How to insert vault key and password using admin services in ESB

Follow below steps to insert vault key and password.

• To enable the AdminServices in esb set the HideAdminServiceWSDLs property to false in carbon.xml located in <ESB_HOME/repository/conf/carbon.xml.

<HideAdminServiceWSDLs>false</HideAdminServiceWSDLs>

• Restart the server to take effect of the configuration changes.

• Create SOAPUI project using the below WSDLs (make sure to change the host name port as per your environment. Here default environment settings are used)

https://localhost:9443/services/PropertiesAdminService?wsdl

https://localhost:9443/services/MediationSecurityAdminService?wsdl

• The SOAP projects will look like below.

• First invoke the MediationSecurityAdminService AdminService to get the encrypted value. Please use basic authentication when invoking the AdminServices. Use the doEncrypt method as below.

• Now invoke the PropertiesAdminService AdminService. Use the “SetProperty” method as below:

<ser:path> (Registry location) uses the /_system/config/repoitory/components/secure-vault (always this is the path for this element)

<ser:name> - Vault key

<ser:value> - encrypted value (this value received from the above doEncrypt method).

• After adding this, you are able to check the password using “wso2:vault-lookup('shadsha12')” xpath expression. Following is sample proxy configuration that is used to check this scenario.

<?xml version="1.0" encoding="UTF-8"?>

<proxy xmlns="http://ws.apache.org/ns/synapse"

       name="testProxy"

       transports="https,http"

       statistics="disable"

       trace="disable"

       startOnLoad="true">

   <target>

      <inSequence>

         <log level="custom">

            <property name="new_Password" expression="wso2:vault-lookup('shadsha12')"/>

         </log>

         <drop/>

      </inSequence>

   </target>

   <description/>

</proxy

• Received below results when invoking the above service.

 

Please refer [1] for more information on "Calling Admin Services from Apps".

[1] https://docs.wso2.com/display/ESB481/Calling+Admin+Services+from+Apps

How to write custom class mediator to activate/deactivate proxy services created in WSO2 ESB.

To activate/deactivate proxy services which are exposed as "http" without using ServiceAdmin, you could use a class mediator solution. We have used ProxyDeactivator and ProxyActivator class mediators to activate/deactivate proxy services.

Class mediator code for "ProxyDeactivator"

package org.wso2.custom;



import org.apache.commons.logging.Log;

import org.apache.commons.logging.LogFactory;

import org.apache.synapse.MessageContext;

import org.apache.synapse.mediators.AbstractMediator;



public class ProxyDeactivator extends AbstractMediator {



    private static final Log log = LogFactory.getLog((Class)ProxyDeactivator.class);



    public boolean mediate(MessageContext context) {

        log.info((Object)"[ProxyDeactivator] --------------Invocation START-------------");



        context.getConfiguration().getProxyService("testProxy").stop(context.getConfiguration());



        log.info((Object)"[ProxyDeactivator] --------------Invocation END-------------");

        return true;

    }

}

To test the above scenario, place the jar created with above configuration inside the <ESB_HOME>/repository/components/lib directory.

Create a proxy service (http) with the above ProxyDeactivator class mediator.


<?xml version="1.0" encoding="UTF-8"?>
<proxy xmlns="http://ws.apache.org/ns/synapse"
       name="testProxy"
       transports="http"
       statistics="disable"
       trace="disable"
       startOnLoad="true">
   <target>
      <inSequence>
         <log level="custom">
            <property name="LOG" value="---------inside the InSeq--------"/>
         </log>
         <class name="org.wso2.custom.ProxyDeactivator"/>
         <send>
            <endpoint>
               <address uri="http://www.google.com"/>
            </endpoint>
         </send>
      </inSequence>
      <outSequence>
         <send/>
      </outSequence>
   </target>
   <description/>
</proxy>                              


Invoke the proxy service with below curl command.

curl -v -i -H "Content-Type: application/soap+xml" -H "Accept: application/soap+xml" http://ubuntu-ThinkCentre-M83:8280/services/testProxy


As you could see below proxy service got deactivated after invoking the proxy.



Class mediator code for "ProxyActivator":

package org.wso2.custom;

package org.wso2.custom;



import org.apache.commons.logging.Log;

import org.apache.commons.logging.LogFactory;

import org.apache.synapse.MessageContext;

import org.apache.synapse.mediators.AbstractMediator;



public class ProxyActivator extends AbstractMediator {



    private static final Log log = LogFactory.getLog((Class)ProxyActivator.class);



    public boolean mediate(MessageContext context) {



        log.info((Object)"[ProxyActivator] --------------Invocation START-------------");



        context.getConfiguration().getProxyService("testProxy").start(context.getConfiguration());



        log.info((Object)"[ProxyActivator] --------------Invocation END-------------");

        return true;

    }

}

To test the above scenario, place the jar created with above configuration inside the <ESB_HOME>/repository/components/lib directory.

You need to use this inside a separate proxy service and class mediator will activate the proxy inside it


<?xml version="1.0" encoding="UTF-8"?>
<proxy xmlns="http://ws.apache.org/ns/synapse"
       name="testProxy1"
       transports="http"
       statistics="disable"
       trace="disable"
       startOnLoad="true">
   <target>
      <inSequence>
         <log level="custom">
            <property name="LOG" value="---------inside the InSeq--------"/>
         </log>
         <class name="org.wso2.custom.ProxyActivator"/>
         <send>
            <endpoint>
               <address uri="http://www.google.com"/>
            </endpoint>
         </send>
      </inSequence>
      <outSequence>
         <send/>
      </outSequence>
   </target>
   <description/>
</proxy>


Invoke the proxy service with below curl command.

curl -v -i -H "Content-Type: application/soap+xml" -H "Accept: application/soap+xml" http://ubuntu-ThinkCentre-M83:8280/services/testProxy1

As you could see below proxy service got activated after invoking the proxy.