WSO2 API Manager Store access with Identity Server

Question

I use How To Setup a WSO2 API Manager Store Login with Google article for configuring login by Google possibility for WSO2 API Manager Store, but I have a problem.

It seems all working, but I can't login by Google to Store.

User automatically created by provisioning.
After login clicked, I guess user is logging in to store and logout automatically, probably because have not permissions/roles to login or something else.

How to assign some permissions/roles automatically on user creation after click login by Google?

Maybe problem is in something else?

EDIT:

Logs in API Manager:

TID: [-1234] [] [2016-11-09 12:57:52,746] WARN {org.apache.tomcat.jdbc.pool.ConnectionPool} - maxIdle is larger than maxActive, setting maxIdle to: 40 {org.apache.tomcat.jdbc.pool.ConnectionPool}

TID: [-1234] [] [2016-11-09 12:57:53,486] WARN {org.apache.tomcat.jdbc.pool.ConnectionPool} - maxIdle is larger than maxActive, setting maxIdle to: 40 {org.apache.tomcat.jdbc.pool.ConnectionPool}

TID: [-1234] [] [2016-11-09 12:57:58,650] WARN {org.apache.tomcat.jdbc.pool.ConnectionPool} - maxIdle is larger than maxActive, setting maxIdle to: 40 {org.apache.tomcat.jdbc.pool.ConnectionPool}

TID: [-1234] [] [2016-11-09 12:58:23,672] ERROR {org.wso2.carbon.core.internal.permission.update.PermissionUpdater} - Error when updating the permission cache for tenant : -1 {org.wso2.carbon.core.internal.permission.update.PermissionUpdater} java.lang.NullPointerException at org.wso2.carbon.registry.core.jdbc.realm.RegistryRealm.getRealm(RegistryRealm.java:148) at org.wso2.carbon.core.internal.permission.update.PermissionUpdater.getAuthzManager(PermissionUpdater.java:90) at org.wso2.carbon.core.internal.permission.update.PermissionUpdater.update(PermissionUpdater.java:60) at org.wso2.carbon.core.util.PermissionUpdateUtil.updatePermissionTree(PermissionUpdateUtil.java:46) at org.wso2.carbon.apimgt.hostobjects.APIStoreHostObject.jsFunction_updatePermissionCache(APIStoreHostObject.java:743) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:483) at org.mozilla.javascript.MemberBox.invoke(MemberBox.java:126) at org.mozilla.javascript.FunctionObject.call(FunctionObject.java:386) at org.mozilla.javascript.optimizer.OptRuntime.call1(OptRuntime.java:32) at org.jaggeryjs.rhino.store.modules.api.c2._c_anonymous_3(/store/modules/api/permissions.jag:63) at org.jaggeryjs.rhino.store.modules.api.c2.call(/store/modules/api/permissions.jag) at org.mozilla.javascript.ScriptRuntime.applyOrCall(ScriptRuntime.java:2430) at org.mozilla.javascript.BaseFunction.execIdCall(BaseFunction.java:269) at org.mozilla.javascript.IdFunctionObject.call(IdFunctionObject.java:97) at org.mozilla.javascript.optimizer.OptRuntime.call2(OptRuntime.java:42) at org.jaggeryjs.rhino.store.modules.api.c0._c_anonymous_14(/store/modules/api/module.jag:48) at org.jaggeryjs.rhino.store.modules.api.c0.call(/store/modules/api/module.jag) at org.mozilla.javascript.optimizer.OptRuntime.call1(OptRuntime.java:32) at org.jaggeryjs.rhino.store.jagg.c1._c_anonymous_1(/store/jagg/jaggery_acs.jag:89) at org.jaggeryjs.rhino.store.jagg.c1.call(/store/jagg/jaggery_acs.jag) at org.mozilla.javascript.optimizer.OptRuntime.call0(OptRuntime.java:23) at org.jaggeryjs.rhino.store.jagg.c1._c_script_0(/store/jagg/jaggery_acs.jag:5) at org.jaggeryjs.rhino.store.jagg.c1.call(/store/jagg/jaggery_acs.jag) at org.mozilla.javascript.ContextFactory.doTopCall(ContextFactory.java:394) at org.mozilla.javascript.ScriptRuntime.doTopCall(ScriptRuntime.java:3091) at org.jaggeryjs.rhino.store.jagg.c1.call(/store/jagg/jaggery_acs.jag) at org.jaggeryjs.rhino.store.jagg.c1.exec(/store/jagg/jaggery_acs.jag) at org.jaggeryjs.scriptengine.engine.RhinoEngine.execScript(RhinoEngine.java:567) at org.jaggeryjs.scriptengine.engine.RhinoEngine.exec(RhinoEngine.java:273) at org.jaggeryjs.jaggery.core.manager.WebAppManager.exec(WebAppManager.java:588) at org.jaggeryjs.jaggery.core.manager.WebAppManager.execute(WebAppManager.java:508) at org.jaggeryjs.jaggery.core.JaggeryServlet.doPost(JaggeryServlet.java:29) at javax.servlet.http.HttpServlet.service(HttpServlet.java:650) at javax.servlet.http.HttpServlet.service(HttpServlet.java:731) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:303) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208) at org.apache.catalina.core.ApplicationDispatcher.invoke(ApplicationDispatcher.java:747) at org.apache.catalina.core.ApplicationDispatcher.processRequest(ApplicationDispatcher.java:485) at org.apache.catalina.core.ApplicationDispatcher.doForward(ApplicationDispatcher.java:377) at org.apache.catalina.core.ApplicationDispatcher.forward(ApplicationDispatcher.java:337) at org.jaggeryjs.jaggery.core.JaggeryFilter.doFilter(JaggeryFilter.java:21) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208) at org.apache.catalina.filters.HttpHeaderSecurityFilter.doFilter(HttpHeaderSecurityFilter.java:120) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208) at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:220) at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:122) at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:505) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:169) at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:103) at org.wso2.carbon.tomcat.ext.valves.CompositeValve.continueInvocation(CompositeValve.java:99) at org.wso2.carbon.tomcat.ext.valves.CarbonTomcatValve$1.invoke(CarbonTomcatValve.java:47) at org.wso2.carbon.webapp.mgt.TenantLazyLoaderValve.invoke(TenantLazyLoaderValve.java:57) at org.wso2.carbon.event.receiver.core.internal.tenantmgt.TenantLazyLoaderValve.invoke(TenantLazyLoaderValve.java:48) at org.wso2.carbon.tomcat.ext.valves.TomcatValveContainer.invokeValves(TomcatValveContainer.java:47) at org.wso2.carbon.tomcat.ext.valves.CompositeValve.invoke(CompositeValve.java:62) at org.wso2.carbon.tomcat.ext.valves.CarbonStuckThreadDetectionValve.invoke(CarbonStuckThreadDetectionValve.java:159) at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:956) at org.wso2.carbon.tomcat.ext.valves.CarbonContextCreatorValve.invoke(CarbonContextCreatorValve.java:57) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:116) at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:436) at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1078) at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:625) at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1749) at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.run(NioEndpoint.java:1708) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) at java.lang.Thread.run(Thread.java:745)

TID: [-1234] [] [2016-11-09 12:58:24,029] INFO {org.wso2.carbon.hostobjects.sso.SAMLSSORelyingPartyObject} - invalidate: Session already invalidated {org.wso2.carbon.hostobjects.sso.SAMLSSORelyingPartyObject}

TID: [-1234] [] [2016-11-09 12:58:31,931] WARN {org.apache.tomcat.jdbc.pool.ConnectionPool} - maxIdle is larger than maxActive, setting maxIdle to: 40 {org.apache.tomcat.jdbc.pool.ConnectionPool}

TID: [-1234] [] [2016-11-09 12:58:34,634] WARN {org.apache.tomcat.jdbc.pool.ConnectionPool} - maxIdle is larger than maxActive, setting maxIdle to: 40 {org.apache.tomcat.jdbc.pool.ConnectionPool}

Logs in Identity Server:

TID: [-1234] [] [2016-11-09 12:57:42,762] WARN {org.apache.tomcat.jdbc.pool.ConnectionPool} - maxIdle is larger than maxActive, setting maxIdle to: 40 TID: [-1234] [] [2016-11-09 12:58:04,670] INFO {org.wso2.carbon.identity.oauth2.dao.TokenMgtDAO}

Thread pool size for session persistent consumer : 100 TID: [-1234] [] [2016-11-09 12:58:04,986] INFO {org.wso2.carbon.identity.entitlement.policy.finder.CarbonPolicyFinder}

Initializing of policy store is started at : Wed Nov 09 12:58:04 CET 2016 TID: [-1234] [] [2016-11-09 12:58:04,993] INFO {org.wso2.carbon.identity.entitlement.policy.store.DefaultPolicyDataStore}

Using Global policy combining algorithm that is defined in configuration file. TID: [-1234] [] [2016-11-09 12:58:04,993] INFO {org.wso2.carbon.identity.entitlement.policy.finder.CarbonPolicyFinder}

Start retrieving policies from org.wso2.carbon.identity.entitlement.policy.store.RegistryPolicyStoreManageModule@2f8601e6 at : Wed Nov 09 12:58:04 CET 2016 TID: [-1234] [] [2016-11-09 12:58:04,995] INFO {org.wso2.carbon.identity.entitlement.policy.finder.CarbonPolicyFinder}

Finish retrieving policies from org.wso2.carbon.identity.entitlement.policy.store.RegistryPolicyStoreManageModule@2f8601e6 at : Wed Nov 09 12:58:04 CET 2016 TID: [-1234] [] [2016-11-09 12:58:04,996] INFO {org.wso2.carbon.identity.entitlement.policy.finder.CarbonPolicyFinder}

Initializing of policy store is finished at : Wed Nov 09 12:58:04 CET 2016 TID: [-1234] [] [2016-11-09 12:58:05,035] INFO {org.wso2.carbon.identity.entitlement.policy.finder.CarbonPolicyFinder}

Initializing of policy store is started at : Wed Nov 09 12:58:05 CET 2016 TID: [-1234] [] [2016-11-09 12:58:05,036] INFO {org.wso2.carbon.identity.entitlement.policy.store.DefaultPolicyDataStore}

Using Global policy combining algorithm that is defined in configuration file. TID: [-1234] [] [2016-11-09 12:58:05,037] INFO {org.wso2.carbon.identity.entitlement.policy.finder.CarbonPolicyFinder}

Start retrieving policies from org.wso2.carbon.identity.entitlement.policy.store.RegistryPolicyStoreManageModule@2f8601e6 at : Wed Nov 09 12:58:05 CET 2016 TID: [-1234] [] [2016-11-09 12:58:05,039] INFO {org.wso2.carbon.identity.entitlement.policy.finder.CarbonPolicyFinder}

Finish retrieving policies from org.wso2.carbon.identity.entitlement.policy.store.RegistryPolicyStoreManageModule@2f8601e6 at : Wed Nov 09 12:58:05 CET 2016 TID: [-1234] [] [2016-11-09 12:58:05,039] INFO {org.wso2.carbon.identity.entitlement.policy.finder.CarbonPolicyFinder}

Initializing of policy store is finished at : Wed Nov 09 12:58:05 CET 2016 TID: [-1234] [] [2016-11-09 12:58:22,983] INFO {org.wso2.carbon.core.internal.permission.update.PermissionUpdater} - Permission cache updated for tenant -1234

Configurations of my Service Provider and Identity Provider are visible below:

Since it's an NPE, it's hard to say the exact reason. Please try setting login and subscribe permissions to internal/everyone role. — Bee

Taras Melon Taras Melon · Accepted Answer · 2016-11-19T12:45:37

The end of story:

I should use article Setting up PostgreSQL especially Changing the default WSO2_CARBON_DB datasource for changing default DB to my PostgreSQL DB in API Manager and Identity Server and run server with -Dserver option [For Windows: <PRODUCT_HOME>/bin/wso2server.bat -Dsetup].

After all configurations I added permissions API/Subscribe and Login to Internal/everyone role.

Bhathiya, thanks for help. :)

WSO2 API Manager Store access with Identity Server

1 Answers