subject:"\[Dev\] How to configure the IS Dashboard for a IS cluster fronted by Nginx"

Re: [Dev] How to configure the IS Dashboard for a IS cluster fronted by Nginx

2017-10-28 Thread Johann Nallathamby

Hi Sashika,

Please follow [1] to get your scenario working.

[1] http://isurad.blogspot.com/2016/02/wso2-identity-server-
510-behind_18.html

*@Samuel*:
This has been already discussed in [1], and have two L1 Documentation JIRAs
[2,3]. [1] has been created before IS 5.2.0 release. I thought we follow
the practice of closing out all the L1 documentation JIRAs before release.
If we haven't been able to do it previously, we have to do it going forward.

[1] "[Documentation][IS] Clustering documentation needs an update." in
documentat...@wso2.com
[2] https://wso2.org/jira/browse/DOCUMENTATION-1924
[3] https://wso2.org/jira/browse/DOCUMENTATION-4746


Regards,
Johann.

On Thu, Oct 26, 2017 at 11:32 AM, Sashika Wijesinghe 
wrote:

> Hi Ashen,
>
> We have already configured the proxy port in the catalina-server.xml.
>
> Regards,
> Sashika
>
>
>
> On Thu, Oct 26, 2017 at 11:19 AM, Ashen Weerathunga 
> wrote:
>
>> Hi Sashika,
>>
>> Have you added the proxy port 443 for https connector in
>> *catalina-server.xml*?
>> That config needs to be there for the dashboard.
>>
>> Go to /repository/conf/tomcat/catalina-server.xml and add the
>> proxy port 443 as below.
>>
>> >   port="9443"
>>   proxyPort="443"
>>
>>
>> Thanks,
>> Ashen
>>
>> On Thu, Oct 26, 2017 at 10:56 AM, Sashika Wijesinghe 
>> wrote:
>>
>>> Hi Ashen,
>>>
>>> The IS clustering guide you pointed out does not contain any information
>>> to configure the IS dashboard in a cluster setup.
>>>
>>> In my scenario, I can log in to the management console successfully but
>>> the issue occurs when login to the IS dashboard. Could this be due to any
>>> missing configuration?
>>>
>>> Thanks
>>> Sashika
>>>
>>> On Thu, Oct 26, 2017 at 12:35 AM, Ashen Weerathunga 
>>> wrote:
>>>
 Hi Sashika,

 Can you check with IS 5.4.0 Clustered guide [1].
 I guess it has the information you need.

 [1] https://docs.wso2.com/display/IS540/Clustered+Deployment

 Thanks,
 Ashen

 On Wed, Oct 25, 2017 at 5:34 PM, Asela Pathberiya 
 wrote:

>
>
> On Tue, Oct 24, 2017 at 5:41 PM, Sashika Wijesinghe 
> wrote:
>
>> Hi All,
>>
>> We have configured two IS nodes fronted by Nginx and the site.json
>> with server host details as below.
>>
>> {
>> "proxy" : {
>> "proxyHost" : "is.dev.wso2.org",
>> "proxyHTTPSPort" : "443",
>> "proxyContextPath" : "",
>> "servicePath" : "/services"
>> }
>> }
>>
>>
>> When I log in to the Management Console with the admin user,
>> authentication was successful but failed to login to the IS Dashboard 
>> with
>> admin user or any user who have permission to the IS Dashboard login.
>>
>> Following is the authentication exception logged in the terminal.
>>
>> Any suggestion to solve this issue is highly appreciated.
>>
>
> Don't we have a doc on configuring WSO2IS with Nginx  ?
>
> Thanks,
> Asela.
>
>>
>>
>> TID: [-1234] [] [2017-10-24 05:28:50,683] ERROR
>> {org.wso2.carbon.identity.authenticator.saml2.sso.SAML2SSOAuthenticator}
>> -  Authentication Request is rejected. SAMLResponse AudienceRestriction
>> validation failed.
>> TID: [-1] [] [2017-10-24 05:28:50,683]  WARN
>> {org.wso2.carbon.core.services.util.CarbonAuthenticationUtil} -
>>  Failed Administrator login attempt 'admin@carbon.super[-1]' at
>> [2017-10-24 05:28:50,683+]
>> TID: [-1234] [] [2017-10-24 05:28:50,751]  WARN
>> {org.wso2.carbon.server.admin.module.handler.AuthenticationHandler}
>> -  Illegal access attempt at [2017-10-24 05:28:50,0751] from IP address
>> 192.168.57.251 while trying to authenticate access to service
>> WorkflowImplAdminService
>>
>> TID: [-1] [] [2017-10-24 05:28:49,939]  INFO
>> {org.wso2.carbon.core.clustering.hazelcast.HazelcastClusterMessageListener}
>> -  Received ClusteringMessage: org.wso2.carbon.identity.entit
>> lement.PolicyStatusClusterMessage@d47e9b84
>> TID: [-1234] [] [2017-10-24 05:28:50,778]  INFO {
>> org.apache.axis2.transport.http.HTTPSender} -  Unable to sendViaPost
>> to url[https://is.dev.wso2.org/services/WorkflowImplAdminServic
>> e.WorkflowImplAdminServiceHttpsSoap11Endpoint/]
>> org.apache.axis2.AxisFault: Transport error: 401 Error: Unauthorized
>> at org.apache.axis2.transport.http.HTTPSender.handleResponse(HT
>> TPSender.java:326)
>> at org.apache.axis2.transport.http.HTTPSender.sendViaPost(HTTPS
>> ender.java:196)
>> at org.apache.axis2.transport.http.HTTPSender.send(HTTPSender.j
>> ava:77)
>> at org.apache.axis2.transport.http.CommonsHTTPTransportSender.w
>> riteMessageWithCommons(CommonsHTTPTransportSender.java:451)
>> at

Re: [Dev] How to configure the IS Dashboard for a IS cluster fronted by Nginx

2017-10-26 Thread Sashika Wijesinghe

Hi Ashen,

We have already configured the proxy port in the catalina-server.xml.

Regards,
Sashika



On Thu, Oct 26, 2017 at 11:19 AM, Ashen Weerathunga  wrote:

> Hi Sashika,
>
> Have you added the proxy port 443 for https connector in
> *catalina-server.xml*?
> That config needs to be there for the dashboard.
>
> Go to /repository/conf/tomcat/catalina-server.xml and add the
> proxy port 443 as below.
>
>port="9443"
>   proxyPort="443"
>
>
> Thanks,
> Ashen
>
> On Thu, Oct 26, 2017 at 10:56 AM, Sashika Wijesinghe 
> wrote:
>
>> Hi Ashen,
>>
>> The IS clustering guide you pointed out does not contain any information
>> to configure the IS dashboard in a cluster setup.
>>
>> In my scenario, I can log in to the management console successfully but
>> the issue occurs when login to the IS dashboard. Could this be due to any
>> missing configuration?
>>
>> Thanks
>> Sashika
>>
>> On Thu, Oct 26, 2017 at 12:35 AM, Ashen Weerathunga 
>> wrote:
>>
>>> Hi Sashika,
>>>
>>> Can you check with IS 5.4.0 Clustered guide [1].
>>> I guess it has the information you need.
>>>
>>> [1] https://docs.wso2.com/display/IS540/Clustered+Deployment
>>>
>>> Thanks,
>>> Ashen
>>>
>>> On Wed, Oct 25, 2017 at 5:34 PM, Asela Pathberiya 
>>> wrote:
>>>


 On Tue, Oct 24, 2017 at 5:41 PM, Sashika Wijesinghe 
 wrote:

> Hi All,
>
> We have configured two IS nodes fronted by Nginx and the site.json
> with server host details as below.
>
> {
> "proxy" : {
> "proxyHost" : "is.dev.wso2.org",
> "proxyHTTPSPort" : "443",
> "proxyContextPath" : "",
> "servicePath" : "/services"
> }
> }
>
>
> When I log in to the Management Console with the admin user,
> authentication was successful but failed to login to the IS Dashboard with
> admin user or any user who have permission to the IS Dashboard login.
>
> Following is the authentication exception logged in the terminal.
>
> Any suggestion to solve this issue is highly appreciated.
>

 Don't we have a doc on configuring WSO2IS with Nginx  ?

 Thanks,
 Asela.

>
>
> TID: [-1234] [] [2017-10-24 05:28:50,683] ERROR
> {org.wso2.carbon.identity.authenticator.saml2.sso.SAML2SSOAuthenticator}
> -  Authentication Request is rejected. SAMLResponse AudienceRestriction
> validation failed.
> TID: [-1] [] [2017-10-24 05:28:50,683]  WARN
> {org.wso2.carbon.core.services.util.CarbonAuthenticationUtil} -
>  Failed Administrator login attempt 'admin@carbon.super[-1]' at
> [2017-10-24 05:28:50,683+]
> TID: [-1234] [] [2017-10-24 05:28:50,751]  WARN
> {org.wso2.carbon.server.admin.module.handler.AuthenticationHandler} -
>  Illegal access attempt at [2017-10-24 05:28:50,0751] from IP address
> 192.168.57.251 while trying to authenticate access to service
> WorkflowImplAdminService
>
> TID: [-1] [] [2017-10-24 05:28:49,939]  INFO
> {org.wso2.carbon.core.clustering.hazelcast.HazelcastClusterMessageListener}
> -  Received ClusteringMessage: org.wso2.carbon.identity.entit
> lement.PolicyStatusClusterMessage@d47e9b84
> TID: [-1234] [] [2017-10-24 05:28:50,778]  INFO {
> org.apache.axis2.transport.http.HTTPSender} -  Unable to sendViaPost
> to url[https://is.dev.wso2.org/services/WorkflowImplAdminServic
> e.WorkflowImplAdminServiceHttpsSoap11Endpoint/]
> org.apache.axis2.AxisFault: Transport error: 401 Error: Unauthorized
> at org.apache.axis2.transport.http.HTTPSender.handleResponse(HT
> TPSender.java:326)
> at org.apache.axis2.transport.http.HTTPSender.sendViaPost(HTTPS
> ender.java:196)
> at org.apache.axis2.transport.http.HTTPSender.send(HTTPSender.java:77)
> at org.apache.axis2.transport.http.CommonsHTTPTransportSender.w
> riteMessageWithCommons(CommonsHTTPTransportSender.java:451)
> at org.apache.axis2.transport.http.CommonsHTTPTransportSender.i
> nvoke(CommonsHTTPTransportSender.java:278)
> at org.apache.axis2.engine.AxisEngine.send(AxisEngine.java:442)
> at org.apache.axis2.description.OutInAxisOperationClient.send(O
> utInAxisOperation.java:430)
> at org.apache.axis2.description.OutInAxisOperationClient.execut
> eImpl(OutInAxisOperation.java:225)
> at org.apache.axis2.client.OperationClient.execute(OperationCli
> ent.java:149)
> at org.apache.axis2.client.ServiceClient.sendReceive(ServiceCli
> ent.java:554)
> at org.jaggeryjs.modules.ws.WSRequestHostObject.jsFunction_send
> (WSRequestHostObject.java:379)
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAcce
> ssorImpl.java:62)
> at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMe
>

Re: [Dev] How to configure the IS Dashboard for a IS cluster fronted by Nginx

2017-10-25 Thread Ashen Weerathunga

Hi Sashika,

Have you added the proxy port 443 for https connector in
*catalina-server.xml*?
That config needs to be there for the dashboard.

Go to /repository/conf/tomcat/catalina-server.xml and add the
proxy port 443 as below.


wrote:

> Hi Ashen,
>
> The IS clustering guide you pointed out does not contain any information
> to configure the IS dashboard in a cluster setup.
>
> In my scenario, I can log in to the management console successfully but
> the issue occurs when login to the IS dashboard. Could this be due to any
> missing configuration?
>
> Thanks
> Sashika
>
> On Thu, Oct 26, 2017 at 12:35 AM, Ashen Weerathunga 
> wrote:
>
>> Hi Sashika,
>>
>> Can you check with IS 5.4.0 Clustered guide [1].
>> I guess it has the information you need.
>>
>> [1] https://docs.wso2.com/display/IS540/Clustered+Deployment
>>
>> Thanks,
>> Ashen
>>
>> On Wed, Oct 25, 2017 at 5:34 PM, Asela Pathberiya  wrote:
>>
>>>
>>>
>>> On Tue, Oct 24, 2017 at 5:41 PM, Sashika Wijesinghe 
>>> wrote:
>>>
 Hi All,

 We have configured two IS nodes fronted by Nginx and the site.json with
 server host details as below.

 {
 "proxy" : {
 "proxyHost" : "is.dev.wso2.org",
 "proxyHTTPSPort" : "443",
 "proxyContextPath" : "",
 "servicePath" : "/services"
 }
 }


 When I log in to the Management Console with the admin user,
 authentication was successful but failed to login to the IS Dashboard with
 admin user or any user who have permission to the IS Dashboard login.

 Following is the authentication exception logged in the terminal.

 Any suggestion to solve this issue is highly appreciated.

>>>
>>> Don't we have a doc on configuring WSO2IS with Nginx  ?
>>>
>>> Thanks,
>>> Asela.
>>>


 TID: [-1234] [] [2017-10-24 05:28:50,683] ERROR
 {org.wso2.carbon.identity.authenticator.saml2.sso.SAML2SSOAuthenticator}
 -  Authentication Request is rejected. SAMLResponse AudienceRestriction
 validation failed.
 TID: [-1] [] [2017-10-24 05:28:50,683]  WARN
 {org.wso2.carbon.core.services.util.CarbonAuthenticationUtil} -
  Failed Administrator login attempt 'admin@carbon.super[-1]' at
 [2017-10-24 05:28:50,683+]
 TID: [-1234] [] [2017-10-24 05:28:50,751]  WARN
 {org.wso2.carbon.server.admin.module.handler.AuthenticationHandler} -
  Illegal access attempt at [2017-10-24 05:28:50,0751] from IP address
 192.168.57.251 while trying to authenticate access to service
 WorkflowImplAdminService

 TID: [-1] [] [2017-10-24 05:28:49,939]  INFO
 {org.wso2.carbon.core.clustering.hazelcast.HazelcastClusterMessageListener}
 -  Received ClusteringMessage: org.wso2.carbon.identity.entit
 lement.PolicyStatusClusterMessage@d47e9b84
 TID: [-1234] [] [2017-10-24 05:28:50,778]  INFO {
 org.apache.axis2.transport.http.HTTPSender} -  Unable to sendViaPost
 to url[https://is.dev.wso2.org/services/WorkflowImplAdminServic
 e.WorkflowImplAdminServiceHttpsSoap11Endpoint/]
 org.apache.axis2.AxisFault: Transport error: 401 Error: Unauthorized
 at org.apache.axis2.transport.http.HTTPSender.handleResponse(HT
 TPSender.java:326)
 at org.apache.axis2.transport.http.HTTPSender.sendViaPost(HTTPS
 ender.java:196)
 at org.apache.axis2.transport.http.HTTPSender.send(HTTPSender.java:77)
 at org.apache.axis2.transport.http.CommonsHTTPTransportSender.w
 riteMessageWithCommons(CommonsHTTPTransportSender.java:451)
 at org.apache.axis2.transport.http.CommonsHTTPTransportSender.i
 nvoke(CommonsHTTPTransportSender.java:278)
 at org.apache.axis2.engine.AxisEngine.send(AxisEngine.java:442)
 at org.apache.axis2.description.OutInAxisOperationClient.send(O
 utInAxisOperation.java:430)
 at org.apache.axis2.description.OutInAxisOperationClient.execut
 eImpl(OutInAxisOperation.java:225)
 at org.apache.axis2.client.OperationClient.execute(OperationCli
 ent.java:149)
 at org.apache.axis2.client.ServiceClient.sendReceive(ServiceCli
 ent.java:554)
 at org.jaggeryjs.modules.ws.WSRequestHostObject.jsFunction_send
 (WSRequestHostObject.java:379)
 at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
 at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAcce
 ssorImpl.java:62)
 at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMe
 thodAccessorImpl.java:43)
 at java.lang.reflect.Method.invoke(Method.java:498)
 at org.mozilla.javascript.MemberBox.invoke(MemberBox.java:126)
 at org.mozilla.javascript.FunctionObject.call(FunctionObject.java:386)
 at org.mozilla.javascript.optimizer.OptRuntime.call1(OptRuntime
 .java:32)
 at org.jaggeryjs.rhino.dashboard.controllers.login_logout.c1._c
 _getProfileList_3(/dashboard/controllers/login-logout/SAML2S
 SOAuthenticationClient.jag:98)

Re: [Dev] How to configure the IS Dashboard for a IS cluster fronted by Nginx

2017-10-25 Thread Sashika Wijesinghe

Hi Ashen,

The IS clustering guide you pointed out does not contain any information to
configure the IS dashboard in a cluster setup.

In my scenario, I can log in to the management console successfully but the
issue occurs when login to the IS dashboard. Could this be due to any
missing configuration?

Thanks
Sashika

On Thu, Oct 26, 2017 at 12:35 AM, Ashen Weerathunga  wrote:

> Hi Sashika,
>
> Can you check with IS 5.4.0 Clustered guide [1].
> I guess it has the information you need.
>
> [1] https://docs.wso2.com/display/IS540/Clustered+Deployment
>
> Thanks,
> Ashen
>
> On Wed, Oct 25, 2017 at 5:34 PM, Asela Pathberiya  wrote:
>
>>
>>
>> On Tue, Oct 24, 2017 at 5:41 PM, Sashika Wijesinghe 
>> wrote:
>>
>>> Hi All,
>>>
>>> We have configured two IS nodes fronted by Nginx and the site.json with
>>> server host details as below.
>>>
>>> {
>>> "proxy" : {
>>> "proxyHost" : "is.dev.wso2.org",
>>> "proxyHTTPSPort" : "443",
>>> "proxyContextPath" : "",
>>> "servicePath" : "/services"
>>> }
>>> }
>>>
>>>
>>> When I log in to the Management Console with the admin user,
>>> authentication was successful but failed to login to the IS Dashboard with
>>> admin user or any user who have permission to the IS Dashboard login.
>>>
>>> Following is the authentication exception logged in the terminal.
>>>
>>> Any suggestion to solve this issue is highly appreciated.
>>>
>>
>> Don't we have a doc on configuring WSO2IS with Nginx  ?
>>
>> Thanks,
>> Asela.
>>
>>>
>>>
>>> TID: [-1234] [] [2017-10-24 05:28:50,683] ERROR
>>> {org.wso2.carbon.identity.authenticator.saml2.sso.SAML2SSOAuthenticator}
>>> -  Authentication Request is rejected. SAMLResponse AudienceRestriction
>>> validation failed.
>>> TID: [-1] [] [2017-10-24 05:28:50,683]  WARN
>>> {org.wso2.carbon.core.services.util.CarbonAuthenticationUtil} -  Failed
>>> Administrator login attempt 'admin@carbon.super[-1]' at [2017-10-24
>>> 05:28:50,683+]
>>> TID: [-1234] [] [2017-10-24 05:28:50,751]  WARN
>>> {org.wso2.carbon.server.admin.module.handler.AuthenticationHandler} -
>>>  Illegal access attempt at [2017-10-24 05:28:50,0751] from IP address
>>> 192.168.57.251 while trying to authenticate access to service
>>> WorkflowImplAdminService
>>>
>>> TID: [-1] [] [2017-10-24 05:28:49,939]  INFO
>>> {org.wso2.carbon.core.clustering.hazelcast.HazelcastClusterMessageListener}
>>> -  Received ClusteringMessage: org.wso2.carbon.identity.entit
>>> lement.PolicyStatusClusterMessage@d47e9b84
>>> TID: [-1234] [] [2017-10-24 05:28:50,778]  INFO {
>>> org.apache.axis2.transport.http.HTTPSender} -  Unable to sendViaPost to
>>> url[https://is.dev.wso2.org/services/WorkflowImplAdminServic
>>> e.WorkflowImplAdminServiceHttpsSoap11Endpoint/]
>>> org.apache.axis2.AxisFault: Transport error: 401 Error: Unauthorized
>>> at org.apache.axis2.transport.http.HTTPSender.handleResponse(HT
>>> TPSender.java:326)
>>> at org.apache.axis2.transport.http.HTTPSender.sendViaPost(HTTPS
>>> ender.java:196)
>>> at org.apache.axis2.transport.http.HTTPSender.send(HTTPSender.java:77)
>>> at org.apache.axis2.transport.http.CommonsHTTPTransportSender.w
>>> riteMessageWithCommons(CommonsHTTPTransportSender.java:451)
>>> at org.apache.axis2.transport.http.CommonsHTTPTransportSender.i
>>> nvoke(CommonsHTTPTransportSender.java:278)
>>> at org.apache.axis2.engine.AxisEngine.send(AxisEngine.java:442)
>>> at org.apache.axis2.description.OutInAxisOperationClient.send(O
>>> utInAxisOperation.java:430)
>>> at org.apache.axis2.description.OutInAxisOperationClient.execut
>>> eImpl(OutInAxisOperation.java:225)
>>> at org.apache.axis2.client.OperationClient.execute(OperationCli
>>> ent.java:149)
>>> at org.apache.axis2.client.ServiceClient.sendReceive(ServiceCli
>>> ent.java:554)
>>> at org.jaggeryjs.modules.ws.WSRequestHostObject.jsFunction_send
>>> (WSRequestHostObject.java:379)
>>> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
>>> at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAcce
>>> ssorImpl.java:62)
>>> at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMe
>>> thodAccessorImpl.java:43)
>>> at java.lang.reflect.Method.invoke(Method.java:498)
>>> at org.mozilla.javascript.MemberBox.invoke(MemberBox.java:126)
>>> at org.mozilla.javascript.FunctionObject.call(FunctionObject.java:386)
>>> at org.mozilla.javascript.optimizer.OptRuntime.call1(OptRuntime.java:32)
>>> at org.jaggeryjs.rhino.dashboard.controllers.login_logout.c1._c
>>> _getProfileList_3(/dashboard/controllers/login-logout/SAML2S
>>> SOAuthenticationClient.jag:98)
>>> at org.jaggeryjs.rhino.dashboard.controllers.login_logout.c1.ca
>>> ll(/dashboard/controllers/login-logout/SAML2SSOAuthenticationClient.jag)
>>> at org.mozilla.javascript.optimizer.OptRuntime.callName0(OptRun
>>> time.java:74)
>>> at org.jaggeryjs.rhino.dashboard.controllers.login_logout.c1._c
>>> _getBPSSessions_2(/dashboard/controllers/login-logout/SAML2S
>>>

Re: [Dev] How to configure the IS Dashboard for a IS cluster fronted by Nginx

2017-10-25 Thread Ashen Weerathunga

Hi Sashika,

Can you check with IS 5.4.0 Clustered guide [1].
I guess it has the information you need.

[1] https://docs.wso2.com/display/IS540/Clustered+Deployment

Thanks,
Ashen

On Wed, Oct 25, 2017 at 5:34 PM, Asela Pathberiya  wrote:

>
>
> On Tue, Oct 24, 2017 at 5:41 PM, Sashika Wijesinghe 
> wrote:
>
>> Hi All,
>>
>> We have configured two IS nodes fronted by Nginx and the site.json with
>> server host details as below.
>>
>> {
>> "proxy" : {
>> "proxyHost" : "is.dev.wso2.org",
>> "proxyHTTPSPort" : "443",
>> "proxyContextPath" : "",
>> "servicePath" : "/services"
>> }
>> }
>>
>>
>> When I log in to the Management Console with the admin user,
>> authentication was successful but failed to login to the IS Dashboard with
>> admin user or any user who have permission to the IS Dashboard login.
>>
>> Following is the authentication exception logged in the terminal.
>>
>> Any suggestion to solve this issue is highly appreciated.
>>
>
> Don't we have a doc on configuring WSO2IS with Nginx  ?
>
> Thanks,
> Asela.
>
>>
>>
>> TID: [-1234] [] [2017-10-24 05:28:50,683] ERROR
>> {org.wso2.carbon.identity.authenticator.saml2.sso.SAML2SSOAuthenticator}
>> -  Authentication Request is rejected. SAMLResponse AudienceRestriction
>> validation failed.
>> TID: [-1] [] [2017-10-24 05:28:50,683]  WARN
>> {org.wso2.carbon.core.services.util.CarbonAuthenticationUtil} -  Failed
>> Administrator login attempt 'admin@carbon.super[-1]' at [2017-10-24
>> 05:28:50,683+]
>> TID: [-1234] [] [2017-10-24 05:28:50,751]  WARN
>> {org.wso2.carbon.server.admin.module.handler.AuthenticationHandler} -
>>  Illegal access attempt at [2017-10-24 05:28:50,0751] from IP address
>> 192.168.57.251 while trying to authenticate access to service
>> WorkflowImplAdminService
>>
>> TID: [-1] [] [2017-10-24 05:28:49,939]  INFO
>> {org.wso2.carbon.core.clustering.hazelcast.HazelcastClusterMessageListener}
>> -  Received ClusteringMessage: org.wso2.carbon.identity.entit
>> lement.PolicyStatusClusterMessage@d47e9b84
>> TID: [-1234] [] [2017-10-24 05:28:50,778]  INFO {
>> org.apache.axis2.transport.http.HTTPSender} -  Unable to sendViaPost to
>> url[https://is.dev.wso2.org/services/WorkflowImplAdminServic
>> e.WorkflowImplAdminServiceHttpsSoap11Endpoint/]
>> org.apache.axis2.AxisFault: Transport error: 401 Error: Unauthorized
>> at org.apache.axis2.transport.http.HTTPSender.handleResponse(
>> HTTPSender.java:326)
>> at org.apache.axis2.transport.http.HTTPSender.sendViaPost(HTTPS
>> ender.java:196)
>> at org.apache.axis2.transport.http.HTTPSender.send(HTTPSender.java:77)
>> at org.apache.axis2.transport.http.CommonsHTTPTransportSender.w
>> riteMessageWithCommons(CommonsHTTPTransportSender.java:451)
>> at org.apache.axis2.transport.http.CommonsHTTPTransportSender.i
>> nvoke(CommonsHTTPTransportSender.java:278)
>> at org.apache.axis2.engine.AxisEngine.send(AxisEngine.java:442)
>> at org.apache.axis2.description.OutInAxisOperationClient.send(O
>> utInAxisOperation.java:430)
>> at org.apache.axis2.description.OutInAxisOperationClient.execut
>> eImpl(OutInAxisOperation.java:225)
>> at org.apache.axis2.client.OperationClient.execute(OperationCli
>> ent.java:149)
>> at org.apache.axis2.client.ServiceClient.sendReceive(ServiceCli
>> ent.java:554)
>> at org.jaggeryjs.modules.ws.WSRequestHostObject.jsFunction_
>> send(WSRequestHostObject.java:379)
>> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
>> at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAcce
>> ssorImpl.java:62)
>> at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMe
>> thodAccessorImpl.java:43)
>> at java.lang.reflect.Method.invoke(Method.java:498)
>> at org.mozilla.javascript.MemberBox.invoke(MemberBox.java:126)
>> at org.mozilla.javascript.FunctionObject.call(FunctionObject.java:386)
>> at org.mozilla.javascript.optimizer.OptRuntime.call1(OptRuntime.java:32)
>> at org.jaggeryjs.rhino.dashboard.controllers.login_logout.c1._c
>> _getProfileList_3(/dashboard/controllers/login-logout/SAML2S
>> SOAuthenticationClient.jag:98)
>> at org.jaggeryjs.rhino.dashboard.controllers.login_logout.c1.ca
>> ll(/dashboard/controllers/login-logout/SAML2SSOAuthenticationClient.jag)
>> at org.mozilla.javascript.optimizer.OptRuntime.callName0(
>> OptRuntime.java:74)
>> at org.jaggeryjs.rhino.dashboard.controllers.login_logout.c1._c
>> _getBPSSessions_2(/dashboard/controllers/login-logout/SAML2S
>> SOAuthenticationClient.jag:43)
>> at org.jaggeryjs.rhino.dashboard.controllers.login_logout.c1.ca
>> ll(/dashboard/controllers/login-logout/SAML2SSOAuthenticationClient.jag)
>> at org.mozilla.javascript.optimizer.OptRuntime.callName(OptRunt
>> ime.java:63)
>> at org.jaggeryjs.rhino.dashboard.controllers.login_logout.c1._c
>> _login_1(/dashboard/controllers/login-logout/SAML2SSOAuthent
>> icationClient.jag:34)
>> at org.jaggeryjs.rhino.dashboard.controllers.login_logout.c1.ca
>>

Re: [Dev] How to configure the IS Dashboard for a IS cluster fronted by Nginx

2017-10-25 Thread Asela Pathberiya

On Tue, Oct 24, 2017 at 5:41 PM, Sashika Wijesinghe 
wrote:

> Hi All,
>
> We have configured two IS nodes fronted by Nginx and the site.json with
> server host details as below.
>
> {
> "proxy" : {
> "proxyHost" : "is.dev.wso2.org",
> "proxyHTTPSPort" : "443",
> "proxyContextPath" : "",
> "servicePath" : "/services"
> }
> }
>
>
> When I log in to the Management Console with the admin user,
> authentication was successful but failed to login to the IS Dashboard with
> admin user or any user who have permission to the IS Dashboard login.
>
> Following is the authentication exception logged in the terminal.
>
> Any suggestion to solve this issue is highly appreciated.
>

Don't we have a doc on configuring WSO2IS with Nginx  ?

Thanks,
Asela.

>
>
> TID: [-1234] [] [2017-10-24 05:28:50,683] ERROR {org.wso2.carbon.identity.
> authenticator.saml2.sso.SAML2SSOAuthenticator} -  Authentication Request
> is rejected. SAMLResponse AudienceRestriction validation failed.
> TID: [-1] [] [2017-10-24 05:28:50,683]  WARN {org.wso2.carbon.core.
> services.util.CarbonAuthenticationUtil} -  Failed Administrator login
> attempt 'admin@carbon.super[-1]' at [2017-10-24 05:28:50,683+]
> TID: [-1234] [] [2017-10-24 05:28:50,751]  WARN
> {org.wso2.carbon.server.admin.module.handler.AuthenticationHandler} -
>  Illegal access attempt at [2017-10-24 05:28:50,0751] from IP address
> 192.168.57.251 while trying to authenticate access to service
> WorkflowImplAdminService
>
> TID: [-1] [] [2017-10-24 05:28:49,939]  INFO {org.wso2.carbon.core.
> clustering.hazelcast.HazelcastClusterMessageListener} -  Received
> ClusteringMessage: org.wso2.carbon.identity.entitlement.
> PolicyStatusClusterMessage@d47e9b84
> TID: [-1234] [] [2017-10-24 05:28:50,778]  INFO
> {org.apache.axis2.transport.http.HTTPSender} -  Unable to sendViaPost to
> url[https://is.dev.wso2.org/services/WorkflowImplAdminService.
> WorkflowImplAdminServiceHttpsSoap11Endpoint/]
> org.apache.axis2.AxisFault: Transport error: 401 Error: Unauthorized
> at org.apache.axis2.transport.http.HTTPSender.handleResponse(HTTPSender.
> java:326)
> at org.apache.axis2.transport.http.HTTPSender.sendViaPost(
> HTTPSender.java:196)
> at org.apache.axis2.transport.http.HTTPSender.send(HTTPSender.java:77)
> at org.apache.axis2.transport.http.CommonsHTTPTransportSender.
> writeMessageWithCommons(CommonsHTTPTransportSender.java:451)
> at org.apache.axis2.transport.http.CommonsHTTPTransportSender.invoke(
> CommonsHTTPTransportSender.java:278)
> at org.apache.axis2.engine.AxisEngine.send(AxisEngine.java:442)
> at org.apache.axis2.description.OutInAxisOperationClient.send(
> OutInAxisOperation.java:430)
> at org.apache.axis2.description.OutInAxisOperationClient.executeImpl(
> OutInAxisOperation.java:225)
> at org.apache.axis2.client.OperationClient.execute(
> OperationClient.java:149)
> at org.apache.axis2.client.ServiceClient.sendReceive(
> ServiceClient.java:554)
> at org.jaggeryjs.modules.ws.WSRequestHostObject.jsFunction_send(
> WSRequestHostObject.java:379)
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> at sun.reflect.NativeMethodAccessorImpl.invoke(
> NativeMethodAccessorImpl.java:62)
> at sun.reflect.DelegatingMethodAccessorImpl.invoke(
> DelegatingMethodAccessorImpl.java:43)
> at java.lang.reflect.Method.invoke(Method.java:498)
> at org.mozilla.javascript.MemberBox.invoke(MemberBox.java:126)
> at org.mozilla.javascript.FunctionObject.call(FunctionObject.java:386)
> at org.mozilla.javascript.optimizer.OptRuntime.call1(OptRuntime.java:32)
> at org.jaggeryjs.rhino.dashboard.controllers.login_logout.c1._
> c_getProfileList_3(/dashboard/controllers/login-logout/
> SAML2SSOAuthenticationClient.jag:98)
> at org.jaggeryjs.rhino.dashboard.controllers.login_logout.c1.
> call(/dashboard/controllers/login-logout/SAML2SSOAuthenticationClient.jag)
> at org.mozilla.javascript.optimizer.OptRuntime.
> callName0(OptRuntime.java:74)
> at org.jaggeryjs.rhino.dashboard.controllers.login_logout.c1._
> c_getBPSSessions_2(/dashboard/controllers/login-logout/
> SAML2SSOAuthenticationClient.jag:43)
> at org.jaggeryjs.rhino.dashboard.controllers.login_logout.c1.
> call(/dashboard/controllers/login-logout/SAML2SSOAuthenticationClient.jag)
> at org.mozilla.javascript.optimizer.OptRuntime.callName(
> OptRuntime.java:63)
> at org.jaggeryjs.rhino.dashboard.controllers.login_logout.c1._
> c_login_1(/dashboard/controllers/login-logout/
> SAML2SSOAuthenticationClient.jag:34)
> at org.jaggeryjs.rhino.dashboard.controllers.login_logout.c1.
> call(/dashboard/controllers/login-logout/SAML2SSOAuthenticationClient.jag)
> at org.mozilla.javascript.optimizer.OptRuntime.call1(OptRuntime.java:32)
> at org.jaggeryjs.rhino.dashboard.c6._c_script_0(/dashboard//acs.jag:67)
> at org.jaggeryjs.rhino.dashboard.c6.call(/dashboard//acs.jag)
> at org.mozilla.javascript.ContextFactory.doTopCall(
> ContextFactory.java:394)
> at

[Dev] How to configure the IS Dashboard for a IS cluster fronted by Nginx

2017-10-24 Thread Sashika Wijesinghe

Hi All,

We have configured two IS nodes fronted by Nginx and the site.json with
server host details as below.

{
"proxy" : {
"proxyHost" : "is.dev.wso2.org",
"proxyHTTPSPort" : "443",
"proxyContextPath" : "",
"servicePath" : "/services"
}
}


When I log in to the Management Console with the admin user, authentication
was successful but failed to login to the IS Dashboard with admin user or
any user who have permission to the IS Dashboard login.

Following is the authentication exception logged in the terminal.

Any suggestion to solve this issue is highly appreciated.


TID: [-1234] [] [2017-10-24 05:28:50,683] ERROR
{org.wso2.carbon.identity.authenticator.saml2.sso.SAML2SSOAuthenticator} -
 Authentication Request is rejected. SAMLResponse AudienceRestriction
validation failed.
TID: [-1] [] [2017-10-24 05:28:50,683]  WARN
{org.wso2.carbon.core.services.util.CarbonAuthenticationUtil} -  Failed
Administrator login attempt 'admin@carbon.super[-1]' at [2017-10-24
05:28:50,683+]
TID: [-1234] [] [2017-10-24 05:28:50,751]  WARN
{org.wso2.carbon.server.admin.module.handler.AuthenticationHandler} -
 Illegal access attempt at [2017-10-24 05:28:50,0751] from IP address
192.168.57.251 while trying to authenticate access to service
WorkflowImplAdminService

TID: [-1] [] [2017-10-24 05:28:49,939]  INFO
{org.wso2.carbon.core.clustering.hazelcast.HazelcastClusterMessageListener}
-  Received ClusteringMessage:
org.wso2.carbon.identity.entitlement.PolicyStatusClusterMessage@d47e9b84
TID: [-1234] [] [2017-10-24 05:28:50,778]  INFO
{org.apache.axis2.transport.http.HTTPSender} -  Unable to sendViaPost to
url[
https://is.dev.wso2.org/services/WorkflowImplAdminService.WorkflowImplAdminServiceHttpsSoap11Endpoint/
]
org.apache.axis2.AxisFault: Transport error: 401 Error: Unauthorized
at
org.apache.axis2.transport.http.HTTPSender.handleResponse(HTTPSender.java:326)
at
org.apache.axis2.transport.http.HTTPSender.sendViaPost(HTTPSender.java:196)
at org.apache.axis2.transport.http.HTTPSender.send(HTTPSender.java:77)
at
org.apache.axis2.transport.http.CommonsHTTPTransportSender.writeMessageWithCommons(CommonsHTTPTransportSender.java:451)
at
org.apache.axis2.transport.http.CommonsHTTPTransportSender.invoke(CommonsHTTPTransportSender.java:278)
at org.apache.axis2.engine.AxisEngine.send(AxisEngine.java:442)
at
org.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisOperation.java:430)
at
org.apache.axis2.description.OutInAxisOperationClient.executeImpl(OutInAxisOperation.java:225)
at org.apache.axis2.client.OperationClient.execute(OperationClient.java:149)
at org.apache.axis2.client.ServiceClient.sendReceive(ServiceClient.java:554)
at
org.jaggeryjs.modules.ws.WSRequestHostObject.jsFunction_send(WSRequestHostObject.java:379)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at org.mozilla.javascript.MemberBox.invoke(MemberBox.java:126)
at org.mozilla.javascript.FunctionObject.call(FunctionObject.java:386)
at org.mozilla.javascript.optimizer.OptRuntime.call1(OptRuntime.java:32)
at
org.jaggeryjs.rhino.dashboard.controllers.login_logout.c1._c_getProfileList_3(/dashboard/controllers/login-logout/SAML2SSOAuthenticationClient.jag:98)
at
org.jaggeryjs.rhino.dashboard.controllers.login_logout.c1.call(/dashboard/controllers/login-logout/SAML2SSOAuthenticationClient.jag)
at org.mozilla.javascript.optimizer.OptRuntime.callName0(OptRuntime.java:74)
at
org.jaggeryjs.rhino.dashboard.controllers.login_logout.c1._c_getBPSSessions_2(/dashboard/controllers/login-logout/SAML2SSOAuthenticationClient.jag:43)
at
org.jaggeryjs.rhino.dashboard.controllers.login_logout.c1.call(/dashboard/controllers/login-logout/SAML2SSOAuthenticationClient.jag)
at org.mozilla.javascript.optimizer.OptRuntime.callName(OptRuntime.java:63)
at
org.jaggeryjs.rhino.dashboard.controllers.login_logout.c1._c_login_1(/dashboard/controllers/login-logout/SAML2SSOAuthenticationClient.jag:34)
at
org.jaggeryjs.rhino.dashboard.controllers.login_logout.c1.call(/dashboard/controllers/login-logout/SAML2SSOAuthenticationClient.jag)
at org.mozilla.javascript.optimizer.OptRuntime.call1(OptRuntime.java:32)
at org.jaggeryjs.rhino.dashboard.c6._c_script_0(/dashboard//acs.jag:67)
at org.jaggeryjs.rhino.dashboard.c6.call(/dashboard//acs.jag)
at org.mozilla.javascript.ContextFactory.doTopCall(ContextFactory.java:394)
at org.mozilla.javascript.ScriptRuntime.doTopCall(ScriptRuntime.java:3091)
at org.jaggeryjs.rhino.dashboard.c6.call(/dashboard//acs.jag)
at org.jaggeryjs.rhino.dashboard.c6.exec(/dashboard//acs.jag)
at
org.jaggeryjs.scriptengine.engine.RhinoEngine.execScript(RhinoEngine.java:567)
at org.jaggeryjs.scriptengine.engine.RhinoEngine.exec(RhinoEngine.java:273)
at

Re: [Dev] How to configure the IS Dashboard for a IS cluster fronted by Nginx

Re: [Dev] How to configure the IS Dashboard for a IS cluster fronted by Nginx

Re: [Dev] How to configure the IS Dashboard for a IS cluster fronted by Nginx

Re: [Dev] How to configure the IS Dashboard for a IS cluster fronted by Nginx

Re: [Dev] How to configure the IS Dashboard for a IS cluster fronted by Nginx

Re: [Dev] How to configure the IS Dashboard for a IS cluster fronted by Nginx

[Dev] How to configure the IS Dashboard for a IS cluster fronted by Nginx

7 matches

Site Navigation

Mail list logo

Footer information