堆栈内存溢出
  简体   繁体   English

无法终止 WSO2 IS 会话

[英]Unable to terminate WSO2 IS sessions

 原文  2020-12-15 18:52:45       session/ wso2/ wso2is

问题描述

I previously had issues with WSO2 IS active-sessions-limit-handler not working.我之前遇到过 WSO2 IS active-sessions-limit-handler 无法正常工作的问题。 It was resolved by a previous question I asked (I upgraded to 5.11.0).之前提出的一个问题解决了这个问题(我升级到了 5.11.0)。

Now the issue is that when I follow this guide and setup an active-sessions-limit-handler for an SP, the server knows when I exceed the limit, but it is not able to deal with the situation correctly.现在的问题是,当我按照本指南为 SP 设置活动会话限制处理程序时,服务器知道我何时超出限制,但它无法正确处理这种情况。

I have the max number of sessions set to 2, so when I try and login with the same user for a third time WSO2 correctly knows it is now over the limit.我将最大会话数设置为 2,因此当我第三次尝试使用同一用户登录时,WSO2 正确地知道它现在已超过限制。 The issue is it gives me the following screen:问题是它给了我以下屏幕: wso2 会话错误

When I select any of the 3 presented options, I get an Authentication Error and the login fails.当我 select 提供的 3 个选项中的任何一个时,我收到一个身份验证错误并且登录失败。 If I go to the My Account page for the user I can see that the sessions are active that are expected to be.如果我将 go 转到用户的“我的帐户”页面,我可以看到会话处于活动状态,这是预期的。

It seems like WSO2 is unable to retrieve the active sessions. WSO2 似乎无法检索活动会话。 When this error happens, I also see the following error log which appears to be that WSO2 is making a call to it's own API that is being rejected as unauthorized:发生此错误时,我还看到以下错误日志,这似乎是 WSO2 正在调用它自己的 API 被拒绝为未经授权:

java.io.IOException: Server returned HTTP response code: 401 for URL: https://HOST:9443/api/identity/auth/v1.1/context/916aff37-aaf8-464c-bede-7f249279ff1a

Do I need to configure anything differently for the API to not return a 401?我是否需要为 API 配置任何不同的东西才能不返回 401? I haven't been able to find any open issues that seem to be the same problem.我还没有找到任何似乎是相同问题的未解决问题。

EDIT, adding full stacktrace:编辑,添加完整的堆栈跟踪:

[2020-12-16 17:49:00,105] [4e6a703b-f19a-4d27-a80e-c2f2088f7d0e]  INFO {org.wso2.carbon.identity.application.authentication.framework.config.model.graph.js.JsLogger} - USER Has one of Roles: [admin]
[2020-12-16 17:49:00,334] [2192ca86-fc09-4767-9647-ff8ec91a6698] ERROR {org.wso2.carbon.identity.application.authentication.endpoint.util.AuthContextAPIClient} - Sending GET request to URL : https://HOST:9443/api/identity/auth/v1.1/context/1bef7d0a-5aba-4e14-a7a3-a6bb53e02a62, failed. java.io.IOException: Server returned HTTP response code: 401 for URL: https://HOST:9443/api/identity/auth/v1.1/context/1bef7d0a-5aba-4e14-a7a3-a6bb53e02a62
    at java.base/sun.net.www.protocol.http.HttpURLConnection.getInputStream0(HttpURLConnection.java:1924)
    at java.base/sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1520)
    at java.base/sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(HttpsURLConnectionImpl.java:250)
    at org.wso2.carbon.identity.application.authentication.endpoint.util.AuthContextAPIClient.getContextProperties(AuthContextAPIClient.java:69)
    at org.apache.jsp.handle_002dmultiple_002dsessions_jsp._jspService(handle_002dmultiple_002dsessions_jsp.java:256)
    at org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:71)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:741)
    at org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:477)
    at org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:385)
    at org.apache.jasper.servlet.JspServlet.service(JspServlet.java:329)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:741)
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:231)
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
    at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:53)
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
    at org.wso2.carbon.ui.filters.cache.ContentTypeBasedCachePreventionFilter.doFilter(ContentTypeBasedCachePreventionFilter.java:53)
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
    at org.wso2.carbon.identity.application.authentication.endpoint.util.filter.AuthenticationEndpointFilter.doFilter(AuthenticationEndpointFilter.java:190)
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
    at org.apache.catalina.filters.HttpHeaderSecurityFilter.doFilter(HttpHeaderSecurityFilter.java:126)
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
    at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:202)
    at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:96)
    at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:541)
    at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:139)
    at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:92)
    at org.wso2.carbon.identity.context.rewrite.valve.TenantContextRewriteValve.invoke(TenantContextRewriteValve.java:107)
    at org.wso2.carbon.identity.cors.valve.CORSValve.invoke(CORSValve.java:98)
    at org.wso2.carbon.identity.authz.valve.AuthorizationValve.invoke(AuthorizationValve.java:110)
    at org.wso2.carbon.identity.auth.valve.AuthenticationValve.invoke(AuthenticationValve.java:102)
    at org.wso2.carbon.tomcat.ext.valves.CompositeValve.continueInvocation(CompositeValve.java:99)
    at org.wso2.carbon.tomcat.ext.valves.TomcatValveContainer.invokeValves(TomcatValveContainer.java:49)
    at org.wso2.carbon.tomcat.ext.valves.CompositeValve.invoke(CompositeValve.java:62)
    at org.wso2.carbon.tomcat.ext.valves.CarbonStuckThreadDetectionValve.invoke(CarbonStuckThreadDetectionValve.java:145)
    at org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:690)
    at org.wso2.carbon.tomcat.ext.valves.CarbonContextCreatorValve.invoke(CarbonContextCreatorValve.java:57)
    at org.wso2.carbon.tomcat.ext.valves.RequestEncodingValve.invoke(RequestEncodingValve.java:49)
    at org.wso2.carbon.tomcat.ext.valves.RequestCorrelationIdValve.invoke(RequestCorrelationIdValve.java:126)
    at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:74)
    at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:343)
    at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:373)
    at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:65)
    at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:868)
    at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1590)
    at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)
    at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128)
    at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628)
    at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
    at java.base/java.lang.Thread.run(Thread.java:834)

1 个解决方案

解决方案1
 0  2020-12-17 16:18:49

Try the scenario by uncommenting the <context-param> block with the name AuthenticationRESTEndpointURL in <IS_HOME>/repository/deployment/server/webapps/authenticationendpoint/WEB-INF/web.xml file.通过取消注释<IS_HOME>/repository/deployment/server/webapps/authenticationendpoint/WEB-INF/web.xml文件中名为AuthenticationRESTEndpointURL<context-param>块来尝试该方案。

    <!-- *************** Authentication REST API URL Configuration ********************** -->
    <context-param>
        <param-name>AuthenticationRESTEndpointURL</param-name>
        <param-value>https://localhost:9443/api/identity/auth/v1.1/</param-value>
    </context-param>
    <!-- *************** End of Authentication REST API URL Configuration ********************** -->```

解决方案2
 -1  2021-12-22 08:09:50

Hi @Anuradha @wearebob嗨@Anuradha @wearebob

I am also facing the same issue, my Identity Server is front ending with NGINX as load balancer我也面临同样的问题,我的身份服务器前端以 NGINX 作为负载均衡器

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 无法限制 WSO2 身份服务器上的最大 session - Unable to limit maximum session on WSO2 Identity Server 使用WSO2在IdP启动的单次注销期间无法使Asp.Net会话无效 - Unable to invalidate Asp.Net Session during IdP initiated Single LogOut with WSO2 如何在tomcat中访问会话并终止其中一个会话 - How to access sessions in tomcat and terminate one of them WSO2身份服务器STS会话 - WSO2 Identity Server STS Session wso2 IS 5.0 SP1:会话持久性 - wso2 IS 5.0 SP1 : session persistence wso2 IS sp1会话管理续 - wso2 IS sp1 session management contd WSO2 Identity Server SOAP API和群集 - WSO2 Identity Server SOAP API and clustering 终止仅由Access VBA创建的所有剩余Excel会话 - Terminate All Remaining Excel Sessions, only created by Access VBA Procedure 通过 user_id 查找并终止所有活动会话 - find and terminate all active sessions by user_id SQLAlchemy Session.remove() 似乎没有终止会话 - SQLAlchemy Session.remove() doesn't seem to terminate sessions
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM