WSO2 Please check password policy at DC for user - wso2

we trying to add new user to AD as secondary store in WSO2 but we got this problem
we tried to get more details from log file but we found the following :
TID: [-1234] [] [2018-01-04 23:25:19,052] DEBUG {org.wso2.carbon.user.core.ldap.ActiveDirectoryUserStoreManager} - value after escaping special characters in user02 : user02
TID: [-1234] [] [2018-01-04 23:25:19,062] DEBUG {org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager} - Searching for user with SearchFilter: (&(objectClass=user)(sAMAccountName=user02)) in SearchBase:
TID: [-1234] [] [2018-01-04 23:25:19,065] DEBUG {org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager} - Name in space for user02 is CN=user02,CN=Users,DC=DEVDC,DC=sure,DC=com,DC=sa
TID: [-1234] [] [2018-01-04 23:25:19,072] DEBUG {org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager} - Searching for role: rolhejazi
TID: [-1234] [] [2018-01-04 23:25:19,072] DEBUG {org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager} - Using search filter: (&(objectcategory=group)(cn=rolhejazi))
TID: [-1234] [] [2018-01-04 23:25:19,077] DEBUG {org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager} - Searching in CN=Users,DC=devdc,DC=sure,DC=com,DC=sa
TID: [-1234] [] [2018-01-04 23:25:19,080] DEBUG {org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager} - Is role: rolhejazi exist: true
TID: [-1234] [] [2018-01-04 23:25:19,082] DEBUG {org.wso2.carbon.user.core.ldap.ReadWriteLDAPUserStoreManager} - Modifying role: CN=rolhejazi with type: 1 user: CN=user02,CN=Users,DC=DEVDC,DC=sure,DC=com,DC=sa in search base: CN=Users,DC=devdc,DC=sure,DC=com,DC=sa
TID: [-1234] [] [2018-01-04 23:25:19,400] DEBUG {org.wso2.carbon.user.core.ldap.ReadWriteLDAPUserStoreManager} - User: CN=user02,CN=Users,DC=DEVDC,DC=sure,DC=com,DC=sa was successfully modified in LDAP group: CN=rolhejazi
TID: [-1234] [] [2018-01-04 23:25:19,402] WARN {org.wso2.carbon.user.core.ldap.ActiveDirectoryUserStoreManager} - Unsecured connection is being used. Enabling user account operation will fail
TID: [-1234] [] [2018-01-04 23:25:19,411] ERROR {org.wso2.carbon.user.mgt.UserRealmProxy} - Error while enabling the user account. Please check password policy at DC for user : user02
org.wso2.carbon.user.core.UserStoreException: Error while enabling the user account. Please check password policy at DC for user : user02

Related

WSO2 IS error retrieving user info via SCIM

I am working with WSO2 IS 5.9 and I need to retrieve the user info using SCIM 2.0 REST interface. I succeeded in listing the user:
(GET) https://server:port/scim2/Users?startIndex=1&count=10&domain=PRIMARY&filter=userName+sw+user1&attributes=userName
(header: Authorization basic [user_admin:password_admin Base64 coded]).
response:
{
"totalResults": 1,
"startIndex": 1,
"itemsPerPage": 1,
"schemas": ["urn:ietf:params:scim:api:messages:2.0:ListResponse"],
"Resources": [ {
"id": "cf5aa963-07a6-44be-8c3c-4edc23c5323b",
"userName": "user1"
}]
}
but when I try to get the user details I get the following error:
https://server:port/scim2/Users/cf5aa963-07a6-44be-8c3c-4edc23c5323b
(header: Authorization basic [user_admin:password_admin Base64 coded]).
response:
{
"schemas": ["urn:ietf:params:scim:api:messages:2.0:Error"],
"detail": "Error in getting user information from Carbon User Store foruser: cf5aa963-07a6-44be-8c3c-4edc23c5323b",
"status": "500"
}
log:
TID: [-1234] [scim2] [2020-02-24 09:46:40,278] [c4cec19a-328c-44fd-9beb-6d3d5b0cacde] ERROR {org.wso2.carbon.user.core.common.AbstractUserStoreManager} - Error occurred while accessing Java Security Manager Privilege Block when called by method getUserList with 3 length of Objects and argTypes [class java.lang.String, class java.lang.String, class java.lang.String]
The same happens using the SOAP interface. The request (authorization Basic for admin user) to the RemoteUserStoreManagerService, operation getUserId is the following:
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:ser="http://service.ws.um.carbon.wso2.org">
<soapenv:Header/>
<soapenv:Body>
<ser:getUserId>
<!--Optional:-->
<ser:username>cf5aa963-07a6-44be-8c3c-4edc23c5323b</ser:username>
</ser:getUserId>
</soapenv:Body>
</soapenv:Envelope>
response:
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
<soapenv:Body>
<soapenv:Fault>
<faultcode>soapenv:Server</faultcode>
<faultstring>Invalid operation</faultstring>
<detail>
<ns:RemoteUserStoreManagerServiceUserStoreException xmlns:ns="http://service.ws.um.carbon.wso2.org">
<UserStoreException xsi:type="ax2720:UserStoreException" xmlns="http://service.ws.um.carbon.wso2.org" xmlns:ax2720="http://core.user.carbon.wso2.org/xsd" xmlns:ax2721="http://api.user.carbon.wso2.org/xsd" xmlns:ax2724="http://common.mgt.user.carbon.wso2.org/xsd" xmlns:ax2726="http://dao.service.ws.um.carbon.wso2.org/xsd" xmlns:ax2728="http://tenant.core.user.carbon.wso2.org/xsd" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<ax2720:errorCode xsi:nil="true"/>
</UserStoreException>
</ns:RemoteUserStoreManagerServiceUserStoreException>
</detail>
</soapenv:Fault>
</soapenv:Body>
</soapenv:Envelope>
log
TID: [-1234] [RemoteUserStoreManagerService] [2020-02-24 09:59:13,089] [4044e005-6de0-4328-ada5-43919c0e2dea] WARN {org.wso2.carbon.server.admin.module.handler.AuthenticationHandler} - Illegal access attempt at [2020-02-24 09:59:13,0088] from IP address xx.xx.x.x while trying to authenticate access to service RemoteUserStoreManagerService
TID: [-1234] [RemoteUserStoreManagerService] [2020-02-24 09:59:13,202] [1f3ed136-a13f-4536-96ca-c8572a0aeee8] INFO {org.wso2.carbon.core.services.util.CarbonAuthenticationUtil} - 'admin#carbon.super [-1234]' logged in at [2020-02-24 09:59:13,201+0100]
The debug log for the org.wso2.carbon.user.core is:
TID: [-1234] [] [2020-02-24 13:34:19,664] [66bddec5-bbca-4aa2-99b0-978e131d9336] DEBUG {org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager} - Searching for user admin
TID: [-1234] [] [2020-02-24 13:34:19,672] [66bddec5-bbca-4aa2-99b0-978e131d9336] DEBUG {org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager} - Replace escape characters configured to: true
TID: [-1234] [] [2020-02-24 13:34:19,676] [66bddec5-bbca-4aa2-99b0-978e131d9336] DEBUG {org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager} - Using default configurations for the user DN cache, having search base : ou=Users,dc=wso2,dc=org
TID: [-1234] [] [2020-02-24 13:34:19,681] [66bddec5-bbca-4aa2-99b0-978e131d9336] DEBUG {org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager} - Replace escape characters configured to: true
TID: [-1234] [] [2020-02-24 13:34:19,685] [66bddec5-bbca-4aa2-99b0-978e131d9336] DEBUG {org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager} - value after escaping special characters in admin : admin
TID: [-1234] [] [2020-02-24 13:34:19,689] [66bddec5-bbca-4aa2-99b0-978e131d9336] DEBUG {org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager} - Using default configurations for the user DN cache, having search base : ou=Users,dc=wso2,dc=org
TID: [-1234] [] [2020-02-24 13:34:19,695] [66bddec5-bbca-4aa2-99b0-978e131d9336] DEBUG {org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager} - User: admin exist: true
TID: [-1234] [] [2020-02-24 13:34:19,701] [66bddec5-bbca-4aa2-99b0-978e131d9336] DEBUG {org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager} - Searching for user admin
TID: [-1234] [] [2020-02-24 13:34:19,707] [66bddec5-bbca-4aa2-99b0-978e131d9336] DEBUG {org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager} - Replace escape characters configured to: true
TID: [-1234] [] [2020-02-24 13:34:19,720] [66bddec5-bbca-4aa2-99b0-978e131d9336] DEBUG {org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager} - Using default configurations for the user DN cache, having search base : ou=Users,dc=wso2,dc=org
TID: [-1234] [] [2020-02-24 13:34:19,723] [66bddec5-bbca-4aa2-99b0-978e131d9336] DEBUG {org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager} - Replace escape characters configured to: true
TID: [-1234] [] [2020-02-24 13:34:19,730] [66bddec5-bbca-4aa2-99b0-978e131d9336] DEBUG {org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager} - value after escaping special characters in admin : admin
TID: [-1234] [] [2020-02-24 13:34:19,734] [66bddec5-bbca-4aa2-99b0-978e131d9336] DEBUG {org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager} - Using default configurations for the user DN cache, having search base : ou=Users,dc=wso2,dc=org
TID: [-1234] [] [2020-02-24 13:34:19,738] [66bddec5-bbca-4aa2-99b0-978e131d9336] DEBUG {org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager} - User: admin exist: true
TID: [-1234] [] [2020-02-24 13:34:19,742] [66bddec5-bbca-4aa2-99b0-978e131d9336] DEBUG {org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager} - Using default configurations for the user DN cache, having search base : ou=Users,dc=wso2,dc=org
TID: [-1234] [] [2020-02-24 13:34:19,746] [66bddec5-bbca-4aa2-99b0-978e131d9336] DEBUG {org.wso2.carbon.user.core.ldap.LDAPConnectionContext} - LDAP connection circuit breaker state: close, so trying to obtain the LDAP connection, connection URL: ldap://localhost:10394
TID: [-1234] [] [2020-02-24 13:34:19,755] [66bddec5-bbca-4aa2-99b0-978e131d9336] DEBUG {org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager} - Replace escape characters configured to: true
TID: [-1234] [] [2020-02-24 13:34:19,759] [66bddec5-bbca-4aa2-99b0-978e131d9336] DEBUG {org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager} - Searching for user with SearchFilter: (&(objectClass=person)(uid=admin)) in SearchBase:
TID: [-1234] [] [2020-02-24 13:34:19,768] [66bddec5-bbca-4aa2-99b0-978e131d9336] DEBUG {org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager} - Requesting attribute :accountLock
TID: [-1234] [] [2020-02-24 13:34:19,848] [66bddec5-bbca-4aa2-99b0-978e131d9336] DEBUG {org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager} - Authenticating user admin
TID: [-1234] [] [2020-02-24 13:34:19,853] [66bddec5-bbca-4aa2-99b0-978e131d9336] DEBUG {org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager} - Using default configurations for the user DN cache, having search base : ou=Users,dc=wso2,dc=org
TID: [-1234] [] [2020-02-24 13:34:19,857] [66bddec5-bbca-4aa2-99b0-978e131d9336] DEBUG {org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager} - Cache hit. Using DN uid=admin,ou=Users,dc=WSO2,dc=ORG
TID: [-1234] [] [2020-02-24 13:34:19,868] [66bddec5-bbca-4aa2-99b0-978e131d9336] DEBUG {org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager} - User: uid=admin,ou=Users,dc=WSO2,dc=ORG is authnticated: true
TID: [-1234] [scim2] [2020-02-24 13:34:20,072] [66bddec5-bbca-4aa2-99b0-978e131d9336] DEBUG {org.wso2.carbon.user.core.authorization.JDBCAuthorizationManager} - Authorization cache miss for username : admin resource /permission/admin/manage/identity/usermgt/view action : ui.execute
TID: [-1234] [scim2] [2020-02-24 13:34:20,085] [66bddec5-bbca-4aa2-99b0-978e131d9336] DEBUG {org.wso2.carbon.user.core.authorization.PermissionTree} - Permission tree is loaded from database for the resource in tenant -1234
TID: [-1234] [scim2] [2020-02-24 13:34:20,091] [66bddec5-bbca-4aa2-99b0-978e131d9336] DEBUG {org.wso2.carbon.user.core.authorization.JDBCAuthorizationManager} - Allowed roles for the ResourceID: /permission/admin/manage/identity/usermgt/view Action: ui.execute
TID: [-1234] [scim2] [2020-02-24 13:34:20,095] [66bddec5-bbca-4aa2-99b0-978e131d9336] DEBUG {org.wso2.carbon.user.core.authorization.JDBCAuthorizationManager} - role: admin
TID: [-1234] [scim2] [2020-02-24 13:34:20,099] [66bddec5-bbca-4aa2-99b0-978e131d9336] DEBUG {org.wso2.carbon.user.core.authorization.JDBCAuthorizationManager} - Roles which have permission for resource : /permission/admin/manage/identity/usermgt/view action : ui.execute
TID: [-1234] [scim2] [2020-02-24 13:34:20,102] [66bddec5-bbca-4aa2-99b0-978e131d9336] DEBUG {org.wso2.carbon.user.core.authorization.JDBCAuthorizationManager} - Role : admin
TID: [-1234] [scim2] [2020-02-24 13:34:20,107] [66bddec5-bbca-4aa2-99b0-978e131d9336] DEBUG {org.wso2.carbon.user.core.authorization.JDBCAuthorizationManager} - admin user is in role : admin
TID: [-1234] [scim2] [2020-02-24 13:34:20,519] [66bddec5-bbca-4aa2-99b0-978e131d9336] DEBUG {org.wso2.carbon.user.core.common.AbstractUserStoreManager} - Listing users who having value as cf5aa963-07a6-44be-8c3c-4edc23c5323b for the claim http://wso2.org/claims/userid
TID: [-1234] [scim2] [2020-02-24 13:34:20,524] [66bddec5-bbca-4aa2-99b0-978e131d9336] DEBUG {org.wso2.carbon.user.core.common.AbstractUserStoreManager} - Pre listener user list: [] for domain: null
TID: [-1234] [scim2] [2020-02-24 13:34:20,528] [66bddec5-bbca-4aa2-99b0-978e131d9336] DEBUG {org.wso2.carbon.user.core.common.AbstractUserStoreManager} - No domain name found in claim value. Searching through all user stores for possible matches
TID: [-1234] [scim2] [2020-02-24 13:34:20,531] [66bddec5-bbca-4aa2-99b0-978e131d9336] DEBUG {org.wso2.carbon.user.core.common.AbstractUserStoreManager} - Invoking the get user list for domain: PRIMARY for claim: http://wso2.org/claims/userid value: PRIMARY/cf5aa963-07a6-44be-8c3c-4edc23c5323b
TID: [-1234] [scim2] [2020-02-24 13:34:20,535] [66bddec5-bbca-4aa2-99b0-978e131d9336] DEBUG {org.wso2.carbon.user.core.common.AbstractUserStoreManager} - Listing users who having value as PRIMARY/cf5aa963-07a6-44be-8c3c-4edc23c5323b for the claim http://wso2.org/claims/userid
TID: [-1234] [scim2] [2020-02-24 13:34:20,538] [66bddec5-bbca-4aa2-99b0-978e131d9336] DEBUG {org.wso2.carbon.user.core.common.AbstractUserStoreManager} - Domain: PRIMARY is passed with the claim and user store manager is loaded for the given domain name.
TID: [-1234] [scim2] [2020-02-24 13:34:20,543] [66bddec5-bbca-4aa2-99b0-978e131d9336] DEBUG {org.wso2.carbon.user.core.common.AbstractUserStoreManager} - Pre listener user list: [] for domain: PRIMARY
TID: [-1234] [scim2] [2020-02-24 13:34:20,547] [66bddec5-bbca-4aa2-99b0-978e131d9336] DEBUG {org.wso2.carbon.user.core.common.AbstractUserStoreManager} - Domain found in claim value. Searching only in the PRIMARY for possible matches
TID: [-1234] [scim2] [2020-02-24 13:34:20,550] [66bddec5-bbca-4aa2-99b0-978e131d9336] DEBUG {org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager} - Replace escape characters configured to: true
TID: [-1234] [scim2] [2020-02-24 13:34:20,554] [66bddec5-bbca-4aa2-99b0-978e131d9336] DEBUG {org.wso2.carbon.user.core.ldap.LDAPConnectionContext} - LDAP connection circuit breaker state: close, so trying to obtain the LDAP connection, connection URL: ldap://localhost:10394
TID: [-1234] [scim2] [2020-02-24 13:34:20,568] [66bddec5-bbca-4aa2-99b0-978e131d9336] DEBUG {org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager} - Listing users with Property: scimId SearchFilter: (&(objectClass=person)(scimId=cf5aa963-07a6-44be-8c3c-4edc23c5323b))
TID: [-1234] [scim2] [2020-02-24 13:34:20,575] [66bddec5-bbca-4aa2-99b0-978e131d9336] DEBUG {org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager} - Searching for user with SearchFilter: (&(objectClass=person)(scimId=cf5aa963-07a6-44be-8c3c-4edc23c5323b)) in SearchBase:
TID: [-1234] [scim2] [2020-02-24 13:34:20,579] [66bddec5-bbca-4aa2-99b0-978e131d9336] DEBUG {org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager} - Requesting attribute :uid
TID: [-1234] [scim2] [2020-02-24 13:34:20,582] [66bddec5-bbca-4aa2-99b0-978e131d9336] DEBUG {org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager} - Requesting attribute :sn
TID: [-1234] [scim2] [2020-02-24 13:34:20,589] [66bddec5-bbca-4aa2-99b0-978e131d9336] DEBUG {org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager} - uid : usuario1
TID: [-1234] [scim2] [2020-02-24 13:34:20,597] [66bddec5-bbca-4aa2-99b0-978e131d9336] DEBUG {org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager} - result: usuario1
TID: [-1234] [scim2] [2020-02-24 13:34:20,601] [66bddec5-bbca-4aa2-99b0-978e131d9336] DEBUG {org.wso2.carbon.user.core.common.AbstractUserStoreManager} - List of filtered users for: PRIMARY : [usuario1]
TID: [-1234] [scim2] [2020-02-24 13:34:20,605] [66bddec5-bbca-4aa2-99b0-978e131d9336] DEBUG {org.wso2.carbon.user.core.common.AbstractUserStoreManager} - Users from user store: PRIMARY : [usuario1]
TID: [-1234] [scim2] [2020-02-24 13:34:20,609] [66bddec5-bbca-4aa2-99b0-978e131d9336] DEBUG {org.wso2.carbon.user.core.common.AbstractUserStoreManager} - Post listener user list: [usuario1] for domain: PRIMARY
TID: [-1234] [scim2] [2020-02-24 13:34:20,614] [66bddec5-bbca-4aa2-99b0-978e131d9336] DEBUG {org.wso2.carbon.user.core.common.AbstractUserStoreManager} - Secondary user list for domain: PRIMARY : [usuario1]
TID: [-1234] [scim2] [2020-02-24 13:34:20,618] [66bddec5-bbca-4aa2-99b0-978e131d9336] DEBUG {org.wso2.carbon.user.core.common.AbstractUserStoreManager} - Invoking the get user list for domain: TEST1 for claim: http://wso2.org/claims/userid value: TEST1/cf5aa963-07a6-44be-8c3c-4edc23c5323b
TID: [-1234] [scim2] [2020-02-24 13:34:20,621] [66bddec5-bbca-4aa2-99b0-978e131d9336] DEBUG {org.wso2.carbon.user.core.common.AbstractUserStoreManager} - Listing users who having value as TEST1/cf5aa963-07a6-44be-8c3c-4edc23c5323b for the claim http://wso2.org/claims/userid
TID: [-1234] [scim2] [2020-02-24 13:34:20,625] [66bddec5-bbca-4aa2-99b0-978e131d9336] DEBUG {org.wso2.carbon.user.core.common.AbstractUserStoreManager} - Domain: TEST1 is passed with the claim and user store manager is loaded for the given domain name.
TID: [-1234] [scim2] [2020-02-24 13:34:20,630] [66bddec5-bbca-4aa2-99b0-978e131d9336] DEBUG {org.wso2.carbon.user.core.common.AbstractUserStoreManager} - Pre listener user list: [] for domain: TEST1
TID: [-1234] [scim2] [2020-02-24 13:34:20,633] [66bddec5-bbca-4aa2-99b0-978e131d9336] DEBUG {org.wso2.carbon.user.core.common.AbstractUserStoreManager} - Domain found in claim value. Searching only in the TEST1 for possible matches
TID: [-1234] [scim2] [2020-02-24 13:34:20,638] [66bddec5-bbca-4aa2-99b0-978e131d9336] ERROR {org.wso2.carbon.user.core.common.AbstractUserStoreManager} - Error occurred while accessing Java Security Manager Privilege Block when called by method getUserList with 3 length of Objects and argTypes [class java.lang.String, class java.lang.String, class java.lang.String]
Am I doing the request properly? Do I need to configure any additional parameter in WSO2 IS? Are there any bugs for this operation?
Cheers!

WSO2 Custom claim handler not being called for password grant_type

I have been using WSO2IS as OIDC provider. I have implemented a custom claim handler which is working fine and being invoked when WSO2 receives grant_type "Authorization_code". The problem started when a Service Provider sent a request with grant_type=password. In this case, WSO2 succesfully authenticated the user and returned the JWT but... without custom claim as WSO2 did not invoke the custom claim handler.
This is the configuration I did in file <IS_HOME>/repository/conf/identity/application-authentication.xml for custom claim handler which is being invoked for grant_type=authorization_code.
<ClaimHandler>com.wso2.carbon.identity.custom.claim.handler.CustomClaimHandler</ClaimHandler>
this the debug log from WSO2:
TID: [-1234] [] [2018-04-06 11:34:38,199] DEBUG
{org.wso2.carbon.identity.auth.service.handler.HandlerManager} -
Created singleton instance for
org.wso2.carbon.identity.auth.service.handler.HandlerManager TID:
[-1234] [] [2018-04-06 11:34:38,200] DEBUG
{org.wso2.carbon.identity.auth.service.handler.HandlerManager} - Get
first priority handler for the given handler list. TID: [-1234] []
[2018-04-06 11:34:38,200] DEBUG
{org.wso2.carbon.identity.auth.service.handler.HandlerManager} - Get
first priority handler :
DefaultAuthenticationManager(org.wso2.carbon.identity.auth.service.AuthenticationManager)
TID: [-1234] [] [2018-04-06 11:34:38,205] DEBUG
{org.wso2.carbon.identity.oauth2.OAuth2Service} - Access Token
request received for Client ID EjQvbCf0pclp6eVO5lxTq23_lxQa, User ID
userldap, Scope : [ openid, email] and Grant Type : password TID:
[-1234] [] [2018-04-06 11:34:38,205] DEBUG
{org.wso2.carbon.identity.oauth2.token.handlers.clientauth.AbstractClientAuthHandler}
- Can authenticate with client ID and Secret. Client ID: EjQvbCf0pclp6eVO5lxTq23_lxQa TID: [-1234] [] [2018-04-06
11:34:38,205] DEBUG
{org.wso2.carbon.identity.oauth2.token.handlers.clientauth.AbstractClientAuthHandler}
- Grant type : password Strict client validation set to : null TID: [-1234] [] [2018-04-06 11:34:38,206] DEBUG
{org.wso2.carbon.identity.oauth2.util.OAuth2Util} - Client
credentials were fetched from the database. TID: [-1234] []
[2018-04-06 11:34:38,206] DEBUG
{org.wso2.carbon.identity.oauth2.util.OAuth2Util} - Successfully
authenticated the client with client id : EjQvbCf0pclp6eVO5lxTq23_lxQa
TID: [-1234] [] [2018-04-06 11:34:38,207] DEBUG
{org.wso2.carbon.identity.oauth2.token.AccessTokenIssuer} - Oauth App
validation success for consumer key: EjQvbCf0pclp6eVO5lxTq23_lxQa
TID: [-1234] [] [2018-04-06 11:34:38,209] DEBUG
{org.wso2.carbon.identity.governance.listener.IdentityMgtEventListener}
- Pre authenticator is called in IdentityMgtEventListener TID: [-1234] [] [2018-04-06 11:34:38,210] DEBUG
{org.wso2.carbon.identity.claim.metadata.mgt.dao.CacheBackedLocalClaimDAO}
- Cache hit for local claim list for tenant: -1234 TID: [-1234] [] [2018-04-06 11:34:38,210] DEBUG
{org.wso2.carbon.identity.claim.metadata.mgt.DefaultClaimMetadataStore}
- Assigned mapped attribute : ref from user store domain : PRIMARY for claim : http://wso2.org/claims/identity/accountDisabled in tenant
: -1234 TID: [-1234] [] [2018-04-06 11:34:38,215] DEBUG
{org.wso2.carbon.identity.claim.metadata.mgt.dao.CacheBackedLocalClaimDAO}
- Cache hit for local claim list for tenant: -1234 TID: [-1234] [] [2018-04-06 11:34:38,215] DEBUG
{org.wso2.carbon.identity.governance.listener.IdentityMgtEventListener}
- post get user claim values is called in IdentityMgtEventListener TID: [-1234] [] [2018-04-06 11:34:38,215] DEBUG
{org.wso2.carbon.identity.core.util.IdentityUtil} - Error while
reading user store property CaseInsensitiveUsername. Considering as
case sensitive. TID: [-1234] [] [2018-04-06 11:34:38,215] DEBUG
{org.wso2.carbon.identity.governance.store.InMemoryIdentityDataStore}
- Loaded UserIdentityClaimsDO from cache for user :userldap with claims: {} TID: [-1234] [] [2018-04-06 11:34:38,215] DEBUG
{org.wso2.carbon.identity.recovery.handler.AdminForcedPasswordResetHandler}
- Handling event : PRE_AUTHENTICATION TID: [-1234] [] [2018-04-06 11:34:38,215] DEBUG
{org.wso2.carbon.identity.recovery.handler.AdminForcedPasswordResetHandler}
- PreAuthenticate - AdminForcedPasswordResetHandler for user : userldap#carbon.super TID: [-1234] [] [2018-04-06 11:34:38,215] DEBUG
{org.wso2.carbon.identity.core.util.IdentityUtil} - Error while
reading user store property CaseInsensitiveUsername. Considering as
case sensitive. TID: [-1234] [] [2018-04-06 11:34:38,216] DEBUG
{org.wso2.carbon.identity.recovery.handler.AccountConfirmationValidationHandler}
- PreAuthenticate TID: [-1234] [] [2018-04-06 11:34:38,216] DEBUG {org.wso2.carbon.identity.claim.metadata.mgt.dao.CacheBackedLocalClaimDAO}
- Cache hit for local claim list for tenant: -1234 TID: [-1234] [] [2018-04-06 11:34:38,217] DEBUG
{org.wso2.carbon.identity.claim.metadata.mgt.DefaultClaimMetadataStore}
- Assigned mapped attribute : accountLock from user store domain : PRIMARY for claim : http://wso2.org/claims/identity/accountLocked in
tenant : -1234 TID: [-1234] [] [2018-04-06 11:34:38,218] DEBUG
{org.wso2.carbon.identity.claim.metadata.mgt.dao.CacheBackedLocalClaimDAO}
- Cache hit for local claim list for tenant: -1234 TID: [-1234] [] [2018-04-06 11:34:38,218] DEBUG
{org.wso2.carbon.identity.governance.listener.IdentityMgtEventListener}
- post get user claim values is called in IdentityMgtEventListener TID: [-1234] [] [2018-04-06 11:34:38,218] DEBUG
{org.wso2.carbon.identity.core.util.IdentityUtil} - Error while
reading user store property CaseInsensitiveUsername. Considering as
case sensitive. TID: [-1234] [] [2018-04-06 11:34:38,218] DEBUG
{org.wso2.carbon.identity.governance.store.InMemoryIdentityDataStore}
- Loaded UserIdentityClaimsDO from cache for user :userldap with claims: {} TID: [-1234] [] [2018-04-06 11:34:38,218] DEBUG
{org.wso2.carbon.identity.application.common.processors.RandomPasswordProcessor}
- Cache Key not found for Random Password Container TID: [-1234] [] [2018-04-06 11:34:38,222] DEBUG
{org.wso2.carbon.identity.governance.listener.IdentityMgtEventListener}
- post authenticator is called in IdentityMgtEventListener TID: [-1234] [] [2018-04-06 11:34:38,222] DEBUG
{org.wso2.carbon.identity.application.common.processors.RandomPasswordProcessor}
- Cache Key not found for Random Password Container TID: [-1234] [] [2018-04-06 11:34:38,223] DEBUG
{org.wso2.carbon.identity.application.common.processors.RandomPasswordProcessor}
- Cache Key not found for Random Password Container TID: [-1234] [] [2018-04-06 11:34:38,223] DEBUG
{org.wso2.carbon.identity.oauth2.token.handlers.grant.PasswordGrantHandler}
- Token request with Password Grant Type received. Username : userldap#carbon.superScope : email openid , Authentication State :
true TID: [-1234] [] [2018-04-06 11:34:38,223] DEBUG
{org.wso2.carbon.identity.oauth.callback.OAuthCallbackHandlerRegistry}
- OAuthCallbackHandler was found for the callback. Class Name : org.wso2.carbon.identity.oauth.callback.DefaultCallbackHandler
Resource Owner : userldap#carbon.super Client Id :
EjQvbCf0pclp6eVO5lxTq23_lxQa Scope : email openid TID: [-1234] []
[2018-04-06 11:34:38,223] DEBUG
{org.wso2.carbon.identity.oauth.callback.OAuthCallbackHandlerRegistry}
- OAuthCallbackHandler was found for the callback. Class Name : org.wso2.carbon.identity.oauth.callback.DefaultCallbackHandler
Resource Owner : userldap#carbon.super Client Id :
EjQvbCf0pclp6eVO5lxTq23_lxQa Scope : email openid TID: [-1234] []
[2018-04-06 11:34:38,223] DEBUG
{org.wso2.carbon.identity.oauth2.util.OAuth2Util} - Added
OAuthTokenReqMessageContext to threadlocal TID: [-1234] []
[2018-04-06 11:34:38,223] DEBUG
{org.wso2.carbon.identity.core.util.IdentityUtil} - Error while
reading user store property CaseInsensitiveUsername. Considering as
case sensitive. TID: [-1234] [] [2018-04-06 11:34:38,223] DEBUG
{org.wso2.carbon.identity.oauth2.util.OAuth2Util} - SP wise token
expiry time feature is applied for tenant id : -1234and consumer key :
EjQvbCf0pclp6eVO5lxTq23_lxQa TID: [-1234] [] [2018-04-06
11:34:38,224] DEBUG
{org.wso2.carbon.identity.oauth2.token.handlers.grant.AbstractAuthorizationGrantHandler}
- Service Provider specific expiry time enabled for application : EjQvbCf0pclp6eVO5lxTq23_lxQa. Application access token expiry time :
null, User access token expiry time : null, Refresh token expiry time
: null TID: [-1234] [] [2018-04-06 11:34:38,224] DEBUG
{org.wso2.carbon.identity.oauth2.token.handlers.grant.AbstractAuthorizationGrantHandler}
- OAuth application id : EjQvbCf0pclp6eVO5lxTq23_lxQa, access token validity time in milliseconds : 3600000 TID: [-1234] [] [2018-04-06
11:34:38,224] DEBUG {org.wso2.carbon.identity.core.util.IdentityUtil}
- Error while reading user store property CaseInsensitiveUsername. Considering as case sensitive. TID: [-1234] [] [2018-04-06
11:34:38,230] DEBUG
{org.wso2.carbon.identity.oauth2.token.handlers.grant.AbstractAuthorizationGrantHandler}
- Infinite lifetime Access Token e88de89f-70d4-33d5-b447-5cd0135fd682 found in cache TID: [-1234] [] [2018-04-06 11:34:38,230] DEBUG
{org.wso2.carbon.identity.oauth2.util.OAuth2Util} - Cleared
OAuthTokenReqMessageContext TID: [-1234] [] [2018-04-06 11:34:38,230]
DEBUG {org.wso2.carbon.identity.oauth2.token.AccessTokenIssuer} -
Access token issued to client Id: EjQvbCf0pclp6eVO5lxTq23_lxQa
username: userldap#carbon.super and scopes: email openid TID:
[-1234] [] [2018-04-06 11:34:38,230] DEBUG
{org.wso2.carbon.identity.oauth2.token.AccessTokenIssuer} - Issuing
ID token for client: EjQvbCf0pclp6eVO5lxTq23_lxQa TID: [-1234] []
[2018-04-06 11:34:38,230] DEBUG
{org.wso2.carbon.identity.application.common.processors.RandomPasswordProcessor}
- Cache Key not found for Random Password Container TID: [-1234] [] [2018-04-06 11:34:38,232] DEBUG
{org.wso2.carbon.identity.application.mgt.dao.impl.ApplicationDAOImpl}
- Loading Basic Application Data of AdministradorOmnicanalidad TID: [-1234] [] [2018-04-06 11:34:38,232] DEBUG
{org.wso2.carbon.identity.application.mgt.dao.impl.ApplicationDAOImpl}
- ApplicationID: 21 ApplicationName: AdministradorOmnicanalidad UserName: userldap TenantDomain: carbon.super TID: [-1234] []
[2018-04-06 11:34:38,232] DEBUG
{org.wso2.carbon.identity.application.mgt.dao.impl.ApplicationDAOImpl}
- Reading Clients of Application 21 TID: [-1234] [] [2018-04-06 11:34:38,233] DEBUG
{org.wso2.carbon.identity.application.mgt.dao.impl.ApplicationDAOImpl}
- Reading Steps of Application 21 TID: [-1234] [] [2018-04-06 11:34:38,236] DEBUG
{org.wso2.carbon.identity.application.mgt.dao.impl.ApplicationDAOImpl}
- Reading Claim Mappings of Application 21 TID: [-1234] [] [2018-04-06 11:34:38,237] DEBUG
{org.wso2.carbon.identity.application.mgt.dao.impl.ApplicationDAOImpl}
- Reading Role Mapping of Application 21 TID: [-1234] [] [2018-04-06 11:34:38,241] DEBUG {org.wso2.carbon.identity.core.util.IdentityUtil}
- Error while reading user store property CaseInsensitiveUsername. Considering as case sensitive. TID: [-1234] [] [2018-04-06
11:34:38,241] DEBUG {org.wso2.carbon.identity.oauth2.dao.TokenMgtDAO}
- Retrieve access token for tokenId: e88de89f-70d4-33d5-b447-5cd0135fd682 with flag includeExpired: false
TID: [-1234] [] [2018-04-06 11:34:38,244] DEBUG
{org.wso2.carbon.identity.openidconnect.DefaultIDTokenBuilder} -
Using issuer https://localhost:9445/oauth2/token Subject userldap ID
Token life time 3600 Current time 1523032478 Nonce Value null
Signature Algorithm RS256 TID: [-1234] [] [2018-04-06 11:34:38,244]
DEBUG
{org.wso2.carbon.identity.openidconnect.SAMLAssertionClaimsCallback} -
Adding claims for user userldap#carbon.super to id token. TID:
[-1234] [] [2018-04-06 11:34:38,247] DEBUG
{org.wso2.carbon.identity.openidconnect.SAMLAssertionClaimsCallback} -
User attributes not found in cache. Trying to retrieve attribute for
user userldap#carbon.super TID: [-1234] [] [2018-04-06 11:34:38,249]
DEBUG
{org.wso2.carbon.identity.application.mgt.dao.impl.ApplicationDAOImpl}
- Loading Basic Application Data of AdministradorOmnicanalidad TID: [-1234] [] [2018-04-06 11:34:38,251] DEBUG
{org.wso2.carbon.identity.application.mgt.dao.impl.ApplicationDAOImpl}
- ApplicationID: 21 ApplicationName: AdministradorOmnicanalidad UserName: userldap TenantDomain: carbon.super TID: [-1234] []
[2018-04-06 11:34:38,251] DEBUG
{org.wso2.carbon.identity.application.mgt.dao.impl.ApplicationDAOImpl}
- Reading Clients of Application 21 TID: [-1234] [] [2018-04-06 11:34:38,251] DEBUG
{org.wso2.carbon.identity.application.mgt.dao.impl.ApplicationDAOImpl}
- Reading Steps of Application 21 TID: [-1234] [] [2018-04-06 11:34:38,255] DEBUG
{org.wso2.carbon.identity.application.mgt.dao.impl.ApplicationDAOImpl}
- Reading Claim Mappings of Application 21 TID: [-1234] [] [2018-04-06 11:34:38,256] DEBUG
{org.wso2.carbon.identity.application.mgt.dao.impl.ApplicationDAOImpl}
- Reading Role Mapping of Application 21
If someone can point what did I miss, or what else I can try, It would be a great help.
Thanks.
Is there any specific reason write a custom claim handler for OIDC?
If you want to get custom claims with OIDC you could follow the below steps.
Go to management console->claims->Add->Add external claims->select dialect URI as http://wso2.org/oidc/claim, give your custom claim URI as External Claim URI, map the appropriate local claim.
Once you successfully added the custom claim under OIDC dialect, you have to mention the newly added custom claim URI in the registry under openid scope.The path is below.
Registry->Browse->/_system/config/oidc and then click on Add button of the properties. There you could see the scope values.
Claim Handlers are engaged as part of the authentications process in the authentication framework that resides within the Identity Server.
When you use the authorization grant type, user authentication is handled via the authentication framework. This also means that any claims added/modified using a custom claims handler will be engaged.
However, when you use the password grant type, user authentication and claim retrieval happens via the respective user store the user resides in. Since this authentication does not happen through the authentication framework your custom claim handler will not be engaged.

WSO2 Error occurred while modifying user entry

We use WSO2 identity, and we are trying to add a new user to AD as secondary store by WSO2 the user
We created successfully, but also got an error message after user created as shown below:
]
in log file we catch this error:
TID: [-1234] [] [2018-01-05 21:59:13,215] DEBUG {org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager} - Searching for user with SearchFilter: (&(objectClass=user)(sAMAccountName=user022)) in SearchBase:
TID: [-1234] [] [2018-01-05 21:59:13,218] DEBUG {org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager} - Name in space for user022 is CN=user022,CN=Users,DC=DEVDC,DC=sure,DC=com,DC=sa
TID: [-1234] [] [2018-01-05 21:59:13,229] DEBUG {org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager} - Searching for role: Domain Users
TID: [-1234] [] [2018-01-05 21:59:13,230] DEBUG {org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager} - Using search filter: (&(objectcategory=group)(cn=Domain Users))
TID: [-1234] [] [2018-01-05 21:59:13,235] DEBUG {org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager} - Searching in CN=Users,DC=devdc,DC=sure,DC=com,DC=sa
TID: [-1234] [] [2018-01-05 21:59:13,237] DEBUG {org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager} - Is role: Domain Users exist: true
TID: [-1234] [] [2018-01-05 21:59:13,240] DEBUG {org.wso2.carbon.user.core.ldap.ReadWriteLDAPUserStoreManager} - Modifying role: CN=Domain Users with type: 1 user: CN=user022,CN=Users,DC=DEVDC,DC=sure,DC=com,DC=sa in search base: CN=Users,DC=devdc,DC=sure,DC=com,DC=sa
TID: [-1234] [] [2018-01-05 21:59:13,249] DEBUG **{org.wso2.carbon.user.core.ldap.ReadWriteLDAPUserStoreManager} - Error occurred while modifying user entry: CN=user022,CN=Users,DC=DEVDC,DC=sure,DC=com,DC=sa in LDAP role: CN=Domain Users
javax.naming.NameAlreadyBoundException: [LDAP: error code 68 - 00000528: UpdErr: DSID-031A11E2, problem 6005 (ENTRY_EXISTS), data 0
]; remaining name 'CN=Domain Users'**
at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3149)
at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:3100)
at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2891)
at com.sun.jndi.ldap.LdapCtx.c_modifyAttributes(LdapCtx.java:1408)
at com.sun.jndi.toolkit.ctx.ComponentDirContext.p_modifyAttributes(ComponentDirContext.java:257)

wso2 api manager throws exception Error in invoking validate key via thrift

I see this intermittent exception in my log file on unix server. My wso2 api manager is a standalone installation of 1.10.0. please help me understand this exception.
Stack trace below:
TID: [-1234] [] [2017-11-16 08:19:40,350] INFO {org.apache.synapse.mediators.builtin.LogMediator} - STATUS = Message dispat
ched to the main sequence. Invalid URL., RESOURCE = / {org.apache.synapse.mediators.builtin.LogMediator}
TID: [-1234] [] [2017-11-16 08:21:29,962] INFO {org.apache.synapse.mediators.builtin.LogMediator} - STATUS = Message dispat
ched to the main sequence. Invalid URL., RESOURCE = / {org.apache.synapse.mediators.builtin.LogMediator}
TID: [-1234] [] [2017-11-16 08:33:48,425] WARN {org.wso2.carbon.apimgt.keymgt.service.thrift.APIKeyValidationServiceImpl} -
Invalid session id for thrift authenticator. {org.wso2.carbon.apimgt.keymgt.service.thrift.APIKeyValidationServiceImpl}
TID: [-1234] [] [2017-11-16 08:33:48,425] ERROR {org.wso2.carbon.apimgt.keymgt.service.thrift.APIKeyValidationServiceImpl} - Error in invoking validate key via thrift.. {org.wso2.carbon.apimgt.keymgt.service.thrift.APIKeyValidationServiceImpl}
TID: [-1234] [] [2017-11-16 08:33:48,426] WARN {org.wso2.carbon.apimgt.gateway.handlers.security.thrift.ThriftKeyValidatorClientPool} - Login failed.. Authenticating again.. {org.wso2.carbon.apimgt.gateway.handlers.security.thrift.ThriftKeyValidatorClientPool}
TID: [-1234] [] [2017-11-16 08:33:48,437] INFO {org.wso2.carbon.core.services.util.CarbonAuthenticationUtil} - 'admin#carbon.super [-1234]' logged in at [2017-11-16 08:33:48,437-0500] from IP address {org.wso2.carbon.core.services.util.CarbonAuthenticationUtil}
TID: [-1] [] [2017-11-16 08:33:48,476] INFO {org.wso2.carbon.databridge.agent.thrift.internal.publisher.client.EventPublisher} - Session timed out for TCP,localhost:7614,TCP,localhost:7714,Thrift Session Expired Exception {org.wso2.carbon.databridge.agent.thrift.internal.publisher.client.EventPublisher}
From your above logs, I can see following error log related to thrift
TID: [-1234] [] [2017-11-16 08:33:48,425] ERROR {org.wso2.carbon.apimgt.keymgt.service.thrift.APIKeyValidationServiceImpl} - Error in invoking validate key via thrift.. {org.wso2.carbon.apimgt.keymgt.service.thrift.APIKeyValidationServiceImpl}
I don't really see a reason for above, but Can you please change to WSClient from ThriftClient. This configuration resides on api-manager.xml file.
There could be a connection issue related to thrift in your node.

WSO2 API Manager returns http 500 error code

Going thru the WSO2 API Manager logs, we noticed few occurrences where calls returned as HTTP 500 error and successful on subsequent retry by client. This does not happen all the time (at about 5% rate). And all these incidents are from the same source IP. Looking further, these calls that fails with HTTP 500, never get send to back-end endpoint for actual processing - Therefore, these calls are failed by WSO2 API Manager itself.
We have verified the CPU, Memory of WSO2 are at normal working level. Our WSO2 APIM environment is with no authorization token enabled (simple pass thru with throttle) - hence this can be counted out.
From log, the error 500 is returned almost immediate and retry typically happens within 200ms. And all these errors (about 49) happens within same hour.
We also not able to verify the exact error message as API calls is from one of our client.
Appreciate if you could list down all possibilities as why WSO2 may returned HTTP 500 in this case. Otherwise, how we able to investigate the scenario further. Thanks.
Here are relevant logs
WSO2 APIM AWS ELB access logs
$ grep 'fromIndex=394501&toIndex=395000' *.log
WSO2APIM_ELBACESS.log:2016-12-06T08:37:37.905822Z wso2-oss-server x.x.x.x:63598 x.x.x.98:8280 0.000042 0.001862 0.000023 500 500 0 293 "GET https://wso2apimanager:443/rest/request?view=full&fromIndex=394501&toIndex=395000&lastModifiedFrom=2016-12-05%2000%3A00%3A00 HTTP/1.1" "RestSharp/x.x.x.x" ECDHE-RSA-AES128-SHA TLSv1
WSO2APIM_ELBACESS.log:2016-12-06T08:37:38.102539Z wso2-oss-server x.x.x.x:63598 x.x.x.120:8280 0.000041 0.035397 0.000025 200 200 0 33 "GET https://wso2apimanager:443/rest/request?view=full&fromIndex=394501&toIndex=395000&lastModifiedFrom=2016-12-05%2000%3A00%3A00 HTTP/1.1" "RestSharp/x.x.x.x" ECDHE-RSA-AES128-SHA TLSv1
WSO2 APIM http access log
$ grep 'fromIndex=394501&toIndex=395000' *.log
http_access_2016-12-06.log_m1:x.x.x.x x.x.x.140 - - [06/Dec/2016:08:37:37 +0000] "GET /rest/request?view=full&fromIndex=394501&toIndex=395000&lastModifiedFrom=2016-12-05%2000%3A00%3A00 HTTP/1.1" - - "-" "RestSharp/x.x.x.x"
http_access_2016-12-06.log_m1:x.x.x.x x.x.x.72 - - [06/Dec/2016:08:37:37 +0000] "GET /rest/request?view=full&fromIndex=394501&toIndex=395000&lastModifiedFrom=2016-12-05%2000%3A00%3A00 HTTP/1.1" - - "-" "Synapse-PT-HttpComponents-NIO"
http_access_2016-12-06.log_m2:x.x.x.x x.x.x.140 - - [06/Dec/2016:08:37:37 +0000] "GET /rest/request?view=full&fromIndex=394501&toIndex=395000&lastModifiedFrom=2016-12-05%2000%3A00%3A00 HTTP/1.1" - - "-" "RestSharp/x.x.x.x"
Back-end AWS ELB access log
$ grep 'fromIndex=394501&toIndex=395000' *.log
BACKEND_ELBACCESS.log:2016-12-06T08:37:38.104641Z vpc-connect-api x.x.x.120:46946 x.x.x.23:80 0.000045 0.032717 0.000022 200 200 0 33 "GET http://backendserver:80/rest/request?view=full&fromIndex=394501&toIndex=395000&lastModifiedFrom=2016-12-05%2000%3A00%3A00 HTTP/1.1" "Synapse-PT-HttpComponents-NIO" - -
WSO2 API Manager 1 (wso2carbon.log)
TID: [-1234] [] [2016-12-06 08:34:47,427] INFO {org.wso2.carbon.databridge.core.DataBridge} - user admin connected {org.wso2.carbon.databridge.core.DataBridge}
TID: [-1234] [] [2016-12-06 08:35:18,069] INFO {org.apache.synapse.mediators.builtin.LogMediator} - STATUS = Message dispatched to the main sequence. Invalid URL., RESOURCE = / {org.apache.synapse.mediators.builtin.LogMediator}
TID: [-1] [] [2016-12-06 08:35:47,850] INFO {org.wso2.andes.kernel.AndesRecoveryTask} - Running DB sync task. {org.wso2.andes.kernel.AndesRecoveryTask}
TID: [-1] [] [2016-12-06 08:37:13,485] WARN {org.apache.synapse.transport.passthru.TargetHandler} - http-outgoing-16702: Connection time out while in state: REQUEST_DONE {org.apache.synapse.transport.passthru.TargetHandler}
TID: [-1234] [] [2016-12-06 08:37:13,486] WARN {org.apache.synapse.endpoints.EndpointContext} - Endpoint : admin--XXX_APIproductionEndpoint_28 will be marked SUSPENDED as it failed {org.apache.synapse.endpoints.EndpointContext}
TID: [-1234] [] [2016-12-06 08:37:13,486] WARN {org.apache.synapse.endpoints.EndpointContext} - Suspending endpoint : admin--XXX_APIproductionEndpoint_28 - current suspend duration is : 30000ms - Next retry after : Tue Dec 06 08:37:43 UTC 2016 {org.apache.synapse.endpoints.EndpointContext}
TID: [-1234] [] [2016-12-06 08:37:13,486] INFO {org.apache.synapse.mediators.builtin.LogMediator} - STATUS = Executing default 'fault' sequence, ERROR_CODE = 101507, ERROR_MESSAGE = Error in Sender {org.apache.synapse.mediators.builtin.LogMediator}
TID: [-1] [] [2016-12-06 08:37:13,487] WARN {org.apache.synapse.transport.passthru.SourceHandler} - Connection time out after request is read: http-incoming-566702 {org.apache.synapse.transport.passthru.SourceHandler}
TID: [-1234] [] [2016-12-06 08:37:13,961] INFO {org.apache.synapse.endpoints.EndpointContext} - Endpoint : admin--XXX_APIproductionEndpoint_28 currently SUSPENDED will now be marked active since it processed its last message {org.apache.synapse.endpoints.EndpointContext}
TID: [-1234] [] [2016-12-06 08:37:18,342] INFO {org.apache.synapse.mediators.builtin.LogMediator} - STATUS = Message dispatched to the main sequence. Invalid URL., RESOURCE = / {org.apache.synapse.mediators.builtin.LogMediator}
TID: [-1234] [] [2016-12-06 08:39:18,007] INFO {org.apache.synapse.mediators.builtin.LogMediator} - STATUS = Message dispatched to the main sequence. Invalid URL., RESOURCE = / {org.apache.synapse.mediators.builtin.LogMediator}
TID: [-1234] [] [2016-12-06 08:40:17,933] INFO {org.apache.synapse.mediators.builtin.LogMediator} - STATUS = Message dispatched to the main sequence. Invalid URL., RESOURCE = / {org.apache.synapse.mediators.builtin.LogMediator}
TID: [-1234] [] [2016-12-06 08:41:17,725] INFO {org.apache.synapse.mediators.builtin.LogMediator} - STATUS = Message dispatched to the main sequence. Invalid URL., RESOURCE = / {org.apache.synapse.mediators.builtin.LogMediator}
TID: [-1234] [] [2016-12-06 08:43:17,811] INFO {org.apache.synapse.mediators.builtin.LogMediator} - STATUS = Message dispatched to the main sequence. Invalid URL., RESOURCE = / {org.apache.synapse.mediators.builtin.LogMediator}
TID: [-1234] [] [2016-12-06 08:45:17,892] INFO {org.apache.synapse.mediators.builtin.LogMediator} - STATUS = Message dispatched to the main sequence. Invalid URL., RESOURCE = / {org.apache.synapse.mediators.builtin.LogMediator}
TID: [-1234] [] [2016-12-06 08:47:18,363] INFO {org.apache.synapse.mediators.builtin.LogMediator} - STATUS = Message dispatched to the main sequence. Invalid URL., RESOURCE = / {org.apache.synapse.mediators.builtin.LogMediator}
TID: [-1] [] [2016-12-06 08:50:47,850] INFO {org.wso2.andes.kernel.AndesRecoveryTask} - Running DB sync task. {org.wso2.andes.kernel.AndesRecoveryTask}
TID: [-1234] [] [2016-12-06 08:51:17,864] INFO {org.apache.synapse.mediators.builtin.LogMediator} - STATUS = Message dispatched to the main sequence. Invalid URL., RESOURCE = / {org.apache.synapse.mediators.builtin.LogMediator}
TID: [-1234] [] [2016-12-06 08:53:17,753] INFO {org.apache.synapse.mediators.builtin.LogMediator} - STATUS = Message dispatched to the main sequence. Invalid URL., RESOURCE = / {org.apache.synapse.mediators.builtin.LogMediator}
TID: [-1234] [] [2016-12-06 08:55:18,025] INFO {org.apache.synapse.mediators.builtin.LogMediator} - STATUS = Message dispatched to the main sequence. Invalid URL., RESOURCE = / {org.apache.synapse.mediators.builtin.LogMediator}
TID: [-1234] [] [2016-12-06 08:57:18,333] INFO {org.apache.synapse.mediators.builtin.LogMediator} - STATUS = Message dispatched to the main sequence. Invalid URL., RESOURCE = / {org.apache.synapse.mediators.builtin.LogMediator}
TID: [-1234] [] [2016-12-06 08:59:17,949] INFO {org.apache.synapse.mediators.builtin.LogMediator} - STATUS = Message dispatched to the main sequence. Invalid URL., RESOURCE = / {org.apache.synapse.mediators.builtin.LogMediator}
WSO2 API Manager 2 (wso2carbon.log)
TID: [-1234] [] [2016-12-06 08:34:54,620] INFO {org.wso2.carbon.databridge.core.DataBridge} - user admin connected {org.wso2.carbon.databridge.core.DataBridge}
TID: [-1234] [] [2016-12-06 08:36:18,043] INFO {org.apache.synapse.mediators.builtin.LogMediator} - STATUS = Message dispatched to the main sequence. Invalid URL., RESOURCE = / {org.apache.synapse.mediators.builtin.LogMediator}
TID: [-1] [] [2016-12-06 08:37:13,674] WARN {org.apache.synapse.transport.passthru.TargetHandler} - http-outgoing-16760: Connection time out while in state: REQUEST_DONE {org.apache.synapse.transport.passthru.TargetHandler}
TID: [-1234] [] [2016-12-06 08:37:13,692] WARN {org.apache.synapse.endpoints.EndpointContext} - Endpoint : admin--XXX_APIproductionEndpoint_28 will be marked SUSPENDED as it failed {org.apache.synapse.endpoints.EndpointContext}
TID: [-1234] [] [2016-12-06 08:37:13,693] WARN {org.apache.synapse.endpoints.EndpointContext} - Suspending endpoint : admin--XXX_APIproductionEndpoint_28 - current suspend duration is : 30000ms - Next retry after : Tue Dec 06 08:37:43 UTC 2016 {org.apache.synapse.endpoints.EndpointContext}
TID: [-1234] [] [2016-12-06 08:37:13,693] INFO {org.apache.synapse.mediators.builtin.LogMediator} - STATUS = Executing default 'fault' sequence, ERROR_CODE = 101507, ERROR_MESSAGE = Error in Sender {org.apache.synapse.mediators.builtin.LogMediator}
TID: [-1] [] [2016-12-06 08:37:13,694] WARN {org.apache.synapse.transport.passthru.SourceHandler} - Connection time out after request is read: http-incoming-566592 {org.apache.synapse.transport.passthru.SourceHandler}
TID: [-1234] [] [2016-12-06 08:37:14,331] INFO {org.apache.synapse.endpoints.EndpointContext} - Endpoint : admin--XXX_APIproductionEndpoint_28 currently SUSPENDED will now be marked active since it processed its last message {org.apache.synapse.endpoints.EndpointContext}
TID: [-1] [] [2016-12-06 08:37:14,620] WARN {org.apache.synapse.transport.passthru.TargetHandler} - http-outgoing-16759: Connection time out while in state: REQUEST_DONE {org.apache.synapse.transport.passthru.TargetHandler}
TID: [-1234] [] [2016-12-06 08:37:14,621] WARN {org.apache.synapse.endpoints.EndpointContext} - Endpoint : admin--XXX_APIproductionEndpoint_29 will be marked SUSPENDED as it failed {org.apache.synapse.endpoints.EndpointContext}
TID: [-1234] [] [2016-12-06 08:37:14,621] WARN {org.apache.synapse.endpoints.EndpointContext} - Suspending endpoint : admin--XXX_APIproductionEndpoint_29 - current suspend duration is : 30000ms - Next retry after : Tue Dec 06 08:37:44 UTC 2016 {org.apache.synapse.endpoints.EndpointContext}
TID: [-1234] [] [2016-12-06 08:37:14,621] INFO {org.apache.synapse.mediators.builtin.LogMediator} - STATUS = Executing default 'fault' sequence, ERROR_CODE = 101507, ERROR_MESSAGE = Error in Sender {org.apache.synapse.mediators.builtin.LogMediator}
TID: [-1234] [] [2016-12-06 08:37:14,818] INFO {org.apache.synapse.mediators.builtin.LogMediator} - STATUS = Executing default 'fault' sequence, ERROR_CODE = 303001, ERROR_MESSAGE = Currently , Address endpoint : [ Name : admin--XXX_APIproductionEndpoint_29 ] [ State : SUSPENDED ] {org.apache.synapse.mediators.builtin.LogMediator}
TID: [-1234] [] [2016-12-06 08:37:15,255] INFO {org.apache.synapse.mediators.builtin.LogMediator} - STATUS = Executing default 'fault' sequence, ERROR_CODE = 303001, ERROR_MESSAGE = Currently , Address endpoint : [ Name : admin--XXX_APIproductionEndpoint_29 ] [ State : SUSPENDED ] {org.apache.synapse.mediators.builtin.LogMediator}
TID: [-1234] [] [2016-12-06 08:37:29,543] INFO {org.apache.synapse.mediators.builtin.LogMediator} - STATUS = Executing default 'fault' sequence, ERROR_CODE = 303001, ERROR_MESSAGE = Currently , Address endpoint : [ Name : admin--XXX_APIproductionEndpoint_29 ] [ State : SUSPENDED ] {org.apache.synapse.mediators.builtin.LogMediator}
TID: [-1234] [] [2016-12-06 08:37:35,137] INFO {org.apache.synapse.mediators.builtin.LogMediator} - STATUS = Executing default 'fault' sequence, ERROR_CODE = 303001, ERROR_MESSAGE = Currently , Address endpoint : [ Name : admin--XXX_APIproductionEndpoint_29 ] [ State : SUSPENDED ] {org.apache.synapse.mediators.builtin.LogMediator}
TID: [-1234] [] [2016-12-06 08:37:35,568] INFO {org.apache.synapse.mediators.builtin.LogMediator} - STATUS = Executing default 'fault' sequence, ERROR_CODE = 303001, ERROR_MESSAGE = Currently , Address endpoint : [ Name : admin--XXX_APIproductionEndpoint_29 ] [ State : SUSPENDED ] {org.apache.synapse.mediators.builtin.LogMediator}
TID: [-1234] [] [2016-12-06 08:37:35,990] INFO {org.apache.synapse.mediators.builtin.LogMediator} - STATUS = Executing default 'fault' sequence, ERROR_CODE = 303001, ERROR_MESSAGE = Currently , Address endpoint : [ Name : admin--XXX_APIproductionEndpoint_29 ] [ State : SUSPENDED ] {org.apache.synapse.mediators.builtin.LogMediator}
TID: [-1234] [] [2016-12-06 08:37:36,409] INFO {org.apache.synapse.mediators.builtin.LogMediator} - STATUS = Executing default 'fault' sequence, ERROR_CODE = 303001, ERROR_MESSAGE = Currently , Address endpoint : [ Name : admin--XXX_APIproductionEndpoint_29 ] [ State : SUSPENDED ] {org.apache.synapse.mediators.builtin.LogMediator}
TID: [-1234] [] [2016-12-06 08:37:37,899] INFO {org.apache.synapse.mediators.builtin.LogMediator} - STATUS = Executing default 'fault' sequence, ERROR_CODE = 303001, ERROR_MESSAGE = Currently , Address endpoint : [ Name : admin--XXX_APIproductionEndpoint_29 ] [ State : SUSPENDED ] {org.apache.synapse.mediators.builtin.LogMediator}
TID: [-1234] [] [2016-12-06 08:37:38,327] INFO {org.apache.synapse.mediators.builtin.LogMediator} - STATUS = Executing default 'fault' sequence, ERROR_CODE = 303001, ERROR_MESSAGE = Currently , Address endpoint : [ Name : admin--XXX_APIproductionEndpoint_29 ] [ State : SUSPENDED ] {org.apache.synapse.mediators.builtin.LogMediator}
TID: [-1234] [] [2016-12-06 08:37:41,129] INFO {org.apache.synapse.mediators.builtin.LogMediator} - STATUS = Executing default 'fault' sequence, ERROR_CODE = 303001, ERROR_MESSAGE = Currently , Address endpoint : [ Name : admin--XXX_APIproductionEndpoint_29 ] [ State : SUSPENDED ] {org.apache.synapse.mediators.builtin.LogMediator}
TID: [-1234] [] [2016-12-06 08:37:41,545] INFO {org.apache.synapse.mediators.builtin.LogMediator} - STATUS = Executing default 'fault' sequence, ERROR_CODE = 303001, ERROR_MESSAGE = Currently , Address endpoint : [ Name : admin--XXX_APIproductionEndpoint_29 ] [ State : SUSPENDED ] {org.apache.synapse.mediators.builtin.LogMediator}
TID: [-1234] [] [2016-12-06 08:37:42,969] INFO {org.apache.synapse.mediators.builtin.LogMediator} - STATUS = Executing default 'fault' sequence, ERROR_CODE = 303001, ERROR_MESSAGE = Currently , Address endpoint : [ Name : admin--XXX_APIproductionEndpoint_29 ] [ State : SUSPENDED ] {org.apache.synapse.mediators.builtin.LogMediator}
TID: [-1234] [] [2016-12-06 08:38:09,156] INFO {org.apache.synapse.endpoints.EndpointContext} - Endpoint : admin--XXX_APIproductionEndpoint_29 currently SUSPENDED will now be marked active since it processed its last message {org.apache.synapse.endpoints.EndpointContext}
TID: [-1234] [] [2016-12-06 08:38:17,817] INFO {org.apache.synapse.mediators.builtin.LogMediator} - STATUS = Message dispatched to the main sequence. Invalid URL., RESOURCE = / {org.apache.synapse.mediators.builtin.LogMediator}
TID: [-1] [] [2016-12-06 08:39:16,163] WARN {org.apache.synapse.transport.passthru.SourceHandler} - Connection time out after request is read: http-incoming-566604 {org.apache.synapse.transport.passthru.SourceHandler}
TID: [-1] [] [2016-12-06 08:39:19,169] WARN {org.apache.synapse.transport.passthru.SourceHandler} - Connection time out after request is read: http-incoming-566640 {org.apache.synapse.transport.passthru.SourceHandler}
TID: [-1234] [] [2016-12-06 08:39:19,648] ERROR {org.apache.synapse.transport.passthru.PassThroughHttpSender} - Failed to submit the response {org.apache.synapse.transport.passthru.PassThroughHttpSender}
java.lang.NullPointerException
TID: [-1234] [] [2016-12-06 08:39:19,649] ERROR {org.apache.synapse.core.axis2.Axis2Sender} - Access-Control-Allow-Headers:authorization,Access-Control-Allow-Origin,Content-Type,SOAPAction,Access-Control-Allow-Methods:GET,Access-Control-Allow-Origin:*,Content-Type:application/json,<?xml version='1.0' encoding='utf-8'?><soapenv:Envelope xmlns:soapenv="http://www.w3.org/2003/05/soap-envelope"><soapenv:Body/></soapenv:Envelope> Unexpected error sending message back {org.apache.synapse.core.axis2.Axis2Sender}
org.apache.axis2.AxisFault: Failed to submit the response
at org.apache.synapse.transport.passthru.PassThroughHttpSender.handleException(PassThroughHttpSender.java:613)
at org.apache.synapse.transport.passthru.PassThroughHttpSender.invoke(PassThroughHttpSender.java:266)
at org.apache.axis2.engine.AxisEngine.send(AxisEngine.java:442)
Caused by: java.lang.NullPointerException
TID: [-1234] [] [2016-12-06 08:39:19,650] INFO {org.apache.synapse.mediators.builtin.LogMediator} - STATUS = Executing default 'fault' sequence, ERROR_CODE = 0, ERROR_MESSAGE = Access-Control-Allow-Headers:authorization,Access-Control-Allow-Origin,Content-Type,SOAPAction,Access-Control-Allow-Methods:GET,Access-Control-Allow-Origin:*,Content-Type:application/json,<?xml version='1.0' encoding='utf-8'?><soapenv:Envelope xmlns:soapenv="http://www.w3.org/2003/05/soap-envelope"><soapenv:Body/></soapenv:Envelope> Unexpected error sending message back {org.apache.synapse.mediators.builtin.LogMediator}
TID: [-1234] [] [2016-12-06 08:39:19,688] WARN {org.apache.synapse.core.axis2.Axis2Sender} - Trying to send a response to an already responded client request - Rest API Context : /rest {org.apache.synapse.core.axis2.Axis2Sender}
TID: [-1] [] [2016-12-06 08:39:20,249] WARN {org.apache.synapse.transport.passthru.ConnectCallback} - Connection refused or failed for : internal-vpc-connect-api-1883227725.ap-southeast-1.elb.amazonaws.com/x.x.x.43:80 {org.apache.synapse.transport.passthru.ConnectCallback}
TID: [-1234] [] [2016-12-06 08:39:20,252] WARN {org.apache.synapse.endpoints.EndpointContext} - Endpoint : admin--XXX_APIproductionEndpoint_29 will be marked SUSPENDED as it failed {org.apache.synapse.endpoints.EndpointContext}
TID: [-1234] [] [2016-12-06 08:39:20,254] WARN {org.apache.synapse.endpoints.EndpointContext} - Suspending endpoint : admin--XXX_APIproductionEndpoint_29 - current suspend duration is : 30000ms - Next retry after : Tue Dec 06 08:39:50 UTC 2016 {org.apache.synapse.endpoints.EndpointContext}
TID: [-1234] [] [2016-12-06 08:39:20,254] INFO {org.apache.synapse.mediators.builtin.LogMediator} - STATUS = Executing default 'fault' sequence, ERROR_CODE = 101503, ERROR_MESSAGE = Error connecting to the back end {org.apache.synapse.mediators.builtin.LogMediator}
TID: [-1234] [] [2016-12-06 08:39:20,254] ERROR {org.apache.synapse.transport.passthru.PassThroughHttpSender} - Failed to submit the response {org.apache.synapse.transport.passthru.PassThroughHttpSender}
java.lang.NullPointerException
TID: [-1234] [] [2016-12-06 08:39:20,255] ERROR {org.apache.synapse.core.axis2.Axis2Sender} - Accept-Encoding:gzip, deflate,Access-Control-Allow-Headers:authorization,Access-Control-Allow-Origin,Content-Type,SOAPAction,Access-Control-Allow-Methods:GET,Access-Control-Allow-Origin:*,Content-Type:application/xml,password:Hjfawx99##,username:lynn#heatherjames.com,X-Forwarded-For:76.79.103.18,X-Forwarded-Port:443,X-Forwarded-Proto:https,<?xml version='1.0' encoding='utf-8'?><soapenv:Envelope xmlns:soapenv="http://www.w3.org/2003/05/soap-envelope"><soapenv:Body><am:fault xmlns:am="http://wso2.org/apimanager"><am:code>101503</am:code><am:type>Status report</am:type><am:message>Runtime Error</am:message><am:description>Error connecting to the back end</am:description></am:fault></soapenv:Body></soapenv:Envelope> Unexpected error sending message back {org.apache.synapse.core.axis2.Axis2Sender}
org.apache.axis2.AxisFault: Failed to submit the response
at org.apache.synapse.transport.passthru.PassThroughHttpSender.handleException(PassThroughHttpSender.java:613)
at org.apache.synapse.transport.passthru.PassThroughHttpSender.invoke(PassThroughHttpSender.java:266)
at org.apache.axis2.engine.AxisEngine.send(AxisEngine.java:442)
Caused by: java.lang.NullPointerException
TID: [-1234] [] [2016-12-06 08:39:20,255] INFO {org.apache.synapse.mediators.builtin.LogMediator} - STATUS = Executing default 'fault' sequence, ERROR_CODE = 101503, ERROR_MESSAGE = Error connecting to the back end {org.apache.synapse.mediators.builtin.LogMediator}
TID: [-1234] [] [2016-12-06 08:39:20,256] WARN {org.apache.synapse.core.axis2.Axis2Sender} - Trying to send a response to an already responded client request - Rest API Context : /rest {org.apache.synapse.core.axis2.Axis2Sender}
TID: [-1] [] [2016-12-06 08:39:22,936] WARN {org.apache.synapse.transport.passthru.ConnectCallback} - Connection refused or failed for : internal-vpc-connect-api-1883227725.ap-southeast-1.elb.amazonaws.com/x.x.x.43:80 {org.apache.synapse.transport.passthru.ConnectCallback}
TID: [-1234] [] [2016-12-06 08:39:22,942] WARN {org.apache.synapse.endpoints.EndpointContext} - Endpoint : admin--XXX_APIproductionEndpoint_29 will be marked SUSPENDED as it failed {org.apache.synapse.endpoints.EndpointContext}
TID: [-1234] [] [2016-12-06 08:39:22,945] WARN {org.apache.synapse.endpoints.EndpointContext} - Suspending endpoint : admin--XXX_APIproductionEndpoint_29 - last suspend duration was : 30000ms and current suspend duration is : 30000ms - Next retry after : Tue Dec 06 08:39:52 UTC 2016 {org.apache.synapse.endpoints.EndpointContext}
TID: [-1234] [] [2016-12-06 08:39:22,945] INFO {org.apache.synapse.mediators.builtin.LogMediator} - STATUS = Executing default 'fault' sequence, ERROR_CODE = 101503, ERROR_MESSAGE = Error connecting to the back end {org.apache.synapse.mediators.builtin.LogMediator}
TID: [-1234] [] [2016-12-06 08:39:23,363] INFO {org.apache.synapse.mediators.builtin.LogMediator} - STATUS = Executing default 'fault' sequence, ERROR_CODE = 303001, ERROR_MESSAGE = Currently , Address endpoint : [ Name : admin--XXX_APIproductionEndpoint_29 ] [ State : SUSPENDED ] {org.apache.synapse.mediators.builtin.LogMediator}
x 34 of similiar logs
TID: [-1234] [] [2016-12-06 08:39:52,303] INFO {org.apache.synapse.mediators.builtin.LogMediator} - STATUS = Executing default 'fault' sequence, ERROR_CODE = 303001, ERROR_MESSAGE = Currently , Address endpoint : [ Name : admin--XXX_APIproductionEndpoint_29 ] [ State : SUSPENDED ] {org.apache.synapse.mediators.builtin.LogMediator}
TID: [-1234] [] [2016-12-06 08:39:53,910] INFO {org.apache.synapse.endpoints.EndpointContext} - Endpoint : admin--XXX_APIproductionEndpoint_29 currently SUSPENDED will now be marked active since it processed its last message {org.apache.synapse.endpoints.EndpointContext}
TID: [-1234] [] [2016-12-06 08:42:19,456] INFO {org.apache.synapse.mediators.builtin.LogMediator} - STATUS = Message dispatched to the main sequence. Invalid URL., RESOURCE = / {org.apache.synapse.mediators.builtin.LogMediator}
TID: [-1] [] [2016-12-06 08:42:56,120] INFO {org.wso2.andes.kernel.AndesRecoveryTask} - Running DB sync task. {org.wso2.andes.kernel.AndesRecoveryTask}
TID: [-1234] [] [2016-12-06 08:44:18,039] INFO {org.apache.synapse.mediators.builtin.LogMediator} - STATUS = Message dispatched to the main sequence. Invalid URL., RESOURCE = / {org.apache.synapse.mediators.builtin.LogMediator}
TID: [-1234] [] [2016-12-06 08:46:17,939] INFO {org.apache.synapse.mediators.builtin.LogMediator} - STATUS = Message dispatched to the main sequence. Invalid URL., RESOURCE = / {org.apache.synapse.mediators.builtin.LogMediator}
TID: [-1234] [] [2016-12-06 08:46:36,177] WARN {org.wso2.carbon.apimgt.keymgt.service.thrift.APIKeyValidationServiceImpl} - Invalid session id for thrift authenticator. {org.wso2.carbon.apimgt.keymgt.service.thrift.APIKeyValidationServiceImpl}
TID: [-1234] [] [2016-12-06 08:46:36,177] ERROR {org.wso2.carbon.apimgt.keymgt.service.thrift.APIKeyValidationServiceImpl} - Error in invoking validate key via thrift.. {org.wso2.carbon.apimgt.keymgt.service.thrift.APIKeyValidationServiceImpl}
TID: [-1234] [] [2016-12-06 08:46:36,177] WARN {org.wso2.carbon.apimgt.gateway.handlers.security.thrift.ThriftKeyValidatorClient} - Login failed.. Authenticating again.. {org.wso2.carbon.apimgt.gateway.handlers.security.thrift.ThriftKeyValidatorClient}
TID: [-1234] [] [2016-12-06 08:46:36,231] INFO {org.wso2.carbon.core.services.util.CarbonAuthenticationUtil} - 'admin#carbon.super [-1234]' logged in at [2016-12-06 08:46:36,231+0000] from IP address {org.wso2.carbon.core.services.util.CarbonAuthenticationUtil}
TID: [-1234] [] [2016-12-06 08:48:17,776] INFO {org.apache.synapse.mediators.builtin.LogMediator} - STATUS = Message dispatched to the main sequence. Invalid URL., RESOURCE = / {org.apache.synapse.mediators.builtin.LogMediator}
TID: [-1234] [] [2016-12-06 08:49:18,033] INFO {org.apache.synapse.mediators.builtin.LogMediator} - STATUS = Message dispatched to the main sequence. Invalid URL., RESOURCE = / {org.apache.synapse.mediators.builtin.LogMediator}
TID: [-1234] [] [2016-12-06 08:50:17,748] INFO {org.apache.synapse.mediators.builtin.LogMediator} - STATUS = Message dispatched to the main sequence. Invalid URL., RESOURCE = / {org.apache.synapse.mediators.builtin.LogMediator}
TID: [-1234] [] [2016-12-06 08:52:18,419] INFO {org.apache.synapse.mediators.builtin.LogMediator} - STATUS = Message dispatched to the main sequence. Invalid URL., RESOURCE = / {org.apache.synapse.mediators.builtin.LogMediator}
TID: [-1234] [] [2016-12-06 08:54:18,051] INFO {org.apache.synapse.mediators.builtin.LogMediator} - STATUS = Message dispatched to the main sequence. Invalid URL., RESOURCE = / {org.apache.synapse.mediators.builtin.LogMediator}
TID: [-1234] [] [2016-12-06 08:56:17,815] INFO {org.apache.synapse.mediators.builtin.LogMediator} - STATUS = Message dispatched to the main sequence. Invalid URL., RESOURCE = / {org.apache.synapse.mediators.builtin.LogMediator}
TID: [-1] [] [2016-12-06 08:57:56,120] INFO {org.wso2.andes.kernel.AndesRecoveryTask} - Running DB sync task. {org.wso2.andes.kernel.AndesRecoveryTask}
TID: [-1234] [] [2016-12-06 08:58:18,054] INFO {org.apache.synapse.mediators.builtin.LogMediator} - STATUS = Message dispatched to the main sequence. Invalid URL., RESOURCE = / {org.apache.synapse.mediators.builtin.LogMediator}
From your logs you can see that your backend was suspended and that is the cause of your 500 error. APIM will unsuspend the endpoint after a set time out period and allow you to try the endpoint again. It seems the backend was having some issues where it was most of the time working but sometimes unavailable causing the suspension of the endpoint.
Since this report is so old I'm using the most current documentation. You can see the same error code of 303001 on the Endpoint Suspension page.
I further created a quick demo of this situation using APIM 4.1.0 on my laptop and used an endpoint url of bogus.endpoint which of course will not resolve. I received the following message back using postman:
{
"code": "303001",
"type": "Status report",
"message": "Runtime Error",
"description": "Currently , Address endpoint : [ Name : DemoSuspention--vv1_APIproductionEndpoint ] [ State : SUSPENDED ]"
}
And it gave me a status result of: 500 Internal Server Error 40 ms 732 B
Normally when I run into this type of situation I reach out to the technical point of contact for the backend and report what I'm seeing. They normally can locate some kind of issue in their logs and then address it by either restarting a server or fixing a bug depending on what is found.