Changing the Default Ports with Offset
Port offset can be passed to the server during startup. The following command starts the server with the default port incremented by 3.
./wso2server.sh -DportOffset=3
Alternatively, you can set it in the Ports section of <PRODUCT_HOME>/repository/conf/carbon.xml
as follows:
<Offset>3</Offset>
Changing endpoints of default APIs
After offsetting a port, be sure to edit any hard-coded endpoints used in a product, if there are any, according to the offset. There are few default APIs deployed in the API Manager with hard-coded endpoints. For example, the Login API's Token endpoint URL is hardcoded as follows: <address uri="https://localhost:9443/oauth2endpoints/token">.
If you offset the Key Manger node's port by 2, change the token endpoint URL to <address uri="
. https://localhost:9445/oauth2endpoints/token
"/>
Find all default APIs of the API Manager in <APIM_HOME>/repository/deployment/server/synapse-configs/default/api
folder. Few examples are Authorize API, Login API, Token API and Revoke API.
Changing the Thrift client and server ports
The port offset specified earlier in carbon.xml does not affect the ports of the Thrift client and server because Thrift is run as a separate server within the Carbon server. Therefore, you must change the Thrift ports separately using <ThriftClientPort>
and <ThriftServerPort>
elements in the <APIM_HOME>/repository/conf/api-manager.xml
file. For example, the following configuration sets an offset of 2 to the default Thrift port, which is 10397:
<!-- Configurations related to enable thrift support for key-management related communication. If you want to switch back to Web Service Client, change the value of "KeyValidatorClientType" to "WSClient". In a distributed environment; -If you are at the Gateway node, you need to point "ThriftClientPort" value to the "ThriftServerPort" value given at KeyManager node. -If you need to start two API Manager instances in the same machine, you need to give different ports to "ThriftServerPort" value in two nodes. -ThriftServerHost - Allows to configure a hostname for the thrift server. It uses the carbon hostname by default. --> <KeyValidatorClientType>ThriftClient</KeyValidatorClientType> <ThriftClientPort>10399</ThriftClientPort> <ThriftClientConnectionTimeOut>10000</ThriftClientConnectionTimeOut> <ThriftServerPort>10399</ThriftServerPort> <!--ThriftServerHost>localhost</ThriftServerHost--> <EnableThriftServer>true</EnableThriftServer>
When you run multiple instances of the API Manager in distributed mode, the Gateway and Key Manager (used for validation and authentication) can run on two different JVMs. When the API Gateway receives API invocation calls, it contacts the API Key Manager service for verification (given that caching is not enabled at the Gateway level). Communication between API Gateway and Key Manager happens in either of the following ways: Â
- Through a Web service call
- Through a Thrift call
The default communication mode is using Thrift. Assume that the Gateway port is offset by 2, Key Manager port by 5 and the default Thrift port is 10397. If the Thrift ports are changed by the offsets of Gateway and Key Manager, the Thrift client port (Gateway) will now be 10399 while the Thrift server port (Key Manager) will change to 10402. This causes communication between the Gateway and Key Manager to fail because the Thrift client and server ports are different.
To fix this, you must change the Thrift client and server ports of Gateway and Key Manager to the same value. In this case, the difference between the two offsets is 3, so you can either increase the default Thrift client port by 3 or else reduce the Thrift server port by 3.
Changing the offset of the Workflow Callback Service
The API Manager has a Service which listens for workflow callbacks. This service configuration can be found at <AM_HOME>/repository/deployment/server/synapse-configs/default/proxy-services/WorkflowCallbackService.xml
. Open this file and change the port value of the <address uri>
accordingly.Â
Ex:Â <address uri="https://localhost:9445/store/site/blocks/workflow/workflow-listener/ajax/workflow-listener.jag"Â format="rest"/>
Â
For a list of all default ports opened in WSO2 API Manager, see Default Ports of WSO2 Products.