"can not get JSON data from message target 'Request'" occurs in Validate JSON Schema assertion
Article ID: 129740
Updated On:
Products
STARTER PACK-7
CA Rapid App Security
CA API Gateway
Issue/Introduction
When request content (JSON) is manipulated with Execute JavaScript assertion placed at the beginning of policy definition in request with large content length (about over 1MB), the following error occurs.
2019-03-11T13:44:44.327+0900 WARNING 1371 com.l7tech.external.assertions.jsonschema.server.ServerJSONSchemaAssertion: Cannot get JSON data from message target 'Request'. Details: Unable to parse JSON: MIME multipart body has already been read, and was not saved
2019-03-11T13:44:44.336+0900 SEVERE 1371 com.l7tech.server.SoapMessageProcessingServlet: MIME multipart body has already been read, and was not saved
com.l7tech.common.mime.NoSuchPartException: MIME multipart body has already been read, and was not saved
2019-03-11T13:44:44.342+0900 WARNING 1371 com.l7tech.server.audit.MessageSummaryAuditFactory: Unable to get request XML: MIME multipart body has already been read, and was not saved
This problem does not occur when the length of the content is small. (less than 1MB)
2019-03-11T13:44:44.327+0900 WARNING 1371 com.l7tech.external.assertions.jsonschema.server.ServerJSONSchemaAssertion: Cannot get JSON data from message target 'Request'. Details: Unable to parse JSON: MIME multipart body has already been read, and was not saved
2019-03-11T13:44:44.336+0900 SEVERE 1371 com.l7tech.server.SoapMessageProcessingServlet: MIME multipart body has already been read, and was not saved
com.l7tech.common.mime.NoSuchPartException: MIME multipart body has already been read, and was not saved
2019-03-11T13:44:44.342+0900 WARNING 1371 com.l7tech.server.audit.MessageSummaryAuditFactory: Unable to get request XML: MIME multipart body has already been read, and was not saved
This problem does not occur when the length of the content is small. (less than 1MB)
Cause
The root cause of the problem is not having enough privileges to read physical file system.
FYI, larger message which cannot fit in single buffer will be stashed to physical file system by gateway.
And, javascript engine (nashorn) executes the script in sandbox mode for security purposes.
FYI, larger message which cannot fit in single buffer will be stashed to physical file system by gateway.
And, javascript engine (nashorn) executes the script in sandbox mode for security purposes.
Environment
Release:
Component: APIGTW
Component: APIGTW
Resolution
Workaround:
Add the below entries in /opt/SecureSpan/Gateway/runtime/etc/ssg.policy and restart the gateway.
grant {
permission java.io.FilePermission "/opt/SecureSpan/Gateway/node/default/var/attachments", "read,write";
permission java.io.FilePermission "/opt/SecureSpan/Gateway/node/default/var/attachments/*", "read,write,delete";
}
NOTE: Above attachements directory is default one for stashing the messages. It could be different if it is configured through com.l7tech.server.attachmentDirectory system property.
Add the below entries in /opt/SecureSpan/Gateway/runtime/etc/ssg.policy and restart the gateway.
grant {
permission java.io.FilePermission "/opt/SecureSpan/Gateway/node/default/var/attachments", "read,write";
permission java.io.FilePermission "/opt/SecureSpan/Gateway/node/default/var/attachments/*", "read,write,delete";
}
NOTE: Above attachements directory is default one for stashing the messages. It could be different if it is configured through com.l7tech.server.attachmentDirectory system property.
Feedback
Yes
No
Powered by
