[ESBJAVA-5228] ESB TCP transport does not support TLS Created: 19/Sep/17  Updated: 19/Sep/17

Status: Open
Project: WSO2 ESB
Component/s: Transport
Affects Version/s: 5.0.0, EI-611
Fix Version/s: None

Type: Improvement Priority: Normal
Reporter: Supun Perera Assignee: Chanaka Fernando
Resolution: Unresolved Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified
Environment:

ESB 5.0


Severity: Minor
Estimated Complexity: Moderate
Test cases added: Yes

 Description   

Currently, ESB does not support TLS with TCP transport. Appreciate If you could check on the same and consider this feature as an improvement for future releases.






[ESBJAVA-5227] DBLookup mediator fails to work inside ForEach mediator Created: 15/Sep/17  Updated: 15/Sep/17

Status: Open
Project: WSO2 ESB
Component/s: None
Affects Version/s: 5.0.0
Fix Version/s: None

Type: Bug Priority: Normal
Reporter: Buddhima Wijeweera Assignee: Chanaka Fernando
Resolution: Unresolved Votes: 0
Labels: ESB, Mediator
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified
Environment:

WSO2 ESB 5.0.0
Ubuntu 16.04
JDK 1.8


Severity: Major
Estimated Complexity: Moderate
Test cases added: No

 Description   

When DBReport (same goes with DBLookup) inside ForEach mediator, mediation fails with a null pointer exception.

Sample Config:

<foreach expression="//request/address" xmlns:ns="http://org.apache.synapse/xsd">
    <sequence>
        <dbreport>
            <connection>
                <pool>
                    <dsName>jdbc/MY_DB</dsName>
                </pool>
            </connection>
            <statement>
                <sql><![CDATA[insert into table(a,b,c,d) values(?, ?, ?, ?);]]></sql>
                <parameter value="p" type="VARCHAR"/>
                <parameter value="q" type="VARCHAR"/>
                <parameter value="r" type="VARCHAR"/>
                <parameter value="s" type="VARCHAR"/>
            </statement>
        </dbreport>
    </sequence>
</foreach>

Actual Result:

java.lang.NullPointerException
	at org.apache.synapse.mediators.db.DBReportMediator.processStatement(DBReportMediator.java:68)
	at org.apache.synapse.mediators.db.AbstractDBMediator.mediate(AbstractDBMediator.java:149)
	at org.apache.synapse.mediators.AbstractListMediator.mediate(AbstractListMediator.java:97)
	at org.apache.synapse.mediators.AbstractListMediator.mediate(AbstractListMediator.java:59)
	at org.apache.synapse.mediators.base.SequenceMediator.mediate(SequenceMediator.java:158)
	at org.apache.synapse.mediators.builtin.ForEachMediator.mediateSequence(ForEachMediator.java:176)
	at org.apache.synapse.mediators.builtin.ForEachMediator.mediate(ForEachMediator.java:139)
	at org.apache.synapse.mediators.AbstractListMediator.mediate(AbstractListMediator.java:97)
	at org.apache.synapse.mediators.AbstractListMediator.mediate(AbstractListMediator.java:59)



 Comments   
Comment by Buddhima Wijeweera [ 15/Sep/17 ]

Hi,

Fix is done with: https://github.com/wso2/wso2-synapse/pull/819

Thanks,
Buddhima





[ESBJAVA-5226] Password not obfuscated in error logs Created: 15/Sep/17  Updated: 15/Sep/17

Status: Open
Project: WSO2 ESB
Component/s: Security
Affects Version/s: 4.8.1
Fix Version/s: None

Type: Bug Priority: Normal
Reporter: Thivya Mahenthirarasa Assignee: Chanaka Fernando
Resolution: Unresolved Votes: 0
Labels: ESB
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Severity: Major
Estimated Complexity: Moderate
Test cases added: Yes

 Description   

They have a security problem due to clear passwords displayed in logs when errors occur in our VFS polling process.
You can see in the following trace that in the exception cause log, the password "password" is displayed, whereas in the child exception it is replaced by *** characters.

??org.apache.commons.vfs2.FileNotFoundException: Could not read from "ftp://pnrftp:***@ip-server-ftp1/ftp2esb/MORPHOFTP/in/api.edi?vfs.passive=true" because it is a not a file.
at org.apache.commons.vfs2.provider.AbstractFileObject.getInputStream(AbstractFileObject.java:1316)
at org.apache.commons.vfs2.provider.DefaultFileContent.getInputStream(DefaultFileContent.java:397)
at org.apache.synapse.transport.vfs.VFSTransportListener.processFile(VFSTransportListener.java:601)
at org.apache.synapse.transport.vfs.VFSTransportListener.scanFileOrDirectory(VFSTransportListener.java:335)
at org.apache.synapse.transport.vfs.VFSTransportListener.poll(VFSTransportListener.java:159)
at org.apache.synapse.transport.vfs.VFSTransportListener.poll(VFSTransportListener.java:108)
at org.apache.axis2.transport.base.AbstractPollingTransportListener$1$1.run(AbstractPollingTransportListener.java:67)
at org.apache.axis2.transport.base.threads.NativeWorkerPool$1.run(NativeWorkerPool.java:172)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
at java.lang.Thread.run(Thread.java:748)
Caused by: java.io.FileNotFoundException: ftp://pnrftp:*mot_de_passe*@ip-server-ftp1/ftp2esb/MORPHOFTP/in/api.edi?vfs.passive=true
at org.apache.commons.vfs2.provider.ftp.FtpFileObject.doGetInputStream(FtpFileObject.java:610)
at org.apache.commons.vfs2.provider.AbstractFileObject.getInputStream(AbstractFileObject.java:1308)??






[ESBJAVA-5225] Call mediator blocking mode adds default Content-Type even after removing Created: 14/Sep/17  Updated: 14/Sep/17

Status: Open
Project: WSO2 ESB
Component/s: Mediators, Transport
Affects Version/s: 4.9.0
Fix Version/s: None

Type: Bug Priority: Normal
Reporter: Nipun Thathsara Assignee: Chanaka Fernando
Resolution: Unresolved Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Severity: Major
Estimated Complexity: Moderate
Attachment License: I agree to grant a license to WSO2 for this work for inclusion in WSO2 works as per the WSO2 Contributor License Agreement and the Apache License 2.0
Test cases added: Yes

 Description   

Call mediator's blocking modes adds Message Formatter's default Content-Type even after removing the Content-Type in the Synapse configuration.






[ESBJAVA-5224] Failed to create custom inbound endpoint In the ESB Created: 14/Sep/17  Updated: 19/Sep/17  Resolved: 19/Sep/17

Status: Resolved
Project: WSO2 ESB
Component/s: None
Affects Version/s: 4.9.0
Fix Version/s: 4.9.0

Type: Bug Priority: Highest
Reporter: sewmini jayaweera Assignee: Malaka Gangananda
Resolution: Fixed Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified
Environment:

Mac OS: version 10.12.5
Pack : Tested in wso2esb-4.9.0 vanilla pack as well as wum updated pack (wso2esb-4.9.0.1503584627373.zip)
JAVA version: java version "1.7.0_79"


Severity: Blocker
Estimated Complexity: Moderate
Test cases added: Not-applicable

 Description   

1. Try to add a custom inbound endpoint given valid inputs.
2. Below error was observed when trying to save the endpoint.

[2017-09-14 10:53:17,268] ERROR - CarbonInboundManagementService Error adding inbound Endpoint
java.lang.NumberFormatException: null
	at java.lang.Long.parseLong(Long.java:404)
	at java.lang.Long.parseLong(Long.java:483)
	at org.wso2.carbon.inbound.endpoint.protocol.generic.GenericProcessor.<init>(GenericProcessor.java:66)
	at org.wso2.carbon.inbound.endpoint.inboundfactory.InboundRequestProcessorFactoryImpl.createInboundProcessor(InboundRequestProcessorFactoryImpl.java:74)
	at org.apache.synapse.inbound.InboundEndpoint.getInboundRequestProcessor(InboundEndpoint.java:95)
	at org.apache.synapse.inbound.InboundEndpoint.init(InboundEndpoint.java:62)
	at org.wso2.carbon.inbound.CarbonInboundManagementService.addInboundEndpoint(CarbonInboundManagementService.java:128)
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	at java.lang.reflect.Method.invoke(Method.java:606)
	at org.apache.axis2.rpc.receivers.RPCUtil.invokeServiceClass(RPCUtil.java:212)
	at org.apache.axis2.rpc.receivers.RPCInOnlyMessageReceiver.invokeBusinessLogic(RPCInOnlyMessageReceiver.java:66)
	at org.apache.axis2.receivers.AbstractMessageReceiver.receive(AbstractMessageReceiver.java:110)
	at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:180)
	at org.apache.axis2.transport.local.LocalTransportReceiver.processMessage(LocalTransportReceiver.java:169)
	at org.apache.axis2.transport.local.LocalTransportReceiver.processMessage(LocalTransportReceiver.java:82)
	at org.wso2.carbon.core.transports.local.CarbonLocalTransportSender.finalizeSendWithToAddress(CarbonLocalTransportSender.java:45)
	at org.apache.axis2.transport.local.LocalTransportSender.invoke(LocalTransportSender.java:77)
	at org.apache.axis2.engine.AxisEngine.send(AxisEngine.java:442)
	at org.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisOperation.java:430)
	at org.apache.axis2.description.OutInAxisOperationClient.executeImpl(OutInAxisOperation.java:225)
	at org.apache.axis2.client.OperationClient.execute(OperationClient.java:149)
	at org.wso2.carbon.inbound.stub.InboundAdminStub.addInboundEndpoint(InboundAdminStub.java:373)
	at org.wso2.carbon.inbound.ui.internal.InboundManagementClient.addInboundEndpoint(InboundManagementClient.java:150)
	at org.apache.jsp.inbound.saveInbound_jsp._jspService(saveInbound_jsp.java:244)
	at org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:70)
	at javax.servlet.http.HttpServlet.service(HttpServlet.java:731)
	at org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:439)
	at org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:395)
	at org.apache.jasper.servlet.JspServlet.service(JspServlet.java:339)
	at javax.servlet.http.HttpServlet.service(HttpServlet.java:731)
	at org.wso2.carbon.ui.JspServlet.service(JspServlet.java:155)
	at org.wso2.carbon.ui.TilesJspServlet.service(TilesJspServlet.java:80)
	at javax.servlet.http.HttpServlet.service(HttpServlet.java:731)
	at org.eclipse.equinox.http.helper.ContextPathServletAdaptor.service(ContextPathServletAdaptor.java:37)
	at org.eclipse.equinox.http.servlet.internal.ServletRegistration.service(ServletRegistration.java:61)
	at org.eclipse.equinox.http.servlet.internal.ProxyServlet.processAlias(ProxyServlet.java:128)
	at org.eclipse.equinox.http.servlet.internal.ProxyServlet.service(ProxyServlet.java:68)
	at javax.servlet.http.HttpServlet.service(HttpServlet.java:731)
	at org.wso2.carbon.tomcat.ext.servlet.DelegationServlet.service(DelegationServlet.java:68)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:303)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
	at org.apache.catalina.core.ApplicationDispatcher.invoke(ApplicationDispatcher.java:743)
	at org.apache.catalina.core.ApplicationDispatcher.doInclude(ApplicationDispatcher.java:603)
	at org.apache.catalina.core.ApplicationDispatcher.include(ApplicationDispatcher.java:542)
	at org.eclipse.equinox.http.servlet.internal.RequestDispatcherAdaptor.include(RequestDispatcherAdaptor.java:37)
	at org.eclipse.equinox.http.helper.ContextPathServletAdaptor$RequestDispatcherAdaptor.include(ContextPathServletAdaptor.java:369)
	at org.apache.jasper.runtime.JspRuntimeLibrary.include(JspRuntimeLibrary.java:905)
	at org.apache.jasper.runtime.PageContextImpl.doInclude(PageContextImpl.java:688)
	at org.apache.jasper.runtime.PageContextImpl.include(PageContextImpl.java:682)
	at sun.reflect.GeneratedMethodAccessor42.invoke(Unknown Source)
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	at java.lang.reflect.Method.invoke(Method.java:606)
	at org.apache.tiles.jsp.context.JspUtil.doInclude(JspUtil.java:87)
	at org.apache.tiles.jsp.context.JspTilesRequestContext.include(JspTilesRequestContext.java:88)
	at org.apache.tiles.jsp.context.JspTilesRequestContext.dispatch(JspTilesRequestContext.java:82)
	at org.apache.tiles.impl.BasicTilesContainer.render(BasicTilesContainer.java:465)
	at org.apache.tiles.jsp.taglib.InsertAttributeTag.render(InsertAttributeTag.java:140)
	at org.apache.tiles.jsp.taglib.InsertAttributeTag.render(InsertAttributeTag.java:117)
	at org.apache.tiles.jsp.taglib.RenderTagSupport.execute(RenderTagSupport.java:171)
	at org.apache.tiles.jsp.taglib.RoleSecurityTagSupport.doEndTag(RoleSecurityTagSupport.java:75)
	at org.apache.tiles.jsp.taglib.ContainerTagSupport.doEndTag(ContainerTagSupport.java:80)
	at org.apache.jsp.admin.layout.template_jsp._jspx_meth_tiles_005finsertAttribute_005f7(template_jsp.java:716)
	at org.apache.jsp.admin.layout.template_jsp._jspService(template_jsp.java:379)
	at org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:70)
	at javax.servlet.http.HttpServlet.service(HttpServlet.java:731)
	at org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:439)
	at org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:395)
	at org.apache.jasper.servlet.JspServlet.service(JspServlet.java:339)
	at javax.servlet.http.HttpServlet.service(HttpServlet.java:731)
	at org.wso2.carbon.ui.JspServlet.service(JspServlet.java:155)
	at org.wso2.carbon.ui.TilesJspServlet.service(TilesJspServlet.java:80)
	at javax.servlet.http.HttpServlet.service(HttpServlet.java:731)
	at org.eclipse.equinox.http.helper.ContextPathServletAdaptor.service(ContextPathServletAdaptor.java:37)
	at org.eclipse.equinox.http.servlet.internal.ServletRegistration.service(ServletRegistration.java:61)
	at org.eclipse.equinox.http.servlet.internal.ProxyServlet.processAlias(ProxyServlet.java:128)
	at org.eclipse.equinox.http.servlet.internal.ProxyServlet.service(ProxyServlet.java:68)
	at javax.servlet.http.HttpServlet.service(HttpServlet.java:731)
	at org.wso2.carbon.tomcat.ext.servlet.DelegationServlet.service(DelegationServlet.java:68)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:303)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
	at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
	at org.apache.catalina.core.ApplicationDispatcher.invoke(ApplicationDispatcher.java:743)
	at org.apache.catalina.core.ApplicationDispatcher.processRequest(ApplicationDispatcher.java:485)
	at org.apache.catalina.core.ApplicationDispatcher.doForward(ApplicationDispatcher.java:410)
	at org.apache.catalina.core.ApplicationDispatcher.forward(ApplicationDispatcher.java:337)
	at org.eclipse.equinox.http.servlet.internal.RequestDispatcherAdaptor.forward(RequestDispatcherAdaptor.java:30)
	at org.eclipse.equinox.http.helper.ContextPathServletAdaptor$RequestDispatcherAdaptor.forward(ContextPathServletAdaptor.java:362)
	at org.apache.tiles.servlet.context.ServletTilesRequestContext.forward(ServletTilesRequestContext.java:198)
	at org.apache.tiles.servlet.context.ServletTilesRequestContext.dispatch(ServletTilesRequestContext.java:185)
	at org.apache.tiles.impl.BasicTilesContainer.render(BasicTilesContainer.java:419)
	at org.apache.tiles.impl.BasicTilesContainer.render(BasicTilesContainer.java:370)
	at org.wso2.carbon.ui.action.ActionHelper.render(ActionHelper.java:52)
	at org.wso2.carbon.ui.TilesJspServlet.service(TilesJspServlet.java:101)
	at javax.servlet.http.HttpServlet.service(HttpServlet.java:731)
	at org.eclipse.equinox.http.helper.ContextPathServletAdaptor.service(ContextPathServletAdaptor.java:37)
	at org.eclipse.equinox.http.servlet.internal.ServletRegistration.service(ServletRegistration.java:61)
	at org.eclipse.equinox.http.servlet.internal.ProxyServlet.processAlias(ProxyServlet.java:128)
	at org.eclipse.equinox.http.servlet.internal.ProxyServlet.service(ProxyServlet.java:68)
	at javax.servlet.http.HttpServlet.service(HttpServlet.java:731)
	at org.wso2.carbon.tomcat.ext.servlet.DelegationServlet.service(DelegationServlet.java:68)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:303)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
	at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
	at org.wso2.carbon.tomcat.ext.filter.CharacterSetFilter.doFilter(CharacterSetFilter.java:61)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
	at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:218)
	at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:110)
	at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:506)
	at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:169)
	at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:103)
	at org.wso2.carbon.tomcat.ext.valves.CompositeValve.continueInvocation(CompositeValve.java:99)
	at org.wso2.carbon.tomcat.ext.valves.TomcatValveContainer.invokeValves(TomcatValveContainer.java:49)
	at org.wso2.carbon.tomcat.ext.valves.CompositeValve.invoke(CompositeValve.java:62)
	at org.wso2.carbon.tomcat.ext.valves.CarbonStuckThreadDetectionValve.invoke(CarbonStuckThreadDetectionValve.java:159)
	at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:962)
	at org.wso2.carbon.tomcat.ext.valves.CarbonContextCreatorValve.invoke(CarbonContextCreatorValve.java:57)
	at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:116)
	at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:445)
	at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1115)
	at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:637)
	at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1770)
	at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.run(NioEndpoint.java:1729)
	at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
	at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
	at java.lang.Thread.run(Thread.java:745)
[2017-09-14 10:53:17,275]  INFO - InboundEndpoint Destroying Inbound Endpoint: Test
[2017-09-14 10:53:17,275] ERROR - RPCInOnlyMessageReceiver null


 Comments   
Comment by Malaka Gangananda [ 19/Sep/17 ]

When adding a custom inbound endpoint given valid inputs "java.lang.NumberFormatException" thrown since the value passed for interval property is null. This is solved by correcting the input name mismatch.

Resolved by PR : https://github.com/wso2-support/carbon-mediation/pull/81

Comment by Malaka Gangananda [ 19/Sep/17 ]

Fixed by PR: https://github.com/wso2-support/carbon-mediation/pull/81





Generated at Wed Sep 20 10:10:19 IST 2017 using JIRA 7.2.2#72004-sha1:9d5132893cc8c728a3601a9034a1f8547ef5c7be.