WSO2 API Cloud Timeout Error code 101504 - wso2

I am getting the following respose while trying to assess my api endpoint:
<am:fault xmlns:am="http://wso2.org/apimanager">
<am:code>101504</am:code><am:type>Status report</am:type>
<am:message>Runtime Error</am:message>
<am:description>Send timeout</am:description>
</am:fault>
Kindly suggest what went wrong.

Lucas, it is exactly what it says - looks like the backend service is only available intermittently so when it is not available - you get the timeout reported by the gateway.

Just add a header to accept text/xml:
'content-type': 'text/xml'

I had the same issue and the solution was to Increase the Endpoint Timeout from the API Manager as described here :
https://apim.docs.wso2.com/en/latest/design/endpoints/resiliency/endpoint-timeouts/
Sign in to the API Publisher Portal.
https://:9443/publisher
Example: https://localhost:9443/publisher
Use your username and password to sign in.
Click on an API in the API Publisher Portal listing page.
Click Endpoints under API Configurations.
Click on the cogwheel, which is inline with the endpoint that you need to configure, and update the endpoint related configurations as required.
Go to Advanced Endpoint Configurations.
Increase Connection Timeout value

Related

Why unsubscribed Application token can be used to access WSO2 APIM endpoint?

There is an API hosted in WSO2 APIM 4.1.0 and there are two different App subscribed to that API.
Before Unsubscribe:
I just unsubscribed one of App to delete the API subscription by follows wso2 doc
After Unsubscribe:
After unsubscribed , I can able to invoke WSO2 API by using unsubscribed Application token
It should now allow that unsubscribed app to invoke API. OR correct me if my understanding is wrong.
Postman :
Note: In above API Hit, I passed unsubscribed APP token as Authorization
In your case, you should not be able to invoke the API without a proper subscriptions. Although the token is valid, you should get a 403 HTTP code saying subscription validation has failed.
You can check whether the events are propagated successfully to your gateway node from the control plane node. This is basically when you have a distributed setup. If you have a HA setup, verify both nodes are working properly when it comes to event distribution.
Are you using the GA release of APIM 4.1.0? If so, this could be a bug in that was fixed later through U2 updates. When an application subscription is deleted, any API invocations done using the tokens of that application should fail due subscription validation with an error similar to the one below with a 403 HTTP code.
{"code":"900908","message":"Resource forbidden ","description":"User is NOT authorized to access the Resource. API Subscription validation failed."}
If you have a paid WSO2 subsciption, please try this scenario by taking the latest U2 updated/patched version of APIM 4.1.0 by referring this.
I tried the GA APIM 4.1.0 and this usecase worked as expected. Shall we verify the subscription delete event flow in the API gateway by enabling debug logs for gateway and keymanagement components?
Add the following configurations in the <APIM_HOME>/repository/logs/log4j2.properties
logger.gateway-component.name = org.wso2.carbon.apimgt.gateway
logger.gateway-component.level = DEBUG
logger.keymgt-component.name = org.wso2.carbon.apimgt.keymgt
logger.keymgt-component.level = DEBUG
make sure to add the newly created loggers as below.
loggers = gateway-component,keymgt-component, AUDIT_LOG, trace-messages, org-apache-coyote, ....
With these, subscribe and unsubscribe events should be displayed in the terminal. You can use them to verify the event flow.

WSO2 revoke api

I was curious how can see the revoke api end point exists.The url configured is
https://localhost:9443/revoke
But I could see the api listed under the started application or under api.
I even tried retrieving the wadl from the url but it did not return anything.
Do we need to explicitly publish it or it gets done automatically when we start the wso2server ? Or Do we need to install something other than the wso2 api manager to get this api?
When I browse the endpoint https://localhost:9443/revoke/?_wadl , I get error
405 - method not allowed
The port should be 8243.
And it's not a SOAP service.
Ref: https://docs.wso2.com/display/AM260/Token+API#TokenAPI-Revokingaccesstokens

WSO2 API Manager : API Creation Issue

I installed the APIM and started the APIM and created a new API. The ApI which i created comprises of a URL which points at our company production server. I gave the URL in the api creation mode to the production endpoint and sandbox Endpoint boxes. Then i set the required parameters under the GET method. Then i try it out at the store but the request does not hit the production server. I want to see the URL output from your api manager which passes to our production server. Because i want to see what is whether there is an error on that as it it doesnot hit our production server.
Can you help me with the issue?
Thanks in advance.
You can enable wire log to see the what are the requests which came to APIM and what are the requests APIM made for backend. Follow the steps in How to get wire logs from WSO2 ESB blog post to enable wire log. Those instructions are given for ESB, but they are valid for APIM as well.

wso2 api manager clustering

I am trying to set up a cluster for WSO2 api manager and I am following https://docs.wso2.com/display/CLUSTER44x/Clustering+API+Manager+1.10.0
I am using seperate VMs for each of the component and currently in my setup I am able to
Publish an api using the publisher which gets published in the Gateway (Visible in the log)
Subscribe to this API from the store and generate keys
However when I am trying to access this api using the generated key I get the following response
<soapenv:Fault xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
<faultcode xmlns:axis2ns2="http://schemas.xmlsoap.org/soap/envelope/">axis2ns2:Client</faultcode>
<faultstring>Authentication Failure</faultstring>
<detail>Error while accessing backend services for API key validation</detail>
</soapenv:Fault>
In the gateway logs I can see only the below line. There is no further details in the logs
TID: [-1234] [] [2016-02-02 16:55:58,288] WARN {org.wso2.carbon.apimgt.gateway.handlers.security.APIAuthenticat
ionHandler} - API authentication failure due to Unclassified Authentication Failure {org.wso2.carbon.apimgt.gat
eway.handlers.security.APIAuthenticationHandler}
Please help me to resolve this issue.
That sounds like an issue with your API - API Manager doesn't actually "authenticate anything" unless you are using identity server see here for the difference between authentication and authorization (what WSO2 does through Oauth). Please try an API that is know to work such as http://petstore.swagger.io/ and report back the error.
This can happen due to many reason. Please check some of the reasons below
Key Manager's public certificate isn'y properly imported in the <GATEWAY_HOME>/repository/resources/security/client-truststore.jks
Open the api-manager.xml fie of the gateway and key manager nodes and change the <KeyValidatorClientType> to WSClient as bellow (default value is ThriftClient).
<KeyValidatorClientType>WSClient</KeyValidatorClientType>
The reason for this could be a result of misconfiguration between nodes. First you can double check the configurations (specially keyvalidator related configurations)
If you could not find any issue there, then you can enable debug logs and get some idea about the issue
add following entires in repository/conf/log4j.properties in gateway node
log4j.logger.org.wso2.carbon.apimgt.gateway.handlers.security=DEBUG
add following entires in repository/conf/log4j.properties in key manager node
log4j.logger.org.wso2.carbon.apimgt.keymgt=DEBUG
You might be able to find the issue by analyzing the logs

Error while publishing an API in the WSO2 API Manager

When I publish an API in the WSO2 API Manager, the following error occurs:
Gateway Failures
Failed to Publish Environments
Production and Sandbox
Error while obtaining API information from gateway. Error while obtaining API information from gateway. Authentication failure
This could be due to an authentication failure. Please check whether username/password within <Environments> content element of root <APIGateway> element in api-manager.xml (<APIM_HOME>/repository/conf/api-manager.xml) is correct
I've had this issue.
When checking the logs I saw this:
URL context: /hrs/admihrsd/osb/documentWS/2.0.0 is already registered with the API: novakgo--hrs-admihrsd-osb-document-service:v2.0.0
The issue was someone was trying to publish a new API with the same context as another one. They should change the context and publish again, and the error is fixed. Context have to be unique.