Hi Pamod, So according to this issue [1],when you enable email as username, to connect to decision server we have to provide domain name of the super tenant as e.g., [email protected]@carbon.super.
But when email is not enabled, you can go with 'admin' as username. Also we do not specifically mention the domain name for super tenant. Shouldn't it be in the same format when providing credentials? Otherwise a user will be mislead with configurations. Or we need to specifically mention this in documentation. WDYT? [1] https://wso2.org/jira/browse/APIMANAGER-4987 Thanks, Ushani On Wed, Jun 8, 2016 at 9:30 PM, Pamod Sylvester <[email protected]> wrote: > Hi Tharindu, > > To further elaborate, AMQP connection URL is in the following format [1], > > > *amqp://[<user>:<pass>@][<clientid>]<virtualhost>[?<option>='<value>'[&<option>=&'<value>']]* > > '@' character is used to partition between client credentials with the > rest of the uri. hence having the '@' for the user name (email as user > name) would violate the specification. > > As Indika explained we use '!' character as an alternative to the > restricted character '@' to identify tenant users. Hence, when you send a > user name as *"foo!bar.com <http://bar.com>"* it would try to find a > user *foo* in tenant *bar.com <http://bar.com>* instead of finding the > user in *super tenant* by email *'[email protected] <[email protected]>'*. That would > be the possible reason for you to get the error "invalid tenant domain". > > [1] > https://qpid.apache.org/releases/qpid-0.30/jms-client-0-8/book/JMS-Client-0-8-Connection-URL.html > > Thanks, > Pamod > > On Wed, Jun 8, 2016 at 6:59 PM, Tharindu Dharmarathna <[email protected]> > wrote: > >> Hi All, >> >> In APIM 2.0 Snapshot Pack we have got issue when authenticate with the >> CEP, DAS and MB components. >> >> >> *CEP and DAS Components* >> >> As per the debugging session with Mohan we have found when we >> authenticate the email user from [1] , It will not proper username with >> tenant domain which caused to get the invalid tenant domain from [2]. >> >> *MB Components* >> >> When we do authentication request with MB it will not suppose to send >> the email user in connection url since its a restricted character. As per >> the Pamod pointed out we had replace the '@' mark with '!' in order to >> overcome that issue . But this was not getting worked as correctly. >> >> Can any one give any clue to overcome this issue. >> >> >> [1] - >> https://github.com/wso2/carbon-analytics-common/blob/release-5.0.12-alpha/components/data-bridge/org.wso2.carbon.databridge.core/src/main/java/org/wso2/carbon/databridge/core/internal/authentication/CarbonAuthenticationHandler.java#L51 >> >> [2] - >> https://github.com/wso2/carbon-commons/blob/v4.4.8/components/authentication/org.wso2.carbon.identity.authentication/src/main/java/org/wso2/carbon/identity/authentication/AuthenticationServiceImpl.java#L59 >> >> >> -- >> >> *Tharindu Dharmarathna*Software Engineer >> WSO2 Inc.; http://wso2.com >> lean.enterprise.middleware >> >> mobile: *+94779109091 <%2B94779109091>* >> > > > > -- > *Pamod Sylvester * > > *WSO2 Inc.; http://wso2.com <http://wso2.com>* > cell: +94 77 7779495 > > _______________________________________________ > Dev mailing list > [email protected] > http://wso2.org/cgi-bin/mailman/listinfo/dev > > -- *Ushani Balasooriya* Senior Software Engineer - QA; WSO2 Inc; http://www.wso2.com/.
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
