堆栈内存溢出
  简体   繁体   English

[WSO2 APIM 4.1][WSO2 IS 5.11] 更改应用程序的所有者 / http 错误 401

[英][WSO2 APIM 4.1][WSO2 IS 5.11] Changing the Owner of an Application / http error 401

 原文  2022-08-17 16:43:17       wso2/ wso2-api-manager/ wso2-identity-server

问题描述

I have configured a distributed wso2 api management platform with separated traffic manager and an identity server as key manager:我已经配置了一个分布式 wso2 api 管理平台,具有分离的流量管理器和一个身份服务器作为密钥管理器:

https://apim.docs.wso2.com/en/latest/install-and-setup/setup/distributed-deployment/configuring-wso2-identity-server-as-a-key-manager/ https://apim.docs.wso2.com/en/latest/install-and-setup/setup/distributed-deployment/configuring-wso2-identity-server-as-a-key-manager/

https://apim.docs.wso2.com/en/latest/install-and-setup/setup/distributed-deployment/deploying-wso2-api-m-in-a-distributed-setup-with-tm-separated/ https://apim.docs.wso2.com/en/latest/install-and-setup/setup/distributed-deployment/deploying-wso2-api-m-in-a-distributed-setup-with-tm-se

I am trying to change the ownership of an application as desribed the instructions in the documentation below:我正在尝试按照以下文档中的说明更改应用程序的所有权:

https://apim.docs.wso2.com/en/latest/consume/manage-application/advanced-topics/changing-the-owner-of-an-application/ https://apim.docs.wso2.com/en/latest/consume/manage-application/advanced-topics/changeing-the-owner-of-an-application/

It works fine but as soon as i generate client credentials for my application, i no longer can change the owner and I get the following error.它工作正常,但是一旦我为我的应用程序生成客户端凭据,我就不能再更改所有者并且我收到以下错误。

TID: [-1234] [api/am/admin] [2022-08-17 18:09:07,903] ERROR {org.wso2.carbon.apimgt.rest.api.admin.v1.impl.ApplicationsApiServiceImpl} - Error while updating application owner 9eaefedz7b-e4e6fefeefeeea-f8410fefefre53 org.wso2.carbon.apimgt.api.APIManagementException: Error occurred while updating OAuth Client :
        at org.wso2.carbon.apimgt.impl.AbstractKeyManager.handleException_aroundBody12(AbstractKeyManager.java:274)
        at org.wso2.carbon.apimgt.impl.AbstractKeyManager.handleException(AbstractKeyManager.java:272)
        at org.wso2.carbon.apimgt.impl.AMDefaultKeyManagerImpl.updateApplicationOwner_aroundBody6(AMDefaultKeyManagerImpl.java:402)
        at org.wso2.carbon.apimgt.impl.AMDefaultKeyManagerImpl.updateApplicationOwner(AMDefaultKeyManagerImpl.java:390)
        at org.wso2.carbon.apimgt.impl.APIConsumerImpl.updateApplicationOwner_aroundBody178(APIConsumerImpl.java:4707)
        at org.wso2.carbon.apimgt.impl.APIConsumerImpl.updateApplicationOwner(APIConsumerImpl.java:4667)
        at org.wso2.carbon.apimgt.rest.api.admin.v1.impl.ApplicationsApiServiceImpl.applicationsApplicationIdChangeOwnerPost(ApplicationsApiServiceImpl.java:67)
        at org.wso2.carbon.apimgt.rest.api.admin.v1.ApplicationsApi.applicationsApplicationIdChangeOwnerPost(ApplicationsApi.java:56)
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
        at java.lang.reflect.Method.invoke(Method.java:498)
        at org.apache.cxf.service.invoker.AbstractInvoker.performInvocation(AbstractInvoker.java:179)
        at org.apache.cxf.service.invoker.AbstractInvoker.invoke(AbstractInvoker.java:96)
        at org.apache.cxf.jaxrs.JAXRSInvoker.invoke(JAXRSInvoker.java:201)
        at org.apache.cxf.jaxrs.JAXRSInvoker.invoke(JAXRSInvoker.java:104)
        at org.apache.cxf.interceptor.ServiceInvokerInterceptor$1.run(ServiceInvokerInterceptor.java:59)
        at org.apache.cxf.interceptor.ServiceInvokerInterceptor.handleMessage(ServiceInvokerInterceptor.java:96)
        at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:307)
        at org.apache.cxf.transport.ChainInitiationObserver.onMessage(ChainInitiationObserver.java:121)
        at org.apache.cxf.transport.http.AbstractHTTPDestination.invoke(AbstractHTTPDestination.java:265)
        at org.apache.cxf.transport.servlet.ServletController.invokeDestination(ServletController.java:234)
        at org.apache.cxf.transport.servlet.ServletController.invoke(ServletController.java:208)
        at org.apache.cxf.transport.servlet.ServletController.invoke(ServletController.java:160)
        at org.apache.cxf.transport.servlet.CXFNonSpringServlet.invoke(CXFNonSpringServlet.java:225)
        at org.apache.cxf.transport.servlet.AbstractHTTPServlet.handleRequest(AbstractHTTPServlet.java:304)
        at org.apache.cxf.transport.servlet.AbstractHTTPServlet.doPost(AbstractHTTPServlet.java:217)
        at javax.servlet.http.HttpServlet.service(HttpServlet.java:681)
        at org.apache.cxf.transport.servlet.AbstractHTTPServlet.service(AbstractHTTPServlet.java:279)
        at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:227)
        at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162)
        at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:53)
        at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189)
        at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162)
        at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:197)
        at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:97)
        at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:540)
        at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:135)
        at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:92)
        at org.wso2.carbon.identity.context.rewrite.valve.TenantContextRewriteValve.invoke(TenantContextRewriteValve.java:107)
        at org.wso2.carbon.identity.authz.valve.AuthorizationValve.invoke(AuthorizationValve.java:110)
        at org.wso2.carbon.identity.auth.valve.AuthenticationValve.invoke(AuthenticationValve.java:102)
        at org.wso2.carbon.tomcat.ext.valves.CompositeValve.continueInvocation(CompositeValve.java:101)
        at org.wso2.carbon.tomcat.ext.valves.TomcatValveContainer.invokeValves(TomcatValveContainer.java:49)
        at org.wso2.carbon.tomcat.ext.valves.CompositeValve.invoke(CompositeValve.java:62)
        at org.wso2.carbon.tomcat.ext.valves.CarbonStuckThreadDetectionValve.invoke(CarbonStuckThreadDetectionValve.java:146)
        at org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:687)
        at org.wso2.carbon.tomcat.ext.valves.CarbonContextCreatorValve.invoke(CarbonContextCreatorValve.java:58)
        at org.wso2.carbon.tomcat.ext.valves.RequestCorrelationIdValve.invoke(RequestCorrelationIdValve.java:126)
        at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:78)
        at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:359)
        at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:399)
        at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:65)
        at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:889)
        at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1735)
        at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)
        at org.apache.tomcat.util.threads.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1191)
        at org.apache.tomcat.util.threads.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:659)
        at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
        at java.lang.Thread.run(Thread.java:748)
Caused by: org.wso2.carbon.apimgt.impl.kmclient.KeyManagerClientException: Received status code: 401 Reason:
        at org.wso2.carbon.apimgt.impl.kmclient.KMClientErrorDecoder.decode_aroundBody0(KMClientErrorDecoder.java:42)
        at org.wso2.carbon.apimgt.impl.kmclient.KMClientErrorDecoder.decode(KMClientErrorDecoder.java:35)
        at feign.AsyncResponseHandler.handleResponse(AsyncResponseHandler.java:96)
        at feign.SynchronousMethodHandler.executeAndDecode(SynchronousMethodHandler.java:138)
        at feign.SynchronousMethodHandler.invoke(SynchronousMethodHandler.java:89)
        at feign.ReflectiveFeign$FeignInvocationHandler.invoke(ReflectiveFeign.java:100)
        at com.sun.proxy.$Proxy440.updateApplicationOwner(Unknown Source)
        at org.wso2.carbon.apimgt.impl.AMDefaultKeyManagerImpl.updateApplicationOwner_aroundBody6(AMDefaultKeyManagerImpl.java:398)
        ... 57 more

I don't understand why the identity server sends 401 http status?我不明白为什么身份服务器会发送 401 http 状态? Can anybody help =) ?任何人都可以帮助 =) 吗?

1 个解决方案

解决方案1
 0  2022-08-19 12:50:16

i got http 401 cuz the resource called while trying to update the ownership of an application (with authorization keys) was not allowed due the resources acces control configuration in identity server dployment.toml file:我得到 http 401 因为身份服务器 dployment.toml 文件中的资源访问控制配置,在尝试更新应用程序的所有权(使用授权密钥)时调用的资源是不允许的:

context = "(.)/keymanager-operations/dcr/register(.)"
secure = true
http_method = "POST"
permissions = "/permission/admin/manage/identity/applicationmgt/update"
scopes = "internal_application_mgt_update"

it works after changing the context parameter in the configuration above, from:它在更改上述配置中的上下文参数后起作用,从:

context = "(.)/keymanager-operations/dcr/register(.)"

to:至:

context = "(.*)/keymanager-operations/dcr/register(.*)"

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 JWT 在 WSO2 APIM 3.1.0 - JWT in WSO2 APIM 3.1.0 配置 WSO2 APIM Analytics 3.1.0 时出错 - Error while configuring WSO2 APIM Analytics 3.1.0 wso2 身份服务器:Oauth 2.0 自定义授权不适用于 5.11 - wso2 identity server: Oauth 2.0 custom grant is not working for 5.11 如何在 WSO2 APIM 中的“脚本中介”javascript 语言中发送 http 请求? - How to send http request in "script mediator" javascript language in WSO2 APIM? WSO2 APIM V4.1.0 中的货币化剥离帐户密钥错误 - Monetization Strip Account key Error in WSO2 APIM V4.1.0 无法在 wso2 apim 的调解突触中发送请求 - Cannot send request in mediation synapse in wso2 apim 在 wso2 apim 4.1.0 中提取请求响应中介的信息 - Extract information of request in response mediator in wso2 apim 4.1.0 wso2 相互 ssl curl 命令 APIM 3.2.0 - wso2 mutual ssl curl command APIM 3.2.0 AWS Aurora 对 WSO2 EI/MI/APIM/IS 的支持 - AWS Aurora Support for WSO2 EI/MI/APIM/IS 无法在 Minikube Kubernetes 集群中部署 WSO2 APIM - Unable to deploy WSO2 APIM in Minikube Kubernetes cluster
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM