我已使用以下链接将wso2身份服务器配置为wso2 api manager的密钥管理器。1
我已经通过wso2 api manager publisher创建了api。我已将auth类型设为应用程序和应用程序用户。
当我通过应用程序令牌调用api时,它很好。但是当我使用用户令牌时,它会给我这个错误。
<ams:fault xmlns:ams="http://wso2.org/apimanager/security"><ams:code>900908</ams:code>
<ams:message>Resource forbidden </ams:message>
<ams:description>Access failure for API: /t/dev-peakhealth.com/dev-api/1.0, version: 1.0</ams:description>
</ams:fault>
API管理器日志:
TID: [3] [] [2016-06-13 19:18:07,074] @dev-peakhealth.com [3] [AM]DEBUG {org.wso2.carbon.apimgt.gateway.handlers.security.APIAuthenticationHandler} - Call to API gateway : API call failed reason=API_authentication_failure userName=test@dev-peakhealth.com transactionId=urn:uuid:63675ed0-1b95-4a06-9b2c-b3f7ad3daa18 with userAgent=curl/7.35.0 with accessToken=Bearer ca8569957cf1fb5d58f5b70d9649d982 for requestURI=/t/dev-peakhealth.com/dev-api/1.0/careplans at time=Mon Jun 13 19:18:07 IST 2016 from clientIP=192.168.4.31, elapsedTimeInMilliseconds=0 {org.wso2.carbon.apimgt.gateway.handlers.security.APIAuthenticationHandler}
TID: [3] [] [2016-06-13 19:18:07,074] @dev-peakhealth.com [3] [AM] WARN {org.wso2.carbon.apimgt.gateway.handlers.security.APIAuthenticationHandler} - API authentication failure due to Resource forbidden {org.wso2.carbon.apimgt.gateway.handlers.security.APIAuthenticationHandler}
TID: [3] [] [2016-06-13 19:18:07,075] @dev-peakhealth.com [3] [AM]DEBUG {org.wso2.carbon.apimgt.gateway.handlers.security.APIAuthenticationHandler} - API authentication failed with error 900908 {org.wso2.carbon.apimgt.gateway.handlers.security.APIAuthenticationHandler}
org.wso2.carbon.apimgt.gateway.handlers.security.APISecurityException: Access failure for API: /t/dev-peakhealth.com/dev-api/1.0, version: 1.0
at org.wso2.carbon.apimgt.gateway.handlers.security.oauth.OAuthAuthenticator.authenticate(OAuthAuthenticator.java:221)
at org.wso2.carbon.apimgt.gateway.handlers.security.APIAuthenticationHandler.handleRequest(APIAuthenticationHandler.java:130)
at org.apache.synapse.rest.API.process(API.java:322)
at org.apache.synapse.rest.RESTRequestHandler.dispatchToAPI(RESTRequestHandler.java:86)
at org.apache.synapse.rest.RESTRequestHandler.process(RESTRequestHandler.java:65)
at org.apache.synapse.core.axis2.Axis2SynapseEnvironment.injectMessage(Axis2SynapseEnvironment.java:295)
at org.apache.synapse.core.axis2.SynapseMessageReceiver.receive(SynapseMessageReceiver.java:83)
at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:180)
at org.wso2.carbon.core.multitenancy.MultitenantMessageReceiver.processRESTRequest(MultitenantMessageReceiver.java:617)
at org.wso2.carbon.core.multitenancy.MultitenantMessageReceiver.doNhttpREST(MultitenantMessageReceiver.java:556)
at org.wso2.carbon.core.multitenancy.MultitenantMessageReceiver.doREST(MultitenantMessageReceiver.java:366)
at org.wso2.carbon.core.multitenancy.MultitenantMessageReceiver.processRequest(MultitenantMessageReceiver.java:224)
at org.wso2.carbon.core.multitenancy.MultitenantMessageReceiver.receive(MultitenantMessageReceiver.java:78)
at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:180)
at org.apache.synapse.transport.passthru.ServerWorker.processNonEntityEnclosingRESTHandler(ServerWorker.java:317)
at org.apache.synapse.transport.passthru.ServerWorker.run(ServerWorker.java:149)
at org.apache.axis2.transport.base.threads.NativeWorkerPool$1.run(NativeWorkerPool.java:172)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
at java.lang.Thread.run(Thread.java:745)
请帮忙解决这个问题。
答案 0 :(得分:1)
通常,当您使用为不同身份验证类型获取的令牌调用API时,会发生此错误。您可以尝试删除所有资源并从API发布者重新创建它们。然后保存/发布API并重新启动服务器。如果这在此之后不起作用,我们需要检查数据库级别并查看发生了什么。另外,请告诉我们您正在使用的API Manager版本。
要检查数据库,您可以运行以下2个查询。 首先,我们需要通过传递API名称来获取API详细信息。
select * from am_api where API_NAME='your_api_name';
然后,一旦我们有API_ID(来自上面的查询),我们就可以通过以下查询获得与API相关的auth模式和其他资源详细信息。
select * from AM_API_URL_MAPPING where API_ID='API_id_obtained_from_previous_step';