The API for exporting APIs [3] return "API Not Found" for APIs that have no endpoints.

Related source files:

1. https://github.com/wso2/carbon-apimgt/blob/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.publisher/src/main/java/org/wso2/carbon/apimgt/rest/api/publisher/utils/ApiImportExportManager.java

2. https://github.com/wso2/carbon-apimgt/blob/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.publisher/src/main/java/org/wso2/carbon/apimgt/rest/api/publisher/utils/ApiImportExportManager.java

3. https://github.com/wso2/carbon-apimgt/blob/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.publisher/src/main/resources/publisher-api.yaml#L1786

the csrftoken parameters is not validation at the server side for null values. For Instance, If the user sends request with csrftoken completely removed is successfully processed by the server. Apparently. X-CSRFToken header is not used within the admin console. This void the usage of csrftoken throughout the application.

Can you please release a patch for this ?

Please find the below steps to recreate the issue.

• Add secondary user store(wso2.com) to apim server
• Create new role giving the permission to access admin dashboard.
• Create new user(testuser) in secondary user store and assign the role to the user.
• Try to logging to the system with new user credentials.

Expected Behaviour: user should be able to login, since he has required permissions.

Actual Behaviour:
user cannot login to the admin dashboard with,

username = testuser

but he can login with with the domain id as below,

username = WSO2.COM/testuser

APIM Gateway Routes client calls to services.
My requirement is to let APIM Gateway gets services locations from the service registry (Eureka, Apache Zookeeper, Consul, Etcd ...)

Is that possible?
Have you considered or planned this possibility?

see : wso2/msf4j#274 (comment)

In relation to integration with the billing-engine can you find out how the subscription plans are defined so that it can automatically synchronize with the billing system?
The example gives the user the ability to create plans but this must be the responsibility of the publishers of the api, not to those who consume it.

I would also like to integrate the billing system directly on the store but I see that the old instance is no longer functioning because the code are change below

In API Manager 3.0.0, when you first navigate to the publisher home page (https://localhost:9292/publisher/), it redirects you to https://localhost:9292/publisher/apis. When there are no APIs in the system this page shows an empty listing. If there are no APIs in the system or if there is none the particular user can see, the system should be redirected to https://localhost:9292/publisher/api/create/home

There is an issue in API documentation update publisher impl. When trying to update the document source type it checks whether the API exists with the updating doc info. This brings an issue as the isDocumentExists function compares also the document source type (INLINE/URL/FILE). This returns false always as the document source type is changed now. So whenever we try to update a document source type, it throws an exception saying the document doesn't exist. isDocumentExist() method obviously doesn't need to check the document source type. Checking for other unique values is sufficient.

We get open redirect on APIM_HOME/repository/deployment/store/site/themes/wso2/templates/user/sign-up/redirector.jag
https://localhost:9443/store/site/themes/wso2/templates/user/sign-up/redirector.jag?redirectToHome=http%3A%2F%2F1432024300%2Fa%3F%2Fstore&tenant=null
API Manager 2.1.0
Can I make only context redirects (like a /store/somewhere) or restrict them to a domain name(s)?

I installed WSO2 AM(API Manager) 1.10.0 and used the user-mgt.xml from working AM 1.9.0 with LDAP enabled, but now I cannot login to carbon admin UI.

Please refer to this question:
http://stackoverflow.com/questions/38167243/i-installed-wso2-amapi-manager-1-10-0-and-used-the-user-mgt-xml-from-working-a

Any help is appreciated.

The <APIM_HOME>/samples/PizzaShack/pizza-shack-api folder has gone missing since API Manager 2.0.0. Looks like the folder has gone missing in the master branch, but still exists in the 1.10.x branch. Please merge it back into master.

I have followed the below steps to reproduce the issue.

1. Configure the APIM to sharing the applications and subscriptions among the users by following the steps mentioned in document [1].
2. Signup two users (user1 and user2) into API store with same organization name.
3. Create an application via user1 and add a callback URL and generate the production key.
4. Sign in to the API Store via user2 and can see the created application in step 3.
5. Edit the application name, tier of the created application in step 3 (via user2) without any issue.
6. When I tried to edit the callback URL of the application, via user2, I could see the attached exception in API manager and due to that
   we can't edit the callback URL of the application via user2.

[1] - https://docs.wso2.com/display/AM200/Sharing+Applications+and+Subscriptions

Hi,
For c5 branch, where can I find the apimgt 7.0.0-snapshot.jar.
I want to compile the c5 branch.

liuhf

SO2 API Manager 2.0.0 form source code，Throttling Limits does not work， Neither subscription nor app throttling policies are working

Invoking this API will get the available throttle policies from the database and generate Siddhi execution plans for each policy. Each execution plan will be writ tent to "
{execution plan.name}
.siddhi" file and an archive will be created containing all the execution plans files.

Due to this, such APIs cannot be invoked since they are not deployed in any gateway.

We need to attach Default label if an API is created without a label,

I have a JAX-RS based RESTful web server. Now, I want put the WSO2 API Manager infront of it.
Can any one help by point out to some document to see how this can be done? I want this because I want REST APIs exposed by my REST Server to be authenticated and access controlled (RBAC). Any help on how to do this?

Also, what is the database associated with the WSO2 API manager stores? Is it to store the APIs with Access rights, Analytics of the WSO2 API Manager etc?

Any pointers would be of much help? I went through the video, but certain things are not clear. I want to integreate this with my REST Server only.

Please let me know.

Environment

Product: wso2am-2.1.0 (for Windows x64)
Access URL (in local): https://localhost:9443/publisher/design?name=WorldBank&version=1.0.0&provider=admin

Description

Script error occurs when clicking delete buttons in Parameters panel.
Although objects and parameters are assigned and they are verified in Chrome Inspector, It can not read property. I have attached two screenshots on this issue.

(In the publisher, in a document of an API) Editing source type 'file' documents gives an error. We cannot edit a 'file' type document without changing(or re adding) the file. For instance, if we edit only the summary of such a document, but didn't change the source file, then the file name of that document becomes null. Then after that if we view the document and try to download it, it will be downloaded as 'null' file name.

A resource as /apis/{apiId}/gateway-config exists on the Publisher API. Need to check whether we need this for real.

Hi,

First of all i would like to congratulate your team for this enormouse platform.

I am using the API Manager version 2.1.0 and and trying to analyze it for production deployment.
In this process I have performed stress api testing on an instance of APi Manager ver 2.1.0 and discovered a memory leak[1] with an exception about too many connection. It seems that at some point of time within some components, the database connections are not closed properly resulting in following exception[1]. This is my perception, then please investigate better by following the steps below.

Operating System : Windows 10 Pro, installed memory 16GB, Intel(R) Core(TM)i7-3740QM CPU @2.70 GHz

Steps to reproduce.

1. Start an instance of APi manager 2.1.0 (using the configurations in attached zip file api-manager.xml, master-datasources.xml). I downloaded WS02 API manager v 2.1.0 from http://wso2.com/api-management/

2. I am using Mysql database using driver (mysql-connector-java-5.1.42.jar) copied in components/lib folder.

3. I created WorldBank - 1.0.0 API - GET (/countries/{code}) following the tutorial provider by publisher component.

4. I have created apache-jmeter ver 3.2 test file (WorlBankAPITest.jmx, attached) to perform load testing.

5. The test worked fine until 61793 samples before throwing exception in [1].

Please let me know if something is unclear while trying to reproduce the issue.

Best regards

[1]

[2017-07-25 12:09:18,256] ERROR - WSO2Registry Error while fetching the resource gov:/apimgt/statistics/ga-config.xml
org.wso2.carbon.registry.core.exceptions.RegistryException: Failed to start new registry transaction.
at org.wso2.carbon.registry.core.jdbc.dataaccess.JDBCTransactionManager.beginTransaction(JDBCTransactionManager.java:97)
at org.wso2.carbon.registry.core.jdbc.EmbeddedRegistry.beginTransaction(EmbeddedRegistry.java:443)
at org.wso2.carbon.registry.core.jdbc.EmbeddedRegistry.resourceExists(EmbeddedRegistry.java:631)
at org.wso2.carbon.registry.core.caching.CacheBackedRegistry.resourceExists(CacheBackedRegistry.java:376)
at org.wso2.carbon.registry.core.session.UserRegistry.resourceExistsInternal(UserRegistry.java:774)
at org.wso2.carbon.registry.core.session.UserRegistry.access$800(UserRegistry.java:61)
at org.wso2.carbon.registry.core.session.UserRegistry$9.run(UserRegistry.java:757)
at org.wso2.carbon.registry.core.session.UserRegistry$9.run(UserRegistry.java:754)
at java.security.AccessController.doPrivileged(Native Method)
at org.wso2.carbon.registry.core.session.UserRegistry.resourceExists(UserRegistry.java:754)
at org.wso2.carbon.mediation.registry.WSO2Registry.getResource(WSO2Registry.java:599)
at org.wso2.carbon.mediation.registry.WSO2Registry.getRegistryEntry(WSO2Registry.java:437)
at org.apache.synapse.registry.AbstractRegistry.getResource(AbstractRegistry.java:94)
at org.apache.synapse.config.SynapseConfiguration.getEntry(SynapseConfiguration.java:837)
at org.apache.synapse.core.axis2.Axis2MessageContext.getEntry(Axis2MessageContext.java:259)
at org.wso2.carbon.apimgt.gateway.handlers.analytics.APIMgtGoogleAnalyticsTrackingHandler.handleRequest(APIMgtGoogleAnalyticsTrackingHandler.java:83)
at org.apache.synapse.rest.API.process(API.java:325)
at org.apache.synapse.rest.RESTRequestHandler.dispatchToAPI(RESTRequestHandler.java:90)
at org.apache.synapse.rest.RESTRequestHandler.process(RESTRequestHandler.java:69)
at org.apache.synapse.core.axis2.Axis2SynapseEnvironment.injectMessage(Axis2SynapseEnvironment.java:304)
at org.apache.synapse.core.axis2.SynapseMessageReceiver.receive(SynapseMessageReceiver.java:78)
at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:180)
at org.apache.synapse.transport.passthru.ServerWorker.processNonEntityEnclosingRESTHandler(ServerWorker.java:325)
at org.apache.synapse.transport.passthru.ServerWorker.run(ServerWorker.java:158)
at org.apache.axis2.transport.base.threads.NativeWorkerPool$1.run(NativeWorkerPool.java:172)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
at java.lang.Thread.run(Thread.java:745)
Caused by: com.mysql.jdbc.exceptions.jdbc4.MySQLNonTransientConnectionException: Too many connections
at sun.reflect.GeneratedConstructorAccessor183.newInstance(Unknown Source)
at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
at java.lang.reflect.Constructor.newInstance(Constructor.java:423)
at com.mysql.jdbc.Util.handleNewInstance(Util.java:425)
at com.mysql.jdbc.Util.getInstance(Util.java:408)
at com.mysql.jdbc.SQLError.createSQLException(SQLError.java:918)
at com.mysql.jdbc.MysqlIO.checkErrorPacket(MysqlIO.java:3973)
at com.mysql.jdbc.MysqlIO.checkErrorPacket(MysqlIO.java:3909)
at com.mysql.jdbc.MysqlIO.checkErrorPacket(MysqlIO.java:873)
at com.mysql.jdbc.MysqlIO.proceedHandshakeWithPluggableAuthentication(MysqlIO.java:1710)
at com.mysql.jdbc.MysqlIO.doHandshake(MysqlIO.java:1226)
at com.mysql.jdbc.ConnectionImpl.coreConnect(ConnectionImpl.java:2194)
at com.mysql.jdbc.ConnectionImpl.connectOneTryOnly(ConnectionImpl.java:2225)
at com.mysql.jdbc.ConnectionImpl.createNewIO(ConnectionImpl.java:2024)
at com.mysql.jdbc.ConnectionImpl.(ConnectionImpl.java:779)
at com.mysql.jdbc.JDBC4Connection.(JDBC4Connection.java:47)
at sun.reflect.GeneratedConstructorAccessor180.newInstance(Unknown Source)
at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
at java.lang.reflect.Constructor.newInstance(Constructor.java:423)
at com.mysql.jdbc.Util.handleNewInstance(Util.java:425)
at com.mysql.jdbc.ConnectionImpl.getInstance(ConnectionImpl.java:389)
at com.mysql.jdbc.NonRegisteringDriver.connect(NonRegisteringDriver.java:330)
at org.apache.tomcat.jdbc.pool.PooledConnection.connectUsingDriver(PooledConnection.java:278)
at org.apache.tomcat.jdbc.pool.PooledConnection.connect(PooledConnection.java:182)
at org.apache.tomcat.jdbc.pool.ConnectionPool.createConnection(ConnectionPool.java:701)
at org.apache.tomcat.jdbc.pool.ConnectionPool.borrowConnection(ConnectionPool.java:635)
at org.apache.tomcat.jdbc.pool.ConnectionPool.getConnection(ConnectionPool.java:188)
at org.apache.tomcat.jdbc.pool.DataSourceProxy.getConnection(DataSourceProxy.java:128)
at org.wso2.carbon.registry.core.jdbc.dataaccess.JDBCTransactionManager.beginTransaction(JDBCTransactionManager.java:80)

1.zip

Getting following warning message for using deprecated propType API in here (and several other places)

Warning: Accessing PropTypes via the main React package is deprecated. Use the prop-types package from npm instead.

As stated in documentation we would need to use the prop-types library instead.

Regarding issue wso2/product-ei#78, due to the file structure changes in business-process component of EI, need workflow packs that are created to fit the updated file path.

Who can provide the the downloading URL of API Manager 2.0.0

Hi,
When I tried to do localization in client-side Javascript files. I found that i18n.t() cannot translate strings with . and :. i18n treats . and : as special chareacters to split the original strings by default. And wso2 doesn't pass any arguement to override the default options.

What I did is changing the default options in i18next-1.5.9.js.

  63     var o = {
  64         lng: undefined,
  65         load: 'all',
  66         preload: [],
  67         lowerCaseLng: false,
  68         returnObjectTrees: false,
  69         fallbackLng: 'dev',
  70         detectLngQS: 'setLng',
  71         ns: 'translation',
  72         nsseparator: ':',
  73         keyseparator: '.',
  74         selectorAttr: 'data-i18n',
  75         debug: false,
  76 

Please refer: wso2/carbon-apimgt#4273

This error was occurred in function getDocumentationContent() in AbstractAPIManager.java when tried to view the inline content of a INLINE type doc. It is because the inline content value is null, when the document is just added. As the fix, we can add empty String as the inline content of the document, once the document is added. So the inline content is not null initially.

In APIM 2.0.0 does not have a support to move application owner after creates the application. As per the use case, there should be a way to change existing application owner at least via the super admin or person who having admin privileges. Currently, there are two workarounds to achieve this.

1. adding same "organization" claim group to multiple users and then uses can share the subscription.

2. change the application owner in DB level.

But it is good to have feature support from UI level.

Thanks,
Chamara Silva

in the carbon application of rc3 version in this moment i can't see the email field when i add a tenant in the file
add_tenant.jsp

How to configure the ServerURL and GatewayEndpoint in Publisher and Store in clustering mode?

<Name>Production and Sandbox</Name>
<Description>This is a hybrid gateway that handles both production and sandbox token traffic.</Description>
<!-- Server URL of the API gateway -->
<ServerURL>https://localhost:${mgt.transport.https.port}${carbon.context}services/</ServerURL> gateway-manager host?
<!-- Admin username for the API gateway. -->
<Username>${admin.username}</Username>
<!-- Admin password for the API gateway.-->
<Password>${admin.password}</Password>
<!-- Endpoint URLs for the APIs hosted in this API gateway.-->
<GatewayEndpoint>http://${carbon.local.ip}:${http.nio.port},https://${carbon.local.ip}:${https.nio.port}</GatewayEndpoint>gateway-worker host?

Best Regards,
Leo

There are quite a few questions unanswered there... Wondering if we have an active/supportive community for this project...

Thanks.

Hi,

I am not sure if this is the right issue tracker because I acounter a strange behavior which I could not resolve or find any other useful information. We are running wso2 1.1.0.

A customer accessed one of the API's with an asterisk at the end (http://api/rsources/5*) the same applies also for the bang (!) at the end. He received the famous 0 Contant message in Swagger Console within the api mgmt.

It looks like the swagger console executes a preflight OPTIONS request to call to a wild card (*).

In the log file I found following Exception that this case is not handled gracefully.

Is this something other folks have encountered. Is this a configuration issue or what would be the best practise to prevend this.

`Java NullPointer Exception im Log-File

TID: [-1234] [] [2017-01-25 09:12:42,714] ERROR {org.apache.synapse.transport.passthru.ServerWorker} - Error processing OPTIONS reguest for : /fasta/v1/stations/7*. Error detail: null. {org.apache.synapse.transport.passthru.ServerWorker}
java.lang.NullPointerException
at org.apache.synapse.transport.passthru.Pipe$ByteBufferInputStream.waitForData(Pipe.java:418)
at org.apache.synapse.transport.passthru.Pipe$ByteBufferInputStream.read(Pipe.java:390)
at java.io.InputStream.read(InputStream.java:101)
at org.apache.commons.io.IOUtils.copyLarge(IOUtils.java:1792)
at org.apache.commons.io.IOUtils.copyLarge(IOUtils.java:1769)
at org.apache.commons.io.IOUtils.copy(IOUtils.java:1744)
at org.apache.synapse.transport.passthru.util.RelayUtils.consumeAndDiscardMessage(RelayUtils.java:300)
at org.wso2.carbon.apimgt.gateway.handlers.security.APIAuthenticationHandler.handleAuthFailure(APIAuthenticationHandler.java:196)
at org.wso2.carbon.apimgt.gateway.handlers.security.APIAuthenticationHandler.handleRequest(APIAuthenticationHandler.java:161)
at org.apache.synapse.rest.API.process(API.java:322)
at org.apache.synapse.rest.RESTRequestHandler.dispatchToAPI(RESTRequestHandler.java:86)
at org.apache.synapse.rest.RESTRequestHandler.process(RESTRequestHandler.java:65)
at org.apache.synapse.core.axis2.Axis2SynapseEnvironment.injectMessage(Axis2SynapseEnvironment.java:295)
at org.apache.synapse.core.axis2.SynapseMessageReceiver.receive(SynapseMessageReceiver.java:83)
at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:180)
at org.apache.synapse.transport.passthru.ServerWorker.processNonEntityEnclosingRESTHandler(ServerWorker.java:317)
at org.apache.synapse.transport.passthru.ServerWorker.run(ServerWorker.java:149)
at org.apache.axis2.transport.base.threads.NativeWorkerPool$1.run(NativeWorkerPool.java:172)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
at java.lang.Thread.run(Thread.java:745)`

Any help would be much appreciated...

Best
Felix

We recently stood up a API manager 2.0 cluster and started running performance/load testing. At around 10K users we start seeing the below error and everything stops working. We have each component (key manager (1), traffic manager (1), gateway manager (1), gateway workers (3)) in a distributed state.

TID: [-1234] [] [2016-09-08 15:21:05,414] ERROR {org.apache.synapse.core.axis2.Axis2Sender} -  Unexpected error during sending message out {org.apache.synapse.core.axis2.Axis2Sender}
java.lang.IllegalStateException: I/O reactor has been shut down
    at org.apache.http.util.Asserts.check(Asserts.java:34)
    at org.apache.http.impl.nio.reactor.DefaultConnectingIOReactor.connect(DefaultConnectingIOReactor.java:225)
    at org.apache.synapse.transport.passthru.connections.TargetConnections.getConnection(TargetConnections.java:97)
    at org.apache.synapse.transport.passthru.DeliveryAgent.submit(DeliveryAgent.java:159)
    at org.apache.synapse.transport.passthru.PassThroughHttpSender.invoke(PassThroughHttpSender.java:255)
    at org.apache.axis2.engine.AxisEngine.send(AxisEngine.java:442)
    at org.apache.synapse.core.axis2.DynamicAxisOperation$DynamicOperationClient.send(DynamicAxisOperation.java:185)
    at org.apache.synapse.core.axis2.DynamicAxisOperation$DynamicOperationClient.executeImpl(DynamicAxisOperation.java:167)
    at org.apache.axis2.client.OperationClient.execute(OperationClient.java:149)
    at org.apache.synapse.core.axis2.Axis2FlexibleMEPClient.send(Axis2FlexibleMEPClient.java:566)
    at org.apache.synapse.core.axis2.Axis2Sender.sendOn(Axis2Sender.java:78)
    at org.apache.synapse.core.axis2.Axis2SynapseEnvironment.send(Axis2SynapseEnvironment.java:544)
    at org.apache.synapse.endpoints.AbstractEndpoint.send(AbstractEndpoint.java:382)
    at org.apache.synapse.endpoints.HTTPEndpoint.send(HTTPEndpoint.java:85)
    at org.apache.synapse.mediators.builtin.SendMediator.mediate(SendMediator.java:118)
    at org.apache.synapse.mediators.AbstractListMediator.mediate(AbstractListMediator.java:95)
    at org.apache.synapse.mediators.AbstractListMediator.mediate(AbstractListMediator.java:57)
    at org.apache.synapse.config.xml.AnonymousListMediator.mediate(AnonymousListMediator.java:37)
    at org.apache.synapse.mediators.filters.FilterMediator.mediate(FilterMediator.java:203)
    at org.apache.synapse.mediators.AbstractListMediator.mediate(AbstractListMediator.java:95)
    at org.apache.synapse.mediators.AbstractListMediator.mediate(AbstractListMediator.java:57)
    at org.apache.synapse.mediators.base.SequenceMediator.mediate(SequenceMediator.java:158)
    at org.apache.synapse.rest.Resource.process(Resource.java:325)
    at org.apache.synapse.rest.API.process(API.java:399)
    at org.apache.synapse.rest.RESTRequestHandler.apiProcess(RESTRequestHandler.java:125)
    at org.apache.synapse.rest.RESTRequestHandler.dispatchToAPI(RESTRequestHandler.java:101)
    at org.apache.synapse.rest.RESTRequestHandler.process(RESTRequestHandler.java:69)
    at org.apache.synapse.core.axis2.Axis2SynapseEnvironment.injectMessage(Axis2SynapseEnvironment.java:300)
    at org.apache.synapse.core.axis2.SynapseMessageReceiver.receive(SynapseMessageReceiver.java:75)
    at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:180)
    at org.apache.synapse.transport.passthru.ServerWorker.processNonEntityEnclosingRESTHandler(ServerWorker.java:319)
    at org.apache.synapse.transport.passthru.ServerWorker.run(ServerWorker.java:152)
    at org.apache.axis2.transport.base.threads.NativeWorkerPool$1.run(NativeWorkerPool.java:172)
    at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
    at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
    at java.lang.Thread.run(Thread.java:745)

Please refer: wso2/carbon-apimgt#4278

I observed a bug in wso2 after changing username from admin to [email protected]. The reason for doing this is to support Signature validation in dedicated mode.

OBSERVATION:

After making the change, when I logged in to carbon console to add a new tenant, the add_tenant.jsp https://localhost:9443/carbon/tenant-mgt/add_tenant.jsp page does not render properly.

The difference is that email address input is not displayed in the UI. So, when I try to submit the form, it gives a pop up saying “Please enter a valid email address.” (checked in Chrome and Mozilla)

Please find the attached screenshots to see the difference before change and after change.

AFFECT:

With [email protected], we would not be able to add a new tenant in WSO2 from UI. I don’t know whether it will work from api or not. Consequently, we would have to change back the user to admin for adding a new tenant and republish all the APIs which would be unnecessary overhead.

Please look into this issue and let me know the alternatives.

When I hit subscribe, it gives the following erorror message.

What Can I do for that? I am a beginner for API manager.

Request that does not work

tcpdump trace:

# Incoming request

10:05:25.598366 IP 10.254.78.0.43154 > api-manager-rc-9ba3b.8280: Flags [P.], seq 2438838108:2438838564, ack 2130919342, win 985, options [nop,nop,TS val 1606674803 ecr 1606668326], length 456

POST http://apimanager.sid-sec:8280/t/operator.seeed/api/servicemanager/1.0.0/deployments?applicationID=47ec2d04-8969-40ee-a533-2807965914aa HTTP/1.1
Accept-Encoding: gzip, deflate
userAgent: "marketgw-1.0.0-RC3"
Host: apimanager.sid-sec:8280
userID: [email protected]
userGroups: group-public
Authorization: Bearer aaa8192ef297278f85b68bd4a1f8e020
User-Agent: spray-can/1.3.3
Content-Type: application/json; charset=UTF-8
Content-Length: 1


# Outgoing request

10:05:25.878610 IP api-manager-rc-9ba3b.37066 > 10.10.10.237.http: Flags [P.], seq 871498147:871501861, ack 2502574994, win 732, options [nop,nop,TS val 1606675174 ecr 1606668348], length 3714

POST /api/servicemanager/1.0.0/deployments HTTP/1.1
userGroups: group-public
X-JWT-Assertion: eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsIng1dCI6IlpESTNOVE5sWWpFMVpEZzNNMlJsTWpreFptTmtZV1prWldWaE1qaG1aamN6WWpoa00yWTVNUSJ9.eyJpc3MiOiJ3c28yLm9yZy9wcm9kdWN0cy9hbSIsImV4cCI6MTQ3ODY4NjgyNTg2NiwiaHR0cDovL3dzbzIub3JnL2NsYWltcy9zdWJzY3JpYmVyIjoic3Vic2NyaWJlckBvcGVyYXRvci5zZWVlZCIsImh0dHA6Ly93c28yLm9yZy9jbGFpbXMvYXBwbGljYXRpb25pZCI6IjIiLCJodHRwOi8vd3NvMi5vcmcvY2xhaW1zL2FwcGxpY2F0aW9ubmFtZSI6IlNwYXJrSW5EYXRhR1ciLCJodHRwOi8vd3NvMi5vcmcvY2xhaW1zL2FwcGxpY2F0aW9udGllciI6IlVubGltaXRlZCIsImh0dHA6Ly93c28yLm9yZy9jbGFpbXMvYXBpY29udGV4dCI6Ii90L29wZXJhdG9yLnNlZWVkL2FwaS9zZXJ2aWNlbWFuYWdlci8xLjAuMCIsImh0dHA6Ly93c28yLm9yZy9jbGFpbXMvdmVyc2lvbiI6IjEuMC4wIiwiaHR0cDovL3dzbzIub3JnL2NsYWltcy90aWVyIjoiVW5saW1pdGVkIiwiaHR0cDovL3dzbzIub3JnL2NsYWltcy9rZXl0eXBlIjoiUFJPRFVDVElPTiIsImh0dHA6Ly93c28yLm9yZy9jbGFpbXMvdXNlcnR5cGUiOiJBUFBMSUNBVElPTl9VU0VSIiwiaHR0cDovL3dzbzIub3JnL2NsYWltcy9lbmR1c2VyIjoiZ2F0ZXdheVVzZXJAb3BlcmF0b3Iuc2VlZWQiLCJodHRwOi8vd3NvMi5vcmcvY2xhaW1zL2VuZHVzZXJUZW5hbnRJZCI6IjIiLCJodHRwOi8vd3NvMi5vcmcvY2xhaW1zL2VtYWlsYWRkcmVzcyI6ImdhdGV3YXlVc2VyQHNwYXJraW5kYXRhLmNvbSIsImh0dHA6Ly93c28yLm9yZy9jbGFpbXMvZnVsbG5hbWUiOiJnYXRld2F5VXNlciIsImh0dHA6Ly93c28yLm9yZy9jbGFpbXMvZ2l2ZW5uYW1lIjoiZ2F0ZXdheVVzZXIiLCJodHRwOi8vd3NvMi5vcmcvY2xhaW1zL2lkZW50aXR5L2FjY291bnRMb2NrZWQiOiJmYWxzZSIsImh0dHA6Ly93c28yLm9yZy9jbGFpbXMvbGFzdG5hbWUiOiJnYXRld2F5VXNlciIsImh0dHA6Ly93c28yLm9yZy9jbGFpbXMvcm9sZSI6IkFkbWluaXN0cmF0b3IsSW50ZXJuYWwvZXZlcnlvbmUiLCJodHRwOi8vd3NvMi5vcmcvY2xhaW1zL3VzZXJuYW1lIjoiZ2F0ZXdheVVzZXIifQ.J2VvP0IZYhs-tQtc5cY2omnA9LfE6jIwbrrjrnuaa406OLsQ1J2mvJcbRkyggD_RyHm0td2JDNhQRpicP5LS1FwhBSVZZEtOcKe5mm8OJOIUMkT7biitZA7LdfjgUvxPSRE9wzzBZi9eCNF53Bs6laTBDWCU_Uj7XN5w0qcFAyE
assertion: eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsIng1dCI6IlpESTNOVE5sWWpFMVpEZzNNMlJsTWpreFptTmtZV1prWldWaE1qaG1aamN6WWpoa00yWTVNUSJ9.eyJpc3MiOiJ3c28yLm9yZy9wcm9kdWN0cy9hbSIsImV4cCI6MTQ3ODY4NjgyNTg2NiwiaHR0cDovL3dzbzIub3JnL2NsYWltcy9zdWJzY3JpYmVyIjoic3Vic2NyaWJlckBvcGVyYXRvci5zZWVlZCIsImh0dHA6Ly93c28yLm9yZy9jbGFpbXMvYXBwbGljYXRpb25pZCI6IjIiLCJodHRwOi8vd3NvMi5vcmcvY2xhaW1zL2FwcGxpY2F0aW9ubmFtZSI6IlNwYXJrSW5EYXRhR1ciLCJodHRwOi8vd3NvMi5vcmcvY2xhaW1zL2FwcGxpY2F0aW9udGllciI6IlVubGltaXRlZCIsImh0dHA6Ly93c28yLm9yZy9jbGFpbXMvYXBpY29udGV4dCI6Ii90L29wZXJhdG9yLnNlZWVkL2FwaS9zZXJ2aWNlbWFuYWdlci8xLjAuMCIsImh0dHA6Ly93c28yLm9yZy9jbGFpbXMvdmVyc2lvbiI6IjEuMC4wIiwiaHR0cDovL3dzbzIub3JnL2NsYWltcy90aWVyIjoiVW5saW1pdGVkIiwiaHR0cDovL3dzbzIub3JnL2NsYWltcy9rZXl0eXBlIjoiUFJPRFVDVElPTiIsImh0dHA6Ly93c28yLm9yZy9jbGFpbXMvdXNlcnR5cGUiOiJBUFBMSUNBVElPTl9VU0VSIiwiaHR0cDovL3dzbzIub3JnL2NsYWltcy9lbmR1c2VyIjoiZ2F0ZXdheVVzZXJAb3BlcmF0b3Iuc2VlZWQiLCJodHRwOi8vd3NvMi5vcmcvY2xhaW1zL2VuZHVzZXJUZW5hbnRJZCI6IjIiLCJodHRwOi8vd3NvMi5vcmcvY2xhaW1zL2VtYWlsYWRkcmVzcyI6ImdhdGV3YXlVc2VyQHNwYXJraW5kYXRhLmNvbSIsImh0dHA6Ly93c28yLm9yZy9jbGFpbXMvZnVsbG5hbWUiOiJnYXRld2F5VXNlciIsImh0dHA6Ly93c28yLm9yZy9jbGFpbXMvZ2l2ZW5uYW1lIjoiZ2F0ZXdheVVzZXIiLCJodHRwOi8vd3NvMi5vcmcvY2xhaW1zL2lkZW50aXR5L2FjY291bnRMb2NrZWQiOiJmYWxzZSIsImh0dHA6Ly93c28yLm9yZy9jbGFpbXMvbGFzdG5hbWUiOiJnYXRld2F5VXNlciIsImh0dHA6Ly93c28yLm9yZy9jbGFpbXMvcm9sZSI6IkFkbWluaXN0cmF0b3IsSW50ZXJuYWwvZXZlcnlvbmUiLCJodHRwOi8vd3NvMi5vcmcvY2xhaW1zL3VzZXJuYW1lIjoiZ2F0ZXdheVVzZXIifQ.J2VvP0IZYhs-tQtc5cY2omnA9LfE6jIwbrrjrnuaa406OLsQ1J2mvJcbRkyggD_RyHm0td2JDNhQRpicP5LS1FwhBSVZZEtOcKe5mm8OJOIUMkT7biitZA7LdfjgUvxPSRE9wzzBZi9eCNF53Bs6laTBDWCU_Uj7XN5w0qcFAyE
userAgent: "marketgw-1.0.0-RC3"
Accept-Encoding: gzip, deflate
userID: [email protected]
Content-Type: application/json; charset=UTF-8; charset=UTF-8
Transfer-Encoding: chunked
Host: services-manager-2.default:80
Connection: Keep-Alive
User-Agent: Synapse-PT-HttpComponents-NIO

As you can see, the API Manager dumps the query string (?applicationID=47ec2d04-8969-40ee-a533-2807965914aa) when forwarding the request:

POST http://apimanager.sid-sec:8280/t/operator.seeed/api/servicemanager/1.0.0/deployments?applicationID=47ec2d04-8969-40ee-a533-2807965914aa

# gets changed to

POST /api/servicemanager/1.0.0/deployments

Request that does work

Trace produced with the following cURL request:

curl -X POST \
    -H "userID: [email protected]" \
    -H "userGroups: group-public" \
    -H "Authorization: Bearer 7e553f59d4bcfc31c1a385d6d73f9cfe" \
    -H "Accept-Encoding: gzip, deflate" \
    -H 'userAgent: "marketgw-1.0.0-RC3"'\
    -H "Content-Type: application/json; charset=UTF-8" \
    -d "toto"\
    http://apimanager.sid-sec:8280/t/operator.seeed/api/servicemanager/1.0.0/deployments?applicationID=47ec2d04-8969-40ee-a533-2807965914aa

tcpdump trace:

# Incoming request

10:38:08.469938 IP 10.254.78.0.50584 > api-manager-rc-9ba3b.8280: Flags [P.], seq 1:439, ack 1, win 221, options [nop,nop,TS val 1608637675 ecr 1608637764], length 438

POST /t/operator.seeed/api/servicemanager/1.0.0/deployments?applicationID=47ec2d04-8969-40ee-a533-2807965914aa HTTP/1.1
User-Agent: curl/7.38.0
Host: apimanager.sid-sec:8280
Accept: */*
userID: [email protected]
userGroups: group-public
Authorization: Bearer 7e553f59d4bcfc31c1a385d6d73f9cfe
Accept-Encoding: gzip, deflate
userAgent: "marketgw-1.0.0-RC3"
Content-Type: application/json; charset=UTF-8
Content-Length: 4


# Outgoing request

10:38:08.602825 IP api-manager-rc-9ba3b.45728 > 10.10.10.237.http: Flags [P.], seq 1:4318, ack 1, win 221, options [nop,nop,TS val 1608637898 ecr 1608637959], length 4317

POST /api/servicemanager/1.0.0/deployments?applicationID=47ec2d04-8969-40ee-a533-2807965914aa HTTP/1.1
userGroups: group-public
X-JWT-Assertion: eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsIng1dCI6IlpESTNOVE5sWWpFMVpEZzNNMlJsTWpreFptTmtZV1prWldWaE1qaG1aamN6WWpoa00yWTVNUSJ9.eyJpc3MiOiJ3c28yLm9yZy9wcm9kdWN0cy9hbSIsImV4cCI6MTQ3ODY4Nzk1MDUzMywiaHR0cDovL3dzbzIub3JnL2NsYWltcy9zdWJzY3JpYmVyIjoic3Vic2NyaWJlckBvcGVyYXRvci5zZWVlZCIsImh0dHA6Ly93c28yLm9yZy9jbGFpbXMvYXBwbGljYXRpb25pZCI6IjIiLCJodHRwOi8vd3NvMi5vcmcvY2xhaW1zL2FwcGxpY2F0aW9ubmFtZSI6IlNwYXJrSW5EYXRhR1ciLCJodHRwOi8vd3NvMi5vcmcvY2xhaW1zL2FwcGxpY2F0aW9udGllciI6IlVubGltaXRlZCIsImh0dHA6Ly93c28yLm9yZy9jbGFpbXMvYXBpY29udGV4dCI6Ii90L29wZXJhdG9yLnNlZWVkL2FwaS9zZXJ2aWNlbWFuYWdlci8xLjAuMCIsImh0dHA6Ly93c28yLm9yZy9jbGFpbXMvdmVyc2lvbiI6IjEuMC4wIiwiaHR0cDovL3dzbzIub3JnL2NsYWltcy90aWVyIjoiVW5saW1pdGVkIiwiaHR0cDovL3dzbzIub3JnL2NsYWltcy9rZXl0eXBlIjoiUFJPRFVDVElPTiIsImh0dHA6Ly93c28yLm9yZy9jbGFpbXMvdXNlcnR5cGUiOiJBUFBMSUNBVElPTiIsImh0dHA6Ly93c28yLm9yZy9jbGFpbXMvZW5kdXNlciI6InN1YnNjcmliZXJAb3BlcmF0b3Iuc2VlZWQiLCJodHRwOi8vd3NvMi5vcmcvY2xhaW1zL2VuZHVzZXJUZW5hbnRJZCI6IjIiLCJodHRwOi8vd3NvMi5vcmcvY2xhaW1zL2VtYWlsYWRkcmVzcyI6InN1YnNjcmliZXJAc3BhcmtpbmRhdGEuY29tIiwiaHR0cDovL3dzbzIub3JnL2NsYWltcy9mdWxsbmFtZSI6InN1YnNjcmliZXIiLCJodHRwOi8vd3NvMi5vcmcvY2xhaW1zL2dpdmVubmFtZSI6InN1YnNjcmliZXIiLCJodHRwOi8vd3NvMi5vcmcvY2xhaW1zL2lkZW50aXR5L2FjY291bnRMb2NrZWQiOiJmYWxzZSIsImh0dHA6Ly93c28yLm9yZy9jbGFpbXMvbGFzdG5hbWUiOiJzdWJzY3JpYmVyIiwiaHR0cDovL3dzbzIub3JnL2NsYWltcy9yb2xlIjoiQXBwbGljYXRpb24vc3Vic2NyaWJlcl9EZWZhdWx0QXBwbGljYXRpb25fUFJPRFVDVElPTixBcHBsaWNhdGlvbi9zdWJzY3JpYmVyX3RvdG9fUFJPRFVDVElPTixzdWJzY3JpYmVyLEFwcGxpY2F0aW9uL3N1YnNjcmliZXJfU3BhcmtJbkRhdGFHV19QUk9EVUNUSU9OLEludGVybmFsL2V2ZXJ5b25lLEFwcGxpY2F0aW9uL3N1YnNjcmliZXJfdGVzdF9TQU5EQk9YLEFwcGxpY2F0aW9uL3N1YnNjcmliZXJfdGVzdF9QUk9EVUNUSU9OIiwiaHR0cDovL3dzbzIub3JnL2NsYWltcy91c2VybmFtZSI6InN1YnNjcmliZXIifQ.eqouBE9UDMM0sHRi1O9BA2sDOL7M_svmF3ZRboJM7za9CVTZIpg7eWu1bWQrUjk6I88nFD3QsK0PyrG7Rn15jYRvm-NNTg1ONFZ_7nkwBI9JsShdgsipayhl0mSMwK1vyaIY5pUlB8v10Xsyq_28e3N0oGYAbKZHZSd95eIe4QY
Accept: */*
assertion: eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsIng1dCI6IlpESTNOVE5sWWpFMVpEZzNNMlJsTWpreFptTmtZV1prWldWaE1qaG1aamN6WWpoa00yWTVNUSJ9.eyJpc3MiOiJ3c28yLm9yZy9wcm9kdWN0cy9hbSIsImV4cCI6MTQ3ODY4Nzk1MDUzMywiaHR0cDovL3dzbzIub3JnL2NsYWltcy9zdWJzY3JpYmVyIjoic3Vic2NyaWJlckBvcGVyYXRvci5zZWVlZCIsImh0dHA6Ly93c28yLm9yZy9jbGFpbXMvYXBwbGljYXRpb25pZCI6IjIiLCJodHRwOi8vd3NvMi5vcmcvY2xhaW1zL2FwcGxpY2F0aW9ubmFtZSI6IlNwYXJrSW5EYXRhR1ciLCJodHRwOi8vd3NvMi5vcmcvY2xhaW1zL2FwcGxpY2F0aW9udGllciI6IlVubGltaXRlZCIsImh0dHA6Ly93c28yLm9yZy9jbGFpbXMvYXBpY29udGV4dCI6Ii90L29wZXJhdG9yLnNlZWVkL2FwaS9zZXJ2aWNlbWFuYWdlci8xLjAuMCIsImh0dHA6Ly93c28yLm9yZy9jbGFpbXMvdmVyc2lvbiI6IjEuMC4wIiwiaHR0cDovL3dzbzIub3JnL2NsYWltcy90aWVyIjoiVW5saW1pdGVkIiwiaHR0cDovL3dzbzIub3JnL2NsYWltcy9rZXl0eXBlIjoiUFJPRFVDVElPTiIsImh0dHA6Ly93c28yLm9yZy9jbGFpbXMvdXNlcnR5cGUiOiJBUFBMSUNBVElPTiIsImh0dHA6Ly93c28yLm9yZy9jbGFpbXMvZW5kdXNlciI6InN1YnNjcmliZXJAb3BlcmF0b3Iuc2VlZWQiLCJodHRwOi8vd3NvMi5vcmcvY2xhaW1zL2VuZHVzZXJUZW5hbnRJZCI6IjIiLCJodHRwOi8vd3NvMi5vcmcvY2xhaW1zL2VtYWlsYWRkcmVzcyI6InN1YnNjcmliZXJAc3BhcmtpbmRhdGEuY29tIiwiaHR0cDovL3dzbzIub3JnL2NsYWltcy9mdWxsbmFtZSI6InN1YnNjcmliZXIiLCJodHRwOi8vd3NvMi5vcmcvY2xhaW1zL2dpdmVubmFtZSI6InN1YnNjcmliZXIiLCJodHRwOi8vd3NvMi5vcmcvY2xhaW1zL2lkZW50aXR5L2FjY291bnRMb2NrZWQiOiJmYWxzZSIsImh0dHA6Ly93c28yLm9yZy9jbGFpbXMvbGFzdG5hbWUiOiJzdWJzY3JpYmVyIiwiaHR0cDovL3dzbzIub3JnL2NsYWltcy9yb2xlIjoiQXBwbGljYXRpb24vc3Vic2NyaWJlcl9EZWZhdWx0QXBwbGljYXRpb25fUFJPRFVDVElPTixBcHBsaWNhdGlvbi9zdWJzY3JpYmVyX3RvdG9fUFJPRFVDVElPTixzdWJzY3JpYmVyLEFwcGxpY2F0aW9uL3N1YnNjcmliZXJfU3BhcmtJbkRhdGFHV19QUk9EVUNUSU9OLEludGVybmFsL2V2ZXJ5b25lLEFwcGxpY2F0aW9uL3N1YnNjcmliZXJfdGVzdF9TQU5EQk9YLEFwcGxpY2F0aW9uL3N1YnNjcmliZXJfdGVzdF9QUk9EVUNUSU9OIiwiaHR0cDovL3dzbzIub3JnL2NsYWltcy91c2VybmFtZSI6InN1YnNjcmliZXIifQ.eqouBE9UDMM0sHRi1O9BA2sDOL7M_svmF3ZRboJM7za9CVTZIpg7eWu1bWQrUjk6I88nFD3QsK0PyrG7Rn15jYRvm-NNTg1ONFZ_7nkwBI9JsShdgsipayhl0mSMwK1vyaIY5pUlB8v10Xsyq_28e3N0oGYAbKZHZSd95eIe4QY
userAgent: "marketgw-1.0.0-RC3"
Accept-Encoding: gzip, deflate
userID: [email protected]
Content-Type: application/json; charset=UTF-8; charset=UTF-8
Transfer-Encoding: chunked
Host: services-manager-2.default:80
Connection: Keep-Alive
User-Agent: Synapse-PT-HttpComponents-NIO

4
toto

Analysis

It turns out that when the host address is present in the Request Target, the API Manager performs some extraction (to separate the host from the REST path and other things), but somehow "forgets" to extract the query parameters.

# works
POST /t/operator.seeed/api/servicemanager/1.0.0/deployments?applicationID=47ec2d04-8969-40ee-a533-2807965914aa

# does not work
POST http://apimanager.sid-sec:8280/t/operator.seeed/api/servicemanager/1.0.0/deployments?applicationID=47ec2d04-8969-40ee-a533-2807965914aa

Definition of the Request Target: RFC 7230 - section 5.3

So the exact description of the bug is that the API Manager does not support absolute-form Request Targets (only origin-form).

Please refer the following issue for more details

Is it possible to test and verify API Manager (2.1) with postgresql latest verison ( 9.6.x )

Blacklist condition/Block conditions in APIM 2.1.0 were limited to
-API Context,
-User
-Application
-Single IP

As an improvement IP range should be added to make blacklist/block conditions. When you provide starting IP and ending IP, those two IPs should be validated and added as block condition.

I think it would be outstanding to manage my published API as IaC so when my app changes in continuous delivery, so could the published API... and to limit the time in the web gui.

Terraform is a choice provisioner. Is WSO2 interested in creating an official Terraform Provider for APIM?

I run wso2 apim 2.0.1 snapshot on windows, and when i modify subscription tier and save, it report below exception, and although the bill plan changed , but the API still display FREE label.

 [2016-08-12 15:30:02,504] ERROR - EventProcessorAdminService Error while deleting the execution plan file
org.wso2.carbon.event.processor.core.exception.ExecutionPlanConfigurationException: Error while deleting the execution plan file
        at org.wso2.carbon.event.processor.core.internal.util.EventProcessorConfigurationFilesystemInvoker.delete(EventProcessorConfigurationFilesystemInvoker.java:124)
        at org.wso2.carbon.event.processor.core.internal.CarbonEventProcessorService.editActiveExecutionPlan(CarbonEventProcessorService.java:168)
        at org.wso2.carbon.event.processor.admin.EventProcessorAdminService.editActiveExecutionPlan(EventProcessorAdminService.java:94)
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
        at java.lang.reflect.Method.invoke(Method.java:497)
        at org.apache.axis2.rpc.receivers.RPCUtil.invokeServiceClass(RPCUtil.java:212)
        at org.apache.axis2.rpc.receivers.RPCMessageReceiver.invokeBusinessLogic(RPCMessageReceiver.java:117)
        at org.apache.axis2.receivers.AbstractInOutMessageReceiver.invokeBusinessLogic(AbstractInOutMessageReceiver.java:40)
        at org.apache.axis2.receivers.AbstractMessageReceiver.receive(AbstractMessageReceiver.java:110)
        at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:180)
        at org.apache.axis2.transport.http.HTTPTransportUtils.processHTTPPostRequest(HTTPTransportUtils.java:173)
        at org.apache.axis2.transport.http.AxisServlet.doPost(AxisServlet.java:146)
        at org.wso2.carbon.core.transports.CarbonServlet.doPost(CarbonServlet.java:231)
        at javax.servlet.http.HttpServlet.service(HttpServlet.java:650)
        at javax.servlet.http.HttpServlet.service(HttpServlet.java:731)
        at org.eclipse.equinox.http.servlet.internal.ServletRegistration.service(ServletRegistration.java:61)
        at org.eclipse.equinox.http.servlet.internal.ProxyServlet.processAlias(ProxyServlet.java:128)
        at org.eclipse.equinox.http.servlet.internal.ProxyServlet.service(ProxyServlet.java:68)
        at javax.servlet.http.HttpServlet.service(HttpServlet.java:731)
        at org.wso2.carbon.tomcat.ext.servlet.DelegationServlet.service(DelegationServlet.java:68)
        at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:303)
        at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
        at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)
        at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
        at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
        at org.owasp.csrfguard.CsrfGuardFilter.doFilter(CsrfGuardFilter.java:88)
        at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
        at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
        at org.wso2.carbon.ui.filters.CSRFPreventionFilter.doFilter(CSRFPreventionFilter.java:88)
        at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
        at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
        at org.wso2.carbon.ui.filters.CRLFPreventionFilter.doFilter(CRLFPreventionFilter.java:59)
        at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
        at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
        at org.wso2.carbon.tomcat.ext.filter.CharacterSetFilter.doFilter(CharacterSetFilter.java:61)
        at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
        at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
        at org.apache.catalina.filters.HttpHeaderSecurityFilter.doFilter(HttpHeaderSecurityFilter.java:120)
        at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
        at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
        at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:220)
        at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:122)
        at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:505)
        at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:169)
        at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:103)
        at org.wso2.carbon.tomcat.ext.valves.CompositeValve.continueInvocation(CompositeValve.java:99)
        at org.wso2.carbon.tomcat.ext.valves.CarbonTomcatValve$1.invoke(CarbonTomcatValve.java:47)
        at org.wso2.carbon.webapp.mgt.TenantLazyLoaderValve.invoke(TenantLazyLoaderValve.java:57)
        at org.wso2.carbon.event.receiver.core.internal.tenantmgt.TenantLazyLoaderValve.invoke(TenantLazyLoaderValve.java:48)
        at org.wso2.carbon.tomcat.ext.valves.TomcatValveContainer.invokeValves(TomcatValveContainer.java:47)
        at org.wso2.carbon.tomcat.ext.valves.CompositeValve.invoke(CompositeValve.java:62)
        at org.wso2.carbon.tomcat.ext.valves.CarbonStuckThreadDetectionValve.invoke(CarbonStuckThreadDetectionValve.java:159)
        at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:956)
        at org.wso2.carbon.tomcat.ext.valves.CarbonContextCreatorValve.invoke(CarbonContextCreatorValve.java:57)
        at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:116)
        at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:436)
        at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1078)
        at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:625)
        at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1749)
        at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.run(NioEndpoint.java:1708)
        at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
        at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
        at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
        at java.lang.Thread.run(Thread.java:745)
Caused by: java.nio.file.InvalidPathException: Illegal char <:> at index 2: /D:/emman/PROJECT/AA/apimgmt/wso2am-2.0.1-SNAPSHOT/repository/deployment/server/\executionplans
        at sun.nio.fs.WindowsPathParser.normalize(WindowsPathParser.java:182)
        at sun.nio.fs.WindowsPathParser.parse(WindowsPathParser.java:153)
        at sun.nio.fs.WindowsPathParser.parse(WindowsPathParser.java:77)
        at sun.nio.fs.WindowsPath.parse(WindowsPath.java:94)
        at sun.nio.fs.WindowsFileSystem.getPath(WindowsFileSystem.java:255)
        at java.nio.file.Paths.get(Paths.java:84)
        at org.wso2.carbon.event.processor.core.internal.util.EventProcessorUtil.validateFilePath(EventProcessorUtil.java:387)
        at org.wso2.carbon.event.processor.core.internal.util.EventProcessorConfigurationFilesystemInvoker.delete(EventProcessorConfigurationFilesystemInvoker.j
ava:109)
        ... 65 more
[2016-08-12 15:30:02,539] ERROR - ThrottlePolicyDeploymentManager Error while deploying policy to global policy server.Error while deleting the execution plan file
[2016-08-12 15:30:02,541]  INFO - subscription-policy-edit:jag SubscriptionPolicy [policyName=Gold, description=Allows 5000 requests per minute, defaultQuotaPolicy=QuotaPolicy [type=requestCount, limit=RequestCountLimit [requestCount=5000,
toString()=Limit [timeUnit=min, unitTime=1]]]rateLimitCount=-1, tenantId=-1234,ratelimitTimeUnit=NA]

We need to put info log on $subject. If its retrying.... it should also print some info logs.

There are no carbon.apimgt.version=5.0.5-SNAPSHOT, but after i changed to use 5.0.4, it reported below issue:

[INFO] --- carbon-p2-plugin:1.5.4:p2-profile-gen (p2-profile-generation-for-api-key-manager-profile) @ am-p2-profile ---
...
Installation failed.The installable unit org.wso2.carbon.apimgt.keymanager.feature.group/5.0.4 has not been found.

Application failed, log file location: D:\java-dev-tools\Maven\repository\org\eclipse\tycho\tycho-p2-runtime\0.13.0\eclipse\configuration\1469763788983.log

Hello,

I would like to know how the call mediator works??

Is it able to really call external API?

Currently cannot update the document source type. It logs error if tried. (In 2.1.0 too this was allowed.)

We need to use Carbon Metrics and add useful metrics in the WSO2 API Manager to understand runtime behavior.

Hello,

I made a french translation of the API manage store.

I would like to make the community benefit from this translation by integrating it into the deliverable of the api manager. However, after retrieving several GIT repositories I can not find where to drop those files (locale_fr.json and i18nResources_fr.json ).

Could you tell me in which GIT repository and in which directory I can push these files?

Thank you.

Regards,

Fabien T

I want

The Lifecycle state change denoted is incorrect as it denote the opposite of the state change.

• Changing LC from Undefined to created is denoted as Changing LC from created to undefined.
• Changing LC from Created to Published is denoted as Changing LC form Published to created.

Please see the below snapshot for more details.

I'm currently test driving WSO2 API Manager 2.0.0. I'm trying to save changes to the Advanced Endpoint Configuration under step 2 of the API creation (from the publishing portal), but I'm not seeing the changes being saved. You can access the Advanced Endpoint Configuration by clicking the "setting" icon either in Production Endpoint row or Sandbox Endpoint row.