3
我已經使用以下鏈接將wso2身份服務器配置爲wso2 API經理的密鑰管理器。 1應用程序用戶令牌在WSO2 API管理器中導致資源禁用錯誤
我創建通過WSO2 API管理器API publisher.And我已經給驗證類型爲應用&應用程序用戶。
當我通過應用程序令牌調用api時,它很好。但是當我使用用戶令牌時,它給了我這個錯誤。
<ams:fault xmlns:ams="http://wso2.org/apimanager/security"><ams:code>900908</ams:code>
<ams:message>Resource forbidden </ams:message>
<ams:description>Access failure for API: /t/dev-peakhealth.com/dev-api/1.0, version: 1.0</ams:description>
</ams:fault>
API管理日誌:
TID: [3] [] [2016-06-13 19:18:07,074] @dev-peakhealth.com [3] [AM]DEBUG {org.wso2.carbon.apimgt.gateway.handlers.security.APIAuthenticationHandler} - Call to API gateway : API call failed reason=API_authentication_failure [email protected] transactionId=urn:uuid:63675ed0-1b95-4a06-9b2c-b3f7ad3daa18 with userAgent=curl/7.35.0 with accessToken=Bearer ca8569957cf1fb5d58f5b70d9649d982 for requestURI=/t/dev-peakhealth.com/dev-api/1.0/careplans at time=Mon Jun 13 19:18:07 IST 2016 from clientIP=192.168.4.31, elapsedTimeInMilliseconds=0 {org.wso2.carbon.apimgt.gateway.handlers.security.APIAuthenticationHandler}
TID: [3] [] [2016-06-13 19:18:07,074] @dev-peakhealth.com [3] [AM] WARN {org.wso2.carbon.apimgt.gateway.handlers.security.APIAuthenticationHandler} - API authentication failure due to Resource forbidden {org.wso2.carbon.apimgt.gateway.handlers.security.APIAuthenticationHandler}
TID: [3] [] [2016-06-13 19:18:07,075] @dev-peakhealth.com [3] [AM]DEBUG {org.wso2.carbon.apimgt.gateway.handlers.security.APIAuthenticationHandler} - API authentication failed with error 900908 {org.wso2.carbon.apimgt.gateway.handlers.security.APIAuthenticationHandler}
org.wso2.carbon.apimgt.gateway.handlers.security.APISecurityException: Access failure for API: /t/dev-peakhealth.com/dev-api/1.0, version: 1.0
at org.wso2.carbon.apimgt.gateway.handlers.security.oauth.OAuthAuthenticator.authenticate(OAuthAuthenticator.java:221)
at org.wso2.carbon.apimgt.gateway.handlers.security.APIAuthenticationHandler.handleRequest(APIAuthenticationHandler.java:130)
at org.apache.synapse.rest.API.process(API.java:322)
at org.apache.synapse.rest.RESTRequestHandler.dispatchToAPI(RESTRequestHandler.java:86)
at org.apache.synapse.rest.RESTRequestHandler.process(RESTRequestHandler.java:65)
at org.apache.synapse.core.axis2.Axis2SynapseEnvironment.injectMessage(Axis2SynapseEnvironment.java:295)
at org.apache.synapse.core.axis2.SynapseMessageReceiver.receive(SynapseMessageReceiver.java:83)
at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:180)
at org.wso2.carbon.core.multitenancy.MultitenantMessageReceiver.processRESTRequest(MultitenantMessageReceiver.java:617)
at org.wso2.carbon.core.multitenancy.MultitenantMessageReceiver.doNhttpREST(MultitenantMessageReceiver.java:556)
at org.wso2.carbon.core.multitenancy.MultitenantMessageReceiver.doREST(MultitenantMessageReceiver.java:366)
at org.wso2.carbon.core.multitenancy.MultitenantMessageReceiver.processRequest(MultitenantMessageReceiver.java:224)
at org.wso2.carbon.core.multitenancy.MultitenantMessageReceiver.receive(MultitenantMessageReceiver.java:78)
at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:180)
at org.apache.synapse.transport.passthru.ServerWorker.processNonEntityEnclosingRESTHandler(ServerWorker.java:317)
at org.apache.synapse.transport.passthru.ServerWorker.run(ServerWorker.java:149)
at org.apache.axis2.transport.base.threads.NativeWorkerPool$1.run(NativeWorkerPool.java:172)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
at java.lang.Thread.run(Thread.java:745)
請幫助解決這一點。
您在API中定義的資源及其auth類型是什麼? –
我提到auth類型爲所有資源的Application&Application用戶。 –