I am using Orion Context Broker version 1.1.0
I had the only entity in my DB:
{
"id"=>"Room1",
"type"=>"Room",
"temperature"=>{"type"=>"none", "value"=>10, "metadata"=>{}}
}
I did not have any subscription.
Then I created 3 subscriptions:
[
{
"subject"=>{"entities"=>[{"id"=>"Room1", "idPattern"=>"", "type"=>""}],
"condition"=>{"attrs"=>["temperature"], "expression"=>{"q"=>"temperature>10"}}}
},
{
"subject"=>{"entities"=>[{"id"=>"Room1", "idPattern"=>"", "type"=>""}],
"condition"=>{"attrs"=>["temperature"], "expression"=>{"q"=>"temperature<10"}}}
},
{
"subject"=>{"entities"=>[{"id"=>"Room1", "idPattern"=>"", "type"=>""}],
"condition"=>{"attrs"=>["temperature"], "expression"=>{"q"=>"temperature==10"}}}
}
]
As you can see, the difference is only in the expressions: temperature>10, temperature<10, temperature==10.
So that any time I change the Room1 temperature I should have only one subscription triggering the notification.
But it does not work as it should !!!
Each time I change the temperature, I have all 3 notifications.
However, when subscriptions were created, only one of them triggered a notification, depending on the temperature value of the Room1. It worked as expected.
But when Room1 temperature is changed, it does not work correctly and triggers all 3 notifications.
Edit:
Full output of the GET /v2/subscriptions operation:
[
{
"id"=>"574716a22fe8cdc00a696a94",
"expires"=>"2017-04-05T14:00:00.00Z",
"status"=>"active",
"subject"=>{
"entities"=>[{"id"=>"Room1", "idPattern"=>"", "type"=>""}],
"condition"=>{"attrs"=>["temperature"],
"expression"=>{"q"=>"temperature>10"}}
},
"notification"=>{"attrs"=>["temperature"], "http"=>{"url"=>"http://localhost:1028/accumulate"}},
"throttling"=>5
},
{
"id"=>"574716a22fe8cdc00a696a95",
"expires"=>"2017-04-05T14:00:00.00Z",
"status"=>"active",
"subject"=>{
"entities"=>[{"id"=>"Room1", "idPattern"=>"", "type"=>""}],
"condition"=>{"attrs"=>["temperature"],
"expression"=>{"q"=>"temperature<10"}}
},
"notification"=>{"attrs"=>["temperature"], "http"=>{"url"=>"http://localhost:1028/accumulate"}},
"throttling"=>5},
{
"id"=>"574716a22fe8cdc00a696a96",
"expires"=>"2017-04-05T14:00:00.00Z",
"status"=>"active",
"subject"=>{
"entities"=>[{"id"=>"Room1", "idPattern"=>"", "type"=>""}],
"condition"=>{"attrs"=>["temperature"],
"expression"=>{"q"=>"temperature==10"}}
},
"notification"=>{"timesSent"=>2, "lastNotification"=>"2016-05-26T15:30:42.00Z", "attrs"=>["temperature"], "http"=>{"url"=>"http://localhost:1028/accumulate"}},
"throttling"=>5
}
]
Edit2: Add some scenario:
Changed Room1 temperature to 11
Had the same output, but
[...{"timesSent"=>1}..., ...{"timesSent"=>1}..., ...{"timesSent"=>3}...]
Changed Room1 temperature to 10
Had the same output, but
[...{"timesSent"=>2}..., ...{"timesSent"=>2}..., ...{"timesSent"=>4}...]
Changed Room1 temperature to 9
Had the same output, but
[...{"timesSent"=>3}..., ...{"timesSent"=>3}..., ...{"timesSent"=>5}...]
This is due to a problem in subscriptions cache management in Orion 1.1. So, the solution in that version is to disable cache using -noCache CLI option.
The bug has been identified and a github issue has been created about it. It will be fixed in a newer Orion version.
EDIT: the bug has been solved in development branch, so it would be ready in Orion 1.2, to be release by early June 2016.
Related
I have deployed an API-Platform app using JWT token to ElasticBeanstalk which, as usual, works fine in my local server.
On EB though it is denying access to logged in users despite the correct BearerToken being provided.
This is the error thrown:
{
"errors": [
{
"message": "Access Denied.",
"extensions": {
"category": "graphql"
},
"locations": [
{
"line": 6,
"column": 9
}
],
"path": [
"retrievedQueryUser"
]
}
],
"data": {
"retrievedQueryUser": null
}
}
The query in question attempts to retrieve user profile info through the below graphql config:
* "retrievedQuery"={
* "item_query"=UserProfileResolver::class,
* "normalization_context"={"groups"={"get-owner"}},
* "security"="is_granted('IS_AUTHENTICATED_FULLY') and object == user"
* },
So, it should be a simple matter of checking if the users IS_AUTHENTICATED_FULLY and if it is the user him/herself trying to execute the query.
Far as I could tell, by dump below on /vendor/symfony/security-core/Authorization/AuthorizationChecker.php, it's failing to retrieve a token.
var_dump($this->tokenStorage->getToken()->getUser()->getUsername());
I did a cursory comparison of phpinfo() between my local installation and the one at AWS-EB and could not find any obvious mismatch.
This is the config for JWT at /config/packages/lexik_jwt_authentication.yaml.
lexik_jwt_authentication:
secret_key: '%env(resolve:JWT_SECRET_KEY)%'
public_key: '%env(resolve:JWT_PUBLIC_KEY)%'
pass_phrase: '%env(JWT_PASSPHRASE)%'
user_identity_field: email
token_ttl: 1800
Just to confirm that the users are able to login. It's passing through the isGranted() check that fails.
Any ideas?
EDIT - add `/config/packages/security.yaml
security:
# https://symfony.com/doc/current/security.html#where-do-users-come-from-user-providers
encoders:
App\Entity\User:
algorithm: auto
#algorithm: bcrypt
#algorithm: argon2i
cost: 12
providers:
database:
entity:
class: App\Entity\User
property: email
firewalls:
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
refresh:
pattern: ^/api/token/refresh
stateless: true
anonymous: true
api:
pattern: ^/api
stateless: true
anonymous: true
json_login:
check_path: /api/login_check
success_handler: lexik_jwt_authentication.handler.authentication_success
failure_handler: lexik_jwt_authentication.handler.authentication_failure
guard:
authenticators:
- app.google_login_authenticator
- App\Security\TokenAuthenticator
entry_point: App\Security\TokenAuthenticator
user_checker: App\Security\UserEnabledChecker
access_control:
- { path: ^/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/admin, roles: ROLE_SUPERADMIN }
- { path: ^/api/token/refresh, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/api, roles: IS_AUTHENTICATED_ANONYMOUSLY }
role_hierarchy:
ROLE_PROVIDER: ROLE_USER
ROLE_ADMIN: [ROLE_PROVIDER, ROLE_EDITOR]
ROLE_SUPERADMIN: ROLE_ADMIN
Upon further research I found out that Apache was stripping the authorization token from the request.
On the method supports of /lexik/jwt-authenticator-bundle/Security/Guard/JWTTokenAuthenticator, the dump as below will not include the token on AWS:
var_dump($request->headers->all());
var_dump($_SERVER);
As per this question, this is an issue of Apache configuration which is not accepting the authorization headers.
The indicated solution is to add the following to .htaccess:
SetEnvIf Authorization "(.*)" HTTP_AUTHORIZATION=$1
This resolves the issue, though one should note that the local Apache installation works fine without the above edit to .htaccess.
So, it should also be possible to change Apache config directly, but I could not find how to go about it.
EDIT: Later I found a specific instruction on 'JWT-Token' docs as follows, that confirm that solution on this link.
Postman: 5.5.0
Newman: 3.9.0
OS: Windows 10
How am I supposed to use the --folder command in Newman?
I have a Postman Collection Export (v2.1) which I am loading into Newman using:
- newman run "AME.postman_collection.json"
When I run this command, all tests execute as expected (including all sub folders.
However, I would like to run a specific subfolder called "Media". My understanding is that I should run the commandline:
- newman run "AME.postman_collection.json" --folder "Media"
Unfortunately this does not work. Newman simply reports no failure, but also 0 tests. I have also tried numerous other variations of the --folder parameter such as:
- "AME.Media"
- "AME/Media"
- "AME\Media"
- "\Media"
- "/Media"
- "Media/"
- "Media\"
- ".Media"
- And many, many more
Sample data from the Export below:
{
"info": {
"name": "AME",
"_postman_id": "023f6868-4c80-8c0f-01b6-78943caa38a6",
"description": "",
"schema": "https://schema.getpostman.com/json/collection/v2.1.0/collection.json"
},
"item": [
{
"name": "Media",
"description": "",
"item": [
{
"name": "showRenderer",
"event": [
Try updgrading to v3.9.1 (December 8, 2017).
The changelog states
Fixed folder option handling
that there was in error in folder handling which is now fixed. I tried v3.9.1 with sub folder and it worked for me.
My Proton instance fails with a java.lang.NullPointerException whenever an event is sent by Orion
this is the Proton log:
proton_1 | 01-Jul-2016 09:46:03.117 INFO [http-nio-8080-exec-1] com.ibm.hrl.proton.webapp.providers.EventXmlNgsiMessageReader.readFrom started event message body reader
proton_1 | 01-Jul-2016 09:46:03.125 INFO [http-nio-8080-exec-1] com.ibm.hrl.proton.webapp.providers.EventXmlNgsiMessageReader.readFrom Event: ApeContextUpdate
proton_1 | 01-Jul-2016 09:46:03.126 SEVERE [http-nio-8080-exec-1] com.ibm.hrl.proton.webapp.providers.EventXmlNgsiMessageReader.readFrom Could not parse XML NGSI event java.lang.NullPointerException, reason: null
proton_1 | last attribute name: null last value: null
proton_1 | 01-Jul-2016 09:46:03.130 INFO [http-nio-8080-exec-1] com.ibm.hrl.proton.webapp.providers.EventXmlNgsiMessageReader.readFrom finished event message body reader
proton_1 | 01-Jul-2016 09:46:03.131 INFO [http-nio-8080-exec-1] com.ibm.hrl.proton.webapp.resources.EventResource.submitNewEvent starting submitNewEvent
proton_1 | 01-Jul-2016 09:46:03.132 SEVERE [http-nio-8080-exec-1] com.ibm.hrl.proton.webapp.resources.EventResource.submitNewEvent Could not send event, reason: java.lang.NullPointerException, message: null
I've read the Appendix of the User guide and double checked the event name and the attributes list.
This is an xml sent by orion:
POST /ProtonOnWebServer/rest/events HTTP/1.1
User-Agent: orion/0.28.0 libcurl/7.19.7
Host: localhost:8080
Accept: application/xml, application/json
Content-length: 772
Content-type: application/xml
<notifyContextRequest>
<subscriptionId>57762eb9982959644644f9ee</subscriptionId>
<originator>localhost</originator>
<contextResponseList>
<contextElementResponse>
<contextElement>
<entityId type="Ape" isPattern="false">
<id>u1</id>
</entityId>
<contextAttributeList>
<contextAttribute>
<name>carsharing</name>
<type>urn:x-ogc:def:trs:IDAS:1.0:ISO8601</type>
<contextValue>2016-07-01T11:01:06</contextValue>
</contextAttribute>
</contextAttributeList>
</contextElement>
<statusCode>
<code>200</code>
<reasonPhrase>OK</reasonPhrase>
</statusCode>
</contextElementResponse>
</contextResponseList>
</notifyContextRequest>
This is the definition of the Proton project (BTW this is the project copied from
the server filesystem because also the rest api fails with a
NullPointerException)
{
"epn": {
"events": [
{
"name": "ApeContextUpdate",
"createdDate": "Fri Jul 01 2016",
"attributes": [
{
"name": "entityId",
"type": "String",
"dimension": "0"
},
{
"name": "entityType",
"type": "String",
"dimension": "0"
},
{
"name": "carsharing",
"type": "Date",
"dimension": "0"
}
]
}
],
"epas": [],
"contexts": {
"temporal": [],
"segmentation": [],
"composite": []
},
"consumers": [],
"producers": [],
"name": "t0"
}
}
and this is my docker-compose file:
mongo:
image: mongo:2.6
command: --smallfiles --quiet
proton:
image: fiware/proactivetechnologyonline
ports:
- "8080:8080"
orion:
image: fiware/orion:0.28
links:
- mongo
- proton
command: -dbhost mongo --silent
ports:
- "1026:1026"
I'm using Orion 0.28 (the last one that supports XML notifications) and the latest Proton
UPDATE 1 - catalina.log
07-Jul-2016 07:52:39.914 INFO [http-nio-8080-exec-1] com.ibm.hrl.proton.webapp.providers.EventXmlNgsiMessageReader.readFrom started event message body reader
07-Jul-2016 07:52:39.924 INFO [http-nio-8080-exec-1] com.ibm.hrl.proton.webapp.providers.EventXmlNgsiMessageReader.readFrom Event: ApeContextUpdate
07-Jul-2016 07:52:39.924 SEVERE [http-nio-8080-exec-1] com.ibm.hrl.proton.webapp.providers.EventXmlNgsiMessageReader.readFrom Could not parse XML NGSI event java.lang.NullPointerException, reason: null
last attribute name: null last value: null
07-Jul-2016 07:52:39.928 INFO [http-nio-8080-exec-1] com.ibm.hrl.proton.webapp.providers.EventXmlNgsiMessageReader.readFrom finished event message body reader
07-Jul-2016 07:52:39.929 INFO [http-nio-8080-exec-1] com.ibm.hrl.proton.webapp.resources.EventResource.submitNewEvent starting submitNewEvent
07-Jul-2016 07:52:39.929 SEVERE [http-nio-8080-exec-1] com.ibm.hrl.proton.webapp.resources.EventResource.submitNewEvent Could not send event, reason: java.lang.NullPointerException, message: null
The problem seems to be that your Proton instance is not actually configured with your project's JSON definition file, therefore when sending the POST of any type you will always get NullPointerException since no such event can be found in Proton's metadata.
Please try to configure your instance's admin interface, as described here:
http://proactive-technology-online.readthedocs.io/en/latest/Proton-InstallationAndAdminGuide/index.html (Setup Apache Tomcat for management part)
And then run the following query:
GET //<ip of the machine running Proton>:8080/ProtonOnWebServerAdmin/resources/definitions.
This should return the all the project definitions this instance have...
And then if you see this in the list, you can retrieve your specific project's definition by running:
GET /<ip of the machine running Proton>:8080/resources/definitions/{definition_name}.
I think this will either return nothing, or will be empty.
You can update the definitions by using RESTful interface as described here: http://forge.fiware.org/plugins/mediawiki/wiki/fiware/index.php/Complex_Event_Processing_Open_RESTful_API_Specification (under the Managing Definitions Repository part)
I installed elasticsearch, logstash, kibana, ngix and logstash-forwarder at same server to centralized logs. The log file (allapp.json) is a json file with logs entry like this:
"{\"timestamp\":\"2015-08-30 19:42:26.724\",\"MAC_Address\":\"A8:7C:01:CB:2D:09\",\"DeviceID\":\"96f389972de989d1\",\"RunningApp\":\"null{com.tools.app_logs\\/com.tools.app_logs.Main}{com.gtp.nextlauncher\\/com.gtp.nextlauncher.LauncherActivity}{com.android.settings\\/com.android.settings.Settings$WifiSettingsActivity}{com.android.incallui\\/com.android.incallui.InCallActivity}{com.tools.app_logs\\/com.tools.app_logs.Main}{com.gtp.nextlauncher\\/com.gtp.nextlauncher.LauncherActivity}{com.android.settings\\/com.android.settings.Settings$WifiSettingsActivity}{com.android.incallui\\/com.android.incallui.InCallActivity}\",\"PhoneName\":\"samsung\",\"IP\":\"192.168.1.101\"}"
my logstash.conf is:
input {
lumberjack {
port => 5002
type => "logs"
ssl_certificate => "/etc/pki/tls/certs/logstash-forwarder.crt"
ssl_key => "/etc/pki/tls/private/logstash-forwarder.key"
}
udp {
type => "json"
port => 5001
}
}
filter {
json {
"source" => "message"
}
}
output {
elasticsearch { host => localhost }
stdout { codec => rubydebug }
}
my logstash-forwarder.conf (at same system that logstash is installed) is:
{
"network":{
"servers": [ "192.168.1.102:5002" ],
"timeout": 15,
"ssl ca": "/etc/pki/tls/certs/logstash-forwarder.crt" },
"files": [
{
"paths":[ "/var/log/app-log/allapp.json" ],
"fields": { "type": "json" }
}
]
}
my elasticsearch.yml is:
network.host: localhost
when i enter tail -f /var/log/logstash-forwarder/logstash-forwarder.err in terminal i get this:
2015/09/04 11:33:05.282495 Waiting for 1 prospectors to initialise
2015/09/04 11:33:05.282544 Launching harvester on new file: /var/log/app-log/allapp.json
2015/09/04 11:33:05.282591 harvest: "/var/log/app-log/allapp.json" (offset snapshot:0)
2015/09/04 11:33:05.283709 All prospectors initialised with 0 states to persist
2015/09/04 11:33:05.283806 Setting trusted CA from file: /etc/pki/tls/certs/logstash-forwarder.crt
2015/09/04 11:33:05.284254 Connecting to [192.168.1.102]:5002 (192.168.1.102)
2015/09/04 11:33:05.417174 Connected to 192.168.1.102
the allapp.json file has been update frequently and new log add in it but in above I never see the log which looks like :
Registrar received 1 events
Registrar received 23 events ...
In addition i have another client with logstash-forwarder to send its logs to kibana, logstash-forwarder on that client works correctly and logs from that shown in kibana but at this one client doesn't.
All result in kibana are look like this:
Time file
September 4th 2015, 06:14:00.942 /var/log/suricata/eve.json
September 4th 2015, 06:14:00.942 /var/log/suricata/eve.json
September 4th 2015, 06:14:00.942 /var/log/suricata/eve.json
September 4th 2015, 06:14:00.942 /var/log/suricata/eve.json
I want to see logs from /var/log/app-log/allapp.json too in kibana, what is problem? why they aren't shown in kibana? why one client work correctly but logstash-forwarder on same system with logstash doesn't work?
I'm trying to configure the shovel plugin via the config file (running in docker) but I get this error:
BOOT FAILED
===========
Error description:
{error,{failed_to_cluster_with,[rabbit#dalmacpmfd57],
"Mnesia could not connect to any nodes."}}
The config is set up this way because the destination for shovel will be created on demand when a dev environment is spun up... the source is a permanent rabbitmq instance running that the new, dev environment will attach to.
Here is the config file contents:
[
{rabbitmq_shovel,
[{shovels,
[{indexer_replica_static,
[{sources,
[{broker, [ "amqp://guest:guest#rabbitmq/newdev" ]},
{declarations,
[{'queue.declare', [{queue, <<"Indexer_Replica_Static">>}, durable]},
{'queue.bind',[ {exchange, <<"Indexer">>}, {queue, <<"Indexer_Replica_Static">>}]}
]
}
]
},
{destinations,
[{broker, "amqp://"},
{declarations, [ {'exchange.declare', [ {exchange, <<"Indexer_Replica_Static">>}
, {type, <<"fanout">>}, durable]},
{'queue.declare', [
{queue, <<"Indexer_Replica_Static">>},
durable]},
{'queue.bind',
[ {exchange, <<"Indexer_Replica_Static">>}
, {queue, <<"Indexer_Replica_Static">>}
]}
]
}
]
},
{queue, <<"Indexer_Replica_Static">>},
{prefetch_count, 0},
{ack_mode, on_confirm},
{publish_properties, [ {delivery_mode, 2} ]},
{reconnect_delay, 2.5}
]
}
]
},
{reconnect_delay, 2.5}
]
}
].
[UPDATE]
This is being run in docker but since I couldn't debug the issue in docker I tried booting up rabbit locally with the same config file. I noticed in the logs that the rabbit config system variable I set (RABBITMQ_CONFIG_FILE) isn't reflected in the log and the shovel settings haven't been applied (no surprise huh). I verified the variable with an echo statement and the correct path is displayed: /dev/rabbitmq_server-3.3.4/rabbitmq
=INFO REPORT==== 3-Sep-2014::15:30:37 ===
node : rabbit#dalmacpmfd57
home dir : /Users/e002678
config file(s) : (none)
cookie hash : n6vhh8tY7Z+uR2DV6gcHUg==
log : /usr/local/rabbitmq_server-3.3.4/sbin/../var/log/rabbitmq/rabbit#dalmacpmfd57.log
sasl log : /usr/local/rabbitmq_server-3.3.4/sbin/../var/log/rabbitmq/rabbit#dalmacpmfd57- sasl.log
database dir : /usr/local/rabbitmq_server-3.3.4/sbin/../var/lib/rabbitmq/mnesia/rabbit#dalmacpmfd57
Thanks!