我已经使用2.6.0 WSO2 API-M进行了分布式设置,并启动了密钥管理器配置文件,将网关和密钥管理器分开。
另外,我已经配置了第三方密钥管理器,并且根据手册[1]在WSO2 APIM,密钥管理器和网关中进行了相关更改。
我正在使用Postman进行测试,到目前为止,我可以向第三方密钥管理器请求令牌,但是当我尝试向网关发送一些参数时,返回ERROR Invalid tenant domain null:
WSO2-密钥管理器错误日志:
2019-08-16 08:42:35,092 [-] [http-nio-9443-exec-17] ERROR RPCMessageReceiver Invalid tenant domain null
java.lang.reflect.InvocationTargetException
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at org.apache.axis2.rpc.receivers.RPCUtil.invokeServiceClass(RPCUtil.java:212)
at org.apache.axis2.rpc.receivers.RPCMessageReceiver.invokeBusinessLogic(RPCMessageReceiver.java:117)
at org.apache.axis2.receivers.AbstractInOutMessageReceiver.invokeBusinessLogic(AbstractInOutMessageReceiver.java:40)
at org.apache.axis2.receivers.AbstractMessageReceiver.receive(AbstractMessageReceiver.java:110)
at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:180)
at org.apache.axis2.transport.http.HTTPTransportUtils.processHTTPPostRequest(HTTPTransportUtils.java:173)
at org.apache.axis2.transport.http.AxisServlet.doPost(AxisServlet.java:147)
at org.wso2.carbon.core.transports.CarbonServlet.doPost(CarbonServlet.java:232)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:650)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:731)
at org.eclipse.equinox.http.servlet.internal.ServletRegistration.service(ServletRegistration.java:61)
at org.eclipse.equinox.http.servlet.internal.ProxyServlet.processAlias(ProxyServlet.java:128)
at org.eclipse.equinox.http.servlet.internal.ProxyServlet.service(ProxyServlet.java:68)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:731)
at org.wso2.carbon.tomcat.ext.servlet.DelegationServlet.service(DelegationServlet.java:68)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:303)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
at org.owasp.csrfguard.CsrfGuardFilter.doFilter(CsrfGuardFilter.java:88)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
at org.wso2.carbon.tomcat.ext.filter.CharacterSetFilter.doFilter(CharacterSetFilter.java:65)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
at org.apache.catalina.filters.HttpHeaderSecurityFilter.doFilter(HttpHeaderSecurityFilter.java:124)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:219)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:110)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:169)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:103)
at org.wso2.carbon.identity.context.rewrite.valve.TenantContextRewriteValve.invoke(TenantContextRewriteValve.java:80)
at org.wso2.carbon.identity.authz.valve.AuthorizationValve.invoke(AuthorizationValve.java:91)
at org.wso2.carbon.identity.auth.valve.AuthenticationValve.invoke(AuthenticationValve.java:65)
at org.wso2.carbon.tomcat.ext.valves.CompositeValve.continueInvocation(CompositeValve.java:99)
at org.wso2.carbon.tomcat.ext.valves.CarbonTomcatValve$1.invoke(CarbonTomcatValve.java:47)
at org.wso2.carbon.webapp.mgt.TenantLazyLoaderValve.invoke(TenantLazyLoaderValve.java:57)
at org.wso2.carbon.tomcat.ext.valves.TomcatValveContainer.invokeValves(TomcatValveContainer.java:47)
at org.wso2.carbon.tomcat.ext.valves.CompositeValve.invoke(CompositeValve.java:62)
at org.wso2.carbon.tomcat.ext.valves.CarbonStuckThreadDetectionValve.invoke(CarbonStuckThreadDetectionValve.java:159)
at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:962)
at org.wso2.carbon.tomcat.ext.valves.CarbonContextCreatorValve.invoke(CarbonContextCreatorValve.java:57)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:116)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:445)
at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1115)
at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:637)
at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1775)
at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.run(NioEndpoint.java:1734)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
at java.lang.Thread.run(Thread.java:748)
Caused by: org.wso2.carbon.identity.base.IdentityRuntimeException: Invalid tenant domain null
at org.wso2.carbon.identity.base.IdentityRuntimeException.error(IdentityRuntimeException.java:63)
at org.wso2.carbon.identity.core.util.IdentityTenantUtil.getTenantId(IdentityTenantUtil.java:252)
at org.wso2.carbon.identity.oauth2.validators.JDBCScopeValidator.getTenantId(JDBCScopeValidator.java:294)
at org.wso2.carbon.identity.oauth2.validators.JDBCScopeValidator.validateScope(JDBCScopeValidator.java:150)
at org.wso2.carbon.apimgt.keymgt.handlers.DefaultKeyValidationHandler.validateScopes(DefaultKeyValidationHandler.java:180)
at org.wso2.carbon.apimgt.keymgt.service.APIKeyValidationService.validateKey(APIKeyValidationService.java:188)
... 58 more
WSO2-网关服务器错误日志:
2019-08-16 08:43:29,660 [-] [HTTP-Listener I/O dispatcher-1] WARN AccessConfiguration Error loading properties from file: access-log.properties
2019-08-16 08:43:30,416 [-] [PassThroughMessageProcessor-1] ERROR APIAuthenticationHandler API authentication failure due to Unclassified Authentication Failure
org.wso2.carbon.apimgt.gateway.handlers.security.APISecurityException: Resource forbidden
at org.wso2.carbon.apimgt.gateway.handlers.security.keys.WSAPIKeyDataStore.getAPIKeyData(WSAPIKeyDataStore.java:51)
at org.wso2.carbon.apimgt.gateway.handlers.security.APIKeyValidator.doGetKeyValidationInfo(APIKeyValidator.java:323)
at org.wso2.carbon.apimgt.gateway.handlers.security.APIKeyValidator.getKeyValidationInfo(APIKeyValidator.java:255)
at org.wso2.carbon.apimgt.gateway.handlers.security.oauth.OAuthAuthenticator.authenticate(OAuthAuthenticator.java:206)
at org.wso2.carbon.apimgt.gateway.handlers.security.APIAuthenticationHandler.isAuthenticate(APIAuthenticationHandler.java:210)
at org.wso2.carbon.apimgt.gateway.handlers.security.APIAuthenticationHandler.handleRequest(APIAuthenticationHandler.java:158)
at org.apache.synapse.rest.API.process(API.java:325)
at org.apache.synapse.rest.RESTRequestHandler.apiProcessNonDefaultStrategy(RESTRequestHandler.java:149)
at org.apache.synapse.rest.RESTRequestHandler.dispatchToAPI(RESTRequestHandler.java:95)
at org.apache.synapse.rest.RESTRequestHandler.process(RESTRequestHandler.java:71)
at org.apache.synapse.core.axis2.Axis2SynapseEnvironment.injectMessage(Axis2SynapseEnvironment.java:303)
at org.apache.synapse.core.axis2.SynapseMessageReceiver.receive(SynapseMessageReceiver.java:92)
at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:180)
at org.apache.synapse.transport.passthru.ServerWorker.processNonEntityEnclosingRESTHandler(ServerWorker.java:337)
at org.apache.synapse.transport.passthru.ServerWorker.run(ServerWorker.java:158)
at org.apache.axis2.transport.base.threads.NativeWorkerPool$1.run(NativeWorkerPool.java:172)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
at java.lang.Thread.run(Thread.java:748)
Caused by: org.wso2.carbon.apimgt.gateway.handlers.security.APISecurityException: Error while accessing backend services for API key validation
at org.wso2.carbon.apimgt.gateway.handlers.security.keys.APIKeyValidatorClient.getAPIKeyData(APIKeyValidatorClient.java:123)
at org.wso2.carbon.apimgt.gateway.handlers.security.keys.WSAPIKeyDataStore.getAPIKeyData(WSAPIKeyDataStore.java:48)
... 18 more
Caused by: org.apache.axis2.AxisFault: Invalid tenant domain null
at org.apache.axis2.util.Utils.getInboundFaultFromMessageContext(Utils.java:531)
at org.apache.axis2.description.OutInAxisOperationClient.handleResponse(OutInAxisOperation.java:381)
at org.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisOperation.java:456)
at org.apache.axis2.description.OutInAxisOperationClient.executeImpl(OutInAxisOperation.java:227)
at org.apache.axis2.client.OperationClient.execute(OperationClient.java:149)
at org.wso2.carbon.apimgt.keymgt.stub.validator.APIKeyValidationServiceStub.validateKey(APIKeyValidationServiceStub.java:531)
at org.wso2.carbon.apimgt.gateway.handlers.security.keys.APIKeyValidatorClient.getAPIKeyData(APIKeyValidatorClient.java:110)
... 19 more
我没有使用多租户模式,只有一个UI。
奇怪的是,我还有其他带有WSO2API-M的测试实例,但只有单独的网关,那里没有此类错误。
[1] https://docs.wso2.com/display/AM210/Configuring+a+Third-Party+Key+Manager
答案 0 :(得分:0)
当试图破解这个东西时,我能够在Postman中获得消息:
<am:fault xmlns:am="http://wso2.org/apimanager">
<am:code>0</am:code>
<am:type>Status report</am:type>
<am:message>Runtime Error</am:message>
<am:description>Error occured in the mediation of the class mediator</am:description>
</am:fault>
在存储库\部署\服务器\突触配置\默认\序列中删除bot自定义类介体后,该错误消失了。所以这是集成的问题。