This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Log in to ask a question

Unable to authenticate with Management Server

Posted on 06-18-2020 07:08 AM
daniel-3
New Member
Reply posted on --/--/---- --:-- AM
 
Solved Solved
1 6 1,345
Topic Labels
Jump to Solution
1 ACCEPTED SOLUTION

Posted on --/--/---- --:-- AM
daniel-3
New Member
Reply posted on --/--/---- --:-- AM

Ok it seems the problem was curl and proxy settings, the setup script error is really misleading and I only found out the problem when I opened up the individual scripts. Basically apigee-adminapi.sh is using curl to connect to the management server, and curl is ignoring networks and wildcards in no_proxy environment variable, so it keeps trying to connect to the management server via proxy. Now I've added each IP in the no_proxy and the setup manages to complete. It also explains why nobody else had this issue. 😞

View solution in original post

Jump to Solution
0 Likes
6 REPLIES 6

Posted on --/--/---- --:-- AM
daniel-3
New Member
Reply posted on --/--/---- --:-- AM

Hi folks,

I'm having issues with the setup. I've tried versions 4.19.06 and 4.18.05, on RHEL 7.6.

First I've been trying to set up a 6-node installation as per the Coursera training course (https://www.coursera.org/learn/onprem-fundamentals-apigee-gcp/home/welcome), then I've also tried a simple AIO setup. Both fail at the same step, the setup seems to install all components correctly, management server is running, but then it fails with "Unable to authenticate with Management Server".

apigee-service: edge-management-server: edge-management-server is running Checking for management-server on 127.0.0.1 port 8080 .... OK Checking for management-server uuid ... 3ff4032c-7365-4b56-b155-c436ba250fcb Checking if management-server is up management-server is up. Finished edge-management-server setup Checking for required variables Checking required variable MSIP...OK Checking required variable ADMIN_EMAIL...OK Checking for optional variables Found optional variable APIGEE_ADMINPW...OK Found optional variable APIGEE_PORT_HTTP_MS...OK http://10.112.13.238:8080/v1/servers/self. Unable to authenticate with Management Server Error: setup.sh: /opt/apigee/apigee-service/bin/apigee-service exited with unexpected status 1

I've tried different values for ADMIN_EMAIL and APIGEE_ADMINPW, thinking it doesn't like special characters, but I see other people posting config files with "Secret123" and this simple password seems to work for them.

This is my AIO config file:

IP1=10.112.13.238
HOSTIP=$IP1
ADMIN_EMAIL=xxx@xxx.xxx
APIGEE_ADMINPW="P@$-w0rD"
LICENSE_FILE=/tmp/apigee/license.txt
MSIP=$IP1
LDAP_TYPE=1
USE_LDAP_REMOTE_HOST=n
APIGEE_LDAPPW="Ap1g33-Bla"
BIND_ON_ALL_INTERFACES=y
MP_POD=gateway
REGION=dc-1
ZK_HOSTS="$IP1"
ZK_CLIENT_HOSTS="$IP1"
CASS_HOSTS="$IP1"
SKIP_SMTP=y

Any ideas why it fails?

access.log doesn't show any errors:

2020-06-18 16:24:09,023 org:- env:- target:/v1/servers/self/uuid contextId:- action:- pool-1-thread-1 INFO ACCESSLOG - AccessInfo.logAuditInfo() : {RequestURIQP=/v1/servers/self/uuid, ResponseCode=200, User=unauthenticated, ServerIP=10.112.13.238, Operation=GET, ClientIP=127.0.0.1, Timestamp=1592490249017, skipAudit=false, ServerHostName=ec2dev76rhel7642.cedelgroup.com, UserAgent=curl/7.29.0, X-Forwarded-For=, RequestURI=/v1/servers/self/uuid, authenticationType=basic} 2020-06-18 16:24:09,037 org:- env:- target:/v1/servers/self/up contextId:- action:- pool-1-thread-1 INFO ACCESSLOG - AccessInfo.logAuditInfo() : {RequestURIQP=/v1/servers/self/up, ResponseCode=200, User=unauthenticated, ServerIP=10.112.13.238, Operation=GET, ClientIP=127.0.0.1, Timestamp=1592490249030, skipAudit=false, ServerHostName=ec2dev76rhel7642.cedelgroup.com, UserAgent=curl/7.29.0, X-Forwarded-For=, RequestURI=/v1/servers/self/up, authenticationType=basic}

system.log has a few:

2020-06-18 16:24:07,984 org: env: target: contextId: action: qtp275056979-39 ERROR REST - CustomJAXRSInvoker.performInvocation() : CustomJAXRSInvoker.performInvocation : Method com.apigee.rest.framework.APIRegistry.get threw an exception. 2020-06-18 16:24:07,985 org: env: target: contextId: action: qtp275056979-39 ERROR REST - ExceptionMapper.toResponse() : Error occurred : Server Not Ready to process r equests com.apigee.rest.framework.security.Authorizer.beforeInvocation(Authorizer.java:357) com.apigee.rest.framework.CustomJAXRSInvoker.beforeInvocation(CustomJAXRSInvoker.java:164) com.apigee.rest.framework.CustomJAXRSInvoker.performInvocation(CustomJAXRSInvoker.java:119) org.apache.cxf.service.invoker.AbstractInvoker.invoke(AbstractInvoker.java:89)

Jump to Solution
0 Likes

Posted on --/--/---- --:-- AM
Not applicable
Reply posted on --/--/---- --:-- AM

This looks like a password issue. Can you try with below options

1. a password without special characters?

2. leave the password empty and enter when it will ask to enter

3. try with the same password for edge admin and LDAP password

Earlier I had seen this issue because of special characters.

Jump to Solution
0 Likes

Posted on --/--/---- --:-- AM
daniel-3
New Member
In response to
Reply posted on --/--/---- --:-- AM

Thanks for the suggestion. I've tried leaving APIGEE_ADMINPW empty in the config file and the setup prompts me for a password. However it still fails with the same error:

http://10.112.13.238:8080/v1/servers/self. Unable to authenticate with Management Server Error: setup.sh: /opt/apigee/apigee-service/bin/apigee-service exited with unexpected status 1

It can't be that it forgot the password I've just put in.

In edge-management-server logs I found this error:

2020-06-19 09:22:12,278 org: env: target: contextId: action: qtp1313799195-65 ERROR REST - ExceptionMapper.toResponse() : Error occurred : Server Not Ready to process requests com.apigee.rest.framework.security.Authorizer.beforeInvocation(Authorizer.java:325) com.apigee.rest.framework.CustomJAXRSInvoker.beforeInvocation(CustomJAXRSInvoker.java:176) com.apigee.rest.framework.CustomJAXRSInvoker.performInvocation(CustomJAXRSInvoker.java:131) org.apache.cxf.service.invoker.AbstractInvoker.invoke(AbstractInvoker.java:89)

Could it be that the setup runs too quickly and the server is not ready to process the request? Is there any way to configure the setup script to wait a bit longer?

Jump to Solution
0 Likes

Posted on --/--/---- --:-- AM
Not applicable
In response to daniel-3
Reply posted on --/--/---- --:-- AM

Did you try with a password without special characters other than '@'? If still you see the issue then execute wait_for_ready command to see the status. If you are installing all in one, then you can stop all the processes running related to apigee first before installation. Another check you need to do all the files and folders inside /opt/apigee should be owned by Apigee and Apigee should have the sudo access to run a process.

Jump to Solution
0 Likes

Posted on --/--/---- --:-- AM
daniel-3
New Member
Reply posted on --/--/---- --:-- AM

Ok it seems the problem was curl and proxy settings, the setup script error is really misleading and I only found out the problem when I opened up the individual scripts. Basically apigee-adminapi.sh is using curl to connect to the management server, and curl is ignoring networks and wildcards in no_proxy environment variable, so it keeps trying to connect to the management server via proxy. Now I've added each IP in the no_proxy and the setup manages to complete. It also explains why nobody else had this issue. 😞

Jump to Solution
0 Likes

Posted on --/--/---- --:-- AM
sirisha_a
Bronze 1
Bronze 1
Reply posted on --/--/---- --:-- AM

Thanks for the solution, it worked for me. But i was trying to find which script is returning the error "Unable to authenticate with Management Server" but couldn't find which script is returning the error. Is there a way that i can identify which script is throwing this error?

Jump to Solution