WSO2 身份服务器 AuthenticationAdmin API 身份验证失败
WSO2 Identity Server AuthenticationAdmin API Authentication Failed
我正在关注这里提到的教程:
https://docs.wso2.com/display/IS500/Managing+Users+and+Roles+with+APIs
并使用页面上提供的示例代码:
http://cache.facilelogin.com/org.wso2.identity.um.sample.zip
我已将所需的 JAR 添加到 eclipse 项目中。
该项目成功构建,没有任何问题。
但是,当我 运行 项目时,出现以下错误:
log4j:WARN No appenders could be found for logger (org.apache.axiom.om.util.StAXUtils).
log4j:WARN Please initialize the log4j system properly.
org.apache.axis2.AxisFault: Authentication Failed : Invalid remote address passed - myapp
at org.apache.axis2.util.Utils.getInboundFaultFromMessageContext(Utils.java:508)
at org.apache.axis2.description.OutInAxisOperationClient.handleResponse(OutInAxisOperation.java:375)
at org.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisOperation.java:421)
at org.apache.axis2.description.OutInAxisOperationClient.executeImpl(OutInAxisOperation.java:229)
at org.apache.axis2.client.OperationClient.execute(OperationClient.java:165)
at org.wso2.carbon.authenticator.proxy.AuthenticationAdminStub.login(AuthenticationAdminStub.java:311)
at org.wso2.identity.um.sample.IdentityServerClient.main(IdentityServerClient.java:67)
这是代码:
package org.wso2.identity.um.sample;
import java.util.HashMap;
import java.util.Map;
import org.apache.axis2.context.ConfigurationContext;
import org.apache.axis2.context.ConfigurationContextFactory;
import org.apache.axis2.transport.http.HTTPConstants;
import org.wso2.carbon.authenticator.proxy.AuthenticationAdminStub;
import org.wso2.carbon.um.ws.api.WSRealmBuilder;
import org.wso2.carbon.user.core.UserRealm;
import org.wso2.carbon.user.core.UserStoreManager;
public class IdentityServerClient {
// ONE TIME TASKS WE NEED TO DO BEFORE EXECUTING THIS PROGRAM.
// TASK - 1 , CREATE a LoginOnly role from IS UI Console
// ===========================================================
// 0. Login as admin/admin
// 1. Go to Users and Roles
// 2. Click on Roles
// 3. Add New Role
// 4. Role Name : loginOnly [please use this name, since it's referred within the code below]
// 5. Click Next
// 6. Select only the 'Login' permission
// 7. Click Next
// 8. No need to select any users
// 9. Click Finish
// TASK - 2 , CREATE a custom claim IS UI Console
// ===========================================================
// 0. Login as admin/admin
// 1. Go to Claim Management
// 2. Click on http://wso2.org/claims
// 3. Click on 'Add New Claim Mapping'
// 3.1 Display Name : Business Phone
// 3.2 Description : Business Phone
// 3.3 Claim Uri : http://wso2.org/claims/businessphone
// 3.4 Mapped Attribute : http://wso2.org/claims/businessphone
// 3.5 Support by default : Checked
// 3.6 The rest can be kept blank
private final static String SERVER_URL = "https://localhost:9443/services/";
private final static String APP_ID = "myapp";
/**
* @param args
*/
public static void main(String[] args) {
AuthenticationAdminStub authstub = null;
ConfigurationContext configContext = null;
String cookie = null;
String newUser = "prabath2";
System.setProperty("javax.net.ssl.trustStore", "wso2carbon.jks");
System.setProperty("javax.net.ssl.trustStorePassword", "wso2carbon");
try {
configContext = ConfigurationContextFactory.createConfigurationContextFromFileSystem(
"repo", "repo/conf/client.axis2.xml");
authstub = new AuthenticationAdminStub(configContext, SERVER_URL
+ "AuthenticationAdmin");
// Authenticates as a user having rights to add users.
if (authstub.login("admin", "admin", APP_ID)) {
cookie = (String) authstub._getServiceClient().getServiceContext().getProperty(
HTTPConstants.COOKIE_STRING);
UserRealm realm = WSRealmBuilder.createWSRealm(SERVER_URL, cookie, configContext);
UserStoreManager storeManager = realm.getUserStoreManager();
// Add a new role - with no users - with APP_ID as the role name
if (!storeManager.isExistingRole(APP_ID)) {
storeManager.addRole(APP_ID, null, null);
System.out.println("The role added successfully to the system");
} else {
System.out.println("The role trying to add - alraedy there in the system");
}
if (!storeManager.isExistingUser(newUser)) {
// Let's the this user to APP_ID role we just created.
// First let's create claims for users.
// If you are using a claim that does not exist in default IS instance,
Map<String, String> claims = new HashMap<String, String>();
// TASK-1 and TASK-2 should be completed by now.
// Here I am using an already existing claim
claims.put("http://wso2.org/claims/businessphone", "0112842302");
// Here we pass null for the profile - so it will use the default profile.
storeManager.addUser(newUser, "password", new String[] { APP_ID, "loginOnly" },
claims, null);
System.out.println("The use added successfully to the system");
} else {
System.out.println("The user trying to add - alraedy there in the system");
}
// Now let's see the given user [newUser] belongs to the role APP_ID.
String[] userRoles = storeManager.getRoleListOfUser(newUser);
boolean found = false;
if (userRoles != null) {
for (int i = 0; i < userRoles.length; i++) {
if (APP_ID.equals(userRoles[i])) {
found = true;
System.out.println("The user is in the required role");
break;
}
}
}
if (!found){
System.out.println("The user is NOT in the required role");
}
}
} catch (Exception e) {
e.printStackTrace();
}
}
}
我已经设置了
<HideAdminServiceWSDLs>
/repository/conf/carbon.xml 文件中 false 的元素。
以下 Web 服务 URL 在 Web 浏览器中打开时没有任何问题:
https://localhost:9443/services/AuthenticationAdmin?wsdl
求推荐。
尝试将运行客户端的 IP 地址或主机名作为 login() 方法调用的第三个参数传递
例如
authstub.login("admin", "admin", "localhost")
我正在关注这里提到的教程: https://docs.wso2.com/display/IS500/Managing+Users+and+Roles+with+APIs
并使用页面上提供的示例代码: http://cache.facilelogin.com/org.wso2.identity.um.sample.zip
我已将所需的 JAR 添加到 eclipse 项目中。 该项目成功构建,没有任何问题。 但是,当我 运行 项目时,出现以下错误:
log4j:WARN No appenders could be found for logger (org.apache.axiom.om.util.StAXUtils). log4j:WARN Please initialize the log4j system properly. org.apache.axis2.AxisFault: Authentication Failed : Invalid remote address passed - myapp at org.apache.axis2.util.Utils.getInboundFaultFromMessageContext(Utils.java:508) at org.apache.axis2.description.OutInAxisOperationClient.handleResponse(OutInAxisOperation.java:375) at org.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisOperation.java:421) at org.apache.axis2.description.OutInAxisOperationClient.executeImpl(OutInAxisOperation.java:229) at org.apache.axis2.client.OperationClient.execute(OperationClient.java:165) at org.wso2.carbon.authenticator.proxy.AuthenticationAdminStub.login(AuthenticationAdminStub.java:311) at org.wso2.identity.um.sample.IdentityServerClient.main(IdentityServerClient.java:67)
这是代码:
package org.wso2.identity.um.sample;
import java.util.HashMap;
import java.util.Map;
import org.apache.axis2.context.ConfigurationContext;
import org.apache.axis2.context.ConfigurationContextFactory;
import org.apache.axis2.transport.http.HTTPConstants;
import org.wso2.carbon.authenticator.proxy.AuthenticationAdminStub;
import org.wso2.carbon.um.ws.api.WSRealmBuilder;
import org.wso2.carbon.user.core.UserRealm;
import org.wso2.carbon.user.core.UserStoreManager;
public class IdentityServerClient {
// ONE TIME TASKS WE NEED TO DO BEFORE EXECUTING THIS PROGRAM.
// TASK - 1 , CREATE a LoginOnly role from IS UI Console
// ===========================================================
// 0. Login as admin/admin
// 1. Go to Users and Roles
// 2. Click on Roles
// 3. Add New Role
// 4. Role Name : loginOnly [please use this name, since it's referred within the code below]
// 5. Click Next
// 6. Select only the 'Login' permission
// 7. Click Next
// 8. No need to select any users
// 9. Click Finish
// TASK - 2 , CREATE a custom claim IS UI Console
// ===========================================================
// 0. Login as admin/admin
// 1. Go to Claim Management
// 2. Click on http://wso2.org/claims
// 3. Click on 'Add New Claim Mapping'
// 3.1 Display Name : Business Phone
// 3.2 Description : Business Phone
// 3.3 Claim Uri : http://wso2.org/claims/businessphone
// 3.4 Mapped Attribute : http://wso2.org/claims/businessphone
// 3.5 Support by default : Checked
// 3.6 The rest can be kept blank
private final static String SERVER_URL = "https://localhost:9443/services/";
private final static String APP_ID = "myapp";
/**
* @param args
*/
public static void main(String[] args) {
AuthenticationAdminStub authstub = null;
ConfigurationContext configContext = null;
String cookie = null;
String newUser = "prabath2";
System.setProperty("javax.net.ssl.trustStore", "wso2carbon.jks");
System.setProperty("javax.net.ssl.trustStorePassword", "wso2carbon");
try {
configContext = ConfigurationContextFactory.createConfigurationContextFromFileSystem(
"repo", "repo/conf/client.axis2.xml");
authstub = new AuthenticationAdminStub(configContext, SERVER_URL
+ "AuthenticationAdmin");
// Authenticates as a user having rights to add users.
if (authstub.login("admin", "admin", APP_ID)) {
cookie = (String) authstub._getServiceClient().getServiceContext().getProperty(
HTTPConstants.COOKIE_STRING);
UserRealm realm = WSRealmBuilder.createWSRealm(SERVER_URL, cookie, configContext);
UserStoreManager storeManager = realm.getUserStoreManager();
// Add a new role - with no users - with APP_ID as the role name
if (!storeManager.isExistingRole(APP_ID)) {
storeManager.addRole(APP_ID, null, null);
System.out.println("The role added successfully to the system");
} else {
System.out.println("The role trying to add - alraedy there in the system");
}
if (!storeManager.isExistingUser(newUser)) {
// Let's the this user to APP_ID role we just created.
// First let's create claims for users.
// If you are using a claim that does not exist in default IS instance,
Map<String, String> claims = new HashMap<String, String>();
// TASK-1 and TASK-2 should be completed by now.
// Here I am using an already existing claim
claims.put("http://wso2.org/claims/businessphone", "0112842302");
// Here we pass null for the profile - so it will use the default profile.
storeManager.addUser(newUser, "password", new String[] { APP_ID, "loginOnly" },
claims, null);
System.out.println("The use added successfully to the system");
} else {
System.out.println("The user trying to add - alraedy there in the system");
}
// Now let's see the given user [newUser] belongs to the role APP_ID.
String[] userRoles = storeManager.getRoleListOfUser(newUser);
boolean found = false;
if (userRoles != null) {
for (int i = 0; i < userRoles.length; i++) {
if (APP_ID.equals(userRoles[i])) {
found = true;
System.out.println("The user is in the required role");
break;
}
}
}
if (!found){
System.out.println("The user is NOT in the required role");
}
}
} catch (Exception e) {
e.printStackTrace();
}
}
}
我已经设置了
<HideAdminServiceWSDLs>
/repository/conf/carbon.xml 文件中 false 的元素。
以下 Web 服务 URL 在 Web 浏览器中打开时没有任何问题:
https://localhost:9443/services/AuthenticationAdmin?wsdl
求推荐。
尝试将运行客户端的 IP 地址或主机名作为 login() 方法调用的第三个参数传递
例如
authstub.login("admin", "admin", "localhost")