WSO2 API Manager - 令牌限制20KPerToken
[英]WSO2 API Manager - Token restrictions 20KPerToken
問題描述
我可以限制令牌為每個令牌有效性請求生成20K。 我的用例是:向用戶令牌提供年度有效性和每個令牌限制20K。
預先感謝您的任何幫助!
編輯:當我添加應用程序限制20PerYear並生成有效期為-1的令牌時,它不起作用,因為我可以執行任意數量的請求,而不僅僅是20。
使用案例:我想向客戶端出售20K請求,而不是根據時間。 也許WSO2為我的用例提供了另一種解決方案?
更新:
1)我添加了5PerAllTime應用程序層:
2)為每個令牌配額選擇新創建的應用程序AllTime為5PerAllTime
3)為新創建的應用程序AllTime生成生產令牌,有效期為-1
2)將PizzaShackAPI添加到應用程序
4)獲取大量菜單請求,但任何限制都不可見:\\
我究竟做錯了什么?
解:
一切正常。 我在Windows上,當我添加新的應用程序層時,我在日志中看到Windows上的文件路徑發生了一些不好的事情:
TID: [-1234] [] [2016-11-03 10:02:36,113] ERROR {org.apache.axis2.rpc.receivers.RPCMessageReceiver} - Illegal char <:> at index 2: /D:/taras2/wso2/WSO2AM~1.0/bin/../repository/deployment/server/\executionplans {org.apache.axis2.rpc.receivers.RPCMessageReceiver}
java.lang.reflect.InvocationTargetException
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:483)
at org.apache.axis2.rpc.receivers.RPCUtil.invokeServiceClass(RPCUtil.java:212)
at org.apache.axis2.rpc.receivers.RPCMessageReceiver.invokeBusinessLogic(RPCMessageReceiver.java:117)
at org.apache.axis2.receivers.AbstractInOutMessageReceiver.invokeBusinessLogic(AbstractInOutMessageReceiver.java:40)
at org.apache.axis2.receivers.AbstractMessageReceiver.receive(AbstractMessageReceiver.java:110)
at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:180)
at org.apache.axis2.transport.http.HTTPTransportUtils.processHTTPPostRequest(HTTPTransportUtils.java:173)
at org.apache.axis2.transport.http.AxisServlet.doPost(AxisServlet.java:146)
at org.wso2.carbon.core.transports.CarbonServlet.doPost(CarbonServlet.java:231)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:650)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:731)
at org.eclipse.equinox.http.servlet.internal.ServletRegistration.service(ServletRegistration.java:61)
at org.eclipse.equinox.http.servlet.internal.ProxyServlet.processAlias(ProxyServlet.java:128)
at org.eclipse.equinox.http.servlet.internal.ProxyServlet.service(ProxyServlet.java:68)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:731)
at org.wso2.carbon.tomcat.ext.servlet.DelegationServlet.service(DelegationServlet.java:68)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:303)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
at org.owasp.csrfguard.CsrfGuardFilter.doFilter(CsrfGuardFilter.java:88)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
at org.wso2.carbon.ui.filters.CSRFPreventionFilter.doFilter(CSRFPreventionFilter.java:88)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
at org.wso2.carbon.ui.filters.CRLFPreventionFilter.doFilter(CRLFPreventionFilter.java:59)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
at org.wso2.carbon.tomcat.ext.filter.CharacterSetFilter.doFilter(CharacterSetFilter.java:61)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
at org.apache.catalina.filters.HttpHeaderSecurityFilter.doFilter(HttpHeaderSecurityFilter.java:120)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:220)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:122)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:505)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:169)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:103)
at org.wso2.carbon.tomcat.ext.valves.CompositeValve.continueInvocation(CompositeValve.java:99)
at org.wso2.carbon.tomcat.ext.valves.CarbonTomcatValve$1.invoke(CarbonTomcatValve.java:47)
at org.wso2.carbon.webapp.mgt.TenantLazyLoaderValve.invoke(TenantLazyLoaderValve.java:57)
at org.wso2.carbon.event.receiver.core.internal.tenantmgt.TenantLazyLoaderValve.invoke(TenantLazyLoaderValve.java:48)
at org.wso2.carbon.tomcat.ext.valves.TomcatValveContainer.invokeValves(TomcatValveContainer.java:47)
at org.wso2.carbon.tomcat.ext.valves.CompositeValve.invoke(CompositeValve.java:62)
at org.wso2.carbon.tomcat.ext.valves.CarbonStuckThreadDetectionValve.invoke(CarbonStuckThreadDetectionValve.java:159)
at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:956)
at org.wso2.carbon.tomcat.ext.valves.CarbonContextCreatorValve.invoke(CarbonContextCreatorValve.java:57)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:116)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:436)
at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1078)
at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:625)
at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1749)
at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.run(NioEndpoint.java:1708)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
at java.lang.Thread.run(Thread.java:745)
Caused by: java.nio.file.InvalidPathException: Illegal char <:> at index 2: /D:/taras2/wso2/WSO2AM~1.0/bin/../repository/deployment/server/\executionplans
at sun.nio.fs.WindowsPathParser.normalize(WindowsPathParser.java:182)
at sun.nio.fs.WindowsPathParser.parse(WindowsPathParser.java:153)
at sun.nio.fs.WindowsPathParser.parse(WindowsPathParser.java:77)
at sun.nio.fs.WindowsPath.parse(WindowsPath.java:94)
at sun.nio.fs.WindowsFileSystem.getPath(WindowsFileSystem.java:255)
at java.nio.file.Paths.get(Paths.java:84)
at org.wso2.carbon.event.processor.core.internal.util.EventProcessorUtil.validateFilePath(EventProcessorUtil.java:387)
at org.wso2.carbon.event.processor.core.internal.util.EventProcessorConfigurationFilesystemInvoker.save(EventProcessorConfigurationFilesystemInvoker.java:77)
at org.wso2.carbon.event.processor.core.internal.CarbonEventProcessorService.deployExecutionPlan(CarbonEventProcessorService.java:127)
at org.wso2.carbon.event.processor.admin.EventProcessorAdminService.deployExecutionPlan(EventProcessorAdminService.java:53)
... 63 more
在那個錯誤之后,我可以看到我的應用程序層進入選擇框,但系統中沒有我的層的文件和限制不起作用。 所以我手動將這個文件添加到filepath $ {carbon.home} / repository / deployment / server / executionplans中。
20KPerYear新執行計划示例(名為carbon.super_app_20KPerYear.siddhiql):
/* Enter a unique ExecutionPlan */
@Plan:name('carbon.super_app_20KPerYear')
/* Enter a unique description for ExecutionPlan */
@Plan:description('Allows 20K request per year')
/* define streams/tables and write queries here ... */
@Import('org.wso2.throttle.processed.request.stream:1.0.0')
define stream RequestStream (messageID string, appKey string, appTier string, subscriptionKey string, apiKey string, apiTier string, subscriptionTier string, resourceKey string, resourceTier string, userId string, apiContext string, apiVersion string, appTenant string, apiTenant string, appId string, apiName string, propertiesMap string);
@Export('org.wso2.throttle.globalThrottle.stream:1.0.0')
define stream GlobalThrottleStream (throttleKey string, isThrottled bool, expiryTimeStamp long);
FROM RequestStream
SELECT messageID, ( appTenant == 'carbon.super' and appTier == '20KPerYear') AS isEligible, appKey AS throttleKey
INSERT INTO EligibilityStream;
FROM EligibilityStream[isEligible==true]#throttler:timeBatch(1 year, 0)
select throttleKey, (count(messageID) >= 20000) as isThrottled, expiryTimeStamp
group by throttleKey
INSERT ALL EVENTS into ResultStream;
from ResultStream#throttler:emitOnStateChange(throttleKey, isThrottled)
select *
insert into GlobalThrottleStream;
1 個解決方案
解決方案1
1 已采納 2016-11-02 13:45:32
您可以為此設置Application Level限制策略。 在此處閱讀更多信息。
更新:要限制每年的請求數,可以將限制級別設置為20kPerYear。 要在1年后過期令牌,您可以在identity.xml設置AccessTokenDefaultValidityPeriod 。
我只是嘗試了20年的限制,以確保這個工作正常。 在大約21-22之后,請求請求因此響應失敗。
{"fault":{"code":900803,"message":"Message throttled out","description":"You have
exceeded your quota","nextAccessTime":"2016-Dec-20 00:00:00+0000 UTC"}}
請注意,由於限制以異步方式工作,因此在20個請求之后可能無法完全限制。 會有一個小緩沖區。
WSO2 API管理器“無法找到到請求的目標{org .wso2.carbon.apimgt.hostobjects.APIProviderHostObject}的有效證書路徑”
[英]WSO2 API Manager “unable to find valid certification path to requested target {org .wso2.carbon.apimgt.hostobjects.APIProviderHostObject}”
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.