堆棧內存溢出
  簡體   English   中英

wso2:無法通過新的租戶管理員登錄wso2 API-M

[英]wso2 : Can't log in wso2 API-M via new tenant admin

 原文  2016-06-15 03:09:48       wso2/ wso2is/ wso2-am

問題描述

環境:wso2 API-M + wso2身份服務器(密鑰管理器),它們共享同一用戶存儲。

1.創建一個新的租戶TA。 (完成)

2.TA管理員嘗試登錄發布者。 (失敗)

ps:即使admin@carbon.super也無法登錄。

API-M錯誤日志: 

    TID: [-1234] [] [2016-06-15 02:52:50,150] INFO {org.apache.axis2.transport.http.HTTPSender} - Unable to sendViaPost to url[https://my-idp:9443/services/LoggedUserInfoAdmin] {org.apache.axis2.transport.http.HTTPSender} 
    org.apache.axis2.AxisFault: Transport error: 401 Error: Unauthorized 
            at org.apache.axis2.transport.http.HTTPSender.handleResponse(HTTPSender.java:331) 
            at org.apache.axis2.transport.http.HTTPSender.sendViaPost(HTTPSender.java:196) 
            at org.apache.axis2.transport.http.HTTPSender.send(HTTPSender.java:77) 
            at org.apache.axis2.transport.http.CommonsHTTPTransportSender.writeMessageWithCommons(CommonsHTTPTransportSender.java:451) 
            at org.apache.axis2.transport.http.CommonsHTTPTransportSender.invoke(CommonsHTTPTransportSender.java:278) 
            at org.apache.axis2.engine.AxisEngine.send(AxisEngine.java:442) 
            at org.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisOperation.java:430) 
            at org.apache.axis2.description.OutInAxisOperationClient.executeImpl(OutInAxisOperation.java:225) 
            at org.apache.axis2.client.OperationClient.execute(OperationClient.java:149) 
            at org.wso2.carbon.core.commons.stub.loggeduserinfo.LoggedUserInfoAdminStub.getUserInfo(LoggedUserInfoAdminStub.java:187) 
            at
    org.wso2.carbon.apimgt.impl.utils.APIUtil.getLoggedInUserInfo(APIUtil.java:2064) 
            at org.wso2.carbon.apimgt.hostobjects.APIProviderHostObject.jsFunction_login(APIProviderHostObject.java:228) 
            at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) 
            at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) 
            at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) 
            at java.lang.reflect.Method.invoke(Method.java:498) 
            at org.mozilla.javascript.MemberBox.invoke(MemberBox.java:126) 
            at org.mozilla.javascript.FunctionObject.call(FunctionObject.java:386) 
            at org.mozilla.javascript.optimizer.OptRuntime.call2(OptRuntime.java:42) 
            at org.jaggeryjs.rhino.publisher.modules.user.c1._c_anonymous_1(/publisher/modules/user/login.jag:19) 
            at org.jaggeryjs.rhino.publisher.modules.user.c1.call(/publisher/modules/user/login.jag) 
            at org.mozilla.javascript.ScriptRuntime.applyOrCall(ScriptRuntime.java:2430) 
            at org.mozilla.javascript.BaseFunction.execIdCall(BaseFunction.java:269) 
            at org.mozilla.javascript.IdFunctionObject.call(IdFunctionObject.java:97)
     at org.mozilla.javascript.optimizer.OptRuntime.call2(OptRuntime.java:42) 
            at org.jaggeryjs.rhino.publisher.modules.user.c0._c_anonymous_1(/publisher/modules/user/module.jag:5) 
            at org.jaggeryjs.rhino.publisher.modules.user.c0.call(/publisher/modules/user/module.jag) 
            at org.mozilla.javascript.optimizer.OptRuntime.callN(OptRuntime.java:52) 
            at org.jaggeryjs.rhino.publisher.site.blocks.user.login.ajax.c0._c_anonymous_1(/publisher/site/blocks/user/login/ajax/login.jag:26) 
            at org.jaggeryjs.rhino.publisher.site.blocks.user.login.ajax.c0.call(/publisher/site/blocks/user/login/ajax/login.jag) 
            at org.mozilla.javascript.optimizer.OptRuntime.call0(OptRuntime.java:23) 
            at org.jaggeryjs.rhino.publisher.site.blocks.user.login.ajax.c0._c_script_0(/publisher/site/blocks/user/login/ajax/login.jag:5) 
            at org.jaggeryjs.rhino.publisher.site.blocks.user.login.ajax.c0.call(/publisher/site/blocks/user/login/ajax/login.jag) 
            at org.mozilla.javascript.ContextFactory.doTopCall(ContextFactory.java:394) 
            at org.mozilla.javascript.ScriptRuntime.doTopCall(ScriptRuntime.java:3091) 
            at org.jaggeryjs.rhino.publisher.site.blocks.user.login.ajax.c0.call(/publisher/site/blocks/user/login/ajax/login.jag)

org.wso2.carbon.tomcat.ext.valves.CarbonContextCreatorValve.invoke(CarbonContextCreatorValve.java:57) 
            at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:116) 
            at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:421) 
            at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1074) 
            at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:611) 
            at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1739) 
            at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.run(NioEndpoint.java:1698) 
            at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) 
            at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) 
            at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) 
            at java.lang.Thread.run(Thread.java:745)

身份服務器錯誤日志: 

[2016-06-15 03:53:38,767] ERROR {AUDIT_LOG}- Illegal access attempt at [2016-06-15 03:53:38,0767] from IP address 10.10.81.176 while trying to authenticate access to service LoggedUserInfoAdmin

我的問題:

1.創建新的租戶后,應該配置一些東西嗎?

2.我發現carbon.super租戶中有10個應用程序(顯示在“管理/應用程序/列表”中),但新租戶TA中沒有一個。是否應該在“管理/應用程序”中添加發布者和存儲應用程序(jaggery)?

2016-08-11新 

<UserStoreManager class="org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager"> 
      <Property name="TenantManager">org.wso2.carbon.user.core.tenant.CommonHybridLDAPTenantManager</Property> 
      <Property name="ConnectionURL">ldap://LDAP_IP:389</Property> 
      <Property name="ConnectionName">uid=manager,ou=admins,dc=dc,dc=com</Property> 
      <Property name="ConnectionPassword">password</Property> 
      <Property name="UserSearchBase">ou=system,dc=dc,dc=com</Property> 
      <Property name="UserNameAttribute">uid</Property> 
      <Property name="UserNameSearchFilter">(&amp;(objectClass=OpenLDAPperson)(uid=?))</Property> 
      <Property name="UserNameListFilter">(objectClass=OpenLDAPperson)</Property> 
      <Property name="DisplayNameAttribute"/> 
      <Property name="ReadGroups">true</Property> 
      <Property name="GroupSearchBase">ou=groups,dc=dc,dc=com</Property> 
      <Property name="GroupNameAttribute">cn</Property> 
      <Property name="GroupNameSearchFilter">(&amp;(objectClass=groupOfNames)(cn=?))</Property> 
      <Property name="GroupNameListFilter">(objectClass=groupOfNames)</Property> 
      <Property name="MembershipAttribute">member</Property> 
      <Property name="BackLinksEnabled">false</Property> 
      <Property name="UsernameJavaRegEx">[a-zA-Z0-9._-|//]{3,30}$</Property> 
      <Property name="PasswordJavaRegEx">^[\S]{5,30}$</Property> 
      <Property name="RolenameJavaRegEx">[a-zA-Z0-9._-|//]{3,30}$</Property> 
      <Property name="SCIMEnabled">false</Property> 
      <Property name="PasswordHashMethod">PLAIN_TEXT</Property> 
      <Property name="MultiAttributeSeparator">,</Property> 
      <Property name="MaxUserNameListLength">100</Property> 
      <Property name="MaxRoleNameListLength">100</Property> 
      <Property name="UserRolesCacheEnabled">true</Property> 
      <Property name="ConnectionPoolingEnabled">true</Property> 
      <Property name="LDAPConnectionTimeout">5000</Property> 
      <Property name="ReadTimeout"/> 
      <Property name="RetryAttempts"/> 
      <Property name="ReplaceEscapeCharactersAtUserLogin">true</Property> 
    </UserStoreManager>

謝謝

湯姆

1 個解決方案

解決方案1
 0  2016-08-08 04:37:47

我認為問題出在您的用戶存儲配置中。 您能否將下面的用戶存儲配置添加到APIM節點和IS節點中的user-mgt.xml文件中,並驗證結果。 該文件位於/ repository / conf文件夾中。 

 <UserStoreManager class="org.wso2.carbon.user.core.jdbc.JDBCUserStoreManager"> <Property name="TenantManager">org.wso2.carbon.user.core.tenant.JDBCTenantManager</Property> <Property name="ReadOnly">false</Property> <Property name="MaxUserNameListLength">100</Property> <Property name="IsEmailUserName">false</Property> <Property name="DomainCalculation">default</Property> <Property name="PasswordDigest">SHA-256</Property> <Property name="StoreSaltedPassword">true</Property> <Property name="UserNameUniqueAcrossTenants">false</Property> <Property name="PasswordJavaRegEx">[\\S]{5,30}$</Property> <Property name="PasswordJavaScriptRegEx">[\\\\S]{5,30}</Property> <Property name="UsernameJavaRegEx">^[^~!#$;%^*+={}\\\\|\\\\\\\\&lt;&gt;,\\'\\"]{3,30}$</Property> <Property name="UsernameJavaScriptRegEx">[\\\\S]{3,30}</Property> <Property name="RolenameJavaRegEx">^[^~!@#$;%^*+={}\\\\|\\\\\\\\&lt;&gt;,\\'\\"]{3,30}$</Property> <Property name="RolenameJavaScriptRegEx">[\\\\S]{3,30}</Property> <Property name="UserRolesCacheEnabled">true</Property> </UserStoreManager>

希望這些信息對您有所幫助。

暫無
暫無

聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.

相關問題 wso2:無法登錄API發布者並通過租戶admin進行存儲 無法訪問管理設置頁面 wso2 api-m WSO2 API-M Puppet模塊 wso2 API-M 3.0-如何為產品/管理api調用獲取oauth令牌 wso2 API-M:通過使用wso2 API-M store rest api獲得401未經身份驗證的結果 WSO2 Api-M 在數據庫中保存請求 所有五個WSO2 API-M組件上的wso2“完整且相同” master-datasources.xml 如何在 Docker 中配置 WSO2 API-M 3.0.0 和 API-M Analytics 3.0.0? 使用登錄和訂閱權限向 WSO2 API-M 添加新角色不允許用戶登錄訂閱者門戶 WSO2:如何在具有API-M和身份服務器的SSO設置環境中通過API獲取用戶訪問令牌?
相關標簽
 
粵ICP備18138465號  © 2020-2024 STACKOOM.COM