I'm new to google-app-engine and I'm trying to migrate a PHP site that currently uses the meekrodb class for mysql (http://www.meekro.com/) to connect to a db stored with my webhost with access enable from any IP.
When I run the site on the local app-engine instance there are no issues, but when I deploy it I get an error 500 error with the following log:
90.202.109.98 - - [12/Jul/2015:04:31:36 -0700] "GET / HTTP/1.1" 500 0 - "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/43.0.2357.130 Safari/537.36" "*.appspot.com" ms=145 cpu_ms=0 loading_request=1 exit_code=204 instance=00c61b117ce2904f41b4d706f60338b416a908e1 app_engine_release=1.9.23
The page being run was index.php and it did nothing except load up the class and DB attributes (which works fine alone), but when I add the following code:
DB::query('select * from places');
The error occurs, again, only on the remote instance.
Any thoughts on why?
Figured it out, it's because my db is remotely hosted and Google doesn't allow that for free apps. I'd have to enable sockets. See https://stackoverflow.com/a/20254933/1254900
Related
I am trying to host alexa skill on my webservice.
For testing purpose, I am using ngrok to generate https webservice url.
I have added the URL into alexa configuration.
When I try to test the service, I can see my local ngrok server is receiving the request as below.
GET /alexa/service/processrequest
Summary
Headers
Raw
Binary
GET /alexa/service/processrequest HTTP/1.1
Host: 9286ef9a.ngrok.io
Cache-Control: max-age=0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/71.0.3578.98 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
X-Forwarded-Proto: https
X-Forwarded-For: 49.248.168.79
However, its not reaching to my webservice/skill code which I am debugging through eclipse remote breakpoints.
In ngrok, I can see an error below:
HTTP/1.1 400
Content-Type: text/plain;charset=ISO-8859-1
Connection: close
Bad Request
This combination of host and port requires TLS.
I have configured spring-boot to run on https port 443 by generating a self signed certificate. The same certificate is uploaded to alexa developer console.
If I hit my webservice url in google chrome using ngrok url, it gives same error:
But if i use localhost in my url, then chrome is able to detect the https as below:
I am not able to locate the root cause.
Can anyone here please help me ?
I have found answer to my question and I am posting it so that it can help others to understand what to do in above scenario.
Spring-boot was creating https endpoint for my webservice on port 443.
In chrome, if I hit this port with https url, it was working but if i hit this port with http url, the error was coming as in above screenshot.
So, overall, spring-boot was saying that a request is coming to an http endpoint when it was supposed to be received at https endpoint.
The culprit was NGROK. :-(
Though, ngrok was creating an https endpoint for public access, it was not creating https tunnel from ngrok client (running on my pc) to tomcat server.
Using -tls option, ngrok supports https/tls tunneling but that happens only in paid plans of ngrok.
Similar to ngrok, I also explored localtunnel, but it too has the same problem of tls tunneling.
The workaround
Since, I was doing all this to debug skill development on my local machine, I tried other option of certificate provision mentioned at point 2 here.
This option allows me to use local web server as http only which now can be well supported by ngrok or localtunnel. :-)
So, following steps I had taken to enable debugging Alexa Skill during developemnt:
Use 2nd option of SSL Provisioning in Alexa Web Console.
Removed local SSL endpoints and run tomcat on plain http instead of https.
Used ngrok https endpoint in Alexa web console.
we can sign up on ngrok and set the authtoken (Steps on https://dashboard.ngrok.com/get-started/your-authtoken)
Then use ngrok http https://localhost:8081, then ngrok forwards it to https
Activity ID: 00000000-0000-0000-4d00-0080000000c0
Error time: Wed, 27 Jul 2016 21:27:20 GMT
Cookie: enabled
User agent string: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.84 Safari/537.36
seems it is caused because of Form based authentication not enabled for ADFS. Solution for ADFS 3.0 is available and documented by Microsoft. Could not find working solution for ADFS 2.0 - form based auth configuration to resolve the above error.
Windows event logs shows:
EventID 364
Version 0
Data Saml
Data https://localhost:8443/spring-security-saml2-sample/saml/metadata
Data Microsoft.IdentityServer.Web.InvalidScopeException: MSIS7007: The requested relying party trust 'https://localhost:8443/spring-security-saml2-sample/saml/metadata' is unspecified or unsupported. If a relying party trust was specified, it is possible that you do not have permission to access the trust relying party. Contact your administrator for details. at Microsoft.IdentityServer.Web.Protocols.Saml.SamlSignInContext.Validate() at Microsoft.IdentityServer.Web.Protocols.Saml.SamlProtocolHandler.GetRequiredPipelineBehaviors(ProtocolContext pContext) at Microsoft.IdentityServer.Web.PassiveProtocolListener.OnGetContext(WrappedHttpListenerContext context)
Any insight will be helpful.
Based on what you outputted, it looks like ADFS 3.0. So, https://blogs.msdn.microsoft.com/samueld/2015/06/05/office-modern-auth-adfs-making-it-work/ should help you.
You should not have seen an issue on ADFS 2.0 if it is the same issue unless your ADFS environment is not using the defaults. To change local authentication type in ADFS 2.x see http://social.technet.microsoft.com/wiki/contents/articles/1600.ad-fs-2-0-how-to-change-the-local-authentication-type.aspx
Thanks, Sam (#MrADFS)
Recently I moved a application into different Tomcat server environment and for some users who are accessing my application outside network getting Status 403 access forbidden error. Intranet users have no issues, only few outside network users alone facing this issue.Even i tested it from outside network and its working fine for me. Tomcat version is 6.0.18. Please help me to find some idea about this issue.There is no credential for login into this application.
Successful user getting below log
IP Address - - [16/Jul/2015:08:27:20 -0500] "POST /AppName/Main.jsp HTTP/1.1" 200 12403
Other user(facing issue) getting below log
IP Address - - [16/Jul/2015:08:30:16 -0500] "GET /AppName/Main.jsp HTTP/1.1" 403 964
I don't know how its getting changed with "GET" & "POST" for different users.
Found the root cause of this issue, In that new server those particular IPs are being blocked for some reasons through context.xml.
With my webapp users can upload images as blobs in GAE. I want an easy connection between the article and the images (blobs) so I tried the following:
class Article(db.Model):
blobs = db.ListProperty(db.Key)
and then in the blobstoreuploadhandler:
for upload in self.get_uploads():
try:
article.blobs.append(upload.key())
But then it gets an exception:
/upload_form 404 3753ms 1kb Mozilla/5.0 (Windows NT 6.1; rv:28.0) Gecko/20100101 Firefox/28.0 module=default version=leakagefix
0.1.0.30 - - [20/Mar/2014:04:46:27 -0700] "POST /upload_form HTTP/1.1" 404 1331 "http://www.koolbusiness.com/ai" "Mozilla/5.0 (Windows NT 6.1; rv:28.0) Gecko/20100101 Firefox/28.0" "www.koolbusiness.com" ms=3754 cpu_ms=2036 cpm_usd=0.000149 app_engine_release=1.9.1 instance=00c61b117c8167bb98b5f7f69bd68254df45fe64
E 2014-03-20 12:46:27.190
There was an exception:Items in the blobs list must all be Key instances
E 2014-03-20 12:46:27.216
Items in the blobs list must all be Key instances
Can you tell me how it should be done and what was wrong with this attempt?
Blob keys are different from Datastore keys. Use BlobKey class:
https://developers.google.com/appengine/docs/python/blobstore/blobkeyclass?hl=ja
I'm running some load tests using JMeter to get an idea of how my application performs under load on Google App Engine (Java).
When I hit around 100 virtual users my response time starts dropping, and I notice "throttle_code=4" appearing in the GAE log files (see below).
Does anyone know what this means? Is the fact that I'm making multiple requests from the same IP hitting some kind of automatic DDOS protection?
Thanks
---- request with"throttle_code=4"; when connecting from JMeter
07-05 05:11AM 58.917 /market/1234/history?pricebars=240 200 3651ms 19cpu_ms 35kb Java/1.5.0_16,gzip(gfe)
75.101.226.4 - - [05/Jul/2010:05:12:02 -0700] "GET /market/1234/history?pricebars=240 HTTP/1.1" 200 35566 - "Java/1.5.0_16,gzip(gfe)" "ci-pricehistory.appspot.com" ms=3652 cpu_ms=19 api_cpu_ms=0 cpm_usd=0.004527 pending_ms=3570 throttle_code=4
I 07-05 05:12AM 02.532
uk.co.cityindex.CandleServlet fetch: Loading 240 bars from cache...
I 07-05 05:12AM 02.558
uk.co.cityindex.CandleServlet fetch: time:47
---- request without "throttle" log; when connecting from browser
07-05 06:28AM 10.993 /market/1234/history?pricebars=240 200 69ms 19cpu_ms 7kb Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/533.4 (KHTML, like Gecko) Chrome/5.0.375.99 Safari/533.4,gzip(gfe)
80.169.172.178 - - [05/Jul/2010:06:28:11 -0700] "GET /market/1234/history?pricebars=240 HTTP/1.1" 200 7572 - "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/533.4 (KHTML, like Gecko) Chrome/5.0.375.99 Safari/533.4,gzip(gfe)" "ci-pricehistory.appspot.com" ms=69 cpu_ms=19 api_cpu_ms=0 cpm_usd=0.001423
I 07-05 06:28AM 11.031
uk.co.cityindex.CandleServlet fetch: Loading 240 bars from cache...
I 07-05 06:28AM 11.055
uk.co.cityindex.CandleServlet fetch: time:45
See (apparently) official Google answer here, though I'm not sure it totally answers the question.
It looks like your request is taking 3500ms. We autoscale up the number of instances servicing your requests as long as you maintain average milliseconds/request of 1000ms or under (we recommend 800ms, sub 400ms is optimal). If you run lots of long running requests, we will not spin up new instances for you and you will hit a scaling ceiling.
http://osdir.com/ml/GoogleAppEngine/2010-07/msg00165.html
Apparently, they throttle based on your 'efficiency,' but it looks like your original request was only 69ms. Was your app's average ms/req higher because of other requests, possibly? It seems like a weird tactic NOT spin up because your app is slow if your app is slow because it hasn't yet spun up...
The other thing I notice is that your test request through JMeter is 35kb vs the 7kb of the other request - does your app's data increase under testing load? Headers piling up?