Topic
IC4NOTICE: developerWorks Community will be offline May 29-30, 2015 while we upgrade to the latest version of IBM Connections. For more information, read our upgrade FAQ.
21 replies Latest Post - ‏2014-09-26T18:44:37Z by Asim80
SystemAdmin
SystemAdmin
6772 Posts
ACCEPTED ANSWER

Pinned topic Datapower url-open Statuscode 7

‏2012-11-13T23:32:21Z |
i am trying to open a MPG with the followinf XSL, but, I am getting above error. Any thoughts!!

I have front handler running on port 4445 and backend is defined as MQ Queue with Queue.

<?xml version="1.0" encoding="UTF-8"?>
<xsl:stylesheet xmlns:xsl="http://www.w3.org/1999/XSL/Transform"
xmlns:dp="http://www.datapower.com/extensions"
xmlns:dpconfig="http://www.datapower.com/param/config" extension-element-prefixes="dp"
exclude-result-prefixes="dp dpconfig" version="1.0">
<xsl:template match="/">
<xsl:variable name="properties" select="document('local:///ConfigFiles/IdentityDocument.xml')" />
<dp:set-variable name="'var://system/Env/Props'" value="$properties" />
<xsl:variable name="Request_Xml_Ctx" select="." />
<dp:set-variable name="'var://context/Request/Request_Xml_Ctx'" value="$Request_Xml_Ctx" />

<!-- xsl:variable name="ip" select ="data/value"/ -->
<xsl:variable name="ip" select="$properties/environment/endPoints/MQServices/ip"/>
<xsl:variable name="port" select="4445" />
<xsl:variable name="uri" select="/MQFSHPUT" />
<xsl:variable name="MDMMpgMQPutTarget" select="concat('https://',$ip,':',$port,$uri)"/>

<dp:set-variable name="'var://service/mpgw/skip-backside'" value="1"/>
<!-- Invoking UIUtilityMPG service for putting message into MQ-->
<xsl:variable name="MDMMQputResponse">
<dp:url-open target="{$MDMMpgMQPutTarget}" response="responsecode-ignore">
<xsl:copy-of select="."/>
</dp:url-open>
</xsl:variable>
<xsl:choose>
<xsl:when test="$MDMMQputResponse/url-open/responsecode='200'">
<xsl:if test="$MDMMQputResponse/url-open/headers/header='OK OK'">
<dp:accept/>
</xsl:if>
<xsl:if test="$MDMMQputResponse/url-open/headers/header!='OK OK'">
<dp:set-variable name="'var://context/Error/Message'" value="'Connection Error'" />
<dp:set-variable name="'var://context/Error/Detail'" value="'Error in putting CCResponse into MQ'" />
<dp:reject/>
</xsl:if>
</xsl:when>

<xsl:when test="$MDMMQputResponse/url-open/responsecode!='200'">
<dp:set-variable name="'var://context/Error/Message'" value="'Connection Error'" />
<dp:set-variable name="'var://context/Error/Detail'" value="'Error in putting CCResponse into MQ'" />
<dp:reject/>
</xsl:when>

<xsl:when test="not($MDMMQputResponse/url-open/responsecode)">
<xsl:variable name="error-code" select="string($MDMMQputResponse/url-open/statuscode)" />
<dp:set-variable name="'var://context/Error/Error-code'" value="$error-code" />

<xsl:variable name="Message" select="string($MDMMQputResponse/url-open/errorstring)" />
<dp:set-variable name="'var://context/Error/Message'" value="$Message" />
<dp:reject/>

</xsl:when>

</xsl:choose>

</xsl:template>
</xsl:stylesheet>
Updated on 2012-11-14T23:04:17Z at 2012-11-14T23:04:17Z by SystemAdmin
  • HermannSW
    HermannSW
    4488 Posts
    ACCEPTED ANSWER

    Re: Datapower url-open Statuscode 7

    ‏2012-11-14T09:06:54Z  in response to SystemAdmin
    Can you log and let us know the value of "{$MDMMpgMQPutTarget}"?
    What is the exact error message you see in the log?

     
    Hermann<myXsltBlog/> <myXsltTweets/>
    • SystemAdmin
      SystemAdmin
      6772 Posts
      ACCEPTED ANSWER

      Re: Datapower url-open Statuscode 7

      ‏2012-11-14T15:55:05Z  in response to HermannSW
      I am dexpectting following statement to translate as:
      xsl:variable name="MDMMpgMQPutTarget" select="concat('https://',$ip,':',$port,$uri)" />
      as https://10.5.10.3:4445/MQFSHPUT

      1 url-open https://uiqat2datapower.uinet.com:4445/ (show nodeset) response-code-ignore (show nodeset) Cannot create connection

      Response is

      <url-open>
      <statuscode>7</statuscode>
      <errorstring>Cannot create connection</errorstring>
      </url-open>

      Host Alias is definned as:
      Host Name IP Address Type
      uiesbdp.com 10.5.10.3 Host Alias
      uiqat2datapower.uinet.com 10.5.10.3 Host Alias
      Following are the log erorrs:
      10:51:22 network error 424129 error 10.5.10.3 0x80e0003e wsgw (MDMPRTIWSP): url-open: Cannot create connection to 'https://10.5.10.3:4445/'
      10:51:22 network error 424129 10.5.10.3 0x80e0005a Cannot establish SSL credentials (credential is NULL), URL: 'https://10.5.10.3:4445/'.
      10:51:22 network warn 424129 10.5.10.3 0x80e00058 SSL connection to 'https://10.5.10.3:4445/' failed, unable to get SSL Proxy Profile ''
    • Asim80
      Asim80
      19 Posts
      ACCEPTED ANSWER

      Re: Datapower url-open Statuscode 7

      ‏2014-09-25T16:13:21Z  in response to HermannSW

      I get a similar response when I make a soma call. What am I possibly doing wrong here? Do I need to enable anything in particular on xml management interface to be called from within xslt. Or anything wrong with my xsl code? Thanks 

      Request

      <dp:url-open target="https://127.0.0.1:5550/service/mgmt/current" response="responsecode">
      <env:Envelope xmlns:env="http://schemas.xmlsoap.org/soap/envelope/">
      <env:Body>
      <dp:request xmlns:dp="http://www.datapower.com/schemas/management">
      <dp:get-status class="CPUUsage"/>
      </dp:request>
      </env:Body>
      </env:Envelope>
      </dp:url-open>
      Response
      <url-open>
         <statuscode>7</statuscode>
         <errorstring>Cannot create connection</errorstring>
      </url-open>

      Error in Logs:  url-open: Cannot create connection to 'https://127.0.0.1:5550/service/mgmt/current'

       

      • kenhygh
        kenhygh
        1461 Posts
        ACCEPTED ANSWER

        Re: Datapower url-open Statuscode 7

        ‏2014-09-25T16:34:47Z  in response to Asim80

        It's an HTTPS url. You'll need an ssl proxy.

        • Asim80
          Asim80
          19 Posts
          ACCEPTED ANSWER

          Re: Datapower url-open Statuscode 7

          ‏2014-09-25T17:07:27Z  in response to kenhygh

          I have setup xml manager where I have added the ssl proxy now (forward direction). And I have got the cert for the ssl proxy from the broswer using the xml management interface url (https://myIp:5550/service/mgmt/current). Now I get the below error. Also, not I am using admin user/pw for authentication in xml manager as well. 

          <url-open>
             <statuscode>5</statuscode>
             <errorstring>Remote error on URL</errorstring>
          </url-open>
          • kenhygh
            kenhygh
            1461 Posts
            ACCEPTED ANSWER

            Re: Datapower url-open Statuscode 7

            ‏2014-09-25T17:33:24Z  in response to Asim80

            you'll need the basic auth header for the xml management interface, just like you thought :-)

            • Asim80
              Asim80
              19 Posts
              ACCEPTED ANSWER

              Re: Datapower url-open Statuscode 7

              ‏2014-09-25T17:55:19Z  in response to kenhygh

              You mean to setup 'Basic-Auth Policy'? That is already setup. Additional Info from logs:

              SSL connection failed

              valcred (DeviceBackup_ValCreds)SSL Proxy Profile 'DeviceBackup_ProxyProfile': connection error: peer did not send a certificate

              TCP connection attempt refused from 127.0.0.1 to 127.0.0.1 port 5550

               

              • kenhygh
                kenhygh
                1461 Posts
                ACCEPTED ANSWER

                Re: Datapower url-open Statuscode 7

                ‏2014-09-25T18:25:48Z  in response to Asim80

                that sounds like you changed the url-open() to http.

                can you post your code again?

                • Asim80
                  Asim80
                  19 Posts
                  ACCEPTED ANSWER

                  Re: Datapower url-open Statuscode 7

                  ‏2014-09-25T18:31:58Z  in response to kenhygh

                  xsl file of my dp service  below (ssl proxy profile and basic auth user/pw is configured in xml management  interface):

                  <xsl:stylesheet version="1.0" xmlns:xsl="http://www.w3.org/1999/XSL/Transform" xmlns:dp="http://www.datapower.com/extensions" xmlns:mgmt="http://www.datapower.com/schemas/management" extension-element-prefixes="dp" xmlns:date="http://exslt.org/dates-and-times">
                   <xsl:output method="xml"/>
                   <xsl:template match="/">
                   
                    <dp:url-open target="https://127.0.0.1:5550/service/mgmt/current" response="responsecode">
                     <env:Envelope xmlns:env="http://schemas.xmlsoap.org/soap/envelope/">
                  <env:Body>
                  <dp:request xmlns:dp="http://www.datapower.com/schemas/management">
                  <dp:get-status class="CPUUsage"/>
                  </dp:request>
                  </env:Body>
                     </env:Envelope>
                    </dp:url-open>
                   
                   <xsl:message dp:type="backup" dp:priority="alert">Backup Passed</xsl:message>
                      
                   </xsl:template>
                  </xsl:stylesheet>

                   

                  • HermannSW
                    HermannSW
                    4488 Posts
                    ACCEPTED ANSWER

                    Re: Datapower url-open Statuscode 7

                    ‏2014-09-25T18:56:10Z  in response to Asim80

                    Your <dp:url-open> misses the @ssl-proxy entry needed, see InfoCenter:
                    http://pic.dhe.ibm.com/infocenter/wsdatap/v5r0m0/index.jsp?topic=%2Fcom.ibm.dp.xi.doc%2Fextensionfunctions35.htm

                    You can do similar by dp:soap-call() as well, see this blog posting:
                    https://www.ibm.com/developerworks/community/blogs/HermannSW/entry/accessing_xml_management_interface_from_within_a_stylesheet38


                    Hermann <myBlog/> <myTweets/> | <GraphvizFiddle/> | <xqib/> | <myCE/> <myFrameless/> | 
                     

                    • Asim80
                      Asim80
                      19 Posts
                      ACCEPTED ANSWER

                      Re: Datapower url-open Statuscode 7

                      ‏2014-09-25T21:04:07Z  in response to HermannSW

                      Hermann - I tried using your xslt, used the default xml manager this time. I have an ssl proxy setup on the domain that I used. Also do I use the pw in this line of code? <xsl:variable name="pwd64" select="dp:encode('myUser,'myPw)"/>. Log error below please:

                      xmlfirewall (DeviceBackup_XMLFW): soap-call: Error parsing reply, Could not open URL 'https://127.0.0.1:5550/service/mgmt/current'
                      xmlfirewall (DeviceBackup_XMLFW): Error occurred (port error) when connecting to URL 'https://127.0.0.1:5550/service/mgmt/current'
                      xmlmgr (DeviceBackup_XMLMGR): cannot connect to host '127.0.0.1:5550': returning error
                      SSL connection failed
                      valcred (DeviceBackup_ValCreds): SSL Proxy Profile 'DeviceBackup_ProxyProfile': connection error: peer did not send a certificate
                      TCP connection attempt refused from 127.0.0.1 to 127.0.0.1 port 5550
                      • HermannSW
                        HermannSW
                        4488 Posts
                        ACCEPTED ANSWER

                        Re: Datapower url-open Statuscode 7

                        ‏2014-09-26T08:10:29Z  in response to Asim80

                        Did you enable "Objects-->Device Management-->XML Management Interface"?

                        Can you send SOMA request from outside of DataPower successfully?


                        Hermann.

                        • Asim80
                          Asim80
                          19 Posts
                          ACCEPTED ANSWER

                          Re: Datapower url-open Statuscode 7

                          ‏2014-09-26T14:12:48Z  in response to HermannSW

                          Yes Hermann, its enabled and I can send soma calls from soapUI. Thanks 

                          • HermannSW
                            HermannSW
                            4488 Posts
                            ACCEPTED ANSWER

                            Re: Datapower url-open Statuscode 7

                            ‏2014-09-26T14:33:59Z  in response to Asim80

                            Good, then you need to change "127.0.0.1" to the interface XML Management Serice is configured on for the url-open URL -- I did the sloppy "0" as IP address allowing external as well as internal access.


                            Hermann.

                            • Asim80
                              Asim80
                              19 Posts
                              ACCEPTED ANSWER

                              Re: Datapower url-open Statuscode 7

                              ‏2014-09-26T15:26:16Z  in response to HermannSW

                              I changed the destination ip to the xml management interface. Also on the xml management interface I added 127.0.0.1 to the entry list which means to accept requests from that ip (not sure if this step was needed or not given the request is coming from with in device, normally I have to add entry for external clients sending requests to xml interface). A bit diff error in the logs. I attached the xslt code file I am using, can you please validate that if that is not the cause?

                                  <xsl:variable name="result"
                                                select="dp:soap-call('https://10.xx.xx.xx:5550/service/mgmt/current',
                                                                     $FirmwareVersion/*,
                                                                     'DeviceBackup_ProxyProfile',
                                                                     0,
                                                                     '',
                                                                     $httpHeaders/*
                                                                    )"
                                  />
                              valcred (DeviceBackup_ValCreds): SSL Proxy Profile 'DeviceBackup_ProxyProfile': connection error: peer did not send a certificate
                              xmlfirewall (DeviceBackup_XMLFW): soap-call: Error parsing reply, Could not open URL 'https://10.254.213.7:5550/service/mgmt/current'
                              xmlfirewall (DeviceBackup_XMLFW): Error occurred when connecting to URL 'https://10.254.213.7:5550/service/mgmt/current'

                              Attachments

                              • kenhygh
                                kenhygh
                                1461 Posts
                                ACCEPTED ANSWER

                                Re: Datapower url-open Statuscode 7

                                ‏2014-09-26T16:20:34Z  in response to Asim80

                                So what is MyIP, and what did you configure the XML Management Interface to listen to? they have to be the same - or the XML Management Interface can listen to 0.0.0.0 (bad practice) to make sure it works, and then lock it down.

                                • Asim80
                                  Asim80
                                  19 Posts
                                  ACCEPTED ANSWER

                                  Re: Datapower url-open Statuscode 7

                                  ‏2014-09-26T18:44:37Z  in response to kenhygh

                                  Sweet :). It worked. I had to add the xml management interface ip to the list of ips on xml interface. 

                                  MyIP is the xml management interface ip (I just marked it in the attachment). Thanks for your everyone everyone.