Getting error when removing the defalt apiAuthentication handler and adding myCustomhandler, any idea?
(previously it was working fine but don't what is changed ) When i am removing the default handler from synapse configs and adding my custom handler it is giving this error
[2022-01-13 10:44:41,924] ERROR - ServerWorker Error processing POST request for : /dev/21.2/ext-rt/publish/TestTenant/SmooksProviderTranslation.csv.
java.lang.NullPointerException: null
at org.wso2.carbon.apimgt.gateway.handlers.throttling.ThrottleHandler.doRoleBasedAccessThrottlingWithCEP_aroundBody0(ThrottleHandler.java:193) ~[org.wso2.carbon.apimgt.gateway_6.7.206.jar:?]
at org.wso2.carbon.apimgt.gateway.handlers.throttling.ThrottleHandler.doRoleBasedAccessThrottlingWithCEP(ThrottleHandler.java:145) ~[org.wso2.carbon.apimgt.gateway_6.7.206.jar:?]
at org.wso2.carbon.apimgt.gateway.handlers.throttling.ThrottleHandler.doThrottle_aroundBody12(ThrottleHandler.java:585) ~[org.wso2.carbon.apimgt.gateway_6.7.206.jar:?]
at org.wso2.carbon.apimgt.gateway.handlers.throttling.ThrottleHandler.doThrottle(ThrottleHandler.java:562) ~[org.wso2.carbon.apimgt.gateway_6.7.206.jar:?]
at org.wso2.carbon.apimgt.gateway.handlers.throttling.ThrottleHandler.handleRequest_aroundBody8(ThrottleHandler.java:522) ~[org.wso2.carbon.apimgt.gateway_6.7.206.jar:?]
at org.wso2.carbon.apimgt.gateway.handlers.throttling.ThrottleHandler.handleRequest(ThrottleHandler.java:503) ~[org.wso2.carbon.apimgt.gateway_6.7.206.jar:?]
at org.apache.synapse.rest.API.process(API.java:373) ~[synapse-core_2.1.7.wso2v183.jar:2.1.7-wso2v183]
at org.apache.synapse.rest.RESTRequestHandler.apiProcessNonDefaultStrategy(RESTRequestHandler.java:144) ~[synapse-core_2.1.7.wso2v183.jar:2.1.7-wso2v183]
at org.apache.synapse.rest.RESTRequestHandler.identifyAPI(RESTRequestHandler.java:164) ~[synapse-core_2.1.7.wso2v183.jar:2.1.7-wso2v183]
at org.apache.synapse.rest.RESTRequestHandler.dispatchToAPI(RESTRequestHandler.java:95) ~[synapse-core_2.1.7.wso2v183.jar:2.1.7-wso2v183]
at org.apache.synapse.rest.RESTRequestHandler.process(RESTRequestHandler.java:73) ~[synapse-core_2.1.7.wso2v183.jar:2.1.7-wso2v183]
at org.apache.synapse.core.axis2.Axis2SynapseEnvironment.injectMessage(Axis2SynapseEnvironment.java:331) ~[synapse-core_2.1.7.wso2v183.jar:2.1.7-wso2v183]
at org.apache.synapse.core.axis2.SynapseMessageReceiver.receive(SynapseMessageReceiver.java:99) ~[synapse-core_2.1.7.wso2v183.jar:2.1.7-wso2v183]
at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:180) ~[axis2_1.6.1.wso2v41.jar:?]
at org.apache.synapse.transport.passthru.ServerWorker.processNonEntityEnclosingRESTHandler(ServerWorker.java:367) [synapse-nhttp-transport_2.1.7.wso2v183.jar:?]
at org.apache.synapse.transport.passthru.ServerWorker.processEntityEnclosingRequest(ServerWorker.java:426) [synapse-nhttp-transport_2.1.7.wso2v183.jar:?]
at org.apache.synapse.transport.passthru.ServerWorker.run(ServerWorker.java:181) [synapse-nhttp-transport_2.1.7.wso2v183.jar:?]
at org.apache.axis2.transport.base.threads.NativeWorkerPool$1.run(NativeWorkerPool.java:172) [axis2_1.6.1.wso2v41.jar:?]
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128) [?:?]
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628) [?:?]
at java.lang.Thread.run(Thread.java:834) [?:?]
Below is the authenticate() method from myCustomHandler.java class, which has the AuthenticationContext object
public boolean authenticate(MessageContext synCtx) throws APISecurityException {
Map headers = getTransportHeaders(synCtx);
String authHeader = getAuthorizationHeader(headers);
String postmanToken = getPostmanToken(headers);
String clientIP = "10.110.67.195";
org.apache.axis2.context.MessageContext axis2MessageContext = ((Axis2MessageContext) synCtx)
.getAxis2MessageContext();
AuthenticationContext authContext = new AuthenticationContext();
authContext.setAuthenticated(true);
// Can modify to support scopes based throttle policy selection
authContext.setTier(APIConstants.UNLIMITED_TIER);
authContext.setStopOnQuotaReach(true);
authContext.setApiKey(clientIP);
authContext.setKeyType(APIConstants.API_KEY_TYPE_PRODUCTION);
authContext.setUsername((String) axis2MessageContext.getProperty("user"));
authContext.setCallerToken(null);
authContext.setApplicationName(null);
authContext.setApplicationId(clientIP);
authContext.setConsumerKey(null);
log.debug("**** applicationID is --- " + authContext.getApplicationId());
APISecurityUtils.setAuthenticationContext(synCtx, authContext, null);
System.out.println("**** TE is HERE");
log.debug("**** TE is HERE2");
log.debug("**** Header is --- " + headers);
log.debug("**** AuthHeader is --- " + authHeader);
log.debug("**** Postman token is --- " + postmanToken);
return true;
/*
* if (authHeader.startsWith("Bearer ")) { return true; } return false;
*/
}
I think the problem is with the AuthenticationContext object. We populate the authContext object at the Authentication handler(in each authenticator [1]) and this object is used at the throttle handler[2]. when you replaced the Authentication handler with your custom handler, you might have missed populating this object. Try populating this object as [1].
[1] - https://github.com/wso2/carbon-apimgt/blob/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.gateway/src/main/java/org/wso2/carbon/apimgt/gateway/handlers/security/oauth/OAuthAuthenticator.java#L301 [2] - https://github.com/wso2/carbon-apimgt/blob/v6.7.206/components/apimgt/org.wso2.carbon.apimgt.gateway/src/main/java/org/wso2/carbon/apimgt/gateway/handlers/throttling/ThrottleHandler.java#L193