Yes. Lets have a meeting and get at least one person from all the affected teams.
Regards Nandika On Tue, Apr 7, 2015 at 11:08 AM, Chanaka Fernando <[email protected]> wrote: > Hi Sohani, > > Shall we arrange a meeting to discuss this and finalize the approach? > Looks like we have several approaches but still we have not agreed on a > proper solution. > > Thanks, > Chanaka > > On Tue, Apr 7, 2015 at 10:12 AM, Nandika Jayawardana <[email protected]> > wrote: > >> In BPS, we have to pack the policy file within the bpel project itself >> and refer to it in the deploy.xml. We are going to have to update the >> deployment code as we are creating the axis service objects dynamically. >> >> Regards >> Nandika >> >> On Tue, Apr 7, 2015 at 10:04 AM, Chanaka Fernando <[email protected]> >> wrote: >> >>> Hi Johann/KasunG/Kishanthan, >>> >>> What would be the way forward to support this feature? We can have the >>> Developer Studio story completed if we use the "allowRoles" parameter with >>> the *SecurityDeploymentIntercepter *class updating the DB. If we are >>> going with the registry resource property approach, we need to implement >>> the same logic at a proper place in the identity component. >>> >>> WDYT? >>> >>> Thanks, >>> Chanaka >>> >>> On Mon, Apr 6, 2015 at 12:25 PM, Johann Nallathamby <[email protected]> >>> wrote: >>> >>>> Hi Kasun/Kishanthan, >>>> >>>> Any idea why this was removed ? I thought security-mgt is maintained by >>>> IS team. But looks like others are also working on this component. >>>> >>>> On Mon, Apr 6, 2015 at 12:05 PM, Sohani Weerasinghe <[email protected]> >>>> wrote: >>>> >>>>> @Chanaka: Thanks for investigating on this issue. >>>>> >>>>> Sohani Weerasinghe >>>>> Software Engineer >>>>> WSO2, Inc: http://wso2.com >>>>> >>>>> Mobile : +94 716439774 >>>>> Blog :http://christinetechtips.blogspot.com/ >>>>> Twitter : https://twitter.com/sohanichristine >>>>> >>>>> On Mon, Apr 6, 2015 at 12:02 PM, Chanaka Fernando <[email protected]> >>>>> wrote: >>>>> >>>>>> Hi Johann, >>>>>> >>>>>> After looking through the new implementation of the >>>>>> *SecurityDeploymentIntercepter.java >>>>>> *file in the latest GIT source code[1] , I could find that this >>>>>> "allowRoles" parameter related implementation has been removed. Entire >>>>>> implementation of the *applySecurityParameters(AxisService service, >>>>>> SecurityScenario secScenario)* method has been removed and that >>>>>> method is blank. What is the reason for this? >>>>>> >>>>>> @Sohani: This is the reason that this parameter is not working in the >>>>>> latest 4.9.0 ESB pack. >>>>>> >>>>>> [1] >>>>>> https://github.com/wso2/carbon-identity/blob/master/components/security/org.wso2.carbon.security.mgt/src/main/java/org/wso2/carbon/security/deployment/SecurityDeploymentInterceptor.java >>>>>> >>>>>> >>>>>> Thanks, >>>>>> Chanaka >>>>>> >>>>>> On Mon, Apr 6, 2015 at 11:35 AM, Chanaka Fernando <[email protected]> >>>>>> wrote: >>>>>> >>>>>>> Hi KasunG, >>>>>>> >>>>>>> I have checked on the source code of the previous implementation and >>>>>>> according to that, when applying security through Management console and >>>>>>> through "allowRoles" service parameter, it executes the same code on the >>>>>>> Security side (please see below). >>>>>>> >>>>>>> *SecurityConfigAdmin.java (Executes when applying through Management >>>>>>> Console)* >>>>>>> >>>>>>> if (userGroups != null) { >>>>>>> for (String value : userGroups) { >>>>>>> AuthorizationManager acAdmin = >>>>>>> realm.getAuthorizationManager(); >>>>>>> >>>>>>> acAdmin.authorizeRole(value, >>>>>>> serviceGroupId+"/"+service.getName(), >>>>>>> >>>>>>> UserCoreConstants.INVOKE_SERVICE_PERMISSION); >>>>>>> } >>>>>>> } >>>>>>> >>>>>>> >>>>>>> >>>>>>> *SecurityDeploymentIntercepter.java (Executes when applying through >>>>>>> "allowRoles" parameter)* >>>>>>> >>>>>>> Parameter allowRolesParameter = >>>>>>> service.getParameter("allowRoles"); >>>>>>> >>>>>>> if(allowRolesParameter!= null && >>>>>>> allowRolesParameter.getValue() != null){ >>>>>>> >>>>>>> AuthorizationManager manager = >>>>>>> userRealm.getAuthorizationManager(); >>>>>>> String resourceName = serviceGroupId + "/" + >>>>>>> serviceName; >>>>>>> String[] roles = >>>>>>> manager.getAllowedRolesForResource(resourceName, >>>>>>> >>>>>>> UserCoreConstants.INVOKE_SERVICE_PERMISSION); >>>>>>> if(roles != null){ >>>>>>> for (String role : roles) { >>>>>>> manager.clearRoleAuthorization(role, >>>>>>> resourceName, >>>>>>> >>>>>>> UserCoreConstants.INVOKE_SERVICE_PERMISSION); >>>>>>> } >>>>>>> } >>>>>>> >>>>>>> String value = (String) >>>>>>> allowRolesParameter.getValue(); >>>>>>> String[] allowRoles = value.split(",") ; >>>>>>> if(allowRoles != null){ >>>>>>> for(String role : allowRoles){ >>>>>>> >>>>>>> userRealm.getAuthorizationManager().authorizeRole(role, resourceName, >>>>>>> >>>>>>> UserCoreConstants.INVOKE_SERVICE_PERMISSION); >>>>>>> } >>>>>>> } >>>>>>> } >>>>>>> >>>>>>> >>>>>>> Since this is a service level parameter, we can use this for all >>>>>>> axis2 services. If that is the case, we can go with this parameter >>>>>>> instead >>>>>>> of having properties at registry resource level. WDYT? >>>>>>> >>>>>>> @Sohani: I will look in the 4.9.0 related issue when using this >>>>>>> parameter. >>>>>>> >>>>>>> >>>>>>> Thanks, >>>>>>> Chanaka >>>>>>> >>>>>>> >>>>>>> On Thu, Apr 2, 2015 at 5:25 PM, Chanaka Fernando <[email protected]> >>>>>>> wrote: >>>>>>> >>>>>>>> Hi Sohani, >>>>>>>> >>>>>>>> Please see my comments inline. >>>>>>>> >>>>>>>> AFAIK when we deploy a proxy which has allowRoles parameter, the >>>>>>>> 'UM_PERMISSION ' table is getting updated and an entry is created with >>>>>>>> that >>>>>>>> ID in the UM_ROLE_PERMISSION table. This works fine with ESB 4.8.1 but >>>>>>>> with >>>>>>>> ESB 4.9.0 the UM_PERMISSION table is not getting updated. Therefore, I >>>>>>>> think we need to modify the existing deployer to handle this task as we >>>>>>>> have discussed during the last meeting. Correct me if I am wrong. >>>>>>>> >>>>>>>> -- I have also checked in the code and this "allowRoles" property >>>>>>>> do the same operation in the JDBCAuthorizationManager class when we >>>>>>>> add the >>>>>>>> user roles from the management console. So it should work as expected. >>>>>>>> But >>>>>>>> KasunG's point is that this is a kind of a quick fix and this may not >>>>>>>> work >>>>>>>> for axis2 services. >>>>>>>> >>>>>>>> When concerning the new suggestion of including the user role >>>>>>>> information as a registry property of the registry resource, how can we >>>>>>>> handle updating the user role information in the database since we >>>>>>>> don't >>>>>>>> have the proxy information at the time we create the policy file? Can >>>>>>>> someone please advise on the way to proceed with this. >>>>>>>> >>>>>>>> -- Here you don't need to add this information to the database from >>>>>>>> DevS side. At the deployment time, deployer will check the user role >>>>>>>> from >>>>>>>> the resource properties and add that to the relevant database using the >>>>>>>> JDBCAuthorizationManager class. >>>>>>>> >>>>>>>> Shall we have a meeting to discuss about this further? WDYT? >>>>>>>> >>>>>>>> +1 for a meeting. >>>>>>>> >>>>>>>> >>>>>>>> Thanks, >>>>>>>> Chanaka >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> On Thu, Apr 2, 2015 at 3:32 PM, Sohani Weerasinghe <[email protected] >>>>>>>> > wrote: >>>>>>>> >>>>>>>>> Hi All, >>>>>>>>> >>>>>>>>> AFAIK when we deploy a proxy which has allowRoles parameter, the >>>>>>>>> 'UM_PERMISSION ' table is getting updated and an entry is created >>>>>>>>> with that >>>>>>>>> ID in the UM_ROLE_PERMISSION table. This works fine with ESB 4.8.1 >>>>>>>>> but with >>>>>>>>> ESB 4.9.0 the UM_PERMISSION table is not getting updated. Therefore, I >>>>>>>>> think we need to modify the existing deployer to handle this task as >>>>>>>>> we >>>>>>>>> have discussed during the last meeting. Correct me if I am wrong. >>>>>>>>> >>>>>>>>> When concerning the new suggestion of including the user role >>>>>>>>> information as a registry property of the registry resource, how can >>>>>>>>> we >>>>>>>>> handle updating the user role information in the database since we >>>>>>>>> don't >>>>>>>>> have the proxy information at the time we create the policy file? Can >>>>>>>>> someone please advise on the way to proceed with this. >>>>>>>>> >>>>>>>>> Shall we have a meeting to discuss about this further? WDYT? >>>>>>>>> >>>>>>>>> Thanks, >>>>>>>>> Sohani >>>>>>>>> >>>>>>>>> >>>>>>>>> Sohani Weerasinghe >>>>>>>>> Software Engineer >>>>>>>>> WSO2, Inc: http://wso2.com >>>>>>>>> >>>>>>>>> Mobile : +94 716439774 >>>>>>>>> Blog :http://christinetechtips.blogspot.com/ >>>>>>>>> Twitter : https://twitter.com/sohanichristine >>>>>>>>> >>>>>>>>> On Tue, Mar 31, 2015 at 5:11 PM, KasunG Gajasinghe < >>>>>>>>> [email protected]> wrote: >>>>>>>>> >>>>>>>>>> Hi, >>>>>>>>>> >>>>>>>>>> On Tue, Mar 31, 2015 at 4:59 PM, Isuru Udana <[email protected]> >>>>>>>>>> wrote: >>>>>>>>>> >>>>>>>>>>> Hi KasunG, >>>>>>>>>>> >>>>>>>>>>> On Tue, Mar 31, 2015 at 4:32 PM, KasunG Gajasinghe < >>>>>>>>>>> [email protected]> wrote: >>>>>>>>>>> >>>>>>>>>>>> Hi, >>>>>>>>>>>> >>>>>>>>>>>> Two questions - >>>>>>>>>>>> >>>>>>>>>>>> 1. Why do we need a separate axis2 deployer to handle just user >>>>>>>>>>>> roles? >>>>>>>>>>>> >>>>>>>>>>> We were thinking about modifying existing deployers (proxy >>>>>>>>>>> deployer etc) to call the relevant component in the security side. >>>>>>>>>>> >>>>>>>>>> >>>>>>>>>> To add the policy to a service, you can also use an AxisObserver. >>>>>>>>>> With this, you won't need to patch the deployers. You can re-use the >>>>>>>>>> existing code in DeploymentInterceptor class in carbon core >>>>>>>>>> component on >>>>>>>>>> applying policies to runtime AxisService object. >>>>>>>>>> >>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>>> >>>>>>>>>>>> 2. Isn't it much cleaner if we keep the list of user roles as a >>>>>>>>>>>> registry property of the registry resource that contains the >>>>>>>>>>>> policy? Then, >>>>>>>>>>>> this won't depend on the service type, and the security >>>>>>>>>>>> configuration will >>>>>>>>>>>> be located in a single place. I believe allowRoles was provided as >>>>>>>>>>>> a quick >>>>>>>>>>>> fix for a support ticket. >>>>>>>>>>>> >>>>>>>>>>> This is a very good suggestion. Let's consider this option as >>>>>>>>>>> well. >>>>>>>>>>> >>>>>>>>>> >>>>>>>>>> Sounds good! >>>>>>>>>> >>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>>> Thanks. >>>>>>>>>>>> >>>>>>>>>>>> On Tue, Mar 31, 2015 at 3:53 PM, Sohani Weerasinghe < >>>>>>>>>>>> [email protected]> wrote: >>>>>>>>>>>> >>>>>>>>>>>>> Meeting notes is as follows >>>>>>>>>>>>> >>>>>>>>>>>>> Participants: Jasintha, Susinda, Awanthika, Chanaka, IsuruU, >>>>>>>>>>>>> Johann, Godwin, Dulindra, Sohani >>>>>>>>>>>>> >>>>>>>>>>>>> Notes: >>>>>>>>>>>>> >>>>>>>>>>>>> From the Developer Studio perspective, currently we are >>>>>>>>>>>>> implementing the security policy as a registry resource and as >>>>>>>>>>>>> per the >>>>>>>>>>>>> discussion had we will use the parameter 'allowRoles' to define >>>>>>>>>>>>> the >>>>>>>>>>>>> relevant user roles. This will be a service level parameter and >>>>>>>>>>>>> the roles >>>>>>>>>>>>> can be obtained by connecting to the server. >>>>>>>>>>>>> >>>>>>>>>>>>> This parameter is already available with ESB and this needs to >>>>>>>>>>>>> be facilitated by DSS and Axis2. >>>>>>>>>>>>> >>>>>>>>>>>>> From the Servers (ESB, DSS and AS) a deployer needs to be >>>>>>>>>>>>> implemented to handle user roles at the run time >>>>>>>>>>>>> >>>>>>>>>>>>> Please add points to this if I have missed anything. >>>>>>>>>>>>> >>>>>>>>>>>>> Thanks, >>>>>>>>>>>>> Sohani >>>>>>>>>>>>> >>>>>>>>>>>>> Sohani Weerasinghe >>>>>>>>>>>>> Software Engineer >>>>>>>>>>>>> WSO2, Inc: http://wso2.com >>>>>>>>>>>>> >>>>>>>>>>>>> Mobile : +94 716439774 >>>>>>>>>>>>> Blog :http://christinetechtips.blogspot.com/ >>>>>>>>>>>>> Twitter : https://twitter.com/sohanichristine >>>>>>>>>>>>> >>>>>>>>>>>>> On Thu, Mar 26, 2015 at 3:35 PM, Sohani Weerasinghe < >>>>>>>>>>>>> [email protected]> wrote: >>>>>>>>>>>>> >>>>>>>>>>>>>> Hi Chanaka, >>>>>>>>>>>>>> >>>>>>>>>>>>>> Thanks for the explanation and as per the offline discussion >>>>>>>>>>>>>> we had, let's have a meeting on next week so that we can >>>>>>>>>>>>>> discuss and >>>>>>>>>>>>>> finalize the things. >>>>>>>>>>>>>> >>>>>>>>>>>>>> Regards, >>>>>>>>>>>>>> Sohani >>>>>>>>>>>>>> >>>>>>>>>>>>>> Sohani Weerasinghe >>>>>>>>>>>>>> Software Engineer >>>>>>>>>>>>>> WSO2, Inc: http://wso2.com >>>>>>>>>>>>>> >>>>>>>>>>>>>> Mobile : +94 716439774 >>>>>>>>>>>>>> Blog :http://christinetechtips.blogspot.com/ >>>>>>>>>>>>>> Twitter : https://twitter.com/sohanichristine >>>>>>>>>>>>>> >>>>>>>>>>>>>> On Thu, Mar 26, 2015 at 3:26 PM, Chanaka Fernando < >>>>>>>>>>>>>> [email protected]> wrote: >>>>>>>>>>>>>> >>>>>>>>>>>>>>> Hi Sohani, >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> I got your idea. But what I meant was that this does not >>>>>>>>>>>>>>> give any additional security. BTW, I am not against the >>>>>>>>>>>>>>> registry based >>>>>>>>>>>>>>> approach :) >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> Thanks, >>>>>>>>>>>>>>> Chanaka >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> On Thu, Mar 26, 2015 at 3:05 PM, Sohani Weerasinghe < >>>>>>>>>>>>>>> [email protected]> wrote: >>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> @Chanaka : I just considered the fact that if we specify it >>>>>>>>>>>>>>>> as a parameter then that information will be visible. That is >>>>>>>>>>>>>>>> why thought >>>>>>>>>>>>>>>> of saving it as a registry resource would be better. But if we >>>>>>>>>>>>>>>> can continue >>>>>>>>>>>>>>>> with the parameter then we'll continue the testing with that. >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> Regards, >>>>>>>>>>>>>>>> Sohani >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> Sohani Weerasinghe >>>>>>>>>>>>>>>> Software Engineer >>>>>>>>>>>>>>>> WSO2, Inc: http://wso2.com >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> Mobile : +94 716439774 >>>>>>>>>>>>>>>> Blog :http://christinetechtips.blogspot.com/ >>>>>>>>>>>>>>>> Twitter : https://twitter.com/sohanichristine >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> On Thu, Mar 26, 2015 at 3:02 PM, Chanaka Fernando < >>>>>>>>>>>>>>>> [email protected]> wrote: >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>> Hi Sohani, >>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>> What is the additional security you get from having that >>>>>>>>>>>>>>>>> parameter in registry? >>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>> Thanks, >>>>>>>>>>>>>>>>> Chanaka >>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>> On Thu, Mar 26, 2015 at 2:55 PM, Sohani Weerasinghe < >>>>>>>>>>>>>>>>> [email protected]> wrote: >>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>> Hi Chanaka, >>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>> Please find my comments inline >>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>> Sohani Weerasinghe >>>>>>>>>>>>>>>>>> Software Engineer >>>>>>>>>>>>>>>>>> WSO2, Inc: http://wso2.com >>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>> Mobile : +94 716439774 >>>>>>>>>>>>>>>>>> Blog :http://christinetechtips.blogspot.com/ >>>>>>>>>>>>>>>>>> Twitter : https://twitter.com/sohanichristine >>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>> On Thu, Mar 26, 2015 at 2:18 PM, Chanaka Fernando < >>>>>>>>>>>>>>>>>> [email protected]> wrote: >>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>> Hi Godwin, >>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>> Please see my comments inline. >>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>> AFAIK, in old model (file base persistence) roles are >>>>>>>>>>>>>>>>>>> not persisting in meta file and it use AuthorizationManager >>>>>>>>>>>>>>>>>>> (JDBCAuthorizationManager) for persistence, We use same >>>>>>>>>>>>>>>>>>> model for current >>>>>>>>>>>>>>>>>>> implementation as well and roles are not persisting in >>>>>>>>>>>>>>>>>>> registry. >>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>> The problem with that approach is we need to include >>>>>>>>>>>>>>>>>>> this information within the CAR file. Otherwise, it is not >>>>>>>>>>>>>>>>>>> self contained. >>>>>>>>>>>>>>>>>>> We need to have this user role information within the CAR >>>>>>>>>>>>>>>>>>> file. >>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>> @Sohani: If we can make sure all the security related >>>>>>>>>>>>>>>>>>> scenarios (which requires user related information) are >>>>>>>>>>>>>>>>>>> working properly >>>>>>>>>>>>>>>>>>> with the <parameter name="allowRoles">admin</parameter>, >>>>>>>>>>>>>>>>>>> then we can use >>>>>>>>>>>>>>>>>>> this parameter instead of a separate registry resource. >>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>> When considering the security perspective isn't it better >>>>>>>>>>>>>>>>>> to specify user roles information as a registry resource >>>>>>>>>>>>>>>>>> rather than use as >>>>>>>>>>>>>>>>>> a parameter? WDYT? >>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>> Thanks, >>>>>>>>>>>>>>>>>>> Chanaka >>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>> On Wed, Mar 25, 2015 at 11:46 PM, Godwin Amila Shrimal < >>>>>>>>>>>>>>>>>>> [email protected]> wrote: >>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>> Hi Sohani, >>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>> AFAIK, in old model (file base persistence) roles are >>>>>>>>>>>>>>>>>>>> not persisting in meta file and it use AuthorizationManager >>>>>>>>>>>>>>>>>>>> (JDBCAuthorizationManager) for persistence, We use same >>>>>>>>>>>>>>>>>>>> model for current >>>>>>>>>>>>>>>>>>>> implementation as well and roles are not persisting in >>>>>>>>>>>>>>>>>>>> registry. >>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>> Thanks >>>>>>>>>>>>>>>>>>>> Godwin >>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>> On Wed, Mar 25, 2015 at 11:23 AM, Sohani Weerasinghe < >>>>>>>>>>>>>>>>>>>> [email protected]> wrote: >>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>> Hi Chanaka/Godwin, >>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>> In order to further implement this feature I really >>>>>>>>>>>>>>>>>>>>> appreciate your input on the below concerns. >>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>> 1. When considering the security perspective, it seems >>>>>>>>>>>>>>>>>>>>> we have two options to specify user roles config either >>>>>>>>>>>>>>>>>>>>> as a registry >>>>>>>>>>>>>>>>>>>>> resource or using the parameter 'allowRoles' in the proxy >>>>>>>>>>>>>>>>>>>>> configuration. >>>>>>>>>>>>>>>>>>>>> IMO implement it as a registry resource would be better >>>>>>>>>>>>>>>>>>>>> when considering >>>>>>>>>>>>>>>>>>>>> the security perspective. WDYT? >>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>> Also, if we are to implement it as a registry resource >>>>>>>>>>>>>>>>>>>>> then the content of the resource will be <parameter >>>>>>>>>>>>>>>>>>>>> name="allowRoles">admin</parameter>. >>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>> @Chanaka: Can we have a parameter in the proxy config >>>>>>>>>>>>>>>>>>>>> to define the registry resource for the user roles as we >>>>>>>>>>>>>>>>>>>>> define the >>>>>>>>>>>>>>>>>>>>> security policy (eg: <policy >>>>>>>>>>>>>>>>>>>>> key="conf:repository/policy.xml"/> ) ? >>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>> @Godwin : If user roles is going to be implemented as >>>>>>>>>>>>>>>>>>>>> a registry resource, will there be a predefined registry >>>>>>>>>>>>>>>>>>>>> location to save >>>>>>>>>>>>>>>>>>>>> it ? If so can you please state it? >>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>> Really appreciate your response on this. >>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>> Thanks, >>>>>>>>>>>>>>>>>>>>> Sohani >>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>> Sohani Weerasinghe >>>>>>>>>>>>>>>>>>>>> Software Engineer >>>>>>>>>>>>>>>>>>>>> WSO2, Inc: http://wso2.com >>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>> Mobile : +94 716439774 >>>>>>>>>>>>>>>>>>>>> Blog :http://christinetechtips.blogspot.com/ >>>>>>>>>>>>>>>>>>>>> Twitter : https://twitter.com/sohanichristine >>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>> On Tue, Mar 24, 2015 at 3:52 PM, Sohani Weerasinghe < >>>>>>>>>>>>>>>>>>>>> [email protected]> wrote: >>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>> Hi Chanaka/Godwin, >>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>> Can you please provide an input on the below concerns >>>>>>>>>>>>>>>>>>>>>> to further carry out the implementation from DevS side. >>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>> 1.When considering the usability aspect, I think it's >>>>>>>>>>>>>>>>>>>>>> better if we can create a registry resource for user >>>>>>>>>>>>>>>>>>>>>> roles at the time of >>>>>>>>>>>>>>>>>>>>>> creating the policy using the Security Editor Form by >>>>>>>>>>>>>>>>>>>>>> getting the User >>>>>>>>>>>>>>>>>>>>>> Roles values from the user rather than asking user to >>>>>>>>>>>>>>>>>>>>>> create a new registry >>>>>>>>>>>>>>>>>>>>>> resource for User Roles. >>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>> @Godwin: can you please state the required registry >>>>>>>>>>>>>>>>>>>>>> path to deploy the User Roles configs? >>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>> 2. If the User Roles config saves as a registry >>>>>>>>>>>>>>>>>>>>>> resource, how this can be utilize by the proxy service? >>>>>>>>>>>>>>>>>>>>>> Will there be a >>>>>>>>>>>>>>>>>>>>>> property in the proxy service so that we can point the >>>>>>>>>>>>>>>>>>>>>> User Role config as >>>>>>>>>>>>>>>>>>>>>> pointing the policy file. >>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>> 3. If we are deploying the policy and User Role >>>>>>>>>>>>>>>>>>>>>> configs via CAPP, in a case where multiple policy files >>>>>>>>>>>>>>>>>>>>>> deploying in the >>>>>>>>>>>>>>>>>>>>>> same registry location, in order to match the User Role >>>>>>>>>>>>>>>>>>>>>> config with the >>>>>>>>>>>>>>>>>>>>>> relevant policy file, how can we identify the matching >>>>>>>>>>>>>>>>>>>>>> User Role config and >>>>>>>>>>>>>>>>>>>>>> the policy? Can we have the same resource name for the >>>>>>>>>>>>>>>>>>>>>> policy and the User >>>>>>>>>>>>>>>>>>>>>> Role configs? >>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>> @Chanaka: can you please confirm points 2 and 3? >>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>> Thanks, >>>>>>>>>>>>>>>>>>>>>> Sohani >>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>> Sohani Weerasinghe >>>>>>>>>>>>>>>>>>>>>> Software Engineer >>>>>>>>>>>>>>>>>>>>>> WSO2, Inc: http://wso2.com >>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>> Mobile : +94 716439774 >>>>>>>>>>>>>>>>>>>>>> Blog :http://christinetechtips.blogspot.com/ >>>>>>>>>>>>>>>>>>>>>> Twitter : https://twitter.com/sohanichristine >>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>> On Tue, Mar 24, 2015 at 3:42 PM, Chanaka Fernando < >>>>>>>>>>>>>>>>>>>>>> [email protected]> wrote: >>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>> Hi Godwin, >>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>> That would be good. >>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>> Thanks, >>>>>>>>>>>>>>>>>>>>>>> Chanaka >>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>> On Tue, Mar 24, 2015 at 3:40 PM, Godwin Amila >>>>>>>>>>>>>>>>>>>>>>> Shrimal <[email protected]> wrote: >>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>> Hi Chanaka, >>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>> It'll finish within this week. >>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>> Thanks >>>>>>>>>>>>>>>>>>>>>>>> Godwin >>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>> On Tue, Mar 24, 2015 at 3:35 PM, Chanaka Fernando < >>>>>>>>>>>>>>>>>>>>>>>> [email protected]> wrote: >>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>> Hi Godwin, >>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>> When will you finish the offsite dev service? >>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>> Thanks, >>>>>>>>>>>>>>>>>>>>>>>>> Chanaka >>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>> On Tue, Mar 24, 2015 at 3:30 PM, Godwin Amila >>>>>>>>>>>>>>>>>>>>>>>>> Shrimal <[email protected]> wrote: >>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>>> Hi Chanaka, >>>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>>> We have basically completed the registry base >>>>>>>>>>>>>>>>>>>>>>>>>> implementation in security mgt component and need to >>>>>>>>>>>>>>>>>>>>>>>>>> do code refactoring >>>>>>>>>>>>>>>>>>>>>>>>>> and more testing. I tested basic scenarios with >>>>>>>>>>>>>>>>>>>>>>>>>> STS-service and it worked >>>>>>>>>>>>>>>>>>>>>>>>>> ok. Currently I am in an offsite DevService and >>>>>>>>>>>>>>>>>>>>>>>>>> planning to do remaining >>>>>>>>>>>>>>>>>>>>>>>>>> refactoring and testing after this. >>>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>>> Thanks >>>>>>>>>>>>>>>>>>>>>>>>>> Godwin >>>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>>> On Tue, Mar 24, 2015 at 2:00 PM, Chanaka Fernando >>>>>>>>>>>>>>>>>>>>>>>>>> <[email protected]> wrote: >>>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>>>> Hi All, >>>>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>>>> I am writing this mail to take the discussions >>>>>>>>>>>>>>>>>>>>>>>>>>> related to $subject in to a single place. With the >>>>>>>>>>>>>>>>>>>>>>>>>>> ESB 4.9.0 release, we >>>>>>>>>>>>>>>>>>>>>>>>>>> are removing the UI capability of applying security >>>>>>>>>>>>>>>>>>>>>>>>>>> policies from the >>>>>>>>>>>>>>>>>>>>>>>>>>> management console. Going forward, users can only >>>>>>>>>>>>>>>>>>>>>>>>>>> apply security policies >>>>>>>>>>>>>>>>>>>>>>>>>>> to ESB proxy services using developer studio. Even >>>>>>>>>>>>>>>>>>>>>>>>>>> though this >>>>>>>>>>>>>>>>>>>>>>>>>>> functionality is already available in the Developer >>>>>>>>>>>>>>>>>>>>>>>>>>> Studio, it has some >>>>>>>>>>>>>>>>>>>>>>>>>>> edge cases when we use that approach. One such >>>>>>>>>>>>>>>>>>>>>>>>>>> limitation is that there is >>>>>>>>>>>>>>>>>>>>>>>>>>> no place to select the users/roles in the developer >>>>>>>>>>>>>>>>>>>>>>>>>>> studio when applying >>>>>>>>>>>>>>>>>>>>>>>>>>> the security policy. Currently, this information is >>>>>>>>>>>>>>>>>>>>>>>>>>> stored in meta files >>>>>>>>>>>>>>>>>>>>>>>>>>> and with the 4.9.0 version, service meta files are >>>>>>>>>>>>>>>>>>>>>>>>>>> removed. Plan is to >>>>>>>>>>>>>>>>>>>>>>>>>>> store this information in registry and access from >>>>>>>>>>>>>>>>>>>>>>>>>>> their. From the >>>>>>>>>>>>>>>>>>>>>>>>>>> Developer Studio also, it will create the registry >>>>>>>>>>>>>>>>>>>>>>>>>>> file when applying >>>>>>>>>>>>>>>>>>>>>>>>>>> security policies. >>>>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>>>> This would be a necessary feature for ESB 4.9.0 >>>>>>>>>>>>>>>>>>>>>>>>>>> release since this will effect the entire security >>>>>>>>>>>>>>>>>>>>>>>>>>> applying process going >>>>>>>>>>>>>>>>>>>>>>>>>>> forward. >>>>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>>>> @Godwin: Please add if I have missed anything >>>>>>>>>>>>>>>>>>>>>>>>>>> and give us some update on the status from the >>>>>>>>>>>>>>>>>>>>>>>>>>> security side. >>>>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>>>> @Sohani/DevS team: Please give us some update on >>>>>>>>>>>>>>>>>>>>>>>>>>> this implementation. >>>>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>>>> Thanks, >>>>>>>>>>>>>>>>>>>>>>>>>>> Chanaka >>>>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>>>> -- >>>>>>>>>>>>>>>>>>>>>>>>>>> -- >>>>>>>>>>>>>>>>>>>>>>>>>>> Chanaka Fernando >>>>>>>>>>>>>>>>>>>>>>>>>>> Technical Lead >>>>>>>>>>>>>>>>>>>>>>>>>>> WSO2, Inc.; http://wso2.com >>>>>>>>>>>>>>>>>>>>>>>>>>> lean.enterprise.middleware >>>>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>>>> mobile: +94 773337238 >>>>>>>>>>>>>>>>>>>>>>>>>>> Blog : http://soatutorials.blogspot.com >>>>>>>>>>>>>>>>>>>>>>>>>>> LinkedIn: >>>>>>>>>>>>>>>>>>>>>>>>>>> http://www.linkedin.com/pub/chanaka-fernando/19/a20/5b0 >>>>>>>>>>>>>>>>>>>>>>>>>>> Twitter:https://twitter.com/chanakaudaya >>>>>>>>>>>>>>>>>>>>>>>>>>> Wordpress:http://chanakaudaya.wordpress.com >>>>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>>> -- >>>>>>>>>>>>>>>>>>>>>>>>>> *Godwin Amila Shrimal* >>>>>>>>>>>>>>>>>>>>>>>>>> Senior Software Engineer >>>>>>>>>>>>>>>>>>>>>>>>>> WSO2 Inc.; http://wso2.com >>>>>>>>>>>>>>>>>>>>>>>>>> lean.enterprise.middleware >>>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>>> mobile: *+94772264165* >>>>>>>>>>>>>>>>>>>>>>>>>> linkedin: *http://lnkd.in/KUum6D >>>>>>>>>>>>>>>>>>>>>>>>>> <http://lnkd.in/KUum6D>* >>>>>>>>>>>>>>>>>>>>>>>>>> twitter: https://twitter.com/godwinamila >>>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>> -- >>>>>>>>>>>>>>>>>>>>>>>>> -- >>>>>>>>>>>>>>>>>>>>>>>>> Chanaka Fernando >>>>>>>>>>>>>>>>>>>>>>>>> Technical Lead >>>>>>>>>>>>>>>>>>>>>>>>> WSO2, Inc.; http://wso2.com >>>>>>>>>>>>>>>>>>>>>>>>> lean.enterprise.middleware >>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>> mobile: +94 773337238 >>>>>>>>>>>>>>>>>>>>>>>>> Blog : http://soatutorials.blogspot.com >>>>>>>>>>>>>>>>>>>>>>>>> LinkedIn: >>>>>>>>>>>>>>>>>>>>>>>>> http://www.linkedin.com/pub/chanaka-fernando/19/a20/5b0 >>>>>>>>>>>>>>>>>>>>>>>>> Twitter:https://twitter.com/chanakaudaya >>>>>>>>>>>>>>>>>>>>>>>>> Wordpress:http://chanakaudaya.wordpress.com >>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>> -- >>>>>>>>>>>>>>>>>>>>>>>> *Godwin Amila Shrimal* >>>>>>>>>>>>>>>>>>>>>>>> Senior Software Engineer >>>>>>>>>>>>>>>>>>>>>>>> WSO2 Inc.; http://wso2.com >>>>>>>>>>>>>>>>>>>>>>>> lean.enterprise.middleware >>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>> mobile: *+94772264165* >>>>>>>>>>>>>>>>>>>>>>>> linkedin: *http://lnkd.in/KUum6D >>>>>>>>>>>>>>>>>>>>>>>> <http://lnkd.in/KUum6D>* >>>>>>>>>>>>>>>>>>>>>>>> twitter: https://twitter.com/godwinamila >>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>> -- >>>>>>>>>>>>>>>>>>>>>>> -- >>>>>>>>>>>>>>>>>>>>>>> Chanaka Fernando >>>>>>>>>>>>>>>>>>>>>>> Technical Lead >>>>>>>>>>>>>>>>>>>>>>> WSO2, Inc.; http://wso2.com >>>>>>>>>>>>>>>>>>>>>>> lean.enterprise.middleware >>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>> mobile: +94 773337238 >>>>>>>>>>>>>>>>>>>>>>> Blog : http://soatutorials.blogspot.com >>>>>>>>>>>>>>>>>>>>>>> LinkedIn: >>>>>>>>>>>>>>>>>>>>>>> http://www.linkedin.com/pub/chanaka-fernando/19/a20/5b0 >>>>>>>>>>>>>>>>>>>>>>> Twitter:https://twitter.com/chanakaudaya >>>>>>>>>>>>>>>>>>>>>>> Wordpress:http://chanakaudaya.wordpress.com >>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>> -- >>>>>>>>>>>>>>>>>>>> *Godwin Amila Shrimal* >>>>>>>>>>>>>>>>>>>> Senior Software Engineer >>>>>>>>>>>>>>>>>>>> WSO2 Inc.; http://wso2.com >>>>>>>>>>>>>>>>>>>> lean.enterprise.middleware >>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>> mobile: *+94772264165* >>>>>>>>>>>>>>>>>>>> linkedin: *http://lnkd.in/KUum6D >>>>>>>>>>>>>>>>>>>> <http://lnkd.in/KUum6D>* >>>>>>>>>>>>>>>>>>>> twitter: https://twitter.com/godwinamila >>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>> -- >>>>>>>>>>>>>>>>>>> -- >>>>>>>>>>>>>>>>>>> Chanaka Fernando >>>>>>>>>>>>>>>>>>> Technical Lead >>>>>>>>>>>>>>>>>>> WSO2, Inc.; http://wso2.com >>>>>>>>>>>>>>>>>>> lean.enterprise.middleware >>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>> mobile: +94 773337238 >>>>>>>>>>>>>>>>>>> Blog : http://soatutorials.blogspot.com >>>>>>>>>>>>>>>>>>> LinkedIn: >>>>>>>>>>>>>>>>>>> http://www.linkedin.com/pub/chanaka-fernando/19/a20/5b0 >>>>>>>>>>>>>>>>>>> Twitter:https://twitter.com/chanakaudaya >>>>>>>>>>>>>>>>>>> Wordpress:http://chanakaudaya.wordpress.com >>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>> -- >>>>>>>>>>>>>>>>> -- >>>>>>>>>>>>>>>>> Chanaka Fernando >>>>>>>>>>>>>>>>> Technical Lead >>>>>>>>>>>>>>>>> WSO2, Inc.; http://wso2.com >>>>>>>>>>>>>>>>> lean.enterprise.middleware >>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>> mobile: +94 773337238 >>>>>>>>>>>>>>>>> Blog : http://soatutorials.blogspot.com >>>>>>>>>>>>>>>>> LinkedIn: >>>>>>>>>>>>>>>>> http://www.linkedin.com/pub/chanaka-fernando/19/a20/5b0 >>>>>>>>>>>>>>>>> Twitter:https://twitter.com/chanakaudaya >>>>>>>>>>>>>>>>> Wordpress:http://chanakaudaya.wordpress.com >>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> -- >>>>>>>>>>>>>>> -- >>>>>>>>>>>>>>> Chanaka Fernando >>>>>>>>>>>>>>> Technical Lead >>>>>>>>>>>>>>> WSO2, Inc.; http://wso2.com >>>>>>>>>>>>>>> lean.enterprise.middleware >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> mobile: +94 773337238 >>>>>>>>>>>>>>> Blog : http://soatutorials.blogspot.com >>>>>>>>>>>>>>> LinkedIn: >>>>>>>>>>>>>>> http://www.linkedin.com/pub/chanaka-fernando/19/a20/5b0 >>>>>>>>>>>>>>> Twitter:https://twitter.com/chanakaudaya >>>>>>>>>>>>>>> Wordpress:http://chanakaudaya.wordpress.com >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> >>>>>>>>>>>>>> >>>>>>>>>>>>> >>>>>>>>>>>> >>>>>>>>>>>> >>>>>>>>>>>> -- >>>>>>>>>>>> >>>>>>>>>>>> *Kasun Gajasinghe*Senior Software Engineer, WSO2 Inc. >>>>>>>>>>>> email: kasung AT spamfree wso2.com >>>>>>>>>>>> linked-in: http://lk.linkedin.com/in/gajasinghe >>>>>>>>>>>> blog: http://kasunbg.org >>>>>>>>>>>> >>>>>>>>>>>> >>>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> -- >>>>>>>>>>> *Isuru Udana* >>>>>>>>>>> Senior >>>>>>>>>>> *Software Engineer* >>>>>>>>>>> WSO2 Inc.; http://wso2.com >>>>>>>>>>> email: [email protected] cell: +94 77 3791887 >>>>>>>>>>> blog: http://mytecheye.blogspot.com/ >>>>>>>>>>> twitter: http://twitter.com/isudana >>>>>>>>>>> >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> -- >>>>>>>>>> >>>>>>>>>> *Kasun Gajasinghe*Senior Software Engineer, WSO2 Inc. >>>>>>>>>> email: kasung AT spamfree wso2.com >>>>>>>>>> linked-in: http://lk.linkedin.com/in/gajasinghe >>>>>>>>>> blog: http://kasunbg.org >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> >>>>>>>>> >>>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> -- >>>>>>>> -- >>>>>>>> Chanaka Fernando >>>>>>>> Technical Lead >>>>>>>> WSO2, Inc.; http://wso2.com >>>>>>>> lean.enterprise.middleware >>>>>>>> >>>>>>>> mobile: +94 773337238 >>>>>>>> Blog : http://soatutorials.blogspot.com >>>>>>>> LinkedIn:http://www.linkedin.com/pub/chanaka-fernando/19/a20/5b0 >>>>>>>> Twitter:https://twitter.com/chanakaudaya >>>>>>>> Wordpress:http://chanakaudaya.wordpress.com >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>> >>>>>>> >>>>>>> -- >>>>>>> -- >>>>>>> Chanaka Fernando >>>>>>> Technical Lead >>>>>>> WSO2, Inc.; http://wso2.com >>>>>>> lean.enterprise.middleware >>>>>>> >>>>>>> mobile: +94 773337238 >>>>>>> Blog : http://soatutorials.blogspot.com >>>>>>> LinkedIn:http://www.linkedin.com/pub/chanaka-fernando/19/a20/5b0 >>>>>>> Twitter:https://twitter.com/chanakaudaya >>>>>>> Wordpress:http://chanakaudaya.wordpress.com >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>> >>>>>> >>>>>> -- >>>>>> -- >>>>>> Chanaka Fernando >>>>>> Technical Lead >>>>>> WSO2, Inc.; http://wso2.com >>>>>> lean.enterprise.middleware >>>>>> >>>>>> mobile: +94 773337238 >>>>>> Blog : http://soatutorials.blogspot.com >>>>>> LinkedIn:http://www.linkedin.com/pub/chanaka-fernando/19/a20/5b0 >>>>>> Twitter:https://twitter.com/chanakaudaya >>>>>> Wordpress:http://chanakaudaya.wordpress.com >>>>>> >>>>>> >>>>>> >>>>>> >>>>> >>>> >>>> >>>> -- >>>> Thanks & Regards, >>>> >>>> *Johann Dilantha Nallathamby* >>>> Associate Technical Lead & Product Lead of WSO2 Identity Server >>>> Integration Technologies Team >>>> WSO2, Inc. >>>> lean.enterprise.middleware >>>> >>>> Mobile - *+94777776950* >>>> Blog - *http://nallaa.wordpress.com <http://nallaa.wordpress.com>* >>>> >>> >>> >>> >>> -- >>> -- >>> Chanaka Fernando >>> Technical Lead >>> WSO2, Inc.; http://wso2.com >>> lean.enterprise.middleware >>> >>> mobile: +94 773337238 >>> Blog : http://soatutorials.blogspot.com >>> LinkedIn:http://www.linkedin.com/pub/chanaka-fernando/19/a20/5b0 >>> Twitter:https://twitter.com/chanakaudaya >>> Wordpress:http://chanakaudaya.wordpress.com >>> >>> >>> >>> >>> _______________________________________________ >>> Dev mailing list >>> [email protected] >>> http://wso2.org/cgi-bin/mailman/listinfo/dev >>> >>> >> >> >> -- >> Nandika Jayawardana >> Senior Technical Lead >> WSO2 Inc ; http://wso2.com >> lean.enterprise.middleware >> > > > > -- > -- > Chanaka Fernando > Technical Lead > WSO2, Inc.; http://wso2.com > lean.enterprise.middleware > > mobile: +94 773337238 > Blog : http://soatutorials.blogspot.com > LinkedIn:http://www.linkedin.com/pub/chanaka-fernando/19/a20/5b0 > Twitter:https://twitter.com/chanakaudaya > Wordpress:http://chanakaudaya.wordpress.com > > > > -- Nandika Jayawardana Senior Technical Lead WSO2 Inc ; http://wso2.com lean.enterprise.middleware
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
