WSO2 ESB Axis2 Service throwing Host name verification failed for host

Question

I have created an AXIS service which connects to WSO2 Identity Server and validates a token. When I deploy this axis service on WSO2 App Server, I get the correct response. Where as when I deploy it on WSO2 ESB, I get the following error

org.apache.axis2.AxisFault: The input stream for an incoming message is null.
at org.apache.axis2.transport.TransportUtils.createSOAPMessage(TransportUtils.java:93)
at org.apache.axis2.transport.TransportUtils.createSOAPMessage(TransportUtils.java:68)
at org.apache.axis2.description.OutInAxisOperationClient.handleResponse(OutInAxisOperation.java:346)
at org.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisOperation.java:413)
at org.apache.axis2.description.OutInAxisOperationClient.executeImpl(OutInAxisOperation.java:224)
at org.apache.axis2.client.OperationClient.execute(OperationClient.java:149)
at org.wso2.carbon.identity.oauth2.stub.OAuth2TokenValidationServiceStub.validate(OAuth2TokenValidationServiceStub.java:184)
at com.xxx4.yyy.security.token.service.TokenValidationService.validateToken(TokenValidationService.java:67)
at com.xxx4.yyy.security.token.facade.TokenValidationFacade.validateToken(TokenValidationFacade.java:16)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:606)
at org.apache.axis2.rpc.receivers.RPCUtil.invokeServiceClass(RPCUtil.java:212)
at org.apache.axis2.rpc.receivers.RPCMessageReceiver.invokeBusinessLogic(RPCMessageReceiver.java:117)
at org.apache.axis2.receivers.AbstractInOutMessageReceiver.invokeBusinessLogic(AbstractInOutMessageReceiver.java:40)
at org.apache.axis2.receivers.AbstractMessageReceiver.receive(AbstractMessageReceiver.java:110)
at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:180)
at org.apache.synapse.transport.passthru.ServerWorker.processEntityEnclosingRequest(ServerWorker.java:404)
at org.apache.synapse.transport.passthru.ServerWorker.run(ServerWorker.java:184)
at org.apache.axis2.transport.base.threads.NativeWorkerPool$1.run(NativeWorkerPool.java:172)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
at java.lang.Thread.run(Thread.java:724)

[2013-10-03 14:42:56,160] ERROR - TargetHandler I/O error: Host name verification failed for host : 172.20.5.110 javax.net.ssl.SSLException: Host name verification failed for host : 172.20.5.110 at org.apache.synapse.transport.http.conn.ClientSSLSetupHandler.verify(ClientSSLSetupHandler.java:152) at org.apache.http.nio.reactor.ssl.SSLIOSession.doHandshake(SSLIOSession.java:285) at org.apache.http.nio.reactor.ssl.SSLIOSession.isAppInputReady(SSLIOSession.java:372) at org.apache.http.impl.nio.reactor.AbstractIODispatch.inputReady(AbstractIODispatch.java:118) at org.apache.http.impl.nio.reactor.BaseIOReactor.readable(BaseIOReactor.java:160) at org.apache.http.impl.nio.reactor.AbstractIOReactor.processEvent(AbstractIOReactor.java:342) at org.apache.http.impl.nio.reactor.AbstractIOReactor.processEvents(AbstractIOReactor.java:320) at org.apache.http.impl.nio.reactor.AbstractIOReactor.execute(AbstractIOReactor.java:280) at org.apache.http.impl.nio.reactor.BaseIOReactor.execute(BaseIOReactor.java:106) at org.apache.http.impl.nio.reactor.AbstractMultiworkerIOReactor$Worker.run(AbstractMultiworkerIOReactor.java:604) at java.lang.Thread.run(Thread.java:724)

score 20 · Accepted Answer · edited Feb 20 '15 at 15:34

20

Set the parameter HostnameVerifier to AllowAll for transportSender in the Axis2 configuration (axis2.xml).

<transportSender name="https" class="org.apache.synapse.transport.passthru.PassThroughHttpSSLSender">
   <!--...-->
   <!--supports Strict|AllowAll|DefaultAndLocalhost or the default if none specified -->
   <parameter name="HostnameVerifier">AllowAll</parameter>
   <!--supports Strict|AllowAll|DefaultAndLocalhost or the default if none specified -->
</transportSender>

edited Feb 20 '15 at 15:34

Philipp

4,645
3
47
80

answered Oct 03 '13 at 09:54

Ratha

9,434
17
85
163

Thank you, it resolved that issue. However, I am getting a different error now - ERROR - AxisEngine Message Receiver not found for AxisOperation. However it is working 100% fine on AS - Any thoughts in this regard, please! – sasi_personal Oct 03 '13 at 10:20
The following is the error I am gettingERROR - AxisEngine Message Receiver not found for AxisOperation: {http://oauth2.identity.carbon.wso2.org}validate org.apache.axis2.AxisFault: Message Receiver not found for AxisOperation: {http://oauth2.identity.carbon.wso2.org}validate – sasi_personal Oct 03 '13 at 10:29
When I change the transportSender from ESB default one to AS default for https - It is working as expected. I am not sure if that is correct approach or not, please suggest! – sasi_personal Oct 03 '13 at 14:44
Found the solution for the above problem, when we try add Axis2 service using WSO2 Dev Stud, it adds messageReceivers and add receivers for In and InOut operations. When I remove these message receivers from the service definition, I do not see the errors as reported. – sasi_personal Oct 21 '13 at 08:40
This to me is not a viable solution,in a production environment, as it creates a security flaw/ hole. – MiddlewareManiac Sep 30 '15 at 10:03

Chiranga Alwis · Answer 2 · 2017-11-20T06:43:59.623

2

Adding to Ratha's answer, the following official documentation provides a detailed explanation about hostname verification in WSO2 products.

Enabling HostName Verification

edited Nov 20 '17 at 06:43

answered Nov 20 '17 at 05:32

Chiranga Alwis

1,049
1
25
47

WSO2 ESB Axis2 Service throwing Host name verification failed for host

2 Answers2

Linked