wso2 api manager clustering

 

I am trying to set up a cluster for WSO2 api manager and I am following https://docs.wso2.com/display/CLUSTER44x/Clustering+API+Manager+1.10.0

I am using seperate VMs for each of the component and currently in my setup I am able to

  • Publish an api using the publisher which gets published in the Gateway (Visible in the log)
  • Subscribe to this API from the store and generate keys

    • However when I am trying to access this api using the generated key I get the following response 

    <soapenv:Fault xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
    <faultcode xmlns:axis2ns2="http://schemas.xmlsoap.org/soap/envelope/">axis2ns2:Client</faultcode>
    <faultstring>Authentication Failure</faultstring>
    <detail>Error while accessing backend services for API key validation</detail>
</soapenv:Fault>

    In the gateway logs I can see only the below line. There is no further details in the logs 

    TID: [-1234] [] [2016-02-02 16:55:58,288]  WARN {org.wso2.carbon.apimgt.gateway.handlers.security.APIAuthenticat
ionHandler} -  API authentication failure due to Unclassified Authentication Failure {org.wso2.carbon.apimgt.gat
eway.handlers.security.APIAuthenticationHandler}

    Please help me to resolve this issue.

    That sounds like an issue with your API - API Manager doesn't actually "authenticate anything" unless you are using identity server see here for the difference between authentication and authorization (what WSO2 does through Oauth). Please try an API that is know to work such as http://petstore.swagger.io/ and report back the error.

    This can happen due to many reason. Please check some of the reasons below

  • Key Manager's public certificate isn'y properly imported in the <GATEWAY_HOME>/repository/resources/security/client-truststore.jks

  • Open the api-manager.xml fie of the gateway and key manager nodes and change the <KeyValidatorClientType> to WSClient as bellow (default value is ThriftClient ). 

    <KeyValidatorClientType>WSClient</KeyValidatorClientType>

    • The reason for this could be a result of misconfiguration between nodes. First you can double check the configurations (specially keyvalidator related configurations)

    If you could not find any issue there, then you can enable debug logs and get some idea about the issue

    add following entires in repository/conf/log4j.properties in gateway node 

    log4j.logger.org.wso2.carbon.apimgt.gateway.handlers.security=DEBUG

    add following entires in repository/conf/log4j.properties in key manager node 

    log4j.logger.org.wso2.carbon.apimgt.keymgt=DEBUG

    You might be able to find the issue by analyzing the logs

    链接地址: http://www.djcxy.com/p/22250.html

    上一篇: 是否使用强大的命名组件来保护插件安全?

    下一篇: wso2 api管理器集群