While working with the Fiorano platform, on certain occasions, you may encounter some unforeseen issues. Following are a few issues and their resolutions/workarounds, which help you work seamlessly.

Fixing Apache log4j Vulnerability

There exists a vulnerability as part of the JNDILookup feature in the log4j library for Fiorano version 11 and above. This can be fixed by removing the JNDILookup feature from the log4j library. Install the Log4jVulnerability patch by following this section to fix the same.

SpecificationDescription
Applicable VersionsFiorano 11 and above.
Applicable SystemsAll servers (both Primary and Secondary in case of HA) and eStudio.
Server Restart required?Yes
eStudio Restart required?

Yes

Icon

eStudio needs to be closed if and only if it's running on the same machine on which the patch is being applied.

Can be applied without downtime in HA mode?

Yes

Icon

It is possible to apply the patch with little or zero downtime (even if "Server Restart Required" is "Yes"), by following the steps below:

  1. Stop the Passive Server of the HA pair.
  2. Apply the patch.
  3. Once the remote server is in a standalone state, start the passive server.
  4. Once the remote server changes to the active state, stop the active server and let the passive server move to a standalone state.
  5. Apply the patch in the server that is stopped.
  6. Restart the server.

Installing the Patch

  1. Go to the log4j folder at FIORANO_HOME/extlib.
  2. Delete the jar file named "log4j-core-2.7.jar".


    Figure 1: Removing the log4j-core-2.7 file from the log4j folder

    Icon

    Do not rename the file instead of deleting it! In case a backup is required, cut and paste it outside FIORANO_HOME.

  3. Click the following link to download the patch:

    Icon

    A Zip file named "Log4jVulnerability" gets downloaded.


  4. Extract files in the Log4jVulnerability zip file and copy the folder named "Log4jVulnerability".


    Figure 2: Copying the Log4jVulnerability folder from the extracted files

  5. Paste the Log4jVulnerability folder at the location $FIORANO_HOME/patch.


    Figure 3: Pasting the copied folder in the 'patch' folder

  6. Open the command prompt at $FIORANO_HOME/patch and use the following command:

  7. When prompted for the patch number, enter the number corresponding to the patch name - Log4jVulnerability.

The patch will be applied and necessary files to uninstall the patch will be created.

Uninstalling the Patch

  1. Open the console in $FIORANO_HOME/patch directory and type the following command:

  2. When prompted for the patch number, enter the number corresponding to the patch name - Log4jVulnerability.

The patch will be uninstalled.

 

Setting the hostname 

The types of errors encountered when the correct hostname is not set on the machine are:

1: Error caused by java.net.UnknownHostException: SERVER2-SOAServer02: SERVER2-SOAServer02
2.1: Error occured when the correct hostname is not set in the FES machine and the FPS machine is started

While the error above can be seen on the console, if the user checks the esberr.log file of the peer server in runtime data, the following error can be seen:

2.2: Error displayed in the esberr.log file when the correct hostname is not set in the FES machine and the FPS server is started
3: Error occured while adding Breakpoint from eStudio

Solution

Icon

Check whether the hostname -i command in the terminal / command prompt gives the correct in-use IP address of the host, if not, modify the hosts file.

The hosts file is used by the operating system to map hostnames to IP addresses. To set the hostname, modify the hosts file which contains lines of text consisting of an IP address in the first text field followed by one or more host names. Follow the steps below to modify the file.

For Linux

To edit the hosts file present in the etc folder, perform the actions below:

  1. To open the /etc/hosts file, open the terminal, switch to superuser and use the command:

  2. In the hosts file that opens, locate the old hostname, which resembles one of the lines below:
    1. <ip_address> <your-old-hostname> <your-old-hostname>.<domain>
    2. <ip_address> <your-old-hostname>
       
  3. Replace the old hostname with the correct hostname and save the hosts file.
  4. In the terminal, type the command:

  5. To see if the hostname has been set properly, use the command:

For windows

The hosts file is present in C:\Windows\System32\Drivers\etc\hosts. To modify the file, perform the actions below:

  1. Do one of the following to execute the Run command:
    1. Go to Start > Run
    2. Press Windows key + R
  2. Open the hosts file present at C:\Windows\System32\Drivers\etc in a notepad using the command:

    Icon

    A user should have administrative rights to edit the hosts file.

  3. In the hosts file that opens, locate the old hostname which resembles one of the lines below:
    1. <ip_address> <your-old-hostname> <your-old-hostname>.<domain>
    2. <ip_address> <your-old-hostname>
    Example
  4. Replace the old hostname with the correct hostname.
  5. Save the file.

To change the computer name, if required, perform the actions below:

  1. Click on the Start button, right-click Computer, and then select the Properties option.
  2. Under the Computer name tab click the Change settings button.
  3. In the Computer description text field,  type the correct hostname, and then click OK. If the computer is part of a domain,  provide the name and password of an account that has the permission to rename the computer in the domain.
  4. Restart the system following the prompt.
  5. After the system restarts, check the hostname,

    1. Open the command prompt by going to Start > Run and Enter "cmd".

    2. Check the hostname by executing the command:

Error while installing Fiorano Platform on the Linux OS

An error as below may be encountered while installing using the Linux bin installer:

To avoid this sort of error while installing, InstallShield requires the Unix bc utility.

Install the Unix bc utility package using the command below and then re-run the installer:

Ubuntu/Debian
CentOS/RHEL/Fedora

 

 

Peer on Multi-homed machine

If the Peer server is started on a multi-homed machine, and launching EventProcesses is takes considerable time throwing timeout exceptions, then configure the MQ address (working) for the peer as below:

  1. Open FPS profile in Fiorano eStudio.
  2. Navigate through to Fiorano > socketAcceptors > ConnectionManager
  3. Set the ServerAddress property to the desired IP Address.

 

Firewall Issues

If a host running the server has a firewall which only allows connections on some specific ports, the firewall will need to be modified to allow connections from other ports.
If the host running the server is a multi-homed host where creating routes or breakpoints is causing problems, check if the connect URL of the server connection factories point to the IP address which is firewalled/barred from accepting connections.

  • If creating routes is causing issues, then:
    • Login to eStudio > ConnectionManagement > FES
    • Change connectURL of peer connection factories to the correct URL so they no longer point to a firewalled IP.
  • If creating breakpoints is causing issues, then:
    • Login to eStudio > ConnectionManagement > FES
    • Change connectURL of PRIMARYQCF, SERVICEPROVIDERQCF, CF, TCF to the correct URL so they no longer point to a firewalled IP.

eStudio login issue

If login to a server on remote machine is extremely slow, check if the Windows firewall is ON in the eStudio machine and disable it.

File encoding issue

When working with locales other than English, set the encoding property while working with mappings.

  • Add the following in %FIORANO_HOME%/eStudio/eStudio.ini

  • Navigate through to eStudio > Window > Preferences > Fiorano > SOA Orchestration > CPS Launch (Tab) > System Properties and add file.encoding as name and UTF-8 as Value.
  • Add file.encoding=UTF-8 at <java.system.props> in %FIORANO_HOME%/esb/fes/bin/fes.conf.

    Icon

    In case of multiple esb/fes servers, repeat this step for all esb/fes servers.

  • Add file.encoding=UTF-8 at <java.system.props> in %FIORANO_HOME%/esb/fps/bin/fps.conf.

    Icon

    In case of multiple peer/fps servers, repeat this step for all peer/fps servers.

Icon
  • If required, other encodings can be used in place of UTF-8.
  • If multi-byte characters are already used in mapper funclets (as constants), existing mappings or characters may get deleted or corrupted because of differences in encoding. Redrawing mappings is recommended when this scenario occurs.

 

 

Client Connections in Peer

If the following error occurs, then increase Client Connections within the Peer server:

  1. Open FPS profile in eStudio.
  2. Navigate through to Fiorano > socketAcceptors > ConnectionManager.
  3. Set the MaxClientConnectionsCount property to a value higher than 1024.

 

File Handles in Linux

If the following error is encountered, increase the system file handles:

Open the file limits.conf present at the location /etc/security and add the following lines at the end of the content:

  • soft      nofile    <noOfFileHandles>
  • hard     nofile    <noOfFileHandles>

 

Problems when Non-ascii Chars used in build.properties

If user is running CLI tools on Linux and the Applications/Services names contain non-ascii characters, the process may fail.

To resolve,

  1. Perform any one of the following
    1. either convert the file into unicode
      • native2ascii build.properties > newbuild.properties
    2. reconvert into ISO8859-1
      • iconv -f UTF-8 -t ISO8859-1 build.properties > newbuild.properties.
  2. Use the new build.properties file for CLI tasks.

 

JRE Problems

If the following error is observed upon running the Fiorano servers when a JRE(at <JRE PATH>) other than the one shipped is used, use the corresponding JDK or copy the JDK's jre\bin\server folder to <JRE PATH>\bin\server directory.

Icon

For more information, please refer to the link: http://www.oracle.com/technetwork/java/javase/jrereadme-182762.html

 

 

HA Troubleshooting

  1. SocketBindException says that the HA Port is already bound
    This exception indicates that some other program that is running on the HA port or the last instance of the server is not properly killed.
    Stop/kill the application which is holding up the port and start the server again or choose a different HA port. When is changed, there needs to be a change in the Backup Server configuration for the Backup Server port.
  2. None of the servers start
    Both the servers are in WAITING state and the Primary Server is trying to connect to its Backup Server.
    This exception indicates that the Backup Server IP and port numbers are wrong for both the server configurations.

    Example: A Server console cannot connect to the Backup Server.

    The figure below illustrates a situation where the server is not able to connect to the Backup Server. If it is already connected, then there is a problem with the configuration. The message prints the IP address and the port to which it is trying to connect to establish the HA channel.
    Check if the Backup Server is running in the printed IP address and port.


    Figure 4: Server unable to connect to the Backup Server
     
  3. One of the HA Servers is switched into Active or Passive Sync and it hangs at that point, but the other server seems to be in a WAITING state for a long time trying to connect to the Backup Server.
    This exception indicates that the configuration for the Backup Servers does not match the server still in the WAITING state, but the Backup Server still connects. This causes the Backup Server to hang indefinitely as it expects a Synchronization Complete Notification which never gets delivered.


    Figure 5: The server hanging in one of the synchronization states
     
  4. Both servers go to Standalone/Active state in replicated/shared mode if the network link between them is broken.
    This can happen if the servers do not refer to the same LockFile.
  5. The server in replicated mode shuts down on boot up
    This happens when the LockFile specified is not valid or the machine hosting the LockFile is not allowing the server to acquire a lock. Figure 3 illustrates the server shutting down on boot up.


    Figure 6: The server shutting down on bootup 



Handling "Client ID Already Exists" exception

This error can occur when the FES is force-closed when the breakpoints are in place or when the addition of a breakpoint fails due to some reason on a previous attempt. To resolve this scenario, the client corresponding to the previous connection needs to be removed. Follow the steps below and add the breakpoint again.

Identifying the Connection 

  1. Login to the ESB Dashboard. Under the Server Status node, select the Enterprise Server and then Select Connections. 
     
  2. Check for PTP connections related to unclosed break points. The connection names will have the pattern <CLIENT_ID>,<Number> .

    Icon

    Format of Client IDs:
    ESBX_SYSTEM<Event Process Name><Version><RouteName>C
    and
    ESBX
    SYSTEM<EventProcessName><Version><COMPONENT_NAME>_<RouteName>

  3. Copy the ClientIDs.


    Figure 7: Copying the ClientIDs

Closing Identified Connections

Icon

All the operations outlined have to be performed within the Connection Management perspective of eStudio.

  1. Log into FES-JMX and navigate to the AdminService node.


    Figure 8: Copying the ClientIDs

  2. Right-click the AdminService node and click ViewOperations. The AdminService dialog box is displayed.


    Figure 9: Viewing Operations

  3. Choose the operation disconnectClient(clientID) and provide the clientIDs from the above section.
     
  4. Click the disconnectClient button. A value 'true' will be seen in the Result tab and the client will get disconnected. 

Verify this by refreshing the dashboard list of connections found in the above section.

 

Issues while using SHA-2 certificates for Webservice Consumer

While using SHA-2 certificates for the Webservice Consumer component, there may be issues with keylength. To resolve/eliminate this issue, set the JAVA HOME path in runtime arguments of the component to JDK 1.8 (or higher versions) as a prerequisite.

Perform the following actions within eStudio to set the Java Home to JDK 1.8:

  1. Click the WebServiceConsumer component.
  2. In the component Properties, click the Runtime Arguments tab.
  3. On the right side, click the Value cell against JAVA_HOME and provide the location where JDK 1.8 is saved.

    Icon

    Download and install JDK 1.8 if it does not exist.


    Figure 10: Providing Java_Home

     

eStudio multi-user installs

In a Windows operating system with multiple users, when a user tries to launch eStudio installed in a different user in the system, eStudio may not get opened and displays a log message.

The log message gets saved at $Fiorano_Home\eStudio\configuration as in the figure below.


Figure 11: Error log in the "configuration" folder

Below is a screenshot of such an error log.


Figure 12: Error message in the Error log

Perform the following actions to resolve this issue:

  1. Open the eStudio ini file present at $Fiorano_Home\eStudio.


    Figure 13: eStudio ini file

  2. Add the following line, preferably as the last line:


    Figure 14: eStudio ini file with the line added to resolve the issue

Adaptavist ThemeBuilder EngineAtlassian Confluence