Source : https://lms.wso2.com/courses/take/wso2-identity-server-fundamentals-v5-11/pdfs/22647862-practical-exercise-user-management
After following "LAB02 : User self-registration via my account" as mentioned in the source, I get the error mentioned in the screenshot and also corresponding deployment.toml can be seen in the screenshot. How to fix this error?
As per the ERROR traces in your terminal, your deployment.toml file contains some keys more than once.
eg: ERROR {org.wso2.config.mapper.TomlParser} - server previously defined at line 1, column 1 (line 79, column 1) means [server] configs are in the deployment.toml at line 1 and line 79.
You can't define the same key (eg: [server]) more than once in the deployment.toml file.
Check other ERRORs and remove the redundant configs.
You can find more details about toml configs by:
https://www.youtube.com/watch?v=BRWvtcV1T94&t=695s
https://www.youtube.com/watch?v=-WqZhUoK77I
Thanks Anuradha.
The above error message comes from Docker.
To keep things simple :
Today, I installed WSO2 in Windows.
Disable two factor authentication in GMAIL.
Enabled less secure app in GMAIL.
The source documentation worked as it is.
Related
I got one err: Error 405 -Method Not Allowed,
so, I want to enable SSO for IS,
then I modified <IS_HOME>/repository/conf/security/authenticators.xml.
but, after I restarted IS server, authenticators.xml be recovered to original value.
Finally, Error 405 still be showed.
Can you tell me how to enable SSO for IS?
Thanks much!
henry
If you have built the source code of the master branch, then it is 5.12.0-alpha10-SNAPSHOT If you download the zip here https://github.com/wso2/product-is/releases/tag/v5.11.0 it's IS-5.11.0
IS 5.9.0 onwards all configuration changes of XML files are maintained via a central location (deployment.toml). Therefore, in order to make your change navigate to <IS-HOME>/repository/conf/deployment.toml and add the following config. Then restart the server and check the relevant XML file. It should be changed.
[admin_console.authenticator.saml_sso_authenticator]
enable=true
Find more info about deployment.toml configuration model : https://www.youtube.com/watch?v=BRWvtcV1T94
I have one problem with API Manager.
I don't want to have logs of requests and responses in API Manager, because those log files are so big and I encounter files with 20G. I tried to comment Catalina access file, which is in repositoy/conf/tomcat/catalina-server.xml:
<Valve className="org.apache.catalina.valves.AccessLogValve"
directory="${carbon.home}/repository/logs"
prefix="http_access_"
suffix=".log"
pattern="combined"/>
Unfortunately, after commenting the above code, only http_access_.log file didn't created, but http_access_yyyy_mm_dd.log was created and requests saved in it. I tried to change directory of above file, too. Only file http_access_.log saved in new directory, and http_access_yyyy_mm_dd.log is still created in the ${carbon.home}/repository/logs directory.
How can change configuration of http_access_yyyy_mm_dd.log in wso2 API Manager?
According to the Apache Documentation,
The name of the file is composed by concatenation of the configured
prefix, timestamp and suffix
You can simply comment out the code snippet which you have mentioned which can be found in <PRODUCT_HOME>\repository\conf\tomcat\catalina-server.xml.
<Valve className="org.apache.catalina.valves.AccessLogValve" directory="${carbon.home}/repository/logs" prefix="http_access_" suffix=".log"b pattern="combined"/>
In simple comment the above code snippet in the mentioned file path and restart the WSO2 APIM server.
I'm getting blank pages when navigating the WSO2 ESB-4.9.0 management console. For example, the registry, templates, endpoints, and local entries pages are all blank when navigating to them in the console UI.
I've found the following errors in the logs:
Error during rendering
IO Error executing tag: JSPException while including path '/templates/list_templates.jsp'. ServletException while including page.
The ESB is running in a YAJSW Windows Service. I should note that the ESB runs fine when running straight from the command line, it's just when using the service wrapper.
Strainy
Since you mentioned that the ESB starts as a window service, in carbon 4.4.x, default wrapper.conf file needs to be updated with following additional entries.
wrapper.java.additional.26 = -Dwso2.carbon.xml=${carbon_home}\\repository\\conf\\carbon.xml
wrapper.java.additional.27 = -Dwso2.registry.xml=${carbon_home}\\repository\\conf\\registry.xml
wrapper.java.additional.28 = -Dwso2.user.mgt.xml=${carbon_home}\\repository\\conf\\user-mgt.xml
wrapper.java.additional.29 = -Dwso2.transports.xml=${carbon_home}\\repository\\conf\\mgt-transports.xml
wrapper.java.additional.31 = -Dorg.apache.jasper.compiler.Parser.STRICT_QUOTE_ESCAPING=false
wrapper.java.additional.33 = -Dfile.encoding=UTF8
You can verify these configurations in wrapper.conf and these configurations may help you to solve the jsp error.
Following link may help you if you need more information regarding this.
https://docs.wso2.com/display/ESB490/Installing+as+a+Windows+Service#InstallingasaWindowsService-SettinguptheYAJSWwrapperconfigurationfile
I just used the NSSM - the "Non-Sucking Service Manager".
It's actually amazingly simple to install a Service using this tool.
https://nssm.cc
Just set it up to point at the wso2server.bat file
Keeping an eye on this issue however: https://wso2.org/jira/browse/ESBJAVA-4342
We have been implementing GREG5.0 and using default configurations everything works fine. Once we replace the default localhost certificate in the wso2cabon.jks keystore with our own we receive "java.security.SignatureException: Signature length not correct: got 256 but was expecting 128" when we log into Store or Publisher using SSO.
We have removed the default keypair from wso2carbon.jks and added our own certificate. The password for our keystore and certificate are the same. We have updated all the configuration files per the wso2 carbon 4.4 documentation. We have updated JavaHome with local_policy.jar and us_export_policy.jar in order to allow for the longer key length.
The administrator console works great with no issues. If we change the login method of store or publisher to "basic" then it works fine. When we have the login method set to "SSO" we end up sitting on a blank page at this location https://servername/store/acs. We have the same result in the browser if we are running as a windows server or in console mode but, if we are running as a windows service then we have no error and no indication of what happened. If we are running in console mode then I get the error mentioned above spit out in the console.
I also noticed this behavior on Identity Server 5.0 when accessing dashboard.
We are running on windows.
Is there another location in WSO2 that I need to update to accomodate an increased key length?
Joe
The location I missed updating was the IdentityAlias in repository/deployment/server/jaggeryapps/store/config/store.json repository/deployment/server/jaggeryapps/publisher/config/publisher.json. Once I updated that value to match the alias of the keypair I was using in wso2carbon.jks that appeared as though it solved the keylength error and created another problem.
So now it was giving me a NullPointerException. I had provided the alias of our keypair but that was not the same as the alias for our certificate exported from our keypair that we loaded in client-truststore.jks. So I decided to set both alias' so they would match. With that change I was finally able to successfully able to access the store and publisher.
After some further testing it did not care what my keypair alias was as long as the value in IdentityAlias matched the alias of my certificate loaded in client-truststore.jks.
Hope this helps someone.
Joe
I'm evaluating WSO2 Identity Server 5.0.0 but I'm getting a strange issue using the dashboard.
I installed it on a server of mine (so it is not on localhost) and configured the following configuration files so that WSO2 knows where to point
File wso2is-5.0.0/repository/conf/carbon.xml
<HostName>SERVER_IP</HostName>
<MgtHostName>SERVER_IP</MgtHostName>
File wso2is-5.0.0/repository/conf/security/saml2.federation.properties
WSO2=https://SERVER_IP:9445/samlsso
File wso2is-5.0.0/repository/conf/security/sso-idp-config.xml
<SSOIdentityProviderConfig>
<ServiceProviders>
<ServiceProvider>
<Issuer>wso2.my.dashboard</Issuer>
<AssertionConsumerService>https://SERVER_IP:9443/dashboard/acs</AssertionConsumerService>
...
As stated in the official documentation I should see some blocks and after clicking the "View details" buttons I should be able to do the operations of the dashboard related to each block.
However, when I login in the Dashboard I can see the blocks, but when I click "View details" I get a blank-content page a you can see in the following screenshot of the "My Profiles" page
The same thing happens for the other blocks.
What can I do? Maybe I didn't configure something?
Thank you in advance
Giulio
If you have installed the identity server other than localhost, You would see some issues with dashboard. I also experienced same type of issues. But you can resolve them by configuring the host name and port properly. Unfortunately there are few places that you need to edit. Please find them below. I have already to report a jira to improve them to configure from one config file.
repository/conf/carbon.xml
repository/conf/security/sso-idp-config.xml
repository/deployment/server/jaggeryapps/dashboard/apis/gadget.json
repository/deployment/server/jaggeryapps/portal/gadgets/account-recovery/gadget.xml
repository/deployment/server/jaggeryapps/portal/gadgets/identity_management/gadget.xml
repository/deployment/server/jaggeryapps/portal/gadgets/pwd_change/gadget.xml
repository/deployment/server/jaggeryapps/portal/gadgets/user_auth_apps/gadget.xml
repository/deployment/server/jaggeryapps/portal/gadgets/user_profile/gadget.xml
modify the url of the user_profile (i.e. http://{IP}:{port}/portal/gadgets/user_profile/gadget.xml ) in "repository/deployment/server/jaggeryapps/dashboard/apis/gadget.json" file in to HTTP and Port in to 9763.