Use CXFRS component in combination with an http-conduit definition with wildcards

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

Use CXFRS component in combination with an http-conduit definition with wildcards

Myriam Khairallah
Hello,

for the record, we are using:
- Fuse ESB 7.1.0.fuse-047
- Camel 2.10.0.fuse-71-047
- CXF 2.6.0.fuse-71-047
- JDK 1.7
- JBOss EAP 6.3

and we encounter a problem using the Camel CXFRS component in combination with an http-conduit definition.

It seems the wildcards one should be able to use in the http-conduit name is not taken into account
(http://cxf.apache.org/docs/client-http-transport-including-ssl-support.html#ClientHTTPTransport%28includingSSLsupport%29-Theconduitelement).

Here its definition in our bundle-context.xml:

    <http:conduit name="*.http-conduit">
        <http:tlsClientParameters disableCNCheck="true">
           <sec:trustManagers>
                <sec:keyStore type="JKS" password="#{decryptedTruststorePassword}" file="${trustStore.file.ics}" />
            </sec:trustManagers>
            <sec:cipherSuitesFilter>
                <sec:include>.*.*</sec:include>
                <sec:exclude>.*40_.*</sec:exclude>
                <sec:exclude>.*_RSA_WITH_DES_CBC_SHA.*</sec:exclude>
                <sec:exclude>.*_RSA_WITH_3DES_EDE_CBC_SHA.*</sec:exclude>
            </sec:cipherSuitesFilter>
        </http:tlsClientParameters>
        <http:client ReceiveTimeout="${cxfReceiveTimeout}" ConnectionTimeout="${cxfConnectionTimeout}" ProxyServer="${proxy.server}" ProxyServerPort="${proxy.port}" NonProxyHosts="${proxy.nonProxyHosts}" />
    </http:conduit>


The Camel route, deployed on Fuse, uses the Camel CXFRS component for the call of a REST service running on a JBOss server. A typical call would be:
cxfrs://https://localhost:8443/invitation-code-service/checkCode/param1/param2/param3

This leads to following log entries:

2015-07-30 08:35:29,477 | DEBUG | tp1076592703-174 | TrustDecisionUtil                | 120 - org.apache.cxf.cxf-rt-transports-http - 2.6.0.fuse-71-047 | No Trust Decider for Conduit '{htt
ps://localhost:8443/invitation-code-service/checkCode/param1/param2/param3}WebClient.http-conduit'. An afirmative Trust Decision is assumed.
2015-07-30 08:35:29,493 | DEBUG | tp1076592703-174 | PhaseInterceptorChain            | 90 - org.apache.cxf.cxf-api - 2.6.0.fuse-71-047 | Invoking handleFault on interceptor org.apache.cxf.interceptor.MessageSenderInterceptor$MessageSenderEndingInterceptor@7d909223
2015-07-30 08:35:29,493 | DEBUG | tp1076592703-174 | PhaseInterceptorChain            | 90 - org.apache.cxf.cxf-api - 2.6.0.fuse-71-047 | Invoking handleFault on interceptor org.apache.cxf.interceptor.MessageSenderInterceptor@64e182ae
2015-07-30 08:35:29,493 | DEBUG | tp1076592703-174 | PhaseInterceptorChain            | 90 - org.apache.cxf.cxf-api - 2.6.0.fuse-71-047 | Invoking handleFault on interceptor org.apache.cxf.ws.policy.PolicyOutInterceptor@26da3556
2015-07-30 08:35:29,493 | WARN  | tp1076592703-174 | PhaseInterceptorChain            | 90 - org.apache.cxf.cxf-api - 2.6.0.fuse-71-047 | Interceptor for {https://localhost:8443/invitation-code-service/checkCode/param1/param2/param3}WebClient has thrown exception, unwinding now
org.apache.cxf.interceptor.Fault: Could not send Message.
        at org.apache.cxf.interceptor.MessageSenderInterceptor$MessageSenderEndingInterceptor.handleMessage(MessageSenderInterceptor.java:64)[90:org.apache.cxf.cxf-api:2.6.0.fuse-71-047]
        at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:262)[90:org.apache.cxf.cxf-api:2.6.0.fuse-71-047]
        at org.apache.cxf.jaxrs.client.WebClient.doChainedInvocation(WebClient.java:795)
        at org.apache.cxf.jaxrs.client.WebClient.doInvoke(WebClient.java:743)
        at org.apache.cxf.jaxrs.client.WebClient.doInvoke(WebClient.java:717)
        at org.apache.cxf.jaxrs.client.WebClient.invoke(WebClient.java:262)
        at org.apache.camel.component.cxf.jaxrs.CxfRsProducer.invokeHttpClient(CxfRsProducer.java:155)
        at org.apache.camel.component.cxf.jaxrs.CxfRsProducer.process(CxfRsProducer.java:87)
        at org.apache.camel.util.AsyncProcessorConverterHelper$ProcessorToAsyncProcessorBridge.process(AsyncProcessorConverterHelper.java:61)
        at org.apache.camel.util.AsyncProcessorHelper.process(AsyncProcessorHelper.java:73)
        at org.apache.camel.processor.RoutingSlip$2.doInAsyncProducer(RoutingSlip.java:287)
        at org.apache.camel.impl.ProducerCache.doInAsyncProducer(ProducerCache.java:298)
        at org.apache.camel.processor.RoutingSlip.processExchange(RoutingSlip.java:280)
        at org.apache.camel.processor.RoutingSlip.doRoutingSlip(RoutingSlip.java:205)
        at org.apache.camel.processor.RoutingSlip.process(RoutingSlip.java:135)
        at org.apache.camel.util.AsyncProcessorHelper.process(AsyncProcessorHelper.java:73)
        at org.apache.camel.processor.DelegateAsyncProcessor.processNext(DelegateAsyncProcessor.java:99)
        at org.apache.camel.processor.DelegateAsyncProcessor.process(DelegateAsyncProcessor.java:90)
        at org.apache.camel.management.InstrumentationProcessor.process(InstrumentationProcessor.java:73)
        at org.apache.camel.util.AsyncProcessorHelper.process(AsyncProcessorHelper.java:73)
        at org.apache.camel.processor.DelegateAsyncProcessor.processNext(DelegateAsyncProcessor.java:99)
        at org.apache.camel.processor.DelegateAsyncProcessor.process(DelegateAsyncProcessor.java:90)
        at org.apache.camel.processor.interceptor.TraceInterceptor.process(TraceInterceptor.java:163)
        at org.apache.camel.util.AsyncProcessorHelper.process(AsyncProcessorHelper.java:73)
        at org.apache.camel.processor.DelegateAsyncProcessor.processNext(DelegateAsyncProcessor.java:99)
        at org.apache.camel.processor.DelegateAsyncProcessor.process(DelegateAsyncProcessor.java:90)
        at org.apache.camel.fabric.FabricTraceProcessor.process(FabricTraceProcessor.java:81)
        [...]
Caused by: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
        at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)[:1.7.0_72]
        at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1884)[:1.7.0_72]
        at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:276)[:1.7.0_72]
        at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:270)[:1.7.0_72]
        at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1439)[:1.7.0_72]
        at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:209)[:1.7.0_72]
        at sun.security.ssl.Handshaker.processLoop(Handshaker.java:878)[:1.7.0_72]
        at sun.security.ssl.Handshaker.process_record(Handshaker.java:814)[:1.7.0_72]
        at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1016)[:1.7.0_72]
        at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1312)[:1.7.0_72]
        at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1339)[:1.7.0_72]
        at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1323)[:1.7.0_72]
        at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:563)[:1.7.0_72]
        at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185)[:1.7.0_72]
        at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1300)[:1.7.0_72]
        at java.net.HttpURLConnection.getResponseCode(HttpURLConnection.java:468)[:1.7.0_72]
        at sun.net.www.protocol.https.HttpsURLConnectionImpl.getResponseCode(HttpsURLConnectionImpl.java:338)[:1.7.0_72]
        at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleResponseInternal(HTTPConduit.java:1604)[120:org.apache.cxf.cxf-rt-transports-http:2.6.0.fuse-71-047]
        at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleResponse(HTTPConduit.java:1530)[120:org.apache.cxf.cxf-rt-transports-http:2.6.0.fuse-71-047]
        at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.close(HTTPConduit.java:1438)[120:org.apache.cxf.cxf-rt-transports-http:2.6.0.fuse-71-047]
        ... 266 more
Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
        at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:385)[:1.7.0_72]
        at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:292)[:1.7.0_72]
        at sun.security.validator.Validator.validate(Validator.java:260)[:1.7.0_72]
        at sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:326)[:1.7.0_72]
        at sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:231)[:1.7.0_72]
        at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:126)[:1.7.0_72]
        at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1421)[:1.7.0_72]
        ... 281 more
Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
        at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:196)[:1.7.0_72]
        at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:268)[:1.7.0_72]
        at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:380)[:1.7.0_72]
        ... 287 more




If we define a fully http-conduit name like:
    <http:conduit name="{https://localhost:8443/invitation-code-service/checkCode/param1/param2/param3}WebClient.http-conduit">
   
it works.

Obviously, we can't use the http-conduit definition this way, as param1, param2 and param3 change for every call.

Why does it not work with wildcards ?

Regards,
Myriam
Reply | Threaded
Open this post in threaded view
|

Re: Use CXFRS component in combination with an http-conduit definition with wildcards

Sergey Beryozkin
Hi
This is either camel users or may be even CXF users list question, it is
most likely the old version of CXF, we have RS tests in CXF with
wildcard conduits

Trying newer Camel with the more recent CXF version should resolve it
Sergey
On 30/07/15 10:16, Myriam Khairallah wrote:

> Hello,
>
> for the record, we are using:
> - Fuse ESB 7.1.0.fuse-047
> - Camel 2.10.0.fuse-71-047
> - CXF 2.6.0.fuse-71-047
> - JDK 1.7
> - JBOss EAP 6.3
>
> and we encounter a problem using the Camel CXFRS component in combination
> with an http-conduit definition.
>
> It seems the wildcards one should be able to use in the http-conduit name is
> not taken into account
> (http://cxf.apache.org/docs/client-http-transport-including-ssl-support.html#ClientHTTPTransport%28includingSSLsupport%29-Theconduitelement).
>
> Here its definition in our bundle-context.xml:
>
>      <http:conduit name="*.http-conduit">
>          <http:tlsClientParameters disableCNCheck="true">
>             <sec:trustManagers>
>                  <sec:keyStore type="JKS"
> password="#{decryptedTruststorePassword}" file="${trustStore.file.ics}" />
>              </sec:trustManagers>
>              <sec:cipherSuitesFilter>
>                  <sec:include>.*.*</sec:include>
>                  <sec:exclude>.*40_.*</sec:exclude>
>                  <sec:exclude>.*_RSA_WITH_DES_CBC_SHA.*</sec:exclude>
>                  <sec:exclude>.*_RSA_WITH_3DES_EDE_CBC_SHA.*</sec:exclude>
>              </sec:cipherSuitesFilter>
>          </http:tlsClientParameters>
>          <http:client ReceiveTimeout="${cxfReceiveTimeout}"
> ConnectionTimeout="${cxfConnectionTimeout}" ProxyServer="${proxy.server}"
> ProxyServerPort="${proxy.port}" NonProxyHosts="${proxy.nonProxyHosts}" />
>      </http:conduit>
>
>
> The Camel route, deployed on Fuse, uses the Camel CXFRS component for the
> call of a REST service running on a JBOss server. A typical call would be:
> cxfrs://https://localhost:8443/invitation-code-service/checkCode/param1/param2/param3
>
> This leads to following log entries:
>
> 2015-07-30 08:35:29,477 | DEBUG | tp1076592703-174 | TrustDecisionUtil
> | 120 - org.apache.cxf.cxf-rt-transports-http - 2.6.0.fuse-71-047 | No Trust
> Decider for Conduit '{htt
> ps://localhost:8443/invitation-code-service/checkCode/param1/param2/param3}WebClient.http-conduit'.
> An afirmative Trust Decision is assumed.
> 2015-07-30 08:35:29,493 | DEBUG | tp1076592703-174 | PhaseInterceptorChain
> | 90 - org.apache.cxf.cxf-api - 2.6.0.fuse-71-047 | Invoking handleFault on
> interceptor
> org.apache.cxf.interceptor.MessageSenderInterceptor$MessageSenderEndingInterceptor@7d909223
> 2015-07-30 08:35:29,493 | DEBUG | tp1076592703-174 | PhaseInterceptorChain
> | 90 - org.apache.cxf.cxf-api - 2.6.0.fuse-71-047 | Invoking handleFault on
> interceptor org.apache.cxf.interceptor.MessageSenderInterceptor@64e182ae
> 2015-07-30 08:35:29,493 | DEBUG | tp1076592703-174 | PhaseInterceptorChain
> | 90 - org.apache.cxf.cxf-api - 2.6.0.fuse-71-047 | Invoking handleFault on
> interceptor org.apache.cxf.ws.policy.PolicyOutInterceptor@26da3556
> 2015-07-30 08:35:29,493 | WARN  | tp1076592703-174 | PhaseInterceptorChain
> | 90 - org.apache.cxf.cxf-api - 2.6.0.fuse-71-047 | Interceptor for
> {https://localhost:8443/invitation-code-service/checkCode/param1/param2/param3}WebClient
> has thrown exception, unwinding now
> org.apache.cxf.interceptor.Fault: Could not send Message.
>          at
> org.apache.cxf.interceptor.MessageSenderInterceptor$MessageSenderEndingInterceptor.handleMessage(MessageSenderInterceptor.java:64)[90:org.apache.cxf.cxf-api:2.6.0.fuse-71-047]
>          at
> org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:262)[90:org.apache.cxf.cxf-api:2.6.0.fuse-71-047]
>          at
> org.apache.cxf.jaxrs.client.WebClient.doChainedInvocation(WebClient.java:795)
>          at
> org.apache.cxf.jaxrs.client.WebClient.doInvoke(WebClient.java:743)
>          at
> org.apache.cxf.jaxrs.client.WebClient.doInvoke(WebClient.java:717)
>          at org.apache.cxf.jaxrs.client.WebClient.invoke(WebClient.java:262)
>          at
> org.apache.camel.component.cxf.jaxrs.CxfRsProducer.invokeHttpClient(CxfRsProducer.java:155)
>          at
> org.apache.camel.component.cxf.jaxrs.CxfRsProducer.process(CxfRsProducer.java:87)
>          at
> org.apache.camel.util.AsyncProcessorConverterHelper$ProcessorToAsyncProcessorBridge.process(AsyncProcessorConverterHelper.java:61)
>          at
> org.apache.camel.util.AsyncProcessorHelper.process(AsyncProcessorHelper.java:73)
>          at
> org.apache.camel.processor.RoutingSlip$2.doInAsyncProducer(RoutingSlip.java:287)
>          at
> org.apache.camel.impl.ProducerCache.doInAsyncProducer(ProducerCache.java:298)
>          at
> org.apache.camel.processor.RoutingSlip.processExchange(RoutingSlip.java:280)
>          at
> org.apache.camel.processor.RoutingSlip.doRoutingSlip(RoutingSlip.java:205)
>          at
> org.apache.camel.processor.RoutingSlip.process(RoutingSlip.java:135)
>          at
> org.apache.camel.util.AsyncProcessorHelper.process(AsyncProcessorHelper.java:73)
>          at
> org.apache.camel.processor.DelegateAsyncProcessor.processNext(DelegateAsyncProcessor.java:99)
>          at
> org.apache.camel.processor.DelegateAsyncProcessor.process(DelegateAsyncProcessor.java:90)
>          at
> org.apache.camel.management.InstrumentationProcessor.process(InstrumentationProcessor.java:73)
>          at
> org.apache.camel.util.AsyncProcessorHelper.process(AsyncProcessorHelper.java:73)
>          at
> org.apache.camel.processor.DelegateAsyncProcessor.processNext(DelegateAsyncProcessor.java:99)
>          at
> org.apache.camel.processor.DelegateAsyncProcessor.process(DelegateAsyncProcessor.java:90)
>          at
> org.apache.camel.processor.interceptor.TraceInterceptor.process(TraceInterceptor.java:163)
>          at
> org.apache.camel.util.AsyncProcessorHelper.process(AsyncProcessorHelper.java:73)
>          at
> org.apache.camel.processor.DelegateAsyncProcessor.processNext(DelegateAsyncProcessor.java:99)
>          at
> org.apache.camel.processor.DelegateAsyncProcessor.process(DelegateAsyncProcessor.java:90)
>          at
> org.apache.camel.fabric.FabricTraceProcessor.process(FabricTraceProcessor.java:81)
>          [...]
> Caused by: javax.net.ssl.SSLHandshakeException:
> sun.security.validator.ValidatorException: PKIX path building failed:
> sun.security.provider.certpath.SunCertPathBuilderException: unable to find
> valid certification path to requested target
>          at
> sun.security.ssl.Alerts.getSSLException(Alerts.java:192)[:1.7.0_72]
>          at
> sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1884)[:1.7.0_72]
>          at
> sun.security.ssl.Handshaker.fatalSE(Handshaker.java:276)[:1.7.0_72]
>          at
> sun.security.ssl.Handshaker.fatalSE(Handshaker.java:270)[:1.7.0_72]
>          at
> sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1439)[:1.7.0_72]
>          at
> sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:209)[:1.7.0_72]
>          at
> sun.security.ssl.Handshaker.processLoop(Handshaker.java:878)[:1.7.0_72]
>          at
> sun.security.ssl.Handshaker.process_record(Handshaker.java:814)[:1.7.0_72]
>          at
> sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1016)[:1.7.0_72]
>          at
> sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1312)[:1.7.0_72]
>          at
> sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1339)[:1.7.0_72]
>          at
> sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1323)[:1.7.0_72]
>          at
> sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:563)[:1.7.0_72]
>          at
> sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185)[:1.7.0_72]
>          at
> sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1300)[:1.7.0_72]
>          at
> java.net.HttpURLConnection.getResponseCode(HttpURLConnection.java:468)[:1.7.0_72]
>          at
> sun.net.www.protocol.https.HttpsURLConnectionImpl.getResponseCode(HttpsURLConnectionImpl.java:338)[:1.7.0_72]
>          at
> org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleResponseInternal(HTTPConduit.java:1604)[120:org.apache.cxf.cxf-rt-transports-http:2.6.0.fuse-71-047]
>          at
> org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleResponse(HTTPConduit.java:1530)[120:org.apache.cxf.cxf-rt-transports-http:2.6.0.fuse-71-047]
>          at
> org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.close(HTTPConduit.java:1438)[120:org.apache.cxf.cxf-rt-transports-http:2.6.0.fuse-71-047]
>          ... 266 more
> Caused by: sun.security.validator.ValidatorException: PKIX path building
> failed: sun.security.provider.certpath.SunCertPathBuilderException: unable
> to find valid certification path to requested target
>          at
> sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:385)[:1.7.0_72]
>          at
> sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:292)[:1.7.0_72]
>          at
> sun.security.validator.Validator.validate(Validator.java:260)[:1.7.0_72]
>          at
> sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:326)[:1.7.0_72]
>          at
> sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:231)[:1.7.0_72]
>          at
> sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:126)[:1.7.0_72]
>          at
> sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1421)[:1.7.0_72]
>          ... 281 more
> Caused by: sun.security.provider.certpath.SunCertPathBuilderException:
> unable to find valid certification path to requested target
>          at
> sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:196)[:1.7.0_72]
>          at
> java.security.cert.CertPathBuilder.build(CertPathBuilder.java:268)[:1.7.0_72]
>          at
> sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:380)[:1.7.0_72]
>          ... 287 more
>
>
>
>
> If we define a fully http-conduit name like:
>      <http:conduit
> name="{https://localhost:8443/invitation-code-service/checkCode/param1/param2/param3}WebClient.http-conduit">
>
> it works.
>
> Obviously, we can't use the http-conduit definition this way, as param1,
> param2 and param3 change for every call.
>
> Why does it not work with wildcards ?
>
> Regards,
> Myriam
>
>
>
>
> --
> View this message in context: http://camel.465427.n5.nabble.com/Use-CXFRS-component-in-combination-with-an-http-conduit-definition-with-wildcards-tp5770096.html
> Sent from the Camel Development mailing list archive at Nabble.com.
>


--
Sergey Beryozkin

Talend Community Coders
http://coders.talend.com/

Blog: http://sberyozkin.blogspot.com