Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

WSO2 IS Tenant Creation #297

Open
HamzaOralK opened this issue May 25, 2021 · 0 comments
Open

WSO2 IS Tenant Creation #297

HamzaOralK opened this issue May 25, 2021 · 0 comments

Comments

@HamzaOralK
Copy link

We are using Identity Server as key manager as right now and when we are creating tenants from Identity Server, Identity server is throwing some errors regarding created tenant. We can not login to that tenant or anything. But when we create tenant from API Manager everything is fine as far as we have tested.

Description:

[2021-05-21 10:12:02,364] [0f8a20ce-55a6-49b0-be21-067ba8de68a6] ERROR {org.wso2.carbon.tenant.mgt.util.TenantMgtUtil} - Error in adding claims to the user. org.wso2.carbon.user.core.UserStoreException: Error when handling event : PRE_SET_USER_CLAIMS
        at org.wso2.carbon.identity.governance.listener.IdentityMgtEventListener.handleEvent(IdentityMgtEventListener.java:1658)
        at org.wso2.carbon.identity.governance.listener.IdentityMgtEventListener.handleEvent(IdentityMgtEventListener.java:1618)
        at org.wso2.carbon.identity.governance.listener.IdentityMgtEventListener.handleEvent(IdentityMgtEventListener.java:1606)
        at org.wso2.carbon.identity.governance.listener.IdentityMgtEventListener.doPreSetUserClaimValues(IdentityMgtEventListener.java:150)
        at org.wso2.carbon.user.core.common.AbstractUserStoreManager.setUserClaimValues(AbstractUserStoreManager.java:3999)
        at org.wso2.carbon.tenant.mgt.util.TenantMgtUtil.addClaimsToUserStoreManager(TenantMgtUtil.java:350)
        at org.wso2.carbon.tenant.mgt.services.TenantMgtAdminService.updateTenant(TenantMgtAdminService.java:441)
        at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
        at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
        at java.base/java.lang.reflect.Method.invoke(Method.java:566)
        at org.apache.axis2.rpc.receivers.RPCUtil.invokeServiceClass(RPCUtil.java:212)
        at org.apache.axis2.rpc.receivers.RPCMessageReceiver.invokeBusinessLogic(RPCMessageReceiver.java:117)
        at org.apache.axis2.receivers.AbstractInOutMessageReceiver.invokeBusinessLogic(AbstractInOutMessageReceiver.java:40)
        at org.apache.axis2.receivers.AbstractMessageReceiver.receive(AbstractMessageReceiver.java:110)
        at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:180)
        at org.apache.axis2.transport.local.LocalTransportReceiver.processMessage(LocalTransportReceiver.java:170)
        at org.apache.axis2.transport.local.LocalTransportReceiver.processMessage(LocalTransportReceiver.java:82)
        at org.wso2.carbon.core.transports.local.CarbonLocalTransportSender.finalizeSendWithToAddress(CarbonLocalTransportSender.java:45)
        at org.apache.axis2.transport.local.LocalTransportSender.invoke(LocalTransportSender.java:77)
        at org.apache.axis2.engine.AxisEngine.send(AxisEngine.java:442)
        at org.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisOperation.java:442)
        at org.apache.axis2.description.OutInAxisOperationClient.executeImpl(OutInAxisOperation.java:228)
        at org.apache.axis2.client.OperationClient.execute(OperationClient.java:149)
        at org.wso2.carbon.tenant.mgt.stub.TenantMgtAdminServiceStub.updateTenant(TenantMgtAdminServiceStub.java:2362)
        at org.wso2.carbon.tenant.mgt.ui.clients.TenantServiceClient.updateTenant(TenantServiceClient.java:110)
        at org.wso2.carbon.tenant.mgt.ui.utils.TenantMgtUtil.updateTenantConfigBean(TenantMgtUtil.java:119)
        at org.apache.jsp.tenant_002dmgt.submit_005ftenant_005fajaxprocessor_jsp._jspService(submit_005ftenant_005fajaxprocessor_jsp.java:204)
        at org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:70)
        at javax.servlet.http.HttpServlet.service(HttpServlet.java:741)
        at org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:477)
        at org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:385)
        at org.apache.jasper.servlet.JspServlet.service(JspServlet.java:329)
        at javax.servlet.http.HttpServlet.service(HttpServlet.java:741)
        at org.wso2.carbon.ui.JspServlet.service(JspServlet.java:207)
        at org.wso2.carbon.ui.TilesJspServlet.service(TilesJspServlet.java:80)
        at javax.servlet.http.HttpServlet.service(HttpServlet.java:741)
        at org.eclipse.equinox.http.helper.ContextPathServletAdaptor.service(ContextPathServletAdaptor.java:37)
        at org.eclipse.equinox.http.servlet.internal.ServletRegistration.service(ServletRegistration.java:61)
        at org.eclipse.equinox.http.servlet.internal.ProxyServlet.processAlias(ProxyServlet.java:128)
        at org.eclipse.equinox.http.servlet.internal.ProxyServlet.service(ProxyServlet.java:68)
        at javax.servlet.http.HttpServlet.service(HttpServlet.java:741)
        at org.wso2.carbon.tomcat.ext.servlet.DelegationServlet.service(DelegationServlet.java:68)
        at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:231)
        at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
        at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:53)
        at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
        at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
        at org.owasp.csrfguard.CsrfGuardFilter.doFilter(CsrfGuardFilter.java:88)
        at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
        at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
        at org.apache.catalina.filters.HttpHeaderSecurityFilter.doFilter(HttpHeaderSecurityFilter.java:126)
        at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
        at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
        at org.wso2.carbon.tomcat.ext.filter.CharacterSetFilter.doFilter(CharacterSetFilter.java:65)
        at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
        at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
        at org.apache.catalina.filters.HttpHeaderSecurityFilter.doFilter(HttpHeaderSecurityFilter.java:126)
        at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
        at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
        at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:202)
        at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:96)
        at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:541)
        at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:139)
        at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:92)
        at org.wso2.carbon.identity.context.rewrite.valve.TenantContextRewriteValve.invoke(TenantContextRewriteValve.java:86)
        at org.wso2.carbon.identity.authz.valve.AuthorizationValve.invoke(AuthorizationValve.java:110)
        at org.wso2.carbon.identity.auth.valve.AuthenticationValve.invoke(AuthenticationValve.java:75)
        at org.wso2.carbon.tomcat.ext.valves.CompositeValve.continueInvocation(CompositeValve.java:99)
        at org.wso2.carbon.tomcat.ext.valves.TomcatValveContainer.invokeValves(TomcatValveContainer.java:49)
        at org.wso2.carbon.tomcat.ext.valves.CompositeValve.invoke(CompositeValve.java:62)
        at org.wso2.carbon.tomcat.ext.valves.CarbonStuckThreadDetectionValve.invoke(CarbonStuckThreadDetectionValve.java:145)
        at org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:688)
        at org.wso2.carbon.tomcat.ext.valves.CarbonContextCreatorValve.invoke(CarbonContextCreatorValve.java:57)
        at org.wso2.carbon.tomcat.ext.valves.RequestEncodingValve.invoke(RequestEncodingValve.java:49)
        at org.wso2.carbon.tomcat.ext.valves.RequestCorrelationIdValve.invoke(RequestCorrelationIdValve.java:119)
        at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:74)
        at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:343)
        at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:367)
        at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:65)
        at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:868)
        at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1639)
        at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)
        at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128)
        at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628)
        at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
        at java.base/java.lang.Thread.run(Thread.java:834)
Caused by: org.wso2.carbon.identity.event.IdentityEventException: Error while getting connector configurations for property :account.disable.handler.enable
        at org.wso2.carbon.identity.handler.event.account.lock.util.AccountUtil.getConnectorConfig(AccountUtil.java:79)
        at org.wso2.carbon.identity.handler.event.account.lock.AccountDisableHandler.handleEvent(AccountDisableHandler.java:131)
        at org.wso2.carbon.identity.event.services.IdentityEventServiceImpl.handleEvent(IdentityEventServiceImpl.java:56)
        at org.wso2.carbon.identity.governance.listener.IdentityMgtEventListener.handleEvent(IdentityMgtEventListener.java:1642)
        ... 86 more
Caused by: org.wso2.carbon.identity.governance.IdentityGovernanceException: Error while retrieving resident Idp for xxx.io tenant.
        at org.wso2.carbon.identity.governance.IdentityGovernanceServiceImpl.getConfiguration(IdentityGovernanceServiceImpl.java:98)
        at org.wso2.carbon.identity.governance.IdentityGovernanceServiceImpl.getConfiguration(IdentityGovernanceServiceImpl.java:123)
        at org.wso2.carbon.identity.handler.event.account.lock.util.AccountUtil.getConnectorConfig(AccountUtil.java:72)
        ... 89 more
Caused by: org.wso2.carbon.idp.mgt.IdentityProviderManagementException: Could not find Resident Identity Provider for tenant xxx.io
        at org.wso2.carbon.idp.mgt.IdentityProviderManager.getResidentIdP(IdentityProviderManager.java:330)
        at org.wso2.carbon.identity.governance.IdentityGovernanceServiceImpl.getConfiguration(IdentityGovernanceServiceImpl.java:95)
        ... 91 more

[2021-05-21 10:12:03,273] [0f8a20ce-55a6-49b0-be21-067ba8de68a6] ERROR {org.wso2.carbon.tenant.mgt.ui.utils.TenantMgtUtil} - Failed to update the tenant 'xxx.io'. Root cause : Error in adding claims to the user. org.wso2.carbon.tenant.mgt.stub.TenantMgtAdminServiceExceptionException: TenantMgtAdminServiceExceptionException
        at java.base/jdk.internal.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
        at java.base/jdk.internal.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:62)
        at java.base/jdk.internal.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
        at java.base/java.lang.reflect.Constructor.newInstance(Constructor.java:490)
        at java.base/java.lang.Class.newInstance(Class.java:584)
        at org.wso2.carbon.tenant.mgt.stub.TenantMgtAdminServiceStub.updateTenant(TenantMgtAdminServiceStub.java:2376)
        at org.wso2.carbon.tenant.mgt.ui.clients.TenantServiceClient.updateTenant(TenantServiceClient.java:110)
        at org.wso2.carbon.tenant.mgt.ui.utils.TenantMgtUtil.updateTenantConfigBean(TenantMgtUtil.java:119)
        at org.apache.jsp.tenant_002dmgt.submit_005ftenant_005fajaxprocessor_jsp._jspService(submit_005ftenant_005fajaxprocessor_jsp.java:204)
        at org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:70)
        at javax.servlet.http.HttpServlet.service(HttpServlet.java:741)
        at org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:477)
        at org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:385)
        at org.apache.jasper.servlet.JspServlet.service(JspServlet.java:329)
        at javax.servlet.http.HttpServlet.service(HttpServlet.java:741)
        at org.wso2.carbon.ui.JspServlet.service(JspServlet.java:207)
        at org.wso2.carbon.ui.TilesJspServlet.service(TilesJspServlet.java:80)
        at javax.servlet.http.HttpServlet.service(HttpServlet.java:741)
        at org.eclipse.equinox.http.helper.ContextPathServletAdaptor.service(ContextPathServletAdaptor.java:37)
        at org.eclipse.equinox.http.servlet.internal.ServletRegistration.service(ServletRegistration.java:61)
        at org.eclipse.equinox.http.servlet.internal.ProxyServlet.processAlias(ProxyServlet.java:128)
        at org.eclipse.equinox.http.servlet.internal.ProxyServlet.service(ProxyServlet.java:68)
        at javax.servlet.http.HttpServlet.service(HttpServlet.java:741)
        at org.wso2.carbon.tomcat.ext.servlet.DelegationServlet.service(DelegationServlet.java:68)
        at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:231)
        at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
        at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:53)
        at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
        at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
        at org.owasp.csrfguard.CsrfGuardFilter.doFilter(CsrfGuardFilter.java:88)
        at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
        at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
        at org.apache.catalina.filters.HttpHeaderSecurityFilter.doFilter(HttpHeaderSecurityFilter.java:126)
        at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
        at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
        at org.wso2.carbon.tomcat.ext.filter.CharacterSetFilter.doFilter(CharacterSetFilter.java:65)
        at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
        at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
        at org.apache.catalina.filters.HttpHeaderSecurityFilter.doFilter(HttpHeaderSecurityFilter.java:126)
        at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
        at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
        at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:202)
        at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:96)
        at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:541)
        at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:139)
        at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:92)
        at org.wso2.carbon.identity.context.rewrite.valve.TenantContextRewriteValve.invoke(TenantContextRewriteValve.java:86)
        at org.wso2.carbon.identity.authz.valve.AuthorizationValve.invoke(AuthorizationValve.java:110)
        at org.wso2.carbon.identity.auth.valve.AuthenticationValve.invoke(AuthenticationValve.java:75)
        at org.wso2.carbon.tomcat.ext.valves.CompositeValve.continueInvocation(CompositeValve.java:99)
        at org.wso2.carbon.tomcat.ext.valves.TomcatValveContainer.invokeValves(TomcatValveContainer.java:49)
        at org.wso2.carbon.tomcat.ext.valves.CompositeValve.invoke(CompositeValve.java:62)
        at org.wso2.carbon.tomcat.ext.valves.CarbonStuckThreadDetectionValve.invoke(CarbonStuckThreadDetectionValve.java:145)
        at org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:688)
        at org.wso2.carbon.tomcat.ext.valves.CarbonContextCreatorValve.invoke(CarbonContextCreatorValve.java:57)
        at org.wso2.carbon.tomcat.ext.valves.RequestEncodingValve.invoke(RequestEncodingValve.java:49)
        at org.wso2.carbon.tomcat.ext.valves.RequestCorrelationIdValve.invoke(RequestCorrelationIdValve.java:119)
        at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:74)
        at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:343)
        at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:367)
        at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:65)
        at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:868)
        at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1639)
        at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)
        at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128)
        at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628)
        at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
        at java.base/java.lang.Thread.run(Thread.java:834)

And we have looked at the IDP table and there were some missing rows for newly created tenant.

To sum up, we cannot create tenants from IS, but create from API Manager and login with Identity Server. Which configuration we may messed up or is there something else?

Affected Product Version:
APIM 3.2.0, Identity Server 5.10

OS, DB, other environment details and versions:
Running with Postgres 12.4
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@HamzaOralK