I'm using WSO2 API Manager 4.1.0, ad I configurated a Key Manager of type WSO2 Identity Server.
When I go to my application, to generate the token, I have the following exception:
https://pastebin.com/rjfxLiAA
Error occurred while executing SubscriberKeyMgtClient. org.wso2.carbon.apimgt.api.APIManagementException: Key Manager IS not configured
The IS is not beeing contacted, I have the same error stopping it, so it's only an apim error.
With the same APIM versione I can contact keycloak for example.
I'm running in server mode, openjdk 11
With API Manager 4.1.0, it is recommended to use WSO2 IS 5.11.0 - https://apim.docs.wso2.com/en/latest/install-and-setup/setup/reference/product-compatibility/#tested-wso2-products
Now I used the correct IS version, and I Have this exception:
https://pastebin.com/uRLDJPqx
TID: [-1234] [api/am/devportal] [2022-11-17 14:05:46,592] ERROR {org.wso2.carbon.apimgt.impl.AbstractKeyManager} - Can not create OAuth application : admin_151a9ace-ce5d-4d7b-9455-d82f909dbce4_PRODUCTION for application: 222 and key type: PRODUCTION org.wso2.carbon.apimgt.impl.kmclient.KeyManagerClientException: Received status code: 403 Reason:
Related
I'm unable login into Wso2 APIM and showing invalid login details but yesterday it was working fine and able to login.
Apim version: 3.2.0.
Identity server wso2 is-km: 5.10.0
I have not changed any of the configuration.
My Wso2 APIM is integrated with wso2 Is.
Below error:
2022-03-07 13:58:07,464] INFO - TimeoutHandler This engine will expire all callbacks after GLOBAL_TIMEOUT: 120 seconds, irrespective of the timeout action, after the specified or optional timeout
[2022-03-07 13:58:07,749] ERROR - OAuth2Service Error while finding application state for application with client_id: oYDtSc**************
After that tried logging into Wso2 Identify server with admin as usually but not data it showing like list of users and list of identity providers but previously I saw list of providers etc.
Please help me in this situation.
We are attempting to use the OAuth Mediator in Integration Studio to validate a token with the WSO2 Identity Server.
The token we are using is valid on the Identity Server because testing through SOAP UI returns a valid response. However, we are unable to do so using the OAuth Mediator in Integration Studio. We are using a password grant type.
When we attempt to pass the call through the OAuth mediator we receive the below errors:
WARN {org.apache.synapse.FaultHandler} - ERROR_EXCEPTION : org.apache.synapse.SynapseException: Error **occured while validating** oauth 2.0 access token
WARN {API_LOGGER.UserInfoRestAPI} - ERROR_CODE : 0 *ERROR_MESSAGE : Error occured while validating oauth 2.0 access token*
WARN {org.apache.synapse.FaultHandler} - FaultHandler : org.apache.synapse.mediators.MediatorFaultHandler#1f7c8500
WARN {org.apache.synapse.mediators.MediatorFaultHandler} - Executing fault handler mediator : org.apache.synapse.mediators.base.SequenceMediator
WARN {API_LOGGER.UserInfoRestAPI} - Executing fault sequence mediator : org.apache.synapse.mediators.base.SequenceMediator
For reference, we are using this documentation.
Calling the web service through SOAP UI returns successfully as shown here:
Information about the setup:
WSO2 Integration Studio: 7.0.2
WSO2 Identity Server: 5.10.0 (Running on port 9446)
All services are running on the same virtual machine
WSO2 EI 7.0.2 and even 6.6 are using org.wso2.carbon.identity.oauth.stub_6.1.0 containing oauth stub classes that are not compatible with WSO2 Identity Server 5.10. So what you need to do is:
Copy org.wso2.carbon.identity.oauth.stub_6.4.2,jar from WSO2 Identity Server to the wso2\components\plugins folder of the WSO2 EI 6.6 or 7.X
Update wso2\components\default\configuration\org.eclipse.equinox.simpleconfigurator\bundles.info replacing the old entry with the new updated one.
org.wso2.carbon.identity.oauth.stub,6.4.2,../plugins/org.wso2.carbon.identity.oauth.stub_6.4.2.jar,4,true
Restart.
The error should go away. However, this is not a very clean solution and maybe WSO2 should release a fix updating the WSO2 OAuth Mediator java classes.
While trying to configure Mutual SSL for an API, below error is thrown:
TID: [-1234] [] [2020-01-14 11:43:09,542] ERROR {org.wso2.carbon.apimgt.gateway.handlers.security.authenticator.MutualSSLAuthenticator} - Mutual SSL authentication failure
TID: [-1234] [] [2020-01-14 11:43:09,544] WARN {org.wso2.carbon.apimgt.gateway.handlers.security.APIAuthenticationHandler} - API authentication failure due to Invalid Credentials
<ams:fault xmlns:ams="http://wso2.org/apimanager/security"><ams:code>900901</ams:code><ams:message>Invalid Credentials</ams:message><ams:description>Invalid Credentials. Make sure you have provided the correct security credentials</ams:description></ams:fault>
For this API, only "Transport Level Security" is kept mandatory whereas "Application Level Security" is kept as optional. Please advise on how to achieve mutual SSL working on the wso2 API Manager 3.0.0
If you are watched this video, you will figure out how to achieve mutual SSL working on the WSO2 API Manager 3.0.0. It has clearly explained how mutual SSL working with WSO2 API manager
We are using WSO2 EI 6.1.1 and WSO2 Identity server of version 5.5.0. We have a requirement of using Oauth Mediator to validate the access token. I have a service provider registered with the identity server and generated the oauth2.0 bearer access token using curl command. I tried the Oauth2webservice to validate the authorization which was succeed and request going to identity server. But if I use the Oauth Mediator of WSO2 Integrator getting the below error message and the request is not going to identity server which was confirmed from the logs of identity server.Please help on it.Is there any other jar files or configuration settings needed for the same.
<oauthService remoteServiceUrl="https://localhost:9444/services/" username="admin" password="admin"/>
ERROR - OAuthMediator Error occured while validating oauth access token.java.lang.Exception: Error while validating OAuth2 request. at org.wso2.carbon.identity.oauth.mediator.OAuth2TokenValidationServiceClient.validateAuthenticationRequest(OAuth2TokenValidationServiceClient.java:61).
Caused by: org.apache.axis2.AxisFault: SSL peer failed hostname validation for name: null.at org.apache.axis2.AxisFault.makeFault(AxisFault.java:430)
I have the same issue and can't resolve, This bug has not been corrected yet
https://wso2.org/jira/browse/IDENTITY-5243
Having WSO2 API Manager 2.1.0 and WSO2 IS 5.3.0 KM (with prepackaged Key Manager) I set up the Key Manager as described in the documentation.
The main intention is authenticate and authorize users with other federated IdPs and add some authorization capabilities. My assumption is that users auhorized with WSO2IS will receive an OAuth token valid for the defined APP and API.
So far all on localhost with IS offset 1. I created an API, an application and that is usable from the API Store.
When trying to authorize a client through WSO2 IS using the code grant_type authorization:
https://localhost:9444/oauth2/authorize?response_type=code&client_id=KJTbkbFmcDvslo2fjhzfQkaBH3Ea&redirect_uri=http%3A//localhost%3A8080/test2/callback
I am asked for credentials and authorization grant (looks ok) and then I receive an exception on IS:
[2018-03-27 10:43:51,822] ERROR {org.apache.catalina.core.StandardWrapperValve} - Servlet.service() for servlet [OAuth2Endpoints] in context with path [/oauth2] threw exception
java.lang.RuntimeException: org.apache.cxf.interceptor.Fault
at org.apache.cxf.interceptor.AbstractFaultChainInitiatorObserver.onMessage(AbstractFaultChainInitiatorObserver.java:116)
...
Caused by: java.lang.NullPointerException
at org.wso2.carbon.identity.oauth.endpoint.authz.OAuth2AuthzEndpoint.authorize(OAuth2AuthzEndpoint.java:251)
at org.wso2.carbon.identity.oauth.endpoint.authz.OAuth2AuthzEndpoint.sendRequestToFramework(OAuth2AuthzEndpoint.java:1163)
at org.wso2.carbon.identity.oauth.endpoint.authz.OAuth2AuthzEndpoint.authorize(OAuth2AuthzEndpoint.java:135)
at org.wso2.carbon.identity.oauth.endpoint.authz.OAuth2AuthzEndpoint.authorizePost(OAuth2AuthzEndpoint.java:574)
What I assume I misconfigured some endpoint, however - any idea which service is invoked by the OAuth2AuthzEndpoint implementation or potential cause for this exception?
This is already reported in https://wso2.org/jira/browse/IDENTITY-5581.
You can WUM update the WSO2 IS 5.3.0 to resolve the issue.