1. 首頁
  2. 問答
  3. 帶有IS授權服務的WSO2 ESB代理錯誤

帶有IS授權服務的WSO2 ESB代理錯誤

2016-11-25 124 views
1

我正在按照教程:http://wso2.com/library/articles/2015/02/how-to-write-a-web-application-backed-by-wso2-middleware-part-3/帶有IS授權服務的WSO2 ESB代理錯誤

我的架構的一些信息: IS端口:HTTPS:9440 HTTP:9760 ESB端口:HTTPS:9444,8242 HTTP:9764,8281 DSS服務:http:9764(內ESB作爲特徵)

我定義的代理服務如下: EntitlementFilterPolicy.xml

<Policy xmlns="urn:oasis:names:tc:xacml:3.0:core:schema:wd-17" PolicyId="EntitlementFilterPolicy" RuleCombiningAlgId="urn:oasis:names:tc:xacml:1.0:rule-combining-algorithm:first-applicable" Version="1.0"> 
    <Target></Target> 
    <Rule Effect="Permit" RuleId="Rule1"> 
     <Target> 
     <AnyOf> 
      <AllOf> 
       <Match MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal"> 
        <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">/WSO2HealthWebApplication2/addPatient.jsp</AttributeValue> 
        <AttributeDesignator AttributeId="urn:oasis:names:tc:xacml:1.0:resource:resource-id" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="true"></AttributeDesignator> 
       </Match> 
       <Match MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal"> 
        <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">GET</AttributeValue> 
        <AttributeDesignator AttributeId="urn:oasis:names:tc:xacml:1.0:action:action-id" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:action" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="true"></AttributeDesignator> 
       </Match> 
      </AllOf> 
     </AnyOf> 
     </Target> 
     <Condition> 
     <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-at-least-one-member-of"> 
      <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-bag"> 
       <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">write</AttributeValue> 
      </Apply> 
      <AttributeDesignator AttributeId="http://wso2.org/claims/role" Category="urn:oasis:names:tc:xacml:1.0:subject-category:access-subject" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="true"></AttributeDesignator> 
     </Apply> 
     </Condition> 
    </Rule> 
    <Rule Effect="Permit" RuleId="Rule2"> 
     <Target> 
     <AnyOf> 
      <AllOf> 
       <Match MatchId="urn:oasis:names:tc:xacml:1.0:function:string-regexp-match"> 
        <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">/WSO2HealthWebApplication2/(patientInfoPage|getPatientDetails).jsp</AttributeValue> 
        <AttributeDesignator AttributeId="urn:oasis:names:tc:xacml:1.0:resource:resource-id" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="true"></AttributeDesignator> 
       </Match> 
       <Match MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal"> 
        <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">GET</AttributeValue> 
        <AttributeDesignator AttributeId="urn:oasis:names:tc:xacml:1.0:action:action-id" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:action" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="true"></AttributeDesignator> 
       </Match> 
      </AllOf> 
     </AnyOf> 
     </Target> 
     <Condition> 
     <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-at-least-one-member-of"> 
      <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-bag"> 
       <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">write</AttributeValue> 
       <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">read</AttributeValue> 
      </Apply> 
      <AttributeDesignator AttributeId="http://wso2.org/claims/role" Category="urn:oasis:names:tc:xacml:1.0:subject-category:access-subject" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="true"></AttributeDesignator> 
     </Apply> 
     </Condition> 
    </Rule> 
</Policy>  


<?xml version="1.0" encoding="UTF-8"?> 
<proxy xmlns="http://ws.apache.org/ns/synapse" 
     name="WSO2HealthITProxy5" 
     startOnLoad="true" 
     statistics="disable" 
     trace="disable" 
     transports="https,http"> 
    <target> 
     <inSequence> 
     <property name="username" scope="axis2" type="STRING" value="fausto"/> 
     <entitlementService callbackClass="org.wso2.carbon.identity.entitlement.mediator.callback.UTEntitlementCallbackHandler" 
          client="basicAuth" 
          remoteServicePassword="enc:bS+kMgBk0W1nzqVwpAJ3RRkbieLEuMepiGa/sf9mQrVvbyNrAf1vbsJTohkX2KBr6oVVUcwSiT/lNi54B/4WMQMrcXWN+ewktsZTRlj8qE7lwyJZ0kfUvm+9h5rN8MRfJvQ8FQ8gxoHyNuhR4dD2J3l/nWxgjfnfWPpI8LV4zwk=" 
          remoteServiceUrl="https://localhost:9440/services/" 
          remoteServiceUserName="admin"> 
      <onReject> 
       <log level="custom"> 
        <property name="FAULT" value="ON REJECT CALLED"/> 
       </log> 
       <makefault version="soap11"> 
        <code xmlns:soap11Env="http://schemas.xmlsoap.org/soap/envelope/" 
         value="soap11Env:Server"/> 
        <reason value="UNAUTHORIZED"/> 
        <role/> 
        <detail>XACML Authorization Failed</detail> 
       </makefault> 
       <property name="RESPONSE" scope="default" type="STRING" value="true"/> 
       <header action="remove" name="To" scope="default"/> 
       <send/> 
      </onReject> 
      <onAccept> 
       <log level="custom"> 
        <property name="FAULT" value="ON ACCEPT CALLED"/> 
       </log> 
       <send> 
        <endpoint> 
        <address uri="http://localhost:9764/services/WSO2HealthIT"/> 
        </endpoint> 
       </send> 
      </onAccept> 
      <obligations/> 
      <advice/> 
     </entitlementService> 
     </inSequence> 
     <outSequence> 
     <header xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" 
       action="remove" 
       name="wsse:Security"/> 
     <send/> 
     </outSequence> 
    </target> 
    <publishWSDL uri="http://localhost:9764/services/WSO2HealthIT?wsdl2"/> 
    <description/> 
</proxy>

在IS方面,如下定義了策略

dssOperationPolicy.xml

<Policy xmlns="urn:oasis:names:tc:xacml:3.0:core:schema:wd-17" PolicyId="dssOperationsPolicy" RuleCombiningAlgId="urn:oasis:names:tc:xacml:1.0:rule-combining-algorithm:first-applicable" Version="1.0"> 
    <Target></Target> 
    <Rule Effect="Permit" RuleId="Rule1"> 
     <Target> 
     <AnyOf> 
      <AllOf> 
       <Match MatchId="urn:oasis:names:tc:xacml:1.0:function:string-regexp-match"> 
        <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">.*/WSO2HealthITProxy5/patientDetailsByNumber</AttributeValue> 
        <AttributeDesignator AttributeId="urn:oasis:names:tc:xacml:1.0:resource:resource-id" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="true"></AttributeDesignator> 
       </Match> 
       <Match MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal"> 
        <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">read</AttributeValue> 
        <AttributeDesignator AttributeId="urn:oasis:names:tc:xacml:1.0:action:action-id" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:action" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="true"></AttributeDesignator> 
       </Match> 
      </AllOf> 
     </AnyOf> 
     </Target> 
     <Condition> 
     <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-at-least-one-member-of"> 
      <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-bag"> 
       <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">write</AttributeValue> 
       <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">read</AttributeValue> 
      </Apply> 
      <AttributeDesignator AttributeId="http://wso2.org/claims/role" Category="urn:oasis:names:tc:xacml:1.0:subject-category:access-subject" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="true"></AttributeDesignator> 
     </Apply> 
     </Condition> 
    </Rule> 
    <Rule Effect="Permit" RuleId="Rule2"> 
     <Target> 
     <AnyOf> 
      <AllOf> 
       <Match MatchId="urn:oasis:names:tc:xacml:1.0:function:string-regexp-match"> 
        <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">.*/WSO2HealthITProxy5/registerPatient</AttributeValue> 
        <AttributeDesignator AttributeId="urn:oasis:names:tc:xacml:1.0:resource:resource-id" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="true"></AttributeDesignator> 
       </Match> 
       <Match MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal"> 
        <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">read</AttributeValue> 
        <AttributeDesignator AttributeId="urn:oasis:names:tc:xacml:1.0:action:action-id" Category="urn:oasis:names:tc:xacml:3.0:attribute-category:action" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="true"></AttributeDesignator> 
       </Match> 
      </AllOf> 
     </AnyOf> 
     </Target> 
     <Condition> 
     <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-at-least-one-member-of"> 
      <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-bag"> 
       <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">write</AttributeValue> 
      </Apply> 
      <AttributeDesignator AttributeId="http://wso2.org/claims/role" Category="urn:oasis:names:tc:xacml:1.0:subject-category:access-subject" DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="true"></AttributeDesignator> 
     </Apply> 
     </Condition> 
    </Rule> 
</Policy>

登錄身份驗證工作正常,但試圖讓雖然ESB代理一些患者信息的時候,我得到的ESB系統日誌以下錯誤。

TID[-1234] [ESB] [2016-11-25 14:34:04,080] INFO {org.apache.axis2.transport.http.HTTPSender} - Unable to sendViaPost to url[https://192.168.23.250:9440/services/EntitlementService] org.opensaml.ws.soap.client.http.TLSProtocolSocketFactory.verifyHostname(TLSProtocolSocketFactory.java:233) org.opensaml.ws.soap.client.http.TLSProtocolSocketFactory.createSocket(TLSProtocolSocketFactory.java:186) org.apache.commons.httpclient.HttpConnection.open(HttpConnection.java:707) org.apache.commons.httpclient.MultiThreadedHttpConnectionManager$HttpConnectionAdapter.open(MultiThreadedHttpConnectionManager.java:1361) org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(HttpMethodDirector.java:387) org.apache.commons.httpclient.HttpMethodDirector.executeMethod(HttpMethodDirector.java:171) org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) org.apache.axis2.transport.http.AbstractHTTPSender.executeMethod(AbstractHTTPSender.java:659) org.apache.axis2.transport.http.HTTPSender.sendViaPost(HTTPSender.java:195) org.apache.axis2.transport.http.HTTPSender.send(HTTPSender.java:77) org.apache.axis2.transport.http.CommonsHTTPTransportSender.writeMessageWithCommons(CommonsHTTPTransportSender.java:451) org.apache.axis2.transport.http.CommonsHTTPTransportSender.invoke(CommonsHTTPTransportSender.java:278) org.apache.axis2.engine.AxisEngine.send(AxisEngine.java:442) org.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisOperation.java:430) org.apache.axis2.description.OutInAxisOperationClient.executeImpl(OutInAxisOperation.java:225) org.apache.axis2.client.OperationClient.execute(OperationClient.java:149) org.wso2.carbon.identity.entitlement.stub.EntitlementServiceStub.getDecision(EntitlementServiceStub.java:1108) org.wso2.carbon.identity.entitlement.proxy.soap.basicAuth.BasicAuthEntitlementServiceClient.getDecision(BasicAuthEntitlementServiceClient.java:259) org.wso2.carbon.identity.entitlement.proxy.soap.basicAuth.BasicAuthEntitlementServiceClient.getDecision(BasicAuthEntitlementServiceClient.java:123) org.wso2.carbon.identity.entitlement.proxy.PEPProxy.getDecision(PEPProxy.java:94) org.wso2.carbon.identity.entitlement.proxy.PEPProxy.getDecision(PEPProxy.java:66) org.wso2.carbon.identity.entitlement.mediator.EntitlementMediator.mediate(EntitlementMediator.java:185) org.apache.synapse.mediators.AbstractListMediator.mediate(AbstractListMediator.java:97) org.apache.synapse.mediators.AbstractListMediator.mediate(AbstractListMediator.java:59) org.apache.synapse.mediators.base.SequenceMediator.mediate(SequenceMediator.java:158) org.apache.synapse.core.axis2.ProxyServiceMessageReceiver.receive(ProxyServiceMessageReceiver.java:210) org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:180) org.apache.synapse.transport.passthru.ServerWorker.processEntityEnclosingRequest(ServerWorker.java:403) org.apache.synapse.transport.passthru.ServerWorker.run(ServerWorker.java:151) org.apache.axis2.transport.base.threads.NativeWorkerPool$1.run(NativeWorkerPool.java:172) java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145) java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615) java.lang.Thread.run(Thread.java:745) 


TID[-1234] [ESB] [2016-11-25 14:34:04,082] ERROR {org.wso2.carbon.identity.entitlement.mediator.EntitlementMediator} - Error occurred while evaluating the policy org.apache.axis2.AxisFault.makeFault(AxisFault.java:430) org.apache.axis2.transport.http.HTTPSender.sendViaPost(HTTPSender.java:199) org.apache.axis2.transport.http.HTTPSender.send(HTTPSender.java:77) org.apache.axis2.transport.http.CommonsHTTPTransportSender.writeMessageWithCommons(CommonsHTTPTransportSender.java:451) org.apache.axis2.transport.http.CommonsHTTPTransportSender.invoke(CommonsHTTPTransportSender.java:278) org.apache.axis2.engine.AxisEngine.send(AxisEngine.java:442) org.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisOperation.java:430) org.apache.axis2.description.OutInAxisOperationClient.executeImpl(OutInAxisOperation.java:225) org.apache.axis2.client.OperationClient.execute(OperationClient.java:149) org.wso2.carbon.identity.entitlement.stub.EntitlementServiceStub.getDecision(EntitlementServiceStub.java:1108) org.wso2.carbon.identity.entitlement.proxy.soap.basicAuth.BasicAuthEntitlementServiceClient.getDecision(BasicAuthEntitlementServiceClient.java:259) org.wso2.carbon.identity.entitlement.proxy.soap.basicAuth.BasicAuthEntitlementServiceClient.getDecision(BasicAuthEntitlementServiceClient.java:123) org.wso2.carbon.identity.entitlement.proxy.PEPProxy.getDecision(PEPProxy.java:94) org.wso2.carbon.identity.entitlement.proxy.PEPProxy.getDecision(PEPProxy.java:66) org.wso2.carbon.identity.entitlement.mediator.EntitlementMediator.mediate(EntitlementMediator.java:185) org.apache.synapse.mediators.AbstractListMediator.mediate(AbstractListMediator.java:97) org.apache.synapse.mediators.AbstractListMediator.mediate(AbstractListMediator.java:59) org.apache.synapse.mediators.base.SequenceMediator.mediate(SequenceMediator.java:158) org.apache.synapse.core.axis2.ProxyServiceMessageReceiver.receive(ProxyServiceMessageReceiver.java:210) org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:180) org.apache.synapse.transport.passthru.ServerWorker.processEntityEnclosingRequest(ServerWorker.java:403) org.apache.synapse.transport.passthru.ServerWorker.run(ServerWorker.java:151) org.apache.axis2.transport.base.threads.NativeWorkerPool$1.run(NativeWorkerPool.java:172) java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145) java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615) java.lang.Thread.run(Thread.java:745)

它看起來像我無法通過IS授權服務獲得的服務似乎不存在。我一直在看文檔沒有任何有用的結果。 有沒有人可以幫助或一直面臨同樣的問題?

在此先感謝。

來源

2016-11-25 Francesco Bonesi

回答

0

最後,我想出了問題所在。

首先,我又去看了wso2carbon.log文件,位於$ CARBON_HOME /庫/日誌,我發現了以下問題:

TID: [-1234] [] [2016-11-29 16:01:08,502] INFO {org.apache.axis2.transport.http.HTTPSender} - Unable to sendViaPost to url[https://192.168.23.250:9440/services/EntitlementService] {org.apache.axis2.transport.http.HTTPSender} 
javax.net.ssl.SSLException: hostname in certificate didn't match: <192.168.23.250> != </localhost> 
    at org.apache.commons.httpclient.protocol.SSLProtocolSocketFactory.verifyHostName(SSLProtocolSocketFactory.java:341) 
    at org.apache.commons.httpclient.protocol.SSLProtocolSocketFactory.verifyHostName(SSLProtocolSocketFactory.java:277) 
    at org.apache.commons.httpclient.protocol.SSLProtocolSocketFactory.verifyHostName(SSLProtocolSocketFactory.java:260) 
    at org.apache.commons.httpclient.protocol.SSLProtocolSocketFactory.createSocket(SSLProtocolSocketFactory.java:158) 
    at org.apache.commons.httpclient.HttpConnection.open(HttpConnection.java:707) 
    at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager$HttpConnectionAdapter.open(MultiThreadedHttpConnectionManager.java:1361) 
    at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(HttpMethodDirector.java:387) 
    at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(HttpMethodDirector.java:171) 
    at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) 
    at org.apache.axis2.transport.http.AbstractHTTPSender.executeMethod(AbstractHTTPSender.java:659) 
    at org.apache.axis2.transport.http.HTTPSender.sendViaPost(HTTPSender.java:195) 
    at org.apache.axis2.transport.http.HTTPSender.send(HTTPSender.java:77) 
    at org.apache.axis2.transport.http.CommonsHTTPTransportSender.writeMessageWithCommons(CommonsHTTPTransportSender.java:451) 
    at org.apache.axis2.transport.http.CommonsHTTPTransportSender.invoke(CommonsHTTPTransportSender.java:278) 
    at org.apache.axis2.engine.AxisEngine.send(AxisEngine.java:442) 
    at org.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisOperation.java:430) 
    at org.apache.axis2.description.OutInAxisOperationClient.executeImpl(OutInAxisOperation.java:225) 
    at org.apache.axis2.client.OperationClient.execute(OperationClient.java:149) 
    at org.wso2.carbon.identity.entitlement.stub.EntitlementServiceStub.getDecision(EntitlementServiceStub.java:1108) 
    at org.wso2.carbon.identity.entitlement.proxy.soap.basicAuth.BasicAuthEntitlementServiceClient.getDecision(BasicAuthEntitlementServiceClient.java:259) 
    at org.wso2.carbon.identity.entitlement.proxy.soap.basicAuth.BasicAuthEntitlementServiceClient.getDecision(BasicAuthEntitlementServiceClient.java:123) 
    at org.wso2.carbon.identity.entitlement.proxy.PEPProxy.getDecision(PEPProxy.java:94) 
    at org.wso2.carbon.identity.entitlement.proxy.PEPProxy.getDecision(PEPProxy.java:66) 
    at org.wso2.carbon.identity.entitlement.mediator.EntitlementMediator.mediate(EntitlementMediator.java:185) 
    at org.apache.synapse.mediators.AbstractListMediator.mediate(AbstractListMediator.java:97) 
    at org.apache.synapse.mediators.AbstractListMediator.mediate(AbstractListMediator.java:59) 
    at org.apache.synapse.mediators.base.SequenceMediator.mediate(SequenceMediator.java:158) 
    at org.apache.synapse.core.axis2.ProxyServiceMessageReceiver.receive(ProxyServiceMessageReceiver.java:210) 
    at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:180) 
    at org.apache.synapse.transport.passthru.ServerWorker.processEntityEnclosingRequest(ServerWorker.java:403) 
    at org.apache.synapse.transport.passthru.ServerWorker.run(ServerWorker.java:151) 
    at org.apache.axis2.transport.base.threads.NativeWorkerPool$1.run(NativeWorkerPool.java:172) 
    at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) 
    at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) 
    at java.lang.Thread.run(Thread.java:745) 
TID: [-1234] [] [2016-11-29 16:01:08,503] ERROR {org.wso2.carbon.identity.entitlement.mediator.EntitlementMediator} - Error occurred while evaluating the policy {org.wso2.carbon.identity.entitlement.mediator.EntitlementMediator} 
org.apache.axis2.AxisFault: hostname in certificate didn't match: <192.168.23.250> != </localhost> 
    at org.apache.axis2.AxisFault.makeFault(AxisFault.java:430) 
    at org.apache.axis2.transport.http.HTTPSender.sendViaPost(HTTPSender.java:199) 
    at org.apache.axis2.transport.http.HTTPSender.send(HTTPSender.java:77) 
    at org.apache.axis2.transport.http.CommonsHTTPTransportSender.writeMessageWithCommons(CommonsHTTPTransportSender.java:451) 
    at org.apache.axis2.transport.http.CommonsHTTPTransportSender.invoke(CommonsHTTPTransportSender.java:278) 
    at org.apache.axis2.engine.AxisEngine.send(AxisEngine.java:442) 
    at org.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisOperation.java:430) 
    at org.apache.axis2.description.OutInAxisOperationClient.executeImpl(OutInAxisOperation.java:225) 
    at org.apache.axis2.client.OperationClient.execute(OperationClient.java:149) 
    at org.wso2.carbon.identity.entitlement.stub.EntitlementServiceStub.getDecision(EntitlementServiceStub.java:1108) 
    at org.wso2.carbon.identity.entitlement.proxy.soap.basicAuth.BasicAuthEntitlementServiceClient.getDecision(BasicAuthEntitlementServiceClient.java:259) 
    at org.wso2.carbon.identity.entitlement.proxy.soap.basicAuth.BasicAuthEntitlementServiceClient.getDecision(BasicAuthEntitlementServiceClient.java:123) 
    at org.wso2.carbon.identity.entitlement.proxy.PEPProxy.getDecision(PEPProxy.java:94) 
    at org.wso2.carbon.identity.entitlement.proxy.PEPProxy.getDecision(PEPProxy.java:66) 
    at org.wso2.carbon.identity.entitlement.mediator.EntitlementMediator.mediate(EntitlementMediator.java:185) 
    at org.apache.synapse.mediators.AbstractListMediator.mediate(AbstractListMediator.java:97) 
    at org.apache.synapse.mediators.AbstractListMediator.mediate(AbstractListMediator.java:59) 
    at org.apache.synapse.mediators.base.SequenceMediator.mediate(SequenceMediator.java:158) 
    at org.apache.synapse.core.axis2.ProxyServiceMessageReceiver.receive(ProxyServiceMessageReceiver.java:210) 
    at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:180) 
    at org.apache.synapse.transport.passthru.ServerWorker.processEntityEnclosingRequest(ServerWorker.java:403) 
    at org.apache.synapse.transport.passthru.ServerWorker.run(ServerWorker.java:151) 
    at org.apache.axis2.transport.base.threads.NativeWorkerPool$1.run(NativeWorkerPool.java:172) 
    at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) 
    at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) 
    at java.lang.Thread.run(Thread.java:745) 
Caused by: javax.net.ssl.SSLException: hostname in certificate didn't match: <192.168.23.250> != </localhost> 
    at org.apache.commons.httpclient.protocol.SSLProtocolSocketFactory.verifyHostName(SSLProtocolSocketFactory.java:341) 
    at org.apache.commons.httpclient.protocol.SSLProtocolSocketFactory.verifyHostName(SSLProtocolSocketFactory.java:277) 
    at org.apache.commons.httpclient.protocol.SSLProtocolSocketFactory.verifyHostName(SSLProtocolSocketFactory.java:260) 
    at org.apache.commons.httpclient.protocol.SSLProtocolSocketFactory.createSocket(SSLProtocolSocketFactory.java:158) 
    at org.apache.commons.httpclient.HttpConnection.open(HttpConnection.java:707) 
    at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager$HttpConnectionAdapter.open(MultiThreadedHttpConnectionManager.java:1361) 
    at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(HttpMethodDirector.java:387) 
    at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(HttpMethodDirector.java:171) 
    at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) 
    at org.apache.axis2.transport.http.AbstractHTTPSender.executeMethod(AbstractHTTPSender.java:659) 
    at org.apache.axis2.transport.http.HTTPSender.sendViaPost(HTTPSender.java:195) 
    ... 24 more

很明顯,這個問題是在證書和https請求。 我的服務位於不同的Docker容器中,因此我無法使用localhost作爲調用者主機,因爲每個服務都有不同的ip。 所以,我決定嘗試http請求,而不是HTTPS,但結果卻是:

TID: [-1234] [] [2016-11-29 16:07:37,192] ERROR {org.wso2.carbon.identity.entitlement.mediator.EntitlementMediator} - Error occurred while evaluating the policy {org.wso2.carbon.identity.entitlement.mediator.EntitlementMediator} 
org.apache.axis2.AxisFault: The service cannot be found for the endpoint reference (EPR) http://192.168.23.250:9760/services/EntitlementService 
    at org.apache.axis2.util.Utils.getInboundFaultFromMessageContext(Utils.java:531) 
    at org.apache.axis2.description.OutInAxisOperationClient.handleResponse(OutInAxisOperation.java:370) 
    at org.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisOperation.java:445) 
    at org.apache.axis2.description.OutInAxisOperationClient.executeImpl(OutInAxisOperation.java:225) 
    at org.apache.axis2.client.OperationClient.execute(OperationClient.java:149) 
    at org.wso2.carbon.identity.entitlement.stub.EntitlementServiceStub.getDecision(EntitlementServiceStub.java:1108) 
    at org.wso2.carbon.identity.entitlement.proxy.soap.basicAuth.BasicAuthEntitlementServiceClient.getDecision(BasicAuthEntitlementServiceClient.java:259) 
    at org.wso2.carbon.identity.entitlement.proxy.soap.basicAuth.BasicAuthEntitlementServiceClient.getDecision(BasicAuthEntitlementServiceClient.java:123) 
    at org.wso2.carbon.identity.entitlement.proxy.PEPProxy.getDecision(PEPProxy.java:94) 
    at org.wso2.carbon.identity.entitlement.proxy.PEPProxy.getDecision(PEPProxy.java:66) 
    at org.wso2.carbon.identity.entitlement.mediator.EntitlementMediator.mediate(EntitlementMediator.java:185) 
    at org.apache.synapse.mediators.AbstractListMediator.mediate(AbstractListMediator.java:97) 
    at org.apache.synapse.mediators.AbstractListMediator.mediate(AbstractListMediator.java:59) 
    at org.apache.synapse.mediators.base.SequenceMediator.mediate(SequenceMediator.java:158) 
    at org.apache.synapse.core.axis2.ProxyServiceMessageReceiver.receive(ProxyServiceMessageReceiver.java:210) 
    at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:180) 
    at org.apache.synapse.transport.passthru.ServerWorker.processEntityEnclosingRequest(ServerWorker.java:403) 
    at org.apache.synapse.transport.passthru.ServerWorker.run(ServerWorker.java:151) 
    at org.apache.axis2.transport.base.threads.NativeWorkerPool$1.run(NativeWorkerPool.java:172) 
    at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) 
    at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) 
    at java.lang.Thread.run(Thread.java:745)

這意味着,該政策EntitlementService僅可通過HTTPS。

最後我解決了將IS和ESB放在同一個Docker容器中的問題。該請求現在在localhost,一切正常。

現在,問題是:如何在兩個不同的計算機上安裝這些組件時共同處理ESB和IS服務?

來源

2016-11-30 15:00:28

相關問題

 相關問題