Merge remote-tracking branch 'origin/reboot/GH647/improvedConformance…

…Testing' into reboot/GH647/improvedConformanceTesting
zowe · Aug 10, 2023 · 97c96e4 · 97c96e4
2 parents efd68e7 + 9b09532
commit 97c96e4
Show file tree

Hide file tree

Showing 3 changed files with 29 additions and 26 deletions.
diff --git a/...ice/src/main/java/org/zowe/apiml/gateway/security/service/zosmf/AbstractZosmfService.java b/...ice/src/main/java/org/zowe/apiml/gateway/security/service/zosmf/AbstractZosmfService.java
@@ -151,7 +151,7 @@ protected String getURI(String zosmf) {
     protected RuntimeException handleExceptionOnCall(String url, RuntimeException re) {
         if (re instanceof ResourceAccessException) {
             if (re.getCause() instanceof SSLHandshakeException) {
-                apimlLog.log("org.zowe.apiml.security.auth.zosmf.sslError");
+                apimlLog.log("org.zowe.apiml.security.auth.zosmf.sslError", re.getMessage());
             } else {
                 apimlLog.log("org.zowe.apiml.security.serviceUnavailable", url, re.getMessage());
             }

diff --git a/gateway-service/src/main/resources/gateway-log-messages.yml b/gateway-service/src/main/resources/gateway-log-messages.yml
@@ -113,26 +113,26 @@ messages:
       text: "Configuration error when trying to establish JWT producer. Events: %s"
       reason: "A problem occurred while trying to make sure that there is a valid JWT producer available. A possible cause of the problem is that API ML does not recognize the authentication type used by z/OSMF."
       action: >
-        Based on the specific information in the message, verify that the key configuration is correct, or alternatively, that z/OSMF is available. If z/OSMF is available, specify the authentication type used by z/OSMF in your configuration settings.\n
-        \n
-        Use the following configuration format:\n
-        ```\n
-          apiml:\n
-            security:\n
-              auth:\n
-                zosmf:\n
-                  jwtAutoconfiguration:\n
-        ```\n
-        Apply one of the following values:\n
-        \n
-        * **auto**\n
-          Signifies that API ML is enabled to resolve the JWT producer\n
-        \n
-        * **jwt**\n
-          Signifies that z/OSMF supports JWT (APAR PH12143 is applied)\n
-        \n
-        * **ltpa**\n
-          Signifies that z/OSMF does not support JWT"
+        Based on the specific information in the message, verify that the key configuration is correct, or alternatively, that z/OSMF is available. If z/OSMF is available, specify the authentication type used by z/OSMF in your configuration settings.
+
+        Use the following configuration format:
+        ```
+          apiml:
+            security:
+              auth:
+                zosmf:
+                  jwtAutoconfiguration:
+        ```
+        Apply one of the following values:
+
+        * **auto**
+          Signifies that API ML is enabled to resolve the JWT producer
+
+        * **jwt**
+          Signifies that z/OSMF supports JWT (APAR PH12143 is applied)
+
+        * **ltpa**
+          Signifies that z/OSMF does not support JWT
 
     - key: org.zowe.apiml.gateway.keys.unknown
       number: ZWEAG714
@@ -397,10 +397,13 @@ messages:
       number: ZWEAG182
       type: ERROR
       text: >
-        SSL Misconfiguration, z/OSMF is not accessible. Please verify the following: \n
-          - CN (Common Name) and z/OSMF hostname have to match.\n
-          - Certificate is expired\n
-          - TLS version match\n
+        SSL Misconfiguration, z/OSMF is not accessible.
+        Message: %s
+        Please verify the following:
+          - CN (Common Name) and z/OSMF hostname have to match.
+          - Certificate is expired
+          - TLS version match
+          - z/OSMF server certificate is trusted in Zowe's truststore
         Enable debugging to see further details in stack trace
       reason: "z/OSMF connection has an incorrect configuration."
       action: "Verify z/OSMF connection details. Verify z/OSMF can be accessed with HTTPS"

diff --git a/...service/src/test/java/org/zowe/apiml/gateway/security/service/zosmf/ZosmfServiceTest.java b/...service/src/test/java/org/zowe/apiml/gateway/security/service/zosmf/ZosmfServiceTest.java
@@ -857,7 +857,7 @@ void givenSSLError_thenFalseAndException() {
                 assertTrue(values.length() > 0);
                 assertTrue(values.contains("ResourceAccessException accessing"), values);
 
-                verify(apimlLogger, times(1)).log("org.zowe.apiml.security.auth.zosmf.sslError");
+                verify(apimlLogger, times(1)).log("org.zowe.apiml.security.auth.zosmf.sslError", "resource access exception; nested exception is javax.net.ssl.SSLHandshakeException: handshake exception");
             }
 
             @Test