我们在上报告的问题类似。 WSO2 Authenticationless on Gateway nodeding WSO2 AM 2.1.0,但我们的配置略有不同,我们做了一些额外的测试。
Environment: Ubuntu LTS 16.04.4 Java "1.8.0_171" (known reported issues, see below) WSO2 2.1.0 We have deactivated the compression in the 3 nodes, editing the catalina-server.xml Additional: We have repeated the tests after downgrading Java to 1.8.0_144. Same results.
We have deployed, in the same machine, 3 nodes - 1 manager wso2server.sh start - 2 gateways wso2server.sh -Dprofile=gateway-manager start - Unique H2 databases set, shared for all nodes (we are able to rebuild the environment in any moment, from scratch)
Initial test
- We have configured API Key Validator using thrift. There is only one ThriftServer, started in the manager node
主管Node Key Validator(按实例变更真正的东道名称)
<APIKeyValidator> <ServerURL>https://apimanager.example.com:9443/services/</ServerURL> <Username>${admin.username}</Username> <Password>${admin.password}</Password> <KeyValidatorClientType>ThriftClient</KeyValidatorClientType> <ThriftClientConnectionTimeOut>10000</ThriftClientConnectionTimeOut> <EnableThriftServer>true</EnableThriftServer> <ThriftServerHost>apimanager.example.com</ThriftServerHost> <ThriftClientPort>10397</ThriftClientPort> <KeyValidationHandlerClassName>org.wso2.carbon.apimgt.keymgt.handlers.DefaultKeyValidationHandler</KeyValidationHandlerClassName> </APIKeyValidator>除参数<代码><EnableThriftServer>
Test result In API Console, we get (we are using the PizzaShack API sample in GET /menu)
{ "fault": { "code": 900900, "message": "Unclassified Authentication Failure", "description": "Error while accessing backend services for API key validation" } }
Gateway trace
TID: [-1234] [] [2018-05-21 13:15:17,351] WARN {org.wso2.carbon.apimgt.gateway.handlers.security.thrift.ThriftKeyValidatorClient} - Login failed.. Authenticating again.. {org.wso2.carbon.apimgt.gateway.handlers.security.thrift.ThriftKeyValidatorClient}
TID: [-1234] [] [2018-05-21 13:15:17,392] WARN {org.wso2.carbon.apimgt.gateway.handlers.security.APIAuthenticationHandler} - API authentication failure due to Unclassified Authentication Failure {org.wso2.carbon.apimgt.gateway.handlers.security.APIAuthenticationHandler}
TID: [-1234] [] [2018-05-21 13:15:17,372] INFO {org.wso2.carbon.core.services.util.CarbonAuthenticationUtil} - [email protected] [-1234] logged in at [2018-05-21 13:15:17,372+0200] from IP address {org.wso2.carbon.core.services.util.CarbonAuthenticationUtil}
Test with debug enabled
不可能在以前的试卷中测试(见Bee的评论)。
Additional tests
- Following the suggestions of the original post, we have changed the APIKeyValidator to WSClient. After some initial configuration problem, this work fine
- We have tried also calling with CURL, no change.