Layer7 API Management

 View Only

  • 1.  Problem with OAuth in the CA API Gateway

    Posted Jun 09, 2016 06:23 AM

    Hi,

     

    We've set up OAuth in the API Gateway in a production system on the client, but we have a problem.

     

    Step 1 : Access to the web portal OAuth:

    Sin título.png

    Step 2: The username and password credentials are entered and the LOGIN button is pressed and the content of the static HTML page displays:

     

    Sin título2.png

     

    We have accessed the Gateway in service debugger, getting the following error: Policy completed with error. Falsified Assertion: assertion number 68 (OTK Session - Delete)

    Sin título3.png

    Does anyone know what can happen? Do any idea how to address this issue? This issue is urgent.

    Thank you very much in advance



  • 2.  Re: Problem with OAuth in the CA API Gateway

    Posted Jun 09, 2016 07:28 AM

    Logs:

    2016-06-09T13:17:35.292+0200 WARNING 512 com.l7tech.external.assertions.jdbcquery.server.ServerJdbcQueryAssertion: 9104: "Perform JDBC Query" assertion failed due to: Cannot retrieve a C3P0 DataSource: No connections available for 'OAuth' No connections available for 'OAuth'

    2016-06-09T13:17:35.292+0200 INFO    512 com.l7tech.external.assertions.comparison.server.ServerComparisonAssertion: 7101: Comparison did not match: ${dbsystem} is equal to cassandra

    2016-06-09T13:17:35.292+0200 INFO    512 com.l7tech.external.assertions.comparison.server.ServerComparisonAssertion: 7101: Comparison did not match: ${isLocal} is equal to false

    2016-06-09T13:17:35.292+0200 INFO    512 com.l7tech.server.MessageProcessor: 3017: Policy evaluation for service oauth/manager [e001cfd0c1c1ffaa18e187b5e72fea4e] resulted in status 600 (Assertion Falsified)

    2016-06-09T13:17:35.292+0200 WARNING 512 com.l7tech.server.message: Message was not processed: Assertion Falsified (600)



  • 3.  Re: Problem with OAuth in the CA API Gateway
    Best Answer

    Broadcom Employee
    Posted Jun 09, 2016 08:49 AM

    Hi SBBenitezEveris,

     

    I have seen this error occur when there is an issue with the JDBC connection. Based on the your log snippets that appears to be the case here.

     

    "Cannot retrieve a C3P0 DataSource: No connections available for 'OAuth' No connections available for 'OAuth'"

     

    Can you confirm your JDBC settings for 'OAuth' and test connectivity? Typically causes are network connectivity and improper grants.

     

    Regards,

    Joe



  • 4.  Re: Problem with OAuth in the CA API Gateway

    Posted Jun 04, 2017 11:52 AM

    Hi Joe,

     

    I am also getting the same error. I checked my OAuth connection and it is fine.

    I am not sure what is wrong.

     

    Thanks,

    Ravish



  • 5.  Re: Problem with OAuth in the CA API Gateway

    Posted Jun 21, 2018 09:53 PM

    Hi Joe,

     

    Even I am getting error in the same assertion number. The connection to the DB is good, have provided all the GRANTS and able to connect to DB.

     

    As I am using MySQL(provided in .ova) and its mentioned in the documents that we do not need to create any tables for MySQL, but seems like the table are not created.

     

    LogDetails:

     

    • 2018-06-22T11:39:00.047+1000 WARNING 32366 com.l7tech.server.jdbc.JdbcQueryingManagerImpl: Failed to perform querying since Table 'otk.oauth_initiate' doesn't exist
    • 2018-06-22T11:39:00.047+1000 WARNING 32366 com.l7tech.external.assertions.jdbcquery.server.ServerJdbcQueryAssertion: 9104: "Perform JDBC Query" assertion failed due to: Bad SQL Grammar: Table 'otk.oauth_initiate' doesn't exist
    • 2018-06-22T11:39:00.048+1000 INFO 32366 com.l7tech.server.policy.assertion.ServerAuditDetailAssertion: -4: Could not delete expired tokens from the token store
    • 2018-06-22T11:39:00.048+1000 WARNING 32366 com.l7tech.server: Executing background policy for scheduled task OTK Database Maintenance - token
    • 2018-06-22T11:42:00.014+1000 WARNING 32371 com.l7tech.server.jdbc.JdbcQueryingManagerImpl: Failed to perform querying since Table 'otk.oauth_session' doesn't exist
    • 2018-06-22T11:42:00.014+1000 WARNING 32371 com.l7tech.external.assertions.jdbcquery.server.ServerJdbcQueryAssertion: 9104: "Perform JDBC Query" assertion failed due to: Bad SQL Grammar: Table 'otk.oauth_session' doesn't exist
    • 2018-06-22T11:42:00.014+1000 INFO 32371 com.l7tech.server.policy.assertion.ServerAuditDetailAssertion: -4: An error occured when searching for expired sessions
    • 2018-06-22T11:42:00.015+1000 WARNING 32371 com.l7tech.server: Executing background policy for scheduled task OTK Database Maintenance - sessions

     

    Any quick help would be really appreciated !!  

     

    Thanks

    Vaibhav



  • 6.  Re: Problem with OAuth in the CA API Gateway

    Posted Jun 09, 2016 11:16 AM

    First, thanks for answering.
    I have a problem with the connection to the database and I'm investigating. Aparentement is not trivial.
    Thanks again!



  • 7.  Re: Problem with OAuth in the CA API Gateway

    Posted Mar 22, 2019 06:12 PM

    Hi,

    We had a same issue,

     

    If you are using AWS or any clustered database url then please configure the Load Balanced(writable DB URL) and restart the ssg service. Which in our case fixed the issue.

     

    Thanks in advance. 



  • 8.  RE: Re: Problem with OAuth in the CA API Gateway

    Posted Mar 17, 2020 01:52 PM
    Hi Harsha,

    Where is the Load Balanced(writable DB URL) you're speaking of?  Any information you can give would be appreciated.
    Original Message