Petals Documentation > Petals ESB > Petals Components > Components User Guide > Petals-BC-SOAP > Petals-BC-SOAP 4.4.3+

Petals-BC-SOAP 4.4.3+

This version must be installed on Petals ESB 5.1.0+

Features

The SOAP component is a Binding Component (BC) which enables to interact with external SOAP Web Services and to expose JBI services as SOAP Web Services.

In provider role, when a JBI MessageExchange is sent to a ServiceEndpoint (mapped to a Web Service), it is transformed into a SOAP message and sent to the linked external Web Service. In consumer role, when a SOAP message is received on an exposed Web Service, it is transformed into a JBI MessageExchange and sent to the corresponding JBI ServiceEndpoint.

The SOAP component is based on Apache Axis2 v1.6.4 (http://ws.apache.org/axis2/) and Mortbay Jetty v9.2.12.v20150709 (http://www.eclipse.org/jetty/). It provides the following features:

  • Expose JBI Services as SOAP Web Services
  • Expose SOAP Web Services as JBI Services
  • Handle SOAP attachments (MTOM):
    • the attachments of the incoming SOAP message are placed into the JBI message as attachments,
    • the JBI attachments are placed in the outgoing SOAP message as attachments.
If you want more details about SOAP, you can consult this W3C specification: http://www.w3.org/TR/soap/.

All attachment are processed by using XOP rules. (XML-binary Optimized Packaging: http://www.w3.org/TR/xop10/)
Table of contents
Contributors

Provide a Web Service access in the ESB (SOAP over HTTP(S))

In provide mode, the component exposes an external Web Service in the JBI environment to send SOAP requests to the external Web Service.

The HTTPS configuration is located at the service-unit level to be able to use different certificates with different external webservices.
Only JKS keystore and truststore are supported in the HTTPS mode.
Moreover, the key password and the keystore passwords have to be the same.

Usage

The SOAP component can expose an external Web Service as a JBI service endpoint by deploying a Service Unit on it:

Provides an external Web Service as a JBI service

When a message is received on a SOAP linked endpoint from the JBI environment, it is transformed into a SOAP message and sent to the Web Service. The address of the Web Service to send the SOAP message to is defined in the address extension of the deployed Service Unit.

The SOAP message is created like this:

  • The JBI message payload is wrapped in the SOAP body
  • The JBI message attachments are used to create SOAP ones
  • The JBI message exchange operation is used to create the SOAP action
  • The JBI MEP is used to determine the SOAP MEP

The external Web Service is called and the SOAP response is processed and returned to the JBI environment.

Configuration

Service Unit descriptor

An example of a Service Unit descriptor that provides a Web Service accessed over HTTP:

<?xml version="1.0" encoding="UTF-8"?>
<jbi:jbi version="1.0"
    xmlns:generatedNs="http://petals.ow2.org/"
    xmlns:jbi="http://java.sun.com/xml/ns/jbi"
    xmlns:petalsCDK="http://petals.ow2.org/components/extensions/version-5"
    xmlns:soap="http://petals.ow2.org/components/soap/version-4"
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">

    <jbi:services binding-component="true">

        <jbi:provides
            interface-name="generatedNs:IntegrationService"
            service-name="generatedNs:IntegrationService"
            endpoint-name="IntegrationServiceSOAP">

            <!-- CDK specific elements -->
            <petalsCDK:timeout>1000</petalsCDK:timeout>
            <petalsCDK:validate-wsdl>true</petalsCDK:validate-wsdl>
            <petalsCDK:forward-security-subject>false</petalsCDK:forward-security-subject>
            <petalsCDK:forward-message-properties>false</petalsCDK:forward-message-properties>
            <petalsCDK:forward-attachments>false</petalsCDK:forward-attachments>
            <petalsCDK:wsdl>IntegrationService.wsdl</petalsCDK:wsdl>

            <!-- Component specific elements -->
            <soap:address>http://localhost:8088/mockIntegrationServiceSOAP</soap:address>
            <soap:soap-version>1.1</soap:soap-version>
            <soap:chunked-mode>false</soap:chunked-mode>
            <soap:mode>SOAP</soap:mode>
        </jbi:provides>
    </jbi:services>
</jbi:jbi>

An example of a Service Unit descriptor that provides a Web Service accessed over HTTPS:

<?xml version="1.0" encoding="UTF-8"?>
<jbi:jbi version="1.0"
    xmlns:generatedNs="http://petals.ow2.org/"
    xmlns:jbi="http://java.sun.com/xml/ns/jbi"
    xmlns:petalsCDK="http://petals.ow2.org/components/extensions/version-5"
    xmlns:soap="http://petals.ow2.org/components/soap/version-4"
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">

    <jbi:services binding-component="true">

        <jbi:provides
            interface-name="generatedNs:IntegrationService"
            service-name="generatedNs:IntegrationService"
            endpoint-name="IntegrationServiceSOAP">

            <!-- CDK specific elements -->
            <petalsCDK:timeout>1000</petalsCDK:timeout>
            <petalsCDK:validate-wsdl>true</petalsCDK:validate-wsdl>
            <petalsCDK:forward-security-subject>false</petalsCDK:forward-security-subject>
            <petalsCDK:forward-message-properties>false</petalsCDK:forward-message-properties>
            <petalsCDK:forward-attachments>false</petalsCDK:forward-attachments>
            <petalsCDK:wsdl>IntegrationService.wsdl</petalsCDK:wsdl>

            <!-- Component specific elements -->
            <soap:address>https://localhost:8088/mockIntegrationServiceSOAP</soap:address>
            <soap:soap-version>1.1</soap:soap-version>
            <soap:chunked-mode>false</soap:chunked-mode>
            <soap:mode>SOAP</soap:mode>
            <soap:https-truststore-file>../https/clientTruststore.jks</soap:https-truststore-file>
            <soap:https-truststore-password>passwordClientTruststore</soap:https-truststore-password>
            <soap:https-keystore-file>../https/clientKeystore.jks</soap:https-keystore-file>
            <soap:https-keystore-password>passwordClientKeystore</soap:https-keystore-password>
        </jbi:provides>
    </jbi:services>
</jbi:jbi>
Configuration of a Service Unit to provide a service (JBI)

Parameter Description
Default
Required
provides Describe the JBI service that will be exposed into the JBI bus. Interface (QName), Service (QName) and Endpoint (String) attributes are required. - Yes

Configuration of a Service Unit to provide a service (CDK)

Parameter Description
 Default
 Required
timeout Timeout in milliseconds of a synchronous send. This parameter is used by the method sendSync (Exchange exchange) proposes by the CDK Listeners classes.
Set it to 0 for an infinite timeout. 		30000 No
exchange-properties This sections defines the list of properties to set to the JBI exchange when processing a service. - No
message-properties This sections defines the list of properties to set to the JBI message when processing a service. - No
validate-wsdl Activate the validation of the WSDL when deploying a service unit. true No
wsdl
Path to the WSDL document describing services and operations exposed by the provided JBI endpoints defined in the SU.
The value of this parameter is :
  • an URL
  • a file relative to the root of the SU package
    If not specified, a basic WSDL description is automaticaly provided by the CDK.
- No
forward-attachments
Defines if attachment will be forwarded from IN message to OUT message.
false No
forward-message-properties
Defines if the message properties will be forwarded from IN message to OUT message. false No
forward-security-subject
Defines if the security subject will be forwarded from IN message to OUT message. false No

When an HTTP connection is established with the external service provider, the connection timeout and the socket read timeout are defined with the value of the parameter 'timeout'.
Configuration of a Service Unit to provide a service (SOAP)

Parameter Description Default Required
soap-version The SOAP version used to create SOAP messages.
Possible values are 1.1 and 1.2. 		1.1 Yes
address Address of the external Web Service to send JBI messages to. This parameter supports place holders reloading - Yes
chunked-mode Activate the HTTP chunked mode on Web Service calls.
Possible values are: true, false. 		false Yes
mode The mode to be used to send SOAP message to the specified address.
Possible values are: SOAP for basic Web Service calls, JSON for JSON service calls and REST for REST service calls. 		SOAP Yes
enable-compatibility-for Enable the compatibility with a specified Web Service stack.
Possible values are: AXIS1 for Axis1 Web Service stack.
- No
enable-wsa
Enable the WSA-Addressing. Set the WSA headers in the outcoming SOAP messages.
Possible values are: true, false. 		false
No
proxy-host The proxy host name.
If it is not set, the proxy mode will be disabled and all others proxy parameters are ignored. 		- No
proxy-port The proxy host port - No
proxy-user The proxy user - No
proxy-password The proxy password - No
proxy-domain The proxy domain - No
https-truststore-file
The file path of the truststore file.
-
No
https-truststore-password
The password of the truststore.
-
No
https-keystore-file
The file path of the keystore file. -
No
https-keystore-password
The password of the keystore
Note
(The password key must be the same than the password keystore.

 -
No
http-basic-auth-username
the username for HTTP Basic authentication. -
No
http-basic-auth-password the password for HTTP Basic authentication.
-
No

Service Unit content

The Service Unit has to contain the following elements, packaged in an archive:

  • The META-INF/jbi.xml descriptor file as described above,
  • An optional imported WSDL file describing the partner service

Exposing an internal JBI service endpoint as a Web Service (SOAP over HTTP(S))

In consumer mode, the component exposes an internal JBI service outside the bus to transfer incoming SOAP requests to the internal service.

The HTTPS configuration is located at the component level because only one certificat is needed to expose the Petals service as a HTTPS web-service.

Usage

The petals-bc-soap component can listen incoming SOAP messages and send messages to a JBI service endpoint by deploying a Service Unit on it. The component consumes the JBI service:

Consumes a JBI service on a SOAP message

The service-name Service Unit extension value will be used as Axis2 service name.

When a SOAP message is handled by the component, it is transformed into a JBI Message and sent to the JBI service endpoint configured in the Service Unit. The JBI message is created like this:

  • The JBI operation is resolved (see Operation Resolving).
  • Copy the SOAP body into the JBI one.
  • Put the SOAP attachments into JBI ones.
  • Put the SOAP headers into the protocol header JBI message property.

By default, the component is configured to handle URI with the http://localhost:8084/petals/services/<service-name> (or 8083 for HTTPS) pattern (this URI can be configured in the SOAP component configuration). It also handles ?wsdl calls; the WSDL description is retrieved from the endpoint and sent back to the consumer.

By default, the list of HTTP services is available at http://localhost:8084/petals/services/listServices (or 8083 for HTTPS) URI (it can also be configured in the SOAP component configuration).

If you plan tests with JAX-WS Reference Implementation, please use the JDK one (not the JRE one), otherwise MTOM attachments will not be handled properly.

Configuration

Service Unit descriptor

An example of a Service Unit descriptor that exposes a Web Service over HTTP:

<?xml version="1.0" encoding="UTF-8"?>
<jbi:jbi version="1.0"
    xmlns:generatedNs="http://petals.ow2.org/"
    xmlns:jbi="http://java.sun.com/xml/ns/jbi"
    xmlns:petalsCDK="http://petals.ow2.org/components/extensions/version-5"
    xmlns:soap="http://petals.ow2.org/components/soap/version-4"
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">

    <jbi:services binding-component="true">

        <jbi:consumes
            interface-name="generatedNs:IntegrationService"
            service-name="generatedNs:IntegrationService"
            endpoint-name="IntegrationServiceSOAP">

            <!-- CDK specific elements -->
            <petalsCDK:timeout>500</petalsCDK:timeout>
            <petalsCDK:mep xsi:nil="true" />

            <!-- Component specific elements -->
            <soap:address>IntegrationServiceSOAPByPetals</soap:address>
            <soap:mode>SOAP</soap:mode>
            <soap:enable-http-transport>true</soap:enable-http-transport>
            <soap:enable-jms-transport>false</soap:enable-jms-transport>
        </jbi:consumes>
    </jbi:services>
</jbi:jbi>

The HTTPS transport layer must be set in the component jbi.xml file (cf SOAP component configuration):

<?xml version="1.0" encoding="UTF-8"?>
<jbi:jbi version="1.0" xmlns:jbi="http://java.sun.com/xml/ns/jbi"
	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
	xmlns:petalsCDK="http://petals.ow2.org/components/extensions/version-5"
	xmlns:soap="http://petals.ow2.org/components/soap/version-4">
	<jbi:component type="binding-component"
		bootstrap-class-loader-delegation="parent-first">
		<jbi:identification>
			<jbi:name>petals-bc-soap</jbi:name>
			<jbi:description>The SOAP Binding Component (based on Axis2 + Jetty)</jbi:description>
		</jbi:identification>
		...

		<!-- SOAP Component Parameters -->
		...
		<!-- HTTPS support -->
		<soap:https-enabled>true</soap:https-enabled>
		<soap:https-port>8083</soap:https-port>
		<soap:https-keystore-type>JKS</soap:https-keystore-type>
		<soap:https-keystore-file>../https/serverKeystore.jks</soap:https-keystore-file>
		<soap:https-keystore-password>passwordServerKeystore</soap:https-keystore-password>
		<soap:https-key-password>petalsServerK</soap:https-key-password>
		<soap:https-truststore-type>JKS</soap:https-truststore-type>
		<soap:https-truststore-file>../https/serverTruststore.jks</soap:https-truststore-file>
		<soap:https-truststore-password>passwordServerTruststore</soap:https-truststore-password>
		...

	</jbi:component>
</jbi:jbi>
Configuration of a Service Unit to consume a service (JBI)

Parameter Description Default Required
consumes Refer JBI service to invoke into the JBI bus.
You can define an explicit endpoint: interface (QName) / Service (QName) / Endpoint (String) attributes.
Or define implicit endpoint, to let the container routing according to QOS configurations (HA...):
-by Interface attribute (QName)
-by Service attribute (QName) 		- Yes


Configuration of a Service Unit to consume a service (CDK)

Parameter Description Default Required
mep Message exchange pattern abbreviation. This parameter can be used in conjunction with the method of the CDK Listeners: createMessageExchange(Extensions extensions).
This method returns a CDK Exchange corresponding to the type of the specified pattern. 		- Yes
operation Operation to call on a service. This parameter can be used in conjunction with the sending methods of the Listeners. If no operation is specified in the Message Exchange to send, this parameter will be used. - No
timeout Timeout in milliseconds of a synchronous send. This parameter can be used in conjunction with the sendSync(Exchange exchange) method of the Listeners. Set 0 for an infinite timeout. 30000 No


Configuration of a Service Unit to consume a service (SOAP)

Parameter Description Default Required
wsdl Path to the WSDL document describing services and operations called by the JBI consumes defined in the SU.
The value of this parameter is :
  • an URL
  • a file relative to the root of the SU package
 - No
service-name Web Service name to expose. - Yes
soap-action The SOAP action QName to be used for the Web Service, will override the JBI message operation. - No
mode The mode to be used to receive messages.
Possible values are: SOAP for basic Web Service messages, JSON for JSON service messages and REST for REST service messages. 		SOAP Yes
enable-compatibility-for Enable the compatibility with a specified Web Service stack.
Possible values are: AXIS1 for Axis1 Web Service stack. 		- No
enable-http-transport Enable the HTTP transport layer to send or receive SOAP messages.
Possible values are: true, false. 		true No
enable-https-transport
Enable the HTTPS transport layer to send or receive SOAP messages.
Possible values are: true, false.
false
No
enable-jms-transport Enable the JMS transport layer to receive SOAP messages.
Possible values are: true, false. 		false No
http-services-redirection HTTP redirection alias(es) for exposed Web Service. - No
address Same as service-name.
Warning
This parameter must not be used any more. service-name must be used.

 - No

Service Unit content

The Service Unit has to contain the following elements, packaged in an archive:

  • The META-INF/jbi.xml descriptor file as described above

SOAP over JMS

By configuring the SOAP component and a Service Unit, it is possible to consume an internal JBI service.

Warning
This feature is currently only supported in consumer mode with the operation with the MEP InOnly.

Usage

The petals-bc-soap component can receive JMS messages from a JMS queue and send SOAP messages (contained in the JMS body message) to a JBI service endpoint by deploying a Service Unit on it. The component consumes the JBI service.

It enables to support the following scenario: A JMS publisher sends a message to a JMS server and the SOAP component consumes the JMS message which contains a SOAP envelope in its body:


Consumes a JBI service on JMS message (containing SOAP envelope)

The service-name Service Unit extension value will be used as Axis2 service name.

When a JMS message is handled by the component, the SOAP envelope (in its body) is extracted by Axis, is transformed into a JBI Message and sent to the JBI service endpoint configured in the Service Unit. The JBI message is created like this:

  • The JBI operation is created from the SOAP action.
  • Copy the SOAP body into the JBI one.
  • Put the SOAP attachments into JBI ones.
  • Put the SOAP headers into the protocol header JBI message property.

Configuration

JMS server

A JMS server must be started before starting the BC SOAP component (if the JMS transport layer is configured). The compatible JMS servers are Joram and Apache ActiveMQ.

Shared library

A shared library corresponding to the JMS server (SL-JMS-Joram or SL-JMS-ActimeMQ) must be installed in Petals ESB before installing the BC SOAP component in Petals ESB.

Component descriptor

The JMS transport layer must be set in the component jbi.xml file (cf SOAP component configuration):

<?xml version="1.0" encoding="UTF-8"?>
<jbi:jbi version="1.0" xmlns:jbi="http://java.sun.com/xml/ns/jbi"
	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
	xmlns:petalsCDK="http://petals.ow2.org/components/extensions/version-5"
	xmlns:soap="http://petals.ow2.org/components/soap/version-4">
	<jbi:component type="binding-component"
		bootstrap-class-loader-delegation="parent-first">
		<jbi:identification>
			<jbi:name>petals-bc-soap</jbi:name>
			<jbi:description>The SOAP Binding Component (based on Axis2 + Jetty)</jbi:description>
		</jbi:identification>
		...

		<!-- SOAP Component Parameters -->
		...
		<!-- JMS transport layer -->
		<soap:java-naming-factory-initial>org.apache.activemq.jndi.ActiveMQInitialContextFactory</soap:java-naming-factory-initial>
		<soap:java-naming-provider-url>tcp://localhost:61616</soap:java-naming-provider-url>
		<soap:jms-connection-factory-jndiname>QueueConnectionFactory</soap:jms-connection-factory-jndiname>
	</jbi:component>
</jbi:jbi>

Service Unit descriptor

The JMS transport must be enabled in the Service Unit jbi.xml file:

<?xml version="1.0" encoding="UTF-8"?>
<jbi:jbi version="1.0"
    xmlns:generatedNs="http://petals.ow2.org/"
    xmlns:jbi="http://java.sun.com/xml/ns/jbi"
    xmlns:petalsCDK="http://petals.ow2.org/components/extensions/version-5"
    xmlns:soap="http://petals.ow2.org/components/soap/version-4"
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
    
    <!-- Import a Service into Petals or Expose a Petals Service => use a BC. -->
    <jbi:services binding-component="true">
    
        <!-- Expose a Petals Service => consumes a Service. -->
        <jbi:consumes
            interface-name="generatedNs:JMSService"
            service-name="generatedNs:JMSService"
            endpoint-name="JMSServiceSOAP">
    
			...            
			<soap:enable-jms-transport>true</soap:enable-jms-transport>
        </jbi:consumes>
    </jbi:services>
</jbi:jbi>

When the SU is started, a queue is created on the JMS server by the SOAP component if it does not exist. The name of the queue is the value of the parameter soap:address or soap:service-name.

When a message is sent to the JMS queue, it is received and treated by the SOAP component.

Exposing an internal JBI service endpoint as a Web Service with WS-Security (UsernameToken)

Configuration

Service Unit descriptor

An example of a Service Unit descriptor that consumes a Web Service with UsernameToken:

<?xml version="1.0" encoding="UTF-8"?>
<!--
	JBI descriptor for the Petals' "petals-bc-soap" component (SOAP).
	Originally created for the version 4.1 of the component.
 -->
<jbi:jbi version="1.0"
    xmlns:generatedNs="http://petals.ow2.org/"
    xmlns:jbi="http://java.sun.com/xml/ns/jbi"
    xmlns:petalsCDK="http://petals.ow2.org/components/extensions/version-5"
    xmlns:soap="http://petals.ow2.org/components/soap/version-5"
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">

    <!-- Import a Service into Petals or Expose a Petals Service => use a BC. -->
    <jbi:services binding-component="true">

        <!-- Expose a Petals Service => consumes a Service. -->
        <jbi:consumes
           interface-name="generatedNs:IntegrationService"
           service-name="generatedNs:IntegrationService"
           endpoint-name="IntegrationServiceSOAP">

           <!-- CDK specific elements -->
           <petalsCDK:timeout>60000</petalsCDK:timeout>
           <petalsCDK:mep xsi:nil="true" />

           <!-- Component specific elements -->
           <soap:address>IntegrationServiceSOAPByPetalsUsernameToken</soap:address>
           <soap:remove-root>false</soap:remove-root>
           <soap:mode>SOAP</soap:mode>
           <soap:enable-http-transport>true</soap:enable-http-transport>
           <soap:modules>rampart</soap:modules>
           <soap:service-parameters>
              <![CDATA[
                 <parameter name="InflowSecurity">
                    <action>
                       <items>UsernameToken</items>
                       <passwordCallbackClass>org.ow2.petals.test.PWCBHandler</passwordCallbackClass>
                    </action>
                 </parameter>
              ]]>
           </soap:service-parameters>
        </jbi:consumes>
    </jbi:services>
</jbi:jbi>

Service Unit content

The Service Unit has to contain the following elements, packaged in an archive:

  • The META-INF/jbi.xml descriptor file as described above
  • the pcwbhandler.jar containing org.ow2.petals.test.PWCBHandler (quoted in the jbi.xml - necessary to check the user and the password of the token)

Exposing an internal JBI service endpoint as a Web Service with WS-Security (Timestamp, Signature and Encryption)

Configuration

Service Unit descriptor

An example of a Service Unit descriptor that consumes a Web Service with Timestamp, Signature and Encryption:

<?xml version="1.0" encoding="UTF-8"?>
<!--
	JBI descriptor for the Petals' "petals-bc-soap" component (SOAP).
	Originally created for the version 4.1 of the component.
 -->
<jbi:jbi version="1.0"
    xmlns:generatedNs="http://petals.ow2.org/"
    xmlns:jbi="http://java.sun.com/xml/ns/jbi"
    xmlns:petalsCDK="http://petals.ow2.org/components/extensions/version-5"
    xmlns:soap="http://petals.ow2.org/components/soap/version-5"
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">

    <!-- Import a Service into Petals or Expose a Petals Service => use a BC. -->
    <jbi:services binding-component="true">

        <!-- Expose a Petals Service => consumes a Service. -->
        <jbi:consumes
           interface-name="generatedNs:IntegrationService"
           service-name="generatedNs:IntegrationService"
           endpoint-name="IntegrationServiceSOAP">

           <!-- CDK specific elements -->
           <petalsCDK:timeout>60000</petalsCDK:timeout>
           <petalsCDK:mep xsi:nil="true" />

           <!-- Component specific elements -->
           <soap:address>IntegrationServiceSOAPByPetalsChiffrementSignature</soap:address>
           <soap:remove-root>false</soap:remove-root>
           <soap:mode>SOAP</soap:mode>
           <soap:enable-http-transport>true</soap:enable-http-transport>
           <soap:modules>rampart</soap:modules>
           <soap:service-parameters>
              <![CDATA[
                 <parameter name="InflowSecurity">
                    <action>
                       <items>Timestamp Encrypt Signature</items>
                       <passwordCallbackClass>org.ow2.petals.test.PWCBHandler</passwordCallbackClass>
                       <signaturePropFile>service.properties</signaturePropFile>
                    </action>
                 </parameter>
                 <parameter name="OutflowSecurity">
                    <action>
                       <items>Timestamp Encrypt Signature</items>
                       <user>servercert</user>
                       <passwordCallbackClass>org.ow2.petals.test.PWCBHandler</passwordCallbackClass>
                       <signaturePropFile>service.properties</signaturePropFile>
                       <signatureKeyIdentifier>DirectReference</signatureKeyIdentifier>
                       <encryptionKeyIdentifier>SKIKeyIdentifier</encryptionKeyIdentifier>
                       <encryptionUser>servercert</encryptionUser>
                    </action>
                  </parameter>
              ]]>
           </soap:service-parameters>
        </jbi:consumes>
    </jbi:services>
</jbi:jbi>

Service Unit content

The Service Unit has to contain the following elements, packaged in an archive:

  • The META-INF/jbi.xml descriptor file as described above
  • the service.properties properties file (quoted in the jbi.xml) 
    org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.Merlin
org.apache.ws.security.crypto.merlin.keystore.type=jks
org.apache.ws.security.crypto.merlin.keystore.password=serverKeystorePassword
org.apache.ws.security.crypto.merlin.file=serverKeystore.jks
  • the serverKeystore.jks keystore file (quoted in the service.properties)
  • the pcwbhandler.jar containing org.ow2.petals.test.PWCBHandler (quoted in the jbi.xml - necessary to get the private key pair from the keystore to decrypt the incoming message and to get the public/private key pair to sign the outcoming message)

Provide a Web Service access in the ESB with WS-Security (Timestamp, Signature and Encryption)

Configuration

Service Unit descriptor

An example of a Service Unit descriptor that provides a Web Service with Timestamp, Signature and Encryption:

<?xml version="1.0" encoding="UTF-8"?>
<!--
	JBI descriptor for the Petals' "petals-bc-soap" component (SOAP).
	Originally created for the version 4.1 of the component.
 -->
<jbi:jbi version="1.0"
    xmlns:generatedNs="http://petals.ow2.org/test/"
    xmlns:jbi="http://java.sun.com/xml/ns/jbi"
    xmlns:petalsCDK="http://petals.ow2.org/components/extensions/version-5"
    xmlns:soap="http://petals.ow2.org/components/soap/version-4"
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">

    <!-- Import a Service into Petals or Expose a Petals Service => use a BC. -->
    <jbi:services binding-component="true">

        <!-- Import a Service into Petals => provides a Service. -->
        <jbi:provides
           interface-name="generatedNs:TestServiceAxisWSS"
           service-name="generatedNs:TestServiceAxisWSS"
           endpoint-name="TestServiceAxisWSSSOAP">

           <!-- CDK specific elements -->
           <petalsCDK:timeout>30000</petalsCDK:timeout>
           <petalsCDK:validate-wsdl>true</petalsCDK:validate-wsdl>
           <petalsCDK:forward-security-subject>false</petalsCDK:forward-security-subject>
           <petalsCDK:forward-message-properties>false</petalsCDK:forward-message-properties>
           <petalsCDK:forward-attachments>false</petalsCDK:forward-attachments>
           <petalsCDK:wsdl>TestServiceAxisWSS.wsdl</petalsCDK:wsdl>

           <!-- Component specific elements -->
           <soap:address>http://192.168.1.161:8080/axis2/services/TestServiceAxisWSS/</soap:address>
           <soap:soap-version>1.1</soap:soap-version>
           <soap:chunked-mode>false</soap:chunked-mode>
           <soap:mode>SOAP</soap:mode>
           <soap:modules>rampart</soap:modules>
           <soap:service-parameters>
              <![CDATA[
                  <parameter name="InflowSecurity">
                     <action>
                        <items>Timestamp Encrypt Signature</items>
                        <passwordCallbackClass>org.ow2.petals.test.PWCBHandler</passwordCallbackClass>
                        <signaturePropFile>service.properties</signaturePropFile>
                     </action>
                  </parameter>
                  <parameter name="OutflowSecurity">
                     <action>
                        <items>Timestamp Encrypt Signature</items>
                        <user>servercert</user>
                        <passwordCallbackClass>org.ow2.petals.test.PWCBHandler</passwordCallbackClass>
                        <signaturePropFile>service.properties</signaturePropFile>
                        <signatureKeyIdentifier>DirectReference</signatureKeyIdentifier>
                        <encryptionKeyIdentifier>SKIKeyIdentifier</encryptionKeyIdentifier>
                        <encryptionUser>servercert</encryptionUser>
                     </action>
                  </parameter>
              ]]>
         </soap:service-parameters>

      </jbi:provides>
   </jbi:services>
</jbi:jbi>

Service Unit content

The Service Unit has to contain the following elements, packaged in an archive:

  • The META-INF/jbi.xml descriptor file as described above
  • the service.properties properties file (quoted in the jbi.xml) 
    org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.Merlin
org.apache.ws.security.crypto.merlin.keystore.type=jks
org.apache.ws.security.crypto.merlin.keystore.password=serverKeystorePassword
org.apache.ws.security.crypto.merlin.file=serverKeystore.jks
  • the serverKeystore.jks keystore file (quoted in the service.properties)
  • the pcwbhandler.jar containing org.ow2.petals.test.PWCBHandler (quoted in the jbi.xml - necessary to get the public/private key pair to sign the outcoming message and to get the private key pair from the keystore to decrypt the incoming message)

Component Configuration

Configuration of the component, CDK part

Parameter Description Default Scope
acceptor-pool-size The size of the thread pool used to accept Message Exchanges from the NMR. Once a message is accepted, its processing is delegated to the processor pool thread. 1
 Runtime
acceptor-retry-number Number of tries to submit a message exchange to a processor for processing before to declare that it cannot be processed. 40
 Installation
acceptor-retry-wait Base duration, in milliseconds, to wait between two processing submission tries. At each try, the new duration is the previous one plus this base duration. 250
 Installation
acceptor-stop-max-wait The max duration (in milliseconds) before, on component stop, each acceptor is stopped by force. 500
 Runtime
processor-pool-size The size of the thread pool used to process Message Exchanges. Once a message is accepted, its processing is delegated to one of the thread of this pool. 10 Runtime
processor-max-pool-size The maximum size of the thread pool used to process Message Exchanges. The difference between this size and the processor-pool-size represents the dynamic threads that can be created and destroyed during overhead processing time.
50
 Runtime
processor-keep-alive-time When the number of processors is greater than the core, this is the maximum time that excess idle processors will wait for new tasks before terminating, in seconds.
300
 Runtime
processor-stop-max-wait The max duration (in milliseconds) of message exchange processing on stop phase (for all processors).
 15000
 Runtime
time-beetween-async-cleaner-runs The time (in milliseconds) between two runs of the asynchronous message exchange cleaner.
 2000
 Installation
properties-file Name of the file containing properties used as reference by other parameters. Parameters reference the property name using a placeholder in the following pattern ${myPropertyName}. At runtime, the expression is replaced by the value of the property.

The properties file can be reloaded using the JMX API of the component. The runtime configuration MBean provides an operation to reload these place holders. Check the service unit parameters that support this reloading.

The value of this parameter is :
  • an URL
  • a file relative to the PEtALS installation path
  • an absolute file path
  • an empty value to stipulate a non-using file.
 - Installation
monitoring-sampling-period Period, in seconds, of a sample used by response time probes of the monitoring feature.
 300
 Installation

Configuration of the component, component part

Parameter Description Default Required
http-port HTTP port of the Jetty embedded server
8084 No
http-host Local Hostname to be used, can be hostname or host IP address.
If the value of the parameter is empty (default configuration), all interfaces are listen. 		- Yes
http-service-list Enables to display the available Web Service list on http://<http-host>:<http-port>/
<http-service-context>/<http-service-mapping>/listServices.
Possible values are: true, false.
true No
http-service-context The URL context. petals No
http-service-mapping The URL service mapping. services No
http-thread-pool-size-min The minimum size of the HTTP thread pool. 2 No
http-thread-pool-size-max The maximum size of the HTTP thread pool. 255 No
http-acceptors Number of acceptors for HTTP. Its value is limited to the number of available CPU. Caution, as an acceptor is a thread borrowed from the thread pool, the values of http-thread-pool-size-min and http-thread-pool-size-max MUST take into account this value. If http-thread-pool-size-max < http-acceptors + https-acceptors, no request can be processed. 4 No
http-backlog-size The size of the TCP queue in which incoming HTTP connection request are put waiting to be accepted. 50 No
max-http-connections-per-host Max concurrently opened connections to external services (used by provides). The max size of the message exchange processor thread pool (processor-max-pool-size) No
https-enabled
Enable the HTTPS support.
Possible values are: true, false.
false
No
https-port
HTTPS port of the Jetty embedded server 8083
No
https-acceptors Number of acceptors for HTTPS. Its value is limited to the number of available CPU. Caution, as an acceptor is a thread borrowed from the thread pool, the values of http-thread-pool-size-min and http-thread-pool-size-max MUST take into account this value. If http-thread-pool-size-max < http-acceptors + https-acceptors, no request can be processed. 4 No
https-backlog-size The size of the TCP queue in which incoming HTTPS connection request are put waiting to be accepted. 50 No
https-keystore-type
Type of the keystore.
Possible values are: JKS, PKCS12.
JKS
No
https-keystore-file File path of the keystore. The SSL support is disabled if the keystore file does not exist, and a WARNING is logged.
-
No
https-keystore-password
Password of the keystore.
-
No
https-key-password
Password of the key.
-
No
https-truststore-type
Type of the truststore.
Possible values are: JKS, PKCS12. 		JKS
No
https-truststore-file
File path of the truststore. -
No
https-truststore-password
Password of the truststore. -
No
java-naming-factory-initial The initial context factory class needed to access the JNDI server where the JMS connection factory can be found. - No
java-naming-provider-url The JNDI provider URL where the JMS connection factory can be found. - No
jms-connection-factory-jndiname Name of the default JMS connection factory in the JNDI. - No

Definition of CDK parameter scope :

  • Installation: The parameter can be set during the installation of the component, by using the installation MBean (see JBI specifications for details about the installation sequence). If the parameter is optional and has not been defined during the development of the component, it is not available at installation time.
  • Runtime: The paramater can be set during the installation of the component and during runtime. The runtime configuration can be changed using the CDK custom MBean named RuntimeConfiguration. If the parameter is optional and has not been defined during the development of the component, it is not available at installation and runtime times.

Monitoring the component

Using metrics

Several probes providing metrics are included in the component, and are available through the JMX MBean 'org.ow2.petals:type=custom,name=monitoring_<component-id>', where <component-id> is the unique JBI identifier of the component.

Common metrics

The following metrics are provided through the Petals CDK, and are common to all components:

Metrics, as MBean attribute Description Detail of the value Configurable
MessageExchangeAcceptorThreadPoolMaxSize The maximum number of threads of the message exchange acceptor thread pool integer value, since the last startup of the component yes, through acceptor-pool-size
MessageExchangeAcceptorThreadPoolCurrentSize The current number of threads of the message exchange acceptor thread pool. Should be always equals to MessageExchangeAcceptorThreadPoolMaxSize. instant integer value no
MessageExchangeAcceptorCurrentWorking The current number of working message exchange acceptors. instant long value no
MessageExchangeAcceptorMaxWorking The max number of working message exchange acceptors. long value, since the last startup of the component no
MessageExchangeAcceptorAbsoluteDurations The aggregated durations of the working message exchange acceptors since the last startup of the component. n-tuple value containing, in nanosecond:
  • the maximum duration,
  • the average duration,
  • the minimum duration.
 no
MessageExchangeAcceptorRelativeDurations The aggregated durations of the working message exchange acceptors on the last sample. n-tuple value containing, in nanosecond:
  • the maximum duration,
  • the average duration,
  • the minimum duration,
  • the 10-percentile duration (10% of the durations are lesser than this value),
  • the 50-percentile duration (50% of the durations are lesser than this value),
  • the 90-percentile duration (90% of the durations are upper than this value).
 no
MessageExchangeProcessorAbsoluteDurations The aggregated durations of the working message exchange processor since the last startup of the component. n-tuple value containing, in milliseconds:
  • the maximum duration,
  • the average duration,
  • the minimum duration.
 no
MessageExchangeProcessorRelativeDurations The aggregated durations of the working message exchange processor on the last sample. n-tuple value containing, in milliseconds:
  • the maximum duration,
  • the average duration,
  • the minimum duration,
  • the 10-percentile duration (10% of the durations are lesser than this value),
  • the 50-percentile duration (50% of the durations are lesser than this value),
  • the 90-percentile duration (90% of the durations are upper than this value).
 no
MessageExchangeProcessorThreadPoolActiveThreadsCurrent The current number of active threads of the message exchange processor thread pool instant integer value no
MessageExchangeProcessorThreadPoolActiveThreadsMax The maximum number of threads of the message exchange processor thread pool that was active integer value, since the last startup of the component no
MessageExchangeProcessorThreadPoolIdleThreadsCurrent The current number of idle threads of the message exchange processor thread pool instant integer value no
MessageExchangeProcessorThreadPoolIdleThreadsMax The maximum number of threads of the message exchange processor thread pool that was idle integer value, since the last startup of the component no
MessageExchangeProcessorThreadPoolMaxSize The maximum size, in threads, of the message exchange processor thread pool instant integer value yes, through http-thread-pool-size-max
MessageExchangeProcessorThreadPoolMinSize The minimum size, in threads, of the message exchange processor thread pool instant integer value yes, through http-thread-pool-size-min
MessageExchangeProcessorThreadPoolQueuedRequestsCurrent The current number of enqueued requests waiting to be processed by the message exchange processor thread pool instant integer value no
MessageExchangeProcessorThreadPoolQueuedRequestsMax The maximum number of enqueued requests waiting to be processed by the message exchange processor thread pool since the last startup of the component instant integer value no
ServiceProviderInvocations The number of service provider invocations grouped by:
  • interface name, as QName, the invoked service provider,
  • service name, as QName, the invoked service provider,
  • invoked operation, as QName,
  • message exchange pattern,
  • and execution status (PENDING, ERROR, FAULT, SUCCEEDED).
 integer counter value since the last startup of the component no
ServiceProviderInvocationsResponseTimeAbs The aggregated response times of the service provider invocations since the last startup of the component grouped by:
  • interface name, as QName, the invoked service provider,
  • service name, as QName, the invoked service provider,
  • invoked operation, as QName,
  • message exchange pattern,
  • and execution status (PENDING, ERROR, FAULT, SUCCEEDED).
 n-tuple value containing, in millisecond:
  • the maximum response time,
  • the average response time,
  • the minimum response time.
 no
ServiceProviderInvocationsResponseTimeRel The aggregated response times of the service provider invocations on the last sample, grouped by:
  • interface name, as QName, the invoked service provider,
  • service name, as QName, the invoked service provider,
  • invoked operation, as QName,
  • message exchange pattern,
  • and execution status (PENDING, ERROR, FAULT, SUCCEEDED).
 n-tuple value containing, in millisecond:
  • the maximum response time,
  • the average response time,
  • the minimum response time,
  • the 10-percentile response time (10% of the response times are lesser than this value),
  • the 50-percentile response time (50% of the response times are lesser than this value),
  • the 90-percentile response time (90% of the response times are lesser than this value).
 no

Dedicated metrics

Moreover the common metrics, some dedicated probes are include on the component:

Metrics, as MBean attribute Description Detail of the value Configurable
HttpServerThreadPoolActiveThreadsCurrent The current number of active threads of the HTTP thread pool instant integer value no
HttpServerThreadPoolActiveThreadsMax The maximum number of threads of the HTTP thread pool that was active integer value, since the last startup of the component no
HttpServerThreadPoolIdleThreadsCurrent The current number of idle threads of the HTTP thread pool instant integer value no
HttpServerThreadPoolIdleThreadsMax The maximum number of threads of the HTTP thread pool that was idle integer value, since the last startup of the component no
HttpServerThreadPoolMaxSize The maximum size, in threads, of the HTTP thread pool instant integer value yes, through http-thread-pool-size-max
HttpServerThreadPoolMinSize The minimum size, in threads, of the HTTP thread pool instant integer value yes, through http-thread-pool-size-min
HttpServerThreadPoolQueuedRequestsCurrent The current number of enqueued requests waiting to be processed by the HTTP thread pool instant integer value no
HttpServerThreadPoolQueuedRequestsMax The maximum number of enqueued requests waiting to be processed by the HTTP thread pool since the last startup of the component instant integer value no
IncomingWsRequestsCounter The number of incoming webservice requests grouped by:
  • path of the invoked web-service URL,
  • invoked operation, as QName,
  • ws-client IP address,
  • and execution status (PENDING, ERROR, FAULT, SUCCEEDED).
 integer counter value since the last startup of the component no
IncomingWsRequestsResponseTimeAbs The aggregated response times of the incoming web-service requests since the last startup of the component grouped by:
  • path of the invoked web-service URL,
  • invoked operation, as QName,
  • ws-client IP address,
  • and execution status (PENDING, ERROR, FAULT, SUCCEEDED).
 n-tuple value containing, in millisecond:
  • the maximum response time,
  • the average response time,
  • the minimum response time.
 no
IncomingWsRequestsResponseTimeRel The aggregated response times of the incoming web-service requests on the last sample, grouped by:
  • path of the invoked web-service URL,
  • invoked operation, as QName,
  • ws-client IP address,
  • and execution status (PENDING, ERROR, FAULT, SUCCEEDED).
 n-tuple value containing, in millisecond:
  • the maximum response time,
  • the average response time,
  • the minimum response time,
  • the 10-percentile response time (10% of the response times are lesser than this value),
  • the 50-percentile response time (50% of the response times are lesser than this value),
  • the 90-percentile response time (90% of the response times are upper than this value).
 no
InformationURLsCounter The number of HTTP requests associated to the information servlet integer counter value since the last startup of the component no
ServiceContractsCounter The number of a service contract request ('http://<server>:<port>/petals/services/<service-name>?wsdl' per HTTP(S)/SOAP service integer counter value since the last startup of the component grouped by service no
OutgoingWsRequestsCounter The number of outgoing web-service requests to external web-service grouped by:
  • URL of the external web-service to invoke,
  • the operation to invoke, as QName,
  • the message exchange pattern, as URI,
  • and execution status (PENDING, ERROR, FAULT, SUCCEEDED).
 integer counter value since the last startup of the component no
OutgoingWsRequestsResponseTimeAbs The aggregated response times of the outgoing web-service requests since the last startup of the component grouped by:
  • URL of the external web-service to invoke,
  • the operation to invoke, as QName,
  • the message exchange pattern, as URI,
  • and execution status (PENDING, ERROR, FAULT, SUCCEEDED).
 n-tuple value containing, in millisecond:
  • the maximum response time,
  • the average response time,
  • the minimum response time.
 no
OutgoingWsRequestsResponseTimeRel The aggregated response times of the outgoing web-service requests on the last sample, grouped by:
  • URL of the external web-service to invoke,
  • the operation to invoke, as QName,
  • the message exchange pattern, as URI,
  • and execution status (PENDING, ERROR, FAULT, SUCCEEDED).
 n-tuple value containing, in millisecond:
  • the maximum response time,
  • the average response time,
  • the minimum response time,
  • the 10-percentile response time (10% of the response times are lesser than this value),
  • the 50-percentile response time (50% of the response times are lesser than this value),
  • the 90-percentile response time (90% of the response times are upper than this value).
 no
UnknownURLsCounter The number of HTTP requests associated to an unknown servlet or web-service integer counter value since the last startup of the component no
WsClientPoolClientsInUseCurrent The current number of web-service client in use, grouped by:
  • URL of the external web-service to invoke,
  • the operation to invoke, as QName,
  • the message exchange pattern, as URI.
 integer instant value no
WsClientPoolClientsInUseMax The maximum number of web-service client in use, grouped by:
  • URL of the external web-service to invoke,
  • the operation to invoke, as QName,
  • the message exchange pattern, as URI.
 integer value, since the last startup of the component no
WsClientPoolExhaustions The number of exhaustion of the web-service client pool, grouped by:
  • URL of the external web-service to invoke,
  • the operation to invoke, as QName,
  • the message exchange pattern, as URI,
  • and execution status (PENDING, ERROR, FAULT, SUCCEEDED).
 integer counter value, since the last startup of the component no

Receiving alerts

Several alerts are notified by the component through notification of the JMX MBean 'org.ow2.petals:type=custom,name=monitoring_<component-id>', where <component-id> is the unique JBI identifier of the component.

To integrate these alerts with Nagios, see Receiving Petals ESB defects in Nagios.

Common alerts

Defect JMX Notification
A message exchange acceptor thread is dead
  • type: org.ow2.petals.component.framework.process.message.acceptor.pool.thread.dead
  • no user data
No more thread is available in the message exchange acceptor thread pool
  • type: org.ow2.petals.component.framework.process.message.acceptor.pool.exhausted
  • no user data
No more thread is available to run a message exchange processor
  • type: org.ow2.petals.component.framework.process.message.processor.thread.pool.exhausted
  • no user data

Dedicated alerts

Moreover the common metrics, some dedicated alerts can be sent by the component:

Defect JMX Notification
No more thread is available in the HTTP thread pool
  • type: org.ow2.petals.bc.soap.httpserver.threadpool.exhausted
  • name: org.ow2.petals.binding.soap.monitoring.notification.HTTPServerThreadPoolExhaustedNotification
  • no user data
No more web-service client is available
  • type: org.ow2.petals.bc.soap.serviceclientspool.exhausted
  • name: org.ow2.petals.binding.soap.monitoring.notification.ServiceClientPoolExhaustedNotification
  • user data: The web-service client pool id as String

Operation resolving: Mapping from URI, SOAP/WSA Action, Document/Literal-wrapped pattern and RPC/Literal pattern

The SOAP BC serves many SOAP services to the exterior (defined by JBI Consumes in the deployed SU) at the same time.
While it is not difficult for it to know which service is concerned by a request (because its name is in the called URI), determining the concerned operation is more complex.

There exists many ways to approach this question (see for example http://www.ibm.com/developerworks/library/ws-whichwsdl/).

In Petals we support the most common ones (those that are provided by Axis2) in that order:

  • URI: if the service call's URI has the form: .../services/MyService/myOperation then the operation will be myOperation.
  • SOAP/WSA Action: if the http header contains a SOAP Action or the SOAP message header contains a WSA Action, then it will be used to resolve the operation as defined in the WSDL.
  • Document/Literal wrapping: from the first element's QName of the body, the operation that contains the message that contains the part that refers to this element is used.
  • RPC/Literal: from the first element's localName (and not full QName) of the body, the operation that has the same name will be used.

For the last two, in case of ambiguity, the call will fails.

Advanced usages

Getting log traces from the underlying layers

The Petals BC SOAP is based on Axis2 and Jetty 9.2. To get log traces from these underlying layers, just add something as the following configuration to the Petals ESB logging configuration:

Petals.Container.Components.level=MONIT
# The following line enable debug traces from the BC SOAP itself
Petals.Container.Components.petals-bc-soap.level=FINE
# The following line enable debug traces from the underlying layer 'Jetty'
org.eclipse.jetty.level=FINE
# The following line enable debug traces from the underlying layer 'Axiom'
org.apache.axiom.level=FINE
# The following line enable debug traces from the underlying layer 'Axis2'
org.apache.axis2.level=FINE
org.apache.ws.security=FINE
org.apache.rampart=FINE
org.apache.commons.httpclient=FINE

Know problems

No HTTP/WS request is processed

When you try to invok a web-service with your favorite client, you get a time out instead of a standard response. A possible cause is configuration error of the HTTP thread pool. Check your configuration: the HTTP thread pool max size must be upper than the HTTP acceptor number, see the component configuration.

Error invoking a service with 2+ attachments from SoapUI

If you get an error invoking a service with at least two attachments from SoapUI, check that you have enabled the multi-part mode in the SoapUI properties of the request.

"sec_error_inadequate_cert_type" appears when trying to get services list available through SSL on the HTTPS client side

If get the error "sec_error_inadequate_cert_type" using a browser to get available services through SSL, check your SSL configuration of your BC SOAP. Probably, you inverse certificates usage: You configure the public key of the server instead its private key.

"sec_error_bad_cert_alert" appears when trying to get services list available through SSL on the HTTPS client side

You get this error on the HTTPS client side when the client authentication is enabled on the server side and no or bad certificate is available on the client side.

Receiving fault "WSDoAllReceiver: security processing failed (actions mismatch)" invoking a webservice secured by WS-Security

The following fault returned by the BC SOAP to our client means that you have not set all required WS-Security headers. Check you client configuration against WS-Security configuration expected by the webservice.

<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
   <soapenv:Body>
      <soapenv:Fault>
         <faultcode>soapenv:Server</faultcode>
         <faultstring>WSDoAllReceiver: security processing failed (actions mismatch)</faultstring>
         <detail>
            ...
         </detail>
      </soapenv:Fault>
   </soapenv:Body>
</soapenv:Envelope>
Enter labels to add to this page:
Please wait 
Looking for a label? Just start typing.