Reputation: 85
We've deployed WSO2 API Manager 2.0 and it's working fine. Although we are facing an issue with the swagger console, which is not loading and returns Can't read swagger JSON from https://myapimanager.com/store/api-docs/admin/PizzaShackAPI/1.0.0?envName=undefined
.
Although the logs from the server do not show anything, we were able to find the issue. The issue is that when we try to open that web page it gives
Error 404 : Resource cannot be found.
The resource you are looking for might have been removed,had its name changed, is temporarily unavailable or does not exist.
.
Additionally, we've found out that if we only request the page
https://myapimanager.com/store/api-docs
it returns
Error 500 : The page cannot be displayed. The server encountered an internal error or misconfiguration and was unable to complete your request.
and the API Manager logs return:
ERROR - WebAppManager org.mozilla.javascript.WrappedException: Wrapped org.wso2.carbon.registry.core.secure.AuthorizationFailedException: User wso2.anonymous.user is not authorized to read the resource /_system/governance/apimgt/applicationdata/provider/store//api-docs/swagger.json. (/store/site/blocks/api-doc/ajax/get.jag#90)
org.jaggeryjs.scriptengine.exceptions.ScriptException: org.mozilla.javascript.WrappedException: Wrapped org.wso2.carbon.registry.core.secure.AuthorizationFailedException: User wso2.anonymous.user is not authorized to read the resource /_system/governance/apimgt/applicationdata/provider/store//api-docs/swagger.json. (/store/site/blocks/api-doc/ajax/get.jag#90)
at org.jaggeryjs.scriptengine.engine.RhinoEngine.execScript(RhinoEngine.java:571)
at org.jaggeryjs.scriptengine.engine.RhinoEngine.exec(RhinoEngine.java:273)
at org.jaggeryjs.jaggery.core.manager.WebAppManager.exec(WebAppManager.java:588)
at org.jaggeryjs.jaggery.core.manager.WebAppManager.execute(WebAppManager.java:508)
at org.jaggeryjs.jaggery.core.JaggeryServlet.doGet(JaggeryServlet.java:24)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:624)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:731)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:303)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
at org.apache.catalina.core.ApplicationDispatcher.invoke(ApplicationDispatcher.java:747)
at org.apache.catalina.core.ApplicationDispatcher.processRequest(ApplicationDispatcher.java:485)
at org.apache.catalina.core.ApplicationDispatcher.doForward(ApplicationDispatcher.java:377)
at org.apache.catalina.core.ApplicationDispatcher.forward(ApplicationDispatcher.java:337)
at org.jaggeryjs.jaggery.core.JaggeryFilter.doFilter(JaggeryFilter.java:21)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
at org.apache.catalina.filters.HttpHeaderSecurityFilter.doFilter(HttpHeaderSecurityFilter.java:120)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:220)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:122)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:505)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:169)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:103)
at org.wso2.carbon.tomcat.ext.valves.CompositeValve.continueInvocation(CompositeValve.java:99)
at org.wso2.carbon.tomcat.ext.valves.CarbonTomcatValve$1.invoke(CarbonTomcatValve.java:47)
at org.wso2.carbon.webapp.mgt.TenantLazyLoaderValve.invoke(TenantLazyLoaderValve.java:57)
at org.wso2.carbon.event.receiver.core.internal.tenantmgt.TenantLazyLoaderValve.invoke(TenantLazyLoaderValve.java:48)
at org.wso2.carbon.tomcat.ext.valves.TomcatValveContainer.invokeValves(TomcatValveContainer.java:47)
at org.wso2.carbon.tomcat.ext.valves.CompositeValve.invoke(CompositeValve.java:62)
at org.wso2.carbon.tomcat.ext.valves.CarbonStuckThreadDetectionValve.invoke(CarbonStuckThreadDetectionValve.java:159)
at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:956)
at org.wso2.carbon.tomcat.ext.valves.CarbonContextCreatorValve.invoke(CarbonContextCreatorValve.java:57)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:116)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:436)
at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1078)
at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:625)
at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1749)
at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.run(NioEndpoint.java:1708)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
at java.lang.Thread.run(Thread.java:745)
Caused by: org.mozilla.javascript.WrappedException: Wrapped org.wso2.carbon.registry.core.secure.AuthorizationFailedException: User wso2.anonymous.user is not authorized to read the resource /_system/governance/apimgt/applicationdata/provider/store//api-docs/swagger.json. (/store/site/blocks/api-doc/ajax/get.jag#90)
at org.mozilla.javascript.Context.throwAsScriptRuntimeEx(Context.java:1754)
at org.mozilla.javascript.MemberBox.invoke(MemberBox.java:148)
at org.mozilla.javascript.NativeJavaMethod.call(NativeJavaMethod.java:225)
at org.mozilla.javascript.optimizer.OptRuntime.call1(OptRuntime.java:32)
at org.jaggeryjs.rhino.store.site.blocks.api_doc.ajax.c0._c_anonymous_1(/store/site/blocks/api-doc/ajax/get.jag:90)
at org.jaggeryjs.rhino.store.site.blocks.api_doc.ajax.c0.call(/store/site/blocks/api-doc/ajax/get.jag)
at org.mozilla.javascript.optimizer.OptRuntime.call0(OptRuntime.java:23)
at org.jaggeryjs.rhino.store.site.blocks.api_doc.ajax.c0._c_script_0(/store/site/blocks/api-doc/ajax/get.jag:11)
at org.jaggeryjs.rhino.store.site.blocks.api_doc.ajax.c0.call(/store/site/blocks/api-doc/ajax/get.jag)
at org.mozilla.javascript.ContextFactory.doTopCall(ContextFactory.java:394)
at org.mozilla.javascript.ScriptRuntime.doTopCall(ScriptRuntime.java:3091)
at org.jaggeryjs.rhino.store.site.blocks.api_doc.ajax.c0.call(/store/site/blocks/api-doc/ajax/get.jag)
at org.jaggeryjs.rhino.store.site.blocks.api_doc.ajax.c0.exec(/store/site/blocks/api-doc/ajax/get.jag)
at org.jaggeryjs.scriptengine.engine.RhinoEngine.execScript(RhinoEngine.java:567)
... 45 more
Caused by: org.wso2.carbon.registry.core.secure.AuthorizationFailedException: User wso2.anonymous.user is not authorized to read the resource /_system/governance/apimgt/applicationdata/provider/store//api-docs/swagger.json.
at org.wso2.carbon.registry.core.caching.CacheBackedRegistry.get(CacheBackedRegistry.java:195)
at org.wso2.carbon.registry.core.session.UserRegistry.getInternal(UserRegistry.java:617)
at org.wso2.carbon.registry.core.session.UserRegistry.access$400(UserRegistry.java:61)
at org.wso2.carbon.registry.core.session.UserRegistry$5.run(UserRegistry.java:597)
at org.wso2.carbon.registry.core.session.UserRegistry$5.run(UserRegistry.java:594)
at java.security.AccessController.doPrivileged(Native Method)
at org.wso2.carbon.registry.core.session.UserRegistry.get(UserRegistry.java:594)
at org.wso2.carbon.registry.core.session.UserRegistry.get(UserRegistry.java:61)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at org.mozilla.javascript.MemberBox.invoke(MemberBox.java:126)
... 57 more
As you can see, it logs something about an anonymous user which is trying to access but has no permissions.
Swagger is a great feature to have in the API Description and we would like to keep it.
Thanks in advance! Best Regards
Upvotes: 4
Views: 919
Reputation: 12513
In the path of swagger.json
, there is an extra slash in the middle.
/_system/governance/apimgt/applicationdata/provider/store//api-docs/swagger.json
Make sure you have set proxy_path
for store like this. (No slash at the end)
proxy_pass https://localhost:9443/store
Similar was experienced here as well.
Upvotes: 2