I Installed IoT Server 3.1.0 and I launched the change-ip.sh script to change the hostname (iot.wso2.com) and create a new wildcard certificate *.wso2.com.
Carbon access in IoT-Core (hostname "iot.wso2.com") and IoT-Analytics (hostname "iot-das.wso2.com") is OK, but when I try to access the IoT Broker Carbon Interface (hostname iot-mb.wso2.com) I have:
Error 403 - Forbidden
No error messages on wso2carbon.log, also with all DEBUG switch on.
We have blocked the carbon console access for message broker intentionally as it has no use. But we are in the process of creating UI to view and access the MQTT messages and statistics. But that is not yet completed and will be available on next release version.
http://wso2-oxygen-tank.10903.n7.nabble.com/IoTS-MB-Backend-APIs-for-MQTT-related-informations-and-MQTT-management-UI-td145972.html
Carbon console access is only available with IoT core and Analytics server. But not with message broker.
Related
I'm unable login into Wso2 APIM and showing invalid login details but yesterday it was working fine and able to login.
Apim version: 3.2.0.
Identity server wso2 is-km: 5.10.0
I have not changed any of the configuration.
My Wso2 APIM is integrated with wso2 Is.
Below error:
2022-03-07 13:58:07,464] INFO - TimeoutHandler This engine will expire all callbacks after GLOBAL_TIMEOUT: 120 seconds, irrespective of the timeout action, after the specified or optional timeout
[2022-03-07 13:58:07,749] ERROR - OAuth2Service Error while finding application state for application with client_id: oYDtSc**************
After that tried logging into Wso2 Identify server with admin as usually but not data it showing like list of users and list of identity providers but previously I saw list of providers etc.
Please help me in this situation.
I am running WSO2 APIM 3.2.0 and Analytics 3.2.0 on different client servers. I did all the required settings to configure WSO2 APIM with WSO2 Analytics. Started both the servers successfully and WSO2 APIM URL's open well. But, when I open the Analytics Dashboard URL (https://<Analytics_Host>:9643/analytics-dashboard/login), I get the below warning in the dashboard server logs, and the login page does not appear. Only a blank screen appears.
WARN {org.wso2.msf4j.internal.MSF4JHttpConnectorListener} - Unmapped
exception feign.RetryableException: No subject alternative names
matching IP address <APIM_IP> found executing GET
https://<APIM_Host>:9443/api/am/admin/v0.16/custom-urls/carbon.super
In the browser console I can see errors as shown in the below screenshot.
One more thing I noticed is in the management console of WSO2 APIM, difference in Service Providers list when compared with my local. I didn't find all the service providers on the client server which I can see on my local.
WSO2 APIM Carbon Console Service Providers list on my local:
WSO2 APIM Carbon Console list on the client server:
Am I missing out on some configurations? Need suggestions on this issue.
I've got WSO2 IS running and a service provider that has SAML inbound authentication set up. I've enabled the "Enable Signature Validation in Authentication Requests and Logout Requests" checkbox for the SAMl service provider.
If I send an AuthnRequest that is not properly signed, it will error. However, if I send a LogoutRequest with no signature (or with a signature made from a completely different cert/key), it will log my user out without error. How can I enable actual signature validation WSO2 IS?
I'm running the latest WSO2 Docker Container. I believe that is IS 5.7.0 according to this startup logging:
Starting WSO2 Carbon...
Operating System : Linux 4.9.93-linuxkit-aufs, amd64
Java Home : /home/wso2carbon/java/jre
Java Version : 1.8.0_144
Java VM : Java HotSpot(TM) 64-Bit Server VM 25.144-b01,Oracle Corporation
Carbon Home : /home/wso2carbon/wso2is-5.7.0
Java Temp Dir : /home/wso2carbon/wso2is-5.7.0/tmp
Seems the signature validation [1] is skipping in the logout request due to an issue in the code. Please refer the git issue [2] to track this.
[1] https://github.com/wso2-extensions/identity-inbound-auth-saml/blob/ee338982c1add8f75f1132a6b3bacb30cee7989b/components/org.wso2.carbon.identity.sso.saml/src/main/java/org/wso2/carbon/identity/sso/saml/processors/SPInitLogoutRequestProcessor.java#L130
[2] https://github.com/wso2/product-is/issues/4048
the wso2 API Manager it's working normaly but the analytics inside the wso2-am and the product wso2-am Analytics doesn't works
I execute all the steps describes in the documentation of the wso2-apim Analytics (Quick Setup and
Standard Setup) but nothing works.
when I was configuring the Enterprise Integrator the analytics has'nt work but when I configured the "synapse.properties" file the analytics started to work normaly.
it's important to know that the wso2-ei, wso2-am and wso2-am Analytics is running in the same machine.
Enterprise Integrator offset = 0
API Manager Offset = 4
API Manager Analytics - Offset = 5
the documentation of WSO2 Administration Guide "Default Ports of WSO2 Products" it is a folow description:
for API Manager:
7711 + Port offset of the APIM Analytics Server - Thrift SSL port for secure transport when publishing analytics to the API Manager Analytics server.
for Enterprise Integrator:
7712 - Thrift SSL port for secure transport, where the client is authenticated to DAS
I verifyed the log file "wso2server.log" of the wso2-am and I see the folow error:
ERROR - Error while trying to connect to the endpoint. Cannot borrow client for ssl://localhost:7712
ERROR - Thrift exception
I don't know if the fact of the wso2-am Analytics isn't work it's related to the error showing in the log of the wso2-am.
someone can help me to make the wso2-am Analytics works normaly?
I have installed WSO2 IOT Server and I am trying to understand it...
My principal objective is to make some IOT Device send data through MQTT.
But I can't even connect to MQTT with Mqtt.fx... I am using tcp://localhost:1886 as the broker URL address even though in the broker.xml config file it's said that the port is 1883 - It doesn't work either. I uses admin as the login and password, but I get an error:
[2017-03-31 10:40:07,861] [IoT-Broker] INFO {org.dna.mqtt.moquette.messaging.sp
i.impl.ProtocolProcessor} - Lost connection with client 5354d06fb5694b5cb65f07c
f3c62fa23
[2017-03-31 10:40:07,863] [IoT-Broker] WARN {org.dna.mqtt.moquette.messaging.sp
i.impl.ProtocolProcessor} - MQTTAuthorizationSubject for client ID 5354d06fb569
4b5cb65f07cf3c62fa23 is not removed since the entry does not exist
What am I doing wrong ?
Second issues, I can't access to WSO2 Message Broker management... I get an Error 403 Forbidden when I use https://localhost:9446/carbon. And I don't know how to access the WSO2 Message Broker when I am on the WSO2 IOT Server management page. (https://localhost:9443/carbon which works)
MQTT broker in wso2 IoT Server has a pluggable authentication and authorization, by default it comes with an OAuth based authentication, where it uses an empty password and uses an OAuth token for the username. You can generate a token by following the docs in https://docs.wso2.com/display/AM200/Password+Grant.
Implementation of this extension is explained in [1] and [2].
[1] https://medium.com/#ayyoobhamza/authentication-and-authorization-extension-for-mqtt-wso2-message-broker-2495fb2fa56e
[2] https://medium.com/#ayyoobhamza/oauth-authentication-and-authorization-with-mqtt-for-iot-devices-a42019187a05