Configuring WSO2 AS and BAM -new error - wso2

I followed the same steps as mentioned in the WSO2 documentation for configuring BAM server and WSO2 AS. Both are in different computers. Still not able to solve the errors. Now I am getting new error when I click BAM EVENT_KS. My BAM server offset address is 0 by default. I changed my WSO2 AS offset to 2 in carbon.xml.
ERROR {org.wso2.carbon.databridge.agent.thrift.AsyncDataPublisher} - Error while connection to event receiver
org.wso2.carbon.databridge.agent.thrift.exception.AgentException: Cannot borrow client for TCP,203.252.180.178:9443,TCP,203.252.180.178:9543
at org.wso2.carbon.databridge.agent.thrift.internal.publisher.authenticator.AgentAuthenticator.connect(AgentAuthenticator.java:58)
and many more .....
Please help what will be the configuration problem with BAM. I tried all the latest 3 version.

Read [1] for configuration details. As I can see you have used ports 9443 and 9543 instead of 7611 or 7711 which are the correct Thrift server ports.
Use 7611 for unsecured port and 7711 for the secured port when no port offset is applied in BAM.
[1] http://docs.wso2.org/wiki/display/AS501/Collecting+Data+Statistics+of+Services

Related

WSO2 inaccessible from internet

I'm running WSO 5 components cluster (KeyManager, Gateway, Publisher, Store, Traffic Manager), each component has his own server and they are all exist in the same LAN.
Finally i got to a point where every component is running with no errors and i get this message below,
[2018-02-23 23:42:12,475] INFO - StartupFinalizerServiceComponent Server
: WSO2 API Manager-2.1.0
[2018-02-23 23:42:12,476] INFO - StartupFinalizerServiceComponent WSO2
Carbon started in 54 sec
[2018-02-23 23:42:12,720] INFO - CarbonUIServiceComponent Mgt Console URL
: https://172.31.25.234:9443/carbon/
[2018-02-23 23:42:12,720] INFO - CarbonUIServiceComponent API Publisher
DefaultContext : https://172.31.25.234:9443/publisher
[2018-02-23 23:42:12,720] INFO - CarbonUIServiceComponent API Store Default
Context : https://172.31.25.234:9443/store
wget -O- https://localhost:9443/publisher --no-check-certificate - give me the page and i can see its running locally, however , i cant reach the url from its external IP
Firewall disabled on CentOS. (firewall--cmd not exist)
I've tried also to use reverse proxy to my LAN publisher address:9443 but still no luck.
Appreciate your assistance.
Found the issue, although there is no firewall not sure why publisher ui management was not accessible from internet through port 9443
Finally i changed the port to 8080 on repository/conf/tomcat/catalina-server.xml and it worked.

Why do Data Services use the Servlet Ports as opposed to NIO/PT - WSO2

I've installed Dss 3.2.2 features onto Esb4.8.1.
When I create a proxy service the Service endpoints are as expected e.g
http://[ip]:8280/services/[proxy_service_name]
But when I create a dataservice , the service endpoints also show the same(NIO) port , contrary to the expected (mgmt) port :
http://[ip]:8280/services/[data_service_name]
But it should be
http://[ip]:9763/services/[data_service_name]
If I send a json post request to the 8280 for a dataservice , it does not receive any params :
"current_params": "{}"
Sending it to 9763 it reads my params:
"current_params": "{no=xxx, dump_size=10}"
Is there a config/way to fix this?
I believe you are using try-it tool shipped with WSO2 ESB by default. Let me explain what it the reason for this problem. WSO2 ESB exposes two HTTP ports (i.e NIO port which is 8280 and servlet port which is 9763) and when dataservice features are installed, data services are also exposed via both ports. By default ESB try-it uses NIO port(8280). The issue is ESB try-it tool does not handle invoking data service via NIO transport. It drops the parameters passed. That is why the current_params is empty. This is a known issue and will be fixed in a future release. As a workaround you can either use servlet port to invoke dataservice or any other soap client such as SoapUI.
Thanks

Removing TLSv1.0 in WSO2 EMM 1.1.0

I am setting up a new WSO2 EMM server and, in order to maintain my organization's PCI DSS certification, I have to disable support for any encryption protocol lower than TLSv1.1 before I can put it into production (see this for more information on PCI 3.1).
I edited the file /repository/conf/tomcat/catalina-server.xml as per the documentation. Here is what I tried:
I changed the attribute sslEnabledProtocols from TLS to TLSv1.1,TLSv1.2, but this generates the error
ERROR {org.wso2.carbon.tomcat.internal.CarbonTomcat} -
LifeCycleException while starting tomcat connector
{org.wso2.carbon.tomcat.internal.CarbonTomcat}
in my wso2carbon.log and I'm unable to log into the EMM web console.
Does anyone know how to disable TLSv1.0 without breaking my installation?
cheers,
Found it!
you have to get rid of sslProtocol attribute and replace it with sslEnabledProtocols, they look very similar.

unable to handle wso2 ESB with Activemq

In my project We are trying to configure activemq with wso2 esb.
Successfully configured and we are getting successful responses for first 4 or 5 requests. After that getting socket timed out error.
Can anyone know this issue?
Thanks in advance.
You can change the activeMQ socket time out configuration using transport.soTimeout property. This property can be configured as java.naming.provider.url in your axis2.xml of ESB.
eg: tcp://localhost:61616?transport.trace=false&transport.soTimeout=60000
Please refer [1] for more TCP transport options
[1] http://activemq.apache.org/tcp-transport-reference.html

How can I disable features WSO2 ESB 4.0.3?

We are in final few steps of WSO2 ESB / Data services implementation.
We are trying to pass the Information Security review of our WSO2 ESB implementation. We are using 4.0.3 EAB with 3.2.2 DSS feature.
Information security group has objected for following things in default WSO2 ESB
QPID / AMQP server listening to 5672 / 8672 ports. Can we disable the default message broker so that QPID will not start. If we disable, will it affect any other functionality? We are NOT using message brokers / any JMS related applications, mainly Data Services.
How to block JMX console being started? The JMX console starts at 11111 / 9999 be default.
We have already disabled Admin UI, however is there any way where I can turn the logging levels for individual loggers with out Admin UI and WITHOUT re- starting the ESB?
Can stop starting jmx server through CARBON_HOME/repository/conf/etc/jmx.xml by setting,
<StartRMIServer>false</StartRMIServer>
If the admin console was enabled, then you can configure the logging from the UI. Since you have disabled the admin console, then you can configure the loggers using the lgo4j.properties file in CARBON_HOME/repository/conf. But then you have to restart the server.
There is no other way to configure logging without restarting.
You can disable QPID server listening on 8672 TLS port with the following configuration change.
Go to /repository/conf/advanced/qpid-config.xml file and change the entry as below.
<broker>
<connector>
<!-- To enable SSL edit the keystorePath and keystorePassword
and set enabled to true.To disasble Non-SSL port set sslOnly to true -->
<ssl>
**<enabled>false</enabled>**
<sslOnly>false</sslOnly>
<keystorePath>repository/resources/security/wso2carbon.jks</keystorePath>
<keystorePassword>wso2carbon</keystorePassword>
</ssl>
After that QPID Broker will not be starting on TLS port. However regarding disabling the Qpid Server in 5672 TCP port, ESB 4.0.3 version comes with an embedded QPID broker which is tightly coupled with other ESB components. Therefore unfortunately it is not possible to detach the broker from the ESB with a configuration setting.This is changed after ESB 4.5.x versions where the embedded Qpid broker is no longer shipped with ESB, therefore if it is possible, you can upgrade the ESB version in order to meet this requirement.