Why can't I upload the API Analytics car into the API Manager admin?
There is a warning that says :
Undeploying Faulty Carbon Application On : C:\WSO2AM~1.0\bin\..\repository\deployment\server\carbonapps\API_Manager_Analytics.car {org.wso2.carbon.application.deployer.CappAxis2Deployer}
TID: [-1234] [] [2016-09-23 14:36:10,436] INFO {org.wso2.carbon.application.deployer.internal.ApplicationManager} - Deploying Carbon Application : API_Manager_Analytics.car... {org.wso2.carbon.application.deployer.internal.ApplicationManager}
TID: [-1234] [] [2016-09-23 14:36:10,618] WARN {org.wso2.carbon.application.deployer.internal.ApplicationManager} - No artifacts found to be deployed in this server. Ignoring Carbon Application : API_Manager_Analytics.car {org.wso2.carbon.application.deployer.internal.ApplicationManager}
First of all, Analytics car files should be installed in DAS, not in APIM.
If you want to install any (other) car file in APIM, make sure you set Server Role as Api Manager in each artifact in the car.
Related
While trying to configure Mutual SSL for an API, below error is thrown:
TID: [-1234] [] [2020-01-14 11:43:09,542] ERROR {org.wso2.carbon.apimgt.gateway.handlers.security.authenticator.MutualSSLAuthenticator} - Mutual SSL authentication failure
TID: [-1234] [] [2020-01-14 11:43:09,544] WARN {org.wso2.carbon.apimgt.gateway.handlers.security.APIAuthenticationHandler} - API authentication failure due to Invalid Credentials
<ams:fault xmlns:ams="http://wso2.org/apimanager/security"><ams:code>900901</ams:code><ams:message>Invalid Credentials</ams:message><ams:description>Invalid Credentials. Make sure you have provided the correct security credentials</ams:description></ams:fault>
For this API, only "Transport Level Security" is kept mandatory whereas "Application Level Security" is kept as optional. Please advise on how to achieve mutual SSL working on the wso2 API Manager 3.0.0
If you are watched this video, you will figure out how to achieve mutual SSL working on the WSO2 API Manager 3.0.0. It has clearly explained how mutual SSL working with WSO2 API manager
I just downloaded and installed WSO2 API Manager to a Linux server. As per the installation guide, I have not made any changes.
The only wrinkle I had was that the wso2server.sh script did not have execute permission so I set that manually. I did not check or modify any other permissions.
After startup, I am able to access each of the Admin, Publisher and Store apps.
In the Admin app, the first screen shows the message: "No tasks assigned to the login user or no connectivity with BPS engine."
When I dig into the logs, I see this entry in wso2carbon.log
TID: [-1234] [] [2017-03-02 10:26:12,049] WARN {JAGGERY.site.blocks.user.login.ajax.login:jag} - Not Retrieving Pending Tasks. Check BPS Connectivity. java.lang.IllegalArgumentException: Illegal character in authority at index 8: https://<BPSHost>:<BPSPort>/services/AuthenticationAdmin {JAGGERY.site.blocks.user.login.ajax.login:jag}
the wso2-apigw-errors.log has a largely identical error
2017-03-02 10:26:12,049 [-] [http-nio-9443-exec-17] WARN login:jag Not Retrieving Pending Tasks. Check BPS Connectivity. java.lang.IllegalArgumentException: Illegal character in authority at index 8: https://<BPSHost>:<BPSPort>/services/AuthenticationAdmin
This may or may not be relevant, I am also seeing warnings about being unable to flush and lock system prefs, even though its successfully creating the directory earlier.
TID: [-1234] [] [2017-03-02 09:28:30,285] INFO {java.util.prefs.FileSystemPreferences$1} - Created user preferences directory. {java.util.prefs.FileSystemPreferences$1}
TID: [-1] [] [2017-03-02 11:11:19,058] WARN {java.util.prefs.FileSystemPreferences} - Could not lock System prefs. Unix error code 32645. {java.util.prefs.FileSystemPreferences}
TID: [-1] [] [2017-03-02 11:11:19,058] WARN {java.util.prefs.FileSystemPreferences} - Couldn't flush system prefs: java.util.prefs.BackingStoreException: Couldn't get file lock. {java.util.prefs.FileSystemPreferences}
I am assuming I need to configure or download something else to get this work. Please advise!
I am not sure what your use case is. You can integrate a BPS engine with WSO2 API Manager for the following tasks.
User Signup Workflow
Application Creation Workflow
Application Registration Workflow
API Subscription Workflow
This blog explains how you can integrate WSO2 Business Process Server with WSO2 API Manager. You can check the official documentation which explains the avaiable workflow extensions.
You are getting this warning message when you are logging to admin portal as it checks if there are any pending approval tasks. You can ignore this warning if you are not using any BPS integrations. Based on your use case you can add a BPS engine for workflows.
When i have a single adfs configured as a identity server on wso2, authentication from wso2 fails with the below error.
ator returned: INCOMPLETE TID: [-1234] [] [2017-02-24 06:50:04,580]
DEBUG
{org.wso2.carbon.identity.application.authentication.framework.handler.step.impl.DefaultStepHandler}
- SAMLSSOAuthenticator is redirecting TID: [-1234] [] [2017-02-24 06:50:04,580] DEBUG
{org.wso2.carbon.identity.application.authentication.framework.handler.sequence.impl.DefaultStepBasedSequenceHandler}
- Step is not complete yet. Redirechttp://stackoverflow.com/questionsting to outside. TID: [-1234]
[] [2017-02-24 06:50:09,958] DEBUG
{org.wso2.carbon.identity.application.authentication.framework.util.FrameworkUtils}
- Authentication Context is null TID: [-1234] [] [2017-02-24 06:50:09,959] DEBUG
{org.wso2.carbon.identity.application.authentication.framework.handler.request.impl.DefaultRequestCoordinator}
- Session data key is null in the request TID: [-1234] [] [2017-02-24 06:50:09,959] ERROR
{org.wso2.carbon.identity.application.authentication.framework.handler.request.impl.DefaultRequestCoordinator}
- Context does not exist. Probably due to invalidated cache
At the same time if there are more than one federated authentication say 2 adfs servers configured on wso2 as identity server and using the advanced configuration option on wso2-sp , authentication from travelocity is happening fine.
please guide what am i missing here.
This is supported out-of-the-box with Identity Server 5.1.0 M3 onwards. If you are to use this with Identity Server 5.0.0 (with SP 1) you’ll need to some modifications to the source. The details can be found at [1] & [2].
Follow Document[3] for more details for Setting ADFS 3.0 as a Federated Authenticator in WSO2 Identity Server
[1] - https://wso2.org/jira/browse/IDENTITY-3181
[2] - https://wso2.org/jira/browse/IDENTITY-3349
[3] - https://omindu.wordpress.com/2015/06/19/setting-ad-fs-3-0-as-federated-authenticator-in-wso2-identity-server/
I have setup a WSO2 Identity Server 5.0.0 and I was able to login to carbon managment console with the user "admin". But when I try to login to dashboard, it failed.
Been troubleshooting and reading the documentation and stackoverflow for clue but couldn't find one and I am not sure which part of the configuration I did wrong.
Following are the things that I set for my WSO2IS:
I change the host name from localhost to my server ip in the following files:
repository/conf/carbon.xml
repository/conf/identity.xml
repository/conf/security/sso-idp-config.xml
repository/conf/security/saml2.federation.properties
repository/conf/security/authenticators.xml
repository/conf/tomcat/catalina-server.xml
I also did the same steps indicated in this Cannot see any option in WSO2 Identity Server dashboard
Following are the server log produced from the server where I setup the WSO2IS
[2015-08-10 11:47:48,530] INFO {org.wso2.carbon.core.init.CarbonServerManager} - Repository : /opt/WSO2/wso2is-5.0.0/repository/deployment/server/
[2015-08-10 11:47:49,038] INFO {org.wso2.carbon.core.internal.permission.update.PermissionUpdater} - Permission cache updated for tenant -1234
[2015-08-10 11:47:49,774] INFO {org.wso2.carbon.identity.application.mgt.ui.internal.ApplicationMgtUIServiceComponent} - Application Management UI bundle acticated!
[2015-08-10 11:47:49,944] INFO {org.wso2.carbon.identity.sso.saml.admin.FileBasedConfigManager} - A SSO Service Provider is registered for : wso2.my.dashboard
[2015-08-10 11:47:50,039] INFO {org.wso2.carbon.idp.mgt.internal.IdPManagementServiceComponent} - Identity Application Management Database initialization not attempted since 'setup' variable was not provided during startup
[2015-08-10 11:47:50,299] INFO {org.wso2.carbon.identity.core.internal.IdentityCoreServiceComponent} - Identity Database schema initialization check was skipped since 'setup' variable was not given during startup
[2015-08-10 11:47:51,868] INFO {org.wso2.carbon.core.transports.http.HttpsTransportListener} - HTTPS port : 9443
[2015-08-10 11:47:51,868] INFO {org.wso2.carbon.core.transports.http.HttpTransportListener} - HTTP port : 9763
[2015-08-10 11:47:53,001] INFO {org.wso2.carbon.core.init.JMXServerManager} - JMX Service URL : service:jmx:rmi://172.18.64.178:11111/jndi/rmi://172.18.64.178:9999/jmxrmi
[2015-08-10 11:47:53,001] INFO {org.wso2.carbon.core.internal.StartupFinalizerServiceComponent} - Server : WSO2 Identity Server-5.0.0
[2015-08-10 11:47:53,002] INFO {org.wso2.carbon.core.internal.StartupFinalizerServiceComponent} - WSO2 Carbon started in 109 sec
[2015-08-10 11:47:53,410] INFO {org.wso2.carbon.ui.internal.CarbonUIServiceComponent} - Mgt Console URL : https://172.18.64.178:9443/carbon/
[2015-08-10 11:47:54,205] INFO {org.wso2.carbon.identity.entitlement.internal.EntitlementServiceComponent} - Started thrift entitlement service at port:10500
[2015-08-10 11:48:09,003] INFO {org.wso2.carbon.identity.entitlement.internal.SchemaBuilder} - XACML policy schema loaded successfully.
[2015-08-10 11:49:08,437] INFO {org.wso2.carbon.core.services.util.CarbonAuthenticationUtil} - 'WSO2/admin#carbon.super [-1234]' logged in at [2015-08-10 11:49:08,437+0800]
[2015-08-10 11:49:24,528] INFO {JAGGERY.login:jag} - connecting to https://172.18.64.178:9443/services
[2015-08-10 11:49:43,806] INFO {org.wso2.carbon.core.internal.permission.update.PermissionUpdater} - Permission cache updated for tenant -1234
[2015-08-10 11:49:43,847] ERROR {org.wso2.carbon.identity.authenticator.saml2.sso.SAML2SSOAuthenticator} - Authentication Request is rejected. Authorization Failure.
[2015-08-10 11:49:43,848] WARN {org.wso2.carbon.core.services.util.CarbonAuthenticationUtil} - Failed Administrator login attempt 'admin[-1234]' at [2015-08-10 11:49:43,848+0800]
A reason for this issue can be the user you try to login does not have log permission. Therefore Can you please check the user has login permission
You can view roles and users from the Identity Server management console.
I'm using the WSO2 ESB version 4.0.3, with some features installed like: Identity Provider, Identity SAML2.0 Single Sign-on, Identity XACML, also BPEL, Data Services Hosting etc.
Following the instructions from here, I set up SSO Authentication for the ESB Management Console. The sign-in works just fine, but not the sign-out. In the log I can see the following information:
TID: [] [WSO2 ESB] [2012-06-08 18:12:59,592]
INFO {org.wso2.carbon.identity.authenticator.saml2.sso.SAML2SSOAuthenticator} -
'admin' logged out at [2012-06-08 18:12:59,0592]
{org.wso2.carbon.identity.authenticator.saml2.sso.SAML2SSOAuthenticator}
after what I get errors. Furthermore, in the browser shows like I'm still logged in.
Here are the errors I'm getting:
TID: [] [WSO2 ESB] [2012-06-08 18:13:03,581]
WARN {org.wso2.carbon.server.admin.module.handler.AuthenticationHandler} -
Illegal access attempt at [2012-06-08 18:13:03,0581] from IP address :
Service is RegistryAdminService {org.wso2.carbon.server.admin.module.handler.AuthenticationHandler}
TID: [] [WSO2 ESB] [2012-06-08 18:13:03,584]
ERROR {org.apache.axis2.engine.AxisEngine} -
Access Denied. Please login first. {org.apache.axis2.engine.AxisEngine}
...
TID: [] [WSO2 ESB] [2012-06-08 18:13:03,599]
ERROR {org.wso2.carbon.ui.clients.RegistryAdminServiceClient} -
Error occurred while checking registry mode {org.wso2.carbon.ui.clients.RegistryAdminServiceClient}
org.apache.axis2.AxisFault: Access Denied. Please login first.
...
TID: [] [WSO2 ESB] [2012-06-08 18:13:03,879]
ERROR {org.wso2.carbon.server.admin.ui.ServerAdminClient} -
Cannot get server data. Backend service may be unavailable {org.wso2.carbon.server.admin.ui.ServerAdminClient}
org.apache.axis2.AxisFault: Access Denied. Please login first.
Am I missing something in the configuration? If not, can someone please explain what is happening?
Note: The errors are repeating.
These repetitive errors means you are logged out from the back end, and it tries to refresh a page like Carbon home page or statistics page by invoking the corresponding BE services.
Is WSO2 IS running as a separate node or the necessary IdP features are installed in ESB?
Thilina