Hi Kishanthan, In "org.wso2.carbon.application.deployer" component's "required-features.xml" it was mentioned "[4.4.0, 4.5.0)" as "org.wso2.carbon.dataservices.server.feature.group" required version range, since we(carbon-data) are still on 4.3.3-SNAPSHOT, capp deployment fails in DSS latest, Can we change this version range to "[4.3.0,4.5.0)"?
Thanks, On Fri, Oct 16, 2015 at 4:29 PM, Sasikala Kottegoda <sasik...@wso2.com> wrote: > Hi all, > > We tested MB 3.0.0 with kernel 4.4.2-RC2 with the additional fixes and no > issues were identified. > > Thank you > > On Fri, Oct 16, 2015 at 4:03 PM, Pandula Kariyawasam <pand...@wso2.com> > wrote: > >> Hi Johann/Kishanthan, >> >> Both issue [2][3] were observed rarely on IS510 pack received on 8th Oct >> 2015, which was based on kernel 4.4.1. >> We didn't experience these issue up to now, on the pack received on 13th >> Oct 2015, which is based on kernel 4.4.2. >> So I think we can reduce the priority of these issues, and keep eye on >> them in latest packs with kernel 4.4.2. >> >> [2] https://wso2.org/jira/browse/IDENTITY-3815 >> [3] https://wso2.org/jira/browse/IDENTITY-3817 >> >> Thanks, >> Pandula >> >> >> On Fri, Oct 16, 2015 at 3:09 PM, Johann Nallathamby <joh...@wso2.com> >> wrote: >> >>> Hi Kishanthan, >>> >>> On Fri, Oct 16, 2015 at 2:38 PM, Kishanthan Thangarajah < >>> kishant...@wso2.com> wrote: >>> >>>> >>>> >>>> On Fri, Oct 16, 2015 at 11:27 AM, Johann Nallathamby <joh...@wso2.com> >>>> wrote: >>>> >>>>> Hi Kishanthan/Kernel Team, >>>>> >>>>> We have added the test case as well to the same PR. >>>>> >>>> >>>> Thanks Johann. >>>> >>>> @MB Team, could you guys verify that all your scenarios are now >>>> passing?. We will start the next RC build once this is confirmed ASAP. >>>> >>>>> >>>>> Also can we get CARBON-15505 merged? The PR for master is a very old >>>>> PR which we have missed to review and merge. This mainly contains some >>>>> reordering of fields in the UI to make it more consistent and reorder >>>>> properties in user-mgt.xml to be consistent with UI. Hope we don't need >>>>> any >>>>> tests for this. >>>>> >>>> >>>> I think its better not to add any more changes at this stage. We will >>>> merge this for next patch release. >>>> >>>>> >>>>> Any update on the 3 issues raised above ? >>>>> >>>> >>>> For [1], we need more information to reproduce (LB & IS config, example >>>> requests, HTTP access logs on both LB and IS side with this issue). Will >>>> send a separate mail on that, but I believe its not a blocker for the IS >>>> release right? >>>> >>> >>> I will request Hasanthi to upload the artifacts you requested. >>> >>> I may be not the right person to say if this is blocker or not. >>> @QA Team, please give your opinion if we can consider this as not a >>> blocker and go ahead with the release. >>> >>> Regards. >>> >>> >>>> [2] and [3], we haven't seen this error previously and according the >>>> trace, it looks like the "distributedCache" instance is becoming null in >>>> CacheImpl class. If the exact steps can be found or given on how to >>>> reproduce this, then we can work on finding the root cause for this. >>>> >>>> >>>>> Thanks, >>>>> Johann. >>>>> >>>>> On Thu, Oct 15, 2015 at 3:30 PM, Johann Nallathamby <joh...@wso2.com> >>>>> wrote: >>>>> >>>>>> Hi Kishanthan/Kernel Team, >>>>>> >>>>>> We are in the process writing the test case for the issue. Should be >>>>>> able to send it before end of day. >>>>>> >>>>>> [1] has been reported in another thread. This issue in particular >>>>>> looks critical to me, because AFAIK there are many users using >>>>>> proxyContextPath. Not sure about WebContextRoot though. Apart from that >>>>>> WSO2 QA has reported [2,3] in IS 5.1.0 SNAPSHOT pack. May be its >>>>>> harmless, >>>>>> but looks like it is coming from kernel and would like to get your >>>>>> thoughts >>>>>> on this if this is critical and needs to be fixed. >>>>>> >>>>>> [1] https://wso2.org/jira/browse/CARBON-15475 >>>>>> [2] https://wso2.org/jira/browse/IDENTITY-3815 >>>>>> [3] https://wso2.org/jira/browse/IDENTITY-3817 >>>>>> >>>>>> And also it will be great if we can change the default value of >>>>>> XSSPreventionConfig.Enabled to 'false' because this was added in order to >>>>>> prevent XSS centrally, however the approach is not 100% bug free. Whoever >>>>>> has this enabled needs to test all their functionality well. Therefore >>>>>> what >>>>>> I suggest is to make it 'false' by default and whatever product that >>>>>> needs >>>>>> it can enable it at product level. WDYT ? Can we do this ? >>>>>> >>>>>> Regards, >>>>>> Johann. >>>>>> >>>>>> >>>>>> On Wed, Oct 14, 2015 at 6:30 PM, Kishanthan Thangarajah < >>>>>> kishant...@wso2.com> wrote: >>>>>> >>>>>>> Can we also have test case for this fix please? >>>>>>> >>>>>>> On Wed, Oct 14, 2015 at 6:13 PM, Isura Karunaratne <is...@wso2.com> >>>>>>> wrote: >>>>>>> >>>>>>>> Hi, >>>>>>>> >>>>>>>> This issue is fixed in [1]. >>>>>>>> >>>>>>>> >>>>>>>> Thanks >>>>>>>> isura >>>>>>>> >>>>>>>> >>>>>>>> [1] https://wso2.org/jira/browse/CARBON-15517 >>>>>>>> >>>>>>>> >>>>>>>> On Wed, Oct 14, 2015 at 11:25 AM, Johann Nallathamby < >>>>>>>> joh...@wso2.com> wrote: >>>>>>>> >>>>>>>>> Hi Isura, >>>>>>>>> >>>>>>>>> Can you look into this issue urgently. I remember you fixing an >>>>>>>>> issue related to this. >>>>>>>>> >>>>>>>>> Thanks. >>>>>>>>> >>>>>>>>> On Wed, Oct 14, 2015 at 7:16 AM, Indika Sampath <indi...@wso2.com> >>>>>>>>> wrote: >>>>>>>>> >>>>>>>>>> Hi All, >>>>>>>>>> >>>>>>>>>> I debug code of our and found issue. It seems implementation of >>>>>>>>>> some API changed in user-core. Let me explain the flow. >>>>>>>>>> >>>>>>>>>> Our queue/topic creation has two call. >>>>>>>>>> >>>>>>>>>> 1. We create internal role when adding queue and assign >>>>>>>>>> "changePermission", "publish", "consume" permissions to it. Which >>>>>>>>>> means >>>>>>>>>> that, user who created particular queue can update permission, >>>>>>>>>> publish or >>>>>>>>>> consume. >>>>>>>>>> >>>>>>>>>> - Below code line used to get internal role name: >>>>>>>>>> >>>>>>>>>> UserCoreUtil.addInternalDomainName(QUEUE_ROLE_PREFIX + >>>>>>>>>> queueName.replace(".","-").replace("/", "-")) >>>>>>>>>> >>>>>>>>>> result = {java.lang.String@10289}"*Internal/Q_userQueue*" >>>>>>>>>> value = {char[21]@10290} >>>>>>>>>> hash = 0 >>>>>>>>>> hash32 = 0 >>>>>>>>>> >>>>>>>>>> - assign permission as below: >>>>>>>>>> >>>>>>>>>> userStoreManager.addRole(roleName, user, null); >>>>>>>>>> userRealm.getAuthorizationManager().authorizeRole(roleName, >>>>>>>>>> queueId, PERMISSION_CHANGE_PERMISSION); >>>>>>>>>> userRealm.getAuthorizationManager().authorizeRole(roleName, >>>>>>>>>> queueId, TreeNode.Permission.CONSUME.toString().toLowerCase()); >>>>>>>>>> userRealm.getAuthorizationManager().authorizeRole(roleName, >>>>>>>>>> queueId, TreeNode.Permission.PUBLISH.toString().toLowerCase()); >>>>>>>>>> >>>>>>>>>> 2. User can select some other role listed in in queue add page. >>>>>>>>>> He can select these role when adding queue or later by updating >>>>>>>>>> queue. So >>>>>>>>>> in update permission we checked whether any of user's role has above >>>>>>>>>> assign >>>>>>>>>> change permission. >>>>>>>>>> >>>>>>>>>> - get role list of user: >>>>>>>>>> >>>>>>>>>> userRealm.getUserStoreManager().getRoleListOfUser(loggedInUser) >>>>>>>>>> >>>>>>>>>> result = {java.lang.String[3]@9689} >>>>>>>>>> [0] = {java.lang.String@9690}"*Internal/Q_userQueue*" >>>>>>>>>> [1] = {java.lang.String@9691}"Internal/everyone" >>>>>>>>>> [2] = {java.lang.String@9692}"role1" >>>>>>>>>> >>>>>>>>>> - check whether any of role has change permission >>>>>>>>>> >>>>>>>>>> for (String userRole : userRoles) { >>>>>>>>>> if >>>>>>>>>> (userRealm.getAuthorizationManager().isRoleAuthorized(userRole, >>>>>>>>>> queueID, >>>>>>>>>> PERMISSION_CHANGE_PERMISSION)) { >>>>>>>>>> isUserHasChangePermission = true; >>>>>>>>>> } >>>>>>>>>> } >>>>>>>>>> >>>>>>>>>> Issue is above check false for all roles. But we assigned change >>>>>>>>>> permission to *Internal/Q_userQueue* role when creating queue. >>>>>>>>>> >>>>>>>>>> 3. Next I evaluate below code line to check whether which role >>>>>>>>>> has change permission to queueID. Result is as below: >>>>>>>>>> >>>>>>>>>> userRealm.getAuthorizationManager().getAllowedRolesForResource(queueID, >>>>>>>>>> PERMISSION_CHANGE_PERMISSION) >>>>>>>>>> >>>>>>>>>> result = {java.lang.String[1]@9694} >>>>>>>>>> [0] = {java.lang.String@9686}"*INTERNAL/Q_userQueue*" >>>>>>>>>> >>>>>>>>>> Result has different role name. We created role name called >>>>>>>>>> *Internal/Q_userQueue* and assign permissions but it has created >>>>>>>>>> with different name *INTERNAL/Q_userQueue* and assign >>>>>>>>>> permission. >>>>>>>>>> >>>>>>>>>> Please have look into this because it is blocking issue to our >>>>>>>>>> implementation. >>>>>>>>>> >>>>>>>>>> Cheers! >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> On Tue, Oct 13, 2015 at 5:22 PM, Kishanthan Thangarajah < >>>>>>>>>> kishant...@wso2.com> wrote: >>>>>>>>>> >>>>>>>>>>> Was this issue found in 4.4.2 RC1 too? >>>>>>>>>>> >>>>>>>>>>> On Tue, Oct 13, 2015 at 4:58 PM, Sasikala Kottegoda < >>>>>>>>>>> sasik...@wso2.com> wrote: >>>>>>>>>>> >>>>>>>>>>>> Hi Manuri, >>>>>>>>>>>> >>>>>>>>>>>> We tested MB 3.0.0 with this release and our scenario of queue >>>>>>>>>>>> creation fails after giving a permission denied error. The >>>>>>>>>>>> scenario is as >>>>>>>>>>>> follows: >>>>>>>>>>>> >>>>>>>>>>>> 1. Create a user "user1" with a role assigned with permission >>>>>>>>>>>> to create queues. >>>>>>>>>>>> 2. Login from "user1" and try to create a queue, we get a >>>>>>>>>>>> permission denied error. >>>>>>>>>>>> >>>>>>>>>>>> When creating a queue the following happens from our code. >>>>>>>>>>>> >>>>>>>>>>>> 1. We create an internal role for the queue and assign it to >>>>>>>>>>>> the current user with permissions assigned. >>>>>>>>>>>> >>>>>>>>>>>> userRealm.getAuthorizationManager().authorizeRole(roleName, >>>>>>>>>>>> queueId, >>>>>>>>>>>> >>>>>>>>>>>> PERMISSION_CHANGE_PERMISSION); >>>>>>>>>>>> >>>>>>>>>>>> 2. Next, we create the queue and update permissions for the queue. >>>>>>>>>>>> In this step, we check if the current user has permissions to >>>>>>>>>>>> change the queue. >>>>>>>>>>>> >>>>>>>>>>>> String[] userRoles = >>>>>>>>>>>> userRealm.getUserStoreManager().getRoleListOfUser(loggedInUser); >>>>>>>>>>>> for (String userRole : userRoles) { >>>>>>>>>>>> if (userRealm.getAuthorizationManager().isRoleAuthorized( >>>>>>>>>>>> userRole, queueID, PERMISSION_CHANGE_PERMISSION)) { >>>>>>>>>>>> isUserHasChangePermission = true; >>>>>>>>>>>> } >>>>>>>>>>>> } >>>>>>>>>>>> >>>>>>>>>>>> At this stage, >>>>>>>>>>>> *'*(userRealm.getAuthorizationManager().isRoleAuthorized( >>>>>>>>>>>> userRole, queueID, PERMISSION_CHANGE_PERMISSION))' >>>>>>>>>>>> false implying that any of roles assigned to the user do not have >>>>>>>>>>>> permissions to change the queue, thus not allowing the user to >>>>>>>>>>>> create the queue. >>>>>>>>>>>> >>>>>>>>>>>> >>>>>>>>>>>> Thank you >>>>>>>>>>>> >>>>>>>>>>>> >>>>>>>>>>>> On Mon, Oct 12, 2015 at 9:24 PM, Manuri Amaya Perera < >>>>>>>>>>>> manu...@wso2.com> wrote: >>>>>>>>>>>> >>>>>>>>>>>>> Hi Devs, >>>>>>>>>>>>> >>>>>>>>>>>>> WSO2 Carbon Kernel 4.4.2 RC2 Release Vote. >>>>>>>>>>>>> >>>>>>>>>>>>> This release fixes the following issues: >>>>>>>>>>>>> https://wso2.org/jira/issues/?filter=12396 >>>>>>>>>>>>> >>>>>>>>>>>>> Please download and test your products with kernel 4.4.2 RC2 >>>>>>>>>>>>> and vote. Vote will be open for 72 hours or longer as needed. >>>>>>>>>>>>> >>>>>>>>>>>>> *​Source and binary distribution files:* >>>>>>>>>>>>> https://svn.wso2.org/repos/wso2/people/aruna/v4.4.2-rc2 >>>>>>>>>>>>> >>>>>>>>>>>>> *Maven staging repository:* >>>>>>>>>>>>> >>>>>>>>>>>>> http://maven.wso2.org/nexus/content/repositories/orgwso2carbon-019/ >>>>>>>>>>>>> >>>>>>>>>>>>> *The tag to be voted upon:* >>>>>>>>>>>>> https://github.com/wso2/carbon-kernel/tree/v4.4.2-rc2 >>>>>>>>>>>>> >>>>>>>>>>>>> >>>>>>>>>>>>> [ ] Broken - do not release (explain why) >>>>>>>>>>>>> [ ] Stable - go ahead and release >>>>>>>>>>>>> >>>>>>>>>>>>> >>>>>>>>>>>>> Thank you >>>>>>>>>>>>> Carbon Team >>>>>>>>>>>>> >>>>>>>>>>>>> -- >>>>>>>>>>>>> >>>>>>>>>>>>> *Manuri Amaya Perera* >>>>>>>>>>>>> >>>>>>>>>>>>> *Software Engineer* >>>>>>>>>>>>> >>>>>>>>>>>>> *WSO2 Inc.* >>>>>>>>>>>>> >>>>>>>>>>>>> *Blog: http://manuriamayaperera.blogspot.com >>>>>>>>>>>>> <http://manuriamayaperera.blogspot.com>* >>>>>>>>>>>>> >>>>>>>>>>>>> _______________________________________________ >>>>>>>>>>>>> Dev mailing list >>>>>>>>>>>>> Dev@wso2.org >>>>>>>>>>>>> http://wso2.org/cgi-bin/mailman/listinfo/dev >>>>>>>>>>>>> >>>>>>>>>>>>> >>>>>>>>>>>> >>>>>>>>>>>> >>>>>>>>>>>> -- >>>>>>>>>>>> Sasikala Kottegoda >>>>>>>>>>>> *Software Engineer* >>>>>>>>>>>> WSO2 Inc., http://wso2.com/ >>>>>>>>>>>> lean. enterprise. middleware >>>>>>>>>>>> Mobile: +94 774835928/712792401 >>>>>>>>>>>> >>>>>>>>>>>> _______________________________________________ >>>>>>>>>>>> Dev mailing list >>>>>>>>>>>> Dev@wso2.org >>>>>>>>>>>> http://wso2.org/cgi-bin/mailman/listinfo/dev >>>>>>>>>>>> >>>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> -- >>>>>>>>>>> *Kishanthan Thangarajah* >>>>>>>>>>> Associate Technical Lead, >>>>>>>>>>> Platform Technologies Team, >>>>>>>>>>> WSO2, Inc. >>>>>>>>>>> lean.enterprise.middleware >>>>>>>>>>> >>>>>>>>>>> Mobile - +94773426635 >>>>>>>>>>> Blog - *http://kishanthan.wordpress.com >>>>>>>>>>> <http://kishanthan.wordpress.com>* >>>>>>>>>>> Twitter - *http://twitter.com/kishanthan >>>>>>>>>>> <http://twitter.com/kishanthan>* >>>>>>>>>>> >>>>>>>>>>> _______________________________________________ >>>>>>>>>>> Dev mailing list >>>>>>>>>>> Dev@wso2.org >>>>>>>>>>> http://wso2.org/cgi-bin/mailman/listinfo/dev >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> -- >>>>>>>>>> Indika Sampath >>>>>>>>>> Senior Software Engineer >>>>>>>>>> WSO2 Inc. >>>>>>>>>> http://wso2.com >>>>>>>>>> >>>>>>>>>> Phone: +94 716 424 744 >>>>>>>>>> Blog: http://indikasampath.blogspot.com/ >>>>>>>>>> >>>>>>>>>> >>>>>>>>> >>>>>>>>> >>>>>>>>> -- >>>>>>>>> Thanks & Regards, >>>>>>>>> >>>>>>>>> *Johann Dilantha Nallathamby* >>>>>>>>> Technical Lead & Product Lead of WSO2 Identity Server >>>>>>>>> Governance Technologies Team >>>>>>>>> WSO2, Inc. >>>>>>>>> lean.enterprise.middleware >>>>>>>>> >>>>>>>>> Mobile - *+94777776950* >>>>>>>>> Blog - *http://nallaa.wordpress.com <http://nallaa.wordpress.com>* >>>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> -- >>>>>>>> Isura Dilhara Karunaratne >>>>>>>> Senior Software Engineer >>>>>>>> >>>>>>>> Mob +94 772 254 810 >>>>>>>> >>>>>>>> >>>>>>> >>>>>>> >>>>>>> -- >>>>>>> *Kishanthan Thangarajah* >>>>>>> Associate Technical Lead, >>>>>>> Platform Technologies Team, >>>>>>> WSO2, Inc. >>>>>>> lean.enterprise.middleware >>>>>>> >>>>>>> Mobile - +94773426635 >>>>>>> Blog - *http://kishanthan.wordpress.com >>>>>>> <http://kishanthan.wordpress.com>* >>>>>>> Twitter - *http://twitter.com/kishanthan >>>>>>> <http://twitter.com/kishanthan>* >>>>>>> >>>>>> >>>>>> >>>>>> >>>>>> -- >>>>>> Thanks & Regards, >>>>>> >>>>>> *Johann Dilantha Nallathamby* >>>>>> Technical Lead & Product Lead of WSO2 Identity Server >>>>>> Governance Technologies Team >>>>>> WSO2, Inc. >>>>>> lean.enterprise.middleware >>>>>> >>>>>> Mobile - *+94777776950* >>>>>> Blog - *http://nallaa.wordpress.com <http://nallaa.wordpress.com>* >>>>>> >>>>> >>>>> >>>>> >>>>> -- >>>>> Thanks & Regards, >>>>> >>>>> *Johann Dilantha Nallathamby* >>>>> Technical Lead & Product Lead of WSO2 Identity Server >>>>> Governance Technologies Team >>>>> WSO2, Inc. >>>>> lean.enterprise.middleware >>>>> >>>>> Mobile - *+94777776950* >>>>> Blog - *http://nallaa.wordpress.com <http://nallaa.wordpress.com>* >>>>> >>>> >>>> >>>> >>>> -- >>>> *Kishanthan Thangarajah* >>>> Associate Technical Lead, >>>> Platform Technologies Team, >>>> WSO2, Inc. >>>> lean.enterprise.middleware >>>> >>>> Mobile - +94773426635 >>>> Blog - *http://kishanthan.wordpress.com >>>> <http://kishanthan.wordpress.com>* >>>> Twitter - *http://twitter.com/kishanthan >>>> <http://twitter.com/kishanthan>* >>>> >>> >>> >>> >>> -- >>> Thanks & Regards, >>> >>> *Johann Dilantha Nallathamby* >>> Technical Lead & Product Lead of WSO2 Identity Server >>> Governance Technologies Team >>> WSO2, Inc. >>> lean.enterprise.middleware >>> >>> Mobile - *+94777776950* >>> Blog - *http://nallaa.wordpress.com <http://nallaa.wordpress.com>* >>> >> >> >> >> -- >> >> *Pandula Kariyawasam K.B.* >> *Senior Software Engineer - QA* >> Mobile: +94772314510 >> >> >> >> *WSO2 Inc.lean . enterprise . middlewear.http://www.wso2.com >> <http://www.wso2.com>* >> <http://www.wso2.com> >> > > > > -- > Sasikala Kottegoda > *Software Engineer* > WSO2 Inc., http://wso2.com/ > lean. enterprise. middleware > Mobile: +94 774835928/712792401 > > _______________________________________________ > Dev mailing list > Dev@wso2.org > http://wso2.org/cgi-bin/mailman/listinfo/dev > > -- Rajith Vitharana Software Engineer, WSO2 Inc. : wso2.com Mobile : +94715883223 Blog : http://lankavitharana.blogspot.com/
_______________________________________________ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev