WSO2 API Key Manager

Question

I am configuring our API Manager, but running into troubles authenticating via OAuth, seems to be an issue with the API Key Manager. I haven't dug into it yet, but does this come with the API Manager (as I have assumed) or is this a separate installation?

Answer 1

I had the same issue when using the wso2 api manager on a Amazon hosted machine, turn out that Thrift was not working correctly because some problem with multicasting and broadcasting.

What I did to get it working was to switch from ThriftClient to WSClient. If you have a huge amount of requests coming in then Thrift is the recommended solution from wso2 but in any "normal" case you will not have any differences between thrift and WS.

Here is how you switch:

1. Shut down the API Manager
2. Open up <api manager install dir>\\repository\\conf\\api-manager.xml
3. Find ThriftClient
4. Change this to <KeyValidatorClientType>WSClient</KeyValidatorClientType>
5. Start the API Manager

You may get some Warnings while starting up but, try it before you jump to the conclusion that it doesn't work.

Hope it helps!

Answer 2

您可以在分布式设置中使用 APIM 管理器产品作为密钥管理器、网关、商店、发布者......但所有功能都在一个发行版中......查看 文档以获取更多指南

Answer 3

I was facing the same issue. Everything started when I created my own jks in order to use SSL without a self-signed certificate. I successfully created the jks and changed it in the carbon file. When I started the server, everything seemed ok; but when I used SOAPUI to test an API call, I got this (in the logs of the api manager):

APIAuthenticationHandler API authentication failure due to Unclassified Authentication Failure

I started digging what was the problem by enabling Debug level in the log4j.properties file, and then tried again a tested with SOAPUI and I got:

APISecurityException: Could not connect to <my api ip address> on port 10397

Then, I read the comment of OneMuppet and I checked that file and I found that the Thrift config has a host option, so I uncommented it:

<KeyValidatorClientType>ThriftClient</KeyValidatorClientType>
<ThriftClientPort>10397</ThriftClientPort>
<ThriftClientConnectionTimeOut>10000</ThriftClientConnectionTimeOut>
<ThriftServerPort>10397</ThriftServerPort>

This Line -->    <ThriftServerHost>localhost</ThriftServerHost>

<EnableThriftServer>true</EnableThriftServer>

Save, restarted the server and everything start working correctly.

Answer 4

I got the same below issue after my installation, when i try to invoke the api service it is throwing below error: 900900 Unclassified Authentication Failure Error while accessing backend services for API key validation

After some random checks i have seen the axis2.xml file in /repository/conf/axis2 there it is refering a differnt ip's instead. I change these ip's to my local ip and restarted. The issue is resolved now.

Answer 5

I was facing the same issue. when I was trying to setup API Manager as an API Gateway in a different machine as per the steps given here,

https://docs.wso2.com/display/AM250/Publish+through+Multiple+API+Gateways

Once the setup is done and when I am trying to use this gateway URL, I was getting the below response,

{"fault":{"code":900900,"message":"Unclassified Authentication Failure","description":"Error while accessing backend services for API key validation"}}

After changing the KeyValidatorClientType value to WSClient from ThriftClient on the <api manager install dir>\\repository\\conf\\api-manager.xml

It started working fine. And I was able to get the expected response.

Answer 6

If you changed the admin password, then you also have to update the repository/conf/api-manager.xml file with the new password. The 2 places I have changed (so far) are:

<AuthManager>

and

<APIKeyManager>

but there are other admin usernames in that file. No doubt, I'll get to them....