问题
We have deployed an all-in-one instance of WSO2 API Manager. We have got ssl working and you can log in and see published APIs.
We have set up the carbon.xml to have the external-facing address (apidev.example.com) and both /store/ and /publisher/ can be accessed from that address.
However, the problem is the APIs published in the store are using the local hostname of dev.company.interal.
This means that a user will sign to
https://apidev.example.com/store
click on an API and get redirected to
https://dev.company.interal:9443/store/apis/...
which is no good as that address isn't accessible to people outside our network. so I want the store to use the external-facing address.
I've included the config files, shorten to the edits which have been made.
carbon.xml
<HostName>apidev.example.com</HostName>
<!-- Host name to be used for the Carbon management console-->
<MgtHostName>apidev.example.com</MgtHostName>
api-manager.xml
<APIManager>
<DataSourceName>jdbc/WSO2AM_DB</DataSourceName>
<GatewayType>Synapse</GatewayType>
<EnableSecureVault>false</EnableSecureVault>
<AuthManager>
<!-- Server URL of the Authentication service -->
<ServerURL>https://dev.company.interal:${mgt.transport.https.port}${carbon.context}services/</ServerURL>
<!-- Admin username for the Authentication manager. -->
<Username>${admin.username}</Username>
<!-- Admin password for the Authentication manager. -->
<Password>${admin.password}</Password>
<!-- Indicates whether the permissions checking of the user (on the Publisher and Store) should be done
via a remote service. The check will be done on the local server when false. -->
<CheckPermissionsRemotely>false</CheckPermissionsRemotely>
</AuthManager>
...
<APIGateway>
<!-- The environments to which an API will be published -->
<Environments>
<Environment type="hybrid" api-console="true">
<Name>Production and Sandbox</Name>
<Description>This is a hybrid gateway that handles both production and sandbox token traffic.</Description>
<!-- Server URL of the API gateway -->
<ServerURL>https://apidev.example.com${carbon.context}services/</ServerURL>
<!-- Admin username for the API gateway. -->
<Username>${admin.username}</Username>
<!-- Admin password for the API gateway.-->
<Password>${admin.password}</Password>
<!-- Endpoint URLs for the APIs hosted in this API gateway.-->
<!--GatewayEndpoint>http://${carbon.local.ip}:${http.nio.port},https://apidev.linkedsystems.uk:${https.nio.port}</GatewayEndpoint-->
<GatewayEndpoint>http://apidev.example.com,https://apidev.example.com</GatewayEndpoint>
</Environment>
</Environments>
</APIGateway>
...
<APIKeyValidator>
<!-- Server URL of the API key manager -->
<ServerURL>https://dev.company.interal:${mgt.transport.https.port}${carbon.context}services/</ServerURL>
<!-- Admin username for API key manager. -->
<Username>${admin.username}</Username>
<!-- Admin password for API key manager. -->
<Password>${admin.password}</Password>
<KeyValidatorClientType>ThriftClient</KeyValidatorClientType>
<ThriftClientConnectionTimeOut>10000</ThriftClientConnectionTimeOut>
<!--ThriftClientPort>10397</ThriftClientPort-->
<EnableThriftServer>true</EnableThriftServer>
<ThriftServerHost>localhost</ThriftServerHost>
<!--ThriftServerPort>10397</ThriftServerPort-->
<!--ConnectionPool>
<MaxIdle>100</MaxIdle>
<InitIdleCapacity>50</InitIdleCapacity>
</ConnectionPool-->
<!-- Specifies the implementation to be used for KeyValidationHandler. Steps for validating a token can be controlled by plugging in a
custom KeyValidation Handler -->
<KeyValidationHandlerClassName>org.wso2.carbon.apimgt.keymgt.handlers.DefaultKeyValidationHandler</KeyValidationHandlerClassName>
</APIKeyValidator>
...
<!-- API Store Related Configurations -->
<APIStore>
<!--GroupingExtractor>org.wso2.carbon.apimgt.impl.DefaultGroupIDExtractorImpl</GroupingExtractor-->
<!--This property is used to indicate how we do user name comparision for token generation https://wso2.org/jira/browse/APIMANAGER-2225-->
<CompareCaseInsensitively>true</CompareCaseInsensitively>
<DisplayURL>true</DisplayURL>
<!--URL>https://localhost:${mgt.transport.https.port}/store</URL-->
<URL>https://apidev.example.com/store</URL>
<!-- Server URL of the API Store. -->
<ServerURL>https://apidev.example.com:${mgt.transport.https.port}${carbon.context}services/</ServerURL>
<!-- Admin username for API Store. -->
<Username>${admin.username}</Username>
<!-- Admin password for API Store. -->
<Password>${admin.password}</Password>
<!-- This parameter specifies whether to display multiple versions of same
API or only showing the latest version of an API. -->
<DisplayMultipleVersions>false</DisplayMultipleVersions>
<!-- This parameter specifies whether to display all the APIs
[which are having DEPRECATED/PUBLISHED status] or only display the APIs
with having their status is as 'PUBLISHED' -->
<DisplayAllAPIs>false</DisplayAllAPIs>
<!-- Uncomment this to limit the number of APIs in api the API Store -->
<!--APIsPerPage>5</APIsPerPage-->
<!-- This parameter specifies whether to display the comment editing facility or not.
Default is "true". If user wants to disable, he must set this param as "false" -->
<DisplayComments>true</DisplayComments>
<!-- This parameter specifies whether to display the ratings or not.
Default is "true". If user wants to disable, he must set this param as "false" -->
<DisplayRatings>true</DisplayRatings>
<!--set isStoreForumEnabled to false for disable forum in store-->
<!--isStoreForumEnabled>false</isStoreForumEnabled-->
</APIStore>
...
<ThrottlingConfigurations>
<EnableAdvanceThrottling>true</EnableAdvanceThrottling>
<DataPublisher>
<Enabled>false</Enabled>
<Type>Binary</Type>
<ReceiverUrlGroup>tcp://${carbon.local.ip}:${receiver.url.port}</ReceiverUrlGroup>
<AuthUrlGroup>ssl://${carbon.local.ip}:${auth.url.port}</AuthUrlGroup>
<Username>${admin.username}</Username>
<Password>${admin.password}</Password>
<DataPublisherPool>
<MaxIdle>1000</MaxIdle>
<InitIdleCapacity>200</InitIdleCapacity>
</DataPublisherPool>
<DataPublisherThreadPool>
<CorePoolSize>200</CorePoolSize>
<MaxmimumPoolSize>1000</MaxmimumPoolSize>
<KeepAliveTime>200</KeepAliveTime>
</DataPublisherThreadPool>
</DataPublisher>
<PolicyDeployer>
<ServiceURL>https://dev.company.interal:${mgt.transport.https.port}${carbon.context}services/</ServiceURL>
<Username>${admin.username}</Username>
<Password>${admin.password}</Password>
</PolicyDeployer>
<BlockCondition>
<Enabled>true</Enabled>
<!--InitDelay>300000</InitDelay>
<Period>3600000</Period-->
</BlockCondition>
<JMSConnectionDetails>
<Enabled>true</Enabled>
<ServiceURL>tcp://${carbon.local.ip}:${jms.port}</ServiceURL>
<Username>${admin.username}</Username>
<Password>${admin.password}</Password>
<Destination>throttleData</Destination>
<!--InitDelay>300000</InitDelay-->
<JMSConnectionParameters>
...
</APIManager>
any help/pointers would be appreciated
回答1:
So the answer is;
the file at {AM_HOME}/repository/deployment/server/jaggeryapps/store/site/conf/site.json
needs changing to reflect the reverse proxy settings. Following the example laid out in the question, the new setting would be;
"reverseProxy" : {
"enabled" : true, // values true , false , "auto" - will look for X-Forwarded-* headers
"host" : "apidev.example.com", // If reverse proxy do not have a domain name use IP
"context":"/store",
//"regContext":"" // Use only if different path is used for registry
},
Thats all folks
来源:https://stackoverflow.com/questions/44525809/why-does-the-wso2-api-manager-store-have-2-url-displayed-on-ui