On Wed, Apr 8, 2015 at 2:13 PM, Jasintha Dasanayake <[email protected]> wrote:
> Hi all > > From the tooling perspective it is not nice to have different user > experience for applying security for various project and IMO it should be > same for all project types . > > As we identified there should be only two steps for applying all types of > projects > > 1 - create the policy (user can keep it either registry or filesystem) > > 2 - Refer the relevant policy file using a key in a particular project > > > WDYT ? > +1 from G-Reg POV, this will align with run time governance story which we plan to implement after 5.0.0. Thanks ! > > Thanks and Regards > /Jasintha > > > > On Wed, Apr 8, 2015 at 1:58 PM, Nandika Jayawardana <[email protected]> > wrote: > >> Hi Jasintha, >> >> Is it a hard requirement to create the policy as a registry resource. I >> would prefer to have it in the file system within service.xml file. For >> example you can refer to the following bpel project. >> >> >> https://github.com/wso2/product-bps/tree/master/modules/samples/product/src/main/resources/bpel/2.0/SecuredWithServiceDescriptorProcess >> >> Regards >> Nandika >> >> On Wed, Apr 8, 2015 at 1:53 PM, KasunG Gajasinghe <[email protected]> >> wrote: >> >>> >>> With this approach, there is no need hard requirement to use registry to >>> store policies. We are using the native ws policy support provided by each >>> service artifact. >>> >>> So, >>> >>> 1. For proxy services, the policy could be stored in registry or in >>> file system as a local-entry. A proxy-level configuration will specify >>> the >>> policy key. >>> 2. For AAR, and BPEL Services, the policy should be in the >>> services.xml. >>> 3. For data services, policy will probably be stored in registry, >>> and a data service level configuration will specify the policy key. >>> *@Rajith,* please confirm whether this will work. >>> >>> >>> The allowRoles parameter will specify the list of roles for policies >>> that require it. It'll be a service level parameter. So, for AAR and BPEL >>> services, it'll be in the services.xml. For proxy and dss services, it'll >>> be in the particular service configuration file. >>> >>> >>> On Wed, Apr 8, 2015 at 12:24 PM, Sohani Weerasinghe <[email protected]> >>> wrote: >>> >>>> Meeting notes is as follows: >>>> >>>> Participants: Jasintha, Nandika, Johann, Chanaka, IsuruU, KasunG, >>>> Godwin, RajithV, Sohani >>>> >>>> Notes: >>>> >>>> Each product needs to provide a service parameter to define user roles, >>>> and the creation of axis2 object including the policy and user roles needs >>>> to be handle by each product. The security deployment interceptor should >>>> handle adding user roles to the data base. >>>> >>>> AllowRoles parameter is already there in ESB and this needs to be >>>> facilitated by DSS, BPS and AS. >>>> >>>> From the Developer Studio side, user should be able to connect with the >>>> server and include relevant user roles to the configuration. >>>> >>>> @Jasintha/Nandika: Since there should be an approach to handle this >>>> parameter for BPEL, please advice on this. >>>> >>>> Thanks, >>>> Sohani >>>> >>>> Sohani Weerasinghe >>>> Software Engineer >>>> WSO2, Inc: http://wso2.com >>>> >>>> Mobile : +94 716439774 >>>> Blog :http://christinetechtips.blogspot.com/ >>>> Twitter : https://twitter.com/sohanichristine >>>> >>>> On Tue, Apr 7, 2015 at 11:48 AM, Sohani Weerasinghe <[email protected]> >>>> wrote: >>>> >>>>> Hi All, >>>>> >>>>> Please note that I have arranged a meeting tomorrow at 11am to 12pm to >>>>> discuss about this further. >>>>> >>>>> Thanks, >>>>> Sohani >>>>> >>>>> Sohani Weerasinghe >>>>> Software Engineer >>>>> WSO2, Inc: http://wso2.com >>>>> >>>>> Mobile : +94 716439774 >>>>> Blog :http://christinetechtips.blogspot.com/ >>>>> Twitter : https://twitter.com/sohanichristine >>>>> >>>>> On Tue, Apr 7, 2015 at 11:41 AM, Sohani Weerasinghe <[email protected]> >>>>> wrote: >>>>> >>>>>> >>>>>> >>>>>> Sohani Weerasinghe >>>>>> Software Engineer >>>>>> WSO2, Inc: http://wso2.com >>>>>> >>>>>> Mobile : +94 716439774 >>>>>> Blog :http://christinetechtips.blogspot.com/ >>>>>> Twitter : https://twitter.com/sohanichristine >>>>>> >>>>>> On Tue, Apr 7, 2015 at 11:19 AM, Nandika Jayawardana < >>>>>> [email protected]> wrote: >>>>>> >>>>>>> Yes. Lets have a meeting and get at least one person from all the >>>>>>> affected teams. >>>>>>> >>>>>>> Regards >>>>>>> Nandika >>>>>>> >>>>>>> On Tue, Apr 7, 2015 at 11:08 AM, Chanaka Fernando <[email protected] >>>>>>> > wrote: >>>>>>> >>>>>>>> Hi Sohani, >>>>>>>> >>>>>>>> Shall we arrange a meeting to discuss this and finalize the >>>>>>>> approach? Looks like we have several approaches but still we have not >>>>>>>> agreed on a proper solution. >>>>>>>> >>>>>>> >>>>>> +1. It seems everyone is free tomorrow morning. Therefore, I'll >>>>>> arrange a meeting tomorrow at 11am. >>>>>> >>>>>> Thanks, >>>>>> Sohani >>>>>> >>>>>>> >>>>>>>> Thanks, >>>>>>>> Chanaka >>>>>>>> >>>>>>>> On Tue, Apr 7, 2015 at 10:12 AM, Nandika Jayawardana < >>>>>>>> [email protected]> wrote: >>>>>>>> >>>>>>>>> In BPS, we have to pack the policy file within the bpel project >>>>>>>>> itself and refer to it in the deploy.xml. We are going to have to >>>>>>>>> update >>>>>>>>> the deployment code as we are creating the axis service objects >>>>>>>>> dynamically. >>>>>>>>> >>>>>>>>> Regards >>>>>>>>> Nandika >>>>>>>>> >>>>>>>>> On Tue, Apr 7, 2015 at 10:04 AM, Chanaka Fernando < >>>>>>>>> [email protected]> wrote: >>>>>>>>> >>>>>>>>>> Hi Johann/KasunG/Kishanthan, >>>>>>>>>> >>>>>>>>>> What would be the way forward to support this feature? We can >>>>>>>>>> have the Developer Studio story completed if we use the "allowRoles" >>>>>>>>>> parameter with the *SecurityDeploymentIntercepter *class >>>>>>>>>> updating the DB. If we are going with the registry resource property >>>>>>>>>> approach, we need to implement the same logic at a proper place in >>>>>>>>>> the >>>>>>>>>> identity component. >>>>>>>>>> >>>>>>>>>> WDYT? >>>>>>>>>> >>>>>>>>>> Thanks, >>>>>>>>>> Chanaka >>>>>>>>>> >>>>>>>>>> On Mon, Apr 6, 2015 at 12:25 PM, Johann Nallathamby < >>>>>>>>>> [email protected]> wrote: >>>>>>>>>> >>>>>>>>>>> Hi Kasun/Kishanthan, >>>>>>>>>>> >>>>>>>>>>> Any idea why this was removed ? I thought security-mgt is >>>>>>>>>>> maintained by IS team. But looks like others are also working on >>>>>>>>>>> this >>>>>>>>>>> component. >>>>>>>>>>> >>>>>>>>>>> On Mon, Apr 6, 2015 at 12:05 PM, Sohani Weerasinghe < >>>>>>>>>>> [email protected]> wrote: >>>>>>>>>>> >>>>>>>>>>>> @Chanaka: Thanks for investigating on this issue. >>>>>>>>>>>> >>>>>>>>>>>> Sohani Weerasinghe >>>>>>>>>>>> Software Engineer >>>>>>>>>>>> WSO2, Inc: http://wso2.com >>>>>>>>>>>> >>>>>>>>>>>> Mobile : +94 716439774 >>>>>>>>>>>> Blog :http://christinetechtips.blogspot.com/ >>>>>>>>>>>> Twitter : https://twitter.com/sohanichristine >>>>>>>>>>>> >>>>>>>>>>>> On Mon, Apr 6, 2015 at 12:02 PM, Chanaka Fernando < >>>>>>>>>>>> [email protected]> wrote: >>>>>>>>>>>> >>>>>>>>>>>>> Hi Johann, >>>>>>>>>>>>> >>>>>>>>>>>>> After looking through the new implementation of the >>>>>>>>>>>>> *SecurityDeploymentIntercepter.java >>>>>>>>>>>>> *file in the latest GIT source code[1] , I could find that >>>>>>>>>>>>> this "allowRoles" parameter related implementation has been >>>>>>>>>>>>> removed. Entire >>>>>>>>>>>>> implementation of the *applySecurityParameters(AxisService >>>>>>>>>>>>> service, SecurityScenario secScenario)* method has been >>>>>>>>>>>>> removed and that method is blank. What is the reason for this? >>>>>>>>>>>>> >>>>>>>>>>>>> @Sohani: This is the reason that this parameter is not working >>>>>>>>>>>>> in the latest 4.9.0 ESB pack. >>>>>>>>>>>>> >>>>>>>>>>>>> [1] >>>>>>>>>>>>> https://github.com/wso2/carbon-identity/blob/master/components/security/org.wso2.carbon.security.mgt/src/main/java/org/wso2/carbon/security/deployment/SecurityDeploymentInterceptor.java >>>>>>>>>>>>> >>>>>>>>>>>>> >>>>>>>>>>>>> Thanks, >>>>>>>>>>>>> Chanaka >>>>>>>>>>>>> >>>>>>>>>>>>> On Mon, Apr 6, 2015 at 11:35 AM, Chanaka Fernando < >>>>>>>>>>>>> [email protected]> wrote: >>>>>>>>>>>>> >>>>>>>>>>>>>> Hi KasunG, >>>>>>>>>>>>>> >>>>>>>>>>>>>> I have checked on the source code of the previous >>>>>>>>>>>>>> implementation and according to that, when applying security >>>>>>>>>>>>>> through >>>>>>>>>>>>>> Management console and through "allowRoles" service parameter, >>>>>>>>>>>>>> it executes >>>>>>>>>>>>>> the same code on the Security side (please see below). >>>>>>>>>>>>>> >>>>>>>>>>>>>> *SecurityConfigAdmin.java (Executes when applying through >>>>>>>>>>>>>> Management Console)* >>>>>>>>>>>>>> >>>>>>>>>>>>>> if (userGroups != null) { >>>>>>>>>>>>>> for (String value : userGroups) { >>>>>>>>>>>>>> AuthorizationManager acAdmin = >>>>>>>>>>>>>> realm.getAuthorizationManager(); >>>>>>>>>>>>>> >>>>>>>>>>>>>> acAdmin.authorizeRole(value, >>>>>>>>>>>>>> serviceGroupId+"/"+service.getName(), >>>>>>>>>>>>>> >>>>>>>>>>>>>> UserCoreConstants.INVOKE_SERVICE_PERMISSION); >>>>>>>>>>>>>> } >>>>>>>>>>>>>> } >>>>>>>>>>>>>> >>>>>>>>>>>>>> >>>>>>>>>>>>>> >>>>>>>>>>>>>> *SecurityDeploymentIntercepter.java (Executes when applying >>>>>>>>>>>>>> through "allowRoles" parameter)* >>>>>>>>>>>>>> >>>>>>>>>>>>>> Parameter allowRolesParameter = >>>>>>>>>>>>>> service.getParameter("allowRoles"); >>>>>>>>>>>>>> >>>>>>>>>>>>>> if(allowRolesParameter!= null && >>>>>>>>>>>>>> allowRolesParameter.getValue() != null){ >>>>>>>>>>>>>> >>>>>>>>>>>>>> AuthorizationManager manager = >>>>>>>>>>>>>> userRealm.getAuthorizationManager(); >>>>>>>>>>>>>> String resourceName = serviceGroupId + "/" + >>>>>>>>>>>>>> serviceName; >>>>>>>>>>>>>> String[] roles = >>>>>>>>>>>>>> manager.getAllowedRolesForResource(resourceName, >>>>>>>>>>>>>> >>>>>>>>>>>>>> UserCoreConstants.INVOKE_SERVICE_PERMISSION); >>>>>>>>>>>>>> if(roles != null){ >>>>>>>>>>>>>> for (String role : roles) { >>>>>>>>>>>>>> manager.clearRoleAuthorization(role, >>>>>>>>>>>>>> resourceName, >>>>>>>>>>>>>> >>>>>>>>>>>>>> UserCoreConstants.INVOKE_SERVICE_PERMISSION); >>>>>>>>>>>>>> } >>>>>>>>>>>>>> } >>>>>>>>>>>>>> >>>>>>>>>>>>>> String value = (String) >>>>>>>>>>>>>> allowRolesParameter.getValue(); >>>>>>>>>>>>>> String[] allowRoles = value.split(",") ; >>>>>>>>>>>>>> if(allowRoles != null){ >>>>>>>>>>>>>> for(String role : allowRoles){ >>>>>>>>>>>>>> >>>>>>>>>>>>>> userRealm.getAuthorizationManager().authorizeRole(role, >>>>>>>>>>>>>> resourceName, >>>>>>>>>>>>>> >>>>>>>>>>>>>> UserCoreConstants.INVOKE_SERVICE_PERMISSION); >>>>>>>>>>>>>> } >>>>>>>>>>>>>> } >>>>>>>>>>>>>> } >>>>>>>>>>>>>> >>>>>>>>>>>>>> >>>>>>>>>>>>>> Since this is a service level parameter, we can use this for >>>>>>>>>>>>>> all axis2 services. If that is the case, we can go with this >>>>>>>>>>>>>> parameter >>>>>>>>>>>>>> instead of having properties at registry resource level. WDYT? >>>>>>>>>>>>>> >>>>>>>>>>>>>> @Sohani: I will look in the 4.9.0 related issue when using >>>>>>>>>>>>>> this parameter. >>>>>>>>>>>>>> >>>>>>>>>>>>>> >>>>>>>>>>>>>> Thanks, >>>>>>>>>>>>>> Chanaka >>>>>>>>>>>>>> >>>>>>>>>>>>>> >>>>>>>>>>>>>> On Thu, Apr 2, 2015 at 5:25 PM, Chanaka Fernando < >>>>>>>>>>>>>> [email protected]> wrote: >>>>>>>>>>>>>> >>>>>>>>>>>>>>> Hi Sohani, >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> Please see my comments inline. >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> AFAIK when we deploy a proxy which has allowRoles parameter, >>>>>>>>>>>>>>> the 'UM_PERMISSION ' table is getting updated and an entry is >>>>>>>>>>>>>>> created with >>>>>>>>>>>>>>> that ID in the UM_ROLE_PERMISSION table. This works fine with >>>>>>>>>>>>>>> ESB 4.8.1 but >>>>>>>>>>>>>>> with ESB 4.9.0 the UM_PERMISSION table is not getting updated. >>>>>>>>>>>>>>> Therefore, I >>>>>>>>>>>>>>> think we need to modify the existing deployer to handle this >>>>>>>>>>>>>>> task as we >>>>>>>>>>>>>>> have discussed during the last meeting. Correct me if I am >>>>>>>>>>>>>>> wrong. >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> -- I have also checked in the code and this "allowRoles" >>>>>>>>>>>>>>> property do the same operation in the JDBCAuthorizationManager >>>>>>>>>>>>>>> class when >>>>>>>>>>>>>>> we add the user roles from the management console. So it should >>>>>>>>>>>>>>> work as >>>>>>>>>>>>>>> expected. But KasunG's point is that this is a kind of a quick >>>>>>>>>>>>>>> fix and this >>>>>>>>>>>>>>> may not work for axis2 services. >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> When concerning the new suggestion of including the user >>>>>>>>>>>>>>> role information as a registry property of the registry >>>>>>>>>>>>>>> resource, how can >>>>>>>>>>>>>>> we handle updating the user role information in the database >>>>>>>>>>>>>>> since we don't >>>>>>>>>>>>>>> have the proxy information at the time we create the policy >>>>>>>>>>>>>>> file? Can >>>>>>>>>>>>>>> someone please advise on the way to proceed with this. >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> -- Here you don't need to add this information to the >>>>>>>>>>>>>>> database from DevS side. At the deployment time, deployer will >>>>>>>>>>>>>>> check the >>>>>>>>>>>>>>> user role from the resource properties and add that to the >>>>>>>>>>>>>>> relevant >>>>>>>>>>>>>>> database using the JDBCAuthorizationManager class. >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> Shall we have a meeting to discuss about this further? WDYT? >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> +1 for a meeting. >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> Thanks, >>>>>>>>>>>>>>> Chanaka >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> On Thu, Apr 2, 2015 at 3:32 PM, Sohani Weerasinghe < >>>>>>>>>>>>>>> [email protected]> wrote: >>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> Hi All, >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> AFAIK when we deploy a proxy which has allowRoles >>>>>>>>>>>>>>>> parameter, the 'UM_PERMISSION ' table is getting updated and >>>>>>>>>>>>>>>> an entry is >>>>>>>>>>>>>>>> created with that ID in the UM_ROLE_PERMISSION table. This >>>>>>>>>>>>>>>> works fine with >>>>>>>>>>>>>>>> ESB 4.8.1 but with ESB 4.9.0 the UM_PERMISSION table is not >>>>>>>>>>>>>>>> getting >>>>>>>>>>>>>>>> updated. Therefore, I think we need to modify the existing >>>>>>>>>>>>>>>> deployer to >>>>>>>>>>>>>>>> handle this task as we have discussed during the last meeting. >>>>>>>>>>>>>>>> Correct me >>>>>>>>>>>>>>>> if I am wrong. >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> When concerning the new suggestion of including the user >>>>>>>>>>>>>>>> role information as a registry property of the registry >>>>>>>>>>>>>>>> resource, how can >>>>>>>>>>>>>>>> we handle updating the user role information in the database >>>>>>>>>>>>>>>> since we don't >>>>>>>>>>>>>>>> have the proxy information at the time we create the policy >>>>>>>>>>>>>>>> file? Can >>>>>>>>>>>>>>>> someone please advise on the way to proceed with this. >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> Shall we have a meeting to discuss about this further? WDYT? >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> Thanks, >>>>>>>>>>>>>>>> Sohani >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> Sohani Weerasinghe >>>>>>>>>>>>>>>> Software Engineer >>>>>>>>>>>>>>>> WSO2, Inc: http://wso2.com >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> Mobile : +94 716439774 >>>>>>>>>>>>>>>> Blog :http://christinetechtips.blogspot.com/ >>>>>>>>>>>>>>>> Twitter : https://twitter.com/sohanichristine >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> On Tue, Mar 31, 2015 at 5:11 PM, KasunG Gajasinghe < >>>>>>>>>>>>>>>> [email protected]> wrote: >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>> Hi, >>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>> On Tue, Mar 31, 2015 at 4:59 PM, Isuru Udana < >>>>>>>>>>>>>>>>> [email protected]> wrote: >>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>> Hi KasunG, >>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>> On Tue, Mar 31, 2015 at 4:32 PM, KasunG Gajasinghe < >>>>>>>>>>>>>>>>>> [email protected]> wrote: >>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>> Hi, >>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>> Two questions - >>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>> 1. Why do we need a separate axis2 deployer to handle >>>>>>>>>>>>>>>>>>> just user roles? >>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>> We were thinking about modifying existing deployers >>>>>>>>>>>>>>>>>> (proxy deployer etc) to call the relevant component in the >>>>>>>>>>>>>>>>>> security side. >>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>> To add the policy to a service, you can also use an >>>>>>>>>>>>>>>>> AxisObserver. With this, you won't need to patch the >>>>>>>>>>>>>>>>> deployers. You can >>>>>>>>>>>>>>>>> re-use the existing code in DeploymentInterceptor class in >>>>>>>>>>>>>>>>> carbon core >>>>>>>>>>>>>>>>> component on applying policies to runtime AxisService object. >>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>> 2. Isn't it much cleaner if we keep the list of user >>>>>>>>>>>>>>>>>>> roles as a registry property of the registry resource that >>>>>>>>>>>>>>>>>>> contains the >>>>>>>>>>>>>>>>>>> policy? Then, this won't depend on the service type, and >>>>>>>>>>>>>>>>>>> the security >>>>>>>>>>>>>>>>>>> configuration will be located in a single place. I believe >>>>>>>>>>>>>>>>>>> allowRoles was >>>>>>>>>>>>>>>>>>> provided as a quick fix for a support ticket. >>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>> This is a very good suggestion. Let's consider this >>>>>>>>>>>>>>>>>> option as well. >>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>> Sounds good! >>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>> Thanks. >>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>> On Tue, Mar 31, 2015 at 3:53 PM, Sohani Weerasinghe < >>>>>>>>>>>>>>>>>>> [email protected]> wrote: >>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>> Meeting notes is as follows >>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>> Participants: Jasintha, Susinda, Awanthika, Chanaka, >>>>>>>>>>>>>>>>>>>> IsuruU, Johann, Godwin, Dulindra, Sohani >>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>> Notes: >>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>> From the Developer Studio perspective, currently we are >>>>>>>>>>>>>>>>>>>> implementing the security policy as a registry resource >>>>>>>>>>>>>>>>>>>> and as per the >>>>>>>>>>>>>>>>>>>> discussion had we will use the parameter 'allowRoles' to >>>>>>>>>>>>>>>>>>>> define the >>>>>>>>>>>>>>>>>>>> relevant user roles. This will be a service level >>>>>>>>>>>>>>>>>>>> parameter and the roles >>>>>>>>>>>>>>>>>>>> can be obtained by connecting to the server. >>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>> This parameter is already available with ESB and this >>>>>>>>>>>>>>>>>>>> needs to be facilitated by DSS and Axis2. >>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>> From the Servers (ESB, DSS and AS) a deployer needs to >>>>>>>>>>>>>>>>>>>> be implemented to handle user roles at the run time >>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>> Please add points to this if I have missed anything. >>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>> Thanks, >>>>>>>>>>>>>>>>>>>> Sohani >>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>> Sohani Weerasinghe >>>>>>>>>>>>>>>>>>>> Software Engineer >>>>>>>>>>>>>>>>>>>> WSO2, Inc: http://wso2.com >>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>> Mobile : +94 716439774 >>>>>>>>>>>>>>>>>>>> Blog :http://christinetechtips.blogspot.com/ >>>>>>>>>>>>>>>>>>>> Twitter : https://twitter.com/sohanichristine >>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>> On Thu, Mar 26, 2015 at 3:35 PM, Sohani Weerasinghe < >>>>>>>>>>>>>>>>>>>> [email protected]> wrote: >>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>> Hi Chanaka, >>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>> Thanks for the explanation and as per the offline >>>>>>>>>>>>>>>>>>>>> discussion we had, let's have a meeting on next week so >>>>>>>>>>>>>>>>>>>>> that we can >>>>>>>>>>>>>>>>>>>>> discuss and finalize the things. >>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>> Regards, >>>>>>>>>>>>>>>>>>>>> Sohani >>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>> Sohani Weerasinghe >>>>>>>>>>>>>>>>>>>>> Software Engineer >>>>>>>>>>>>>>>>>>>>> WSO2, Inc: http://wso2.com >>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>> Mobile : +94 716439774 >>>>>>>>>>>>>>>>>>>>> Blog :http://christinetechtips.blogspot.com/ >>>>>>>>>>>>>>>>>>>>> Twitter : https://twitter.com/sohanichristine >>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>> On Thu, Mar 26, 2015 at 3:26 PM, Chanaka Fernando < >>>>>>>>>>>>>>>>>>>>> [email protected]> wrote: >>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>> Hi Sohani, >>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>> I got your idea. But what I meant was that this does >>>>>>>>>>>>>>>>>>>>>> not give any additional security. BTW, I am not against >>>>>>>>>>>>>>>>>>>>>> the registry based >>>>>>>>>>>>>>>>>>>>>> approach :) >>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>> Thanks, >>>>>>>>>>>>>>>>>>>>>> Chanaka >>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>> On Thu, Mar 26, 2015 at 3:05 PM, Sohani Weerasinghe < >>>>>>>>>>>>>>>>>>>>>> [email protected]> wrote: >>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>> @Chanaka : I just considered the fact that if we >>>>>>>>>>>>>>>>>>>>>>> specify it as a parameter then that information will be >>>>>>>>>>>>>>>>>>>>>>> visible. That is >>>>>>>>>>>>>>>>>>>>>>> why thought of saving it as a registry resource would >>>>>>>>>>>>>>>>>>>>>>> be better. But if we >>>>>>>>>>>>>>>>>>>>>>> can continue with the parameter then we'll continue the >>>>>>>>>>>>>>>>>>>>>>> testing with that. >>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>> Regards, >>>>>>>>>>>>>>>>>>>>>>> Sohani >>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>> Sohani Weerasinghe >>>>>>>>>>>>>>>>>>>>>>> Software Engineer >>>>>>>>>>>>>>>>>>>>>>> WSO2, Inc: http://wso2.com >>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>> Mobile : +94 716439774 >>>>>>>>>>>>>>>>>>>>>>> Blog :http://christinetechtips.blogspot.com/ >>>>>>>>>>>>>>>>>>>>>>> Twitter : https://twitter.com/sohanichristine >>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>> On Thu, Mar 26, 2015 at 3:02 PM, Chanaka Fernando < >>>>>>>>>>>>>>>>>>>>>>> [email protected]> wrote: >>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>> Hi Sohani, >>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>> What is the additional security you get from having >>>>>>>>>>>>>>>>>>>>>>>> that parameter in registry? >>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>> Thanks, >>>>>>>>>>>>>>>>>>>>>>>> Chanaka >>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>> On Thu, Mar 26, 2015 at 2:55 PM, Sohani Weerasinghe >>>>>>>>>>>>>>>>>>>>>>>> <[email protected]> wrote: >>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>> Hi Chanaka, >>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>> Please find my comments inline >>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>> Sohani Weerasinghe >>>>>>>>>>>>>>>>>>>>>>>>> Software Engineer >>>>>>>>>>>>>>>>>>>>>>>>> WSO2, Inc: http://wso2.com >>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>> Mobile : +94 716439774 >>>>>>>>>>>>>>>>>>>>>>>>> Blog :http://christinetechtips.blogspot.com/ >>>>>>>>>>>>>>>>>>>>>>>>> Twitter : https://twitter.com/sohanichristine >>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>> On Thu, Mar 26, 2015 at 2:18 PM, Chanaka Fernando >>>>>>>>>>>>>>>>>>>>>>>>> <[email protected]> wrote: >>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>>> Hi Godwin, >>>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>>> Please see my comments inline. >>>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>>> AFAIK, in old model (file base persistence) roles >>>>>>>>>>>>>>>>>>>>>>>>>> are not persisting in meta file and it use >>>>>>>>>>>>>>>>>>>>>>>>>> AuthorizationManager >>>>>>>>>>>>>>>>>>>>>>>>>> (JDBCAuthorizationManager) for persistence, We use >>>>>>>>>>>>>>>>>>>>>>>>>> same model for current >>>>>>>>>>>>>>>>>>>>>>>>>> implementation as well and roles are not persisting >>>>>>>>>>>>>>>>>>>>>>>>>> in registry. >>>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>>> The problem with that approach is we need to >>>>>>>>>>>>>>>>>>>>>>>>>> include this information within the CAR file. >>>>>>>>>>>>>>>>>>>>>>>>>> Otherwise, it is not self >>>>>>>>>>>>>>>>>>>>>>>>>> contained. We need to have this user role >>>>>>>>>>>>>>>>>>>>>>>>>> information within the CAR file. >>>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>>> @Sohani: If we can make sure all the security >>>>>>>>>>>>>>>>>>>>>>>>>> related scenarios (which requires user related >>>>>>>>>>>>>>>>>>>>>>>>>> information) are working >>>>>>>>>>>>>>>>>>>>>>>>>> properly with the <parameter >>>>>>>>>>>>>>>>>>>>>>>>>> name="allowRoles">admin</parameter>, then we >>>>>>>>>>>>>>>>>>>>>>>>>> can use this parameter instead of a separate >>>>>>>>>>>>>>>>>>>>>>>>>> registry resource. >>>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>> When considering the security perspective isn't it >>>>>>>>>>>>>>>>>>>>>>>>> better to specify user roles information as a >>>>>>>>>>>>>>>>>>>>>>>>> registry resource rather than >>>>>>>>>>>>>>>>>>>>>>>>> use as a parameter? WDYT? >>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>>> Thanks, >>>>>>>>>>>>>>>>>>>>>>>>>> Chanaka >>>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>>> On Wed, Mar 25, 2015 at 11:46 PM, Godwin Amila >>>>>>>>>>>>>>>>>>>>>>>>>> Shrimal <[email protected]> wrote: >>>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>>>> Hi Sohani, >>>>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>>>> AFAIK, in old model (file base persistence) >>>>>>>>>>>>>>>>>>>>>>>>>>> roles are not persisting in meta file and it use >>>>>>>>>>>>>>>>>>>>>>>>>>> AuthorizationManager >>>>>>>>>>>>>>>>>>>>>>>>>>> (JDBCAuthorizationManager) for persistence, We use >>>>>>>>>>>>>>>>>>>>>>>>>>> same model for current >>>>>>>>>>>>>>>>>>>>>>>>>>> implementation as well and roles are not persisting >>>>>>>>>>>>>>>>>>>>>>>>>>> in registry. >>>>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>>>> Thanks >>>>>>>>>>>>>>>>>>>>>>>>>>> Godwin >>>>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>>>> On Wed, Mar 25, 2015 at 11:23 AM, Sohani >>>>>>>>>>>>>>>>>>>>>>>>>>> Weerasinghe <[email protected]> wrote: >>>>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>>>>> Hi Chanaka/Godwin, >>>>>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>>>>> In order to further implement this feature I >>>>>>>>>>>>>>>>>>>>>>>>>>>> really appreciate your input on the below concerns. >>>>>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>>>>> 1. When considering the security perspective, >>>>>>>>>>>>>>>>>>>>>>>>>>>> it seems we have two options to specify user roles >>>>>>>>>>>>>>>>>>>>>>>>>>>> config either as a >>>>>>>>>>>>>>>>>>>>>>>>>>>> registry resource or using the parameter >>>>>>>>>>>>>>>>>>>>>>>>>>>> 'allowRoles' in the proxy >>>>>>>>>>>>>>>>>>>>>>>>>>>> configuration. IMO implement it as a registry >>>>>>>>>>>>>>>>>>>>>>>>>>>> resource would be better when >>>>>>>>>>>>>>>>>>>>>>>>>>>> considering the security perspective. WDYT? >>>>>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>>>>> Also, if we are to implement it as a registry >>>>>>>>>>>>>>>>>>>>>>>>>>>> resource then the content of the resource will be >>>>>>>>>>>>>>>>>>>>>>>>>>>> <parameter >>>>>>>>>>>>>>>>>>>>>>>>>>>> name="allowRoles">admin</parameter>. >>>>>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>>>>> @Chanaka: Can we have a parameter in the proxy >>>>>>>>>>>>>>>>>>>>>>>>>>>> config to define the registry resource for the >>>>>>>>>>>>>>>>>>>>>>>>>>>> user roles as we define the >>>>>>>>>>>>>>>>>>>>>>>>>>>> security policy (eg: <policy >>>>>>>>>>>>>>>>>>>>>>>>>>>> key="conf:repository/policy.xml"/> ) ? >>>>>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>>>>> @Godwin : If user roles is going to be >>>>>>>>>>>>>>>>>>>>>>>>>>>> implemented as a registry resource, will there be >>>>>>>>>>>>>>>>>>>>>>>>>>>> a predefined registry >>>>>>>>>>>>>>>>>>>>>>>>>>>> location to save it ? If so can you please state >>>>>>>>>>>>>>>>>>>>>>>>>>>> it? >>>>>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>>>>> Really appreciate your response on this. >>>>>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>>>>> Thanks, >>>>>>>>>>>>>>>>>>>>>>>>>>>> Sohani >>>>>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>>>>> Sohani Weerasinghe >>>>>>>>>>>>>>>>>>>>>>>>>>>> Software Engineer >>>>>>>>>>>>>>>>>>>>>>>>>>>> WSO2, Inc: http://wso2.com >>>>>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>>>>> Mobile : +94 716439774 >>>>>>>>>>>>>>>>>>>>>>>>>>>> Blog : >>>>>>>>>>>>>>>>>>>>>>>>>>>> http://christinetechtips.blogspot.com/ >>>>>>>>>>>>>>>>>>>>>>>>>>>> Twitter : https://twitter.com/sohanichristine >>>>>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>>>>> On Tue, Mar 24, 2015 at 3:52 PM, Sohani >>>>>>>>>>>>>>>>>>>>>>>>>>>> Weerasinghe <[email protected]> wrote: >>>>>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>>>>>> Hi Chanaka/Godwin, >>>>>>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>>>>>> Can you please provide an input on the below >>>>>>>>>>>>>>>>>>>>>>>>>>>>> concerns to further carry out the implementation >>>>>>>>>>>>>>>>>>>>>>>>>>>>> from DevS side. >>>>>>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>>>>>> 1.When considering the usability aspect, I >>>>>>>>>>>>>>>>>>>>>>>>>>>>> think it's better if we can create a registry >>>>>>>>>>>>>>>>>>>>>>>>>>>>> resource for user roles at >>>>>>>>>>>>>>>>>>>>>>>>>>>>> the time of creating the policy using the >>>>>>>>>>>>>>>>>>>>>>>>>>>>> Security Editor Form by getting >>>>>>>>>>>>>>>>>>>>>>>>>>>>> the User Roles values from the user rather than >>>>>>>>>>>>>>>>>>>>>>>>>>>>> asking user to create a new >>>>>>>>>>>>>>>>>>>>>>>>>>>>> registry resource for User Roles. >>>>>>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>>>>>> @Godwin: can you please state the required >>>>>>>>>>>>>>>>>>>>>>>>>>>>> registry path to deploy the User Roles configs? >>>>>>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>>>>>> 2. If the User Roles config saves as a >>>>>>>>>>>>>>>>>>>>>>>>>>>>> registry resource, how this can be utilize by the >>>>>>>>>>>>>>>>>>>>>>>>>>>>> proxy service? Will there >>>>>>>>>>>>>>>>>>>>>>>>>>>>> be a property in the proxy service so that we can >>>>>>>>>>>>>>>>>>>>>>>>>>>>> point the User Role >>>>>>>>>>>>>>>>>>>>>>>>>>>>> config as pointing the policy file. >>>>>>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>>>>>> 3. If we are deploying the policy and User >>>>>>>>>>>>>>>>>>>>>>>>>>>>> Role configs via CAPP, in a case where multiple >>>>>>>>>>>>>>>>>>>>>>>>>>>>> policy files deploying in >>>>>>>>>>>>>>>>>>>>>>>>>>>>> the same registry location, in order to match the >>>>>>>>>>>>>>>>>>>>>>>>>>>>> User Role config with the >>>>>>>>>>>>>>>>>>>>>>>>>>>>> relevant policy file, how can we identify the >>>>>>>>>>>>>>>>>>>>>>>>>>>>> matching User Role config and >>>>>>>>>>>>>>>>>>>>>>>>>>>>> the policy? Can we have the same resource name >>>>>>>>>>>>>>>>>>>>>>>>>>>>> for the policy and the User >>>>>>>>>>>>>>>>>>>>>>>>>>>>> Role configs? >>>>>>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>>>>>> @Chanaka: can you please confirm points 2 and >>>>>>>>>>>>>>>>>>>>>>>>>>>>> 3? >>>>>>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>>>>>> Thanks, >>>>>>>>>>>>>>>>>>>>>>>>>>>>> Sohani >>>>>>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>>>>>> Sohani Weerasinghe >>>>>>>>>>>>>>>>>>>>>>>>>>>>> Software Engineer >>>>>>>>>>>>>>>>>>>>>>>>>>>>> WSO2, Inc: http://wso2.com >>>>>>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>>>>>> Mobile : +94 716439774 >>>>>>>>>>>>>>>>>>>>>>>>>>>>> Blog : >>>>>>>>>>>>>>>>>>>>>>>>>>>>> http://christinetechtips.blogspot.com/ >>>>>>>>>>>>>>>>>>>>>>>>>>>>> Twitter : https://twitter.com/sohanichristine >>>>>>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>>>>>> On Tue, Mar 24, 2015 at 3:42 PM, Chanaka >>>>>>>>>>>>>>>>>>>>>>>>>>>>> Fernando <[email protected]> wrote: >>>>>>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> Hi Godwin, >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> That would be good. >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> Thanks, >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> Chanaka >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> On Tue, Mar 24, 2015 at 3:40 PM, Godwin Amila >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> Shrimal <[email protected]> wrote: >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> Hi Chanaka, >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> It'll finish within this week. >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> Thanks >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> Godwin >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> On Tue, Mar 24, 2015 at 3:35 PM, Chanaka >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> Fernando <[email protected]> wrote: >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> Hi Godwin, >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> When will you finish the offsite dev >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> service? >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> Thanks, >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> Chanaka >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> On Tue, Mar 24, 2015 at 3:30 PM, Godwin >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> Amila Shrimal <[email protected]> wrote: >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> Hi Chanaka, >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> We have basically completed the registry >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> base implementation in security mgt component >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> and need to do code >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> refactoring and more testing. I tested basic >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> scenarios with STS-service and >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> it worked ok. Currently I am in an offsite >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> DevService and planning to do >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> remaining refactoring and testing after this. >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> Thanks >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> Godwin >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> On Tue, Mar 24, 2015 at 2:00 PM, Chanaka >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> Fernando <[email protected]> wrote: >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> Hi All, >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> I am writing this mail to take the >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> discussions related to $subject in to a >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> single place. With the ESB 4.9.0 >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> release, we are removing the UI capability >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> of applying security policies >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> from the management console. Going forward, >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> users can only apply security >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> policies to ESB proxy services using >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> developer studio. Even though this >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> functionality is already available in the >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> Developer Studio, it has some >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> edge cases when we use that approach. One >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> such limitation is that there is >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> no place to select the users/roles in the >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> developer studio when applying >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> the security policy. Currently, this >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> information is stored in meta files >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> and with the 4.9.0 version, service meta >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> files are removed. Plan is to >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> store this information in registry and >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> access from their. From the >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> Developer Studio also, it will create the >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> registry file when applying >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> security policies. >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> This would be a necessary feature for ESB >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> 4.9.0 release since this will effect the >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> entire security applying process >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> going forward. >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> @Godwin: Please add if I have missed >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> anything and give us some update on the >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> status from the security side. >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> @Sohani/DevS team: Please give us some >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> update on this implementation. >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> Thanks, >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> Chanaka >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -- >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -- >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> Chanaka Fernando >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> Technical Lead >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> WSO2, Inc.; http://wso2.com >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> lean.enterprise.middleware >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> mobile: +94 773337238 >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> Blog : http://soatutorials.blogspot.com >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> LinkedIn: >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> http://www.linkedin.com/pub/chanaka-fernando/19/a20/5b0 >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> Twitter:https://twitter.com/chanakaudaya >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> Wordpress: >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> http://chanakaudaya.wordpress.com >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -- >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> *Godwin Amila Shrimal* >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> Senior Software Engineer >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> WSO2 Inc.; http://wso2.com >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> lean.enterprise.middleware >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> mobile: *+94772264165* >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> linkedin: *http://lnkd.in/KUum6D >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> <http://lnkd.in/KUum6D>* >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> twitter: https://twitter.com/godwinamila >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -- >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -- >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> Chanaka Fernando >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> Technical Lead >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> WSO2, Inc.; http://wso2.com >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> lean.enterprise.middleware >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> mobile: +94 773337238 >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> Blog : http://soatutorials.blogspot.com >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> LinkedIn: >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> http://www.linkedin.com/pub/chanaka-fernando/19/a20/5b0 >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> Twitter:https://twitter.com/chanakaudaya >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> Wordpress:http://chanakaudaya.wordpress.com >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -- >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> *Godwin Amila Shrimal* >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> Senior Software Engineer >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> WSO2 Inc.; http://wso2.com >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> lean.enterprise.middleware >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> mobile: *+94772264165* >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> linkedin: *http://lnkd.in/KUum6D >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> <http://lnkd.in/KUum6D>* >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> twitter: https://twitter.com/godwinamila >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -- >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> -- >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> Chanaka Fernando >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> Technical Lead >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> WSO2, Inc.; http://wso2.com >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> lean.enterprise.middleware >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> mobile: +94 773337238 >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> Blog : http://soatutorials.blogspot.com >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> LinkedIn: >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> http://www.linkedin.com/pub/chanaka-fernando/19/a20/5b0 >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> Twitter:https://twitter.com/chanakaudaya >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> Wordpress:http://chanakaudaya.wordpress.com >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>>>> -- >>>>>>>>>>>>>>>>>>>>>>>>>>> *Godwin Amila Shrimal* >>>>>>>>>>>>>>>>>>>>>>>>>>> Senior Software Engineer >>>>>>>>>>>>>>>>>>>>>>>>>>> WSO2 Inc.; http://wso2.com >>>>>>>>>>>>>>>>>>>>>>>>>>> lean.enterprise.middleware >>>>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>>>> mobile: *+94772264165* >>>>>>>>>>>>>>>>>>>>>>>>>>> linkedin: *http://lnkd.in/KUum6D >>>>>>>>>>>>>>>>>>>>>>>>>>> <http://lnkd.in/KUum6D>* >>>>>>>>>>>>>>>>>>>>>>>>>>> twitter: https://twitter.com/godwinamila >>>>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>>> -- >>>>>>>>>>>>>>>>>>>>>>>>>> -- >>>>>>>>>>>>>>>>>>>>>>>>>> Chanaka Fernando >>>>>>>>>>>>>>>>>>>>>>>>>> Technical Lead >>>>>>>>>>>>>>>>>>>>>>>>>> WSO2, Inc.; http://wso2.com >>>>>>>>>>>>>>>>>>>>>>>>>> lean.enterprise.middleware >>>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>>> mobile: +94 773337238 >>>>>>>>>>>>>>>>>>>>>>>>>> Blog : http://soatutorials.blogspot.com >>>>>>>>>>>>>>>>>>>>>>>>>> LinkedIn: >>>>>>>>>>>>>>>>>>>>>>>>>> http://www.linkedin.com/pub/chanaka-fernando/19/a20/5b0 >>>>>>>>>>>>>>>>>>>>>>>>>> Twitter:https://twitter.com/chanakaudaya >>>>>>>>>>>>>>>>>>>>>>>>>> Wordpress:http://chanakaudaya.wordpress.com >>>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>> -- >>>>>>>>>>>>>>>>>>>>>>>> -- >>>>>>>>>>>>>>>>>>>>>>>> Chanaka Fernando >>>>>>>>>>>>>>>>>>>>>>>> Technical Lead >>>>>>>>>>>>>>>>>>>>>>>> WSO2, Inc.; http://wso2.com >>>>>>>>>>>>>>>>>>>>>>>> lean.enterprise.middleware >>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>> mobile: +94 773337238 >>>>>>>>>>>>>>>>>>>>>>>> Blog : http://soatutorials.blogspot.com >>>>>>>>>>>>>>>>>>>>>>>> LinkedIn: >>>>>>>>>>>>>>>>>>>>>>>> http://www.linkedin.com/pub/chanaka-fernando/19/a20/5b0 >>>>>>>>>>>>>>>>>>>>>>>> Twitter:https://twitter.com/chanakaudaya >>>>>>>>>>>>>>>>>>>>>>>> Wordpress:http://chanakaudaya.wordpress.com >>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>> -- >>>>>>>>>>>>>>>>>>>>>> -- >>>>>>>>>>>>>>>>>>>>>> Chanaka Fernando >>>>>>>>>>>>>>>>>>>>>> Technical Lead >>>>>>>>>>>>>>>>>>>>>> WSO2, Inc.; http://wso2.com >>>>>>>>>>>>>>>>>>>>>> lean.enterprise.middleware >>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>> mobile: +94 773337238 >>>>>>>>>>>>>>>>>>>>>> Blog : http://soatutorials.blogspot.com >>>>>>>>>>>>>>>>>>>>>> LinkedIn: >>>>>>>>>>>>>>>>>>>>>> http://www.linkedin.com/pub/chanaka-fernando/19/a20/5b0 >>>>>>>>>>>>>>>>>>>>>> Twitter:https://twitter.com/chanakaudaya >>>>>>>>>>>>>>>>>>>>>> Wordpress:http://chanakaudaya.wordpress.com >>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>> -- >>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>> *Kasun Gajasinghe*Senior Software Engineer, WSO2 Inc. >>>>>>>>>>>>>>>>>>> email: kasung AT spamfree wso2.com >>>>>>>>>>>>>>>>>>> linked-in: http://lk.linkedin.com/in/gajasinghe >>>>>>>>>>>>>>>>>>> blog: http://kasunbg.org >>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>> -- >>>>>>>>>>>>>>>>>> *Isuru Udana* >>>>>>>>>>>>>>>>>> Senior >>>>>>>>>>>>>>>>>> *Software Engineer* >>>>>>>>>>>>>>>>>> WSO2 Inc.; http://wso2.com >>>>>>>>>>>>>>>>>> email: [email protected] cell: +94 77 3791887 >>>>>>>>>>>>>>>>>> blog: http://mytecheye.blogspot.com/ >>>>>>>>>>>>>>>>>> twitter: http://twitter.com/isudana >>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>> -- >>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>> *Kasun Gajasinghe*Senior Software Engineer, WSO2 Inc. >>>>>>>>>>>>>>>>> email: kasung AT spamfree wso2.com >>>>>>>>>>>>>>>>> linked-in: http://lk.linkedin.com/in/gajasinghe >>>>>>>>>>>>>>>>> blog: http://kasunbg.org >>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> -- >>>>>>>>>>>>>>> -- >>>>>>>>>>>>>>> Chanaka Fernando >>>>>>>>>>>>>>> Technical Lead >>>>>>>>>>>>>>> WSO2, Inc.; http://wso2.com >>>>>>>>>>>>>>> lean.enterprise.middleware >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> mobile: +94 773337238 >>>>>>>>>>>>>>> Blog : http://soatutorials.blogspot.com >>>>>>>>>>>>>>> LinkedIn: >>>>>>>>>>>>>>> http://www.linkedin.com/pub/chanaka-fernando/19/a20/5b0 >>>>>>>>>>>>>>> Twitter:https://twitter.com/chanakaudaya >>>>>>>>>>>>>>> Wordpress:http://chanakaudaya.wordpress.com >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> >>>>>>>>>>>>>> >>>>>>>>>>>>>> >>>>>>>>>>>>>> -- >>>>>>>>>>>>>> -- >>>>>>>>>>>>>> Chanaka Fernando >>>>>>>>>>>>>> Technical Lead >>>>>>>>>>>>>> WSO2, Inc.; http://wso2.com >>>>>>>>>>>>>> lean.enterprise.middleware >>>>>>>>>>>>>> >>>>>>>>>>>>>> mobile: +94 773337238 >>>>>>>>>>>>>> Blog : http://soatutorials.blogspot.com >>>>>>>>>>>>>> LinkedIn: >>>>>>>>>>>>>> http://www.linkedin.com/pub/chanaka-fernando/19/a20/5b0 >>>>>>>>>>>>>> Twitter:https://twitter.com/chanakaudaya >>>>>>>>>>>>>> Wordpress:http://chanakaudaya.wordpress.com >>>>>>>>>>>>>> >>>>>>>>>>>>>> >>>>>>>>>>>>>> >>>>>>>>>>>>>> >>>>>>>>>>>>> >>>>>>>>>>>>> >>>>>>>>>>>>> -- >>>>>>>>>>>>> -- >>>>>>>>>>>>> Chanaka Fernando >>>>>>>>>>>>> Technical Lead >>>>>>>>>>>>> WSO2, Inc.; http://wso2.com >>>>>>>>>>>>> lean.enterprise.middleware >>>>>>>>>>>>> >>>>>>>>>>>>> mobile: +94 773337238 >>>>>>>>>>>>> Blog : http://soatutorials.blogspot.com >>>>>>>>>>>>> LinkedIn: >>>>>>>>>>>>> http://www.linkedin.com/pub/chanaka-fernando/19/a20/5b0 >>>>>>>>>>>>> Twitter:https://twitter.com/chanakaudaya >>>>>>>>>>>>> Wordpress:http://chanakaudaya.wordpress.com >>>>>>>>>>>>> >>>>>>>>>>>>> >>>>>>>>>>>>> >>>>>>>>>>>>> >>>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> -- >>>>>>>>>>> Thanks & Regards, >>>>>>>>>>> >>>>>>>>>>> *Johann Dilantha Nallathamby* >>>>>>>>>>> Associate Technical Lead & Product Lead of WSO2 Identity Server >>>>>>>>>>> Integration Technologies Team >>>>>>>>>>> WSO2, Inc. >>>>>>>>>>> lean.enterprise.middleware >>>>>>>>>>> >>>>>>>>>>> Mobile - *+94777776950* >>>>>>>>>>> Blog - *http://nallaa.wordpress.com >>>>>>>>>>> <http://nallaa.wordpress.com>* >>>>>>>>>>> >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> -- >>>>>>>>>> -- >>>>>>>>>> Chanaka Fernando >>>>>>>>>> Technical Lead >>>>>>>>>> WSO2, Inc.; http://wso2.com >>>>>>>>>> lean.enterprise.middleware >>>>>>>>>> >>>>>>>>>> mobile: +94 773337238 >>>>>>>>>> Blog : http://soatutorials.blogspot.com >>>>>>>>>> LinkedIn:http://www.linkedin.com/pub/chanaka-fernando/19/a20/5b0 >>>>>>>>>> Twitter:https://twitter.com/chanakaudaya >>>>>>>>>> Wordpress:http://chanakaudaya.wordpress.com >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> _______________________________________________ >>>>>>>>>> Dev mailing list >>>>>>>>>> [email protected] >>>>>>>>>> http://wso2.org/cgi-bin/mailman/listinfo/dev >>>>>>>>>> >>>>>>>>>> >>>>>>>>> >>>>>>>>> >>>>>>>>> -- >>>>>>>>> Nandika Jayawardana >>>>>>>>> Senior Technical Lead >>>>>>>>> WSO2 Inc ; http://wso2.com >>>>>>>>> lean.enterprise.middleware >>>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> -- >>>>>>>> -- >>>>>>>> Chanaka Fernando >>>>>>>> Technical Lead >>>>>>>> WSO2, Inc.; http://wso2.com >>>>>>>> lean.enterprise.middleware >>>>>>>> >>>>>>>> mobile: +94 773337238 >>>>>>>> Blog : http://soatutorials.blogspot.com >>>>>>>> LinkedIn:http://www.linkedin.com/pub/chanaka-fernando/19/a20/5b0 >>>>>>>> Twitter:https://twitter.com/chanakaudaya >>>>>>>> Wordpress:http://chanakaudaya.wordpress.com >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>> >>>>>>> >>>>>>> -- >>>>>>> Nandika Jayawardana >>>>>>> Senior Technical Lead >>>>>>> WSO2 Inc ; http://wso2.com >>>>>>> lean.enterprise.middleware >>>>>>> >>>>>> >>>>>> >>>>> >>>> >>> >>> >>> -- >>> >>> *Kasun Gajasinghe*Senior Software Engineer, WSO2 Inc. >>> email: kasung AT spamfree wso2.com >>> linked-in: http://lk.linkedin.com/in/gajasinghe >>> blog: http://kasunbg.org >>> >>> >>> >> >> >> >> -- >> Nandika Jayawardana >> Senior Technical Lead >> WSO2 Inc ; http://wso2.com >> lean.enterprise.middleware >> > > > > -- > > *Jasintha Dasanayake* > > *Senior Software EngineerWSO2 Inc. | http://wso2.com > <http://wso2.com/>lean . enterprise . middleware* > > > *mobile :- 0711368118* > > _______________________________________________ > Dev mailing list > [email protected] > http://wso2.org/cgi-bin/mailman/listinfo/dev > > -- Sagara Gunathunga Senior Technical Lead; WSO2, Inc.; http://wso2.com V.P Apache Web Services; http://ws.apache.org/ Linkedin; http://www.linkedin.com/in/ssagara Blog ; http://ssagara.blogspot.com
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
