On Sun, May 19, 2013 at 8:46 PM, Afkham Azeez <az...@wso2.com> wrote:
>
>
> On Mon, May 20, 2013 at 8:04 AM, Supun Malinga <sup...@wso2.com> wrote:
>
>> Hi Guys,
>>
>> For C5 I think we need to permanently fix the CC related issues. This
>> includes both the API related issues we have and the user level issues that
>> pops up time to time like this. Please make sure we achieve that.
>>
>
> This can't wait until C5. It has to be fixed ASAP.
>
Yup true, from what I have seen at time ThreadLocal CC works as expected
and other times CC based on MessageContext seems to be the right way.
Having toiled with the CC API from time to time, I still am not always
quite sure when to use what or if its the correct/expected behavior etc .!
During the last Stratos release Sinthuja did some changes to give priority
to ThreadLocal CC (after discussing with the team of course) but we
ultimately had to revert it because certain aspects were broken (login with
Basic Auth - discussion at - "[Dev] UserRegistry sends null to
JDBCAuthorizationManager"). Bottom line is the CC API is not as robust as
we would like it to be, we should put some thought into getting the API
cleaned up. One major issue when it comes tinkering with CC API is that its
crosscutting nature and some issue showing up only for very specific cases.
Anyway we need to give it some thought, in C5 at the very least.
>
>>
>> thanks,
>>
>>
>> On Tue, May 14, 2013 at 6:14 PM, Sanjeewa Malalgoda <sanje...@wso2.com>wrote:
>>
>>> This issue happens because of the way we retrieve tenant id from message
>>> context. After getting it from thread local carbon context everything
>>> worked as expected. Thanks azeez for your help to sort this out.
>>>
>>>
>>> PrivilegedCarbonContext.getCurrentContext(messageContext).getTenantDomain()
>>>
>>> Changed as
>>>
>>> PrivilegedCarbonContext.getThreadLocalCarbonContext().getTenantDomain()
>>>
>>>
>>> Thanks
>>> Sanjeewa
>>>
>>>
>>> On Tue, May 14, 2013 at 10:20 AM, Sanjeewa Malalgoda
>>> <sanje...@wso2.com>wrote:
>>>
>>>> Any update on this please.
>>>>
>>>>
>>>> On Mon, May 13, 2013 at 6:58 PM, Sanjeewa Malalgoda
>>>> <sanje...@wso2.com>wrote:
>>>>
>>>>> HI All,
>>>>> In api manager publisher we publish APIs to gateway node(separate API
>>>>> manager node). After we logged in to API publisher node we can create new
>>>>> API and publish it to gateway. Problem happens only when we publish API
>>>>> for
>>>>> first time. When error occurs i can see following log at gateway node. No
>>>>> any other logs at gateway.
>>>>>
>>>>> WARN - ActivationHandler Failed attempt to access WSO2 API Manager by
>>>>> tenant 1
>>>>>
>>>>> Inside activation handler invoke method following code block get
>>>>> executes. Ideally it should return as call gateway node with super tenant
>>>>> admin credentials. But i can see 2 times tenant ID comes and super tenant
>>>>> id and 3rd time its tenant id of API creator.
>>>>>
>>>>> if (tenantId == MultitenantConstants.SUPER_TENANT_ID) {
>>>>> log.debug("Granted access for super tenant");
>>>>> return InvocationResponse.CONTINUE;
>>>>> }
>>>>>
>>>>> We deploy API by using rest API admin client. There we execute
>>>>> following code block. Tenant domain pass along with admin service call and
>>>>> used by rest API admin client.
>>>>>
>>>>> try {
>>>>> PrivilegedCarbonContext.startTenantFlow();
>>>>>
>>>>> PrivilegedCarbonContext.getThreadLocalCarbonContext().setTenantDomain(tenantDomain,
>>>>>
>>>>> true);
>>>>> APIData data = getApiByName(apiName);
>>>>> return data;
>>>>> } finally {
>>>>> PrivilegedCarbonContext.endTenantFlow();
>>>>> }
>>>>>
>>>>> These components are widely used in other products as well. Please
>>>>> note that this happens only at very first deployment call and we cant see
>>>>> it after that(until restart server). This is a blocker for upcoming API
>>>>> manager release. Here we have 2 options.
>>>>> 01. forcefully activate tenant in gateway node.
>>>>> 02. Avoid set tenant id in activation handler.
>>>>>
>>>>> What is the purpose of having this activation handler? I can recall
>>>>> sometimes back we decided to activate all services for all tenants. WDYT?
>>>>>
>>>>> Thanks,
>>>>> Sanjeewa.
>>>>>
>>>>> --
>>>>> *Sanjeewa Malalgoda*
>>>>> WSO2 Inc.
>>>>> Mobile : +14084122175 | +94713068779
>>>>>
>>>>> <http://sanjeewamalalgoda.blogspot.com/>blog
>>>>> :http://sanjeewamalalgoda.blogspot.com/<http://sanjeewamalalgoda.blogspot.com/>
>>>>>
>>>>
>>>>
>>>>
>>>> --
>>>> *Sanjeewa Malalgoda*
>>>> WSO2 Inc.
>>>> Mobile : +14084122175 | +94713068779
>>>>
>>>> <http://sanjeewamalalgoda.blogspot.com/>blog
>>>> :http://sanjeewamalalgoda.blogspot.com/<http://sanjeewamalalgoda.blogspot.com/>
>>>>
>>>
>>>
>>>
>>> --
>>> *Sanjeewa Malalgoda*
>>> WSO2 Inc.
>>> Mobile : +14084122175 | +94713068779
>>>
>>> <http://sanjeewamalalgoda.blogspot.com/>blog
>>> :http://sanjeewamalalgoda.blogspot.com/<http://sanjeewamalalgoda.blogspot.com/>
>>>
>>> _______________________________________________
>>> Dev mailing list
>>> Dev@wso2.org
>>> http://wso2.org/cgi-bin/mailman/listinfo/dev
>>>
>>>
>>
>>
>> --
>> Supun Malinga,
>>
>
>
>
> --
> *Afkham Azeez*
> Director of Architecture; WSO2, Inc.; http://wso2.com
> Member; Apache Software Foundation; http://www.apache.org/
> * <http://www.apache.org/>**
> email: **az...@wso2.com* <az...@wso2.com>* cell: +94 77 3320919
> blog: **http://blog.afkham.org* <http://blog.afkham.org>*
> twitter: **http://twitter.com/afkham_azeez*<http://twitter.com/afkham_azeez>
> *
> linked-in: **http://lk.linkedin.com/in/afkhamazeez*
> *
> *
> *Lean . Enterprise . Middleware*
>
> _______________________________________________
> Dev mailing list
> Dev@wso2.org
> http://wso2.org/cgi-bin/mailman/listinfo/dev
>
>
--
Thanks,
Shariq.
Phone: +94 777 202 225
_______________________________________________
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev
