search

wso2 / product-apim

Welcome to the WSO2 API Manager source code! For info on working with the WSO2 API Manager repository and contributing code, click the link below.
http://wso2.github.io/
Apache License 2.0
855 stars 787 forks source link

NPE prints at APIM side server log for migrated 3.1.0 Is-km setup #7808

Closed HiranyaKavishani closed 4 weeks ago

HiranyaKavishani commented 4 years ago

Description:

The apim server log has been printed the following exception when it calling the key template retriever.

Exception in thread "Timer-13" java.lang.NullPointerException
    at java.util.Objects.requireNonNull(Objects.java:203)
    at java.util.Arrays$ArrayList.<init>(Arrays.java:3813)
    at java.util.Arrays.asList(Arrays.java:3800)
    at org.wso2.carbon.apimgt.gateway.throttling.util.KeyTemplateRetriever.loadKeyTemplatesFromWebService_aroundBody6(KeyTemplateRetriever.java:117)
    at org.wso2.carbon.apimgt.gateway.throttling.util.KeyTemplateRetriever.loadKeyTemplatesFromWebService(KeyTemplateRetriever.java:116)
    at org.wso2.carbon.apimgt.gateway.throttling.util.KeyTemplateRetriever.run_aroundBody0(KeyTemplateRetriever.java:55)
    at org.wso2.carbon.apimgt.gateway.throttling.util.KeyTemplateRetriever.run(KeyTemplateRetriever.java:51)
    at java.util.TimerThread.mainLoop(Timer.java:555)
    at java.util.TimerThread.run(Timer.java:505)

Steps to reproduce:

Affected Product Version:

3.1.0

Environment details (with versions):

Mac Os

DBs:

Mysql, PostgreSQL

Optional Fields

Related Issues:

Suggested Labels:

Suggested Assignees:

HiranyaKavishani commented 4 years ago

This is reproducible in normal APIM3.1.0 - iskm5.10 setup. It seems there is a difference between ResourceAccessControl configuration at identity.xml at Iskm and apim because iskm has been configured it as default-access="deny" Therefore it shows authentication failure during the server startup when retrieving keytemplates

HiranyaKavishani commented 4 years ago

Solution: We have to make the following config[1] to true at /modules/distribution/src/repository/resources/conf/default.json file.

_"resource_access_control.default_accessallow":true,

[1] https://github.com/wso2/carbon-identity-framework/blob/master/features/identity-core/org.wso2.carbon.identity.core.server.feature/resources/org.wso2.carbon.identity.core.server.feature.default.json#L405

SiluniPathirana commented 4 years ago

In real deployment adding the following configuration to deployment.toml file resides in the /repository/conf folder will solve the issue

{code} [resource_access_control] default_access_allow= true {code}

HiranyaKavishani commented 4 years ago

Thanks. We will fix this issue via WUM.

adityamajeti commented 4 years ago

@SiluniPathirana, yeah it worked for me. thanks.