通过WSO2 APIM中的JWT令牌将最终用户详细信息从客户端传递到真实的后端端点 [英] Passing end-user details from client to real backend endpoint via JWT token in WSO2 APIM

问题描述

我是使用版本1.9.1的WSO2 API Manager的新手.我正在尝试实现WSO2 APIM + JWT assertion，方法是查看

I am new to WSO2 API Manager using version 1.9.1. I am trying to implement the WSO2 APIM + JWT assertion looking at http://lalajisureshika.blogspot.in/2013/06/passing-end-user-details-from-client-to.html and http://sumedha.blogspot.in/2012/08/using-jwt-to-send-application-user.html (but the steps are not too good enough to understand). I changed following from <APIM_HOME>/repository/conf/api-manager.xml

<APIConsumerAuthentication>
    <SecurityContextHeader>X-JWT-Assertion</SecurityContextHeader>
    <ClaimsRetrieverImplClass>org.wso2.carbon.apimgt.impl.token.DefaultClaimsRetriever</ClaimsRetrieverImplClass>
    <ConsumerDialectURI>http://wso2.org/claims</ConsumerDialectURI>
    <SignatureAlgorithm>SHA256withRSA</SignatureAlgorithm>
    <EnableTokenGeneration>true</EnableTokenGeneration>
</APIConsumerAuthentication>

请找到几张图片的附件，以便对失败有更多的了解:

Please find attachment of few images, so it will give more idea about the failure:

我还订阅了我的应用程序，当尝试从"API控制台" 执行命令时，我看到了非常有线的错误.

I also subscribe my application and when try to execute command from "API Console", I see very wired error.

也显示TCP/IP监视工具

Also TCP/IP Monitor tool shows

请帮助我，这是什么问题?

推荐答案

可以提供打印在 wso2carbon.log (< APIM主页>/reposiory/logs)中的错误日志吗?终端.找出错误原因将更为有用.

Can you provide the error log which is printed in the wso2carbon.log (< APIM Home>/reposiory/logs) or terminal. it will be more useful to identify the reason to you error.

或者您可以尝试其他方法来捕获外发邮件，如下所述

or else you can try other way To capture the outgoing message as mentioned below

取消注释
log4j.logger.org.apache.synapse.transport.http.headers = DEBUG log4j.logger.org.apache.synapse.transport.http.wire = DEBUG

Uncomment
log4j.logger.org.apache.synapse.transport.http.headers=DEBUG log4j.logger.org.apache.synapse.transport.http.wire=DEBUG

位于log4j.properties文件中，该文件可从{AM_Home}/repository/conf

in the log4j.properties file which can be found from {AM_Home}/repository/conf

重新启动服务器并调用订阅的api.您会在带有JWT-Assertion的APIM中收到这样的消息.

restart server and invoke the subscribed api. you will get message like this in APIM with JWT-Assertion.

TID: [0] [AM] [2013-06-29 09:05:05,548] DEBUG {org.apache.synapse.transport.http.headers} -  http-outgoing-1>>X-JWT-Assertion: eyJ0eXAiOiJKV1QiLCJhbGciOiJTSEEyNTZ3aXRoUlNBIiwieDV0IjoiTm1KbU9HVXhNelpsWWpNMlpEUmhOVFpsWVRBMVl6ZGhaVFJpT1dFME5XSTJNMkptT1RjMVpBPT0ifQ==.eyJpc3MiOiJ3c28yLm9yZy9wcm9kdWN0cy9hbSIsImV4cCI6MTM3MjUyMjgwNTE3NywiaHR0cDovL3dzbzIub3JnL2NsYWltcy9zdWJzY3JpYmVyIjoibGFsYWppIiwiaHR0cDovL3dzbzIub3JnL2NsYWltcy9hcHBsaWNhdGlvbmlkIjoiMSIsImh0dHA6Ly93c28yLm9yZy9jbGFpbXMvYXBwbGljYXRpb25uYW1lIjoiRGVmYXVsdEFwcGxpY2F0aW9uIiwiaHR0cDovL3dzbzIub3JnL2NsYWltcy9hcHBsaWNhdGlvbnRpZXIiOiJVbmxpbWl0ZWQiLCJodHRwOi8vd3NvMi5vcmcvY2xhaW1zL2FwaWNvbnRleHQiOiIvYXBpMSIsImh0dHA6Ly93c28yLm9yZy9jbGFpbXMvdmVyc2lvbiI6IjEuMi4zIiwiaHR0cDovL3dzbzIub3JnL2NsYWltcy90aWVyIjoiVW5saW1pdGVkIiwiaHR0cDovL3dzbzIub3JnL2NsYWltcy9rZXl0eXBlIjoiUFJPRFVDVElPTiIsImh0dHA6Ly93c28yLm9yZy9jbGFpbXMvdXNlcnR5cGUiOiJBUFBMSUNBVElPTiIsImh0dHA6Ly93c28yLm9yZy9jbGFpbXMvZW5kdXNlciI6ImxhbGFqaSIsImh0dHA6Ly93c28yLm9yZy9jbGFpbXMvZW5kdXNlclRlbmFudElkIjoiLTEyMzQifQ==.YtVaDtRYtfUkVDvwe9V8oqsXK8OkB4HUhsQS2z3ngWRNjAktSKWlH+Is9T5EQnsg8hrsJQ4nKDdwDWHAUIFxIsb7bX/Y1O+WSLMLZYQ11WVzFaw50BJuqPbL9ZOfux1iRnm4ZbxClVSan72g/w8a05UnCvsGyIh5oCP4RUsAhXo= {org.apache.synapse.transport.http.headers}

这篇关于通过WSO2 APIM中的JWT令牌将最终用户详细信息从客户端传递到真实的后端端点的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！