WSO2 ESB代理到WSO2是RemoteUserStoreManagerService

Question

I want to proxy RemoteUserStoreManagerService (exposed on WSO2 IS) over WSO2 ESB.

When I call getUserClaimValuesForClaims operation I get the response. I tested the WSO2 IS (connected to my Active Directory) for performance. I sent requests in 100 threads (each thread with 250ms delay) and it gave me an average response of 250ms (which is ok for me).

So I proxied the getUserClaimValuesForClaims operation using the Transformation proxy and it also worked. But during the performace testing (with the same or smaller load) I have got following errors and not all the messages have returned (on average 1 of 100 messages).

[2014-01-06 19:28:21,047]  INFO - LogMediator To: http://www.w3.org/2005/08/addressing/anonymous, WSAction: , SOAPAction: , MessageID: urn:uuid:d2b85c03-beaf-409b-bf39-2e8143bd9e0b, Direction: response
[2014-01-06 19:28:38,441] ERROR - SourceHandler I/O error: An established connection was aborted by the software in your host machine
  java.io.IOException: An established connection was aborted by the software in your host machine
    at sun.nio.ch.SocketDispatcher.read0(Native Method)
    at sun.nio.ch.SocketDispatcher.read(SocketDispatcher.java:25)
    at sun.nio.ch.IOUtil.readIntoNativeBuffer(IOUtil.java:202)
    at sun.nio.ch.IOUtil.read(IOUtil.java:175)
    at sun.nio.ch.SocketChannelImpl.read(SocketChannelImpl.java:243)
    at org.apache.http.nio.reactor.ssl.SSLIOSession.receiveEncryptedData(SSLIOSession.java:348)
    at org.apache.http.nio.reactor.ssl.SSLIOSession.isAppInputReady(SSLIOSession.java:376)
    at org.apache.http.impl.nio.reactor.AbstractIODispatch.inputReady
 [2014-01-06 19:29:14,051]  WARN - TargetHandler http-outgoing-66: Connection time out while in state: REQUEST_DONE
 [2014-01-06 19:29:14,061]  WARN - EndpointContext Endpoint : AnonymousEndpoint will be marked SUSPENDED as it failed
 [2014-01-06 19:29:15,041]  WARN - EndpointContext Suspending endpoint : AnonymousEndpoint - last suspend duration was : 30000ms and current suspend duration is : 30000ms - Next retry after : Mon
 [2014-01-06 19:29:14,451]  WARN - SourceHandler Connection time out after request is read: http-incoming-57

I thing that it says, it timeouts on backend; but I get the response logged in faultSeuence.

I noticed that the problem is caused by the XSLT mediator in proxy implementation, because when I removed the xslt mediators the log is empty. I tried xquery and it was the same. Even the log mediator in outSequence causes this issues.

Here is my final Proxy.

<?xml version="1.0" encoding="UTF-8"?>
<proxy xmlns="http://ws.apache.org/ns/synapse" name="GetUserProxy" transports="https http" startOnLoad="true" trace="disable">
<target>
    <endpoint>
        <address uri="https://localhost:9443/services/RemoteUserStoreManagerService.RemoteUserStoreManagerServiceHttpsSoap12Endpoint/"/>
    </endpoint>
    <inSequence/>
    <outSequence>
        <log/>
        <send/>
    </outSequence>
    <faultSequence/>
</target>
</proxy>

When I remove the log mediator, the WARN messages disapears from log and ALL response messages are returned to SoapUI.

Could anybody tell me why it behaves this way? Thank you very much. David

Answer 1

RemoteUserStoreManagerService is an admin service. Therefore, you need to send Identity Server's user name/password in a basic authentication header or session cookie. I can not see setting of authorization headers in your proxy configuration such as following

<property expression="fn:concat('Basic ', base64Encode('username:password'))" name="Authorization" scope="transport"></property> 

More details would be here . Also you need to create a message body to send to the "RemoteUserStoreManagerService" and read the response messages. These must be implemented using ESB configuration. However, you can write an custom ESB mediator to do this also. Sample java code to call this service can be found here . You can find the detail on writing custom mediator from here

Answer 2

We have figured out, that the problem is probably more general and doesn't relate only to WSO2 IS, because we have the same problem when similating the WSO2 IS service as SoapUI mock.

The problem is probably in HTTP-passthru transport in axis configuration, because when we switched to HTTP-NIO the problem disapears and it is even faster.

There is a post about performance tunnig that helped us.

Howevever, I would like to know what transport we should use in production or where the problem is. Because now it seems that we cannot use HTTP-passthru transport for production environment.

Is anyone experiencing this problem?

Answer 3

what are the versions of ESB and IS your working with..?

try to restart the ESB and call the Service again. Do remember call to Identity server is a secure call.