删除默认的 api 身份验证处理程序并添加 myCustoms 处理程序时出错,知道吗?

Getting error when removing the defalt apiAuthentication handler and adding myCustomhandler, any idea?

(以前它工作正常但没有改变什么) 当我从突触配置中删除默认处理程序并添加我的自定义处理程序时,它给出了这个错误

[2022-01-13 10:44:41,924] ERROR - ServerWorker Error processing POST request for : /dev/21.2/ext-rt/publish/TestTenant/SmooksProviderTranslation.csv.

java.lang.NullPointerException: null
        at org.wso2.carbon.apimgt.gateway.handlers.throttling.ThrottleHandler.doRoleBasedAccessThrottlingWithCEP_aroundBody0(ThrottleHandler.java:193) ~[org.wso2.carbon.apimgt.gateway_6.7.206.jar:?]
        at org.wso2.carbon.apimgt.gateway.handlers.throttling.ThrottleHandler.doRoleBasedAccessThrottlingWithCEP(ThrottleHandler.java:145) ~[org.wso2.carbon.apimgt.gateway_6.7.206.jar:?]
        at org.wso2.carbon.apimgt.gateway.handlers.throttling.ThrottleHandler.doThrottle_aroundBody12(ThrottleHandler.java:585) ~[org.wso2.carbon.apimgt.gateway_6.7.206.jar:?]
        at org.wso2.carbon.apimgt.gateway.handlers.throttling.ThrottleHandler.doThrottle(ThrottleHandler.java:562) ~[org.wso2.carbon.apimgt.gateway_6.7.206.jar:?]
        at org.wso2.carbon.apimgt.gateway.handlers.throttling.ThrottleHandler.handleRequest_aroundBody8(ThrottleHandler.java:522) ~[org.wso2.carbon.apimgt.gateway_6.7.206.jar:?]
        at org.wso2.carbon.apimgt.gateway.handlers.throttling.ThrottleHandler.handleRequest(ThrottleHandler.java:503) ~[org.wso2.carbon.apimgt.gateway_6.7.206.jar:?]
        at org.apache.synapse.rest.API.process(API.java:373) ~[synapse-core_2.1.7.wso2v183.jar:2.1.7-wso2v183]
        at org.apache.synapse.rest.RESTRequestHandler.apiProcessNonDefaultStrategy(RESTRequestHandler.java:144) ~[synapse-core_2.1.7.wso2v183.jar:2.1.7-wso2v183]
        at org.apache.synapse.rest.RESTRequestHandler.identifyAPI(RESTRequestHandler.java:164) ~[synapse-core_2.1.7.wso2v183.jar:2.1.7-wso2v183]
        at org.apache.synapse.rest.RESTRequestHandler.dispatchToAPI(RESTRequestHandler.java:95) ~[synapse-core_2.1.7.wso2v183.jar:2.1.7-wso2v183]
        at org.apache.synapse.rest.RESTRequestHandler.process(RESTRequestHandler.java:73) ~[synapse-core_2.1.7.wso2v183.jar:2.1.7-wso2v183]
        at org.apache.synapse.core.axis2.Axis2SynapseEnvironment.injectMessage(Axis2SynapseEnvironment.java:331) ~[synapse-core_2.1.7.wso2v183.jar:2.1.7-wso2v183]
        at org.apache.synapse.core.axis2.SynapseMessageReceiver.receive(SynapseMessageReceiver.java:99) ~[synapse-core_2.1.7.wso2v183.jar:2.1.7-wso2v183]
        at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:180) ~[axis2_1.6.1.wso2v41.jar:?]
        at org.apache.synapse.transport.passthru.ServerWorker.processNonEntityEnclosingRESTHandler(ServerWorker.java:367) [synapse-nhttp-transport_2.1.7.wso2v183.jar:?]
        at org.apache.synapse.transport.passthru.ServerWorker.processEntityEnclosingRequest(ServerWorker.java:426) [synapse-nhttp-transport_2.1.7.wso2v183.jar:?]
        at org.apache.synapse.transport.passthru.ServerWorker.run(ServerWorker.java:181) [synapse-nhttp-transport_2.1.7.wso2v183.jar:?]
        at org.apache.axis2.transport.base.threads.NativeWorkerPool.run(NativeWorkerPool.java:172) [axis2_1.6.1.wso2v41.jar:?]
        at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128) [?:?]
        at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628) [?:?]
        at java.lang.Thread.run(Thread.java:834) [?:?]

下面是来自 myCustomHandler.java class 的 authenticate() 方法,它具有 AuthenticationContext 对象

    public boolean authenticate(MessageContext synCtx) throws APISecurityException {
    Map headers = getTransportHeaders(synCtx);
    String authHeader = getAuthorizationHeader(headers);
    String postmanToken = getPostmanToken(headers);

    String clientIP = "10.110.67.195";

    org.apache.axis2.context.MessageContext axis2MessageContext = ((Axis2MessageContext) synCtx)
            .getAxis2MessageContext();
    AuthenticationContext authContext = new AuthenticationContext();
    authContext.setAuthenticated(true);

    // Can modify to support scopes based throttle policy selection
    authContext.setTier(APIConstants.UNLIMITED_TIER);
    authContext.setStopOnQuotaReach(true);
    authContext.setApiKey(clientIP);
    authContext.setKeyType(APIConstants.API_KEY_TYPE_PRODUCTION);
    authContext.setUsername((String) axis2MessageContext.getProperty("user"));
    authContext.setCallerToken(null);
    authContext.setApplicationName(null);
    authContext.setApplicationId(clientIP);
    authContext.setConsumerKey(null);
    log.debug("**** applicationID is --- " + authContext.getApplicationId());
    APISecurityUtils.setAuthenticationContext(synCtx, authContext, null);

    System.out.println("**** TE is HERE");
    log.debug("**** TE is HERE2");
    log.debug("**** Header is --- " + headers);
    log.debug("**** AuthHeader is --- " + authHeader);
    log.debug("**** Postman token  is --- " + postmanToken);

    return true;
    /*
     * if (authHeader.startsWith("Bearer ")) { return true; } return false;
     */
}

我认为问题出在 AuthenticationContext 对象上。我们在身份验证处理程序(在每个身份验证器 [1] 中)填充 authContext 对象,并在节流处理程序 [2] 中使用该对象。当您用自定义处理程序替换身份验证处理程序时,您可能错过了填充此对象的机会。尝试将此对象填充为 [1].

[1] - https://github.com/wso2/carbon-apimgt/blob/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.gateway/src/main/java/org/wso2/carbon/apimgt/gateway/handlers/security/oauth/OAuthAuthenticator.java#L301 [2] - https://github.com/wso2/carbon-apimgt/blob/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.gateway/src/main/java/org/wso2/carbon/apimgt/gateway/handlers/throttling/ThrottleHandler.java#L193