Hi Carbon team,

Kind reminder on this.
Is there any particular reason  for having LoginStatisticsAdmin admin
service , though we cant invoke it ?

On Wed, Jan 28, 2015 at 12:39 AM, Mahesh Chinthaka <[email protected]> wrote:

> Hi,
>
> When I tried to invoke getLoginAttempts , in LoginStatisticsAdmin I got
> following faultcode in SOAPUI
>
>      <soapenv:Fault>
>          <faultcode>soapenv:Server</faultcode>
>          <faultstring>Unauthorized call!. AuthorizationAction has not been
> specified for service:LoginStatisticsAdmin,
> operation:getLoginAttempts</faultstring>
>          <detail/>
>       </soapenv:Fault>
>
>
> And got following error in the log
>
>
> [2015-01-27 23:55:46,048] ERROR - AxisEngine Unauthorized call!.
> AuthorizationAction has not been specified for
> service:LoginStatisticsAdmin, operation:getLoginAttempts
> org.apache.axis2.AxisFault: Unauthorized call!. AuthorizationAction has
> not been specified for service:LoginStatisticsAdmin,
> operation:getLoginAttempts
> at
> org.wso2.carbon.server.admin.module.handler.AuthorizationHandler.invoke(AuthorizationHandler.java:73)
> at org.apache.axis2.engine.Phase.invokeHandler(Phase.java:340)
> at org.apache.axis2.engine.Phase.invoke(Phase.java:313)
> at org.apache.axis2.engine.AxisEngine.invoke(AxisEngine.java:261)
> at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:167)
> at
> org.apache.axis2.transport.http.HTTPTransportUtils.processHTTPPostRequest(HTTPTransportUtils.java:172)
> at org.apache.axis2.transport.http.AxisServlet.doPost(AxisServlet.java:146)
> at
> org.wso2.carbon.core.transports.CarbonServlet.doPost(CarbonServlet.java:231)
> at javax.servlet.http.HttpServlet.service(HttpServlet.java:755)
> at javax.servlet.http.HttpServlet.service(HttpServlet.java:848)
> at
> org.eclipse.equinox.http.servlet.internal.ServletRegistration.service(ServletRegistration.java:61)
> at
> org.eclipse.equinox.http.servlet.internal.ProxyServlet.processAlias(ProxyServlet.java:128)
> at
> org.eclipse.equinox.http.servlet.internal.ProxyServlet.service(ProxyServlet.java:68)
> at javax.servlet.http.HttpServlet.service(HttpServlet.java:848)
> at
> org.wso2.carbon.tomcat.ext.servlet.DelegationServlet.service(DelegationServlet.java:68)
> at
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:305)
> at
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210)
> at
> org.wso2.carbon.tomcat.ext.filter.CharacterSetFilter.doFilter(CharacterSetFilter.java:61)
> at
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:243)
> at
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210)
> at
> org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:222)
> at
> org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:123)
> at
> org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:472)
> at
> org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:171)
> at
> org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:99)
> at
> org.wso2.carbon.tomcat.ext.valves.CompositeValve.continueInvocation(CompositeValve.java:178)
> at
> org.wso2.carbon.tomcat.ext.valves.TomcatValveContainer.invokeValves(TomcatValveContainer.java:49)
> at
> org.wso2.carbon.tomcat.ext.valves.CompositeValve.invoke(CompositeValve.java:141)
> at
> org.wso2.carbon.tomcat.ext.valves.CarbonStuckThreadDetectionValve.invoke(CarbonStuckThreadDetectionValve.java:156)
> at
> org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:936)
> at
> org.wso2.carbon.tomcat.ext.valves.CarbonContextCreatorValve.invoke(CarbonContextCreatorValve.java:52)
> at
> org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:118)
> at
> org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:407)
> at
> org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1004)
> at
> org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:589)
> at
> org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.run(NioEndpoint.java:1653)
> at
> java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:895)
> at
> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:918)
> at java.lang.Thread.run(Thread.java:695)
>
>
> Once I dig further I found that this is due to a setting in services.xml
> file in org.wso2.carbon.core.services
>
>  <service name="LoginStatisticsAdmin" scope="transportsession">
>         <transports>
>             <transport>https</transport>
>         </transports>
>         <parameter name="ServiceClass" locked="true">
>
> org.wso2.carbon.core.services.authentication.stats.LoginStatisticsAdmin
>         </parameter>
>         <!--  parameter name="AuthorizationAction"
> locked="true">manage-security</parameter -->
>
>         <parameter name="adminService" locked="true">true</parameter>
>         <parameter name="hiddenService" locked="true">true</parameter>
>     </service>
>
>
> AuthorizationAction is commented out so that requests for this service
> cannot be authorized.
>
> Could I please know the reason for commenting this out ? Cant we invoke
> this admin service by any means  ?
>
> --
> *Mahesh Chinthaka Vidanagama* | Software Engineer
> WSO2, Inc | lean. enterprise. middleware.
> #20, Palm Grove, Colombo 03, Sri Lanka
> Mobile: +94 71 63 63 083 | Work: +94 112 145 345
> Email: [email protected] | Web: www.wso2.com
>



-- 
*Mahesh Chinthaka Vidanagama* | Software Engineer
WSO2, Inc | lean. enterprise. middleware.
#20, Palm Grove, Colombo 03, Sri Lanka
Mobile: +94 71 63 63 083 | Work: +94 112 145 345
Email: [email protected] | Web: www.wso2.com
_______________________________________________
Dev mailing list
[email protected]
http://wso2.org/cgi-bin/mailman/listinfo/dev

Reply via email to