2015 02:27:17 GMT
Expires:0
Pragma:no-cache
Server:Jetty(9.2.10.v20150310)
X-Content-Type-Options:nosniff
X-Frame-Options:DENY
X-XSS-Protection:1; mode=block
As you see above, there is no 'Access-Control-Allow-Origin' header at all.
By default, Jolokia allows any cross origin access. So there is no need for a jolokia-access.xml at all.
On the other hand, I think your pattern should work. But please raise an issue on GitHub so that we can continue there to fix this.
Related
I am building an application that uses Electron, CouchDB, and JupyterLab(-desktop). CouchDB is proxied by jupyter-server-proxy and available at /couchdb/. This works perfectly when running the application using jupyter lab but gives a 401 authentication error when running in Electron.
The Electron window for my extension is created by Jupyterlab-desktop, and uses the default options: https://github.com/jupyterlab/jupyterlab-desktop/blob/25c5d89f9507df2013dd034de91f28839edf7ed4/src/main/sessions.ts#L566
JupyterLab-desktop includes an anaconda environment in which is launches JupyterLab on a random port. I can then open the inspector, and open the very same page in Edge.
In Edge the request returns a 200 status code, and I can copy the request as the following command
fetch("http://localhost:50505/couchdb/schematics/", {
"headers": {
"accept": "application/json",
"accept-language": "en-US,en;q=0.9",
"authorization": "Basic YWRtaW46YWRtaW4=",
"content-type": "application/json",
"if-none-match": "\"02abc16d4f072bb05c3fa16495ef7ab6fa044a29\"",
"sec-ch-ua": "\" Not A;Brand\";v=\"99\", \"Chromium\";v=\"101\", \"Microsoft Edge\";v=\"101\"",
"sec-ch-ua-mobile": "?0",
"sec-ch-ua-platform": "\"Windows\"",
"sec-fetch-dest": "empty",
"sec-fetch-mode": "cors",
"sec-fetch-site": "same-origin"
},
"referrer": "http://localhost:50505/mosaic/",
"referrerPolicy": "strict-origin-when-cross-origin",
"body": null,
"method": "GET",
"mode": "cors",
"credentials": "include"
});
I can then go back to the very same page in Electron and execute the very same request to the very same server, and get a 401 error.
The suspicious thing is that it shows "provisional headers" in Electron, making me suspect it's somehow messing with the headers before sending them. At first I wasn't proxying CouchDB and thought it's some CORS thing, but now it's running at the same host and port as the app itself.
The Chrome documentation says it could show provisional headers if it's cached (which I disabled), if the "resource is invalid"(??) or due to "security reasons". Is there some Electron security thing at play here?
I've also looked at the CouchDB logs, and for the successful case it shows
[notice] 2022-05-05T02:15:03.524000Z couchdb#localhost <0.8858.1> 59b71d5eff localhost:50505 127.0.0.1 admin GET /schematics/ 200 ok 4
and for the failed one
[error] 2022-05-05T02:14:01.532000Z couchdb#localhost <0.8350.1> 4db334eadb rexi_server: from: couchdb#localhost(<0.8330.1>) mfa: fabric_rpc:open_shard/2 throw:{unauthorized,<<"You are not authorized to access this db.">>} [{couch_db,open,2,[{file,"src/couch_db.erl"},{line,171}]},{mem3_util,get_or_create_db,2,[{file,"src/mem3_util.erl"},{line,549}]},{fabric_rpc,open_shard,2,[{file,"src/fabric_rpc.erl"},{line,307}]},{rexi_server,init_p,3,[{file,"src/rexi_server.erl"},{line,141}]}]
[notice] 2022-05-05T02:14:01.532000Z couchdb#localhost <0.8330.1> 4db334eadb localhost:50505 127.0.0.1 undefined GET /schematics/ 401 ok 0
I'm completely at a loss why Electron seems to send the request, but somehow mangle it such that it arrives at CouchDB without correct authorization. What's going on here?
I have got couple of queries with configuration of Logstash. My application is based on Java, Spring Boot. I have added the Logstash dependencies inside pom.xml and I have configured the logstash encoder inside logback.xml for RollingFileAppender. For consoleAppender I am not doing it.
Now the logs are formed properly with JSON format inside mylogs.log but I see some the special characters \n\t inside the stack trace and backslash charecters \ inside messages.
(DispatcherServlet.java:897)\\n\\tat org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:970)\\n\\t... 79 common frames omitted\\n\",\"HOSTNAME \":\"algo-11\"}\n{\"#timestamp\":\"2018-01-31T11:10:48.848+04:00\",\"#version\":1,\"message\":\"{\\\"type\\\":\\\"API_REQUEST\\\",\\\"uid\\\":\\\"3b122a03-0502-4bba-a357-b6d0a42a9746\\\",\\\"sessionId\\\":\\\"AA09B7F5A64170D5040D981A1964C6FD\\\",\\\"remoteAddress\\\":\\\"0:0:0:0:0:0:0:1\\\",\\\"methodType\\\":\\\"POST\\\",\\\"headers\\\":\\\"{content-length=76, accept-language=en-US,en;q=0.9, cookie=JSESSIONID=825F454FB4988B1F4AB10DFDD048564D, postman-token=9abae84a-bb5d-aa2d-70ef-80ea5171b91d, origin=chrome-extension://fhbjgbiflinjbdggehcddcbncdddomop, accept=*/*, authorization={\\\\\\\"user\\\\\\\":\\\\\\\"swoo-admin\\\\\\\",\\\\\\\"password\\\\\\\":\\\\\\\"ZJnt8#gEkA$u9p9HAr\\\\\\\"}, host=localhost:3080, connection=keep-alive, content-type=application/json, cache-control=no-cache, accept-encoding=gzip, deflate, br, user-agent=Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36}\\\",\\\"uri\\\":\\\"/user/login\\\",\\\"query\\\":null,\\\"contentType\\\":\\\"application/json\\\",\\\"requestTime\\\":\\\"2018-01-31 11:10:48.727\\\",\\\"responseTime\\\":\\\"2018-01-31 11:10:48.841\\\",\\\"executionTimeMillisecond\\\":114,\\\"requestPayload\\\":\\\"{\\\\n \\\\\\\"countryCode\\\\\\\": \\\\\\\"+971\\\\\\\",\\\\n \\\\\\\"phone\\\\\\\": \\\\\\\"545901009\\\\\\\",\\\\n \\\\\\\"userType\\\\\\\": \\\\\\\"EMAIL\\\\\\\"\\\\n }\\\",\\\"responsePayload\\\":\\\" {\\\\\\\"status\\\\\\\":\\\\\\\"FAIL\\\\\\\",\\\\\\\"statusCode\\\\\\\":1000,\\\\\\\"message\\\\\\\":\\\\\\\"Internal Server Error\\\\\\\",\\\\\\\"desc\\\\\\\":\\\\\\\"FAIL\\\\\\\",\\\\\\\"debug\\\\\\\":\\\\\\\"org.springframework.web.util.NestedServletException: Request processing failed; nested exception is java.lang.IllegalArgumentException: non null key required\\\\\\\\n\\\\\\\\tat org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:982)\\\\\\\\n\\\\\\\\tat org.springframework.web.servlet.FrameworkServlet.doPost(FrameworkServlet.java:872)\\\\\\\\n\\\\\\\\tat javax.servlet.http.HttpServlet.service(HttpServlet.java:648)\\\\\\\\n\\\\\\\\tat org.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.java:846)\\\\\\\\n\\\\\\\\tat javax.servlet.http.HttpServlet.service(HttpServlet.java:729)\\\\\\\\n\\\\\\\\tat org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:230)\\\\\\\\n\\\\\\\\tat org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:165)\\\\\\\\n\\\\\\\\tat org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)\\\\\\\\n\\\\\\\\tat org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:192)\\\\\\\\n\\\\\\\\tat org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:165)\\\\\\\\n\\\\\\\\tat com.logstashauth.CustomAuthenticationFilter.doFilter(CustomAuthenticationFilter.java:46)\\\\\\\\n\\\\\\\\tat org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:192)\\\\\\\\n\\\\\\\\tat org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:165)\\\\\\\\n\\\\\\\\tat
How do configure settings such that to eradicate these \n\t and \ charecters?
I think the logstash mutate gsub is the solution for your problem. Correct me if I'm wrong.
https://www.elastic.co/guide/en/logstash/current/plugins-filters-mutate.html#plugins-filters-mutate-gsub
I'm facing a problem with IIS + Kestrel hosting of asp.net core application (web api).
Sometimes response delay is about 5sec. In such case Chrome shows "GET net::ERR_CONNECTION_TIMED_OUT" (but Firefox waits until response)
It only happens on IIS, if I run it locally within Visual Studio Code it works fine (at least I haven't caught any "freezes").
There is some info from app log on server side. For successful request it looks like:
info: Microsoft.AspNetCore.Hosting.Internal.WebHost[1]
Request starting HTTP/1.1 OPTIONS http://
info: Microsoft.AspNetCore.Hosting.Internal.WebHost[2]
Request finished in 0.2813ms 204
info: Microsoft.AspNetCore.Hosting.Internal.WebHost[1]
Request starting HTTP/1.1 GET http://
info: Microsoft.AspNetCore.Authentication.JwtBearer.JwtBearerMiddleware[2]
Successfully validated the token.
info: Microsoft.AspNetCore.Authentication.JwtBearer.JwtBearerMiddleware[3]
HttpContext.User merged via AutomaticAuthentication from authenticationScheme: Bearer.
info: Microsoft.AspNetCore.Authorization.DefaultAuthorizationService[1]
Authorization was successful for user: admin.
info: Microsoft.AspNetCore.Mvc.Internal.ControllerActionInvoker[1]
Executing action method <method-name> with arguments <args> - ModelState is Valid
info: Microsoft.AspNetCore.Mvc.Internal.ObjectResultExecutor[1]
Executing ObjectResult, writing value Microsoft.AspNetCore.Mvc.ControllerContext.
info: Microsoft.AspNetCore.Mvc.Internal.ControllerActionInvoker[2]
Executed action <method-name> in 41.9809ms
info: Microsoft.AspNetCore.Hosting.Internal.WebHost[2]
Request finished in 42.6694ms 200 application/json; charset=utf-8
for failed looks like:
info: Microsoft.AspNetCore.Hosting.Internal.WebHost[1]
Request starting HTTP/1.1 OPTIONS http://
info: Microsoft.AspNetCore.Hosting.Internal.WebHost[2]
Request finished in 0.3408ms 204
Application pool for that app is set up without managed code.
Web.config contains:
<?xml version="1.0" encoding="utf-8"?>
<configuration>
<system.webServer>
<handlers>
<add name="aspNetCore" path="*" verb="*" modules="AspNetCoreModule" resourceType="Unspecified" />
</handlers>
<aspNetCore processPath="dotnet" arguments=".\app.dll" stdoutLogEnabled="true" stdoutLogFile=".\logs\stdout">
<environmentVariables>
<environmentVariable name="ASPNETCORE_ENVIRONMENT" value="app-release" />
</environmentVariables>
</aspNetCore>
</system.webServer>
</configuration>
What may be a cause of such strange behaviour?
P.S.
IIS version - 10
netcoreapp - 1.1 (common "Microsoft.AspNetCore."
libraries - 1.1.1)
Update:
I set "Trace" level for logging and didn't see any logs about "corrupted" request, only about requests before. Also took a look at chrome dev's tools "network" tab and there is:
Request Headers
Provisional headers are shown
Access-Control-Request-Headers:access-control-allow-origin,authorization
Access-Control-Request-Method:GET
Update:
I have no idea why but it's started to spontaneously error even on static content like css.
Also I forget to note that I have the same functionality on asp.net web api 2 (not core) - and it works fine on the same server.
Founded such info in log before slow request:
dbug: Microsoft.AspNetCore.Server.Kestrel[2]
Connection id "0HL3SC4O1J78T" stopped.
dbug: Microsoft.AspNetCore.Server.Kestrel[8]
Connection id "0HL3SC4O1J78S" sent FIN with status "0".
dbug: Microsoft.AspNetCore.Server.Kestrel[2]
Connection id "0HL3SC4O1J78S" stopped.
dbug: Microsoft.AspNetCore.Server.Kestrel[2]
Connection id "0HL3SC4O1J78R" stopped.
dbug: Microsoft.AspNetCore.Server.Kestrel[8]
Connection id "0HL3SC4O1J78V" sent FIN with status "0".
dbug: Microsoft.AspNetCore.Server.Kestrel[2]
Connection id "0HL3SC4O1J78V" stopped.
Update:
There is no any messages in IIS log (within inetpub/logs) about "corrupted" request too. Just an information about last successful request-response. It looks like request isn't handled by IIS at all. Is it possible (I'm not experienced in IIS setup and configuraiton)?
Also tried to use a stub - empty .net core application instead of my. The result is the same. From what I'm concluding that the problem isn't in my app
-Updated with pics of request header and params.
Can anyone tell me why WSo2 API Manager does not authenticate?
I have set up two WSo2 API Manager 1.6.0 instances. One that is distributed and a stand alone instance. I also have created a version of the CDYNE sample API that requires authorization and another version that does not. It does not appear that the API is published correctly because it does not matter what level I set the api security to when creating the api.
Here is the api on the gateway:
<?xml version="1.0" encoding="UTF-8"?><api xmlns="http://ws.apache.org/ns/synapse" name="Creator1--APIPhoneVerify" context="/APIPhoneVerify" version="2.0.0" version-type="url">
<resource methods="POST GET OPTIONS DELETE PUT" url-mapping="/CheckPhoneNumber">
<inSequence>
<property name="POST_TO_URI" value="true" scope="axis2"/>
<filter source="$ctx:AM_KEY_TYPE" regex="PRODUCTION">
<then>
<send>
<endpoint name="Creator1--APIPhoneVerify_APIproductionEndpoint_0">
<http uri-template="http://ws.cdyne.com/phoneverify/phoneverify.asmx">
<timeout>
<duration>30000</duration>
<responseAction>fault</responseAction>
</timeout>
<suspendOnFailure>
<errorCodes>-1</errorCodes>
<initialDuration>0</initialDuration>
<progressionFactor>1.0</progressionFactor>
<maximumDuration>0</maximumDuration>
</suspendOnFailure>
<markForSuspension>
<errorCodes>-1</errorCodes>
</markForSuspension>
</http>
</endpoint>
</send>
</then>
<else>
<send>
<endpoint name="Creator1--APIPhoneVerify_APIsandboxEndpoint_0">
<http uri-template="http://ws.cdyne.com/phoneverify/phoneverify.asmx">
<timeout>
<duration>30000</duration>
<responseAction>fault</responseAction>
</timeout>
<suspendOnFailure>
<errorCodes>-1</errorCodes>
<initialDuration>0</initialDuration>
<progressionFactor>1.0</progressionFactor>
<maximumDuration>0</maximumDuration>
</suspendOnFailure>
<markForSuspension>
<errorCodes>-1</errorCodes>
</markForSuspension>
</http>
</endpoint>
</send>
</else>
</filter>
</inSequence>
<outSequence>
<send/>
</outSequence>
</resource>
<handlers>
<handler class="org.wso2.carbon.apimgt.gateway.handlers.security.APIAuthenticationHandler"/>
<handler class="org.wso2.carbon.apimgt.gateway.handlers.throttling.APIThrottleHandler">
<property name="id" value="A"/>
<property name="policyKey" value="gov:/apimgt/applicationdata/tiers.xml"/>
</handler>
<handler class="org.wso2.carbon.apimgt.usage.publisher.APIMgtUsageHandler"/>
<handler class="org.wso2.carbon.apimgt.usage.publisher.APIMgtGoogleAnalyticsTrackingHandler"/>
<handler class="org.wso2.carbon.apimgt.gateway.handlers.ext.APIManagerExtensionHandler"/>
</handlers>
</api>
When I use the 'try it' feature it appears that the key is not passed and I get an error.
Here is the key:
Here is the response:
Here is the wso2carbon.log:
TID: [0] [AM] [2014-02-05 14:25:02,513] ERROR {org.wso2.carbon.apimgt.gateway.handlers.security.APIAuthenticationHandler} - API authentication failure {org.wso2.carbon.apimgt.gateway.handlers.security.APIAuthenticationHandler}
org.wso2.carbon.apimgt.gateway.handlers.security.APISecurityException: Access failure for API: /APIPhoneVerify, version: 2.0.0 with key: null
at org.wso2.carbon.apimgt.gateway.handlers.security.oauth.OAuthAuthenticator.authenticate(OAuthAuthenticator.java:139)
at org.wso2.carbon.apimgt.gateway.handlers.security.APIAuthenticationHandler.handleRequest(APIAuthenticationHandler.java:92)
at org.apache.synapse.rest.API.process(API.java:285)
at org.apache.synapse.rest.RESTRequestHandler.dispatchToAPI(RESTRequestHandler.java:76)
at org.apache.synapse.rest.RESTRequestHandler.process(RESTRequestHandler.java:63)
at org.apache.synapse.core.axis2.Axis2SynapseEnvironment.injectMessage(Axis2SynapseEnvironment.java:220)
at org.apache.synapse.core.axis2.SynapseMessageReceiver.receive(SynapseMessageReceiver.java:83)
at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:180)
at org.apache.synapse.transport.passthru.ServerWorker.processNonEntityEnclosingRESTHandler(ServerWorker.java:336)
at org.apache.synapse.transport.passthru.ServerWorker.run(ServerWorker.java:168)
at org.apache.axis2.transport.base.threads.NativeWorkerPool$1.run(NativeWorkerPool.java:172)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
at java.lang.Thread.run(Thread.java:744)
TID: [0] [AM] [2014-02-05 14:25:02,516] INFO {org.wso2.carbon.bam.message.tracer.handler.util.HandlerUtils} - Massage Info: Transaction id=115815524651347724395990 Message direction=OUT Server name=7.40.2.26:9765 Timestamp=1391631902516 Service name=__SynapseService Operation Name=mediate {org.wso2.carbon.bam.message.tracer.handler.util.HandlerUtils}
I then tried from an external source in case it was a 'tryit' problem. In this case the key was at least passed.
Here is the request and reply:
Here is the wso2carbon.log:
TID: [0] [AM] [2014-02-05 14:26:24,053] ERROR {org.wso2.carbon.apimgt.gateway.handlers.security.APIAuthenticationHandler} - API authentication failure {org.wso2.carbon.apimgt.gateway.handlers.security.APIAuthenticationHandler}
org.wso2.carbon.apimgt.gateway.handlers.security.APISecurityException: Access failure for API: /APIPhoneVerify, version: 2.0.0 with key: CgtcOiDinAKo4hKbtDV_fr6JIVAa
at org.wso2.carbon.apimgt.gateway.handlers.security.oauth.OAuthAuthenticator.authenticate(OAuthAuthenticator.java:139)
at org.wso2.carbon.apimgt.gateway.handlers.security.APIAuthenticationHandler.handleRequest(APIAuthenticationHandler.java:92)
at org.apache.synapse.rest.API.process(API.java:285)
at org.apache.synapse.rest.RESTRequestHandler.dispatchToAPI(RESTRequestHandler.java:76)
at org.apache.synapse.rest.RESTRequestHandler.process(RESTRequestHandler.java:63)
at org.apache.synapse.core.axis2.Axis2SynapseEnvironment.injectMessage(Axis2SynapseEnvironment.java:220)
at org.apache.synapse.core.axis2.SynapseMessageReceiver.receive(SynapseMessageReceiver.java:83)
at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:180)
at org.apache.synapse.transport.passthru.ServerWorker.processNonEntityEnclosingRESTHandler(ServerWorker.java:336)
at org.apache.synapse.transport.passthru.ServerWorker.run(ServerWorker.java:168)
at org.apache.axis2.transport.base.threads.NativeWorkerPool$1.run(NativeWorkerPool.java:172)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
at java.lang.Thread.run(Thread.java:744)
TID: [0] [AM] [2014-02-05 14:26:24,056] INFO {org.wso2.carbon.bam.message.tracer.handler.util.HandlerUtils} - Massage Info: Transaction id=115823714657361932967093 Message direction=OUT Server name=7.40.2.26:9765 Timestamp=1391631984056 Service name=__SynapseService Operation Name=mediate {org.wso2.carbon.bam.message.tracer.handler.util.HandlerUtils}
Can you please try this API
http://api.openweathermap.org/data/2.5/weather
with parameter q=London
The final request should look like the following
http://localhost:8280/yourAPI/1.0?q=London
I have added 2 versions of the same api. 1.6.0 (which doesn't work) and 1.6.1 (which does work).
The error message regarding API authenication failure led me to believe it was a auth problem.
However, since your worked with the /* url pattern I tried that, instead of a pattern of /CheckPhoneNumber and it worked. I guess having a url pattern of /CheckPhoneNumber and updating the swagger doc to have the definition include /CheckPhoneNumber are NOT the same thing.
I've configured nginx with php-fpm on Ubuntu (and everything works pretty well).
One thing I encountered is that HTTP status code 200 is sent, when a PHP parse error occurs. The error log contains the following entry:
[error] 3205#0: *2854 FastCGI sent in stderr: "PHP Parse error: syntax error, unexpected T_REQUIRE_ONCE in /var/www/.../index.php on line 32" while reading response header from upstream, client: 1.2.3.4, server: example.com; request: "GET / HTTP/1.1", upstream: "fastcgi://127.0.0.1:9000", host: "example.com"
I was not able to figure out, why not a code 50x is sent. I have not configured any error_page settings and I read the documentation of error_page. I also tried it to set the status code (with error_page 500 =500 /50x.html and so on). But always status 200 is returned.
I can send status headers from PHP (header('HTTP/1.1 404 Not Found')), this works. However, for errors issued by the PHP interpreter (also uncaught exceptions), the server's response doesn't take into account that an error occurred.
FYI, this is now fixed in Xdebug (2.2) for PHP 5.4 and up. Sadly, it needed a change in PHP to make it work that could not be back-ported to 5.3.