I'm using wso2-am 2.
I have enabled analytics (from api-manager.xml) and modified DASServerURL to use port 7714 instead of 7712.
But I'm getting theses exception:
org.wso2.carbon.databridge.agent.exception.DataEndpointSecurityException: Error while trying to connect to ssl://localhost:7712
at org.wso2.carbon.databridge.agent.endpoint.thrift.ThriftSecureClientPoolFactory.createClient(ThriftSecureClientPoolFactory.java:61)
It look like it is still using the old port 7712?
A second question, I know that the api manager is persisting the configuration in it's database, so my question is: if i modify for example api-manager.xml, will it update the new setting in the DB or how to force this update?
Thanks
You have to change port settings in two places.
<APIM_HOME>/repository/conf/api-manager.xml
<APIM_HOME>/repository/conf/log4j.properties only if you have added DAS_AGENT to log4j.rootLogger
By default analytics distribution port offset set to 1 in carbon.xml. But it seems you have set it to 3. Make sure to change the port in above two places.
The answer to your second question is, API-M persist API data in the database. There are certain server configurations such as user data, registry data persisted in the database. But above configuration is not persisted and if you changed it, you have to restart the server to effect that.
Hope this would help you.
1.if your DAS offset is 3. You should set the tcp port is 7614 and restart your APIM. your 7612 is configed in apim, cannot change on admin-dashboard.
2.when you change the *.properties or *.xml.I suggest you restart your app.
Related
I am doing a POC with my team as we are introducing WSO2 components and am working with the API Manager 3.0.
I seem to be having issues loading the WSO2 API Manager / API Publisher on the defined URL;
https://[ip address]/publisher
The page is not loading and I keep getting a spinning circle.
Steps I have taken:
Stop API Manager at command prompt with [Ctrl + C] command
Modified deployment.toml file specified paths for the localhost to our IP Address, API [publisher, gateway and store] URL values to use our IP Address as well.
Changed carbon.xml and api_manager.xml
Start API Manager with wso2server.bat --run command
Issues are as follows;
api_manager.xml values are reset to localhost and not the IP Address I modified it to.
The API Publisher page is not loading and I am not able to get to the API Publisher login page.
I am an administrator on the Windows Server hosting this, so all changes are made as admin.
First of all, APIM 3.0 has a new config model, where all configurations are available (only) in deployment.toml. All other configurations are populated based on that, and shouldn't be changed manually.
Second, you don't need to replace all occurrences of localhost to IP as many are local calls.
Third, the correct URL should have the port, unless you have a reverse proxy in front of API.
eg. https://[ip address]:9443/publisher
Sounds good and thanks for the input. I will give this a try and post back to the thread.
I am using the IP and Port for now with no reverse proxy but plan to add one, once I can get through this part.
Much appreciated.
Ok, I have some paramters defined in registry of management console :
<parameter key="conf:/repository/FilePattern" name="transport.vfs.FileNamePattern"/>
I initially defined a value in console and after deploying a CAR file, it worked.
When I modify the registry parameter in console with new value, it is not picked by my deployment CAR.
Do I need to restart the EI611 server
with integrator.bat --run everytime, I change the value of parameter defined in the registry?
EI611 is running locally on my laptop with default setup, OOTB.
This is most probably due to the registry cache. As a workaround, you can disable registry caching in <ESB_HOME>/repository/conf/registry.xml (or <EI_HOME>/conf/registry.xml), while you're in the development phase. Make sure to have caching enabled in production though.
<enableCache>false</enableCache>
With no replies from WSO2, I conclude that registry values change only, after restarting server. changing
enableCache
parameter to
false/true
in registry.xml did not help.
With no replies from WSO2, I believe that changing parameters, enableCache or DefaultcacheTimeout in
registry.xml
carbon.xml
respectively, did not help. Restarting the server, was the only option.
I try to use WSO2 ESB at workplace where Proxy Server is available.
Set Proxy Server settings in axis2.xml,
Install certificate.
Initialize Salesforce connector(Salesforce certificate has been installed).
Test the API, run into an exception - SOAPProcessingException,
Really appreciate if someone can give ideas of solution.
First of all I have tried this type of a scenario using WSO2 ESB 4.9.0 and which was perfectly working fine. By looking at your error messages I can see that there was an Authentication failure, hence Sales Force end point returns some HTML error message. The ESB tries to build this HTML error message using the SOAP builder leading to this situation.
This could be due to some missing configuration in your setting. You may follow [1] to enable HTTP Proxy to Sales Force. Then to setup Sales Force [2] will be helpful.
Couple of thing I need to highlight here. Did you import the Salesforce certificate into the ESBs client trust store using the keytool import command. If not please go ahead and do so. Also is there a particular reason for you to use NHTTP transport here. Ideally we would use Passthrough transport to add the proxy host as given in [1].
If you still get the error after following the above steps please enable the wirelogs and post it here to investigate further. Follow these steps to enable wirelogs.
Open log4j.properties file from a text editor.
log4j.properties file is located in $ESB_HOME/repository/conf directory.
Un-comment the following entry.
log4j.logger.org.apache.synapse.transport.http.wire=DEBUG
Hope this helps you.
[1] https://docs.wso2.com/display/ESB470/Enabling+SSL+Tunneling+through+a+Proxy+Server
[2]https://docs.wso2.com/display/ESBCONNECTORS/Working+with+Salesforce+Connector+Operations
I am executing sample programm of wso2. I have installed wso2is on different machine and tomcat is on local machine. I have changed localhost:9443 to my ipaddress(eg 192.168.1.xxx) from travelocity.properties and avi.properties. But when I execute sample from click on login button it always redirecting me localhost and giving error.
I think you need to try the following,
While the tomcat is running,
Open the travelocity.war with an archive manager
Edit the travelocity.properties file,
update SAML2.IdPURL value
eg : SAML2.IdPURL=https://192.168.1.7:9443/samlsso
Save and update the travelocity.com web app
Restart the tomcat server just to be sure (You don't really have to do this since tomcat hot deploys once it detects a change)
I tried this locally and it redirected me to the IP address I put in SAML2.IdpURL. Clearly the problem seems to be a configuration error on the travelocity.com web app side :)
You need to change <HostName> and <MgtHostName> attributes at repository/conf/carbon.xml of your Identity Server with your IP address. By default they are set as localhost, so when logging it will be redirected to location specified there.
I am configuring our API Manager, but running into troubles authenticating via OAuth, seems to be an issue with the API Key Manager. I haven't dug into it yet, but does this come with the API Manager (as I have assumed) or is this a separate installation?
I had the same issue when using the wso2 api manager on a Amazon hosted machine, turn out that Thrift was not working correctly because some problem with multicasting and broadcasting.
What I did to get it working was to switch from ThriftClient to WSClient. If you have a huge amount of requests coming in then Thrift is the recommended solution from wso2 but in any "normal" case you will not have any differences between thrift and WS.
Here is how you switch:
Shut down the API Manager
Open up <api manager install dir>\repository\conf\api-manager.xml
Find ThriftClient
Change this to
<KeyValidatorClientType>WSClient</KeyValidatorClientType>
Start the API Manager
You may get some Warnings while starting up but, try it before you jump to the conclusion that it doesn't work.
Hope it helps!
you can use APIM manager product in a distributed setup as keymanger,gateway,store,publisher..but all functionality come in a single distribution.. ..
Go through the documentation for further guides
I was facing the same issue. Everything started when I created my own jks in order to use SSL without a self-signed certificate. I successfully created the jks and changed it in the carbon file. When I started the server, everything seemed ok; but when I used SOAPUI to test an API call, I got this (in the logs of the api manager):
APIAuthenticationHandler API authentication failure due to Unclassified Authentication Failure
I started digging what was the problem by enabling Debug level in the log4j.properties file, and then tried again a tested with SOAPUI and I got:
APISecurityException: Could not connect to <my api ip address> on port 10397
Then, I read the comment of OneMuppet and I checked that file and I found that the Thrift config has a host option, so I uncommented it:
<KeyValidatorClientType>ThriftClient</KeyValidatorClientType>
<ThriftClientPort>10397</ThriftClientPort>
<ThriftClientConnectionTimeOut>10000</ThriftClientConnectionTimeOut>
<ThriftServerPort>10397</ThriftServerPort>
This Line --> <ThriftServerHost>localhost</ThriftServerHost>
<EnableThriftServer>true</EnableThriftServer>
Save, restarted the server and everything start working correctly.
I got the same below issue after my installation, when i try to invoke the api service it is throwing below error:
900900 Unclassified Authentication Failure Error while accessing backend services for API key validation
After some random checks i have seen the axis2.xml file in /repository/conf/axis2 there it is refering a differnt ip's instead. I change these ip's to my local ip and restarted. The issue is resolved now.
I was facing the same issue. when I was trying to setup API Manager as an API Gateway in a different machine as per the steps given here,
https://docs.wso2.com/display/AM250/Publish+through+Multiple+API+Gateways
Once the setup is done and when I am trying to use this gateway URL, I was getting the below response,
{"fault":{"code":900900,"message":"Unclassified Authentication Failure","description":"Error while accessing backend services for API key validation"}}
After changing the KeyValidatorClientType value to WSClient from ThriftClient on the <api manager install dir>\repository\conf\api-manager.xml
It started working fine. And I was able to get the expected response.
If you changed the admin password, then you also have to update the repository/conf/api-manager.xml file with the new password. The 2 places I have changed (so far) are:
<AuthManager>
and
<APIKeyManager>
but there are other admin usernames in that file. No doubt, I'll get to them....