Unable to issue valid access token from WSO2 IS 5.0.0 - wso2

I am running WSO2 IS 5.0.0. I have the SP for IS 5.0.0 applied along with all the other security patches issued for that version for Identity Server and Carbon 4.2.0. My environment consists of 4 machines that are creating a cluster (using the WKA membership scheme and Load Balancer with sticky session). I am using MySQL(not the default H2 database). The machines on which the IS is deployed are Windows Server 2012 R2 (EC2 AWS machines).
The PRODUCT_HOME/repository/conf/identity.xml has the following configuration:
<JDBCPersistenceManager>
<DataSource>
<Name>jdbc/WSO2CarbonDB</Name>
</DataSource>
<SessionDataPersist>
<Enable>true</Enable>
<RememberMePeriod>20060</RememberMePeriod>
<CleanUp>
<Enable>true</Enable>
<Period>1440</Period>
<TimeOut>20160</TimeOut>
</CleanUp>
<Temporary>false</Temporary>
</SessionDataPersist>
</JDBCPersistenceManager>
<SessionContextCache>
<Enable>true</Enable>
<Capacity>100000</Capacity>
</SessionContextCache>
<OAuth>
<AuthorizationCodeDefaultValidityPeriod>300</AuthorizationCodeDefaultValidityPeriod>
<AccessTokenDefaultValidityPeriod>1800</AccessTokenDefaultValidityPeriod>
<UserAccessTokenDefaultValidityPeriod>1800</UserAccessTokenDefaultValidityPeriod>
<RefreshTokenValidityPeriod>31540000</RefreshTokenValidityPeriod>
<TimestampSkew>10</TimestampSkew>
<EnableOAuthCache>false</EnableOAuthCache>
<RenewRefreshTokenForRefreshGrant>true</RenewRefreshTokenForRefreshGrant>
</OAuth>
Sporadically I receive the following error in the Identity Server console log(when issuing access token using the client_credentials grant type and openid scope):
ERROR {org.wso2.carbon.identity.openidconnect.DefaultIDTokenBuilder} - Error occurred while getting access token based information
ERROR {org.wso2.carbon.identity.oauth2.OAuth2Service} - Error when issuing the access token.
org.wso2.carbon.identity.oauth2.IdentityOAuth2Exception: Error occurred while getting access token based information
at org.wso2.carbon.identity.openidconnect.DefaultIDTokenBuilder.getAccessTokenIssuedTime(DefaultIDTokenBuilder.java:348)
at org.wso2.carbon.identity.openidconnect.DefaultIDTokenBuilder.buildIDToken(DefaultIDTokenBuilder.java:141)
at org.wso2.carbon.identity.oauth2.token.AccessTokenIssuer.issue(AccessTokenIssuer.java:212)
at org.wso2.carbon.identity.oauth2.OAuth2Service.issueAccessToken(OAuth2Service.java:177)
at org.wso2.carbon.identity.oauth.endpoint.token.OAuth2TokenEndpoint.getAccessToken(OAuth2TokenEndpoint.java:233)
at org.wso2.carbon.identity.oauth.endpoint.token.OAuth2TokenEndpoint.issueAccessToken(OAuth2TokenEndpoint.java:108)
at sun.reflect.GeneratedMethodAccessor57.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:606)
at org.apache.cxf.service.invoker.AbstractInvoker.performInvocation(AbstractInvoker.java:180)
at org.apache.cxf.service.invoker.AbstractInvoker.invoke(AbstractInvoker.java:96)
at org.apache.cxf.jaxrs.JAXRSInvoker.invoke(JAXRSInvoker.java:194)
at org.apache.cxf.jaxrs.JAXRSInvoker.invoke(JAXRSInvoker.java:100)
at org.apache.cxf.interceptor.ServiceInvokerInterceptor$1.run(ServiceInvokerInterceptor.java:57)
at org.apache.cxf.interceptor.ServiceInvokerInterceptor.handleMessage(ServiceInvokerInterceptor.java:93)
at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:271)
at org.apache.cxf.transport.ChainInitiationObserver.onMessage(ChainInitiationObserver.java:121)
at org.apache.cxf.transport.http.AbstractHTTPDestination.invoke(AbstractHTTPDestination.java:239)
at org.apache.cxf.transport.servlet.ServletController.invokeDestination(ServletController.java:223)
at org.apache.cxf.transport.servlet.ServletController.invoke(ServletController.java:203)
at org.apache.cxf.transport.servlet.ServletController.invoke(ServletController.java:137)
at org.apache.cxf.transport.servlet.CXFNonSpringServlet.invoke(CXFNonSpringServlet.java:159)
at org.apache.cxf.transport.servlet.AbstractHTTPServlet.handleRequest(AbstractHTTPServlet.java:286)
at org.apache.cxf.transport.servlet.AbstractHTTPServlet.doPost(AbstractHTTPServlet.java:206)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:755)
at org.apache.cxf.transport.servlet.AbstractHTTPServlet.service(AbstractHTTPServlet.java:262)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:305)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:222)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:123)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:472)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:171)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:99)
at org.wso2.carbon.tomcat.ext.valves.CompositeValve.continueInvocation(CompositeValve.java:178)
at org.wso2.carbon.tomcat.ext.valves.CarbonTomcatValve$1.invoke(CarbonTomcatValve.java:47)
at org.wso2.carbon.webapp.mgt.TenantLazyLoaderValve.invoke(TenantLazyLoaderValve.java:56)
at org.wso2.carbon.tomcat.ext.valves.TomcatValveContainer.invokeValves(TomcatValveContainer.java:47)
at org.wso2.carbon.tomcat.ext.valves.CompositeValve.invoke(CompositeValve.java:141)
at org.wso2.carbon.tomcat.ext.valves.CarbonStuckThreadDetectionValve.invoke(CarbonStuckThreadDetectionValve.java:156)
at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:936)
at org.wso2.carbon.tomcat.ext.valves.CarbonContextCreatorValve.invoke(CarbonContextCreatorValve.java:52)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:118)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:407)
at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1004)
at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:589)
at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.run(NioEndpoint.java:1653)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
at java.lang.Thread.run(Thread.java:745)
I am still trying to isolate the exact scenario which is causing the system to behave this way.
When this particular error is logged in the Identity Server console log, I get the following in the http_access log (PRODUCT_HOME/repository/logs/http_access_DATE.log)
172.31.26.60 - - [09/Sep/2016:07:18:28 +0000] "POST /oauth2/token?grant_type=client_credentials&scope=openid HTTP/1.1" 400 82 "-" "-"
As end result I receive the following as response:
error: "server_error"
error_description: "Error when issuing the access token"
I tried updating the PRODUCT_HOME/repository/conf/identity.xml file by setting the EnableOAuthCache to TRUE:
<EnableOAuthCache>true</EnableOAuthCache>
Then I restarted all the Identity Server instances (as I mentioned I have 4 machines in WKA cluster). Everything was going well until one day we started receiving access token which is invalid.
After digging further into this particular issue, I was able to find out that for some reason the Identity Server was returning two access tokens. The one was valid and the other not. Still I was using the exact same POST request for retrieving access token with client_credentials grant type. Usually after issuing the access token I am executing get request to the userinfo endpoint and it turned out that only one of the access tokens is valid.
The mentioned above is also randomly happening. Usually after 10-15 mins, the invalid token is not returned anymore and the system is stabilized.
When the issue is experienced the following is logged in the Identity Server console log:
ERROR{org.wso2.carbon.identity.oauth2.dao.TokenPersistenceTask} - org.wso2.carbon.identity.oauth2.IdentityOAuth2Exception: Error when getting an Identity Persistence Store instance.
No additional information or stack trace.
Also the invalid access token which is returned does not exist in the database.
My system relies on these access tokens and when I am not able to retrieve these or I retrieve invalid token and not able to call the userinfo endpoint I am experiencing downtime. The last time it was about 15-20 mins.
So my questions are:
1. Has someone else observed such behavior or is it a known issue? If so is there a workaround for it or some sort of patch that could be applied?
2. If not do you think it might be some sort of configuration issue? If so which configuration files you think should be modified?
3. Do you think this behavior might be related to the WKA Cluster configuration?
4. Do you think this might be related to the usage of MySQL?
Thank you for your time and consideration.

It's better to use the latest release in the identity server. You can go to the WSO2 Identity Server page and download the latest version.

Related

unable to login to the wso2 IS-KM 5.10.0

I am using wso2 ID server as KM 5.10.0 with API manager 3.1.0 . This is very basic issue. In my previous attempts I was able to login to the Wso2 Id server. But by mistake I started two instances of the ID server. After that I killed both the processes which are running and tried starting only one instance. after that I am unable to login to the wso2 ID server. I tried restarting whole linux system and try to login but still I am getting the below exception.
[2020-06-23 12:02:43,999] [50882c23-5ee1-4406-ae80-0a688cb89a4e] ERROR {org.wso2.carbon.tomcat.ext.valves.CarbonContextCreatorValve} - Could not handle request: /carbon java.lang.NullPointerException
at org.wso2.carbon.tomcat.ext.internal.Utils.getAppNameFromRequest(Utils.java:101)
at org.wso2.carbon.tomcat.ext.valves.CarbonContextCreatorValve.initCarbonContext(CarbonContextCreatorValve.java:80)
at org.wso2.carbon.tomcat.ext.valves.CarbonContextCreatorValve.invoke(CarbonContextCreatorValve.java:56)
at org.wso2.carbon.tomcat.ext.valves.RequestEncodingValve.invoke(RequestEncodingValve.java:49)
at org.wso2.carbon.tomcat.ext.valves.RequestCorrelationIdValve.invoke(RequestCorrelationIdValve.java:119)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:74)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:343)
at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:367)
at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:65)
at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:868)
at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1639)
at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)
at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128)
at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628)
at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
at java.base/java.lang.Thread.run(Thread.java:834)
Please let me know how to resolve this issue.

Unable to use WSO2 Identity Server for OIDC.Getting could not handle request /oauth2/authorize exception

I am using WSO2 Identity Server as KM 5.10.0 . I want to configure my web service as service provider and use the oauth/OIDC login provided by wso2 IS. When my web server is redirecting to wso2 for the authentication, I get the below exception.
ERROR {org.wso2.carbon.tomcat.ext.valves.CarbonContextCreatorValve} - Could not handle request: /oauth2/authorize java.lang.NullPointerException
at org.wso2.carbon.tomcat.ext.internal.Utils.getAppNameFromRequest(Utils.java:101)
at org.wso2.carbon.tomcat.ext.valves.CarbonContextCreatorValve.initCarbonContext(CarbonContextCreatorValve.java:80)
at org.wso2.carbon.tomcat.ext.valves.CarbonContextCreatorValve.invoke(CarbonContextCreatorValve.java:56)
at org.wso2.carbon.tomcat.ext.valves.RequestEncodingValve.invoke(RequestEncodingValve.java:49)
at org.wso2.carbon.tomcat.ext.valves.RequestCorrelationIdValve.invoke(RequestCorrelationIdValve.java:119)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:74)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:343)
at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:367)
at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:65)
at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:868)
at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1639)
at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)
at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128)
at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628)
at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
at java.base/java.lang.Thread.run(Thread.java:834)
I have correctly registered my webserver in wso2 ID server in "Add service provider section". Also generated the client secret and client key in the process. I am using authorization code grant type.
Please let me know why such exception is thrown, how to debug this

'Read Time Out' between wso2 APIM and APIM-Analytics

Canario:
APIM and APIM-Analytics (both in 2.6.0) at the same localhost machine.
Identity Server in other Machine
Use the doc to make configuration between APIM and Analytics.
Setup te Datasources for external Oracle DB instance:
IS strat Ok, Analytics Worker start ok, Analytics Dashboard Start Ok, Analytics Manager Start Ok
After default configuration, Apim start with connection issue:
...
ERROR{org.wso2.carbon.databridge.agent.endpoint.DataEndpointConnectionWorker} -
Error while trying to connect to the endpoint. Cannot borrow client for
ssl://localhost:7712.
{org.wso2.carbon.databridge.agent.endpoint.DataEndpointConnectionWorker}
org.wso2.carbon.databridge.agent.exception.DataEndpointLoginException:
Cannot borrow client for ssl://localhost:7712.
at
org.wso2.carbon.databridge.agent.endpoint.DataEndpointConnectionWorker.connect(DataEndpointConnectionWorker.java:134)
at org.wso2.carbon.databridge.agent.endpoint.DataEndpointConnectionWorker.run(DataEndpointConnectionWorker.java:59)
at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511)
at java.util.concurrent.FutureTask.run(FutureTask.java:266)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
at java.lang.Thread.run(Thread.java:748)
Caused by: org.wso2.carbon.databridge.agent.exception.DataEndpointLoginException: Error while trying to login to the data receiver.
at org.wso2.carbon.databridge.agent.endpoint.thrift.ThriftDataEndpoint.login(ThriftDataEndpoint.java:54)
at org.wso2.carbon.databridge.agent.endpoint.DataEndpointConnectionWorker.connect(DataEndpointConnectionWorker.java:128)
... 6 more
Caused by: org.apache.thrift.transport.TTransportException: java.net.SocketTimeoutException: Read timed out
at org.apache.thrift.transport.TIOStreamTransport.flush(TIOStreamTransport.java:161)
at org.apache.thrift.TServiceClient.sendBase(TServiceClient.java:65)
at org.wso2.carbon.databridge.commons.thrift.service.secure.ThriftSecureEventTransmissionService$Client.send_connect(ThriftSecureEventTransmissionService.java:104)
at org.wso2.carbon.databridge.commons.thrift.service.secure.ThriftSecureEventTransmissionService$Client.connect(ThriftSecureEventTransmissionService.java:95)
at org.wso2.carbon.databridge.agent.endpoint.thrift.ThriftDataEndpoint.login(ThriftDataEndpoint.java:47)
... 7 more
Caused by: java.net.SocketTimeoutException: Read timed out
at java.net.SocketInputStream.socketRead0(Native Method)
at java.net.SocketInputStream.socketRead(SocketInputStream.java:116)
at java.net.SocketInputStream.read(SocketInputStream.java:171)
at java.net.SocketInputStream.read(SocketInputStream.java:141)
at sun.security.ssl.InputRecord.readFully(InputRecord.java:465)
at sun.security.ssl.InputRecord.read(InputRecord.java:503)
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:975)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1367)
at sun.security.ssl.SSLSocketImpl.writeRecord(SSLSocketImpl.java:750)
at sun.security.ssl.AppOutputStream.write(AppOutputStream.java:123)
at java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:82)
at java.io.BufferedOutputStream.flush(BufferedOutputStream.java:140)
at org.apache.thrift.transport.TIOStreamTransport.flush(TIOStreamTransport.java:159)
... 11 more
...
When I had access the consoles Analytics (PUBLISHER, STORE or ADMIN), the API Usage analtyics interface become stucked.
I try to mak few changes inside api-manager.xml. Now the ANALYTICS part is lik follows:
<!-- Enable Analytics for API Manager -->
<Enabled>true</Enabled>
<StreamProcessorServerURL>{tcp://localhost:7612}</StreamProcessorServerURL>
<!--StreamProcessorAuthServerURL>{ssl://localhost:7712}</StreamProcessorAuthServerURL-->
<!-- Administrator username to login to the remote StreamProcessor server. -->
<StreamProcessorUsername>admin</StreamProcessorUsername>
<!-- Administrator password to login to the remote StreamProcessor server. -->
<StreamProcessorPassword>admin</StreamProcessorPassword>
<!-- For APIM implemented Statistic client for RDBMS -->
<StatsProviderImpl>org.wso2.carbon.apimgt.usage.client.impl.APIUsageStatisticsRestClientImpl</StatsProviderImpl>
<!-- StreamProcessor REST API configuration -->
<StreamProcessorRestApiURL>https://localhost:9444</StreamProcessorRestApiURL>
<StreamProcessorRestApiUsername>admin</StreamProcessorRestApiUsername>
<StreamProcessorRestApiPassword>admin</StreamProcessorRestApiPassword>
I expect to discovery why this is happen, If i follow de default documentation (https://docs.wso2.com/display/AM260/Configuring+APIM+Analytics)
thanks
This problem it was solved by import the Analytics certificate to wso2carbon.jks and client-truststore.jks.
In the beginning I just import to client-truststore.jks and miss wso2carbon.jks.
It's important to use the full qualified name to create the new certificates and keystore, and use to make correct link between tools at api-manager.xml
Remember to add the full qualified name at hosts file.
Thanks

API usages are not recorded when integrating WSO2 APIM1.10.0 cluster with WSO2 DAS 3.0.1 cluster

I am using WSO2 Kubernetes Artifacts to build WSO2 APIM 1.10.0 cluster.
Here is my configuration :
api-key-manager.yaml
api-publisher.yaml
api-store.yaml
gateway-manager.yaml
With the above configurations, APIM cluster works fine on my kubernetes environment. Then I want to get statistics from WSO2 DAS 3.0.1. Here is my steps.
Open admin-dashboard page.
Fill in DAS information.
Save configuration.
Publish the sample API and subscribe it.
Invoke the created API.
Though API returns the correct result, I can not see any statistics from DAS page. Table ORG_WSO2_APIMGT_STATISTICS_REQUEST is also empty. Moreover, there are some exceptions in gateway container as follows:
2017-02-02T10:17:05.119378825Z [2017-02-02 10:17:05,118] ERROR - APIMgtUsageHandler Cannot publish event. null
2017-02-02T10:17:05.119410635Z java.lang.NullPointerException
2017-02-02T10:17:05.119416221Z at org.wso2.carbon.apimgt.usage.publisher.APIMgtUsageDataBridgeDataPublisher.publishEvent(APIMgtUsageDataBridgeDataPublisher.java:124)
2017-02-02T10:17:05.119421345Z at org.wso2.carbon.apimgt.usage.publisher.APIMgtUsageHandler.handleRequest(APIMgtUsageHandler.java:169)
2017-02-02T10:17:05.119425422Z at org.apache.synapse.rest.API.process(API.java:322)
2017-02-02T10:17:05.119429269Z at org.apache.synapse.rest.RESTRequestHandler.dispatchToAPI(RESTRequestHandler.java:86)
2017-02-02T10:17:05.119432713Z at org.apache.synapse.rest.RESTRequestHandler.process(RESTRequestHandler.java:65)
2017-02-02T10:17:05.119444539Z at org.apache.synapse.core.axis2.Axis2SynapseEnvironment.injectMessage(Axis2SynapseEnvironment.java:295)
2017-02-02T10:17:05.119448051Z at org.apache.synapse.core.axis2.SynapseMessageReceiver.receive(SynapseMessageReceiver.java:83)
2017-02-02T10:17:05.119451190Z at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:180)
2017-02-02T10:17:05.119454693Z at org.apache.synapse.transport.passthru.ServerWorker.processNonEntityEnclosingRESTHandler(ServerWorker.java:317)
2017-02-02T10:17:05.119457708Z at org.apache.synapse.transport.passthru.ServerWorker.run(ServerWorker.java:149)
2017-02-02T10:17:05.119460675Z at org.apache.axis2.transport.base.threads.NativeWorkerPool$1.run(NativeWorkerPool.java:172)
2017-02-02T10:17:05.119463755Z at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
2017-02-02T10:17:05.119466748Z at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
2017-02-02T10:17:05.119470008Z at java.lang.Thread.run(Thread.java:745)
2017-02-02T10:17:05.292159023Z [2017-02-02 10:17:05,291] ERROR - APIMgtResponseHandler Cannot publish response event. null
2017-02-02T10:17:05.292186860Z java.lang.NullPointerException
2017-02-02T10:17:05.292191607Z at org.wso2.carbon.apimgt.usage.publisher.APIMgtUsageDataBridgeDataPublisher.publishEvent(APIMgtUsageDataBridgeDataPublisher.java:140)
2017-02-02T10:17:05.292196079Z at org.wso2.carbon.apimgt.usage.publisher.APIMgtResponseHandler.mediate(APIMgtResponseHandler.java:211)
2017-02-02T10:17:05.292199487Z at org.apache.synapse.mediators.ext.ClassMediator.mediate(ClassMediator.java:84)
2017-02-02T10:17:05.292202823Z at org.apache.synapse.mediators.AbstractListMediator.mediate(AbstractListMediator.java:81)
2017-02-02T10:17:05.292206246Z at org.apache.synapse.mediators.AbstractListMediator.mediate(AbstractListMediator.java:48)
2017-02-02T10:17:05.292210195Z at org.apache.synapse.mediators.base.SequenceMediator.mediate(SequenceMediator.java:155)
2017-02-02T10:17:05.292213976Z at org.apache.synapse.rest.Resource.process(Resource.java:297)
2017-02-02T10:17:05.292216990Z at org.apache.synapse.rest.API.process(API.java:335)
2017-02-02T10:17:05.292220203Z at org.apache.synapse.rest.RESTRequestHandler.dispatchToAPI(RESTRequestHandler.java:86)
2017-02-02T10:17:05.292223430Z at org.apache.synapse.rest.RESTRequestHandler.process(RESTRequestHandler.java:52)
2017-02-02T10:17:05.292226576Z at org.apache.synapse.core.axis2.Axis2SynapseEnvironment.injectMessage(Axis2SynapseEnvironment.java:295)
2017-02-02T10:17:05.292229762Z at org.apache.synapse.core.axis2.SynapseCallbackReceiver.handleMessage(SynapseCallbackReceiver.java:529)
2017-02-02T10:17:05.292232861Z at org.apache.synapse.core.axis2.SynapseCallbackReceiver.receive(SynapseCallbackReceiver.java:172)
2017-02-02T10:17:05.292236007Z at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:180)
2017-02-02T10:17:05.292238952Z at org.apache.synapse.transport.passthru.ClientWorker.run(ClientWorker.java:251)
2017-02-02T10:17:05.292252632Z at org.apache.axis2.transport.base.threads.NativeWorkerPool$1.run(NativeWorkerPool.java:172)
2017-02-02T10:17:05.292256191Z at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
2017-02-02T10:17:05.292259335Z at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
2017-02-02T10:17:05.292262507Z at java.lang.Thread.run(Thread.java:745)
The problem may be same as this issue, but I don't see solution.
Edit 1
I also did 2 experiments as follow.
First:
Create a ubuntu pod.
Install WSO2 APIM 1.10.0 on the ubuntu pod container.
Open the admin-dashboard page and fill in DAS information.
Publish the sample API and subscribe it.
Invoke the created API.
Which works fine. I can see the statistics from DAS page.
Second :
Jump into APIM container.
Using telnet to verify thrift port of DAS cluster.
The thrift port was accessible for APIM cluster.
According to the exception, I think that might be caused by configurations missing in gateway container?

Errors using input-only web service (OUT_ONLY from ESB)

I have a webservice with some input only operations. In the ESB i've created a proxy and sets the properties OUT_ONLY and FORCE_SC_ACCEPTED to true. Everytime I call the proxied operation I get the following error message in the wso2carbon.log:
TID: [0] [ESB] [2015-04-02 09:52:45,307] ERROR {org.apache.axis2.transport.base.threads.NativeWorkerPool} - Uncaught exception {org.apache.axis2.transport.base.threads.NativeWorkerPool}
java.lang.UnsupportedOperationException: Not yet implemented
at org.apache.axis2.description.OutOnlyAxisOperation.getMessage(OutOnlyAxisOperation.java:124)
at org.wso2.carbon.core.multitenancy.MultitenantMessageReceiver.processResponse(MultitenantMessageReceiver.java:125)
at org.wso2.carbon.core.multitenancy.MultitenantMessageReceiver.receive(MultitenantMessageReceiver.java:81)
at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:180)
at org.apache.synapse.transport.passthru.ClientWorker.run(ClientWorker.java:225)
at org.apache.axis2.transport.base.threads.NativeWorkerPool$1.run(NativeWorkerPool.java:172)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
at java.lang.Thread.run(Thread.java:745)
Althought everything seems to work OK, I am worried about this message. What am I doing wrong. These input only will be called very frequently in production, so I'd like them to be error free.
WSO2 ESB: 4.8.1
Thanks,
Danny
this exception will occur if OUT_ONLY=true and your backend sending a response back to the esb.if OUT_ONLY is set true, your are getting a response from the backend then it is not a valid scenarion for if OUT_ONLY property.check this post[1]
1.https://mohanadarshan.wordpress.com/2013/05/05/out_only-scenario-in-proxy-service-wso2-esb/
Out-only property is set to inform that this service does not return a response back. For instance if you are sending messages to a message broker. Force-sc-accepted flag causes ESB to send HTTP Accepted status response back to the client (which calls ESB) since otherwise client will timeout without a reaponse. So please make sure your backend service does not send a response and it is accessible to ESB.
Solved this issue for now: My ESB was running in multi-tenant mode. The proxy service were created in the tenant. I did a fresh install and put the config in (so no tenants). The error disappears immediately. When I remove the config and create a tenant and put the config into the tenant the error reappears. So might this be a bug. I can try to verify with running sample 253 (OneWayProxy) in a tenant.