我使用WSO2 API Manager 2.0并将其配置为使用代理,方法是将以下配置添加到axis2.xml和synapse.xml。但是,当我尝试访问我已经制作的测试API时,我会收到错误"需要代理授权"或者" Server Hangup"。当我试图通过网络查看请求时,我看到有两个请求正在进行 - 具有代理身份验证标头的GET请求(接收服务器挂起错误)和CONNECT请求(接收所需的代理授权)错误)并非如此。为什么会发生这种情况?如何在每个请求中显示标题?
axis2.xml:
<transportSender name="http" class="org.apache.synapse.transport.passthru.PassThroughHttpSender">
<parameter name="non-blocking" locked="false">true</parameter>
<parameter name="http.proxyHost" locked="false">10.1.0.236</parameter>
<parameter name="http.proxyPort" locked="false">80</parameter>
</transportSender>
<transportSender name="https" class="org.apache.synapse.transport.passthru.PassThroughHttpSSLSender">
<parameter name="non-blocking" locked="false">true</parameter>
<parameter name="http.proxyHost" locked="false">10.1.0.236</parameter>
<parameter name="http.proxyPort" locked="false">80</parameter>
<parameter name="keystore" locked="false">
<KeyStore>
<Location>repository/resources/security/wso2carbon.jks</Location>
<Type>JKS</Type>
<Password>wso2carbon</Password>
<KeyPassword>wso2carbon</KeyPassword>
</KeyStore>
</parameter>
<parameter name="truststore" locked="false">
<TrustStore>
<Location>repository/resources/security/client-truststore.jks</Location>
<Type>JKS</Type>
<Password>wso2carbon</Password>
</TrustStore>
</parameter>
<parameter name="HostnameVerifier">AllowAll</parameter>
<!--supports Strict|AllowAll|DefaultAndLocalhost or the default if none specified -->
</transportSender>
synapse.xml:
<definitions xmlns="http://ws.apache.org/ns/synapse">
<sequence xmlns="http://ws.apache.org/ns/synapse" name="WSO2AM--Ext--In">
<property name="Proxy-Authorization" expression="fn:concat('Basic ', base64Encode('smsapp:let$c0nnect'))" scope="transport"/>
<property name="POST_TO_URI" value="true" scope="axis2"/>
<property name="DISABLE_CHUNKING" value="true" scope="axis2"/>
<log level="custom">
<property name="TRACE" value="Global Mediation Extension2"/>
</log>
</sequence>
<!-- You can add any flat sequences, endpoints, etc.. to this synapse.xml file if you do
*not* want to keep the artifacts in several files -->
</definitions>
请求及其回复:
GET
GET https://apiurl.com/api/apiname HTTP/1.1\r\n
[Expert Info (Chat/Sequence): GET https://apiurl.com/api/apiname HTTP/1.1\r\n]
[GET https://apiurl.com/api/apiname HTTP/1.1\r\n]
[Severity level: Chat]
[Group: Sequence]
Request Method: GET
Request URI: https://apiurl.com/api/apiname
Request Version: HTTP/1.1
Proxy-Authorization: Basic XXXXXXXXXXXXXXXX\r\n
Credentials: username:pwd
Hypertext Transfer Protocol
HTTP/1.1 502 Server Hangup\r\n
[Expert Info (Chat/Sequence): HTTP/1.1 502 Server Hangup\r\n]
[HTTP/1.1 502 Server Hangup\r\n]
[Severity level: Chat]
[Group: Sequence]
Request Version: HTTP/1.1
Status Code: 502
Response Phrase: Server Hangup
Date: Thu, 08 Dec 2016 12:12:20 GMT\r\n
Connection: close\r\n
Via: HTTPS/1.1 localhost.localdomain\r\n
Cache-Control: no-store\r\n
Content-Type: text/html\r\n
Content-Language: en\r\n
Content-Length: 666\r\n
\r\n
[HTTP response 1/1]
[Time since request: 0.235017000 seconds]
[Request in frame: 456]
File Data: 666 bytes
CONNECT
Hypertext Transfer Protocol
CONNECT apiurl.com:443 HTTP/1.1\r\n
[Expert Info (Chat/Sequence): CONNECT apiurl.com:443 HTTP/1.1\r\n]
[CONNECT apiurl.com:443 HTTP/1.1\r\n]
[Severity level: Chat]
[Group: Sequence]
Request Method: CONNECT
Request URI: apiurl.com:443
Request Version: HTTP/1.1
Host: apiurl.com:443\r\n
Proxy-Connection: Keep-Alive\r\n
\r\n
[Full request URI: apiurl.com:443]
[HTTP request 1/2]
[Response in frame: 595]
[Next request in frame: 880]
Hypertext Transfer Protocol
HTTP/1.1 407 Proxy Authorization Required\r\n
[Expert Info (Chat/Sequence): HTTP/1.1 407 Proxy Authorization Required\r\n]
[HTTP/1.1 407 Proxy Authorization Required\r\n]
[Severity level: Chat]
[Group: Sequence]
Request Version: HTTP/1.1
Status Code: 407
Response Phrase: Proxy Authorization Required
Date: Thu, 08 Dec 2016 12:12:22 GMT\r\n
Proxy-Connection: keep-alive\r\n
Via: 1.1 localhost.localdomain\r\n
Cache-Control: no-store\r\n
Content-Type: text/html\r\n
Content-Language: en\r\n
Proxy-Authenticate: Basic realm="Websense Content Gateway"\r\n
Content-Length: 666\r\n
\r\n
[HTTP response 1/2]
[Time since request: 0.002752000 seconds]
[Request in frame: 589]
[Next request in frame: 880]
[Next response in frame: 894]
File Data: 666 bytes
答案 0 :(得分:0)
这是一个适合我的解决方案(我使用的是ESB 5.0.0,而不是API管理器)。
在我的情况下,我必须将proxyProfiles添加到axis2中的 HTTP和 HTTPS发送方。所以我不得不:
删除 http和 https sender:
<parameter name="http.proxyHost" locked="false">some_host</parameter>
<parameter name="http.proxyPort" locked="false">some_port</parameter>
添加参数ProxyProfiles(在 http和 https发件人中)
<parameter name="proxyProfiles">
<profile>
<targetHosts>*</targetHosts>
<proxyHost>some_host</proxyHost>
<proxyPort>some_port</proxyPort>
<proxyUserName>some_username</proxyUserName>
<proxyPassword>some_password</proxyPassword>
</profile>
</parameter>
在我的.xml API中,我删除了Proxy-Authorization和POST_TO_URI。
更多细节: Working with Proxy Servers (wso2.com)
编辑:
经过几次测试后,似乎HTTP需要API中的Proxy-Authorization和POST_TO_URI参数,但正如我之前提到的,HTTPS而不是它们需要proxyProfiles。没有它,就无法调用HTTPS服务。