Hi, I tried applying basic authentication (UsernameToken security scenario) in ESB 4.8.1 as well as ESB 4.6.0. It worked in both versions. So shall we specify page [1] as the solution for Documentation-280 jira?
[1] http://docs.wso2.com/display/ESB481/Service-Level+Security+Implementation Best Regards, Rukshani. On Wed, Jul 9, 2014 at 8:43 AM, Dushan Abeyruwan <dus...@wso2.com> wrote: > Hi > Regarding $subject any reason for workaround ? did we test 4.8.0 > onwards, I tried with 4.9.0 pack and seems basic auth working for proxy. > > <proxy xmlns="http://ws.apache.org/ns/synapse" > name="EchoProxy" > transports="https" > statistics="disable" > trace="disable" > startOnLoad="true"> > <target> > <inSequence> > <log/> > <respond/> > </inSequence> > </target> > <parameter name="ScenarioID">scenario1</parameter> > <enableSec/> > <policy > key="conf:/repository/axis2/service-groups/EchoProxy/services/EchoProxy/policies/UTOverTransport"/> > <description/> > </proxy> > > > Failure Invalid UN or PW > ======================= > > HTTP/1.1 401 Unauthorized > WWW-Authenticate: BASIC realm="WSO2 Enterprise Service Bus" > Content-Type: application/json; charset=UTF-8 > Date: Wed, 09 Jul 2014 03:10:00 GMT > Transfer-Encoding: chunked > Connection: Keep-Alive > > {"Fault":{"faultcode":"axis2ns2:FailedAuthentication","faultstring":"The > security token could not be authenticated or authorized; nested exception > is: \n\tjavax.security.auth.callback.UnsupportedCallbackException: Check > failed : System error","detail":null}} > > > [2014-07-09 08:36:53,042] DEBUG - headers http-incoming-4 >> POST > /services/EchoProxy HTTP/1.1 > [2014-07-09 08:36:53,042] DEBUG - headers http-incoming-4 >> > Accept-Encoding: gzip,deflate > [2014-07-09 08:36:53,043] DEBUG - headers http-incoming-4 >> Content-Type: > application/json > [2014-07-09 08:36:53,043] DEBUG - headers http-incoming-4 >> > Content-Length: 1109 > [2014-07-09 08:36:53,043] DEBUG - headers http-incoming-4 >> Host: kit:8243 > [2014-07-09 08:36:53,043] DEBUG - headers http-incoming-4 >> Connection: > Keep-Alive > [2014-07-09 08:36:53,043] DEBUG - headers http-incoming-4 >> User-Agent: > Apache-HttpClient/4.1.1 (java 1.5) > [2014-07-09 08:36:53,045] DEBUG - headers http-incoming-4 << HTTP/1.1 401 > Unauthorized > [2014-07-09 08:36:53,046] DEBUG - headers http-incoming-4 << > WWW-Authenticate: BASIC realm="WSO2 Enterprise Service Bus" > [2014-07-09 08:36:53,046] DEBUG - headers http-incoming-4 << Date: Wed, 09 > Jul 2014 03:06:53 GMT > [2014-07-09 08:36:53,046] DEBUG - headers http-incoming-4 << > Transfer-Encoding: chunked > [2014-07-09 08:36:53,046] DEBUG - headers http-incoming-4 << Connection: > Keep-Alive > [2014-07-09 08:36:53,051] DEBUG - headers http-incoming-4 >> POST > /services/EchoProxy HTTP/1.1 > [2014-07-09 08:36:53,051] DEBUG - headers http-incoming-4 >> > Accept-Encoding: gzip,deflate > [2014-07-09 08:36:53,051] DEBUG - headers http-incoming-4 >> Content-Type: > application/json > [2014-07-09 08:36:53,051] DEBUG - headers http-incoming-4 >> > Content-Length: 1109 > [2014-07-09 08:36:53,052] DEBUG - headers http-incoming-4 >> Host: kit:8243 > [2014-07-09 08:36:53,052] DEBUG - headers http-incoming-4 >> Connection: > Keep-Alive > [2014-07-09 08:36:53,053] DEBUG - headers http-incoming-4 >> User-Agent: > Apache-HttpClient/4.1.1 (java 1.5) > [2014-07-09 08:36:53,053] DEBUG - headers http-incoming-4 >> > Authorization: Basic YWRtaW46YWRtaW4x > [2014-07-09 08:36:53,064] ERROR - AxisEngine The security token could not > be authenticated or authorized; nested exception is: > javax.security.auth.callback.UnsupportedCallbackException: Check failed > : System error > org.apache.axis2.AxisFault: The security token could not be authenticated > or authorized; nested exception is: > javax.security.auth.callback.UnsupportedCallbackException: Check failed > : System error > at > org.apache.rampart.handler.RampartReceiver.setFaultCodeAndThrowAxisFault(RampartReceiver.java:180) > at > org.apache.rampart.handler.RampartReceiver.invoke(RampartReceiver.java:95) > at org.apache.axis2.engine.Phase.invokeHandler(Phase.java:340) > at org.apache.axis2.engine.Phase.invoke(Phase.java:313) > at org.apache.axis2.engine.AxisEngine.invoke(AxisEngine.java:261) > at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:167) > at > org.apache.synapse.transport.passthru.ServerWorker.processNonEntityEnclosingRESTHandler(ServerWorker.java:344) > at > org.apache.synapse.transport.passthru.ServerWorker.processEntityEnclosingRequest(ServerWorker.java:385) > at > org.apache.synapse.transport.passthru.ServerWorker.run(ServerWorker.java:183) > at > org.apache.axis2.transport.base.threads.NativeWorkerPool$1.run(NativeWorkerPool.java:172) > at > java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:886) > at > java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:908) > at java.lang.Thread.run(Thread.java:662) > Caused by: org.apache.ws.security.WSSecurityException: The security token > could not be authenticated or authorized; nested exception is: > javax.security.auth.callback.UnsupportedCallbackException: Check failed : > System error > at > org.apache.ws.security.processor.UsernameTokenProcessor.handleUsernameToken(UsernameTokenProcessor.java:180) > at > org.apache.ws.security.processor.UsernameTokenProcessor.handleToken(UsernameTokenProcessor.java:61) > at > org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:332) > at > org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:249) > at org.apache.rampart.RampartEngine.process(RampartEngine.java:214) > at > org.apache.rampart.handler.RampartReceiver.invoke(RampartReceiver.java:92) > ... 11 more > Caused by: javax.security.auth.callback.UnsupportedCallbackException: > Check failed : System error > at > org.wso2.carbon.security.util.ServicePasswordCallbackHandler.handle(ServicePasswordCallbackHandler.java:117) > at > org.apache.rampart.TokenCallbackHandler.handle(TokenCallbackHandler.java:116) > at > org.apache.ws.security.processor.UsernameTokenProcessor.handleUsernameToken(UsernameTokenProcessor.java:168) > ... 16 more > [2014-07-09 08:36:53,066] ERROR - ServerWorker Error processing POST > request for : /services/EchoProxy > org.apache.axis2.AxisFault: The security token could not be authenticated > or authorized; nested exception is: > javax.security.auth.callback.UnsupportedCallbackException: Check failed > : System error > at > org.apache.rampart.handler.RampartReceiver.setFaultCodeAndThrowAxisFault(RampartReceiver.java:180) > at > org.apache.rampart.handler.RampartReceiver.invoke(RampartReceiver.java:95) > at org.apache.axis2.engine.Phase.invokeHandler(Phase.java:340) > at org.apache.axis2.engine.Phase.invoke(Phase.java:313) > at org.apache.axis2.engine.AxisEngine.invoke(AxisEngine.java:261) > at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:167) > at > org.apache.synapse.transport.passthru.ServerWorker.processNonEntityEnclosingRESTHandler(ServerWorker.java:344) > at > org.apache.synapse.transport.passthru.ServerWorker.processEntityEnclosingRequest(ServerWorker.java:385) > at > org.apache.synapse.transport.passthru.ServerWorker.run(ServerWorker.java:183) > at > org.apache.axis2.transport.base.threads.NativeWorkerPool$1.run(NativeWorkerPool.java:172) > at > java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:886) > at > java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:908) > at java.lang.Thread.run(Thread.java:662) > Caused by: org.apache.ws.security.WSSecurityException: The security token > could not be authenticated or authorized; nested exception is: > javax.security.auth.callback.UnsupportedCallbackException: Check failed : > System error > at > org.apache.ws.security.processor.UsernameTokenProcessor.handleUsernameToken(UsernameTokenProcessor.java:180) > at > org.apache.ws.security.processor.UsernameTokenProcessor.handleToken(UsernameTokenProcessor.java:61) > at > org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:332) > at > org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:249) > at org.apache.rampart.RampartEngine.process(RampartEngine.java:214) > at > org.apache.rampart.handler.RampartReceiver.invoke(RampartReceiver.java:92) > ... 11 more > Caused by: javax.security.auth.callback.UnsupportedCallbackException: > Check failed : System error > at > org.wso2.carbon.security.util.ServicePasswordCallbackHandler.handle(ServicePasswordCallbackHandler.java:117) > at > org.apache.rampart.TokenCallbackHandler.handle(TokenCallbackHandler.java:116) > at > org.apache.ws.security.processor.UsernameTokenProcessor.handleUsernameToken(UsernameTokenProcessor.java:168) > ... 16 more > [2014-07-09 08:36:53,070] DEBUG - headers http-incoming-4 << HTTP/1.1 401 > Unauthorized > [2014-07-09 08:36:53,070] DEBUG - headers http-incoming-4 << > WWW-Authenticate: BASIC realm="WSO2 Enterprise Service Bus" > [2014-07-09 08:36:53,070] DEBUG - headers http-incoming-4 << Content-Type: > application/json; charset=UTF-8 > [2014-07-09 08:36:53,070] DEBUG - headers http-incoming-4 << Date: Wed, 09 > Jul 2014 03:06:53 GMT > [2014-07-09 08:36:53,070] DEBUG - headers http-incoming-4 << > Transfer-Encoding: chunked > [2014-07-09 08:36:53,070] DEBUG - headers http-incoming-4 << Connection: > Keep-Alive > > success > ========== > > HTTP/1.1 200 OK > Authorization: Basic YWRtaW46YWRtaW4= > Host: kit:8243 > Accept-Encoding: gzip,deflate > Content-Type: application/json; charset=UTF-8 > Date: Wed, 09 Jul 2014 03:09:04 GMT > Transfer-Encoding: chunked > Connection: Keep-Alive > > > [2014-07-09 08:39:04,912] DEBUG - headers http-incoming-5 >> POST > /services/EchoProxy HTTP/1.1 > [2014-07-09 08:39:04,912] DEBUG - headers http-incoming-5 >> > Accept-Encoding: gzip,deflate > [2014-07-09 08:39:04,912] DEBUG - headers http-incoming-5 >> Content-Type: > application/json > [2014-07-09 08:39:04,913] DEBUG - headers http-incoming-5 >> > Content-Length: 1109 > [2014-07-09 08:39:04,913] DEBUG - headers http-incoming-5 >> Host: kit:8243 > [2014-07-09 08:39:04,913] DEBUG - headers http-incoming-5 >> Connection: > Keep-Alive > [2014-07-09 08:39:04,913] DEBUG - headers http-incoming-5 >> User-Agent: > Apache-HttpClient/4.1.1 (java 1.5) > [2014-07-09 08:39:04,917] DEBUG - headers http-incoming-5 << HTTP/1.1 401 > Unauthorized > [2014-07-09 08:39:04,917] DEBUG - headers http-incoming-5 << > WWW-Authenticate: BASIC realm="WSO2 Enterprise Service Bus" > [2014-07-09 08:39:04,917] DEBUG - headers http-incoming-5 << Date: Wed, 09 > Jul 2014 03:09:04 GMT > [2014-07-09 08:39:04,917] DEBUG - headers http-incoming-5 << > Transfer-Encoding: chunked > [2014-07-09 08:39:04,917] DEBUG - headers http-incoming-5 << Connection: > Keep-Alive > [2014-07-09 08:39:04,926] DEBUG - headers http-incoming-5 >> POST > /services/EchoProxy HTTP/1.1 > [2014-07-09 08:39:04,926] DEBUG - headers http-incoming-5 >> > Accept-Encoding: gzip,deflate > [2014-07-09 08:39:04,926] DEBUG - headers http-incoming-5 >> Content-Type: > application/json > [2014-07-09 08:39:04,927] DEBUG - headers http-incoming-5 >> > Content-Length: 1109 > [2014-07-09 08:39:04,927] DEBUG - headers http-incoming-5 >> Host: kit:8243 > [2014-07-09 08:39:04,927] DEBUG - headers http-incoming-5 >> Connection: > Keep-Alive > [2014-07-09 08:39:04,927] DEBUG - headers http-incoming-5 >> User-Agent: > Apache-HttpClient/4.1.1 (java 1.5) > [2014-07-09 08:39:04,927] DEBUG - headers http-incoming-5 >> > Authorization: Basic YWRtaW46YWRtaW4= > [2014-07-09 08:39:05,170] INFO - LogMediator To: /services/EchoProxy, > MessageID: urn:uuid:7ff37db2-8b0c-45df-ad7a-424c1abfdfb4, Direction: request > [2014-07-09 08:39:05,175] DEBUG - headers http-incoming-5 << HTTP/1.1 200 > OK > [2014-07-09 08:39:05,175] DEBUG - headers http-incoming-5 << > Authorization: Basic YWRtaW46YWRtaW4= > [2014-07-09 08:39:05,175] DEBUG - headers http-incoming-5 << Host: kit:8243 > [2014-07-09 08:39:05,175] DEBUG - headers http-incoming-5 << > Accept-Encoding: gzip,deflate > [2014-07-09 08:39:05,175] DEBUG - headers http-incoming-5 << Content-Type: > application/json; charset=UTF-8 > [2014-07-09 08:39:05,175] DEBUG - headers http-incoming-5 << Date: Wed, 09 > Jul 2014 03:09:04 GMT > [2014-07-09 08:39:05,175] DEBUG - headers http-incoming-5 << > Transfer-Encoding: chunked > [2014-07-09 08:39:05,175] DEBUG - headers http-incoming-5 << Connection: > Keep-Alive > > > -- > Dushan Abeyruwan | Associate Tech Lead > Integration Technologies Team > PMC Member Apache Synpase > WSO2 Inc. http://wso2.com/ > Blog:http://dushansview.blogspot.com/ > Mobile:(0094)713942042 > > > _______________________________________________ > Dev mailing list > Dev@wso2.org > http://wso2.org/cgi-bin/mailman/listinfo/dev > > -- Rukshani Weerasinha WSO2 Inc. Web:http://wso2.com Mobile: 0777 683 738
_______________________________________________ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev