[Apiman-user] Cannot publish Service with Basic Auth API Security
Paul Blair
pblair at clearme.com
Tue Jan 12 10:07:14 EST 2016
I was just dealing with the same problem, which is why I upgraded to 1.2.0.
After upgrading, I found that the exception was caused by the publisher
trying to publish to the wrong URI, because the gateway wasn't accessible
on the URI that is specified in the gateway setup. This doesn't sound like
the problem you're having, though, because you seem to be able to publish
ok before you change authentication.
With regard to upgrading to 1.2.0 -- the DDL changed, so I wound up
tearing down my apiman database and re-running the DDL; if you are in
production and need to upgrade this could be trickier because I believe
you'll need to create a diff script yourself. I also needed to bring in
the changes to apiman.properties and apiman-realm.json.
On 1/12/16, 9:04 AM, "Eric Wittmann" <eric.wittmann at redhat.com> wrote:
>Hi Joe - I think you're running into a bug in 1.1.9.Final that is
>unfortunately masking the real publishing error. :(
>
>We have a couple of options here:
>
>1) Try to get a 1.1.10.Final released that fixes the problem (which
>would at least let us see why publishing was failing)
>2) Try to debug the reason for the failure by attaching a java debugger
>to a running apiman
>3) Download the latest version 1.2.0.Final which I believe fixes the NPE
>problem
>
>Any of those options sound reasonable? Note that if you install
>1.2.0.Final you'll need to reconfigure all your APIs again from scratch.
> We don't yet have a migration/upgrade path from 1.1 to 1.2.
>
>-Eric
>
>On 1/11/2016 6:08 PM, Joe Strathern wrote:
>> Hello APIMan Community,
>>
>> I am trying to create and publish a service within APIMan that is
>> secured by basic authentication, however i am encountering errors
>> whenever i set the Implementation to Basic Auth and then try to publish.
>>
>> I am currently using APIMan 1.1.9 within Wildfly 8.2.0.Final
>> The Service will publish without issues if i set the Implementation to
>> None, however as soon as i set it to BASIC (with the correct
>> username/pass) I get a Server Error 500 page with the following stack
>>trace:
>>
>> io.apiman.manager.api.rest.contract.exceptions.ActionException: Failed
>>to publish service.
>> at
>>io.apiman.manager.api.rest.impl.util.ExceptionFactory.actionException(Exc
>>eptionFactory.java:308)
>> at
>>io.apiman.manager.api.rest.impl.ActionResourceImpl.publishService(ActionR
>>esourceImpl.java:201)
>> at
>>io.apiman.manager.api.rest.impl.ActionResourceImpl.performAction(ActionRe
>>sourceImpl.java:103)
>> at
>>io.apiman.manager.api.rest.impl.ActionResourceImpl$Proxy$_$$_WeldClientPr
>>oxy.performAction(Unknown Source)
>> at sun.reflect.GeneratedMethodAccessor157.invoke(Unknown Source)
>> at
>>sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorI
>>mpl.java:43)
>> at java.lang.reflect.Method.invoke(Method.java:497)
>> at
>>org.jboss.resteasy.core.MethodInjectorImpl.invoke(MethodInjectorImpl.java
>>:137)
>> at
>>org.jboss.resteasy.core.ResourceMethodInvoker.invokeOnTarget(ResourceMeth
>>odInvoker.java:296)
>> at
>>org.jboss.resteasy.core.ResourceMethodInvoker.invoke(ResourceMethodInvoke
>>r.java:250)
>> at
>>org.jboss.resteasy.core.ResourceMethodInvoker.invoke(ResourceMethodInvoke
>>r.java:237)
>> at
>>org.jboss.resteasy.core.SynchronousDispatcher.invoke(SynchronousDispatche
>>r.java:356)
>> at
>>org.jboss.resteasy.core.SynchronousDispatcher.invoke(SynchronousDispatche
>>r.java:179)
>> at
>>org.jboss.resteasy.plugins.server.servlet.ServletContainerDispatcher.serv
>>ice(ServletContainerDispatcher.java:220)
>> at
>>org.jboss.resteasy.plugins.server.servlet.HttpServletDispatcher.service(H
>>ttpServletDispatcher.java:56)
>> at
>>org.jboss.resteasy.plugins.server.servlet.HttpServletDispatcher.service(H
>>ttpServletDispatcher.java:51)
>> at javax.servlet.http.HttpServlet.service(HttpServlet.java:790)
>> at
>>io.undertow.servlet.handlers.ServletHandler.handleRequest(ServletHandler.
>>java:85)
>> at
>>io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(Filte
>>rHandler.java:130)
>> at
>>io.apiman.common.servlet.RootResourceFilter.doFilter(RootResourceFilter.j
>>ava:59)
>> at
>>io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:60)
>> at
>>io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(Filte
>>rHandler.java:132)
>> at
>>io.apiman.manager.api.war.TransactionWatchdogFilter.doFilter(TransactionW
>>atchdogFilter.java:57)
>> at
>>io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:60)
>> at
>>io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(Filte
>>rHandler.java:132)
>> at
>>io.apiman.manager.api.security.impl.DefaultSecurityContextFilter.doFilter
>>(DefaultSecurityContextFilter.java:56)
>> at
>>io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:60)
>> at
>>io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(Filte
>>rHandler.java:132)
>> at
>>io.apiman.common.servlet.DisableCachingFilter.doFilter(DisableCachingFilt
>>er.java:59)
>> at
>>io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:60)
>> at
>>io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(Filte
>>rHandler.java:132)
>> at
>>io.apiman.common.servlet.ApimanCorsFilter.doFilter(ApimanCorsFilter.java:
>>71)
>> at
>>io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:60)
>> at
>>io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(Filte
>>rHandler.java:132)
>> at
>>io.apiman.common.servlet.LocaleFilter.doFilter(LocaleFilter.java:61)
>> at
>>io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:60)
>> at
>>io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(Filte
>>rHandler.java:132)
>> at
>>io.undertow.servlet.handlers.FilterHandler.handleRequest(FilterHandler.ja
>>va:85)
>> at
>>io.undertow.servlet.handlers.security.ServletSecurityRoleHandler.handleRe
>>quest(ServletSecurityRoleHandler.java:61)
>> at
>>io.undertow.servlet.handlers.ServletDispatchingHandler.handleRequest(Serv
>>letDispatchingHandler.java:36)
>> at
>>org.wildfly.extension.undertow.security.SecurityContextAssociationHandler
>>.handleRequest(SecurityContextAssociationHandler.java:78)
>> at
>>io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandl
>>er.java:43)
>> at
>>org.keycloak.adapters.undertow.UndertowAuthenticatedActionsHandler.handle
>>Request(UndertowAuthenticatedActionsHandler.java:66)
>> at
>>io.undertow.servlet.handlers.security.SSLInformationAssociationHandler.ha
>>ndleRequest(SSLInformationAssociationHandler.java:131)
>> at
>>io.undertow.servlet.handlers.security.ServletAuthenticationCallHandler.ha
>>ndleRequest(ServletAuthenticationCallHandler.java:56)
>> at
>>io.undertow.server.handlers.DisableCacheHandler.handleRequest(DisableCach
>>eHandler.java:33)
>> at
>>io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandl
>>er.java:43)
>> at
>>io.undertow.security.handlers.AuthenticationConstraintHandler.handleReque
>>st(AuthenticationConstraintHandler.java:51)
>> at
>>io.undertow.security.handlers.AbstractConfidentialityHandler.handleReques
>>t(AbstractConfidentialityHandler.java:45)
>> at
>>io.undertow.servlet.handlers.security.ServletConfidentialityConstraintHan
>>dler.handleRequest(ServletConfidentialityConstraintHandler.java:63)
>> at
>>io.undertow.servlet.handlers.security.ServletSecurityConstraintHandler.ha
>>ndleRequest(ServletSecurityConstraintHandler.java:56)
>> at
>>io.undertow.security.handlers.AuthenticationMechanismsHandler.handleReque
>>st(AuthenticationMechanismsHandler.java:58)
>> at
>>io.undertow.servlet.handlers.security.CachedAuthenticatedSessionHandler.h
>>andleRequest(CachedAuthenticatedSessionHandler.java:70)
>> at
>>io.undertow.security.handlers.SecurityInitialHandler.handleRequest(Securi
>>tyInitialHandler.java:76)
>> at
>>io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandl
>>er.java:43)
>> at
>>org.wildfly.extension.undertow.security.jacc.JACCContextIdHandler.handleR
>>equest(JACCContextIdHandler.java:61)
>> at
>>io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandl
>>er.java:43)
>> at
>>org.keycloak.adapters.undertow.ServletPreAuthActionsHandler.handleRequest
>>(ServletPreAuthActionsHandler.java:69)
>> at
>>io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandl
>>er.java:43)
>> at
>>io.undertow.servlet.handlers.ServletInitialHandler.handleFirstRequest(Ser
>>vletInitialHandler.java:261)
>> at
>>io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(Servle
>>tInitialHandler.java:247)
>> at
>>io.undertow.servlet.handlers.ServletInitialHandler.access$000(ServletInit
>>ialHandler.java:76)
>> at
>>io.undertow.servlet.handlers.ServletInitialHandler$1.handleRequest(Servle
>>tInitialHandler.java:166)
>> at
>>io.undertow.server.Connectors.executeRootHandler(Connectors.java:197)
>> at
>>io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:759)
>> at
>>java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java
>>:1142)
>> at
>>java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.jav
>>a:617)
>> at java.lang.Thread.run(Thread.java:745)
>> Caused by: io.apiman.gateway.engine.beans.exceptions.PublishingException
>> at
>>io.apiman.manager.api.gateway.rest.GatewayClient.readPublishingException(
>>GatewayClient.java:273)
>> at
>>io.apiman.manager.api.gateway.rest.GatewayClient.publish(GatewayClient.ja
>>va:216)
>> at
>>io.apiman.manager.api.gateway.rest.RestGatewayLink.publishService(RestGat
>>ewayLink.java:162)
>> at
>>io.apiman.manager.api.rest.impl.ActionResourceImpl.publishService(ActionR
>>esourceImpl.java:189)
>> ... 66 more
>> Caused by: java.lang.NullPointerException
>> at java.lang.Throwable.setStackTrace(Throwable.java:864)
>> at
>>io.apiman.manager.api.gateway.rest.GatewayClient.readPublishingException(
>>GatewayClient.java:271)
>> ... 69 more
>>
>>
>> If anyone has seen this before and has a possible workaround/solution,
>> please let me know.
>>
>> Thanks,
>> Joe
>>
>>
>> _______________________________________________
>> Apiman-user mailing list
>> Apiman-user at lists.jboss.org
>> https://lists.jboss.org/mailman/listinfo/apiman-user
>>
>_______________________________________________
>Apiman-user mailing list
>Apiman-user at lists.jboss.org
>https://lists.jboss.org/mailman/listinfo/apiman-user
More information about the Apiman-user
mailing list