I'm trying to enable a new post authentication handler in order to use the authenticated user info. I tried to follow this guide: https://docs.wso2.com/display/IS570/Writing+a+Post-Authentication+Handler#WritingaPost-AuthenticationHandler-ByreturningaPostAuthnHandlerFlowStatus using the sample code in https://github.com/wso2/samples-is/tree/master/etc/sample-post-authentication-handler
So I created the jar of sample-post-authentication-handler and i putted it in the dropins server folder, and disclaimer.jsp in the authenticationendpoint folder.
I run the server and I logged with a sample application, but the handler doesn't fire.
I tried to put logs on DisclaimerPostAuthnHandlerServiceComponent and DisclaimerPostAuthenticationHandler, I enabled the log4j log level of the package. In the end, I tried to log with system.out, but I never see in the server log something about the registration of the handler.
I think the DisclaimerPostAuthnHandlerServiceComponent is ignored, so the handler is not registered.
Where I'm wrong?
I'm using wso2 5.7.0 and I'm really new to wso2 and osgi.
Seems you have built the master branch source code https://github.com/wso2/samples-is/tree/master/etc/sample-post-authentication-handler and obtained the jar and tried to use it with IS-5.7.0
But, the samples are available in the master branch might not compatible with the previous releases due to dependency updates.
When I tried the sample-post-authentication-handler jar file built from the master branch, it won't get activated properly in IS-5.7.0. It's in installed state due to the failure of resolving required dependencies.
NOTE: Check the "Useful OSGi commands to debug" section of https://medium.com/p/482f6e5e3ea5 to understand how we can check whether the OSGi bundles are activated or not.
Can you try the sample-post-authentication-handler in tag v1.0.0? It's compatible with Is-5.7.0
https://github.com/wso2/samples-is/tree/v1.0.0/sample-post-authentication-handler/src/main
Related
NewBie here. I am struggling with adding SNMP connector to my ESB project. As per https://docs.wso2.com/display/ESBCONNECTORS/Configuring+SNMP+Inbound+Operations
Step1) I created folders and added files to /home/repository/components/dropins
and home/repository/components/libs
Step2) I then created inbound-endpoint for SNMP in my EI editor.
since my inbound Endpoint editor design layout looked different from wso2 tutorial i mentioned above, I copied Inbound Configuration from tutorial.
Step3) I also went ahead and created sequence as request.xml [took code from tutorial]
When I deployed my Inbound EP and sequence, I am getting
ERROR - GenericEventBasedListener Class org.wso2.carbon.inbound.snmp.SNMPListeningConsumer not found. Please check the required class is added to the classpath.
**java.lang.ClassNotFoundException: org.wso2.carbon.inbound.snmp.SNMPListeningConsumer cannot be found by synapse-core_2.1.7.wso2v80**
What else should I do to get my SNMP files in to classpath? I have restarted my server and SNMP connector is available on the Palette in EI 6.4.0.
The above ClassNotFoundException should be a result of not having the correct classes in the OSGi layer upon server startup due to missing JAR files. The following JAR files should be available in the EI server in the corresponding folders and the server needs to be restarted.
org.apache.synapse.snmp.listen.class-x.x.x.jar - <EI_HOME>/dropins
snmp4j-x.x.x.jar - <EI_HOME>/lib
The dropins directory should contain only the OSGi bundles and the lib directory should have the NON-OSGi bundles. Upon server startup even the NON-OSGi JAR files will be converted to OSGi with a corresponding JAR file in the dropins directory.
The best way to troubleshoot this kind of a ClassNotFoundException is to access the OSGi console of WSO2 carbon-based products. Any unsatisfied constraints of the OSGi bundle can be identified easily with a couple of commands as explained in https://movingaheadblog.blogspot.com/2014/01/how-to-debug-wso2-carbon-products-using.html
I make plug-in to jarfile. and I copy to jarfile in dropin folder. (reference https://docs.wso2.com/display/CEP410/Building+Custom+Event+Receivers)
I execute wso2 cep. command is './wso2server.sh -DosgiConsole'. and 'osgi > ss event-adaptor-name' checked ACITVE!
but WSO2 Management web page is not exist. 'Input Event Adapter Type' of my event is not exist.
I check to 'osgi > bundle event-adaptor-id'
The result is
No registered services.
How to registerd service in WSO2 CEP?
I use eclipse, not using maven. I use plug-in project.
Exposing Custom Event Receiver as an OSGI Service section in WSO2 CEP 4.1.0 documentation gives an example as how to register the custom adapter as an OSGI service.
With reference to the same document pointed above, following is the point where the custom adapter register itself under the OutputEventAdapterFactory service.
context.getBundleContext().registerService(OutputEventAdapterFactory.class.getName(),
emailEventAdaptorFactory, null);
If it is successfully registered, you will see "osgi > bundle event-adaptor-id" result as something similar to:
osgi> bundle org.wso2.carbon.event.output.adapter.email
org.wso2.carbon.event.output.adapter.email_5.0.10 [215]
Id=215, Status=ACTIVE Data Root=/home/userx/wso2cep-4.1.0/repository/components/default/configuration/org.eclipse.osgi/bundles/215/data
"Registered Services"
{org.wso2.carbon.event.output.adapter.core.OutputEventAdapterFactory}={service.id=117}
(please note that I have not posted the complete output above, for the sake of clarity of the answer)
We plan to add a Policy Enforcement Point (PEP) into the WAS post login and transaction code handled by the WebSphere 8.5 "full" version. Our preliminary tests did throw unusual error messages, which pointed to an issue with loading of the AXIS web service classes and its belonging resource definition. The error showed up at the SSL protocol setup pointed to a missing key- and trust-store, or wrong location.
What handled the error was to change the Java class loader defaults in the browser administrative console, replacing the default PARENT-FIRST class loader behaviour, updating it to the new value of PARENT-LAST which gives preference to the web service classes directly delivered by the application. We also moved .jar libraries belonging to the Balana framework into the standard WEB_INF/lib directory. Having this updated, the application started to execute entitlement connections sending it to WSO2 IS server, interacting with the XACML PDP framework, sending and receiving XACML requests.
I'm refering to the following article
http://wso2.com/library/articles/2010/10/using-xacml-fine-grained-authorization-wso2-platform/
I would like to use the sample echoService from the WSO2 AS over a secured proxy in WSO2 ESB in combination with the Identity Server for fine-grained authorization. All the settings mentioned on this page seem to work, however I am stuck concerning the client part. I use NetBeans and the given client code, but the .jars in the classpath there have older versions then the ones in the current version of WSO2 IS, so I started to exchange them manually. Now I get some exceptions like
Exception in thread "main" java.lang.NoSuchMethodError: org.apache.xml.security.transforms.Transform.init()V
and I am stuck again. I just want to test the echoService in this constellation and send some string over the ESB via IS and receive the response(if I have the appropriate role) from the AS, is there not another client or how could I test it else?
Thank you!
I can suggest you 3 options:
Use SoapUI to test the service which is the easiest way to test a web service.
Generate the stub for the service and have stub as the dependency in your client. You can use the WSDL2Java tool that ship with AS. Loging to AS --> Tools in left pane --> WSDL2Java --> Provide the wsdl URL and generate the stub jar.
Generate correct dependency libs. Go to [IS-Home]/bin folder, and issue that command "ant" to run the build.xml, this will copy all required libs to [IS-HOME]/repository/lib/ folder. Have them in your class path.
I am configuring our API Manager, but running into troubles authenticating via OAuth, seems to be an issue with the API Key Manager. I haven't dug into it yet, but does this come with the API Manager (as I have assumed) or is this a separate installation?
I had the same issue when using the wso2 api manager on a Amazon hosted machine, turn out that Thrift was not working correctly because some problem with multicasting and broadcasting.
What I did to get it working was to switch from ThriftClient to WSClient. If you have a huge amount of requests coming in then Thrift is the recommended solution from wso2 but in any "normal" case you will not have any differences between thrift and WS.
Here is how you switch:
Shut down the API Manager
Open up <api manager install dir>\repository\conf\api-manager.xml
Find ThriftClient
Change this to
<KeyValidatorClientType>WSClient</KeyValidatorClientType>
Start the API Manager
You may get some Warnings while starting up but, try it before you jump to the conclusion that it doesn't work.
Hope it helps!
you can use APIM manager product in a distributed setup as keymanger,gateway,store,publisher..but all functionality come in a single distribution.. ..
Go through the documentation for further guides
I was facing the same issue. Everything started when I created my own jks in order to use SSL without a self-signed certificate. I successfully created the jks and changed it in the carbon file. When I started the server, everything seemed ok; but when I used SOAPUI to test an API call, I got this (in the logs of the api manager):
APIAuthenticationHandler API authentication failure due to Unclassified Authentication Failure
I started digging what was the problem by enabling Debug level in the log4j.properties file, and then tried again a tested with SOAPUI and I got:
APISecurityException: Could not connect to <my api ip address> on port 10397
Then, I read the comment of OneMuppet and I checked that file and I found that the Thrift config has a host option, so I uncommented it:
<KeyValidatorClientType>ThriftClient</KeyValidatorClientType>
<ThriftClientPort>10397</ThriftClientPort>
<ThriftClientConnectionTimeOut>10000</ThriftClientConnectionTimeOut>
<ThriftServerPort>10397</ThriftServerPort>
This Line --> <ThriftServerHost>localhost</ThriftServerHost>
<EnableThriftServer>true</EnableThriftServer>
Save, restarted the server and everything start working correctly.
I got the same below issue after my installation, when i try to invoke the api service it is throwing below error:
900900 Unclassified Authentication Failure Error while accessing backend services for API key validation
After some random checks i have seen the axis2.xml file in /repository/conf/axis2 there it is refering a differnt ip's instead. I change these ip's to my local ip and restarted. The issue is resolved now.
I was facing the same issue. when I was trying to setup API Manager as an API Gateway in a different machine as per the steps given here,
https://docs.wso2.com/display/AM250/Publish+through+Multiple+API+Gateways
Once the setup is done and when I am trying to use this gateway URL, I was getting the below response,
{"fault":{"code":900900,"message":"Unclassified Authentication Failure","description":"Error while accessing backend services for API key validation"}}
After changing the KeyValidatorClientType value to WSClient from ThriftClient on the <api manager install dir>\repository\conf\api-manager.xml
It started working fine. And I was able to get the expected response.
If you changed the admin password, then you also have to update the repository/conf/api-manager.xml file with the new password. The 2 places I have changed (so far) are:
<AuthManager>
and
<APIKeyManager>
but there are other admin usernames in that file. No doubt, I'll get to them....