I'm using WSO2 API MANAGER VERSION 1.10.0
Sample API published with script description in publisher portal
and i open the api detail in store portal
setting carbon.xml is below
<XSSPreventionConfig>
<Enabled>true</Enabled>
<Rule>allow</Rule>
<!--Patterns>
<Pattern></Pattern>
</Patterns-->
</XSSPreventionConfig>
How can I solve it with setting?
You can download security patches for APIM 1.10.0 from here. This is already fixed in them.
Related
Something similar is happening to me. I'm quite new in WSO2 world.
On the same server I have installed:
wso2am-4.1.0 --> API Manager executed as linux service (api-manager.sh) wso2ei-7.1.0 --> Micro Integrator and dashboard , both exec. as linux services. MI is the last one to load.
I'm not using the embedded micro-integration of the API Mgr due it hasn't got any dataservice features (and I don't know how to enable them, by the way..)
Under Micro Integrator (wso2ei-7.1.0)'s conf/deployment.toml file, I have this section:
[[service_catalog]]
apim_host = "https://localhost:9443"
enable = true
username = "xxxxxxxx"
password = "xxxxxxxx"
BUT,no integrated service published to the service catalog. ALSO, under Micro Integrator's LOG I didn't see any statement like : "Succesfully updated the Service Catalog" nor error msg..
Any help? Thanks in advance! Daniel
I tried changing the conf file settings, service url, etc..
The service catalog feature is only available in MI 4.x versions.
You can manually create the API in the API Manager by importing the OpenAPI(Swagger) definition.
In order to use API Manager's Service Catalog feature, both API Manager and Micro-integrator should be on the same version.
You need to use Micro-integrator 4.1.0 along with API Manager 4.1.0 to use this capability.
I'm using the api manager with the default port
https://hostname:9443/publisher/apis
which was installed by my coworker, he happened to be unreachable and I need to know the version of the wso2 api manager? any suggestion
Few options available.
In the footer section of the publisher, you should see the API Manager version.
You can log into https://hostname:9443/carbon
You can try https://hostname:9443/carbon/product/about.html
I'm following below links for publishing WSO2 statistics. But i'm getting "405 method not allowed" when i login to https://localhost:9443/admin-dashboard. So i'm unable to enable the statistics.
I'm using ws02 API 2.0 and ws02API analytics 2.0.
Could anyone help me on this.
Thanks,
Santosh
#santosh.a
I assume you have configured apim_wso2metrics_db datasource as common database for wso2am and wso2am-analytics. Next,Follow documentation to configure wso2am-analytics with wso2am-api-manager. Configuring APIM Analytics. Most important Step 2: Edit <APIM_HOME>/repository/conf/api-manager.xml and enable analytics and check the DASServerURL and DASRestApiURL, make sure it is pointing to analytics server IP.
Once configuration is enabled. you will be able to see analytics on API Store and API Publisher under statistics sections. You can also go to dashboard by https://<wso2am-analytics>/portal
How to integrate WSO2 am 1.10.0 with PingFederate SAML 2.0? Any instructions?
From WSO2 web site, I only saw docs on how to set up SSO among WSO2 products: https://docs.wso2.com/display/AM1100/Configuring+Single+Sign-on+with+SAML2 . But I did not see documentation on how to enable WSO2 AM 1.10.0 with external identity providers such as PingFederate via SAML2.
Any help is appreciated.
*** UPDATE:
I followed the instructions here https://docs.wso2.com/display/AM1100/Configuring+Single+Sign-on+with+SAML2 - just assuming WSO2 IS as PingIdentity. For the mojority part it's working, but I cannot generate keys when subscribing to an API. It says "invalid credentials" even if I have logged into applications and subscriptions and can create applications from /store UI.
I can confirm that this can be done without adding a separate wso2 IS server into the picture. I fixed several issues (Cannot generate keys, cannot publish APIs, etc..) by: What I did to fix the issue was to 1) add admin user inside ApiKeyValidaor in api-manager.xml also into admin user via management console and into user-mgt.xml; 2) Inside api-manager.xml:
Change the following:
https://${carbon.local.ip}:${mgt.transport.https.port}${carbon.context}/services/
to: https://[FQDN_OF_HOST}:${mgt.transport.https.port}${carbon.context}/services/
Reason is my server certificate only recorded the domain name, not ip address.
The solution was also mentioned here: wso2 am 1.10.0 API Store: "Error occurred while executing the action generateApplicationKey" with " Invalid credentials provided."
Basically, you can do this by adding PingFederate as an IDP in WSO2 AM and configuring federated SAML SSO configurations. An example of how to achieve this with Shibboleth is given in [1]. You can follow the same steps to do any configurations according to your requirement.
Refer [2] for configuring SAML SSO Federated authenticator in general
[1] https://docs.wso2.com/display/IS510/How+To%3A+Configure+Shibboleth+IdP+as+a+Trusted+Identity+Provider
[2] https://docs.wso2.com/display/IS510/Configuring+SAML+2.0+Web+SSO
I am trying to use wso2 ESB server as a PEP, I already have wso2 identity server acting as the PDP and an application hosted on wso2 Application server. I have uploaded policies into identity server and I was wondering if there any tutorials out there that both show and explain how to make this happen. I have tried the blog http://wso2.org/library/articles/2011/08/finegrained-authorization-restful-services-xacml but it has not worked. any direction on how to turn esb into a pep would be appreciated
You can use wso2 esb Entitlement mediator. Have a look at following guide which explains how we can add fine grained authorization to proxy services.
http://docs.wso2.org/wiki/display/IS400/Adding+Fine-grained+Authorization+for+Proxy+Services+in+ESB