Re: [Dev] Enable JWT in gateway node
Hi Harsha,
I just checked the JWTHeader scenario. If you want to change the JWT
header, then you need to change that in gateway node [1]. You only need to
change this property in the gateway and even you don't need to enable jwt
in the gateway.
[1] -
https://github.com/wso2/carbon-apimgt/blob/v6.1.66/components/apimgt/org.wso2.carbon.apimgt.gateway/src/main/java/org/wso2/carbon/apimgt/gateway/handlers/security/oauth/OAuthAuthenticator.java#L310
Thank you!
On Mon, Nov 20, 2017 at 1:26 PM, Harsha Kumara wrote:
>
>
> On Mon, Nov 20, 2017 at 10:43 AM, Pubudu Gunatilaka
> wrote:
>
>> Hi,
>>
>> I checked this locally using a separate gateway node and another node for
>> other profiles. I did not enable JWT and I could see the jwt header when I
>> enabled the debug logs.
>>
>> APIKeyMgtDataHolder is the only reference I could find as well. If there
>> isn't any use case in the gateway, we can remove configuring jwt in gateway
>> [1].
>>
>> [1] - https://docs.wso2.com/display/AM210/Distributed+Deployment
>> +of+API+Manager#DistributedDeploymentofAPIManager-Step3.5-Co
>> nfiguretheGateway
>>
> In previous versions, there was a issue that we include this property in
> the gateway configurations. I can't recall the exact reason. Lakmali should
> know the exact reason. Also check the sysnapse API config and see whether
> there are any properties getting added when we deploy the API in the
> gateway. This might have fixed in latest versions. But needs to verify and
> update the document accordingly. If someone wants to change the Assertion
> header name, do they need to change it in KM or Gateway? Please check that
> as well. There is a property called JWTHeader in api-manager.xml.
>
>>
>> Thank you!
>>
>> On Mon, Nov 20, 2017 at 1:07 PM, Sam Sivayogam wrote:
>>
>>> It seems like we are reading this config only in APIKeyMgt service [1]
>>> hence I think we don't need this configuration in Gateway node
>>>
>>> [1] https://github.com/wso2/carbon-apimgt/blob/v6.1.66/component
>>> s/apimgt/org.wso2.carbon.apimgt.keymgt/src/main/java/org/
>>> wso2/carbon/apimgt/keymgt/util/APIKeyMgtDataHolder.java#L107
>>>
>>> Thanks,
>>> Sam
>>>
>>> On Mon, Nov 20, 2017 at 8:16 AM, Pubudu Gunatilaka
>>> wrote:
>>>
Hi,
Do we need to enable JWT in gateway node [1] in a fully distributed
deployment where KM/IS is hosted separately?
I can see the JWT is passed to the backend.
*TID: [-1] [] [2017-11-20 10:37:31,347] DEBUG
> {org.apache.synapse.transport.http.headers} - http-outgoing-1 >>
> X-JWT-Assertion: *eyJ0eXAiOiJKV1QiLCJhbGciOiJSUz
> I1NiIsIng1dCI6ImFfamhOdXMyMUtWdW9GeDY1TG1rVzJPX2wxMCJ9.eyJod
> HRwOlwvXC93c28yLm9yZ1wvY2xhaW1zXC9yb2xlIjpbIkludGVybmFsXC9zd
> WJzY3JpYmVyIiwiSW50ZXJuYWxcL2NyZWF0b3IiLCJBcHBsaWNhdGlvblwvY
> WRtaW5fRGVmYXVsdEFwcGxpY2F0aW9uX1BST0RVQ1RJT04iLCJJbnRlcm5hb
> FwvcHVibGlzaGVyIiwiSW50ZXJuYWxcL2V2ZXJ5b25lIiwiYWRtaW4iXSwia
> HR0cDpcL1wvd3NvMi5vcmdcL2NsYWltc1wvYXBwbGljYXRpb250aWVyIjoiV
> W5saW1pdGVkIiwiaHR0cDpcL1wvd3NvMi5vcmdcL2NsYWltc1wva2V5dHlwZ
> SI6IlBST0RVQ1RJT04iLCJodHRwOlwvXC93c28yLm9yZ1wvY2xhaW1zXC92Z
> XJzaW9uIjoidjEiLCJpc3MiOiJ3c28yLm9yZ1wvcHJvZHVjdHNcL2FtIiwia
> HR0cDpcL1wvd3NvMi5vcmdcL2NsYWltc1wvYXBwbGljYXRpb25uYW1lIjoiR
> GVmYXVsdEFwcGxpY2F0aW9uIiwiaHR0cDpcL1wvd3NvMi5vcmdcL2NsYWltc
> 1wvZW5kdXNlciI6ImFkbWluQGNhcmJvbi5zdXBlciIsImh0dHA6XC9cL3dzb
> zIub3JnXC9jbGFpbXNcL2VuZHVzZXJUZW5hbnRJZCI6Ii0xMjM0IiwiaHR0c
> DpcL1wvd3NvMi5vcmdcL2NsYWltc1wvc3Vic2NyaWJlciI6ImFkbWluIiwia
> HR0cDpcL1wvd3NvMi5vcmdcL2NsYWltc1wvdGllciI6IlVubGltaXRlZCIsI
> mh0dHA6XC9cL3dzbzIub3JnXC9jbGFpbXNcL2FwcGxpY2F0aW9uaWQiOiIxI
> iwiaHR0cDpcL1wvd3NvMi5vcmdcL2NsYWltc1wvdXNlcnR5cGUiOiJBUFBMS
> UNBVElPTiIsImV4cCI6MTUxMTE0NTQ0OSwiaHR0cDpcL1wvd3NvMi5vcmdcL
> 2NsYWltc1wvYXBpY29udGV4dCI6IlwvZmRzYVwvdjEifQ==.ADG30dcwlxBa
> N7Wxtixc5Wq/gZRj7nZrGHExn0E+7O4pZ6xTSjeVx7UrWSwj31vm7DjL+CvK
> 07popxJqchT8+ACt303BkRxOKgfW66h/XmOxleUlXohQByUe6/7FTpnFRfyZ
> 7jzttjZct39sBzHcNcyUAEqcl/HEt+eR62/dksM=
> {org.apache.synapse.transport.http.headers}
> *TID: [-1] [] [2017-11-20 10:37:31,348] DEBUG
> {org.apache.synapse.transport.http.wire} - HTTP-Sender I/O dispatcher-1
> <<
> "X-JWT-Assertion: *eyJ0eXAiOiJKV1QiLCJhbGciOiJSUz
> I1NiIsIng1dCI6ImFfamhOdXMyMUtWdW9GeDY1TG1rVzJPX2wxMCJ9.eyJod
> HRwOlwvXC93c28yLm9yZ1wvY2xhaW1zXC9yb2xlIjpbIkludGVybmFsXC9zd
> WJzY3JpYmVyIiwiSW50ZXJuYWxcL2NyZWF0b3IiLCJBcHBsaWNhdGlvblwvY
> WRtaW5fRGVmYXVsdEFwcGxpY2F0aW9uX1BST0RVQ1RJT04iLCJJbnRlcm5hb
> FwvcHVibGlzaGVyIiwiSW50ZXJuYWxcL2V2ZXJ5b25lIiwiYWRtaW4iXSwia
> HR0cDpcL1wvd3NvMi5vcmdcL2NsYWltc1wvYXBwbGljYXRpb250aWVyIjoiV
> W5saW1pdGVkIiwiaHR0cDpcL1wvd3NvMi5vcmdcL2NsYWltc1wva2V5dHlwZ
> SI6IlBST0RVQ1RJT04iLCJodHRwOlwvXC93c28yLm9yZ1wvY2xhaW1zXC92Z
> XJzaW9uIjoidjEiLCJpc3MiOiJ3c28yLm9yZ1wvcHJvZHVjdHNcL2FtIiwia
> HR0cDpcL1wvd3NvMi5vcmdcL2NsYWltc1wvYXBwbGljYXRpb25uYW1lIjoiR
> GVmYXVsdEFwcGxpY2F0
Re: [Dev] Enable JWT in gateway node
Hi Pubudu,
In a fully distributed set up we can decide in which component (Key Manager
or Gateway) we need to keep key validation information cache.
Therefore having JWT enabled in Key Manager node only is enough IMO.
To check the values passing to the backend we can use debug logs.
Thanks,
Chamalee
On Mon, Nov 20, 2017 at 8:16 AM, Pubudu Gunatilaka wrote:
> Hi,
>
> Do we need to enable JWT in gateway node [1] in a fully distributed
> deployment where KM/IS is hosted separately?
>
> I can see the JWT is passed to the backend.
>
> *TID: [-1] [] [2017-11-20 10:37:31,347] DEBUG
>> {org.apache.synapse.transport.http.headers} - http-outgoing-1 >>
>> X-JWT-Assertion: *eyJ0eXAiOiJKV1QiLCJhbGciOiJSUz
>> I1NiIsIng1dCI6ImFfamhOdXMyMUtWdW9GeDY1TG1rVzJPX2wxMCJ9.
>> eyJodHRwOlwvXC93c28yLm9yZ1wvY2xhaW1zXC9yb2xlIjpbIkludGVybmFs
>> XC9zdWJzY3JpYmVyIiwiSW50ZXJuYWxcL2NyZWF0b3IiLCJBcHBsaWNhdGlv
>> blwvYWRtaW5fRGVmYXVsdEFwcGxpY2F0aW9uX1BST0RVQ1RJT04iLCJJbnRl
>> cm5hbFwvcHVibGlzaGVyIiwiSW50ZXJuYWxcL2V2ZXJ5b25lIiwiYWRtaW4i
>> XSwiaHR0cDpcL1wvd3NvMi5vcmdcL2NsYWltc1wvYXBwbGljYXRpb250aWVy
>> IjoiVW5saW1pdGVkIiwiaHR0cDpcL1wvd3NvMi5vcmdcL2NsYWltc1wva2V5
>> dHlwZSI6IlBST0RVQ1RJT04iLCJodHRwOlwvXC93c28yLm9yZ1wvY2xhaW1z
>> XC92ZXJzaW9uIjoidjEiLCJpc3MiOiJ3c28yLm9yZ1wvcHJvZHVjdHNcL2Ft
>> IiwiaHR0cDpcL1wvd3NvMi5vcmdcL2NsYWltc1wvYXBwbGljYXRpb25uYW1l
>> IjoiRGVmYXVsdEFwcGxpY2F0aW9uIiwiaHR0cDpcL1wvd3NvMi5vcmdcL2Ns
>> YWltc1wvZW5kdXNlciI6ImFkbWluQGNhcmJvbi5zdXBlciIsImh0dHA6XC9c
>> L3dzbzIub3JnXC9jbGFpbXNcL2VuZHVzZXJUZW5hbnRJZCI6Ii0xMjM0Iiwi
>> aHR0cDpcL1wvd3NvMi5vcmdcL2NsYWltc1wvc3Vic2NyaWJlciI6ImFkbWlu
>> IiwiaHR0cDpcL1wvd3NvMi5vcmdcL2NsYWltc1wvdGllciI6IlVubGltaXRl
>> ZCIsImh0dHA6XC9cL3dzbzIub3JnXC9jbGFpbXNcL2FwcGxpY2F0aW9uaWQi
>> OiIxIiwiaHR0cDpcL1wvd3NvMi5vcmdcL2NsYWltc1wvdXNlcnR5cGUiOiJB
>> UFBMSUNBVElPTiIsImV4cCI6MTUxMTE0NTQ0OSwiaHR0cDpcL1wvd3NvMi5v
>> cmdcL2NsYWltc1wvYXBpY29udGV4dCI6IlwvZmRzYVwvdjEifQ==.
>> ADG30dcwlxBaN7Wxtixc5Wq/gZRj7nZrGHExn0E+7O4pZ6xTSjeVx7UrWSwj31vm7DjL+
>> CvK07popxJqchT8+ACt303BkRxOKgfW66h/XmOxleUlXohQByUe6/
>> 7FTpnFRfyZ7jzttjZct39sBzHcNcyUAEqcl/HEt+eR62/dksM=
>> {org.apache.synapse.transport.http.headers}
>> *TID: [-1] [] [2017-11-20 10:37:31,348] DEBUG
>> {org.apache.synapse.transport.http.wire} - HTTP-Sender I/O dispatcher-1 <<
>> "X-JWT-Assertion: *eyJ0eXAiOiJKV1QiLCJhbGciOiJSUz
>> I1NiIsIng1dCI6ImFfamhOdXMyMUtWdW9GeDY1TG1rVzJPX2wxMCJ9.
>> eyJodHRwOlwvXC93c28yLm9yZ1wvY2xhaW1zXC9yb2xlIjpbIkludGVybmFs
>> XC9zdWJzY3JpYmVyIiwiSW50ZXJuYWxcL2NyZWF0b3IiLCJBcHBsaWNhdGlv
>> blwvYWRtaW5fRGVmYXVsdEFwcGxpY2F0aW9uX1BST0RVQ1RJT04iLCJJbnRl
>> cm5hbFwvcHVibGlzaGVyIiwiSW50ZXJuYWxcL2V2ZXJ5b25lIiwiYWRtaW4i
>> XSwiaHR0cDpcL1wvd3NvMi5vcmdcL2NsYWltc1wvYXBwbGljYXRpb250aWVy
>> IjoiVW5saW1pdGVkIiwiaHR0cDpcL1wvd3NvMi5vcmdcL2NsYWltc1wva2V5
>> dHlwZSI6IlBST0RVQ1RJT04iLCJodHRwOlwvXC93c28yLm9yZ1wvY2xhaW1z
>> XC92ZXJzaW9uIjoidjEiLCJpc3MiOiJ3c28yLm9yZ1wvcHJvZHVjdHNcL2Ft
>> IiwiaHR0cDpcL1wvd3NvMi5vcmdcL2NsYWltc1wvYXBwbGljYXRpb25uYW1l
>> IjoiRGVmYXVsdEFwcGxpY2F0aW9uIiwiaHR0cDpcL1wvd3NvMi5vcmdcL2Ns
>> YWltc1wvZW5kdXNlciI6ImFkbWluQGNhcmJvbi5zdXBlciIsImh0dHA6XC9c
>> L3dzbzIub3JnXC9jbGFpbXNcL2VuZHVzZXJUZW5hbnRJZCI6Ii0xMjM0Iiwi
>> aHR0cDpcL1wvd3NvMi5vcmdcL2NsYWltc1wvc3Vic2NyaWJlciI6ImFkbWlu
>> IiwiaHR0cDpcL1wvd3NvMi5vcmdcL2NsYWltc1wvdGllciI6IlVubGltaXRl
>> ZCIsImh0dHA6XC9cL3dzbzIub3JnXC9jbGFpbXNcL2FwcGxpY2F0aW9uaWQi
>> OiIxIiwiaHR0cDpcL1wvd3NvMi5vcmdcL2NsYWltc1wvdXNlcnR5cGUiOiJB
>> UFBMSUNBVElPTiIsImV4cCI6MTUxMTE0NTQ0OSwiaHR0cDpcL1wvd3NvMi5v
>> cmdcL2NsYWltc1wvYXBpY29udGV4dCI6IlwvZmRzYVwvdjEifQ==.
>> ADG30dcwlxBaN7Wxtixc5Wq/gZRj7nZrGHExn0E+7O4pZ6xTSjeVx7UrWSwj31vm7DjL+
>> CvK07popxJqchT8+ACt303BkRxOKgfW66h/XmOxleUlXohQByUe6/
>> 7FTpnFRfyZ7jzttjZct39sBzHcNcyUAEqcl/HEt+eR62/dksM=[\r][\n]"
>> {org.apache.synapse.transport.http.wire}
>
>
>
> What is the need to enable JWT in gateway node?
>
> [1] - https://docs.wso2.com/display/AM210/Distributed+
> Deployment+of+API+Manager#DistributedDeploymentofAPIManager-Step3.5-
> ConfiguretheGateway
>
> Thank you!
> --
> *Pubudu Gunatilaka*
> Committer and PMC Member - Apache Stratos
> Senior Software Engineer
> WSO2, Inc.: http://wso2.com
> mobile : +94774078049 <%2B94772207163>
>
>
> ___
> Dev mailing list
> Dev@wso2.org
> http://wso2.org/cgi-bin/mailman/listinfo/dev
>
>
--
Thanks & Regards,
*Chamalee De Silva*
Software Engineer
*WS**O2* Inc. :http://wso2.com/
Office :- *+94 11 2145345 <%2B94%2011%202145345>*
mobile :- *+94 7 <%2B94%2077%202782039>1 4315942*
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev
Re: [Dev] Enable JWT in gateway node
Hi pubudu,
This depends on the backend right? if it need such a authorization, cluster
or Single AM setup we need to generate the JWT and pass to the backend. So
it is upto the backend implementation i think.
Thanks and Regards
On Mon, Nov 20, 2017 at 8:16 AM, Pubudu Gunatilaka wrote:
> Hi,
>
> Do we need to enable JWT in gateway node [1] in a fully distributed
> deployment where KM/IS is hosted separately?
>
> I can see the JWT is passed to the backend.
>
> *TID: [-1] [] [2017-11-20 10:37:31,347] DEBUG
>> {org.apache.synapse.transport.http.headers} - http-outgoing-1 >>
>> X-JWT-Assertion: *eyJ0eXAiOiJKV1QiLCJhbGciOiJSUz
>> I1NiIsIng1dCI6ImFfamhOdXMyMUtWdW9GeDY1TG1rVzJPX2wxMCJ9.
>> eyJodHRwOlwvXC93c28yLm9yZ1wvY2xhaW1zXC9yb2xlIjpbIkludGVybmFs
>> XC9zdWJzY3JpYmVyIiwiSW50ZXJuYWxcL2NyZWF0b3IiLCJBcHBsaWNhdGlv
>> blwvYWRtaW5fRGVmYXVsdEFwcGxpY2F0aW9uX1BST0RVQ1RJT04iLCJJbnRl
>> cm5hbFwvcHVibGlzaGVyIiwiSW50ZXJuYWxcL2V2ZXJ5b25lIiwiYWRtaW4i
>> XSwiaHR0cDpcL1wvd3NvMi5vcmdcL2NsYWltc1wvYXBwbGljYXRpb250aWVy
>> IjoiVW5saW1pdGVkIiwiaHR0cDpcL1wvd3NvMi5vcmdcL2NsYWltc1wva2V5
>> dHlwZSI6IlBST0RVQ1RJT04iLCJodHRwOlwvXC93c28yLm9yZ1wvY2xhaW1z
>> XC92ZXJzaW9uIjoidjEiLCJpc3MiOiJ3c28yLm9yZ1wvcHJvZHVjdHNcL2Ft
>> IiwiaHR0cDpcL1wvd3NvMi5vcmdcL2NsYWltc1wvYXBwbGljYXRpb25uYW1l
>> IjoiRGVmYXVsdEFwcGxpY2F0aW9uIiwiaHR0cDpcL1wvd3NvMi5vcmdcL2Ns
>> YWltc1wvZW5kdXNlciI6ImFkbWluQGNhcmJvbi5zdXBlciIsImh0dHA6XC9c
>> L3dzbzIub3JnXC9jbGFpbXNcL2VuZHVzZXJUZW5hbnRJZCI6Ii0xMjM0Iiwi
>> aHR0cDpcL1wvd3NvMi5vcmdcL2NsYWltc1wvc3Vic2NyaWJlciI6ImFkbWlu
>> IiwiaHR0cDpcL1wvd3NvMi5vcmdcL2NsYWltc1wvdGllciI6IlVubGltaXRl
>> ZCIsImh0dHA6XC9cL3dzbzIub3JnXC9jbGFpbXNcL2FwcGxpY2F0aW9uaWQi
>> OiIxIiwiaHR0cDpcL1wvd3NvMi5vcmdcL2NsYWltc1wvdXNlcnR5cGUiOiJB
>> UFBMSUNBVElPTiIsImV4cCI6MTUxMTE0NTQ0OSwiaHR0cDpcL1wvd3NvMi5v
>> cmdcL2NsYWltc1wvYXBpY29udGV4dCI6IlwvZmRzYVwvdjEifQ==.
>> ADG30dcwlxBaN7Wxtixc5Wq/gZRj7nZrGHExn0E+7O4pZ6xTSjeVx7UrWSwj31vm7DjL+
>> CvK07popxJqchT8+ACt303BkRxOKgfW66h/XmOxleUlXohQByUe6/
>> 7FTpnFRfyZ7jzttjZct39sBzHcNcyUAEqcl/HEt+eR62/dksM=
>> {org.apache.synapse.transport.http.headers}
>> *TID: [-1] [] [2017-11-20 10:37:31,348] DEBUG
>> {org.apache.synapse.transport.http.wire} - HTTP-Sender I/O dispatcher-1 <<
>> "X-JWT-Assertion: *eyJ0eXAiOiJKV1QiLCJhbGciOiJSUz
>> I1NiIsIng1dCI6ImFfamhOdXMyMUtWdW9GeDY1TG1rVzJPX2wxMCJ9.
>> eyJodHRwOlwvXC93c28yLm9yZ1wvY2xhaW1zXC9yb2xlIjpbIkludGVybmFs
>> XC9zdWJzY3JpYmVyIiwiSW50ZXJuYWxcL2NyZWF0b3IiLCJBcHBsaWNhdGlv
>> blwvYWRtaW5fRGVmYXVsdEFwcGxpY2F0aW9uX1BST0RVQ1RJT04iLCJJbnRl
>> cm5hbFwvcHVibGlzaGVyIiwiSW50ZXJuYWxcL2V2ZXJ5b25lIiwiYWRtaW4i
>> XSwiaHR0cDpcL1wvd3NvMi5vcmdcL2NsYWltc1wvYXBwbGljYXRpb250aWVy
>> IjoiVW5saW1pdGVkIiwiaHR0cDpcL1wvd3NvMi5vcmdcL2NsYWltc1wva2V5
>> dHlwZSI6IlBST0RVQ1RJT04iLCJodHRwOlwvXC93c28yLm9yZ1wvY2xhaW1z
>> XC92ZXJzaW9uIjoidjEiLCJpc3MiOiJ3c28yLm9yZ1wvcHJvZHVjdHNcL2Ft
>> IiwiaHR0cDpcL1wvd3NvMi5vcmdcL2NsYWltc1wvYXBwbGljYXRpb25uYW1l
>> IjoiRGVmYXVsdEFwcGxpY2F0aW9uIiwiaHR0cDpcL1wvd3NvMi5vcmdcL2Ns
>> YWltc1wvZW5kdXNlciI6ImFkbWluQGNhcmJvbi5zdXBlciIsImh0dHA6XC9c
>> L3dzbzIub3JnXC9jbGFpbXNcL2VuZHVzZXJUZW5hbnRJZCI6Ii0xMjM0Iiwi
>> aHR0cDpcL1wvd3NvMi5vcmdcL2NsYWltc1wvc3Vic2NyaWJlciI6ImFkbWlu
>> IiwiaHR0cDpcL1wvd3NvMi5vcmdcL2NsYWltc1wvdGllciI6IlVubGltaXRl
>> ZCIsImh0dHA6XC9cL3dzbzIub3JnXC9jbGFpbXNcL2FwcGxpY2F0aW9uaWQi
>> OiIxIiwiaHR0cDpcL1wvd3NvMi5vcmdcL2NsYWltc1wvdXNlcnR5cGUiOiJB
>> UFBMSUNBVElPTiIsImV4cCI6MTUxMTE0NTQ0OSwiaHR0cDpcL1wvd3NvMi5v
>> cmdcL2NsYWltc1wvYXBpY29udGV4dCI6IlwvZmRzYVwvdjEifQ==.
>> ADG30dcwlxBaN7Wxtixc5Wq/gZRj7nZrGHExn0E+7O4pZ6xTSjeVx7UrWSwj31vm7DjL+
>> CvK07popxJqchT8+ACt303BkRxOKgfW66h/XmOxleUlXohQByUe6/
>> 7FTpnFRfyZ7jzttjZct39sBzHcNcyUAEqcl/HEt+eR62/dksM=[\r][\n]"
>> {org.apache.synapse.transport.http.wire}
>
>
>
> What is the need to enable JWT in gateway node?
>
> [1] - https://docs.wso2.com/display/AM210/Distributed+
> Deployment+of+API+Manager#DistributedDeploymentofAPIManager-Step3.5-
> ConfiguretheGateway
>
> Thank you!
> --
> *Pubudu Gunatilaka*
> Committer and PMC Member - Apache Stratos
> Senior Software Engineer
> WSO2, Inc.: http://wso2.com
> mobile : +94774078049 <%2B94772207163>
>
>
> ___
> Dev mailing list
> Dev@wso2.org
> http://wso2.org/cgi-bin/mailman/listinfo/dev
>
>
--
Rukshan Chathuranga.
Software Engineer.
WSO2, Inc.
+94711822074
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev
Re: [Dev] Enable JWT in gateway node
On Mon, Nov 20, 2017 at 10:43 AM, Pubudu Gunatilaka
wrote:
> Hi,
>
> I checked this locally using a separate gateway node and another node for
> other profiles. I did not enable JWT and I could see the jwt header when I
> enabled the debug logs.
>
> APIKeyMgtDataHolder is the only reference I could find as well. If there
> isn't any use case in the gateway, we can remove configuring jwt in gateway
> [1].
>
> [1] - https://docs.wso2.com/display/AM210/Distributed+
> Deployment+of+API+Manager#DistributedDeploymentofAPIManager-Step3.5-
> ConfiguretheGateway
>
In previous versions, there was a issue that we include this property in
the gateway configurations. I can't recall the exact reason. Lakmali should
know the exact reason. Also check the sysnapse API config and see whether
there are any properties getting added when we deploy the API in the
gateway. This might have fixed in latest versions. But needs to verify and
update the document accordingly. If someone wants to change the Assertion
header name, do they need to change it in KM or Gateway? Please check that
as well. There is a property called JWTHeader in api-manager.xml.
>
> Thank you!
>
> On Mon, Nov 20, 2017 at 1:07 PM, Sam Sivayogam wrote:
>
>> It seems like we are reading this config only in APIKeyMgt service [1]
>> hence I think we don't need this configuration in Gateway node
>>
>> [1] https://github.com/wso2/carbon-apimgt/blob/v6.1.66/component
>> s/apimgt/org.wso2.carbon.apimgt.keymgt/src/main/java/
>> org/wso2/carbon/apimgt/keymgt/util/APIKeyMgtDataHolder.java#L107
>>
>> Thanks,
>> Sam
>>
>> On Mon, Nov 20, 2017 at 8:16 AM, Pubudu Gunatilaka
>> wrote:
>>
>>> Hi,
>>>
>>> Do we need to enable JWT in gateway node [1] in a fully distributed
>>> deployment where KM/IS is hosted separately?
>>>
>>> I can see the JWT is passed to the backend.
>>>
>>> *TID: [-1] [] [2017-11-20 10:37:31,347] DEBUG
{org.apache.synapse.transport.http.headers} - http-outgoing-1 >>
X-JWT-Assertion: *eyJ0eXAiOiJKV1QiLCJhbGciOiJSUz
I1NiIsIng1dCI6ImFfamhOdXMyMUtWdW9GeDY1TG1rVzJPX2wxMCJ9.eyJod
HRwOlwvXC93c28yLm9yZ1wvY2xhaW1zXC9yb2xlIjpbIkludGVybmFsXC9zd
WJzY3JpYmVyIiwiSW50ZXJuYWxcL2NyZWF0b3IiLCJBcHBsaWNhdGlvblwvY
WRtaW5fRGVmYXVsdEFwcGxpY2F0aW9uX1BST0RVQ1RJT04iLCJJbnRlcm5hb
FwvcHVibGlzaGVyIiwiSW50ZXJuYWxcL2V2ZXJ5b25lIiwiYWRtaW4iXSwia
HR0cDpcL1wvd3NvMi5vcmdcL2NsYWltc1wvYXBwbGljYXRpb250aWVyIjoiV
W5saW1pdGVkIiwiaHR0cDpcL1wvd3NvMi5vcmdcL2NsYWltc1wva2V5dHlwZ
SI6IlBST0RVQ1RJT04iLCJodHRwOlwvXC93c28yLm9yZ1wvY2xhaW1zXC92Z
XJzaW9uIjoidjEiLCJpc3MiOiJ3c28yLm9yZ1wvcHJvZHVjdHNcL2FtIiwia
HR0cDpcL1wvd3NvMi5vcmdcL2NsYWltc1wvYXBwbGljYXRpb25uYW1lIjoiR
GVmYXVsdEFwcGxpY2F0aW9uIiwiaHR0cDpcL1wvd3NvMi5vcmdcL2NsYWltc
1wvZW5kdXNlciI6ImFkbWluQGNhcmJvbi5zdXBlciIsImh0dHA6XC9cL3dzb
zIub3JnXC9jbGFpbXNcL2VuZHVzZXJUZW5hbnRJZCI6Ii0xMjM0IiwiaHR0c
DpcL1wvd3NvMi5vcmdcL2NsYWltc1wvc3Vic2NyaWJlciI6ImFkbWluIiwia
HR0cDpcL1wvd3NvMi5vcmdcL2NsYWltc1wvdGllciI6IlVubGltaXRlZCIsI
mh0dHA6XC9cL3dzbzIub3JnXC9jbGFpbXNcL2FwcGxpY2F0aW9uaWQiOiIxI
iwiaHR0cDpcL1wvd3NvMi5vcmdcL2NsYWltc1wvdXNlcnR5cGUiOiJBUFBMS
UNBVElPTiIsImV4cCI6MTUxMTE0NTQ0OSwiaHR0cDpcL1wvd3NvMi5vcmdcL
2NsYWltc1wvYXBpY29udGV4dCI6IlwvZmRzYVwvdjEifQ==.ADG30dcwlxBa
N7Wxtixc5Wq/gZRj7nZrGHExn0E+7O4pZ6xTSjeVx7UrWSwj31vm7DjL+CvK
07popxJqchT8+ACt303BkRxOKgfW66h/XmOxleUlXohQByUe6/7FTpnFRfyZ
7jzttjZct39sBzHcNcyUAEqcl/HEt+eR62/dksM= {org.apache.synapse.transport.
http.headers}
*TID: [-1] [] [2017-11-20 10:37:31,348] DEBUG
{org.apache.synapse.transport.http.wire} - HTTP-Sender I/O dispatcher-1 <<
"X-JWT-Assertion: *eyJ0eXAiOiJKV1QiLCJhbGciOiJSUz
I1NiIsIng1dCI6ImFfamhOdXMyMUtWdW9GeDY1TG1rVzJPX2wxMCJ9.eyJod
HRwOlwvXC93c28yLm9yZ1wvY2xhaW1zXC9yb2xlIjpbIkludGVybmFsXC9zd
WJzY3JpYmVyIiwiSW50ZXJuYWxcL2NyZWF0b3IiLCJBcHBsaWNhdGlvblwvY
WRtaW5fRGVmYXVsdEFwcGxpY2F0aW9uX1BST0RVQ1RJT04iLCJJbnRlcm5hb
FwvcHVibGlzaGVyIiwiSW50ZXJuYWxcL2V2ZXJ5b25lIiwiYWRtaW4iXSwia
HR0cDpcL1wvd3NvMi5vcmdcL2NsYWltc1wvYXBwbGljYXRpb250aWVyIjoiV
W5saW1pdGVkIiwiaHR0cDpcL1wvd3NvMi5vcmdcL2NsYWltc1wva2V5dHlwZ
SI6IlBST0RVQ1RJT04iLCJodHRwOlwvXC93c28yLm9yZ1wvY2xhaW1zXC92Z
XJzaW9uIjoidjEiLCJpc3MiOiJ3c28yLm9yZ1wvcHJvZHVjdHNcL2FtIiwia
HR0cDpcL1wvd3NvMi5vcmdcL2NsYWltc1wvYXBwbGljYXRpb25uYW1lIjoiR
GVmYXVsdEFwcGxpY2F0aW9uIiwiaHR0cDpcL1wvd3NvMi5vcmdcL2NsYWltc
1wvZW5kdXNlciI6ImFkbWluQGNhcmJvbi5zdXBlciIsImh0dHA6XC9cL3dzb
zIub3JnXC9jbGFpbXNcL2VuZHVzZXJUZW5hbnRJZCI6Ii0xMjM0IiwiaHR0c
DpcL1wvd3NvMi5vcmdcL2NsYWltc1wvc3Vic2NyaWJlciI6ImFkbWluIiwia
HR0cDpcL1wvd3NvMi5vcmdcL2NsYWltc1wvdGllciI6IlVubGltaXRlZCIsI
mh0dHA6XC9cL3dzbzIub3JnXC9jbGFpbXNcL2FwcGxpY2F0aW9uaWQiOiIxI
iwiaHR0cDpcL1wvd3NvMi5vcmdcL2NsYWltc1wvdXNlcnR5cGUiOiJBUFBMS
UNBVElPTiIsImV4cCI6MTUxMTE0NTQ0OSwiaHR0cDpcL1wvd3NvMi5vcmdcL
2NsYWltc1wvYXBpY29udGV4dCI6IlwvZmRzYVwvdjEifQ==.ADG30dcwlxBa
N7Wxtixc5Wq/gZRj7nZrGHExn0E+7O4pZ6xTSjeVx7UrWSwj31vm7DjL
Re: [Dev] Enable JWT in gateway node
Hi,
I checked this locally using a separate gateway node and another node for
other profiles. I did not enable JWT and I could see the jwt header when I
enabled the debug logs.
APIKeyMgtDataHolder is the only reference I could find as well. If there
isn't any use case in the gateway, we can remove configuring jwt in gateway
[1].
[1] -
https://docs.wso2.com/display/AM210/Distributed+Deployment+of+API+Manager#DistributedDeploymentofAPIManager-Step3.5-ConfiguretheGateway
Thank you!
On Mon, Nov 20, 2017 at 1:07 PM, Sam Sivayogam wrote:
> It seems like we are reading this config only in APIKeyMgt service [1]
> hence I think we don't need this configuration in Gateway node
>
> [1] https://github.com/wso2/carbon-apimgt/blob/v6.1.66/
> components/apimgt/org.wso2.carbon.apimgt.keymgt/src/main/
> java/org/wso2/carbon/apimgt/keymgt/util/APIKeyMgtDataHolder.java#L107
>
> Thanks,
> Sam
>
> On Mon, Nov 20, 2017 at 8:16 AM, Pubudu Gunatilaka
> wrote:
>
>> Hi,
>>
>> Do we need to enable JWT in gateway node [1] in a fully distributed
>> deployment where KM/IS is hosted separately?
>>
>> I can see the JWT is passed to the backend.
>>
>> *TID: [-1] [] [2017-11-20 10:37:31,347] DEBUG
>>> {org.apache.synapse.transport.http.headers} - http-outgoing-1 >>
>>> X-JWT-Assertion: *eyJ0eXAiOiJKV1QiLCJhbGciOiJSUz
>>> I1NiIsIng1dCI6ImFfamhOdXMyMUtWdW9GeDY1TG1rVzJPX2wxMCJ9.eyJod
>>> HRwOlwvXC93c28yLm9yZ1wvY2xhaW1zXC9yb2xlIjpbIkludGVybmFsXC9zd
>>> WJzY3JpYmVyIiwiSW50ZXJuYWxcL2NyZWF0b3IiLCJBcHBsaWNhdGlvblwvY
>>> WRtaW5fRGVmYXVsdEFwcGxpY2F0aW9uX1BST0RVQ1RJT04iLCJJbnRlcm5hb
>>> FwvcHVibGlzaGVyIiwiSW50ZXJuYWxcL2V2ZXJ5b25lIiwiYWRtaW4iXSwia
>>> HR0cDpcL1wvd3NvMi5vcmdcL2NsYWltc1wvYXBwbGljYXRpb250aWVyIjoiV
>>> W5saW1pdGVkIiwiaHR0cDpcL1wvd3NvMi5vcmdcL2NsYWltc1wva2V5dHlwZ
>>> SI6IlBST0RVQ1RJT04iLCJodHRwOlwvXC93c28yLm9yZ1wvY2xhaW1zXC92Z
>>> XJzaW9uIjoidjEiLCJpc3MiOiJ3c28yLm9yZ1wvcHJvZHVjdHNcL2FtIiwia
>>> HR0cDpcL1wvd3NvMi5vcmdcL2NsYWltc1wvYXBwbGljYXRpb25uYW1lIjoiR
>>> GVmYXVsdEFwcGxpY2F0aW9uIiwiaHR0cDpcL1wvd3NvMi5vcmdcL2NsYWltc
>>> 1wvZW5kdXNlciI6ImFkbWluQGNhcmJvbi5zdXBlciIsImh0dHA6XC9cL3dzb
>>> zIub3JnXC9jbGFpbXNcL2VuZHVzZXJUZW5hbnRJZCI6Ii0xMjM0IiwiaHR0c
>>> DpcL1wvd3NvMi5vcmdcL2NsYWltc1wvc3Vic2NyaWJlciI6ImFkbWluIiwia
>>> HR0cDpcL1wvd3NvMi5vcmdcL2NsYWltc1wvdGllciI6IlVubGltaXRlZCIsI
>>> mh0dHA6XC9cL3dzbzIub3JnXC9jbGFpbXNcL2FwcGxpY2F0aW9uaWQiOiIxI
>>> iwiaHR0cDpcL1wvd3NvMi5vcmdcL2NsYWltc1wvdXNlcnR5cGUiOiJBUFBMS
>>> UNBVElPTiIsImV4cCI6MTUxMTE0NTQ0OSwiaHR0cDpcL1wvd3NvMi5vcmdcL
>>> 2NsYWltc1wvYXBpY29udGV4dCI6IlwvZmRzYVwvdjEifQ==.ADG30dcwlxBa
>>> N7Wxtixc5Wq/gZRj7nZrGHExn0E+7O4pZ6xTSjeVx7UrWSwj31vm7DjL+CvK
>>> 07popxJqchT8+ACt303BkRxOKgfW66h/XmOxleUlXohQByUe6/7FTpnFRfyZ
>>> 7jzttjZct39sBzHcNcyUAEqcl/HEt+eR62/dksM= {org.apache.synapse.transport.
>>> http.headers}
>>> *TID: [-1] [] [2017-11-20 10:37:31,348] DEBUG
>>> {org.apache.synapse.transport.http.wire} - HTTP-Sender I/O dispatcher-1 <<
>>> "X-JWT-Assertion: *eyJ0eXAiOiJKV1QiLCJhbGciOiJSUz
>>> I1NiIsIng1dCI6ImFfamhOdXMyMUtWdW9GeDY1TG1rVzJPX2wxMCJ9.eyJod
>>> HRwOlwvXC93c28yLm9yZ1wvY2xhaW1zXC9yb2xlIjpbIkludGVybmFsXC9zd
>>> WJzY3JpYmVyIiwiSW50ZXJuYWxcL2NyZWF0b3IiLCJBcHBsaWNhdGlvblwvY
>>> WRtaW5fRGVmYXVsdEFwcGxpY2F0aW9uX1BST0RVQ1RJT04iLCJJbnRlcm5hb
>>> FwvcHVibGlzaGVyIiwiSW50ZXJuYWxcL2V2ZXJ5b25lIiwiYWRtaW4iXSwia
>>> HR0cDpcL1wvd3NvMi5vcmdcL2NsYWltc1wvYXBwbGljYXRpb250aWVyIjoiV
>>> W5saW1pdGVkIiwiaHR0cDpcL1wvd3NvMi5vcmdcL2NsYWltc1wva2V5dHlwZ
>>> SI6IlBST0RVQ1RJT04iLCJodHRwOlwvXC93c28yLm9yZ1wvY2xhaW1zXC92Z
>>> XJzaW9uIjoidjEiLCJpc3MiOiJ3c28yLm9yZ1wvcHJvZHVjdHNcL2FtIiwia
>>> HR0cDpcL1wvd3NvMi5vcmdcL2NsYWltc1wvYXBwbGljYXRpb25uYW1lIjoiR
>>> GVmYXVsdEFwcGxpY2F0aW9uIiwiaHR0cDpcL1wvd3NvMi5vcmdcL2NsYWltc
>>> 1wvZW5kdXNlciI6ImFkbWluQGNhcmJvbi5zdXBlciIsImh0dHA6XC9cL3dzb
>>> zIub3JnXC9jbGFpbXNcL2VuZHVzZXJUZW5hbnRJZCI6Ii0xMjM0IiwiaHR0c
>>> DpcL1wvd3NvMi5vcmdcL2NsYWltc1wvc3Vic2NyaWJlciI6ImFkbWluIiwia
>>> HR0cDpcL1wvd3NvMi5vcmdcL2NsYWltc1wvdGllciI6IlVubGltaXRlZCIsI
>>> mh0dHA6XC9cL3dzbzIub3JnXC9jbGFpbXNcL2FwcGxpY2F0aW9uaWQiOiIxI
>>> iwiaHR0cDpcL1wvd3NvMi5vcmdcL2NsYWltc1wvdXNlcnR5cGUiOiJBUFBMS
>>> UNBVElPTiIsImV4cCI6MTUxMTE0NTQ0OSwiaHR0cDpcL1wvd3NvMi5vcmdcL
>>> 2NsYWltc1wvYXBpY29udGV4dCI6IlwvZmRzYVwvdjEifQ==.ADG30dcwlxBa
>>> N7Wxtixc5Wq/gZRj7nZrGHExn0E+7O4pZ6xTSjeVx7UrWSwj31vm7DjL+CvK
>>> 07popxJqchT8+ACt303BkRxOKgfW66h/XmOxleUlXohQByUe6/7FTpnFRfyZ
>>> 7jzttjZct39sBzHcNcyUAEqcl/HEt+eR62/dksM=[\r][\n]"
>>> {org.apache.synapse.transport.http.wire}
>>
>>
>>
>> What is the need to enable JWT in gateway node?
>>
>> [1] - https://docs.wso2.com/display/AM210/Distributed+Deployment
>> +of+API+Manager#DistributedDeploymentofAPIManager-Step3.5-Co
>> nfiguretheGateway
>>
>> Thank you!
>> --
>> *Pubudu Gunatilaka*
>> Committer and PMC Member - Apache Stratos
>> Senior Software Engineer
>> WSO2, Inc.: http://wso2.com
>> mobile : +94774078049 <%2B94772207163>
>>
>>
>> ___
>> Dev mailing list
>> Dev@wso2.org
>> http://wso2.org/cgi-bin/mailman/listinfo/dev
>>
>>
>
>
> --
> *Sam Sivayog
Re: [Dev] Enable JWT in gateway node
It seems like we are reading this config only in APIKeyMgt service [1]
hence I think we don't need this configuration in Gateway node
[1]
https://github.com/wso2/carbon-apimgt/blob/v6.1.66/components/apimgt/org.wso2.carbon.apimgt.keymgt/src/main/java/org/wso2/carbon/apimgt/keymgt/util/APIKeyMgtDataHolder.java#L107
Thanks,
Sam
On Mon, Nov 20, 2017 at 8:16 AM, Pubudu Gunatilaka wrote:
> Hi,
>
> Do we need to enable JWT in gateway node [1] in a fully distributed
> deployment where KM/IS is hosted separately?
>
> I can see the JWT is passed to the backend.
>
> *TID: [-1] [] [2017-11-20 10:37:31,347] DEBUG
>> {org.apache.synapse.transport.http.headers} - http-outgoing-1 >>
>> X-JWT-Assertion: *eyJ0eXAiOiJKV1QiLCJhbGciOiJSUz
>> I1NiIsIng1dCI6ImFfamhOdXMyMUtWdW9GeDY1TG1rVzJPX2wxMCJ9.
>> eyJodHRwOlwvXC93c28yLm9yZ1wvY2xhaW1zXC9yb2xlIjpbIkludGVybmFs
>> XC9zdWJzY3JpYmVyIiwiSW50ZXJuYWxcL2NyZWF0b3IiLCJBcHBsaWNhdGlv
>> blwvYWRtaW5fRGVmYXVsdEFwcGxpY2F0aW9uX1BST0RVQ1RJT04iLCJJbnRl
>> cm5hbFwvcHVibGlzaGVyIiwiSW50ZXJuYWxcL2V2ZXJ5b25lIiwiYWRtaW4i
>> XSwiaHR0cDpcL1wvd3NvMi5vcmdcL2NsYWltc1wvYXBwbGljYXRpb250aWVy
>> IjoiVW5saW1pdGVkIiwiaHR0cDpcL1wvd3NvMi5vcmdcL2NsYWltc1wva2V5
>> dHlwZSI6IlBST0RVQ1RJT04iLCJodHRwOlwvXC93c28yLm9yZ1wvY2xhaW1z
>> XC92ZXJzaW9uIjoidjEiLCJpc3MiOiJ3c28yLm9yZ1wvcHJvZHVjdHNcL2Ft
>> IiwiaHR0cDpcL1wvd3NvMi5vcmdcL2NsYWltc1wvYXBwbGljYXRpb25uYW1l
>> IjoiRGVmYXVsdEFwcGxpY2F0aW9uIiwiaHR0cDpcL1wvd3NvMi5vcmdcL2Ns
>> YWltc1wvZW5kdXNlciI6ImFkbWluQGNhcmJvbi5zdXBlciIsImh0dHA6XC9c
>> L3dzbzIub3JnXC9jbGFpbXNcL2VuZHVzZXJUZW5hbnRJZCI6Ii0xMjM0Iiwi
>> aHR0cDpcL1wvd3NvMi5vcmdcL2NsYWltc1wvc3Vic2NyaWJlciI6ImFkbWlu
>> IiwiaHR0cDpcL1wvd3NvMi5vcmdcL2NsYWltc1wvdGllciI6IlVubGltaXRl
>> ZCIsImh0dHA6XC9cL3dzbzIub3JnXC9jbGFpbXNcL2FwcGxpY2F0aW9uaWQi
>> OiIxIiwiaHR0cDpcL1wvd3NvMi5vcmdcL2NsYWltc1wvdXNlcnR5cGUiOiJB
>> UFBMSUNBVElPTiIsImV4cCI6MTUxMTE0NTQ0OSwiaHR0cDpcL1wvd3NvMi5v
>> cmdcL2NsYWltc1wvYXBpY29udGV4dCI6IlwvZmRzYVwvdjEifQ==.
>> ADG30dcwlxBaN7Wxtixc5Wq/gZRj7nZrGHExn0E+7O4pZ6xTSjeVx7UrWSwj31vm7DjL+
>> CvK07popxJqchT8+ACt303BkRxOKgfW66h/XmOxleUlXohQByUe6/
>> 7FTpnFRfyZ7jzttjZct39sBzHcNcyUAEqcl/HEt+eR62/dksM=
>> {org.apache.synapse.transport.http.headers}
>> *TID: [-1] [] [2017-11-20 10:37:31,348] DEBUG
>> {org.apache.synapse.transport.http.wire} - HTTP-Sender I/O dispatcher-1 <<
>> "X-JWT-Assertion: *eyJ0eXAiOiJKV1QiLCJhbGciOiJSUz
>> I1NiIsIng1dCI6ImFfamhOdXMyMUtWdW9GeDY1TG1rVzJPX2wxMCJ9.
>> eyJodHRwOlwvXC93c28yLm9yZ1wvY2xhaW1zXC9yb2xlIjpbIkludGVybmFs
>> XC9zdWJzY3JpYmVyIiwiSW50ZXJuYWxcL2NyZWF0b3IiLCJBcHBsaWNhdGlv
>> blwvYWRtaW5fRGVmYXVsdEFwcGxpY2F0aW9uX1BST0RVQ1RJT04iLCJJbnRl
>> cm5hbFwvcHVibGlzaGVyIiwiSW50ZXJuYWxcL2V2ZXJ5b25lIiwiYWRtaW4i
>> XSwiaHR0cDpcL1wvd3NvMi5vcmdcL2NsYWltc1wvYXBwbGljYXRpb250aWVy
>> IjoiVW5saW1pdGVkIiwiaHR0cDpcL1wvd3NvMi5vcmdcL2NsYWltc1wva2V5
>> dHlwZSI6IlBST0RVQ1RJT04iLCJodHRwOlwvXC93c28yLm9yZ1wvY2xhaW1z
>> XC92ZXJzaW9uIjoidjEiLCJpc3MiOiJ3c28yLm9yZ1wvcHJvZHVjdHNcL2Ft
>> IiwiaHR0cDpcL1wvd3NvMi5vcmdcL2NsYWltc1wvYXBwbGljYXRpb25uYW1l
>> IjoiRGVmYXVsdEFwcGxpY2F0aW9uIiwiaHR0cDpcL1wvd3NvMi5vcmdcL2Ns
>> YWltc1wvZW5kdXNlciI6ImFkbWluQGNhcmJvbi5zdXBlciIsImh0dHA6XC9c
>> L3dzbzIub3JnXC9jbGFpbXNcL2VuZHVzZXJUZW5hbnRJZCI6Ii0xMjM0Iiwi
>> aHR0cDpcL1wvd3NvMi5vcmdcL2NsYWltc1wvc3Vic2NyaWJlciI6ImFkbWlu
>> IiwiaHR0cDpcL1wvd3NvMi5vcmdcL2NsYWltc1wvdGllciI6IlVubGltaXRl
>> ZCIsImh0dHA6XC9cL3dzbzIub3JnXC9jbGFpbXNcL2FwcGxpY2F0aW9uaWQi
>> OiIxIiwiaHR0cDpcL1wvd3NvMi5vcmdcL2NsYWltc1wvdXNlcnR5cGUiOiJB
>> UFBMSUNBVElPTiIsImV4cCI6MTUxMTE0NTQ0OSwiaHR0cDpcL1wvd3NvMi5v
>> cmdcL2NsYWltc1wvYXBpY29udGV4dCI6IlwvZmRzYVwvdjEifQ==.
>> ADG30dcwlxBaN7Wxtixc5Wq/gZRj7nZrGHExn0E+7O4pZ6xTSjeVx7UrWSwj31vm7DjL+
>> CvK07popxJqchT8+ACt303BkRxOKgfW66h/XmOxleUlXohQByUe6/
>> 7FTpnFRfyZ7jzttjZct39sBzHcNcyUAEqcl/HEt+eR62/dksM=[\r][\n]"
>> {org.apache.synapse.transport.http.wire}
>
>
>
> What is the need to enable JWT in gateway node?
>
> [1] - https://docs.wso2.com/display/AM210/Distributed+
> Deployment+of+API+Manager#DistributedDeploymentofAPIManager-Step3.5-
> ConfiguretheGateway
>
> Thank you!
> --
> *Pubudu Gunatilaka*
> Committer and PMC Member - Apache Stratos
> Senior Software Engineer
> WSO2, Inc.: http://wso2.com
> mobile : +94774078049 <%2B94772207163>
>
>
> ___
> Dev mailing list
> Dev@wso2.org
> http://wso2.org/cgi-bin/mailman/listinfo/dev
>
>
--
*Sam Sivayogam*
Senior Software Engineer
Mobile : +94 772 906 439
Office : +94 112 145 345
*WSO2, Inc. :** wso2.com
Re: [Dev] Enable JWT in gateway node
Hi Pubudu,
Did you able to check this locally and confirm? Don't we have to enable
*EnableJWTGeneration* property to append the JWT header?
Thanks and Regards
On Mon, Nov 20, 2017 at 9:52 AM, Pubudu Gunatilaka wrote:
> Hi Rukshan,
>
> My concern is why we need to enable JWT in gateway? The jwt is getting
> generated in KM/IS and gateway only passes the JWT to the backend. I do not
> see a valid reason to enable JWT in gateway node if there isn't any usage.
>
> Thank you!
>
> On Mon, Nov 20, 2017 at 12:09 PM, Rukshan Premathunga
> wrote:
>
>> Hi pubudu,
>>
>> This depends on the backend right? if it need such a authorization,
>> cluster or Single AM setup we need to generate the JWT and pass to the
>> backend. So it is upto the backend implementation i think.
>>
>> Thanks and Regards
>>
>> On Mon, Nov 20, 2017 at 8:16 AM, Pubudu Gunatilaka
>> wrote:
>>
>>> Hi,
>>>
>>> Do we need to enable JWT in gateway node [1] in a fully distributed
>>> deployment where KM/IS is hosted separately?
>>>
>>> I can see the JWT is passed to the backend.
>>>
>>> *TID: [-1] [] [2017-11-20 10:37:31,347] DEBUG
{org.apache.synapse.transport.http.headers} - http-outgoing-1 >>
X-JWT-Assertion: *eyJ0eXAiOiJKV1QiLCJhbGciOiJSUz
I1NiIsIng1dCI6ImFfamhOdXMyMUtWdW9GeDY1TG1rVzJPX2wxMCJ9.eyJod
HRwOlwvXC93c28yLm9yZ1wvY2xhaW1zXC9yb2xlIjpbIkludGVybmFsXC9zd
WJzY3JpYmVyIiwiSW50ZXJuYWxcL2NyZWF0b3IiLCJBcHBsaWNhdGlvblwvY
WRtaW5fRGVmYXVsdEFwcGxpY2F0aW9uX1BST0RVQ1RJT04iLCJJbnRlcm5hb
FwvcHVibGlzaGVyIiwiSW50ZXJuYWxcL2V2ZXJ5b25lIiwiYWRtaW4iXSwia
HR0cDpcL1wvd3NvMi5vcmdcL2NsYWltc1wvYXBwbGljYXRpb250aWVyIjoiV
W5saW1pdGVkIiwiaHR0cDpcL1wvd3NvMi5vcmdcL2NsYWltc1wva2V5dHlwZ
SI6IlBST0RVQ1RJT04iLCJodHRwOlwvXC93c28yLm9yZ1wvY2xhaW1zXC92Z
XJzaW9uIjoidjEiLCJpc3MiOiJ3c28yLm9yZ1wvcHJvZHVjdHNcL2FtIiwia
HR0cDpcL1wvd3NvMi5vcmdcL2NsYWltc1wvYXBwbGljYXRpb25uYW1lIjoiR
GVmYXVsdEFwcGxpY2F0aW9uIiwiaHR0cDpcL1wvd3NvMi5vcmdcL2NsYWltc
1wvZW5kdXNlciI6ImFkbWluQGNhcmJvbi5zdXBlciIsImh0dHA6XC9cL3dzb
zIub3JnXC9jbGFpbXNcL2VuZHVzZXJUZW5hbnRJZCI6Ii0xMjM0IiwiaHR0c
DpcL1wvd3NvMi5vcmdcL2NsYWltc1wvc3Vic2NyaWJlciI6ImFkbWluIiwia
HR0cDpcL1wvd3NvMi5vcmdcL2NsYWltc1wvdGllciI6IlVubGltaXRlZCIsI
mh0dHA6XC9cL3dzbzIub3JnXC9jbGFpbXNcL2FwcGxpY2F0aW9uaWQiOiIxI
iwiaHR0cDpcL1wvd3NvMi5vcmdcL2NsYWltc1wvdXNlcnR5cGUiOiJBUFBMS
UNBVElPTiIsImV4cCI6MTUxMTE0NTQ0OSwiaHR0cDpcL1wvd3NvMi5vcmdcL
2NsYWltc1wvYXBpY29udGV4dCI6IlwvZmRzYVwvdjEifQ==.ADG30dcwlxBa
N7Wxtixc5Wq/gZRj7nZrGHExn0E+7O4pZ6xTSjeVx7UrWSwj31vm7DjL+CvK
07popxJqchT8+ACt303BkRxOKgfW66h/XmOxleUlXohQByUe6/7FTpnFRfyZ
7jzttjZct39sBzHcNcyUAEqcl/HEt+eR62/dksM= {org.apache.synapse.transport.
http.headers}
*TID: [-1] [] [2017-11-20 10:37:31,348] DEBUG
{org.apache.synapse.transport.http.wire} - HTTP-Sender I/O dispatcher-1 <<
"X-JWT-Assertion: *eyJ0eXAiOiJKV1QiLCJhbGciOiJSUz
I1NiIsIng1dCI6ImFfamhOdXMyMUtWdW9GeDY1TG1rVzJPX2wxMCJ9.eyJod
HRwOlwvXC93c28yLm9yZ1wvY2xhaW1zXC9yb2xlIjpbIkludGVybmFsXC9zd
WJzY3JpYmVyIiwiSW50ZXJuYWxcL2NyZWF0b3IiLCJBcHBsaWNhdGlvblwvY
WRtaW5fRGVmYXVsdEFwcGxpY2F0aW9uX1BST0RVQ1RJT04iLCJJbnRlcm5hb
FwvcHVibGlzaGVyIiwiSW50ZXJuYWxcL2V2ZXJ5b25lIiwiYWRtaW4iXSwia
HR0cDpcL1wvd3NvMi5vcmdcL2NsYWltc1wvYXBwbGljYXRpb250aWVyIjoiV
W5saW1pdGVkIiwiaHR0cDpcL1wvd3NvMi5vcmdcL2NsYWltc1wva2V5dHlwZ
SI6IlBST0RVQ1RJT04iLCJodHRwOlwvXC93c28yLm9yZ1wvY2xhaW1zXC92Z
XJzaW9uIjoidjEiLCJpc3MiOiJ3c28yLm9yZ1wvcHJvZHVjdHNcL2FtIiwia
HR0cDpcL1wvd3NvMi5vcmdcL2NsYWltc1wvYXBwbGljYXRpb25uYW1lIjoiR
GVmYXVsdEFwcGxpY2F0aW9uIiwiaHR0cDpcL1wvd3NvMi5vcmdcL2NsYWltc
1wvZW5kdXNlciI6ImFkbWluQGNhcmJvbi5zdXBlciIsImh0dHA6XC9cL3dzb
zIub3JnXC9jbGFpbXNcL2VuZHVzZXJUZW5hbnRJZCI6Ii0xMjM0IiwiaHR0c
DpcL1wvd3NvMi5vcmdcL2NsYWltc1wvc3Vic2NyaWJlciI6ImFkbWluIiwia
HR0cDpcL1wvd3NvMi5vcmdcL2NsYWltc1wvdGllciI6IlVubGltaXRlZCIsI
mh0dHA6XC9cL3dzbzIub3JnXC9jbGFpbXNcL2FwcGxpY2F0aW9uaWQiOiIxI
iwiaHR0cDpcL1wvd3NvMi5vcmdcL2NsYWltc1wvdXNlcnR5cGUiOiJBUFBMS
UNBVElPTiIsImV4cCI6MTUxMTE0NTQ0OSwiaHR0cDpcL1wvd3NvMi5vcmdcL
2NsYWltc1wvYXBpY29udGV4dCI6IlwvZmRzYVwvdjEifQ==.ADG30dcwlxBa
N7Wxtixc5Wq/gZRj7nZrGHExn0E+7O4pZ6xTSjeVx7UrWSwj31vm7DjL+CvK
07popxJqchT8+ACt303BkRxOKgfW66h/XmOxleUlXohQByUe6/7FTpnFRfyZ
7jzttjZct39sBzHcNcyUAEqcl/HEt+eR62/dksM=[\r][\n]"
{org.apache.synapse.transport.http.wire}
>>>
>>>
>>>
>>> What is the need to enable JWT in gateway node?
>>>
>>> [1] - https://docs.wso2.com/display/AM210/Distributed+Deployment
>>> +of+API+Manager#DistributedDeploymentofAPIManager-Step3.5-Co
>>> nfiguretheGateway
>>>
>>> Thank you!
>>> --
>>> *Pubudu Gunatilaka*
>>> Committer and PMC Member - Apache Stratos
>>> Senior Software Engineer
>>> WSO2, Inc.: http://wso2.com
>>> mobile : +94774078049 <%2B94772207163>
>>>
>>>
>>> ___
>>> Dev mailing list
>>> Dev@wso2.org
>>> http://wso2.org/cgi-bin/mailman/listinfo/dev
>>>
>>>
>>
>>
>> --
>> Rukshan Chathu
Re: [Dev] Enable JWT in gateway node
Hi Rukshan,
My concern is why we need to enable JWT in gateway? The jwt is getting
generated in KM/IS and gateway only passes the JWT to the backend. I do not
see a valid reason to enable JWT in gateway node if there isn't any usage.
Thank you!
On Mon, Nov 20, 2017 at 12:09 PM, Rukshan Premathunga
wrote:
> Hi pubudu,
>
> This depends on the backend right? if it need such a authorization,
> cluster or Single AM setup we need to generate the JWT and pass to the
> backend. So it is upto the backend implementation i think.
>
> Thanks and Regards
>
> On Mon, Nov 20, 2017 at 8:16 AM, Pubudu Gunatilaka
> wrote:
>
>> Hi,
>>
>> Do we need to enable JWT in gateway node [1] in a fully distributed
>> deployment where KM/IS is hosted separately?
>>
>> I can see the JWT is passed to the backend.
>>
>> *TID: [-1] [] [2017-11-20 10:37:31,347] DEBUG
>>> {org.apache.synapse.transport.http.headers} - http-outgoing-1 >>
>>> X-JWT-Assertion: *eyJ0eXAiOiJKV1QiLCJhbGciOiJSUz
>>> I1NiIsIng1dCI6ImFfamhOdXMyMUtWdW9GeDY1TG1rVzJPX2wxMCJ9.eyJod
>>> HRwOlwvXC93c28yLm9yZ1wvY2xhaW1zXC9yb2xlIjpbIkludGVybmFsXC9zd
>>> WJzY3JpYmVyIiwiSW50ZXJuYWxcL2NyZWF0b3IiLCJBcHBsaWNhdGlvblwvY
>>> WRtaW5fRGVmYXVsdEFwcGxpY2F0aW9uX1BST0RVQ1RJT04iLCJJbnRlcm5hb
>>> FwvcHVibGlzaGVyIiwiSW50ZXJuYWxcL2V2ZXJ5b25lIiwiYWRtaW4iXSwia
>>> HR0cDpcL1wvd3NvMi5vcmdcL2NsYWltc1wvYXBwbGljYXRpb250aWVyIjoiV
>>> W5saW1pdGVkIiwiaHR0cDpcL1wvd3NvMi5vcmdcL2NsYWltc1wva2V5dHlwZ
>>> SI6IlBST0RVQ1RJT04iLCJodHRwOlwvXC93c28yLm9yZ1wvY2xhaW1zXC92Z
>>> XJzaW9uIjoidjEiLCJpc3MiOiJ3c28yLm9yZ1wvcHJvZHVjdHNcL2FtIiwia
>>> HR0cDpcL1wvd3NvMi5vcmdcL2NsYWltc1wvYXBwbGljYXRpb25uYW1lIjoiR
>>> GVmYXVsdEFwcGxpY2F0aW9uIiwiaHR0cDpcL1wvd3NvMi5vcmdcL2NsYWltc
>>> 1wvZW5kdXNlciI6ImFkbWluQGNhcmJvbi5zdXBlciIsImh0dHA6XC9cL3dzb
>>> zIub3JnXC9jbGFpbXNcL2VuZHVzZXJUZW5hbnRJZCI6Ii0xMjM0IiwiaHR0c
>>> DpcL1wvd3NvMi5vcmdcL2NsYWltc1wvc3Vic2NyaWJlciI6ImFkbWluIiwia
>>> HR0cDpcL1wvd3NvMi5vcmdcL2NsYWltc1wvdGllciI6IlVubGltaXRlZCIsI
>>> mh0dHA6XC9cL3dzbzIub3JnXC9jbGFpbXNcL2FwcGxpY2F0aW9uaWQiOiIxI
>>> iwiaHR0cDpcL1wvd3NvMi5vcmdcL2NsYWltc1wvdXNlcnR5cGUiOiJBUFBMS
>>> UNBVElPTiIsImV4cCI6MTUxMTE0NTQ0OSwiaHR0cDpcL1wvd3NvMi5vcmdcL
>>> 2NsYWltc1wvYXBpY29udGV4dCI6IlwvZmRzYVwvdjEifQ==.ADG30dcwlxBa
>>> N7Wxtixc5Wq/gZRj7nZrGHExn0E+7O4pZ6xTSjeVx7UrWSwj31vm7DjL+CvK
>>> 07popxJqchT8+ACt303BkRxOKgfW66h/XmOxleUlXohQByUe6/7FTpnFRfyZ
>>> 7jzttjZct39sBzHcNcyUAEqcl/HEt+eR62/dksM= {org.apache.synapse.transport.
>>> http.headers}
>>> *TID: [-1] [] [2017-11-20 10:37:31,348] DEBUG
>>> {org.apache.synapse.transport.http.wire} - HTTP-Sender I/O dispatcher-1 <<
>>> "X-JWT-Assertion: *eyJ0eXAiOiJKV1QiLCJhbGciOiJSUz
>>> I1NiIsIng1dCI6ImFfamhOdXMyMUtWdW9GeDY1TG1rVzJPX2wxMCJ9.eyJod
>>> HRwOlwvXC93c28yLm9yZ1wvY2xhaW1zXC9yb2xlIjpbIkludGVybmFsXC9zd
>>> WJzY3JpYmVyIiwiSW50ZXJuYWxcL2NyZWF0b3IiLCJBcHBsaWNhdGlvblwvY
>>> WRtaW5fRGVmYXVsdEFwcGxpY2F0aW9uX1BST0RVQ1RJT04iLCJJbnRlcm5hb
>>> FwvcHVibGlzaGVyIiwiSW50ZXJuYWxcL2V2ZXJ5b25lIiwiYWRtaW4iXSwia
>>> HR0cDpcL1wvd3NvMi5vcmdcL2NsYWltc1wvYXBwbGljYXRpb250aWVyIjoiV
>>> W5saW1pdGVkIiwiaHR0cDpcL1wvd3NvMi5vcmdcL2NsYWltc1wva2V5dHlwZ
>>> SI6IlBST0RVQ1RJT04iLCJodHRwOlwvXC93c28yLm9yZ1wvY2xhaW1zXC92Z
>>> XJzaW9uIjoidjEiLCJpc3MiOiJ3c28yLm9yZ1wvcHJvZHVjdHNcL2FtIiwia
>>> HR0cDpcL1wvd3NvMi5vcmdcL2NsYWltc1wvYXBwbGljYXRpb25uYW1lIjoiR
>>> GVmYXVsdEFwcGxpY2F0aW9uIiwiaHR0cDpcL1wvd3NvMi5vcmdcL2NsYWltc
>>> 1wvZW5kdXNlciI6ImFkbWluQGNhcmJvbi5zdXBlciIsImh0dHA6XC9cL3dzb
>>> zIub3JnXC9jbGFpbXNcL2VuZHVzZXJUZW5hbnRJZCI6Ii0xMjM0IiwiaHR0c
>>> DpcL1wvd3NvMi5vcmdcL2NsYWltc1wvc3Vic2NyaWJlciI6ImFkbWluIiwia
>>> HR0cDpcL1wvd3NvMi5vcmdcL2NsYWltc1wvdGllciI6IlVubGltaXRlZCIsI
>>> mh0dHA6XC9cL3dzbzIub3JnXC9jbGFpbXNcL2FwcGxpY2F0aW9uaWQiOiIxI
>>> iwiaHR0cDpcL1wvd3NvMi5vcmdcL2NsYWltc1wvdXNlcnR5cGUiOiJBUFBMS
>>> UNBVElPTiIsImV4cCI6MTUxMTE0NTQ0OSwiaHR0cDpcL1wvd3NvMi5vcmdcL
>>> 2NsYWltc1wvYXBpY29udGV4dCI6IlwvZmRzYVwvdjEifQ==.ADG30dcwlxBa
>>> N7Wxtixc5Wq/gZRj7nZrGHExn0E+7O4pZ6xTSjeVx7UrWSwj31vm7DjL+CvK
>>> 07popxJqchT8+ACt303BkRxOKgfW66h/XmOxleUlXohQByUe6/7FTpnFRfyZ
>>> 7jzttjZct39sBzHcNcyUAEqcl/HEt+eR62/dksM=[\r][\n]"
>>> {org.apache.synapse.transport.http.wire}
>>
>>
>>
>> What is the need to enable JWT in gateway node?
>>
>> [1] - https://docs.wso2.com/display/AM210/Distributed+Deployment
>> +of+API+Manager#DistributedDeploymentofAPIManager-Step3.5-Co
>> nfiguretheGateway
>>
>> Thank you!
>> --
>> *Pubudu Gunatilaka*
>> Committer and PMC Member - Apache Stratos
>> Senior Software Engineer
>> WSO2, Inc.: http://wso2.com
>> mobile : +94774078049 <%2B94772207163>
>>
>>
>> ___
>> Dev mailing list
>> Dev@wso2.org
>> http://wso2.org/cgi-bin/mailman/listinfo/dev
>>
>>
>
>
> --
> Rukshan Chathuranga.
> Software Engineer.
> WSO2, Inc.
> +94711822074 <+94%2071%20182%202074>
>
--
*Pubudu Gunatilaka*
Committer and PMC Member - Apache Stratos
Senior Software Engineer
WSO2, Inc.: http://wso2.com
mobile : +94774078049 <%2B94772207163>
___
Dev mailing list
Dev@wso2.org
http://wso2.org/c
[Dev] Enable JWT in gateway node
Hi,
Do we need to enable JWT in gateway node [1] in a fully distributed
deployment where KM/IS is hosted separately?
I can see the JWT is passed to the backend.
*TID: [-1] [] [2017-11-20 10:37:31,347] DEBUG
> {org.apache.synapse.transport.http.headers} - http-outgoing-1 >>
> X-JWT-Assertion:
> *eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsIng1dCI6ImFfamhOdXMyMUtWdW9GeDY1TG1rVzJPX2wxMCJ9.eyJodHRwOlwvXC93c28yLm9yZ1wvY2xhaW1zXC9yb2xlIjpbIkludGVybmFsXC9zdWJzY3JpYmVyIiwiSW50ZXJuYWxcL2NyZWF0b3IiLCJBcHBsaWNhdGlvblwvYWRtaW5fRGVmYXVsdEFwcGxpY2F0aW9uX1BST0RVQ1RJT04iLCJJbnRlcm5hbFwvcHVibGlzaGVyIiwiSW50ZXJuYWxcL2V2ZXJ5b25lIiwiYWRtaW4iXSwiaHR0cDpcL1wvd3NvMi5vcmdcL2NsYWltc1wvYXBwbGljYXRpb250aWVyIjoiVW5saW1pdGVkIiwiaHR0cDpcL1wvd3NvMi5vcmdcL2NsYWltc1wva2V5dHlwZSI6IlBST0RVQ1RJT04iLCJodHRwOlwvXC93c28yLm9yZ1wvY2xhaW1zXC92ZXJzaW9uIjoidjEiLCJpc3MiOiJ3c28yLm9yZ1wvcHJvZHVjdHNcL2FtIiwiaHR0cDpcL1wvd3NvMi5vcmdcL2NsYWltc1wvYXBwbGljYXRpb25uYW1lIjoiRGVmYXVsdEFwcGxpY2F0aW9uIiwiaHR0cDpcL1wvd3NvMi5vcmdcL2NsYWltc1wvZW5kdXNlciI6ImFkbWluQGNhcmJvbi5zdXBlciIsImh0dHA6XC9cL3dzbzIub3JnXC9jbGFpbXNcL2VuZHVzZXJUZW5hbnRJZCI6Ii0xMjM0IiwiaHR0cDpcL1wvd3NvMi5vcmdcL2NsYWltc1wvc3Vic2NyaWJlciI6ImFkbWluIiwiaHR0cDpcL1wvd3NvMi5vcmdcL2NsYWltc1wvdGllciI6IlVubGltaXRlZCIsImh0dHA6XC9cL3dzbzIub3JnXC9jbGFpbXNcL2FwcGxpY2F0aW9uaWQiOiIxIiwiaHR0cDpcL1wvd3NvMi5vcmdcL2NsYWltc1wvdXNlcnR5cGUiOiJBUFBMSUNBVElPTiIsImV4cCI6MTUxMTE0NTQ0OSwiaHR0cDpcL1wvd3NvMi5vcmdcL2NsYWltc1wvYXBpY29udGV4dCI6IlwvZmRzYVwvdjEifQ==.ADG30dcwlxBaN7Wxtixc5Wq/gZRj7nZrGHExn0E+7O4pZ6xTSjeVx7UrWSwj31vm7DjL+CvK07popxJqchT8+ACt303BkRxOKgfW66h/XmOxleUlXohQByUe6/7FTpnFRfyZ7jzttjZct39sBzHcNcyUAEqcl/HEt+eR62/dksM=
> {org.apache.synapse.transport.http.headers}
> *TID: [-1] [] [2017-11-20 10:37:31,348] DEBUG
> {org.apache.synapse.transport.http.wire} - HTTP-Sender I/O dispatcher-1 <<
> "X-JWT-Assertion:
> *eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsIng1dCI6ImFfamhOdXMyMUtWdW9GeDY1TG1rVzJPX2wxMCJ9.eyJodHRwOlwvXC93c28yLm9yZ1wvY2xhaW1zXC9yb2xlIjpbIkludGVybmFsXC9zdWJzY3JpYmVyIiwiSW50ZXJuYWxcL2NyZWF0b3IiLCJBcHBsaWNhdGlvblwvYWRtaW5fRGVmYXVsdEFwcGxpY2F0aW9uX1BST0RVQ1RJT04iLCJJbnRlcm5hbFwvcHVibGlzaGVyIiwiSW50ZXJuYWxcL2V2ZXJ5b25lIiwiYWRtaW4iXSwiaHR0cDpcL1wvd3NvMi5vcmdcL2NsYWltc1wvYXBwbGljYXRpb250aWVyIjoiVW5saW1pdGVkIiwiaHR0cDpcL1wvd3NvMi5vcmdcL2NsYWltc1wva2V5dHlwZSI6IlBST0RVQ1RJT04iLCJodHRwOlwvXC93c28yLm9yZ1wvY2xhaW1zXC92ZXJzaW9uIjoidjEiLCJpc3MiOiJ3c28yLm9yZ1wvcHJvZHVjdHNcL2FtIiwiaHR0cDpcL1wvd3NvMi5vcmdcL2NsYWltc1wvYXBwbGljYXRpb25uYW1lIjoiRGVmYXVsdEFwcGxpY2F0aW9uIiwiaHR0cDpcL1wvd3NvMi5vcmdcL2NsYWltc1wvZW5kdXNlciI6ImFkbWluQGNhcmJvbi5zdXBlciIsImh0dHA6XC9cL3dzbzIub3JnXC9jbGFpbXNcL2VuZHVzZXJUZW5hbnRJZCI6Ii0xMjM0IiwiaHR0cDpcL1wvd3NvMi5vcmdcL2NsYWltc1wvc3Vic2NyaWJlciI6ImFkbWluIiwiaHR0cDpcL1wvd3NvMi5vcmdcL2NsYWltc1wvdGllciI6IlVubGltaXRlZCIsImh0dHA6XC9cL3dzbzIub3JnXC9jbGFpbXNcL2FwcGxpY2F0aW9uaWQiOiIxIiwiaHR0cDpcL1wvd3NvMi5vcmdcL2NsYWltc1wvdXNlcnR5cGUiOiJBUFBMSUNBVElPTiIsImV4cCI6MTUxMTE0NTQ0OSwiaHR0cDpcL1wvd3NvMi5vcmdcL2NsYWltc1wvYXBpY29udGV4dCI6IlwvZmRzYVwvdjEifQ==.ADG30dcwlxBaN7Wxtixc5Wq/gZRj7nZrGHExn0E+7O4pZ6xTSjeVx7UrWSwj31vm7DjL+CvK07popxJqchT8+ACt303BkRxOKgfW66h/XmOxleUlXohQByUe6/7FTpnFRfyZ7jzttjZct39sBzHcNcyUAEqcl/HEt+eR62/dksM=[\r][\n]"
> {org.apache.synapse.transport.http.wire}
What is the need to enable JWT in gateway node?
[1] -
https://docs.wso2.com/display/AM210/Distributed+Deployment+of+API+Manager#DistributedDeploymentofAPIManager-Step3.5-ConfiguretheGateway
Thank you!
--
*Pubudu Gunatilaka*
Committer and PMC Member - Apache Stratos
Senior Software Engineer
WSO2, Inc.: http://wso2.com
mobile : +94774078049 <%2B94772207163>
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev
