I am trying to make /oauth2/token API call from reactjs fronted and getting CORS error.
My friend asked the same question and got answer for the same also.
Please open the link for solution.
WSO2 IS returns CORS error when wrong credentials sent
But when I am trying to perform the same in WSO2IS 5.9.0 the configuration is getting overwritten to the default config.
How to perform this in 5.9.0 using deployment.toml file?
As I have mentioned in that earlier answer you need to add the given tomcat filter in the web.xml.j2 file in the path repository/resources/conf/templates/repository/conf/tomcat. The .j2 files will not get replaced by the deployment.toml at the server startup.
We are using wso2ei 6.4.0 for SOAP and REST service mediation, some services are required to sign the requests or validate the message signature.
Deploying to Kubernetes I'm considering to migrate to WSO2EI 7 (which is Ballerina based), however at this point I am unable to find out how to secure (sign or validate) the SOAP payload.
At this point the only option I see is implementing the signing on my own (by XML manipulation or custom Java code).
Is it really so or do we have any other (robust, out of box) options to enforce WS-Policy requirements?
Edit:
I found the wso2/soap module, which only supports UsernameToken (password and digest), which is already basic, but apparently we will need to extend it :(
I am verifying the Websocket support in WSO2 API manager for one of my requirement. By default, WSO2 API Manager provides the options for configuring "WS" protocol and able to access it. But I couldn't find any configuration for "WSS" protocol support.
Is there any limitation in WSO2 API manager or is there any documentation available?
Thanks,
Sow
WebSocket support is available by default in WSO2 API Manager. Related transport configurations should be available inside the axis2.xml configuration file. You can find related documentation in the WSO2 API Manager documentation.
https://docs.wso2.com/display/AM260/Create+a+WebSocket+API
When using wss endpoint, we were able to observe some errors and we were able to get rid of the errors with the following approach.
Please include the following parameter in the SecureWebSocketInboundEndpoint.xml file which resides in the <APIM_HOME>/repository/deployment/server/synapse-configs/default/inbound-endpoints directory.
TLSv1.1,TLSv1.2
Also, please remove the following parameters from the same SecureWebSocketInboundEndpoint.xml file if the following parameters(wss.ssl.trust.store.file and wss.ssl.trust.store.pass) exist in the file.
repository/resources/security/client-truststore.jks
wso2carbon
Please use the following sample web socket client to try out and run the WSS client. Please change the variable carbonKeyStoreLocation to point to <API-M_HOME>/repository/resources/security/wso2carbon.jks. Note that port for the WSS API is 8099.
You can download the WSS client in the following WSO2 official documentation under the WSS Support section. (In the second step.)[1] Further please change the access token, web socket endpoint and the carbonKeyStoreLocation with your one to try out the scenario.
[1] https://docs.wso2.com/display/AM260/Create+a+WebSocket+API
I'm trying to use the REST API for BPMN following the documentation, but even the most basic requests such as
https://localhost:9443/bpmn/repository/deployments
or
https://localhost:9443/bpmn/repository/process-definitions
return the following error
{"statusCode":400,"errorMessage":"javax.ws.rs.InternalServerErrorException.validate(Ljavax/ws/rs/core/Response;Ljavax/ws/rs/core/Response$Status;)Ljavax/ws/rs/core/Response;"}
I'm using BPS server 3.5.1 with Oracle JDK 1.8.0_77, as it was downloaded, with the only addition of a BPMN process to test its dashboard. The service is run as root (via sudo)
What can be done to fix this?
Thanks
I tried it on postman and it works perfectly. Please choose the correct request type (GET, POST, PUT or DELETE), if not the following error will be thrown on the server side:
javax.ws.rs.ClientErrorException.validate(Ljavax/ws/rs/core/Response;Ljavax/ws/rs/core/Response$Status$Family;)Ljavax/ws/rs/core/Response;
I am configuring our API Manager, but running into troubles authenticating via OAuth, seems to be an issue with the API Key Manager. I haven't dug into it yet, but does this come with the API Manager (as I have assumed) or is this a separate installation?
I had the same issue when using the wso2 api manager on a Amazon hosted machine, turn out that Thrift was not working correctly because some problem with multicasting and broadcasting.
What I did to get it working was to switch from ThriftClient to WSClient. If you have a huge amount of requests coming in then Thrift is the recommended solution from wso2 but in any "normal" case you will not have any differences between thrift and WS.
Here is how you switch:
Shut down the API Manager
Open up <api manager install dir>\repository\conf\api-manager.xml
Find ThriftClient
Change this to
<KeyValidatorClientType>WSClient</KeyValidatorClientType>
Start the API Manager
You may get some Warnings while starting up but, try it before you jump to the conclusion that it doesn't work.
Hope it helps!
you can use APIM manager product in a distributed setup as keymanger,gateway,store,publisher..but all functionality come in a single distribution.. ..
Go through the documentation for further guides
I was facing the same issue. Everything started when I created my own jks in order to use SSL without a self-signed certificate. I successfully created the jks and changed it in the carbon file. When I started the server, everything seemed ok; but when I used SOAPUI to test an API call, I got this (in the logs of the api manager):
APIAuthenticationHandler API authentication failure due to Unclassified Authentication Failure
I started digging what was the problem by enabling Debug level in the log4j.properties file, and then tried again a tested with SOAPUI and I got:
APISecurityException: Could not connect to <my api ip address> on port 10397
Then, I read the comment of OneMuppet and I checked that file and I found that the Thrift config has a host option, so I uncommented it:
<KeyValidatorClientType>ThriftClient</KeyValidatorClientType>
<ThriftClientPort>10397</ThriftClientPort>
<ThriftClientConnectionTimeOut>10000</ThriftClientConnectionTimeOut>
<ThriftServerPort>10397</ThriftServerPort>
This Line --> <ThriftServerHost>localhost</ThriftServerHost>
<EnableThriftServer>true</EnableThriftServer>
Save, restarted the server and everything start working correctly.
I got the same below issue after my installation, when i try to invoke the api service it is throwing below error:
900900 Unclassified Authentication Failure Error while accessing backend services for API key validation
After some random checks i have seen the axis2.xml file in /repository/conf/axis2 there it is refering a differnt ip's instead. I change these ip's to my local ip and restarted. The issue is resolved now.
I was facing the same issue. when I was trying to setup API Manager as an API Gateway in a different machine as per the steps given here,
https://docs.wso2.com/display/AM250/Publish+through+Multiple+API+Gateways
Once the setup is done and when I am trying to use this gateway URL, I was getting the below response,
{"fault":{"code":900900,"message":"Unclassified Authentication Failure","description":"Error while accessing backend services for API key validation"}}
After changing the KeyValidatorClientType value to WSClient from ThriftClient on the <api manager install dir>\repository\conf\api-manager.xml
It started working fine. And I was able to get the expected response.
If you changed the admin password, then you also have to update the repository/conf/api-manager.xml file with the new password. The 2 places I have changed (so far) are:
<AuthManager>
and
<APIKeyManager>
but there are other admin usernames in that file. No doubt, I'll get to them....