Change Automatic Generated WSDL 2.0 in WSO2 Application Server - wsdl

How can I change WSDL2.0 of a service that will be deployed on WSO2 Application Server?
I want to change WSDL content of a service that developed and will be deployed on WSO2 Application Server. I moved custom WSDL file to META-INF directory and set useOriginalwsdl=true property. but only WSDL version 1.1 is that affected by this property. I want to use the custom WSDL 2.0 for my service in WSO2 Application Server. How can I do it?

WSO2 Application Server uses Axis2 1.6.x and useOriginalwsdl=true is in fact not supported for WSDL 2.0. See following JIRA.
https://issues.apache.org/jira/browse/AXIS2-5191
According to the JIRA, it is fixed in Axis2 1.7.0, which is not yet released.
If you really want to use that feature, it might be easier to patch the existing version of Axis2. The fix attached to the JIRA is simple, but I'm not really sure how much code changes are required. The patch is provided for axis2 trunk and therefore I cannot really tell without trying first!
Also the code for Axis2 versions used in WSO2 products are in WSO2 repository. For example, WSO2 Application Server 5.1.0 uses axis2 1.6.1-wso2v9 according to Carbon Release Matrix.
I hope this helps!

Related

Apache Wicket REST with Swagger UI

One of my project is using Apache Wicket 6.x and I have some API (resources) using wicketstuff-rest and it is working perfectly.
But for my API documentations, I am maintaining a google document for these APIs. Problem is that whenever there are changes in any of the API, or even on new APIs... I need to update this API documentation. Chances are, this documentation may not be updated.
On my other springboot projects, I am using swagger and the API documentation can be viewed via swagger-ui.
I wonder if I can use swagger-ui with existing apache wicket 6.x project so that whenever there are new API(s) or any change on the existing API(s)... it will reflect in swagger-ui without the need to maintain any API documentation.
What I currently search is swagger2markup, but this seems to be old and I am having problems with the setup and there are very few resources on how to set this up.
Anyone who successfully setup swagger-ui with apache wicket rest?
Care to share resource/links on tutorials or how to setup swagger-ui on apache wicket rest?
Thanks!
I don't have an easy solution for you with Swagger but if you use Spring already then you could use Spring REST Docs to generate the documentation from the unit tests.

Debug SWAGGER on Webspehre Liberty Profile

I have an JAX-RS application running on IBM Websphere Liberty Profile.
Also I have included SWAGGER 1.5.3.
The application compiles fine and generates swagger files in webapp directory. But when I try to access it via URL, it says NO API FOUND and the spinner keep spinning.
There are no errors registered on browser console neither any errors in server console.
I do not know whats wrong with it, without any errors its hard to debug.
Where can I see the detailed errors/exceptions.
WebSphere Liberty has native support for Swagger v2 using the apiDiscovery-1.0 feature. If you enable that you should see your APIs in https://host:https_port/ibm/api/docs.
By the way, there's support for the newer OpenAPI v3 spec, via the Microprofile OpenAPI programming model. You can use Liberty's mpOpenAPI-1.0 feature for that.

Do I need to use the Windows Identity Federation Utility to create a claims-aware asp.net web application?

I built a claims-aware asp.net mvc application following the steps outlined in this page: https://learn.microsoft.com/en-us/dotnet/framework/security/how-to-build-claims-aware-aspnet-mvc-web-app-using-wif. The example in the page uses an STS on the local host, but in my application I am pointing to a fully-functioning AD FS on a different server.
I'm using Framework 4.7 and Windows Server 2016 to host the AD FS and to host the web application.
After I deployed the application I ran the Windows Identity Federation Utility against it (because I thought I needed it to add the application as a Relying Party Trust on the AD FS). This utility inserts a lot of tags into the web.config that refer to the Microsoft.IdentityModel namespace.
I then added the application as a Relying Party Trust to the AD FS, and navigated to the claims-aware app. The page failed because the sample code cast the claim returned by the STS as System.Security.Claims.Claim. When I changed it to cast as Microsoft.IdentityModel.Claims.Claim it worked fine.
The example I was following makes no mention of the Windows Identity Federation Utility. Do I need to use that? Or would this have worked without it?
When I try reversing the web.config changes that the utility inserted the site fails with a 401 error (access denied due to invalid credentials) so obviously the stuff inserted by the Utility is needed to get authentication from AD FS. Is this because I ran the Utility on the web site before adding it as a relying party trust to the ADFS?
The answer here is: don't run the Windows Identity Federation Utility if you are using ADFS Server 2016, as it forces use of the Microsoft.Identity libraries, which are deprecated. I mistakenly thought this utility was needed to create the FederationMetadata.xml file.
I created the FederationMetadata.xml file manually and reverted my web.config back to what it was before I ran the utility. This reverted me back to using the System.Identity libraries, which were added to the 4.5 framework, instead of the now-deprecated Microsoft.Identity libraries.
Just to note that the more "modern way" is to use the OWIN WS-Federation library.
This example is for Azure AD but you simply point to the metadata and the code figures all the rest out for itself.

Glassfish 4 Web Profile - Cannot access remote EJB

I cannot access remote EJB beans of our application server within a web application running on Glassfish 3 web-profile using jndi lookup.
Using full profile for our web-application or even testing with a console application we have no problem accessing jndi remote beans.
Exception:
Unable to acquire SerialContextProvider for SerialContext
We just hoped to make our web servers more lightweight.
The Web Profile version of Glassfish only contains EJB Lite, which doesn't support #Remote interfaces. You need the Full Profile which supports the full EJB 3 spec.
From the oracle docs:
The Web Profile of the GlassFishTM Server supports the EJB 3.1 Lite
specification, which allows enterprise beans within web applications,
among other features. The full GlassFish Server supports the entire
EJB 3.1 specification. For details, see JSR 318.
You can find a comparision of features included in Web Profile and Full Profile here (It was made for Glassfish 3.1.1 but it should be nearly the same for Glassfish 4 except some newer versions of some features). You can find a nice feature comparision between EJB 3.1 Lite and Full in this article.
Update:
As you wrote in the comment (and the initial question) you are not using any enterprise beans directly in your web application, but you are retrieving bean instances via JNDI. This doesn't work with the Web Profile of Glassfish because the functionality for remote lookups is not there, e.g. the CORBA and ORB modules are missing (there are some basic CORBA OMG APIs but only because they are needed by other modules).
As your goal was to make the server more lightweight, maybe this is another option for you: You can remove unused components and modules with the pkg command-line-tool or with the graphical utility updatetool. You could install the Full Profile of Glassfish and then remove obsolete components step by step to make the server more lightweight. More details about the tools can be found in the oracle docs.
See also:
Can EJB 3.1 Lite be exposed via Remote interface?
How to know what glassfish is - full plaform or web profile?
EE6 web profile … no EJB container?
GLASSFISH-14459 corba classes are part of web profile

Simplifing WsSecurity to JaxWS metro Implementation

I'm using JaxWs Metro project implementation and i'm using this tutorial to add Ws Security feature to my web services.
http://java.globinch.com/enterprise-java/web-services/jax-ws/secure-usernametoken-java-web-services-using-metro-wsit/
What i have understand is that to add a Ws Security to your web service.You must first generate manually the wsdl file then add WSIT configuration part to your web service then put that modified wsdl in your project and modify sun-jaxws.xml so that take care of your modified wsdl file(so that it will not generate a new one).
I think it's extremley difficult to do all that for all my web services.In addition,i'm using eclipse so there is no generating tool(like netbeans).
I want to know is there any simple solution ?

Resources