Code Monkey home page Code Monkey logo

as2-peppol-server's Introduction

Hello world ๐Ÿ‘‹

Profile views

as2-peppol-server's People

Contributors

phax avatar

Stargazers

avatar avatar avatar avatar avatar avatar avatar avatar

Watchers

avatar avatar avatar avatar avatar avatar

Forkers

mpasture 292388900 ugursaykili

as2-peppol-server's Issues

Create a standalone server

Create a standalone server that is able to send and receive documents.

Configuration

  • Use SML or SMK?
  • Sending folder
  • Sending error folder
  • Receiving folder
  • Receiving error folder
  • Certificate configuration
    • For sending documents, the AP certificate is needed

Sending

  • Send documents based on a drop folder on hard drive
    • Using WatchDir to watch for changes in a certain directory
  • StandardBusinessDocument with business content (UBL) must be available for sending
    • Receiving participant ID, document type and process ID must be extracted from SBDH
  • Only AS2 messages can be send
  • On failed sending, messages are moved to error directory

Receiving

  • All UBL document types are read
  • All files are written into a single directory.
    • The written file contains SBD + UBL
  • It's up to the receiver to handle it

Usage of certificates and the key/truststores.

Disclaimer: I'm aware that this is not a complete demo and that features are missing and I read #1, Yet...

I started to create a non-peppol plain SBD(H) based AS2 servlet 'server' based on as2-peppol-server (just removed the UBL/Peppol content checks) and concentrated on receiving messages first to see if AS2-lib was/is compatible with our own AS2 software.

As mentioned, I know and understand that this as2-peppol-server project is an 'example', not finished and should be used as a kick-off. But we have to decide fully start from scratch based on as2-lib and as2-servlet (which already helps a lot), or continue to investigate if the approach that is taken in this server should be extended. Borth have advantages and disadvantages. But several issue seem to be at least part of the core of AS2-Lib and that makes it hard to decide. I encountered serveral issues and will post seperate ones in github. This is the first.

When starting the server, the keystore can be a relative path and seems to initialize APKeyManager and checking for the right 'alias' also from as2-server.properties. When receiving documents for this alias decrypting the message, the APKeyManager does not seem to be used. At least the following error occurs

com.helger.as2lib.cert.CertificateNotFoundException: Type: RECEIVER, Alias: KukelsAS2ID
	at com.helger.as2lib.cert.CertificateFactory.internalGetCertificate(CertificateFactory.java:178) ~[classes/:?]
	at com.helger.as2lib.cert.AbstractCertificateFactory.getCertificate(AbstractCertificateFactory.java:66) ~[classes/:?]
	at com.helger.as2lib.processor.receiver.net.AS2ReceiverHandler.decrypt(AS2ReceiverHandler.java:152) ~[classes/:?]
	at com.helger.as2lib.processor.receiver.net.AS2ReceiverHandler.handleIncomingMessage(AS2ReceiverHandler.java:436) ~[classes/:?]
	at com.helger.as2servlet.AbstractAS2ReceiveXServletHandler.handeIncomingMessage(AbstractAS2ReceiveXServletHandler.java:165) ~[classes/:?]
	at com.helger.as2servlet.AbstractAS2ReceiveXServletHandler.onRequest(AbstractAS2ReceiveXServletHandler.java:201) ~[classes/:?]
	at com.helger.xservlet.AbstractXServlet._invokeHandler(AbstractXServlet.java:337) ~[ph-xservlet-9.0.1.jar:9.0.1]
	at com.helger.xservlet.AbstractXServlet.service(AbstractXServlet.java:515) ~[ph-xservlet-9.0.1.jar:9.0.1]
	at javax.servlet.http.HttpServlet.service(HttpServlet.java:790) ~[javax.servlet-api-3.1.0.jar:3.1.0]
	at com.helger.xservlet.AbstractXServlet.service(AbstractXServlet.java:570) ~[ph-xservlet-9.0.1.jar:9.0.1]
	at org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:856) ~[jetty-servlet-9.4.9.v20180320.jar:9.4.9.v20180320]
	at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:535) ~[jetty-servlet-9.4.9.v20180320.jar:9.4.9.v20180320]
	at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:146) ~[jetty-server-9.4.9.v20180320.jar:9.4.9.v20180320]
	at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:548) ~[jetty-security-9.4.9.v20180320.jar:9.4.9.v20180320]
	at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:132) ~[jetty-server-9.4.9.v20180320.jar:9.4.9.v20180320]
	at org.eclipse.jetty.server.handler.ScopedHandler.nextHandle(ScopedHandler.java:257) ~[jetty-server-9.4.9.v20180320.jar:9.4.9.v20180320]
	at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:1595) ~[jetty-server-9.4.9.v20180320.jar:9.4.9.v20180320]
	at org.eclipse.jetty.server.handler.ScopedHandler.nextHandle(ScopedHandler.java:255) ~[jetty-server-9.4.9.v20180320.jar:9.4.9.v20180320]
	at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1253) ~[jetty-server-9.4.9.v20180320.jar:9.4.9.v20180320]
	at org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:203) ~[jetty-server-9.4.9.v20180320.jar:9.4.9.v20180320]
	at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:473) ~[jetty-servlet-9.4.9.v20180320.jar:9.4.9.v20180320]
	at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:1564) ~[jetty-server-9.4.9.v20180320.jar:9.4.9.v20180320]
	at org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:201) ~[jetty-server-9.4.9.v20180320.jar:9.4.9.v20180320]
	at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1155) ~[jetty-server-9.4.9.v20180320.jar:9.4.9.v20180320]
	at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:144) ~[jetty-server-9.4.9.v20180320.jar:9.4.9.v20180320]
	at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:132) ~[jetty-server-9.4.9.v20180320.jar:9.4.9.v20180320]
	at org.eclipse.jetty.server.Server.handle(Server.java:531) ~[jetty-server-9.4.9.v20180320.jar:9.4.9.v20180320]
	at org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:352) ~[jetty-server-9.4.9.v20180320.jar:9.4.9.v20180320]
	at org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:260) ~[jetty-server-9.4.9.v20180320.jar:9.4.9.v20180320]
	at org.eclipse.jetty.io.AbstractConnection$ReadCallback.succeeded(AbstractConnection.java:281) ~[jetty-io-9.4.9.v20180320.jar:9.4.9.v20180320]
	at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:102) ~[jetty-io-9.4.9.v20180320.jar:9.4.9.v20180320]
	at org.eclipse.jetty.io.ChannelEndPoint$2.run(ChannelEndPoint.java:118) ~[jetty-io-9.4.9.v20180320.jar:9.4.9.v20180320]
	at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.doProduce(EatWhatYouKill.java:319) ~[jetty-util-9.4.9.v20180320.jar:9.4.9.v20180320]
	at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.tryProduce(EatWhatYouKill.java:175) ~[jetty-util-9.4.9.v20180320.jar:9.4.9.v20180320]
	at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.produce(EatWhatYouKill.java:139) ~[jetty-util-9.4.9.v20180320.jar:9.4.9.v20180320]
	at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:754) [jetty-util-9.4.9.v20180320.jar:9.4.9.v20180320]
	at org.eclipse.jetty.util.thread.QueuedThreadPool$2.run(QueuedThreadPool.java:672) [jetty-util-9.4.9.v20180320.jar:9.4.9.v20180320]
	at java.lang.Thread.run(Thread.java:745) [?:1.8.0_102]

When debugging, it seems that in CertificatFactory.java

      m_aKeyStore = createNewKeyStore (eKeyStoreType);

is called, and a few lines later

load (getFilename (), getPassword ());

which in turn calls

default void load (@Nonnull final String sFilename, @Nonnull final char [] aPassword) throws OpenAS2Exception
{
  final InputStream aFIS = FileHelper.getInputStream (new File (sFilename));
  load (aFIS, aPassword);
}

In this, the file is read as an file and not from the classpath and returns a null inputStream. The actual load in BouncyCastle does not throw an error when aFIS is null, so the previously empty created m_aKeyStore is used which does not contain any certificates, resulting in the error above when accessed (the 'null' check before in public KeyStore getKeyStore () is useless).

It seems the certificate/keystore usage is either not stable or did not get enough attention

Making the keystore in as2-server.properties absolute an absolute file it does work.

Second and related issue is that for Sending encrypted messages, this same PKCS12 keystore is used and not the APTrustStore or whatever. And the same

protected X509Certificate internalGetCertificate (@Nullable final String sAlias,
                                                @Nullable final ECertificatePartnershipType ePartnershipType) throws OpenAS2Exception

method for the keytore is called which is by default the PKCS12 keystore of the server and not a truststore. So the certificate of the remote party cannot be found by its alias.

The Response Message without Content-Type Header

When i try to send an invoice from Difi's test endpoint to my server application, the application returns a response message without Content-Type header in response. But other case (when i send a message from my client application which uses as2-peppol-client) no problems occur.

I share my log files above:

tomcat-stdout.log

[2018-11-09T14:42:09,358] [PEPPOL-AS2-SERVER] [WARN ] [https-jsse-nio-443-exec-9] No content type on HTTP 200 response to POST 'https://peppoltest.visionplus.com.tr/as2-peppol-server/as2' -- com.helger.xservlet.filter.XServletFilterConsistency.checkContentType(XServletFilterConsistency.java:141)

localhost_access_log.txt

93.94.10.249 - - [09/Nov/2018:14:42:09 +0300] "POST /as2-peppol-server/as2 HTTP/1.1" 200 -

And also a document can't save a document

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.