【问题标题】:External DataSources not working with secured WSO2 DSS 3.2.2外部数据源不适用于安全的 WSO2 DSS 3.2.2
【发布时间】:2018-12-31 10:05:35
【问题描述】:

以下是在 WSO2_DSS_3.2.2 中部署为数据服务的示例 dbs 文件

<data name="login" serviceNamespace="www.abc.com/services/security" transports="http https">
  <description>security service</description>
  <config id="a_security">
    <property name="carbon_datasource_name">sample-ds</property>
  </config>
  <query id="login" useConfig="a_security">
     ...
  </query>
  <operation name="login">
    <call-query href="login">
       ...
    </call-query>
  </operation>
  <resource method="POST" path="login">
     ...
  </resource>
</data>

并且sample-ds 是从管理控制台设置的(它保存在注册表中)。这在新的 DSS 中运行良好,但是当我使用 DSS 应用证书时,它会出现以下错误。我尝试了几个新的 DSS 副本,但在应用证书时也会发生同样的情况。

ERROR {org.wso2.carbon.ndatasource.core.DataSourceRepository} -  Error in updating data source [remove:false] at path '/repository/components/org.wso2.carbon.ndatasource/mdl-psm-ds': Error in updating data source 'mdl-psm-ds' from registry [remove:false]: Error in secure load of data source meta info: errorDuringDecryption
org.wso2.carbon.ndatasource.common.DataSourceException: Error in updating data source 'mdl-psm-ds' from registry [remove:false]: Error in secure load of data source meta info: errorDuringDecryption
        at org.wso2.carbon.ndatasource.core.DataSourceRepository.updateDataSource(DataSourceRepository.java:186)
        at org.wso2.carbon.ndatasource.core.DataSourceRepository.updateAllUserDataSource(DataSourceRepository.java:135)
        at org.wso2.carbon.ndatasource.core.DataSourceRepository.refreshAllUserDataSources(DataSourceRepository.java:115)
        at org.wso2.carbon.ndatasource.core.DataSourceRepository.initRepository(DataSourceRepository.java:92)
        at org.wso2.carbon.ndatasource.core.DataSourceManager.initTenant(DataSourceManager.java:92)
        at org.wso2.carbon.ndatasource.core.internal.DataSourceServiceComponent.initSuperTenantUserDataSources(DataSourceServiceComponent.java:189)
        at org.wso2.carbon.ndatasource.core.internal.DataSourceServiceComponent.checkInitTenantUserDataSources(DataSourceServiceComponent.java:180)
        at org.wso2.carbon.ndatasource.core.internal.DataSourceServiceComponent.setRegistryService(DataSourceServiceComponent.java:131)
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
        at java.lang.reflect.Method.invoke(Method.java:606)

【问题讨论】:

    标签: wso2 wso2dss


    【解决方案1】:

    原因是与数据源相关的注册表数据已从以前的密钥加密并尝试使用新密钥解密。要解决此问题,您可以在服务器启动后重新配置同名的数据源。然后datasouce密码将使用新证书再次加密。

    【讨论】:

    • 感谢您的回复,我会检查:)
    【解决方案2】:

    如果主要错误是Caused by: org.wso2.carbon.core.util.CryptoException: A crypto service implementation has not been registered.,则将以下组件类添加到org.wso2.carbon.core项目中:

    package org.wso2.carbon.core.internal;
    
    import org.apache.commons.logging.Log;
    import org.apache.commons.logging.LogFactory;
    import org.osgi.service.component.ComponentContext;
    import org.wso2.carbon.crypto.api.CryptoService;
    
    /**
     * @scr.component name="carbon.core.dshcomponent" immediate="true"
     * @scr.reference name="carbonCryptoService" interface="org.wso2.carbon.crypto.api.CryptoService"
     * cardinality="0..1" policy="dynamic"  bind="setCarbonCryptoService" unbind="unsetCarbonCryptoService"
      */
    public class CarbonCoreDataHolderHelperComponent {
    
        private static Log log = LogFactory.getLog(CarbonCoreDataHolderHelperComponent.class);
    
        private CarbonCoreDataHolder dataHolder = CarbonCoreDataHolder.getInstance();
    
        protected void activate(ComponentContext ctxt) {
    
        }
    
        protected void deactivate(ComponentContext ctxt) {
    
        }
    
        protected void setCarbonCryptoService(CryptoService cryptoService){
            if (log.isDebugEnabled()) {
                log.debug("crypto service loaded..");
            }
            dataHolder.setCryptoService(cryptoService);
        }
    
        protected void unsetCarbonCryptoService(CryptoService cryptoService){
            dataHolder.setCryptoService(null);
            if (log.isDebugEnabled()) {
                log.debug("crypto service unloaded..");
            }
        }
    
    }
    

    此组件将在用户数据源初始化之前绑定加密服务。

    【讨论】:

      猜你喜欢
      • 1970-01-01
      • 1970-01-01
      • 1970-01-01
      • 1970-01-01
      • 1970-01-01
      • 1970-01-01
      • 1970-01-01
      • 1970-01-01
      • 1970-01-01
      相关资源
      最近更新 更多