We've recently upgraded our fully functional WSO2 AM 1.10 to 2.0. The installation process gave no errors and seems to be complete. We can use the Publisher just fine. However, when we go to the Store, and go to a tab that lists all of the user's Applications, it fails, and the page is empty. The log shows:
WARN - CarbonAuthenticationUtil Failed Administrator login attempt 'MyUser[-1234]' at [2017-01-10 09:47:09,380-0500]
WARN - AuthenticationHandler Illegal access attempt at [2017-01-10 09:47:09,0380] from IP address IP-ADDRESS while trying to authenticate access to service APIKeyMgtSubscriberService
ERROR - AMDefaultKeyManagerImpl Can not retrieve OAuth application for the given consumer key : BigLongStringOfStuff org.apache.axis2.AxisFault: Access Denied. Authentication failed - Invalid credentials provided.
at org.apache.axis2.util.Utils.getInboundFaultFromMessageContext(Utils.java:531)
at org.apache.axis2.description.OutInAxisOperationClient.handleResponse(OutInAxisOperation.java:370)
at org.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisOperation.java:445)
at org.apache.axis2.description.OutInAxisOperationClient.executeImpl(OutInAxisOperation.java:225)
at org.apache.axis2.client.OperationClient.execute(OperationClient.java:149)
at org.wso2.carbon.apimgt.keymgt.stub.subscriber.APIKeyMgtSubscriberServiceStub.retrieveOAuthApplication(APIKeyMgtSubscriberServiceStub.java:1683)
at org.wso2.carbon.apimgt.keymgt.client.SubscriberKeyMgtClient.getOAuthApplication(SubscriberKeyMgtClient.java:89)
at org.wso2.carbon.apimgt.impl.AMDefaultKeyManagerImpl.retrieveApplication(AMDefaultKeyManagerImpl.java:234)
at org.wso2.carbon.apimgt.impl.dao.ApiMgtDAO.getClientOfApplication(ApiMgtDAO.java:2389)
at org.wso2.carbon.apimgt.impl.dao.ApiMgtDAO.getOAuthApplications(ApiMgtDAO.java:2353)
at org.wso2.carbon.apimgt.impl.dao.ApiMgtDAO.getApplications(ApiMgtDAO.java:4649)
at org.wso2.carbon.apimgt.impl.APIConsumerImpl.getApplications(APIConsumerImpl.java:3136)
at org.wso2.carbon.apimgt.impl.UserAwareAPIConsumer.getApplications(UserAwareAPIConsumer.java:36)
at org.wso2.carbon.apimgt.hostobjects.APIStoreHostObject.jsFunction_getApplications(APIStoreHostObject.java:3225)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
We are using a Read Only LDAP store, the configuration is here:
<UserManager>
<Realm>
<Configuration>
<AddAdmin>False</AddAdmin>
<AdminRole>AdminGroup</AdminRole>
<AdminUser>
<UserName>MyUser</UserName>
<Password>MyPW</Password>
</AdminUser>
<EveryOneRoleName>everyone</EveryOneRoleName> <!-- By default users in this role sees the registry root -->
<Property name="dataSource">jdbc/WSO2CarbonDB</Property>
</Configuration>
<UserStoreManager class="org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager">
<Property name="TenantManager">org.wso2.carbon.user.core.tenant.CommonHybridLDAPTenantManager</Property>
<Property name="ReadOnly">true</Property>
<Property name="Disabled">false</Property>
<Property name="MaxUserNameListLength">100</Property>
<Property name="ConnectionURL">ldap://MyServer:389</Property>
<Property name="ConnectionName">CN=MyUser,OU=1,OU=2,DC=a,DC=b,DC=c</Property>
<Property name="ConnectionPassword">MyPW</Property>
<Property name="UserSearchBase">DC=a,DC=b,DC=c</Property>
<Property name="UserNameListFilter">(objectClass=user)(|(memberOf=CN=MyGroup-Subscriber,OU=1,OU=2,DC=a,DC=b,DC=c)(sAMAccountName=MyUser))</Property>
<Property name="UserNameSearchFilter">(|(&(objectClass=person)(sAMAccountName=?)(memberOf=CN=MyGroup-Subscriber,OU=1,OU=2,DC=a,DC=b,DC=c))(sAMAccountName=MyUser))</Property>
<Property name="UserNameAttribute">sAMAccountName</Property>
<Property name="DisplayNameAttribute">displayName</Property>
<Property name="ReadGroups">true</Property>
<Property name="GroupSearchBase">OU=Groups,OU=1,OU=2,DC=a,DC=b,DC=c</Property>
<Property name="GroupNameListFilter">(&(objectClass=group)(cn=MyGroup*))</Property>
<Property name="GroupNameSearchFilter">(&(objectClass=group)(cn=MyGroup?))</Property>
<Property name="GroupNameAttribute">cn</Property>
<Property name="MembershipAttribute">member</Property>
<Property name="MemberOfAttribute">memberOf</Property>
<Property name="MultipleAttributeSeparator">,</Property>
<Property name="PasswordHashMethod">PLAIN_TEXT</Property>
<Property name="UserRolesCacheEnabled">true</Property>
<Property name="ReplaceEscapeCharactersAtUserLogin">true</Property>
<Property name="MaxRoleNameListLength">100</Property>
<Property name="MaxUserNameListLength">100</Property>
<Property name="SCIMEnabled">false</Property>
</UserStoreManager>
<AuthorizationManager
class="org.wso2.carbon.user.core.authorization.JDBCAuthorizationManager">
<Property name="AdminRoleManagementPermissions">/permission</Property>
<Property name="AuthorizationCacheEnabled">true</Property>
</AuthorizationManager>
</Realm>
</UserManager>
In the Api-Manager.xml configuration for the ApiKeyValidator Key We have:
<APIKeyValidator>
<!-- Server URL of the API key manager -->
<ServerURL>https://MyURL:${mgt.transport.https.port}${carbon.context}services/</ServerURL>
<!-- Admin username for API key manager.
<Username>MyUser</Username>
<!-- Admin password for API key manager. -->
<Password>MyPW</Password>
<KeyValidatorClientType>ThriftClient</KeyValidatorClientType>
<ThriftClientConnectionTimeOut>10000</ThriftClientConnectionTimeOut>
<EnableThriftServer>true</EnableThriftServer>
<ThriftServerHost>localhost</ThriftServerHost>
<KeyValidationHandlerClassName>org.wso2.carbon.apimgt.keymgt.handlers.DefaultKeyValidationHandler</KeyValidationHandlerClassName>
This error did not occur in 1.10 with the same config file entries. Is there any idea as to why this happens?
So I figured out why this occurred - This will happen if the incorrect provider is listed in the user-mgt.xml file. If you see my file above, I am trying to use ReadOnly LDAP, but I have the RDBMS provider listed instead.
Changed this line and boom, everythign is functional again.
Related
I've configured the wso2 api manager with external LDAP i.e. Microsoft Active Directory. Connectivity is set up and I'm able to see all the users in WSO2 apim user store which are present in AD. I have 4 following users in AD
Users : WSo2 Admin, WSO2 User1, WSO2 User2
But I'm able to login with just one user which I'm assigning the admin role in configuration file like below snippet.
<AdminUser>
<UserName>Wso2 Admin</UserName>
<Password>abcdef#01</Password>
</AdminUser>
Now I'll be only able to login with WSo2 Admin only, same happens for other users if I assign admin role in config file I'll be able to login.
But i want to login with every user which are present in AD i.e. WSo2 Admin, WSO2 User1, WSO2 User2
Here is my configuration file:
<?xml version="1.0" encoding="UTF-8"?>
<UserManager>
<Realm>
<Configuration>
<AddAdmin>false</AddAdmin>
<AdminRole>admin</AdminRole>
<AdminUser>
<UserName>Wso2 Admin</UserName>
<Password>abcdef#01</Password>
</AdminUser>
<EveryOneRoleName>everyone</EveryOneRoleName>
<!-- By default users in this role sees the registry root -->
<Property name="isCascadeDeleteEnabled">true</Property>
<Property name="initializeNewClaimManager">true</Property>
<Property name="dataSource">jdbc/WSO2CarbonDB</Property>
<UserStoreManager class="org.wso2.carbon.user.core.ldap.ActiveDirectoryUserStoreManager">
<Property name="TenantManager">org.wso2.carbon.user.core.tenant.CommonHybridLDAPTenantManager</Property>
<Property name="ConnectionURL">ldap://test.xxxx.com:389</Property>
<Property name="ConnectionName">CN=Wso2 Admin,OU=wso2test,DC=test,DC=xxxx,DC=com</Property>
<Property name="ConnectionPassword">abcdef#01</Property>
<Property name="AnonymousBind">false</Property>
<Property name="UserSearchBase">OU=wso2test,DC=test,DC=xxxx,DC=com</Property>
<Property name="UserEntryObjectClass">user</Property>
<Property name="UserNameAttribute">cn</Property>
<Property name="UserNameSearchFilter">(&(objectClass=user)(cn=?))</Property>
<Property name="UserNameListFilter">(objectClass=user)</Property>
<Property name="DisplayNameAttribute"/>
<Property name="ReadGroups">true</Property>
<Property name="WriteGroups">true</Property>
<Property name="GroupSearchBase">OU=wso2test,DC=test,DC=xxxx,DC=com</Property>
<Property name="GroupEntryObjectClass">group</Property>
<Property name="GroupNameAttribute">cn</Property>
<Property name="GroupNameSearchFilter">(&(objectClass=group)(cn=?))</Property>
<Property name="GroupNameListFilter">(objectcategory=group)</Property>
<Property name="MembershipAttribute">member</Property>
<Property name="MemberOfAttribute">memberOf</Property>
<Property name="BackLinksEnabled">true</Property>
<Property name="Referral">follow</Property>
<Property name="UsernameJavaRegEx">[a-zA-Z0-9._\-|//]{3,30}$</Property>
<Property name="UsernameJavaScriptRegEx">^[\S]{3,30}$</Property>
<Property name="UsernameJavaRegExViolationErrorMsg">Username pattern policy violated</Property>
<Property name="PasswordJavaRegEx">^[\S]{5,30}$</Property>
<Property name="PasswordJavaScriptRegEx">^[\S]{5,30}$</Property>
<Property name="PasswordJavaRegExViolationErrorMsg">Password length should be within 5 to 30 characters</Property>
<Property name="RolenameJavaRegEx">[a-zA-Z0-9._\-|//]{3,30}$</Property>
<Property name="RolenameJavaScriptRegEx">^[\S]{3,30}$</Property>
<Property name="SCIMEnabled">false</Property>
<Property name="IsBulkImportSupported">true</Property>
<Property name="EmptyRolesAllowed">true</Property>
<Property name="PasswordHashMethod">PLAIN_TEXT</Property>
<Property name="MultiAttributeSeparator">,</Property>
<Property name="isADLDSRole">false</Property>
<Property name="userAccountControl">512</Property>
<Property name="MaxUserNameListLength">100</Property>
<Property name="MaxRoleNameListLength">100</Property>
<Property name="MembershipAttributeRange">1500</Property>
<Property name="kdcEnabled">false</Property>
<Property name="defaultRealmName">WSO2.ORG</Property>
<Property name="UserRolesCacheEnabled">true</Property>
<Property name="ConnectionPoolingEnabled">false</Property>
<Property name="LDAPConnectionTimeout">5000</Property>
<Property name="ReadTimeout"/>
<Property name="RetryAttempts"/>
</UserStoreManager>
<AuthorizationManager class="org.wso2.carbon.user.core.authorization.JDBCAuthorizationManager">
<Property name="AdminRoleManagementPermissions">/permission</Property>
<Property name="AuthorizationCacheEnabled">true</Property>
<Property name="GetAllRolesOfUserEnabled">true</Property>
</AuthorizationManager>
</Realm>
</UserManager>
To the administrative console only admins (members of the admin group) are allowed to log in.
If you want any user to log in, you may try to find role Internal/everyone and add a permission Login to the role.
However the users by default will be able only to change their password (even that's not true until you use ldaps connection instead of ldap)
I am setting up wso2 API manager to use an external LDAP so it connects to my company's user base for logins but I am getting the following error which I can't find the reason:
2016-09-09 10:44:32,436 [-] [Start Level Event Dispatcher] ERROR Activator Cannot start User Manager Core bundle
java.lang.NullPointerException
at org.wso2.carbon.user.core.config.RealmConfigXMLProcessor.buildRealmConfiguration(RealmConfigXMLProcessor.java:367)
at org.wso2.carbon.user.core.config.RealmConfigXMLProcessor.buildRealmConfiguration(RealmConfigXMLProcessor.java:281)
at org.wso2.carbon.user.core.common.DefaultRealmService.buildBootStrapRealmConfig(DefaultRealmService.java:136)
at org.wso2.carbon.user.core.common.DefaultRealmService.<init>(DefaultRealmService.java:84)
at org.wso2.carbon.user.core.common.DefaultRealmService.<init>(DefaultRealmService.java:113)
at org.wso2.carbon.user.core.internal.Activator.startDeploy(Activator.java:68)
at org.wso2.carbon.user.core.internal.BundleCheckActivator.start(BundleCheckActivator.java:61)
at org.eclipse.osgi.framework.internal.core.BundleContextImpl$1.run(BundleContextImpl.java:711)
at java.security.AccessController.doPrivileged(Native Method)
at org.eclipse.osgi.framework.internal.core.BundleContextImpl.startActivator(BundleContextImpl.java:702)
at org.eclipse.osgi.framework.internal.core.BundleContextImpl.start(BundleContextImpl.java:683)
at org.eclipse.osgi.framework.internal.core.BundleHost.startWorker(BundleHost.java:381)
at org.eclipse.osgi.framework.internal.core.AbstractBundle.resume(AbstractBundle.java:390)
at org.eclipse.osgi.framework.internal.core.Framework.resumeBundle(Framework.java:1176)
at org.eclipse.osgi.framework.internal.core.StartLevelManager.resumeBundles(StartLevelManager.java:559)
at org.eclipse.osgi.framework.internal.core.StartLevelManager.resumeBundles(StartLevelManager.java:544)
at org.eclipse.osgi.framework.internal.core.StartLevelManager.incFWSL(StartLevelManager.java:457)
at org.eclipse.osgi.framework.internal.core.StartLevelManager.doSetStartLevel(StartLevelManager.java:243)
at org.eclipse.osgi.framework.internal.core.StartLevelManager.dispatchEvent(StartLevelManager.java:438)
at org.eclipse.osgi.framework.internal.core.StartLevelManager.dispatchEvent(StartLevelManager.java:1)
at org.eclipse.osgi.framework.eventmgr.EventManager.dispatchEvent(EventManager.java:230)
at org.eclipse.osgi.framework.eventmgr.EventManager$EventThread.run(EventManager.java:340)
Here is my user-mgt.xml:
<UserManager>
<Realm>
<Configuration>
<AddAdmin>false</AddAdmin>
<AdminRole>admin</AdminRole>
<AdminUser>
<UserName>procergs-felipe-schnack</UserName>
<!-- Password>admin</Password -->
</AdminUser>
<EveryOneRoleName>everyone</EveryOneRoleName> <!-- By default users in this role sees the registry root -->
<Property name="isCascadeDeleteEnabled">true</Property>
<Property name="dataSource">jdbc/WSO2CarbonDB</Property>
</Configuration>
<UserStoreManager class="org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager">
<Property name="TenantManager">org.wso2.carbon.user.core.tenant.CommonHybridLDAPTenantManager</Property>
<Property name="ReadOnly">true</Property>
<Property name="ConnectionURL">ldap://ldap1.procergs.reders:389</Property>
<Property name="ConnectionName">uid=wso2,ou=U4S,ou=PROCERGS,o=estado,c=br</Property>
<Property name="ConnectionPassword">xxxx</Property>
<Property name="UserSearchBase">ou=procergs,o=Estado,c=BR</Property>
<Property name="UserNameAttribute">uid</Property>
<Property name="UserNameSearchFilter">uid=?</Property>
<Property name="UserNameListFilter">(objectClass=posixAccount)</Property>
<Property name="DisplayNameAttribute">displayname</Property>
<Property name="ReadGroups">false</Property>
<Property name="GroupSearchBase">ou=system</Property>
<Property name="GroupNameAttribute">cn</Property>
<Property name="GroupNameSearchFilter">(&(objectClass=groupOfNames)(cn=?))</Property>
<Property name="GroupNameListFilter">(objectClass=groupOfNames)</Property>
<Property name="MembershipAttribute">member</Property>
<Property name="BackLinksEnabled">false</Property>
<Property name="UsernameJavaRegEx">[a-zA-Z0-9._-|//]{3,30}$</Property>
<Property name="PasswordJavaRegEx">^[\S]{5,30}$</Property>
<Property name="RolenameJavaRegEx">[a-zA-Z0-9._-|//]{3,30}$</Property>
<Property name="SCIMEnabled">false</Property>
<Property name="PasswordHashMethod">PLAIN_TEXT</Property>
<Property name="MultiAttributeSeparator">,</Property>
<Property name="MaxUserNameListLength">100</Property>
<Property name="MaxRoleNameListLength">100</Property>
<Property name="UserRolesCacheEnabled">true</Property>
<Property name="ConnectionPoolingEnabled">true</Property>
<Property name="LDAPConnectionTimeout">5000</Property>
<Property name="ReadTimeout"/>
<Property name="RetryAttempts"/>
<Property name="ReplaceEscapeCharactersAtUserLogin">true</Property>
<Property name="defaultRealmName">WSO2.ORG</Property>
</UserStoreManager>
<AuthorizationManager class="org.wso2.carbon.user.core.authorization.JDBCAuthorizationManager">
<Property name="AdminRoleManagementPermissions">/permission</Property>
<Property name="AuthorizationCacheEnabled">true</Property>
<Property name="GetAllRolesOfUserEnabled">false</Property>
</AuthorizationManager>
</Realm>
</UserManager>
What I am missing? I tried to lookup the source code in wso2 SVN repo but I am still lost.
Thanks!
Actually you need to point to a existing user in your LDAP to be the super user of the system. The super user is a special user in the system which has all the permissions to manage the system. Hence this configuration is required. You can use Ciper tool to encrypt your password and store it. You can refer this.
I am running postgres sql 9.2.1 and for the application I am building I am using Hibernate 4.2.8. I have enabled all the necessary stuffs concerning the batch processing in the hibernate config file. Also in my pojo I am using the GenerationType.SEQUENCE for my ids since I am using POstgres sequence features.
However whenever I am doing bacth update it only executes one request and return this :
o.h.e.j.batch.internal.BatchingBatch - Executing batch size: 1
This is portion of my hibernate config file:
<property name="hibernate.connection.driver_class">org.postgresql.Driver</property>
<property name="hibernate.connection.password">xxx</property>
<property name="hibernate.connection.url">jdbc:postgresql:testdb</property>
<property name="hibernate.connection.username">xxx</property>
<property name="hibernate.dialect">org.hibernate.dialect.PostgreSQL82Dialect</property>
<property name="hibernate.show_sql">true</property>
<property name="hibernate.current_session_context_class">thread</property>
<property name="hibernate.connection.autocommit">false</property>
<property name="hibernate.transaction.auto_close_session">false</property>
<property name="hibernate.transaction.flush_before_completion">false</property>
<property name="hibernate.default_entity_mode">pojo</property>
<property name="hibernate.jdbc.batch_size">40</property>
<property name="hibernate.cache.use_second_level_cache">false</property>
<property name="hibernate.order_updates">true</property>
<property name="hibernate.jdbc.batch_versioned_data">true</property>
<property name="hibernate.cache.use_query_cache">false</property>
<property name="hibernate.order_inserts">true</property>
Please assist me. I have done many searches so far but I have not come accross any that works for me.
My Current configuration is
#
<UserManager>
<Realm>
<Configuration>
<AdminRole>admin</AdminRole>
<AdminUser>
<UserName>admin</UserName>
<Password>XXXXXX</Password>
</AdminUser>
<EveryOneRoleName>everyone</EveryOneRoleName> <!-- By default users in thsi role sees the registry root -->
<!-- <ReadOnly>false</ReadOnly> -->
<MaxUserNameListLength>500</MaxUserNameListLength>
<Property name="url">jdbc:h2:repository/database/WSO2CARBON_DB</Property>
<Property name="userName">wso2carbon</Property>
<Property name="password">wso2carbon</Property>
<Property name="driverName">org.h2.Driver</Property>
<Property name="maxActive">50</Property>
<Property name="maxWait">60000</Property>
<Property name="minIdle">5</Property>
</Configuration>
<UserStoreManager
class="org.wso2.carbon.user.core.ldap.LDAPUserStoreManager">
<Property name="ConnectionURL">ldap://localhost:389</Property>
<Property name="ConnectionName">cn=admin,dc=ysd,dc=com</Property>
<Property name="ConnectionPassword">admin32</Property>
<Property name="UserSearchBase">ou=People,dc=ysd,dc=com</Property>
<Property name="UserNameListFilter">(objectClass=person)</Property>
<Property name="UserNameAttribute">uid</Property>
<Property name="ReadLDAPGroups">false</Property>
<Property name="GroupSearchBase">ou=People,dc=ysd,dc=com</Property>
<Property name="GroupSearchFilter">(objectClass=groupOfNames)</Property>
<Property name="GroupNameAttribute">cn</Property>
<Property name="MembershipAttribute">member</Property>
</UserStoreManager>
<AuthorizationManager
class="org.wso2.carbon.user.core.authorization.JDBCAuthorizationManager">
</AuthorizationManager>
</Realm>
</UserManager>`
#
Iam geeting following error while starting server.
*ERROR {org.wso2.carbon.user.core.common.DefaultRealm} - Cannot create org.wso2.carbon.user.core.ldap.LDAPUserStoreManager . Error is : null
java.lang.reflect.InvocationTargetException*
..............
............
............
Caused by: org.wso2.carbon.user.core.UserStoreException: LDAPUserStoreManager is unable to operate in Read-Write mode. This is invalid configuration. It can only operate in ReadOnly mode
at org.wso2.carbon.user.core.ldap.LDAPUserStoreManager.(LDAPUserStoreManager.java:97)
... 25 more
What is your exact requirement ? Do you want the Identity Server to do Read-Write operation on the external LDAP or do you want to do only the Read operations ?
You get this exception because you are trying to use the read only ldap user store for both read-write operations. Set the parameter <ReadOnly>false</ReadOnly>to true, then this error would go away.
But if your requirement is to use IS for both read write operations use the ApacheDSUserStoreManager. You can use the LDAPUserStoreManager for that.
I'm using SWF 2.1 with Spring 2.5.6. and am trying to get the default mapping strategy for 2.1 to work. I had previously been using the mapping strategy that was the 1.0 default (whereby the flow id was retrieved from the request parameters)
In spring MVC configuration, I'm using the simpleUrlMapping strategy (order = 1) and have declared the SimpleControllerHandlerAdapter bean.
<bean class="org.springframework.web.servlet.mvc.SimpleControllerHandlerAdapter"/>
SWF configuration:
<bean id="flowController" class="org.springframework.webflow.mvc.servlet.FlowController">
<property name="flowExecutor" ref="flowExecutor"/>
</bean><!--
Launches new flow executions and resumes existing executions. -->
<webflow:flow-executor id="flowExecutor" flow-registry="flowRegistry">
<webflow:flow-execution-repository max-executions="5" max-execution-snapshots="80"/>
</webflow:flow-executor>
<bean class="org.springframework.webflow.mvc.servlet.FlowHandlerAdapter">
<property name="flowExecutor" ref="flowExecutor" />
</bean>
<!--
Creates the registry of flow definitions for this application -->
<webflow:flow-registry id="flowRegistry" flow-builder-services="flowBuilderServices" base-path="/WEB-INF/flows">
<webflow:flow-location-pattern value="/**/*-flow.xml"/>
</webflow:flow-registry>
<webflow:flow-builder-services id="flowBuilderServices" view-factory-creator="viewFactoryCreator" development="true"/>
<bean id="viewFactoryCreator" class="org.springframework.webflow.mvc.builder.MvcViewFactoryCreator">
<property name="viewResolvers">
<list>
<ref local="beanNameViewResolver"/>
<ref local="internalResourceViewResolver"/>
</list>
</property>
</bean>
<!-- Maps request paths to flows in the flowRegistry;
e.g. a path of /hotels/booking looks for a flow with id "hotels/booking" -->
<bean class="org.springframework.webflow.mvc.servlet.FlowHandlerMapping" p:order="0">
<property name="flowRegistry" ref="flowRegistry"/>
</bean>
Here is the directory structure in the web folder:
/WEB-INF/flows/flow1-name/flow1-flow.xml
/WEB-INF/flows/flow2-name/flow2-flow.xml
/WEB-INF/flows/flow3-name/flow3-flow.xml
I have been trying to access the flows by going to
http://www.appdomain.com/flow1-name
the mapping does not work and I get a 404.
Also, how should I name subflows and where should I put them? I would like to be able to access the subflows from more than one top-level flow.
I don't know what your servlet mapping in web.xml looks like but http://www.appdomain.com/flow1-name doesn't seem to include the name of your webapp and possibly the name of your servlet mapping. Check if the DispatcherServlet is getting reached at all. You can do that by enabling the org.springframework.web and org.springframework.webflow logging categories and looking for the output.