WSO2 APIM Analytics 3.2.0 dashboard login page doesn't open - wso2

I am running WSO2 APIM 3.2.0 and Analytics 3.2.0 on different client servers. I did all the required settings to configure WSO2 APIM with WSO2 Analytics. Started both the servers successfully and WSO2 APIM URL's open well. But, when I open the Analytics Dashboard URL (https://<Analytics_Host>:9643/analytics-dashboard/login), I get the below warning in the dashboard server logs, and the login page does not appear. Only a blank screen appears.
WARN {org.wso2.msf4j.internal.MSF4JHttpConnectorListener} - Unmapped
exception feign.RetryableException: No subject alternative names
matching IP address <APIM_IP> found executing GET
https://<APIM_Host>:9443/api/am/admin/v0.16/custom-urls/carbon.super
In the browser console I can see errors as shown in the below screenshot.
One more thing I noticed is in the management console of WSO2 APIM, difference in Service Providers list when compared with my local. I didn't find all the service providers on the client server which I can see on my local.
WSO2 APIM Carbon Console Service Providers list on my local:
WSO2 APIM Carbon Console list on the client server:
Am I missing out on some configurations? Need suggestions on this issue.

Related

I'm unable to login into Wso2 APIM

I'm unable login into Wso2 APIM and showing invalid login details but yesterday it was working fine and able to login.
Apim version: 3.2.0.
Identity server wso2 is-km: 5.10.0
I have not changed any of the configuration.
My Wso2 APIM is integrated with wso2 Is.
Below error:
2022-03-07 13:58:07,464] INFO - TimeoutHandler This engine will expire all callbacks after GLOBAL_TIMEOUT: 120 seconds, irrespective of the timeout action, after the specified or optional timeout
[2022-03-07 13:58:07,749] ERROR - OAuth2Service Error while finding application state for application with client_id: oYDtSc**************
After that tried logging into Wso2 Identify server with admin as usually but not data it showing like list of users and list of identity providers but previously I saw list of providers etc.
Please help me in this situation.

WSO2 API Manager Analytics doesn't works

the wso2 API Manager it's working normaly but the analytics inside the wso2-am and the product wso2-am Analytics doesn't works
I execute all the steps describes in the documentation of the wso2-apim Analytics (Quick Setup and
Standard Setup) but nothing works.
when I was configuring the Enterprise Integrator the analytics has'nt work but when I configured the "synapse.properties" file the analytics started to work normaly.
it's important to know that the wso2-ei, wso2-am and wso2-am Analytics is running in the same machine.
Enterprise Integrator offset = 0
API Manager Offset = 4
API Manager Analytics - Offset = 5
the documentation of WSO2 Administration Guide "Default Ports of WSO2 Products" it is a folow description:
for API Manager:
7711 + Port offset of the APIM Analytics Server - Thrift SSL port for secure transport when publishing analytics to the API Manager Analytics server.
for Enterprise Integrator:
7712 - Thrift SSL port for secure transport, where the client is authenticated to DAS
I verifyed the log file "wso2server.log" of the wso2-am and I see the folow error:
ERROR - Error while trying to connect to the endpoint. Cannot borrow client for ssl://localhost:7712
ERROR - Thrift exception
I don't know if the fact of the wso2-am Analytics isn't work it's related to the error showing in the log of the wso2-am.
someone can help me to make the wso2-am Analytics works normaly?

WSO2 API Manager : API Creation Issue

I installed the APIM and started the APIM and created a new API. The ApI which i created comprises of a URL which points at our company production server. I gave the URL in the api creation mode to the production endpoint and sandbox Endpoint boxes. Then i set the required parameters under the GET method. Then i try it out at the store but the request does not hit the production server. I want to see the URL output from your api manager which passes to our production server. Because i want to see what is whether there is an error on that as it it doesnot hit our production server.
Can you help me with the issue?
Thanks in advance.
You can enable wire log to see the what are the requests which came to APIM and what are the requests APIM made for backend. Follow the steps in How to get wire logs from WSO2 ESB blog post to enable wire log. Those instructions are given for ESB, but they are valid for APIM as well.

How to integrate WSO2 API Manager (AM) 1.10.0 with PingFederate SAML 2.0?

How to integrate WSO2 am 1.10.0 with PingFederate SAML 2.0? Any instructions?
From WSO2 web site, I only saw docs on how to set up SSO among WSO2 products: https://docs.wso2.com/display/AM1100/Configuring+Single+Sign-on+with+SAML2 . But I did not see documentation on how to enable WSO2 AM 1.10.0 with external identity providers such as PingFederate via SAML2.
Any help is appreciated.
*** UPDATE:
I followed the instructions here https://docs.wso2.com/display/AM1100/Configuring+Single+Sign-on+with+SAML2 - just assuming WSO2 IS as PingIdentity. For the mojority part it's working, but I cannot generate keys when subscribing to an API. It says "invalid credentials" even if I have logged into applications and subscriptions and can create applications from /store UI.
I can confirm that this can be done without adding a separate wso2 IS server into the picture. I fixed several issues (Cannot generate keys, cannot publish APIs, etc..) by: What I did to fix the issue was to 1) add admin user inside ApiKeyValidaor in api-manager.xml also into admin user via management console and into user-mgt.xml; 2) Inside api-manager.xml:
Change the following:
https://${carbon.local.ip}:${mgt.transport.https.port}${carbon.context}/services/
to: https://[FQDN_OF_HOST}:${mgt.transport.https.port}${carbon.context}/services/
Reason is my server certificate only recorded the domain name, not ip address.
The solution was also mentioned here: wso2 am 1.10.0 API Store: "Error occurred while executing the action generateApplicationKey" with " Invalid credentials provided."
Basically, you can do this by adding PingFederate as an IDP in WSO2 AM and configuring federated SAML SSO configurations. An example of how to achieve this with Shibboleth is given in [1]. You can follow the same steps to do any configurations according to your requirement.
Refer [2] for configuring SAML SSO Federated authenticator in general
[1] https://docs.wso2.com/display/IS510/How+To%3A+Configure+Shibboleth+IdP+as+a+Trusted+Identity+Provider
[2] https://docs.wso2.com/display/IS510/Configuring+SAML+2.0+Web+SSO

WSO2 Identity Server REST and SOAP call

WSO2 Identity Server : I am new to WSO2 Identity Server. Could somebody help to get list of REST call and soap call supported by WSO2 Identity Server
This blog post has an example of using WSO2-IS APIs.
Take a look at the answer to the following question also. WSO2 identity server api
WSO2 products are manage internally SOAP web services known as admin services. The admin service wsdl as bellow.
https://localhost:9443/services/UserAdmin?wsdl
Note: you cannot view the wsdl of admin service by default due to security reason. Configure the following steps to enable and invoke the admin service wsdl.
Set the <HideAdminServiceWSDLs> element to false in <IS_HOME>/repository/conf/carbon.xml file.
<HideAdminServiceWSDLs>false</HideAdminServiceWSDL>
Restart the server.
Also you can use OSGi console to get the list of SOAP Services exposed in Identity Server and view the available service components details. To enable osgi console doing following steps.
Get osgi console by executing the following command.
<IS_Home>/bin/wso2server.bat –DosgiConsole
After successfully started the server press ‘Enter’ key and osgi>console will be displayed.
To get all admin services that are deployed on this server.
osgi> listAdminServices
List down all hidden services that are deployed on this server.
osgi>listHiddenServices
All services expose Web Service APIs which can be used for to gain access to back end functionality.