Versions Compared

Old Version 4

changes.mady.by.user Former user

Saved on

compared with

New Version Current

changes.mady.by.user Former user

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Changed the reg_log clean up script DOCUMENTATION-8205

Table of Contents

About WSO2 API Manager

...

  • mysql.sql : Use this script for MySQL versions prior to version 5.7.

  • mysql5.7.sql : Use this script for MySQL 5.7 and later versions.

Note that if you are automatically creating databases during server startup using the -DSetup option, the mysql.sql script will be used by default to set up the database. Therefore, if you have MySQL version 5.7 set up for your server, be sure to do the following before starting the server:

  1. First, change the existing mysql.sql file to a different filename.

  2. Change the <PRODUCT_HOME>/dbscripts/mysql5.7.sql script to mysql.sql .
  3. Change the <PRODUCT_HOME>/dbscripts/identity/mysql5.7.sql script to mysql.sql .

MySQL 5.7 is only recommended for products that are based on Carbon 4.4.6 or a later version. 

How do I deploy a third-party library into the API Manager?

Copy any third-party JARs to <API-M_HOME>/repository/components/lib directory and restart the server.

Can I connect the API Manager directly to an LDAP or Active Directory where corporate identities are stored?

Yes, you can configure the API Manager MySQL 5.7 is only recommended for products that are based on Carbon 4.4.6 or a later version. 

How do I deploy a third-party library into the API Manager?

Copy any third-party JARs to <API-M_HOME>/repository/components/lib directory and restart the server.

Can I connect the API Manager directly to an LDAP or Active Directory where corporate identities are stored?

Yes, you can configure the API Manager with multiple user stores. For m ore details, see Configuring User Stores.

...

Why are the changes I did to the  Response Content Type  resource parameter of a published API not reflected in the API Store, even after saving?

If you edited the Response Content Type using the UI, please open the API's Swagger definition, do your changes, and save. Then the changes should be reflected back in the API Store. This will be fixed in a future release.

...

You can protect your server from attacks such as the Logjam attack (Man-in-the-Middle attack) by disabling weak ciphers. For more details, see  Disable weak ciphers in the WSO2 Admin Guide.

...

  • Did you change the default admin password?
    If so, you need to change the credentials stored in the <APIKeyValidator> element of the <APIM <API-M_HOME>/repository/conf/api-manager.xml file of the API Gateway node/s.

  • Have you set the priority of the SAML2SSOAuthenticator handler higher than that of the BasicAuthenticator handler in the authenticators.xml file?
    If so, the SAML2SSOAuthenticator handler tries to manage the basic authentication requests as well. Set a lower priority to the SAML2SSOAuthenticator than the BasicAuthenticator handler as follows:

    Code Block
    languagexml
    <Authenticator name="SAML2SSOAuthenticator" disabled="false">
   <Priority>0</Priority>
   <Config>
      <Parameter name="LoginPage">/carbon/admin/login.jsp</Parameter>
      <Parameter name="ServiceProviderID">carbonServer</Parameter>
      <Parameter name="IdentityProviderSSOServiceURL">https://localhost:9444/samlsso</Parameter>
      <Parameter name="NameIDPolicyFormat">urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified</Parameter>
      <Parameter name="ISAuthnReqSigned">false</Parameter>
      <!-<Parameter name="AssetionConsumerServiceURL">https://localhost:9443/acs</Parameter>->
   </Config>
</Authenticator>

...

Update the <Password>, <KeyAlias>, <KeyPassword> values under the <KeyStore> field in the <API-M_HOME>/repository/conf/carbon.xml file based on your new key store configuration.

...

The root cause for the javax.net.ssl.SSLException: Received fatal alert: unknown_ca error is because the default pack is not shipped with a CA-signed certificate. When using the API Console, the web browser sends an HTTPs request to the API Gateway. As the certificate on the Gateway is not CA-signed, the browser does not accept it.

To resolve this issue, first access the Gateway URL via a new browser tab of the same browser and accept the certificate from the browser. 

...

Tip

If you are using the API-M instance you used as the first instance in the Publish through Multiple API Gateways tutorial, you may receive the above error when trying out other tutorials. This is because you updated the environments configurations in that pack by adding two API Gateway environments under the <Environments> element,  and and commenting the <environment> element that comes by default. To overcome this error, uncomment the default configuration and delete the newly added configuration under <Environments> in the <API-M>/repository/conf/api-manager.xml file.

How can I capture the state of a system?

At the time of an error, you can use a tool called Carbon Dump (carbondump.sh) to collect all the necessary data (i.e., heap and thread dumps) from a running WSO2 API Manager instance in order to carryout a head dump and thread stack analysis. For more information on using this tool, see Capturing the state of the system in the Administration guide..sh) to collect all the necessary data (i.e., heap and thread dumps) from a running WSO2 API Manager instance in order to carryout a head dump and thread stack analysis. For more information on using this tool, see Capturing the state of the system in the Administration guide.

How can I clean up the REG_LOG table?

The REG_LOG table contains all the registry operations performed for all the registry resources in the system. When you clean up this table, you need to keep the latest record from every resource path to maintain atleast one resource reference in case of reindexing. Exceute the following query to clean this table.

Code Block
CREATE TABLE reg_log_ids_to_KEEP (
             REG_LOG_ID INTEGER,
             REG_TENANT_ID INTEGER
);

INSERT INTO reg_log_ids_to_KEEP (REG_LOG_ID, REG_TENANT_ID) 
SELECT MAX(REG_LOG_ID) AS REG_LOG_ID, REG_TENANT_ID FROM REG_LOG GROUP BY REG_PATH, REG_TENANT_ID;

DELETE FROM REG_LOG where REG_LOG_ID not in (SELECT REG_LOG_ID from reg_log_ids_to_KEEP);
drop table reg_log_ids_to_KEEP;

DELETE FROM REG_LOG WHERE REG_ACTION = 7;

Cleaning up the REG_LOG table periodically might be required if there is a large amount of data in the table, and as a result it takes a long time to process queries. Executing the query given above helps to improve the performance of the database.