holodeck-b2b / holodeck-b2b Goto Github PK

org.holodeckb2b.interfaces.core.HolodeckB2BCoreInterface.getMessageSubmitter().submitMessage(IPullRequest) may report that submission of the PullRequest failed (raising a MessageSubmission event and throwing a MessageSubmitException) even if the PullRequest is saved to the message database and subsequentially send.

When Holodeck B2B (version 2.1.1) receives an Error Signal message that contains several errors and only the ebMS header contains a reference to the message in error the message unit is rejected because of "inconsistent references to the message in error".
As the Error however refers consistently to one message in error the rejection is incorrect and the error should be processed.

When an Error signal without a reference to a message in error is received as HTTP response Holodeck B2B derives the reference by checking if there was only one message unit sent and if so links the Error to this message unit.
On delivery of the error however only the ISignalMessage object, which doesn't include the derived reference, is provided to the IMessageDeliver. This can cause problems in notification of the Error to the business application.
It would be better to include the derived reference in the signal meta-data provided to the IMessageDeliver

When the P-Mode does not define the PartyId(s) of a Trading Partner in the P-Mode a NPE occurs in the P-Mode finding process as it always tries to compare the PartyIds from the message with the ones in the P-Mode.

Info:
Holodeck B2B 2.1.2
Windows Server 2012R2
JRE 1.8.0.121

Is it possible to set more than one P-Mode to cover communication with several partners? If yes, why I do see in the log that PModeWatcher detects only the first p-mode in ex-pm-push-resp.xml on B side? Thank you in advance for your answer.

Best regards,
Aleksandar Ilić

There should be a XML schema definition for the files used in the single__xml delivery method.

When a message is received that contains an invalid SOAP Envelope an exception is raised when logging the SOAP envelope.
This exception causes a generic Error, but as it occurs before any ebMS processing has taken place, there is no chance to relate it to another message and therefore P-Mode and no further processing can occur.
Also the SOAP envelope itself is not logged, so it's difficult to see what the actual problem is.

When the payload's location is not available (when for example the message unit was not completely processed due to an error) the purge operation fails on that message unit with a NPE. As the NPE is not catched in the worker itself, it blocks cleaning up other "expired" messages.

When the processing state of a message unit must be changed conditionally, i.e. only if it is in a certain current state, the database connection is not closed if the condition is not met. This can result in Holodeck B2B running out of database connections and stop processing of messages.

When the P-Mode contains a PullRequestFlow element without security configuration a NullPointerException occurs when the P-Mode is searched for a received Pull Request.

Hello!
I'm currently trying to use Holodeck on a File-System only basis. For that to work properly I require Holodeck to give me a receipt for every File I try to transmit via it to a remote partner. Currently I only get a receipt when the remote partner successfully processes my message and a "Missing Receipt" message when no receipt was received at all. However, I would also like to get the error reports from the remote partner as file (e.g. PartyId or Role wrong etc). I already tried out the SignalDelivery plugin but could not figure out how to make it work properly. Also, I actually don't really know if that plugin is what I want in the first place. At the moment there are just too many screws to make adjustments to :-(

So if anybody could help me get my bearings it would be appreciated.

• Send files encrypted and signed to a remote partner [works]
• Have Holodeck process the Response from the remote partner [works]
• Have Holodeck configured in such a way that Error Reports from the remote partner - just as successful receipts - are written to disk in a folder designated in the p-mode configuration [does NOT work]

Attached is a configuration file I currently use for testing (why tf does Github not support XML natively?)
p-mode-config.txt

According to ENTSOG inbound and outbound connections must be HTTPS.
Specifying HTTPS transport receiver in axis2.xml configuration using the following does not open listening port (netstat –a does not list specified port as listening):

<transportReceiver name="https" class="org.apache.axis2.transport.http.AxisServletListener">  
	<parameter name="port">9090</parameter>  
</transportReceiver>  

As this is mandatory setting it would be a good idea to include HTTPS setting in your documentation.

Thank you,
Robert

Axway B2Bi does not recognize error messages with the severity in capitals.
We issued a support case for B2Bi but according to Axway the severity should be lowercase:

AS4 is based on XML and XML is case sensitive. Therefore, anything in the spec must be regarded as case sensitive and the spec is clear that the REQUIRED attribute value is either "warning" or "failure". Not WARNING nor FAILURE. If we were to change this, we would be violating the spec.

See http://docs.oasis-open.org/ebxml-msg/ebms/v3.0/core/ebms_core-3.0-spec.pdf
Chapter: "6 Error Handling"
Section: "6.2.5. eb:Error/@Severity"

2196 6.2.5. eb:Error/@Severity
2197 This REQUIRED attribute indicates the severity of the error. Valid values are: warning, failure.
2198 The warning value indicates that a potentially disabling condition has been detected, but no m essage
2199 processing and/or exchange has failed so far. In particular, if the message was supposed to be delivered
2200 to a consumer, it would be delivered even though a warning was issued. Other related messages in the
2201 conversation or MEP can be generated and exchanged in spite of this problem.
2202 The failure value indicates that the processing of a message did not proceed as expected, and cannot
2203 be considered successful. If, in spite of this, the message payload is in a state of being delivered, the
2204 default behavior is not to deliver it, unless an agreement states otherwise (see OpCtx-ErrorHandling).
2205 This error does not presume the ability of the MSH to process other messages, although the
2206 conversation or the MEP instance this message was involved in is at risk of being invalid.

When security should be applied to a message exchange, i.e. signing and/or encryption, it must be configured in the P-Mode as part of Initiator or Responder configuration. Because the PartyId must also be set for the trading partner it limits the use of a certificate to one (set of) PartyId(s).

According to documentation on the website it should be possible to set the PartyId when submitting the User Message to Holodeck B2B.

When a User Message that must be encrypted contains multiple payloads including an XML document that should be included in the SOAP Body this payload is not encrypted if it is the first in the list of payloads.

Messages where one or more of the ebMS meta data strings like Service, Action or Properties has a length of more than 255 characters can not be saved in the database and therefore are not processed correctly.
Conform AS4 spec long strings must be possible in the message meta data. Issue has to be resolved in the persistency classes.

Hello,
I have the following setup. I'm on sender-initiator side using Holodeck B2B 2.1.2, Windows Server 2012R2, JRE 1.8.0.121.
When sending a message to this particular partner the message attachement content type as inspected on the wire is application/octet-stream and content transfer encoding binary. In this case our partner is expecting to receive attachements in base64 encoding (Content-Transfer-Encoding: base64).

My question is: Is it possible to specify attachement encoding being base64?

Thank you, Robert

When I change extension from e.g. accepted to .mmd I always end up with changed extension .accepted.
This behavior is OK, when the message is delivered by the holodeck b2b, but the status is the same when the message is just sent and the error on the other side prevents the payload to be delivered on the expected receiver’s folder.
Is there any way to configure this behavior?

Thank you in advance and best regards!

When the AS4 Compression feature is used for a received payload and its original MIME type is specified as "application/gzip" the payload is not decompressed on delivery but compressed again, creating a double gzip compressed file.

When the SubmitFromFile worker fails to rename to the MMD it logs this as "«mmd file» is not processed because it could be renamed". This of course should be "«mmd file» is not processed because it could not be renamed"

When the SubmitFromFile worker cannot rename an MMD file it ignores that file from then on, until a change is made to it (for example by renaming the file) or Holodeck B2B is restarted.
Expected behaviour is that every time the worker runs all available MMD files are processed including files skipped on the previous run.

Applies to both version 2.1.3 and 3.1.1

If the directory in which Holodeck B2B is installed has a space in the directory name, server starts with the following error message:

Using AXIS2_HOME: /Users/renates/Documents/-TMP HB2B/holodeck-b2b-A
Using JAVA_HOME: /Library/Internet Plug-Ins/JavaAppletPlugin.plugin/Contents/Home/
./startServer.sh: line 63: cd: /Users/renates/Documents/-TMP HB2B/holodeck-b2b-A: No such file or directory
[SimpleAxisServer] Using the Axis2 Repository/Users/renates/Documents/-TMP HB2B/holodeck-b2b-A /repository
[SimpleAxisServer] Using the Axis2 Configuration File/Users/renates/Documents/-TMP HB2B/holodeck-b2b-A /conf/axis2.xml
Starting Holodeck B2B Core module...
[SimpleAxisServer] Started

According to ENTSOG AS4 usage profile specification:

UserMessage/CollaborationInfo/ConversationId MUST be included in any AS4 message (as it is a mandatory element) with as content the empty string.

It seems that Holodeck B2B doesn't not support this requirement as messages with empty CoversationID are rejected (both incoming and outgoing).

Could you please look at it?

The name of the root element of the single__xml file delivery should be "ebmsMessage", but it is "eb3:Messaging".

Please rename the class "compare" to "CompareUtils" so that it matches the Java naming conventions. Thanks

There is a bug in the SingleXMLDeliverer class which may result in loss of some characters at the end of the payload messages (in my case some EDI messages were missing ending characters therefore couldn't be parsed). The problem is in the method writeEncodedPayload where you call b64os.flush() but forget about b64os.close().
Please note that lack of close() generates warning "resource leak" but it was somehow ignored in the code.

When receiving a Receipt from a successful delivery, ProcessWSSHeaders is triggered when neither the P-Mode, outbound (original message) or receipt message contain security configurations.
This results in a non-fatal error, but triggers the resend process (if configured in the PMode) even though the original message was successfully delivered.

(Log and SOAP records attached)

0aa580ad-9955-4a2a-aa29-6b07c899ba3f_holodeck.log
0aa580ad-9955-4a2a-aa29-6b07c899ba3f_SOAP_OUT.log
0aa580ad-9955-4a2a-aa29-6b07c899ba3f_SOAP_RECEIPT_IN.log

When multiple payloads are included as attachments sometime the generated MIME part Content-id's are not unqiue for each payload. This results in loss of information.

When the Description element of an ebMS Error contains more than 255 characters a database error occurs and the message can not be processed.

When a SOAP message is received without any ebMS message unit a NPE occurs in the SetupWSSProcessing handler when it checks for the primary message unit.

When the eb:Timestamp element in a received message contains fractional seconds but not the 'Z' timezone indicator a StringIndexOutOfBoundsException is thrown and the message processing aborted. The sender of the message gets an "Internal Error" ebMS Error.

The 'Z' indicator however is optional (see section 5.2.2.1 of ebMS V3 Core Spec).

The notification XML document, both for the ebms as well as for the single__xml format do contain in addition to the ReceiptChild element a copy of the content of the notified Receipt. As specified in the documentation of the delivery method the original content should not be included.

When submitting multiple messages concurrently that use the same payload file, some submissions may be rejected because the payload file can not be copied to the temporary directory due to a duplicate file name.

Is there more documentation on CertificateRevocationCheck if it set to TRUE on global level?
How to force certificate hierarchy check?
Is storing all the Certified Authorities in trustedcerts.jks the correct approach?
Should we always have chain of certificates in privatekeys.jks?

Thank you inadvance and best regards!

Following ENTSOG AS4 profile, I must encrypt the payload (XML attachment). Based on P-Mode documentation (http://holodeck-b2b.org/documentation/p-mode-schema/):
“Element tns:EncryptionConfiguration / tns:KeyTransport
This OPTIONAL element contains the settings to add the key transport information to the WS-Security header, i.e. to construct the xenc:EncryptedKey element.
NOTE: If this element is included in the P-Mode it SHOULD contain at least one child element.”
Instead of full XML structure I end up without the second half of the XML structure (xenc:EncryptedKey and xenc:EncryptedData):

Used P-Mode part:
<Initiator> <PartyId>PartnerA</PartyId> <Role>ZSO</Role> <SecurityConfiguration> <Signing> <KeystoreAlias password="12345678">testCertPrivate</KeystoreAlias> <KeyReferenceMethod>KeyIdentifier</KeyReferenceMethod> </Signing> <Encryption> <KeystoreAlias>testCertPublic</KeystoreAlias> <Algorithm>http://www.w3.org/2009/xmlenc11#aes128-gcm</Algorithm> <KeyTransport> <Algorithm>http://www.w3.org/2009/xmlenc11#rsa-oaep</Algorithm> <MGFAlgorithm>http://www.w3.org/2009/xmlenc11#mgf1sha256</MGFAlgorithm> <DigestAlgorithm>http://www.w3.org/2001/04/xmlenc#sha256</DigestAlgorithm> <KeyReferenceMethod>KeyIdentifier</KeyReferenceMethod> </KeyTransport> </Encryption> </SecurityConfiguration> </Initiator>

This issue happens when a P-Mode not found error is generated for a User Message that is received as response to a PullRequest or when the P-Mode is removed before sending the Error.

This problem only affects the Error message and does not block any further message processing. Since the Error can not be sent anyway (as there is no P-Mode saying how to send it), this is a low priority issue.

If my received message has no attachments, but the SOAP envelope explicitly states
ns2:PayloadInfo/
this throws
throw new PackagingException("PayloadInfo does not contain PartInfo elements");

thereafter, the message has a generated error for the header, & no further processing occurs - which means that any call to
MessageContextUtils.getPrimaryMessageUnit(mc).entity
will generate a null-pointer, as there are no primary message units left.

According to the spec, PartInfo can occur 0 or more times.

Hi Sander!
Your POM uses still WSS4J 2.0.4 and the link to the issue no longer exists.
Can you please check if WSS4J 2.0.7 solves the problem (or even version 2.1.5)
Thanks

When trying to start version 2.1.1 on a Java 7 JVM it fails with the following error:
java.lang.UnsupportedClassVersionError: org/hibernate/jpa/HibernatePersistenceProvider : Unsupported major.minor version 52.0

This is because the Hibernate version (5.2.x) included with Holodeck B2B 2.1.1 only support Java 8. As Holodeck B2B currently does not require specific Java 8 functionality this is an unnecessary requirement.

I fixed it in my branch: b32cd8e

Maybe this is helpful.
Additionally I'm using absolute paths :)

When using a PostgreSQL database together with Holodeck B2B version 2.1.0 it can happen that database connections are not closed after they have been used. This causes connection starvation and at some point it may block processing because no new connection can be opened.

Hi Sander,
It seems that since version 3.0.x you've decided to drop support for persistence.xml file and hardcoded persistency provider using embedded Derby database. It's very unfortunate decision for people like me who use client-server setup of Derby (e.g. in order to have an access to DB from multiple clients).

Since I'm still on 2.1.3 and planning upgrade to 3.0.1 I performed some tests and it's enough to change two properties inside the EntityManagerUtil class:

props.put(org.hibernate.cfg.AvailableSettings.DRIVER, "org.apache.derby.jdbc.ClientDriver");
props.put(org.hibernate.cfg.AvailableSettings.URL, "url here");

It works fine but it requires from me to recompile holodeckb2b-persistency module and of course I'd like to avoid any changes inside the core of Holodeck B2B at all cost. Mostly for maintenance and upgrade reasons.

How do you think we should deal with such issue? Maybe you could parametrize these two parameters so they are provided from holodeckb2b.xml conf file?

In the documentation included in log4j2.xml it is stated that the log level for the org.holodeckb2b.msgproc.errors logger should be set to INFO to enable the logging of ebMS errors to the ebms_errors.log log file.
The log level however needs to be set to ERROR to enable the logging of the ebMS errors to this log.

When the path where Holodeck B2B is installed is very long (~250 chars) it isn't possible to start the server.

This is caused by limitation in Windows on the length of the command line which may not exceed 8192 characters. Because all jars in the lib directory are individually included with their absolute path in the Java classpath this maximum will be exceeded when the HB2B_HOME path is already very long.

When a generic P-Mode is used to pull message from a given MPC, Holodeck B2B does not find this P-Mode as the one that applies to a returned User Message.
The MPC declared in the PR-flow of the P-Mode is not used in the P-Mode finding process.

Is there a Web Service interface that exposes WDSL that I use with non Java language? e.g., Python

When an exception occurs in the processing of the WS-Security header this results in java.lang.NoSuchMethodError. This error however is not caught by the handler responsible for the processing of the WS-Security handler.

Hi

Sorry to be posting this here but I was running out of ideas.

Back in November last year, I can into a problem where email to [email protected] was bouncing. So I posted here and Renate sent an email to me.

I've tried replying to her email from [email protected] about purchasing consulting twice: once on the 3rd of December and again last week on the 8th of March.

I've heard nothing back on either email (not even a bounce), so now I'm wondering if maybe some other email issue (spam filter?) is swallowing my replies to Renate so she isn't seeing them.

Is there some other convenient method of making contact I should use instead?
I can be reached at [email protected]

Cheers,
Paul.

A NPE can occur on the initialization of the pull workers when HB2B is started as the "pull worker pool" is not yet initialized by the Core (org.holodeckb2b.module.HolodeckB2BCoreImpl) when [indirectly] called by the worker watching its configuration (org.holodeckb2b.ebms3.pulling.PullConfigurationWatcher).

As a work around for this issue the start of the PullConfigurationWatcher can be delayed for a few seconds by adding a delay attribute to its declaration in workers.xml.

When the submitted User Message cannot be persisted, for example because it uses a duplicate MessageId, the payloads which are already copied/moved to the internal storage are not removed. As the message is not persisted it will also not be purged and the files will remain forever causing a resource leak.