EI611 with kafka connector latest throwing error :
org.apache.kafka.common.KafkaException: Exception while loading
Zookeeper JAAS login context 'Client' . . . . Caused by:
java.lang.SecurityException: java.io.IOException:
C:\WSO2EI~1.1\bin..\repository\conf\identity\jaas.conf (No such file
or directory)
This error was posted by someone else too :
wso2 Inbound endpoint - Kafka consumer
Does anybody find the solution? Do you know how to fix?
If you need to configure Kafka without security, the recommonded version is 0.8.1.1.
From Kafka version 0.9 onwards, they have introduced Kafka security mechanism with SSL and SASL, which will be configured via JAAS. So, when configuring Kafka with WSO2 Products (EI, DAS, CEP) you need to add this config file (jaas.conf) to /repository/conf/identity.
In this case, WSO2 product acts as the Kafka client and the configuration in the jaas.conf will be used to login to the kafka server. Please follow the Kafka security documentation [1] for configuring security for server and client.
Example content for jaas.conf file which is configured for SASL/ Plaintext.
KafkaServer {
org.apache.kafka.common.security.plain.PlainLoginModule required
username="kafka"
password="kafka-secret"
user_kafka="kafka-secret"
user_ibm="ibm-secret";
};
KafkaClient {
org.apache.kafka.common.security.plain.PlainLoginModule required
username="kafka"
password="kafka-secret";
};
Please note that kafka 0.9 supports only SASL/Kerberos authentication. Please carefully follow the Kafka security documentation related to your Kafka version and configure it properly.
[1] http://kafka.apache.org/090/documentation.html#security_sasl
Related
my scenario is about two servers one running wso2 api manager and one running wso2 analytics and I want to show statics of api manager on analytics server .how to configure this servers? (analytics dashboard conf , analytics worker conf , api manager conf) thanx
WARN {org.wso2.msf4j.internal.MSF4JHttpConnectorListener} - Unmapped exception
feign.RetryableException: No subject alternative names matching IP address 192.168.115.132
found executing GET https://192.168.115.132:9443/api/am/admin/v1/custom-urls/carbon.super
This is due to the hostname verification. The recommended option is to use proper certs with hostnames. Otherwise, you can disable hostname verification by adding the following.
hostnameVerificationEnabled: false
https://github.com/wso2/docker-apim/blob/3.2.x/docker-compose/apim-with-analytics/conf/apim-analytics-dashboard/conf/dashboard/deployment.yaml#L25
I have 2 WSO2 Enterprise Integrator behind a load balancer.
I want to activate the tomcat http session replication, and followed the WSO2 documentation.
It seems quite simple :
Add
<Cluster className="org.wso2.carbon.core.session.CarbonTomcatSimpleTcpCluster"/>
and
<Valve className="org.wso2.carbon.webapp.mgt.session.CarbonTomcatSessionReplicationValve"/>
in catalina-server.xml, and make application distributable by adding <distributable/>
in web.xml.
Badly, it seems that WSO2 add some non serializable attributes to the session, making the replication fail.
When I try to connect to the carbon application, I get the following exception :
ERROR - ApplicationDispatcher Servlet.service() for servlet bridgeservlet threw exception java.lang.IllegalArgumentException: setAttribute: Non-serializable attribute CarbonAuthenticator
at org.apache.catalina.session.StandardSession.setAttribute(StandardSession.java:1453)
at org.apache.catalina.session.StandardSession.setAttribute(StandardSession.java:1413)
at org.apache.catalina.session.StandardSessionFacade.setAttribute(StandardSessionFacade.java:149)
at org.eclipse.equinox.http.servlet.internal.HttpSessionAdaptor.setAttribute(HttpSessionAdaptor.java:96)
at org.wso2.carbon.ui.tracker.AuthenticatorRegistry.getCarbonAuthenticator(AuthenticatorRegistry.java:82)
at org.wso2.carbon.ui.CarbonUILoginUtil.getAuthenticator(CarbonUILoginUtil.java:69)
at org.wso2.carbon.ui.CarbonSecuredHttpContext.handleSecurity(CarbonSecuredHttpContext.java:76)
at org.eclipse.equinox.http.servlet.internal.ServletRegistration.service(ServletRegistration.java:60)
at org.eclipse.equinox.http.servlet.internal.ProxyServlet.processAlias(ProxyServlet.java:128)
at org.eclipse.equinox.http.servlet.internal.ProxyServlet.service(ProxyServlet.java:68)
Precision : I tried with a fresh WSO2EI 6.1.1 installation, doing only the previously described modifications.
I also had to manually add tomcat-juli-7.0.75.jar and tomcat-trives-7.0.75.jar on wso2/lib/endorsed to avoid ClassNotFoundException.
I checked the WSO2 source code, and saw that the CarbonAuthenticator class is effectively non serializable.
Does anyone already configured the http session replication successfully ?
Thanks in advance,
Regards,
Laurent
I recently updated my environment from WSO2 IS 5.0.0 to WSO2 IS 5.2.0. My environment consists of 2 machines that are creating a cluster (using the WKA membership scheme and Load Balancer(AWS ELB) with sticky session enabled). I am using MySQL(not the default H2 database). The machines on which the IS is deployed are Windows Server 2012 R2 (EC2 AWS machines).
I ensured that the "IS_HOME\repository\conf\datasources\master-datasources.xml" is configured the same way on both machines and that they are using the exact same MySQL data sources. Also I am sure that the correct database is referenced in user-mgt.xml and identity.xml.
I have two worker nodes under AWS ELB as mentioned above. When the cluster was configured the following instructions were used:
https://docs.wso2.com/display/CLUSTER44x/Clustering+Identity+Server+5.1.0
I have application which is using the clientID and clientSecret of one of the service providers. I am using the authorization_code grant type. When I try to login in my application and I am redirected to NODE1 I receive authorization code and I am trying to get access token by calling: https://URL/oauth2/token?client_id=CLIENT_ID&redirect_uri=REDIRECT_URId&client_secret=CLIENT_SECRET&grant_type=authorization_code&code=AUTH_CODE.
If this request is processed by NODE1 I receive access token and everything is fine. However if the mentioned above request is processed by NODE2, I receive the following:
{
"error": "invalid_grant",
"error_description": "Error when validating an authorization code"
}
I am able to see the generated authorization code in the IDN_OAUTH2_AUTHORIZATION_CODE table. I double checked that the machine clocks are synchronized and are using NTP, but I am not able to validate authorization code generated by NODE1 through NODE2 and vice versa.
If I am running single node configuration, no such issues is reproduced.
I am not seeing any errors in wso2carbon.log regarding this issue.
I have patch0481 applied to my system.
Could this be some sort of configuration issue? If so in which configuration files I should take a look?
Thanks in advance.
Using WSO2 API Manager 1.3 and WSO2 BAM 2.0.
I followed the instructions found in the README.txt in /statistics.
I am getting the following error when starting API Manager:
TID: [0] [AM] [2013-05-02 11:42:44,239] ERROR
{org.wso2.carbon.apimgt.usage.publisher.APIMgtUsageDataBridgeDataPublisher}
- Error initializing APIMgtUsageDataBridgeDataPublisher {org.wso2.carbon.apimgt.usage.publisher.APIMgtUsageDataBridgeDataPublisher}
org.wso2.carbon.databridge.agent.thrift.exception.AgentException:
Error when finding event stream definition for :
org.wso2.apimgt.statistics.request 1.0.0
Any suggestions on where to start looking for the issue?
It looks like you have not properly configured WSO2 API Manager 1.3 to work with WSO2 BAM.
For proper configuration follow the official docs[1]
This issue might also occur When you set an offset to BAM by 1 as described in the README.txt, as it needs its Cassandra DB configurations to be changed for the offset by 1 at BAM_HOME/repository/conf/etc/cassandra-component.xml. Therefore follow the like provided[1] where we change the API Manager's offset.
Suho
[1]http://docs.wso2.org/wiki/display/AM130/Monitoring+and+Statistics
I have implemented a new Broker by extending the BrokerType and BrokerTypeFactory.
I wanted to deploy this new Broker to WSO2 CEP.
I created a broker.xml and placed it in repository/conf directory
<brokerTypes xmlns="wso2.org/carbon/broker">
<brokerType name="jmsQbroker" class="org.wso2.carbon.broker.core.internal.broker.jms.generic.GenericJMSQueueBrokerType" /> </brokerTypes>
However this causes NullPointer exception ( in BrokerManagerAdminServer at line 149) when i browse to the Broker List page in the webconsole, and none of the brokers are shown.
Can you please help me in understanding how can i deploy my new broker without affecting the existing ones
There were some issues when deploying external brokers to earlier versions of CEP, This issue is fixed (from CEP 2.1.0).
you can find a guide on writing a custom broker at http://suhothayan.blogspot.com/2013/02/writing-custom-broker-for-wso2-cep.html
and you will be able to download CEP 2.1.0 RC from : https://svn.wso2.org/repos/wso2/people/suho/packs/cep/wso2cep-2.1.0-RC1.zip