WSO2 API Manager - 令牌变为非活动状态

时间:2013-09-09 09:55:21

标签: amazon-ec2 wso2

我目前正在Amazon EC2上部署WSO2 API管理器解决方案。

每次重启我的实例后,我都面临以下问题:我的所有访问令牌都变为非活动状态。

<ams:code>900904</ams:code><ams:message>Access Token Inactive</ams:message>

我已经在identity.xml配置文件(/repository/conf/identity.xml)中将“ApplicationAccessTokenDefaultValidityPeriod”值更改为0,但它并未阻止我的令牌处于非活动状态。

有没有办法在每次重启实例后保持所有生成的令牌都处于活动状态?

PS:当我在不重新启动ec2实例的情况下重新启动wso2应用程序时,不会发生此错误。

错误日志:

  

错误 - APIAuthenticationHandler API身份验证失败   org.wso2.carbon.apimgt.gateway.handlers.security.APISecurityException:API的访问失败:/ test,版本:1.0.3,密钥为:bLhh7pDxZ8NYwXz5k09nGO_Udcga 

    at org.wso2.carbon.apimgt.gateway.handlers.security.oauth.OAuthAuthenticator.authenticate(OAuthAuthenticator.java:135)
    at org.wso2.carbon.apimgt.gateway.handlers.security.APIAuthenticationHandler.handleRequest(APIAuthenticationHandler.java:88)
    at org.apache.synapse.rest.API.process(API.java:252)
    at org.apache.synapse.rest.RESTRequestHandler.dispatchToAPI(RESTRequestHandler.java:76)
    at org.apache.synapse.rest.RESTRequestHandler.process(RESTRequestHandler.java:63)
    at org.apache.synapse.core.axis2.Axis2SynapseEnvironment.injectMessage(Axis2SynapseEnvironment.java:191)
    at org.apache.synapse.core.axis2.SynapseMessageReceiver.receive(SynapseMessageReceiver.java:83)
    at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:180)
    at org.apache.axis2.transport.http.util.RESTUtil.invokeAxisEngine(RESTUtil.java:144)
    at org.apache.axis2.transport.http.util.RESTUtil.processURLRequest(RESTUtil.java:139)
    at org.apache.synapse.transport.nhttp.util.RESTUtil.processGetAndDeleteRequest(RESTUtil.java:146)
    at org.apache.synapse.transport.nhttp.DefaultHttpGetProcessor.processGetAndDelete(DefaultHttpGetProcessor.java:464)
    at org.wso2.carbon.transport.nhttp.api.NHttpGetProcessor.process(NHttpGetProcessor.java:296)
    at org.apache.synapse.transport.nhttp.ServerWorker.run(ServerWorker.java:272)
    at org.apache.axis2.transport.base.threads.NativeWorkerPool$1.run(NativeWorkerPool.java:172)
    at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
    at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
    at java.lang.Thread.run(Thread.java:724)

1 个答案:

答案 0 :(得分:1)

AccessTokenDefaultValidityPeriod 定义服务器保持AccessToken活动的时间。默认情况下,这是1小时(3600秒),这意味着您需要在1小时后尝试生成新的访问令牌。因此,将此值设置为0秒是错误的,并且为了使令牌不会过期,您需要将此值设置为-1,

<!-- Default validity period for Access Token in seconds -->
<AccessTokenDefaultValidityPeriod>-1</AccessTokenDefaultValidityPeriod>

您可以参考here中的WSO2 API Manager文档。

相关问题
最新问题