Re: [Dev] How to configure the IS Dashboard for a IS cluster fronted by Nginx
Hi Sashika, Please follow [1] to get your scenario working. [1] http://isurad.blogspot.com/2016/02/wso2-identity-server- 510-behind_18.html *@Samuel*: This has been already discussed in [1], and have two L1 Documentation JIRAs [2,3]. [1] has been created before IS 5.2.0 release. I thought we follow the practice of closing out all the L1 documentation JIRAs before release. If we haven't been able to do it previously, we have to do it going forward. [1] "[Documentation][IS] Clustering documentation needs an update." in documentat...@wso2.com [2] https://wso2.org/jira/browse/DOCUMENTATION-1924 [3] https://wso2.org/jira/browse/DOCUMENTATION-4746 Regards, Johann. On Thu, Oct 26, 2017 at 11:32 AM, Sashika Wijesinghewrote: > Hi Ashen, > > We have already configured the proxy port in the catalina-server.xml. > > Regards, > Sashika > > > > On Thu, Oct 26, 2017 at 11:19 AM, Ashen Weerathunga > wrote: > >> Hi Sashika, >> >> Have you added the proxy port 443 for https connector in >> *catalina-server.xml*? >> That config needs to be there for the dashboard. >> >> Go to /repository/conf/tomcat/catalina-server.xml and add the >> proxy port 443 as below. >> >> > port="9443" >> proxyPort="443" >> >> >> Thanks, >> Ashen >> >> On Thu, Oct 26, 2017 at 10:56 AM, Sashika Wijesinghe >> wrote: >> >>> Hi Ashen, >>> >>> The IS clustering guide you pointed out does not contain any information >>> to configure the IS dashboard in a cluster setup. >>> >>> In my scenario, I can log in to the management console successfully but >>> the issue occurs when login to the IS dashboard. Could this be due to any >>> missing configuration? >>> >>> Thanks >>> Sashika >>> >>> On Thu, Oct 26, 2017 at 12:35 AM, Ashen Weerathunga >>> wrote: >>> Hi Sashika, Can you check with IS 5.4.0 Clustered guide [1]. I guess it has the information you need. [1] https://docs.wso2.com/display/IS540/Clustered+Deployment Thanks, Ashen On Wed, Oct 25, 2017 at 5:34 PM, Asela Pathberiya wrote: > > > On Tue, Oct 24, 2017 at 5:41 PM, Sashika Wijesinghe > wrote: > >> Hi All, >> >> We have configured two IS nodes fronted by Nginx and the site.json >> with server host details as below. >> >> { >> "proxy" : { >> "proxyHost" : "is.dev.wso2.org", >> "proxyHTTPSPort" : "443", >> "proxyContextPath" : "", >> "servicePath" : "/services" >> } >> } >> >> >> When I log in to the Management Console with the admin user, >> authentication was successful but failed to login to the IS Dashboard >> with >> admin user or any user who have permission to the IS Dashboard login. >> >> Following is the authentication exception logged in the terminal. >> >> Any suggestion to solve this issue is highly appreciated. >> > > Don't we have a doc on configuring WSO2IS with Nginx ? > > Thanks, > Asela. > >> >> >> TID: [-1234] [] [2017-10-24 05:28:50,683] ERROR >> {org.wso2.carbon.identity.authenticator.saml2.sso.SAML2SSOAuthenticator} >> - Authentication Request is rejected. SAMLResponse AudienceRestriction >> validation failed. >> TID: [-1] [] [2017-10-24 05:28:50,683] WARN >> {org.wso2.carbon.core.services.util.CarbonAuthenticationUtil} - >> Failed Administrator login attempt 'admin@carbon.super[-1]' at >> [2017-10-24 05:28:50,683+] >> TID: [-1234] [] [2017-10-24 05:28:50,751] WARN >> {org.wso2.carbon.server.admin.module.handler.AuthenticationHandler} >> - Illegal access attempt at [2017-10-24 05:28:50,0751] from IP address >> 192.168.57.251 while trying to authenticate access to service >> WorkflowImplAdminService >> >> TID: [-1] [] [2017-10-24 05:28:49,939] INFO >> {org.wso2.carbon.core.clustering.hazelcast.HazelcastClusterMessageListener} >> - Received ClusteringMessage: org.wso2.carbon.identity.entit >> lement.PolicyStatusClusterMessage@d47e9b84 >> TID: [-1234] [] [2017-10-24 05:28:50,778] INFO { >> org.apache.axis2.transport.http.HTTPSender} - Unable to sendViaPost >> to url[https://is.dev.wso2.org/services/WorkflowImplAdminServic >> e.WorkflowImplAdminServiceHttpsSoap11Endpoint/] >> org.apache.axis2.AxisFault: Transport error: 401 Error: Unauthorized >> at org.apache.axis2.transport.http.HTTPSender.handleResponse(HT >> TPSender.java:326) >> at org.apache.axis2.transport.http.HTTPSender.sendViaPost(HTTPS >> ender.java:196) >> at org.apache.axis2.transport.http.HTTPSender.send(HTTPSender.j >> ava:77) >> at org.apache.axis2.transport.http.CommonsHTTPTransportSender.w >> riteMessageWithCommons(CommonsHTTPTransportSender.java:451) >> at
Re: [Dev] How to configure the IS Dashboard for a IS cluster fronted by Nginx
Hi Ashen, We have already configured the proxy port in the catalina-server.xml. Regards, Sashika On Thu, Oct 26, 2017 at 11:19 AM, Ashen Weerathungawrote: > Hi Sashika, > > Have you added the proxy port 443 for https connector in > *catalina-server.xml*? > That config needs to be there for the dashboard. > > Go to /repository/conf/tomcat/catalina-server.xml and add the > proxy port 443 as below. > >port="9443" > proxyPort="443" > > > Thanks, > Ashen > > On Thu, Oct 26, 2017 at 10:56 AM, Sashika Wijesinghe > wrote: > >> Hi Ashen, >> >> The IS clustering guide you pointed out does not contain any information >> to configure the IS dashboard in a cluster setup. >> >> In my scenario, I can log in to the management console successfully but >> the issue occurs when login to the IS dashboard. Could this be due to any >> missing configuration? >> >> Thanks >> Sashika >> >> On Thu, Oct 26, 2017 at 12:35 AM, Ashen Weerathunga >> wrote: >> >>> Hi Sashika, >>> >>> Can you check with IS 5.4.0 Clustered guide [1]. >>> I guess it has the information you need. >>> >>> [1] https://docs.wso2.com/display/IS540/Clustered+Deployment >>> >>> Thanks, >>> Ashen >>> >>> On Wed, Oct 25, 2017 at 5:34 PM, Asela Pathberiya >>> wrote: >>> On Tue, Oct 24, 2017 at 5:41 PM, Sashika Wijesinghe wrote: > Hi All, > > We have configured two IS nodes fronted by Nginx and the site.json > with server host details as below. > > { > "proxy" : { > "proxyHost" : "is.dev.wso2.org", > "proxyHTTPSPort" : "443", > "proxyContextPath" : "", > "servicePath" : "/services" > } > } > > > When I log in to the Management Console with the admin user, > authentication was successful but failed to login to the IS Dashboard with > admin user or any user who have permission to the IS Dashboard login. > > Following is the authentication exception logged in the terminal. > > Any suggestion to solve this issue is highly appreciated. > Don't we have a doc on configuring WSO2IS with Nginx ? Thanks, Asela. > > > TID: [-1234] [] [2017-10-24 05:28:50,683] ERROR > {org.wso2.carbon.identity.authenticator.saml2.sso.SAML2SSOAuthenticator} > - Authentication Request is rejected. SAMLResponse AudienceRestriction > validation failed. > TID: [-1] [] [2017-10-24 05:28:50,683] WARN > {org.wso2.carbon.core.services.util.CarbonAuthenticationUtil} - > Failed Administrator login attempt 'admin@carbon.super[-1]' at > [2017-10-24 05:28:50,683+] > TID: [-1234] [] [2017-10-24 05:28:50,751] WARN > {org.wso2.carbon.server.admin.module.handler.AuthenticationHandler} - > Illegal access attempt at [2017-10-24 05:28:50,0751] from IP address > 192.168.57.251 while trying to authenticate access to service > WorkflowImplAdminService > > TID: [-1] [] [2017-10-24 05:28:49,939] INFO > {org.wso2.carbon.core.clustering.hazelcast.HazelcastClusterMessageListener} > - Received ClusteringMessage: org.wso2.carbon.identity.entit > lement.PolicyStatusClusterMessage@d47e9b84 > TID: [-1234] [] [2017-10-24 05:28:50,778] INFO { > org.apache.axis2.transport.http.HTTPSender} - Unable to sendViaPost > to url[https://is.dev.wso2.org/services/WorkflowImplAdminServic > e.WorkflowImplAdminServiceHttpsSoap11Endpoint/] > org.apache.axis2.AxisFault: Transport error: 401 Error: Unauthorized > at org.apache.axis2.transport.http.HTTPSender.handleResponse(HT > TPSender.java:326) > at org.apache.axis2.transport.http.HTTPSender.sendViaPost(HTTPS > ender.java:196) > at org.apache.axis2.transport.http.HTTPSender.send(HTTPSender.java:77) > at org.apache.axis2.transport.http.CommonsHTTPTransportSender.w > riteMessageWithCommons(CommonsHTTPTransportSender.java:451) > at org.apache.axis2.transport.http.CommonsHTTPTransportSender.i > nvoke(CommonsHTTPTransportSender.java:278) > at org.apache.axis2.engine.AxisEngine.send(AxisEngine.java:442) > at org.apache.axis2.description.OutInAxisOperationClient.send(O > utInAxisOperation.java:430) > at org.apache.axis2.description.OutInAxisOperationClient.execut > eImpl(OutInAxisOperation.java:225) > at org.apache.axis2.client.OperationClient.execute(OperationCli > ent.java:149) > at org.apache.axis2.client.ServiceClient.sendReceive(ServiceCli > ent.java:554) > at org.jaggeryjs.modules.ws.WSRequestHostObject.jsFunction_send > (WSRequestHostObject.java:379) > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) > at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAcce > ssorImpl.java:62) > at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMe >
Re: [Dev] How to configure the IS Dashboard for a IS cluster fronted by Nginx
Hi Sashika, Have you added the proxy port 443 for https connector in *catalina-server.xml*? That config needs to be there for the dashboard. Go to /repository/conf/tomcat/catalina-server.xml and add the proxy port 443 as below. wrote: > Hi Ashen, > > The IS clustering guide you pointed out does not contain any information > to configure the IS dashboard in a cluster setup. > > In my scenario, I can log in to the management console successfully but > the issue occurs when login to the IS dashboard. Could this be due to any > missing configuration? > > Thanks > Sashika > > On Thu, Oct 26, 2017 at 12:35 AM, Ashen Weerathunga> wrote: > >> Hi Sashika, >> >> Can you check with IS 5.4.0 Clustered guide [1]. >> I guess it has the information you need. >> >> [1] https://docs.wso2.com/display/IS540/Clustered+Deployment >> >> Thanks, >> Ashen >> >> On Wed, Oct 25, 2017 at 5:34 PM, Asela Pathberiya wrote: >> >>> >>> >>> On Tue, Oct 24, 2017 at 5:41 PM, Sashika Wijesinghe >>> wrote: >>> Hi All, We have configured two IS nodes fronted by Nginx and the site.json with server host details as below. { "proxy" : { "proxyHost" : "is.dev.wso2.org", "proxyHTTPSPort" : "443", "proxyContextPath" : "", "servicePath" : "/services" } } When I log in to the Management Console with the admin user, authentication was successful but failed to login to the IS Dashboard with admin user or any user who have permission to the IS Dashboard login. Following is the authentication exception logged in the terminal. Any suggestion to solve this issue is highly appreciated. >>> >>> Don't we have a doc on configuring WSO2IS with Nginx ? >>> >>> Thanks, >>> Asela. >>> TID: [-1234] [] [2017-10-24 05:28:50,683] ERROR {org.wso2.carbon.identity.authenticator.saml2.sso.SAML2SSOAuthenticator} - Authentication Request is rejected. SAMLResponse AudienceRestriction validation failed. TID: [-1] [] [2017-10-24 05:28:50,683] WARN {org.wso2.carbon.core.services.util.CarbonAuthenticationUtil} - Failed Administrator login attempt 'admin@carbon.super[-1]' at [2017-10-24 05:28:50,683+] TID: [-1234] [] [2017-10-24 05:28:50,751] WARN {org.wso2.carbon.server.admin.module.handler.AuthenticationHandler} - Illegal access attempt at [2017-10-24 05:28:50,0751] from IP address 192.168.57.251 while trying to authenticate access to service WorkflowImplAdminService TID: [-1] [] [2017-10-24 05:28:49,939] INFO {org.wso2.carbon.core.clustering.hazelcast.HazelcastClusterMessageListener} - Received ClusteringMessage: org.wso2.carbon.identity.entit lement.PolicyStatusClusterMessage@d47e9b84 TID: [-1234] [] [2017-10-24 05:28:50,778] INFO { org.apache.axis2.transport.http.HTTPSender} - Unable to sendViaPost to url[https://is.dev.wso2.org/services/WorkflowImplAdminServic e.WorkflowImplAdminServiceHttpsSoap11Endpoint/] org.apache.axis2.AxisFault: Transport error: 401 Error: Unauthorized at org.apache.axis2.transport.http.HTTPSender.handleResponse(HT TPSender.java:326) at org.apache.axis2.transport.http.HTTPSender.sendViaPost(HTTPS ender.java:196) at org.apache.axis2.transport.http.HTTPSender.send(HTTPSender.java:77) at org.apache.axis2.transport.http.CommonsHTTPTransportSender.w riteMessageWithCommons(CommonsHTTPTransportSender.java:451) at org.apache.axis2.transport.http.CommonsHTTPTransportSender.i nvoke(CommonsHTTPTransportSender.java:278) at org.apache.axis2.engine.AxisEngine.send(AxisEngine.java:442) at org.apache.axis2.description.OutInAxisOperationClient.send(O utInAxisOperation.java:430) at org.apache.axis2.description.OutInAxisOperationClient.execut eImpl(OutInAxisOperation.java:225) at org.apache.axis2.client.OperationClient.execute(OperationCli ent.java:149) at org.apache.axis2.client.ServiceClient.sendReceive(ServiceCli ent.java:554) at org.jaggeryjs.modules.ws.WSRequestHostObject.jsFunction_send (WSRequestHostObject.java:379) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAcce ssorImpl.java:62) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMe thodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:498) at org.mozilla.javascript.MemberBox.invoke(MemberBox.java:126) at org.mozilla.javascript.FunctionObject.call(FunctionObject.java:386) at org.mozilla.javascript.optimizer.OptRuntime.call1(OptRuntime .java:32) at org.jaggeryjs.rhino.dashboard.controllers.login_logout.c1._c _getProfileList_3(/dashboard/controllers/login-logout/SAML2S SOAuthenticationClient.jag:98)
Re: [Dev] How to configure the IS Dashboard for a IS cluster fronted by Nginx
Hi Ashen, The IS clustering guide you pointed out does not contain any information to configure the IS dashboard in a cluster setup. In my scenario, I can log in to the management console successfully but the issue occurs when login to the IS dashboard. Could this be due to any missing configuration? Thanks Sashika On Thu, Oct 26, 2017 at 12:35 AM, Ashen Weerathungawrote: > Hi Sashika, > > Can you check with IS 5.4.0 Clustered guide [1]. > I guess it has the information you need. > > [1] https://docs.wso2.com/display/IS540/Clustered+Deployment > > Thanks, > Ashen > > On Wed, Oct 25, 2017 at 5:34 PM, Asela Pathberiya wrote: > >> >> >> On Tue, Oct 24, 2017 at 5:41 PM, Sashika Wijesinghe >> wrote: >> >>> Hi All, >>> >>> We have configured two IS nodes fronted by Nginx and the site.json with >>> server host details as below. >>> >>> { >>> "proxy" : { >>> "proxyHost" : "is.dev.wso2.org", >>> "proxyHTTPSPort" : "443", >>> "proxyContextPath" : "", >>> "servicePath" : "/services" >>> } >>> } >>> >>> >>> When I log in to the Management Console with the admin user, >>> authentication was successful but failed to login to the IS Dashboard with >>> admin user or any user who have permission to the IS Dashboard login. >>> >>> Following is the authentication exception logged in the terminal. >>> >>> Any suggestion to solve this issue is highly appreciated. >>> >> >> Don't we have a doc on configuring WSO2IS with Nginx ? >> >> Thanks, >> Asela. >> >>> >>> >>> TID: [-1234] [] [2017-10-24 05:28:50,683] ERROR >>> {org.wso2.carbon.identity.authenticator.saml2.sso.SAML2SSOAuthenticator} >>> - Authentication Request is rejected. SAMLResponse AudienceRestriction >>> validation failed. >>> TID: [-1] [] [2017-10-24 05:28:50,683] WARN >>> {org.wso2.carbon.core.services.util.CarbonAuthenticationUtil} - Failed >>> Administrator login attempt 'admin@carbon.super[-1]' at [2017-10-24 >>> 05:28:50,683+] >>> TID: [-1234] [] [2017-10-24 05:28:50,751] WARN >>> {org.wso2.carbon.server.admin.module.handler.AuthenticationHandler} - >>> Illegal access attempt at [2017-10-24 05:28:50,0751] from IP address >>> 192.168.57.251 while trying to authenticate access to service >>> WorkflowImplAdminService >>> >>> TID: [-1] [] [2017-10-24 05:28:49,939] INFO >>> {org.wso2.carbon.core.clustering.hazelcast.HazelcastClusterMessageListener} >>> - Received ClusteringMessage: org.wso2.carbon.identity.entit >>> lement.PolicyStatusClusterMessage@d47e9b84 >>> TID: [-1234] [] [2017-10-24 05:28:50,778] INFO { >>> org.apache.axis2.transport.http.HTTPSender} - Unable to sendViaPost to >>> url[https://is.dev.wso2.org/services/WorkflowImplAdminServic >>> e.WorkflowImplAdminServiceHttpsSoap11Endpoint/] >>> org.apache.axis2.AxisFault: Transport error: 401 Error: Unauthorized >>> at org.apache.axis2.transport.http.HTTPSender.handleResponse(HT >>> TPSender.java:326) >>> at org.apache.axis2.transport.http.HTTPSender.sendViaPost(HTTPS >>> ender.java:196) >>> at org.apache.axis2.transport.http.HTTPSender.send(HTTPSender.java:77) >>> at org.apache.axis2.transport.http.CommonsHTTPTransportSender.w >>> riteMessageWithCommons(CommonsHTTPTransportSender.java:451) >>> at org.apache.axis2.transport.http.CommonsHTTPTransportSender.i >>> nvoke(CommonsHTTPTransportSender.java:278) >>> at org.apache.axis2.engine.AxisEngine.send(AxisEngine.java:442) >>> at org.apache.axis2.description.OutInAxisOperationClient.send(O >>> utInAxisOperation.java:430) >>> at org.apache.axis2.description.OutInAxisOperationClient.execut >>> eImpl(OutInAxisOperation.java:225) >>> at org.apache.axis2.client.OperationClient.execute(OperationCli >>> ent.java:149) >>> at org.apache.axis2.client.ServiceClient.sendReceive(ServiceCli >>> ent.java:554) >>> at org.jaggeryjs.modules.ws.WSRequestHostObject.jsFunction_send >>> (WSRequestHostObject.java:379) >>> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) >>> at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAcce >>> ssorImpl.java:62) >>> at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMe >>> thodAccessorImpl.java:43) >>> at java.lang.reflect.Method.invoke(Method.java:498) >>> at org.mozilla.javascript.MemberBox.invoke(MemberBox.java:126) >>> at org.mozilla.javascript.FunctionObject.call(FunctionObject.java:386) >>> at org.mozilla.javascript.optimizer.OptRuntime.call1(OptRuntime.java:32) >>> at org.jaggeryjs.rhino.dashboard.controllers.login_logout.c1._c >>> _getProfileList_3(/dashboard/controllers/login-logout/SAML2S >>> SOAuthenticationClient.jag:98) >>> at org.jaggeryjs.rhino.dashboard.controllers.login_logout.c1.ca >>> ll(/dashboard/controllers/login-logout/SAML2SSOAuthenticationClient.jag) >>> at org.mozilla.javascript.optimizer.OptRuntime.callName0(OptRun >>> time.java:74) >>> at org.jaggeryjs.rhino.dashboard.controllers.login_logout.c1._c >>> _getBPSSessions_2(/dashboard/controllers/login-logout/SAML2S >>>
Re: [Dev] How to configure the IS Dashboard for a IS cluster fronted by Nginx
Hi Sashika, Can you check with IS 5.4.0 Clustered guide [1]. I guess it has the information you need. [1] https://docs.wso2.com/display/IS540/Clustered+Deployment Thanks, Ashen On Wed, Oct 25, 2017 at 5:34 PM, Asela Pathberiyawrote: > > > On Tue, Oct 24, 2017 at 5:41 PM, Sashika Wijesinghe > wrote: > >> Hi All, >> >> We have configured two IS nodes fronted by Nginx and the site.json with >> server host details as below. >> >> { >> "proxy" : { >> "proxyHost" : "is.dev.wso2.org", >> "proxyHTTPSPort" : "443", >> "proxyContextPath" : "", >> "servicePath" : "/services" >> } >> } >> >> >> When I log in to the Management Console with the admin user, >> authentication was successful but failed to login to the IS Dashboard with >> admin user or any user who have permission to the IS Dashboard login. >> >> Following is the authentication exception logged in the terminal. >> >> Any suggestion to solve this issue is highly appreciated. >> > > Don't we have a doc on configuring WSO2IS with Nginx ? > > Thanks, > Asela. > >> >> >> TID: [-1234] [] [2017-10-24 05:28:50,683] ERROR >> {org.wso2.carbon.identity.authenticator.saml2.sso.SAML2SSOAuthenticator} >> - Authentication Request is rejected. SAMLResponse AudienceRestriction >> validation failed. >> TID: [-1] [] [2017-10-24 05:28:50,683] WARN >> {org.wso2.carbon.core.services.util.CarbonAuthenticationUtil} - Failed >> Administrator login attempt 'admin@carbon.super[-1]' at [2017-10-24 >> 05:28:50,683+] >> TID: [-1234] [] [2017-10-24 05:28:50,751] WARN >> {org.wso2.carbon.server.admin.module.handler.AuthenticationHandler} - >> Illegal access attempt at [2017-10-24 05:28:50,0751] from IP address >> 192.168.57.251 while trying to authenticate access to service >> WorkflowImplAdminService >> >> TID: [-1] [] [2017-10-24 05:28:49,939] INFO >> {org.wso2.carbon.core.clustering.hazelcast.HazelcastClusterMessageListener} >> - Received ClusteringMessage: org.wso2.carbon.identity.entit >> lement.PolicyStatusClusterMessage@d47e9b84 >> TID: [-1234] [] [2017-10-24 05:28:50,778] INFO { >> org.apache.axis2.transport.http.HTTPSender} - Unable to sendViaPost to >> url[https://is.dev.wso2.org/services/WorkflowImplAdminServic >> e.WorkflowImplAdminServiceHttpsSoap11Endpoint/] >> org.apache.axis2.AxisFault: Transport error: 401 Error: Unauthorized >> at org.apache.axis2.transport.http.HTTPSender.handleResponse( >> HTTPSender.java:326) >> at org.apache.axis2.transport.http.HTTPSender.sendViaPost(HTTPS >> ender.java:196) >> at org.apache.axis2.transport.http.HTTPSender.send(HTTPSender.java:77) >> at org.apache.axis2.transport.http.CommonsHTTPTransportSender.w >> riteMessageWithCommons(CommonsHTTPTransportSender.java:451) >> at org.apache.axis2.transport.http.CommonsHTTPTransportSender.i >> nvoke(CommonsHTTPTransportSender.java:278) >> at org.apache.axis2.engine.AxisEngine.send(AxisEngine.java:442) >> at org.apache.axis2.description.OutInAxisOperationClient.send(O >> utInAxisOperation.java:430) >> at org.apache.axis2.description.OutInAxisOperationClient.execut >> eImpl(OutInAxisOperation.java:225) >> at org.apache.axis2.client.OperationClient.execute(OperationCli >> ent.java:149) >> at org.apache.axis2.client.ServiceClient.sendReceive(ServiceCli >> ent.java:554) >> at org.jaggeryjs.modules.ws.WSRequestHostObject.jsFunction_ >> send(WSRequestHostObject.java:379) >> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) >> at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAcce >> ssorImpl.java:62) >> at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMe >> thodAccessorImpl.java:43) >> at java.lang.reflect.Method.invoke(Method.java:498) >> at org.mozilla.javascript.MemberBox.invoke(MemberBox.java:126) >> at org.mozilla.javascript.FunctionObject.call(FunctionObject.java:386) >> at org.mozilla.javascript.optimizer.OptRuntime.call1(OptRuntime.java:32) >> at org.jaggeryjs.rhino.dashboard.controllers.login_logout.c1._c >> _getProfileList_3(/dashboard/controllers/login-logout/SAML2S >> SOAuthenticationClient.jag:98) >> at org.jaggeryjs.rhino.dashboard.controllers.login_logout.c1.ca >> ll(/dashboard/controllers/login-logout/SAML2SSOAuthenticationClient.jag) >> at org.mozilla.javascript.optimizer.OptRuntime.callName0( >> OptRuntime.java:74) >> at org.jaggeryjs.rhino.dashboard.controllers.login_logout.c1._c >> _getBPSSessions_2(/dashboard/controllers/login-logout/SAML2S >> SOAuthenticationClient.jag:43) >> at org.jaggeryjs.rhino.dashboard.controllers.login_logout.c1.ca >> ll(/dashboard/controllers/login-logout/SAML2SSOAuthenticationClient.jag) >> at org.mozilla.javascript.optimizer.OptRuntime.callName(OptRunt >> ime.java:63) >> at org.jaggeryjs.rhino.dashboard.controllers.login_logout.c1._c >> _login_1(/dashboard/controllers/login-logout/SAML2SSOAuthent >> icationClient.jag:34) >> at org.jaggeryjs.rhino.dashboard.controllers.login_logout.c1.ca >>
Re: [Dev] How to configure the IS Dashboard for a IS cluster fronted by Nginx
On Tue, Oct 24, 2017 at 5:41 PM, Sashika Wijesinghewrote: > Hi All, > > We have configured two IS nodes fronted by Nginx and the site.json with > server host details as below. > > { > "proxy" : { > "proxyHost" : "is.dev.wso2.org", > "proxyHTTPSPort" : "443", > "proxyContextPath" : "", > "servicePath" : "/services" > } > } > > > When I log in to the Management Console with the admin user, > authentication was successful but failed to login to the IS Dashboard with > admin user or any user who have permission to the IS Dashboard login. > > Following is the authentication exception logged in the terminal. > > Any suggestion to solve this issue is highly appreciated. > Don't we have a doc on configuring WSO2IS with Nginx ? Thanks, Asela. > > > TID: [-1234] [] [2017-10-24 05:28:50,683] ERROR {org.wso2.carbon.identity. > authenticator.saml2.sso.SAML2SSOAuthenticator} - Authentication Request > is rejected. SAMLResponse AudienceRestriction validation failed. > TID: [-1] [] [2017-10-24 05:28:50,683] WARN {org.wso2.carbon.core. > services.util.CarbonAuthenticationUtil} - Failed Administrator login > attempt 'admin@carbon.super[-1]' at [2017-10-24 05:28:50,683+] > TID: [-1234] [] [2017-10-24 05:28:50,751] WARN > {org.wso2.carbon.server.admin.module.handler.AuthenticationHandler} - > Illegal access attempt at [2017-10-24 05:28:50,0751] from IP address > 192.168.57.251 while trying to authenticate access to service > WorkflowImplAdminService > > TID: [-1] [] [2017-10-24 05:28:49,939] INFO {org.wso2.carbon.core. > clustering.hazelcast.HazelcastClusterMessageListener} - Received > ClusteringMessage: org.wso2.carbon.identity.entitlement. > PolicyStatusClusterMessage@d47e9b84 > TID: [-1234] [] [2017-10-24 05:28:50,778] INFO > {org.apache.axis2.transport.http.HTTPSender} - Unable to sendViaPost to > url[https://is.dev.wso2.org/services/WorkflowImplAdminService. > WorkflowImplAdminServiceHttpsSoap11Endpoint/] > org.apache.axis2.AxisFault: Transport error: 401 Error: Unauthorized > at org.apache.axis2.transport.http.HTTPSender.handleResponse(HTTPSender. > java:326) > at org.apache.axis2.transport.http.HTTPSender.sendViaPost( > HTTPSender.java:196) > at org.apache.axis2.transport.http.HTTPSender.send(HTTPSender.java:77) > at org.apache.axis2.transport.http.CommonsHTTPTransportSender. > writeMessageWithCommons(CommonsHTTPTransportSender.java:451) > at org.apache.axis2.transport.http.CommonsHTTPTransportSender.invoke( > CommonsHTTPTransportSender.java:278) > at org.apache.axis2.engine.AxisEngine.send(AxisEngine.java:442) > at org.apache.axis2.description.OutInAxisOperationClient.send( > OutInAxisOperation.java:430) > at org.apache.axis2.description.OutInAxisOperationClient.executeImpl( > OutInAxisOperation.java:225) > at org.apache.axis2.client.OperationClient.execute( > OperationClient.java:149) > at org.apache.axis2.client.ServiceClient.sendReceive( > ServiceClient.java:554) > at org.jaggeryjs.modules.ws.WSRequestHostObject.jsFunction_send( > WSRequestHostObject.java:379) > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) > at sun.reflect.NativeMethodAccessorImpl.invoke( > NativeMethodAccessorImpl.java:62) > at sun.reflect.DelegatingMethodAccessorImpl.invoke( > DelegatingMethodAccessorImpl.java:43) > at java.lang.reflect.Method.invoke(Method.java:498) > at org.mozilla.javascript.MemberBox.invoke(MemberBox.java:126) > at org.mozilla.javascript.FunctionObject.call(FunctionObject.java:386) > at org.mozilla.javascript.optimizer.OptRuntime.call1(OptRuntime.java:32) > at org.jaggeryjs.rhino.dashboard.controllers.login_logout.c1._ > c_getProfileList_3(/dashboard/controllers/login-logout/ > SAML2SSOAuthenticationClient.jag:98) > at org.jaggeryjs.rhino.dashboard.controllers.login_logout.c1. > call(/dashboard/controllers/login-logout/SAML2SSOAuthenticationClient.jag) > at org.mozilla.javascript.optimizer.OptRuntime. > callName0(OptRuntime.java:74) > at org.jaggeryjs.rhino.dashboard.controllers.login_logout.c1._ > c_getBPSSessions_2(/dashboard/controllers/login-logout/ > SAML2SSOAuthenticationClient.jag:43) > at org.jaggeryjs.rhino.dashboard.controllers.login_logout.c1. > call(/dashboard/controllers/login-logout/SAML2SSOAuthenticationClient.jag) > at org.mozilla.javascript.optimizer.OptRuntime.callName( > OptRuntime.java:63) > at org.jaggeryjs.rhino.dashboard.controllers.login_logout.c1._ > c_login_1(/dashboard/controllers/login-logout/ > SAML2SSOAuthenticationClient.jag:34) > at org.jaggeryjs.rhino.dashboard.controllers.login_logout.c1. > call(/dashboard/controllers/login-logout/SAML2SSOAuthenticationClient.jag) > at org.mozilla.javascript.optimizer.OptRuntime.call1(OptRuntime.java:32) > at org.jaggeryjs.rhino.dashboard.c6._c_script_0(/dashboard//acs.jag:67) > at org.jaggeryjs.rhino.dashboard.c6.call(/dashboard//acs.jag) > at org.mozilla.javascript.ContextFactory.doTopCall( > ContextFactory.java:394) > at
[Dev] How to configure the IS Dashboard for a IS cluster fronted by Nginx
Hi All, We have configured two IS nodes fronted by Nginx and the site.json with server host details as below. { "proxy" : { "proxyHost" : "is.dev.wso2.org", "proxyHTTPSPort" : "443", "proxyContextPath" : "", "servicePath" : "/services" } } When I log in to the Management Console with the admin user, authentication was successful but failed to login to the IS Dashboard with admin user or any user who have permission to the IS Dashboard login. Following is the authentication exception logged in the terminal. Any suggestion to solve this issue is highly appreciated. TID: [-1234] [] [2017-10-24 05:28:50,683] ERROR {org.wso2.carbon.identity.authenticator.saml2.sso.SAML2SSOAuthenticator} - Authentication Request is rejected. SAMLResponse AudienceRestriction validation failed. TID: [-1] [] [2017-10-24 05:28:50,683] WARN {org.wso2.carbon.core.services.util.CarbonAuthenticationUtil} - Failed Administrator login attempt 'admin@carbon.super[-1]' at [2017-10-24 05:28:50,683+] TID: [-1234] [] [2017-10-24 05:28:50,751] WARN {org.wso2.carbon.server.admin.module.handler.AuthenticationHandler} - Illegal access attempt at [2017-10-24 05:28:50,0751] from IP address 192.168.57.251 while trying to authenticate access to service WorkflowImplAdminService TID: [-1] [] [2017-10-24 05:28:49,939] INFO {org.wso2.carbon.core.clustering.hazelcast.HazelcastClusterMessageListener} - Received ClusteringMessage: org.wso2.carbon.identity.entitlement.PolicyStatusClusterMessage@d47e9b84 TID: [-1234] [] [2017-10-24 05:28:50,778] INFO {org.apache.axis2.transport.http.HTTPSender} - Unable to sendViaPost to url[ https://is.dev.wso2.org/services/WorkflowImplAdminService.WorkflowImplAdminServiceHttpsSoap11Endpoint/ ] org.apache.axis2.AxisFault: Transport error: 401 Error: Unauthorized at org.apache.axis2.transport.http.HTTPSender.handleResponse(HTTPSender.java:326) at org.apache.axis2.transport.http.HTTPSender.sendViaPost(HTTPSender.java:196) at org.apache.axis2.transport.http.HTTPSender.send(HTTPSender.java:77) at org.apache.axis2.transport.http.CommonsHTTPTransportSender.writeMessageWithCommons(CommonsHTTPTransportSender.java:451) at org.apache.axis2.transport.http.CommonsHTTPTransportSender.invoke(CommonsHTTPTransportSender.java:278) at org.apache.axis2.engine.AxisEngine.send(AxisEngine.java:442) at org.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisOperation.java:430) at org.apache.axis2.description.OutInAxisOperationClient.executeImpl(OutInAxisOperation.java:225) at org.apache.axis2.client.OperationClient.execute(OperationClient.java:149) at org.apache.axis2.client.ServiceClient.sendReceive(ServiceClient.java:554) at org.jaggeryjs.modules.ws.WSRequestHostObject.jsFunction_send(WSRequestHostObject.java:379) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:498) at org.mozilla.javascript.MemberBox.invoke(MemberBox.java:126) at org.mozilla.javascript.FunctionObject.call(FunctionObject.java:386) at org.mozilla.javascript.optimizer.OptRuntime.call1(OptRuntime.java:32) at org.jaggeryjs.rhino.dashboard.controllers.login_logout.c1._c_getProfileList_3(/dashboard/controllers/login-logout/SAML2SSOAuthenticationClient.jag:98) at org.jaggeryjs.rhino.dashboard.controllers.login_logout.c1.call(/dashboard/controllers/login-logout/SAML2SSOAuthenticationClient.jag) at org.mozilla.javascript.optimizer.OptRuntime.callName0(OptRuntime.java:74) at org.jaggeryjs.rhino.dashboard.controllers.login_logout.c1._c_getBPSSessions_2(/dashboard/controllers/login-logout/SAML2SSOAuthenticationClient.jag:43) at org.jaggeryjs.rhino.dashboard.controllers.login_logout.c1.call(/dashboard/controllers/login-logout/SAML2SSOAuthenticationClient.jag) at org.mozilla.javascript.optimizer.OptRuntime.callName(OptRuntime.java:63) at org.jaggeryjs.rhino.dashboard.controllers.login_logout.c1._c_login_1(/dashboard/controllers/login-logout/SAML2SSOAuthenticationClient.jag:34) at org.jaggeryjs.rhino.dashboard.controllers.login_logout.c1.call(/dashboard/controllers/login-logout/SAML2SSOAuthenticationClient.jag) at org.mozilla.javascript.optimizer.OptRuntime.call1(OptRuntime.java:32) at org.jaggeryjs.rhino.dashboard.c6._c_script_0(/dashboard//acs.jag:67) at org.jaggeryjs.rhino.dashboard.c6.call(/dashboard//acs.jag) at org.mozilla.javascript.ContextFactory.doTopCall(ContextFactory.java:394) at org.mozilla.javascript.ScriptRuntime.doTopCall(ScriptRuntime.java:3091) at org.jaggeryjs.rhino.dashboard.c6.call(/dashboard//acs.jag) at org.jaggeryjs.rhino.dashboard.c6.exec(/dashboard//acs.jag) at org.jaggeryjs.scriptengine.engine.RhinoEngine.execScript(RhinoEngine.java:567) at org.jaggeryjs.scriptengine.engine.RhinoEngine.exec(RhinoEngine.java:273) at