I need to apply security updates on wso2 api manager 3.2.0(https://docs.wso2.com/display/Security/Security+Advisory+WSO2-2021-1259) and I need to make changes on wso2 carbon kernel .how can I handle this?
tnx for your help
Related
I am now hosting Pre-Packaged+Identity+Server+5.2.0+with+API+Manager+2.0.0 [https://docs.wso2.com/display/CLUSTER44x/Configuring+the+Pre-Packaged+Identity+Server+5.2.0+with+API+Manager+2.0.0] in my own AWS instance.
Planning to move on to managed Cloud solution by WSO2. But I can see independent installatiion of identity server and wso2 api manager. But is there a cloud alternative for idenitity server , api manager combo.
I am using WSO2 idenity server for user management only.keeping users in that. Can it be done in API manager as well?
What is the cloud alternative for this?
WSO2 Cloud uses Identity Server for providing Single Sign On. Cloud has its deployment architecture done in a way API Manager can also do the user management (thats comes with the power of WSO2 platform). You dont need to worry about cloud having the API Manager and Identity Server separately.
IF you are managing your subscribers and publishers, then its an out of the box scenario in the cloud. If you want to store end users of the APIs (i.e. if you are using the password grant type), then you can add a secondary userstore and store the end users in it.
I recommend you to raise these questions via the "Contact Support" option available in the Cloud UI.
Does anyone know difference between API analytics and IS analytics component?
Why those are separated components?
Or does someone accomplished to gather them?
Also it is possible to export dashboard but what to do with it when I am not able to import it.
APIM Analytics comes with WSO2 API Manager. IS Analytics comes with WSO2 Identity Server. Both analytics solutions are built on top of WSO2 Data Analytics Server. If we take IS Analytics it will provide useful stats and analytics based on the events published through WSO2 Identity Server such as login events, session related data etc. It's the same with APIM analytics.
If you are using both WSO2 APIM and WSO2 IS you can install both analytics features on top of WSO2 DAS. You can refer the WSO2 Documentation for more details.
I am setting up wso2 API manager 1.10.x with DAS 3.0.1 for publishing API statistics using mysql. My API manager system is clustered with gateway worker node on a separate VM. I followed the documents to enable analytics for API manager via UI. I also followed this document to manually enable analytics for gateway worker node. http://blog.rukspot.com/2016/05/configure-wso2-apim-analytics-using-xml.html After setup, I restart all servers, everything seems fine. But when I make a request to published API, gateway does not publish any statistics to DAS receiver. No data in DAS summary tables either.
By debugging wso2 Gateway, I am able to narrow it down to the fact that
private static ServiceDataPublisherAdmin dataPublisherAdminService; inside org.wso2.carbon.apimgt.impl.internal.APIManagerComponent never get set. Therefore APIMgtUsageHandler does not do anything.
Any idea on what could cause this to happen?
Thanks.
Figured it out myself.
bundle org.wso2.carbon.statistics_4.4.8 and 2 other statistics bundles are necessary for gateway worker to publish statistics data to DAS. But worker profile provided in the package of wso2 API manager 1.10.0 had them excluded.
To work around it, start wso2 on worker node with -Dprofile=default.
You can use osgi console to confirm the activation of these bundles. Once the bundle is activated, class inside is instantiated, gateway will start to publish statistics to DAS when you invoke a published API.
I now have a NodeJS REST API. It is CRUD service.
Does anyone know how to secure/protect my APIs step by step with wso2 OAuth2?
If you simply want to protect your REST API with OAuth2 use the WSO2 API Manager.
You can follow the quick start guide to get started.
Details related to adding your API and enabling OAuth2 protection is mentioned here in the quick start guide.
WSO2 API Manager shuts down on its own after few days. Is there a configuration which I need to tweak, so that this doesn't happen in production?
Based on the provided log, it clearly says that someone has triggered the shutdown hook mistakenly.
INFO {org.wso2.carbon.core.init.CarbonServerManager} - Shutdown hook triggered....
WSO2 API Manager normally won't shutdown automatically.