[Apiman-user] Cannot publish Service with Basic Auth API Security
Eric Wittmann
eric.wittmann at redhat.com
Tue Jan 12 11:00:57 EST 2016
This is exactly right. I do want to note, for the record, that as of
1.2.0 we have a data export feature that is intended to make upgrades
easier. The procedure for upgrading apiman should be something like this:
1) export the apiman data (there is a UI screen to do this)
2) shut down apiman-oldversion
3) install apiman-newversion
4) run apiman-newversion
5) import the apiman data exported in step #1 (there is a UI screen to
do this)
Further, steps #1 and #5 are supported in the API Manager REST API - so
you could automate this if needed.
Finally, the export file in step #1 is a simple JSON output format,
which can be tweaked/processed easily prior to importing it in step #5.
-Eric
On 1/12/2016 10:07 AM, Paul Blair wrote:
> I was just dealing with the same problem, which is why I upgraded to 1.2.0.
>
> After upgrading, I found that the exception was caused by the publisher
> trying to publish to the wrong URI, because the gateway wasn't accessible
> on the URI that is specified in the gateway setup. This doesn't sound like
> the problem you're having, though, because you seem to be able to publish
> ok before you change authentication.
>
> With regard to upgrading to 1.2.0 -- the DDL changed, so I wound up
> tearing down my apiman database and re-running the DDL; if you are in
> production and need to upgrade this could be trickier because I believe
> you'll need to create a diff script yourself. I also needed to bring in
> the changes to apiman.properties and apiman-realm.json.
>
>
> On 1/12/16, 9:04 AM, "Eric Wittmann" <eric.wittmann at redhat.com> wrote:
>
>> Hi Joe - I think you're running into a bug in 1.1.9.Final that is
>> unfortunately masking the real publishing error. :(
>>
>> We have a couple of options here:
>>
>> 1) Try to get a 1.1.10.Final released that fixes the problem (which
>> would at least let us see why publishing was failing)
>> 2) Try to debug the reason for the failure by attaching a java debugger
>> to a running apiman
>> 3) Download the latest version 1.2.0.Final which I believe fixes the NPE
>> problem
>>
>> Any of those options sound reasonable? Note that if you install
>> 1.2.0.Final you'll need to reconfigure all your APIs again from scratch.
>> We don't yet have a migration/upgrade path from 1.1 to 1.2.
>>
>> -Eric
>>
>> On 1/11/2016 6:08 PM, Joe Strathern wrote:
>>> Hello APIMan Community,
>>>
>>> I am trying to create and publish a service within APIMan that is
>>> secured by basic authentication, however i am encountering errors
>>> whenever i set the Implementation to Basic Auth and then try to publish.
>>>
>>> I am currently using APIMan 1.1.9 within Wildfly 8.2.0.Final
>>> The Service will publish without issues if i set the Implementation to
>>> None, however as soon as i set it to BASIC (with the correct
>>> username/pass) I get a Server Error 500 page with the following stack
>>> trace:
>>>
>>> io.apiman.manager.api.rest.contract.exceptions.ActionException: Failed
>>> to publish service.
>>> at
>>> io.apiman.manager.api.rest.impl.util.ExceptionFactory.actionException(Exc
>>> eptionFactory.java:308)
>>> at
>>> io.apiman.manager.api.rest.impl.ActionResourceImpl.publishService(ActionR
>>> esourceImpl.java:201)
>>> at
>>> io.apiman.manager.api.rest.impl.ActionResourceImpl.performAction(ActionRe
>>> sourceImpl.java:103)
>>> at
>>> io.apiman.manager.api.rest.impl.ActionResourceImpl$Proxy$_$$_WeldClientPr
>>> oxy.performAction(Unknown Source)
>>> at sun.reflect.GeneratedMethodAccessor157.invoke(Unknown Source)
>>> at
>>> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorI
>>> mpl.java:43)
>>> at java.lang.reflect.Method.invoke(Method.java:497)
>>> at
>>> org.jboss.resteasy.core.MethodInjectorImpl.invoke(MethodInjectorImpl.java
>>> :137)
>>> at
>>> org.jboss.resteasy.core.ResourceMethodInvoker.invokeOnTarget(ResourceMeth
>>> odInvoker.java:296)
>>> at
>>> org.jboss.resteasy.core.ResourceMethodInvoker.invoke(ResourceMethodInvoke
>>> r.java:250)
>>> at
>>> org.jboss.resteasy.core.ResourceMethodInvoker.invoke(ResourceMethodInvoke
>>> r.java:237)
>>> at
>>> org.jboss.resteasy.core.SynchronousDispatcher.invoke(SynchronousDispatche
>>> r.java:356)
>>> at
>>> org.jboss.resteasy.core.SynchronousDispatcher.invoke(SynchronousDispatche
>>> r.java:179)
>>> at
>>> org.jboss.resteasy.plugins.server.servlet.ServletContainerDispatcher.serv
>>> ice(ServletContainerDispatcher.java:220)
>>> at
>>> org.jboss.resteasy.plugins.server.servlet.HttpServletDispatcher.service(H
>>> ttpServletDispatcher.java:56)
>>> at
>>> org.jboss.resteasy.plugins.server.servlet.HttpServletDispatcher.service(H
>>> ttpServletDispatcher.java:51)
>>> at javax.servlet.http.HttpServlet.service(HttpServlet.java:790)
>>> at
>>> io.undertow.servlet.handlers.ServletHandler.handleRequest(ServletHandler.
>>> java:85)
>>> at
>>> io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(Filte
>>> rHandler.java:130)
>>> at
>>> io.apiman.common.servlet.RootResourceFilter.doFilter(RootResourceFilter.j
>>> ava:59)
>>> at
>>> io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:60)
>>> at
>>> io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(Filte
>>> rHandler.java:132)
>>> at
>>> io.apiman.manager.api.war.TransactionWatchdogFilter.doFilter(TransactionW
>>> atchdogFilter.java:57)
>>> at
>>> io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:60)
>>> at
>>> io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(Filte
>>> rHandler.java:132)
>>> at
>>> io.apiman.manager.api.security.impl.DefaultSecurityContextFilter.doFilter
>>> (DefaultSecurityContextFilter.java:56)
>>> at
>>> io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:60)
>>> at
>>> io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(Filte
>>> rHandler.java:132)
>>> at
>>> io.apiman.common.servlet.DisableCachingFilter.doFilter(DisableCachingFilt
>>> er.java:59)
>>> at
>>> io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:60)
>>> at
>>> io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(Filte
>>> rHandler.java:132)
>>> at
>>> io.apiman.common.servlet.ApimanCorsFilter.doFilter(ApimanCorsFilter.java:
>>> 71)
>>> at
>>> io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:60)
>>> at
>>> io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(Filte
>>> rHandler.java:132)
>>> at
>>> io.apiman.common.servlet.LocaleFilter.doFilter(LocaleFilter.java:61)
>>> at
>>> io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:60)
>>> at
>>> io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(Filte
>>> rHandler.java:132)
>>> at
>>> io.undertow.servlet.handlers.FilterHandler.handleRequest(FilterHandler.ja
>>> va:85)
>>> at
>>> io.undertow.servlet.handlers.security.ServletSecurityRoleHandler.handleRe
>>> quest(ServletSecurityRoleHandler.java:61)
>>> at
>>> io.undertow.servlet.handlers.ServletDispatchingHandler.handleRequest(Serv
>>> letDispatchingHandler.java:36)
>>> at
>>> org.wildfly.extension.undertow.security.SecurityContextAssociationHandler
>>> .handleRequest(SecurityContextAssociationHandler.java:78)
>>> at
>>> io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandl
>>> er.java:43)
>>> at
>>> org.keycloak.adapters.undertow.UndertowAuthenticatedActionsHandler.handle
>>> Request(UndertowAuthenticatedActionsHandler.java:66)
>>> at
>>> io.undertow.servlet.handlers.security.SSLInformationAssociationHandler.ha
>>> ndleRequest(SSLInformationAssociationHandler.java:131)
>>> at
>>> io.undertow.servlet.handlers.security.ServletAuthenticationCallHandler.ha
>>> ndleRequest(ServletAuthenticationCallHandler.java:56)
>>> at
>>> io.undertow.server.handlers.DisableCacheHandler.handleRequest(DisableCach
>>> eHandler.java:33)
>>> at
>>> io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandl
>>> er.java:43)
>>> at
>>> io.undertow.security.handlers.AuthenticationConstraintHandler.handleReque
>>> st(AuthenticationConstraintHandler.java:51)
>>> at
>>> io.undertow.security.handlers.AbstractConfidentialityHandler.handleReques
>>> t(AbstractConfidentialityHandler.java:45)
>>> at
>>> io.undertow.servlet.handlers.security.ServletConfidentialityConstraintHan
>>> dler.handleRequest(ServletConfidentialityConstraintHandler.java:63)
>>> at
>>> io.undertow.servlet.handlers.security.ServletSecurityConstraintHandler.ha
>>> ndleRequest(ServletSecurityConstraintHandler.java:56)
>>> at
>>> io.undertow.security.handlers.AuthenticationMechanismsHandler.handleReque
>>> st(AuthenticationMechanismsHandler.java:58)
>>> at
>>> io.undertow.servlet.handlers.security.CachedAuthenticatedSessionHandler.h
>>> andleRequest(CachedAuthenticatedSessionHandler.java:70)
>>> at
>>> io.undertow.security.handlers.SecurityInitialHandler.handleRequest(Securi
>>> tyInitialHandler.java:76)
>>> at
>>> io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandl
>>> er.java:43)
>>> at
>>> org.wildfly.extension.undertow.security.jacc.JACCContextIdHandler.handleR
>>> equest(JACCContextIdHandler.java:61)
>>> at
>>> io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandl
>>> er.java:43)
>>> at
>>> org.keycloak.adapters.undertow.ServletPreAuthActionsHandler.handleRequest
>>> (ServletPreAuthActionsHandler.java:69)
>>> at
>>> io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandl
>>> er.java:43)
>>> at
>>> io.undertow.servlet.handlers.ServletInitialHandler.handleFirstRequest(Ser
>>> vletInitialHandler.java:261)
>>> at
>>> io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(Servle
>>> tInitialHandler.java:247)
>>> at
>>> io.undertow.servlet.handlers.ServletInitialHandler.access$000(ServletInit
>>> ialHandler.java:76)
>>> at
>>> io.undertow.servlet.handlers.ServletInitialHandler$1.handleRequest(Servle
>>> tInitialHandler.java:166)
>>> at
>>> io.undertow.server.Connectors.executeRootHandler(Connectors.java:197)
>>> at
>>> io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:759)
>>> at
>>> java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java
>>> :1142)
>>> at
>>> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.jav
>>> a:617)
>>> at java.lang.Thread.run(Thread.java:745)
>>> Caused by: io.apiman.gateway.engine.beans.exceptions.PublishingException
>>> at
>>> io.apiman.manager.api.gateway.rest.GatewayClient.readPublishingException(
>>> GatewayClient.java:273)
>>> at
>>> io.apiman.manager.api.gateway.rest.GatewayClient.publish(GatewayClient.ja
>>> va:216)
>>> at
>>> io.apiman.manager.api.gateway.rest.RestGatewayLink.publishService(RestGat
>>> ewayLink.java:162)
>>> at
>>> io.apiman.manager.api.rest.impl.ActionResourceImpl.publishService(ActionR
>>> esourceImpl.java:189)
>>> ... 66 more
>>> Caused by: java.lang.NullPointerException
>>> at java.lang.Throwable.setStackTrace(Throwable.java:864)
>>> at
>>> io.apiman.manager.api.gateway.rest.GatewayClient.readPublishingException(
>>> GatewayClient.java:271)
>>> ... 69 more
>>>
>>>
>>> If anyone has seen this before and has a possible workaround/solution,
>>> please let me know.
>>>
>>> Thanks,
>>> Joe
>>>
>>>
>>> _______________________________________________
>>> Apiman-user mailing list
>>> Apiman-user at lists.jboss.org
>>> https://lists.jboss.org/mailman/listinfo/apiman-user
>>>
>> _______________________________________________
>> Apiman-user mailing list
>> Apiman-user at lists.jboss.org
>> https://lists.jboss.org/mailman/listinfo/apiman-user
>
More information about the Apiman-user
mailing list