WSO2 5.11 Console trying to reach localhost instead server - wso2

I have WSO2 IS 5.11 installed on a server under https://server1.wso2.com.
When Im trying to reach new console app Im getting redirected to:
https://localhost:9443/oauth2/token/.well-known/openid-configuration
and then to authorize endpoint:
https://localhost:9443/oauth2/authorize?response_type=code&client_id=CONSOLE&scope=SYSTEM%20openid&redirect_uri=https://server1.wso2.com/console/login&response_mode=query&code_challenge_method=S256&code_challenge=sa3xryaGoX1IoyxZJfoIrE3tAJPUjep30j6izcDtOtc
Why Im getting redirected to localhost:9443? I checked my configuration and there is no localhost in resident IdP.

This can happen due to the server configurations set on WSO2IS, to change that go to <IS-HOME>/repository/conf directory and open deployment.toml configuration file and change the
[server]
hostname = "https://server1.wso2.com"
Also, you can check load balancer configurations/ port mapping and opening ports from the server configurations from the server that you use.

Related

change port in wso2 sample

I am executing sample programm of wso2. I have installed wso2is on different machine and tomcat is on local machine. I have changed localhost:9443 to my ipaddress(eg 192.168.1.xxx) from travelocity.properties and avi.properties. But when I execute sample from click on login button it always redirecting me localhost and giving error.
I think you need to try the following,
While the tomcat is running,
Open the travelocity.war with an archive manager
Edit the travelocity.properties file,
update SAML2.IdPURL value
eg : SAML2.IdPURL=https://192.168.1.7:9443/samlsso
Save and update the travelocity.com web app
Restart the tomcat server just to be sure (You don't really have to do this since tomcat hot deploys once it detects a change)
I tried this locally and it redirected me to the IP address I put in SAML2.IdpURL. Clearly the problem seems to be a configuration error on the travelocity.com web app side :)
You need to change <HostName> and <MgtHostName> attributes at repository/conf/carbon.xml of your Identity Server with your IP address. By default they are set as localhost, so when logging it will be redirected to location specified there.

WSO2 Admin Console HTTP Access

I have been trying to configure the WSO2 Admin console for HTTP access and not HTTPS. I have a load balancer infant of my WSO2 ESB server that will terminate the inbound HTTPS connections and forward to the WSO2 server as HTTP.
I have tried various different configurations in the catalina-server.xml file without any success. It either does not work at all or when connecting using HTTP it simply redirects to HTTPS, even after removing the 'redirect' setting from the HTTP connector configuration.
I have spent several hours 'playing' and searching for something similar on the web to no avail.
Hopefully someone here has done something similar or can help.
Regards,
Graham
I'm using wso2 esb 4.8.1,Go to the following location in your esb carbon server ,
CARBON_HOME\repository\conf open carbon.xml file and uncomment the following line
<!-- Enable accessing Admin Console via HTTP -->
<EnableHTTPAdminConsole>true</EnableHTTPAdminConsole>
and you will have HTTP access to your wso2esb admin console. After enabling HTTP access, you can access the admin console via port 9763.

Running SonarQube on internal Web Server

I am trying to make Sonarqube working on a virtual machine, IP 192.168.0.150, running on a production server (Win Server 2012 R2). I need also to access it from the Internet. Thus, I created a new website in IIS on the Physical server enabling the reverse proxy and redirecting everything to 192.168.0.150. This apparently works: I can access successfully the dashboard from any remote pc.
The problem is: when i try to login, sonarqube redirects to 192.168.0.150. As you can easily imagine this blows up everything from a remote pc.
I tried everything in sonar.web.host and sonar.host.url but nothing.
I tried an Outbound rule in IIS to overwrite 192.168.0.150 with my website address but it doesn't work with gzip compression.
What can I do?
Thanks
Resolved.
I had to check "Reverse rewrite host in response headers" option in IIS -> Machine -> Application Request Routing Cache -> Server Proxy Settings.

WSO2 EMM emm-agent-android download

I have successefully installed WSO2 EMM.
Now, i want to download the emm-agent-android app.
I accessed from my adroid device to my_url:9443/emm -> Device management and i clicked on "Enroll a device" button.
I got this follewed url : my_url:9443/emm/api/device_enroll that i accessed from may device and i clicked on "Download Agent" button.
I got be then redirected to the url: http://my_url:9763/emm/client_app/emm-agent-android.apk web page not found
So I change the url to https://my_url:9443/emm/client_app/emm-agent-android.apk
The download starts but with failure what is the problem?
I assume you have logged to the EMM console using admin / tenant admin credentials for at-least once. If the everything works fine the address to download the agent should be something like "http://10.100.5.37:9763/emm/client_app/emm-agent-android.apk". Make sure you have the client app in "/repository/deployment/server/jaggeryapps/emm/client_app" folder. Try to invoke the download agent address directly from the browser without going through "https://my_url:9443/emm/api/device_enroll". You can not download the agent from "https" endpoint unless the SSL setup is configured properly.
I have checked that the emm-agent-android.apk is in "/repository/deployment/server/jaggeryapps/emm/client_app" but the url "http://my_ip:9763/emm/client_app/emm-agent-android.apk" not found
So I checked listening ports netstat | grep 9443 show lines but nestat|grep 9763 display nothing Is there config file to edit?
Is your Device and the Server in the same network? (Unless your server is hosted in a proper host and it has a public IP which you can access from anywhere)

IE10 Page can't be displayed, other browsers can

I started with a problem connecting to a webservice on a remote server [internal] from a custom made program.
We tested the ws from Firefox and Chrome - both latest and it connects instantly. But in IE10 (latest version for windows 2012 not R2) we get a page can't be displayed error:
Make sure the web address https://remoteserver:9443 is correct.
Look for the page with your search engine.
Refresh the page in a few minutes.
Make sure TLS and SSL protocols are enabled. Go to Tools > Internet Options > Advanced > Settings > Security
I think that IE10 and our program are using the same system libraries, and thats the reason both cannot connect to the web service. If i solve the problem with IE i presume that i could connect to the ws from the program.
The url port is custom and OK as other browsers work. IE10 can open HTTPS connection to other remote servers.
I tried:
flushing DNS setting,
reinstalling the CA certificate. Certificate is valid in chrome.
enabling TLS1.0, TLS1.1, TLS1.2, SSLv3 and SSLv2
telnet to remote server on port 9443 works
Using developer tool in IE simulated IE 9, IE8, ...
ping to remote sever works
nslookup finds the remote server
What could be the cause of this issue?
A combination of hardening for PCI DSS(securing servers) and the webservice provider not announcing protocols that were enabled was causing the issue.
Moving the server out of PCIDSS policy made the webservice connection function normally.
The changes were displayed only after restarting the server, because of registry modification.
Thanks to #Steffen Ullrich for driving me in the right direction.