Hi all, I will certainly start off with the client, would be a good starting point to observer the responses I think. Thank to Omindu I was able to use SoapUI to simulate a request for now, I'm trying to develop on that as well. Should those things go in the proposal as well? I have a drafted a basic proposal which I will send asap for your feedback, then once I complete task 1, I can document it too
Thank You On Wed, Mar 23, 2016 at 11:35 AM, Pushpalanka Jayawardhana <la...@wso2.com> wrote: > > > Pushpalanka. > -- > Pushpalanka Jayawardhana, B.Sc.Eng.(Hons). > Senior Software Engineer, WSO2 Lanka (pvt) Ltd; wso2.com/ > Mobile: +94779716248 > Blog: pushpalankajaya.blogspot.com/ | LinkedIn: > lk.linkedin.com/in/pushpalanka/ | Twitter: @pushpalanka > > > On Wed, Mar 23, 2016 at 2:05 AM, Manujith Pallewatte < > manujith...@gmail.com> wrote: > >> Hi Pushpalanka, >> >> Sorry for spamming the inbox like this, but since I'm already behind the >> schedule I have to get things resolved as fast as possible. Please don't >> mind it. >> One more thing as I finally got to the conclusion, the objective is to >> implement RESTful service to the PDP of IS so that any PEP can access them >> in a RESTful manner? In other words the REST service should be >> implemented to facilitate the information exchange between the PEP and PDP >> Is that correct? please correct me if i'm wrong >> > > > >> Thanks alot >> >> On Wed, Mar 23, 2016 at 1:39 AM, Manujith Pallewatte < >> manujith...@gmail.com> wrote: >> >>> Hi Pushpalanka, >>> >>> I tried examining the PDP and PAP of IS to get an idea of how things >>> work and i followed the blog article [ >>> http://pushpalankajaya.blogspot.com/2013/06/working-with-xacml-30-policies-for-fine.html]. >>> I tested out few policies and all seems fine. Now I want to test the >>> policies using a PEP >>> Is there any way to simulate a authorization request? (may be using curl >>> as we use to test RESP APIs) >>> If there's any such way, where should I point the requests at? >>> ex: I added a policy for the resource url >>> http://localhost/services/secret >>> and the IS server is hosted at http://localhost:9443/ >>> now i want to do a authorized requests to the 1st mentioned service >>> through the IS server, i sense i'm missing a piece here. Please help me to >>> clarify this point >>> >> > Hi Manujith, > > There are no cURL commands available as we do not have REST implementation > as of now. > In order to get familiar with the code base and development environment > and to try out the scenario you suggested follow the below steps. > > 1 - Try to write a Java client for EntitlementService (SOAP service) [1] > > Please find the relevant service at [1]. This is the service that needs to > be cosumed in order to get the XACML policy decision from PDP for a given > XACML request. > > Specific method to call is "public String getDecision(String request) > throws EntitlementException " giving the XACML request as a String. The > relevant stub classes can be found at [2] that can be used at client side. > Try to get client code written for this which can be placed in PEP when > required. You can further publish a blogpost with this client code which > can strengthen your proposal further. > > 2 - In production scenarioes usually ESB acts as the PEP creating the > XACML request and calling the PDP via code similar to client code you would > develop in the above point. > > The article at [3], describes this use case, but it has older content. You > can try out same things with latest product versions. If you encounter any > issues get back to us. We will try to find a solution. > > > I think you would be in a good position to start with the proposal once > the first point is done as 2nd is a extended version of that. > Do get back with any problems you face. We will try our best to get back > as soon as possible. > > > [1] - > https://github.com/wso2/identity-framework/blob/master/components/entitlement/org.wso2.carbon.identity.entitlement/src/main/java/org/wso2/carbon/identity/entitlement/EntitlementService.java > [2] - > https://github.com/wso2/identity-framework/tree/master/service-stubs/identity/org.wso2.carbon.identity.entitlement.stub > [3] - > http://wso2.com/library/articles/2010/10/using-xacml-fine-grained-authorization-wso2-platform/ > [4] - > http://wso2.com/library/tutorials/2012/12/providing-xacml-fine-grained-authorization-webapps/ > > Thanks, > Pushpalanka > >> >>> Thank You >>> >>> >>> On Tue, Mar 22, 2016 at 10:47 PM, Manujith Pallewatte < >>> manujith...@gmail.com> wrote: >>> >>>> Hi Pushpalanka, >>>> >>>> Thank you for the resources, I will for sure start working on the >>>> proposal. I was trying to get the basic implementation details straight >>>> before jumping into the proposal >>>> so I could include a better plan in the proposal. But it seems with >>>> the time constraints I would have to speed it up. Trying my best to deliver >>>> the proposal by >>>> tomorrow. >>>> >>>> Thank you >>>> >>>> On Tue, Mar 22, 2016 at 10:32 PM, Pushpalanka Jayawardhana < >>>> la...@wso2.com> wrote: >>>> >>>>> Hi Manujith, >>>>> >>>>> If you haven't already try go through instructions provided at Dev >>>>> list under the thread "GSoC project proposal questions" for this >>>>> proposal as well. >>>>> >>>>> Hope you are getting up with the pace as the proposal deadline is >>>>> falling on 25th March(this Friday). While you try get familiar with the >>>>> development procedure and other resources, please try to go ahead with >>>>> drafting the proposal as well. This will allow us to give some early feed >>>>> back and time for you to adjust. Following resources might help you. >>>>> >>>>> [1] - >>>>> http://cdwijayarathna.blogspot.com/2016/02/how-to-get-proposal-ready-for-gsoc.html. >>>>> (Later part starting from "Now you need to start work, you may have " >>>>> will guide you) >>>>> [2] - Sample proposal - >>>>> http://www.slideshare.net/Pushpalanka/gsoc-2012 >>>>> <http://www.slideshare.net/Pushpalanka/gsoc-2012> >>>>> >>>>> Thanks, >>>>> Pushpalanka. >>>>> -- >>>>> Pushpalanka Jayawardhana, B.Sc.Eng.(Hons). >>>>> Senior Software Engineer, WSO2 Lanka (pvt) Ltd; wso2.com/ >>>>> Mobile: +94779716248 >>>>> Blog: pushpalankajaya.blogspot.com/ | LinkedIn: >>>>> lk.linkedin.com/in/pushpalanka/ | Twitter: @pushpalanka >>>>> >>>>> >>>>> On Tue, Mar 22, 2016 at 8:57 PM, Manujith Pallewatte < >>>>> manujith...@gmail.com> wrote: >>>>> >>>>>> Hi Chamila, >>>>>> >>>>>> Thank a bunch, that cleared a lot of doubts i was having >>>>>> I would try with the patch9000 method so that i dont have to build >>>>>> the product-is every time >>>>>> And then try the other method as well >>>>>> >>>>>> Thankx again! >>>>>> >>>>>> >>>>>> On Tue, Mar 22, 2016 at 8:40 PM, Chamila Wijayarathna < >>>>>> cham...@wso2.com> wrote: >>>>>> >>>>>>> Hi Manujith, >>>>>>> >>>>>>> identity-framework [1] contains the code base of the features of >>>>>>> Identity Server, and product-is [2] contains the code which install >>>>>>> features at identity-framework to Identity Server. Component specific >>>>>>> code >>>>>>> is available at identity-framework repo, because some of these features >>>>>>> are >>>>>>> not only used in Identity Server, but in some other carbon based >>>>>>> products >>>>>>> as well. So you need to work with the code at identity-framework mainly. >>>>>>> >>>>>>> But for building the Identity Server using source, first you need to >>>>>>> run identity-framework, then build identity-extensions [3] which get >>>>>>> packed >>>>>>> into Identity server (You can find this list at [4], you can use >>>>>>> scripts at >>>>>>> there to clone and build those extensions). Then build product-is. When >>>>>>> you >>>>>>> are building identity-framework and extensions, maven save those >>>>>>> artifacts >>>>>>> in your M2_HOME and when you are building product-is, it use these >>>>>>> artifacts. If you only build product-is, since there are no artifacts in >>>>>>> M2_HOME, it will download artifacts available online, so if you have >>>>>>> done >>>>>>> any changes they will not appear in Identity Server pack you build. >>>>>>> >>>>>>> Additionally, if you are changing only entitlement component in >>>>>>> identity server, without following above mentioned process, you can just >>>>>>> build a pack by building product-is, then build the component you change >>>>>>> (eg: components/entitlement/org.wso2.carbon.identity.entitlement) and >>>>>>> copy >>>>>>> the jar file build at target folder (eg: >>>>>>> components/entitlement/org.wso2.carbon.identity.entitlement) into >>>>>>> <Identity >>>>>>> Server Home>/repository/components/patches/patch9000 (You'll have to >>>>>>> create >>>>>>> patch9000 folder ). In this way also you can test any changes you are >>>>>>> doing >>>>>>> to code. >>>>>>> >>>>>>> This may be bit complex task, try it and if you find anything >>>>>>> difficult, please put a mail here. >>>>>>> >>>>>>> [1]. https://github.com/wso2/identity-framework >>>>>>> [2]. https://github.com/wso2/product-is >>>>>>> [3]. https://github.com/wso2-extensions >>>>>>> [4]. https://gist.github.com/pulasthi7/3d365a3345371fd63f74 >>>>>>> >>>>>>> Cheers! >>>>>>> >>>>>>> On Tue, Mar 22, 2016 at 8:09 PM, Manujith Pallewatte < >>>>>>> manujith...@gmail.com> wrote: >>>>>>> >>>>>>>> Hi Omindu, >>>>>>>> >>>>>>>> Thank alot, I will look into those. >>>>>>>> also should I be working on the >>>>>>>> https://github.com/wso2/identity-framework codebase or >>>>>>>> https://github.com/wso2/product-is codebase >>>>>>>> i was under the impression that the latter is what I should focus on >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> On Tue, Mar 22, 2016 at 7:55 PM, Omindu Rathnaweera < >>>>>>>> omi...@wso2.com> wrote: >>>>>>>> >>>>>>>>> Hi Manujith, >>>>>>>>> >>>>>>>>> Pushpalanka will be able to provide you more details on this. >>>>>>>>> >>>>>>>>> For the time being, you can try out the current XACML >>>>>>>>> implementation by following the resources at [1]. >>>>>>>>> >>>>>>>>> The documentation related to XACML architecture [2] will help you >>>>>>>>> to understand the current implementation. The feature codebase can be >>>>>>>>> found >>>>>>>>> at [3]. In the codebase, EntitlmentService [4] is the SOAP service >>>>>>>>> implementation. >>>>>>>>> >>>>>>>>> [1] - >>>>>>>>> https://docs.wso2.com/display/IS510/Configuring+the+Policy+Administration+Point >>>>>>>>> , >>>>>>>>> http://pushpalankajaya.blogspot.com/2013/06/try-out-xacml-policies-with-wso2.html >>>>>>>>> [2] - https://docs.wso2.com/display/IS510/Access+Control >>>>>>>>> [3] - >>>>>>>>> https://github.com/wso2/identity-framework/tree/master/components/entitlement >>>>>>>>> [4] - >>>>>>>>> https://github.com/wso2/identity-framework/blob/master/components/entitlement/org.wso2.carbon.identity.entitlement/src/main/java/org/wso2/carbon/identity/entitlement/EntitlementService.java >>>>>>>>> >>>>>>>>> Regards, >>>>>>>>> Omindu. >>>>>>>>> >>>>>>>>> On Tue, Mar 22, 2016 at 6:51 PM, Chamila Wijayarathna < >>>>>>>>> cham...@wso2.com> wrote: >>>>>>>>> >>>>>>>>>> [Adding Pushpalanka] >>>>>>>>>> >>>>>>>>>> On Tue, Mar 22, 2016 at 6:05 PM, Manujith Pallewatte < >>>>>>>>>> manujith...@gmail.com> wrote: >>>>>>>>>> >>>>>>>>>>> Hi Omindu, >>>>>>>>>>> >>>>>>>>>>> It that case, I'm interested in doing *Proposal >>>>>>>>>>> 22: [IS] RESTful Fine Grained Authorization-as-a-Service (AZaaS)* >>>>>>>>>>> Since I'm a bi behind the schedule for starting over with it, >>>>>>>>>>> can you give me some pointers to start working? As I get it I have >>>>>>>>>>> to focus >>>>>>>>>>> on Balana engine, should I be interacting more with the code of >>>>>>>>>>> Balana, or >>>>>>>>>>> IS? >>>>>>>>>>> >>>>>>>>>>> Thank You >>>>>>>>>>> >>>>>>>>>>> On Mon, Mar 21, 2016 at 10:56 PM, Omindu Rathnaweera < >>>>>>>>>>> omi...@wso2.com> wrote: >>>>>>>>>>> >>>>>>>>>>>> Hi Manujith, >>>>>>>>>>>> >>>>>>>>>>>> Thank you for showing interest in the project. Unfortunately we >>>>>>>>>>>> have decided to remove the project from the project proposals list >>>>>>>>>>>> since we >>>>>>>>>>>> need to add the scim 2.0 support to an upcoming release which is >>>>>>>>>>>> scheduled >>>>>>>>>>>> to be done prior to the GSoC project period. We apologize for any >>>>>>>>>>>> inconvenience this may have caused. >>>>>>>>>>>> >>>>>>>>>>>> We have included a new project [1] to add *SAML Assertion >>>>>>>>>>>> Query/Request Profile support for WSO2 Identity Server*. If >>>>>>>>>>>> interested, you can go through the project details and submit a >>>>>>>>>>>> proposal >>>>>>>>>>>> for the new project or one of the other Identity Server projects >>>>>>>>>>>> (project 22 >>>>>>>>>>>> & 23). If you have any questions, feel free to raise. >>>>>>>>>>>> >>>>>>>>>>>> [1] - >>>>>>>>>>>> https://docs.wso2.com/display/GSoC/Project+Proposals+for+2016#ProjectProposalsfor2016-Proposal20:[IS]SAMLAssertionQuery/RequestProfilesupportforWSO2IdentityServer >>>>>>>>>>>> >>>>>>>>>>>> Thanks, >>>>>>>>>>>> Omindu. >>>>>>>>>>>> >>>>>>>>>>>> On Mon, Mar 21, 2016 at 9:59 PM, Pubudu Fernando < >>>>>>>>>>>> pubu...@wso2.com> wrote: >>>>>>>>>>>> >>>>>>>>>>>>> [adding mentors] >>>>>>>>>>>>> >>>>>>>>>>>>> On Mon, Mar 21, 2016 at 8:35 PM, Manujith Pallewatte < >>>>>>>>>>>>> manujith...@gmail.com> wrote: >>>>>>>>>>>>> >>>>>>>>>>>>>> Hi, >>>>>>>>>>>>>> >>>>>>>>>>>>>> I'm Manujith Pallewatte, a 2nd year undergraduate from >>>>>>>>>>>>>> Department of Computer Science and Engineering, University of >>>>>>>>>>>>>> Moratuwa. I'm >>>>>>>>>>>>>> interested in doing project for WSO2 for GSoC 2016. >>>>>>>>>>>>>> >>>>>>>>>>>>>> I already picked Proposal 20 considering my capabilities and >>>>>>>>>>>>>> interest in the area. >>>>>>>>>>>>>> As a Oracle certified java programmer I have a firm hand on >>>>>>>>>>>>>> Java, and I have developed several REST APIs on top of different >>>>>>>>>>>>>> platforms >>>>>>>>>>>>>> (like google app engine). And currently I'm reading on SCIM >>>>>>>>>>>>>> specification. >>>>>>>>>>>>>> >>>>>>>>>>>>>> So far, I cloned the *product-is* repo ( >>>>>>>>>>>>>> https://github.com/wso2/product-is) which i believe to be >>>>>>>>>>>>>> the source of Identity Server and then build it. I played around >>>>>>>>>>>>>> with the >>>>>>>>>>>>>> system a bit and now trying to connect different services to it. >>>>>>>>>>>>>> >>>>>>>>>>>>>> So I want to know if I'm going in the wrong direction (with >>>>>>>>>>>>>> the objective of working for the above proposal) and please give >>>>>>>>>>>>>> me some >>>>>>>>>>>>>> suggestions to read or work on to improve my familiarity with >>>>>>>>>>>>>> the system. >>>>>>>>>>>>>> >>>>>>>>>>>>>> Thank You >>>>>>>>>>>>>> -- >>>>>>>>>>>>>> >>>>>>>>>>>>>> >>>>>>>>>>>>>> >>>>>>>>>>>>>> [image: Manujith Pallewatte on about.me] >>>>>>>>>>>>>> >>>>>>>>>>>>>> Manujith Pallewatte >>>>>>>>>>>>>> about.me/manzzup >>>>>>>>>>>>>> <http://about.me/manzzup> >>>>>>>>>>>>>> >>>>>>>>>>>>>> >>>>>>>>>>>>>> >>>>>>>>>>>>>> -- >>>>>>>>>>>>>> >>>>>>>>>>>>>> >>>>>>>>>>>>>> >>>>>>>>>>>>>> [image: Manujith Pallewatte on about.me] >>>>>>>>>>>>>> >>>>>>>>>>>>>> Manujith Pallewatte >>>>>>>>>>>>>> about.me/manzzup >>>>>>>>>>>>>> <http://about.me/manzzup> >>>>>>>>>>>>>> >>>>>>>>>>>>>> _______________________________________________ >>>>>>>>>>>>>> Dev mailing list >>>>>>>>>>>>>> Dev@wso2.org >>>>>>>>>>>>>> http://wso2.org/cgi-bin/mailman/listinfo/dev >>>>>>>>>>>>>> >>>>>>>>>>>>>> >>>>>>>>>>>>> >>>>>>>>>>>>> >>>>>>>>>>>>> -- >>>>>>>>>>>>> *Pubudu Fernando* >>>>>>>>>>>>> Software Engineer - Intern >>>>>>>>>>>>> WSO2 Inc. >>>>>>>>>>>>> m: +94 77 888 2543 >>>>>>>>>>>>> >>>>>>>>>>>>> <https://lk.linkedin.com/in/pubuduf> >>>>>>>>>>>>> <http://blog.pubudu.xyz/> <https://github.com/pubudu91> >>>>>>>>>>>>> <http://stackoverflow.com/users/4329912/pubudu> >>>>>>>>>>>>> >>>>>>>>>>>>> >>>>>>>>>>>> >>>>>>>>>>>> >>>>>>>>>>>> -- >>>>>>>>>>>> Omindu Rathnaweera >>>>>>>>>>>> Software Engineer, WSO2 Inc. >>>>>>>>>>>> Mobile: +94 771 197 211 >>>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> -- >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> [image: Manujith Pallewatte on about.me] >>>>>>>>>>> >>>>>>>>>>> Manujith Pallewatte >>>>>>>>>>> about.me/manzzup >>>>>>>>>>> <http://about.me/manzzup> >>>>>>>>>>> >>>>>>>>>>> _______________________________________________ >>>>>>>>>>> Dev mailing list >>>>>>>>>>> Dev@wso2.org >>>>>>>>>>> http://wso2.org/cgi-bin/mailman/listinfo/dev >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> -- >>>>>>>>>> *Chamila Dilshan Wijayarathna,* >>>>>>>>>> Software Engineer >>>>>>>>>> Mobile:(+94)788193620 >>>>>>>>>> WSO2 Inc., http://wso2.com/ >>>>>>>>>> >>>>>>>>> >>>>>>>>> >>>>>>>>> >>>>>>>>> -- >>>>>>>>> Omindu Rathnaweera >>>>>>>>> Software Engineer, WSO2 Inc. >>>>>>>>> Mobile: +94 771 197 211 >>>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> -- >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> [image: Manujith Pallewatte on about.me] >>>>>>>> >>>>>>>> Manujith Pallewatte >>>>>>>> about.me/manzzup >>>>>>>> <http://about.me/manzzup> >>>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> -- >>>>>>> *Chamila Dilshan Wijayarathna,* >>>>>>> Software Engineer >>>>>>> Mobile:(+94)788193620 >>>>>>> WSO2 Inc., http://wso2.com/ >>>>>>> >>>>>> >>>>>> >>>>>> >>>>>> -- >>>>>> >>>>>> >>>>>> >>>>>> [image: Manujith Pallewatte on about.me] >>>>>> >>>>>> Manujith Pallewatte >>>>>> about.me/manzzup >>>>>> <http://about.me/manzzup> >>>>>> >>>>> >>>>> >>>> >>>> >>>> -- >>>> >>>> >>>> >>>> [image: Manujith Pallewatte on about.me] >>>> >>>> Manujith Pallewatte >>>> about.me/manzzup >>>> <http://about.me/manzzup> >>>> >>> >>> >>> >>> -- >>> >>> >>> >>> [image: Manujith Pallewatte on about.me] >>> >>> Manujith Pallewatte >>> about.me/manzzup >>> <http://about.me/manzzup> >>> >> >> >> >> -- >> >> >> >> [image: Manujith Pallewatte on about.me] >> >> Manujith Pallewatte >> about.me/manzzup >> <http://about.me/manzzup> >> > > -- [image: Manujith Pallewatte on about.me] Manujith Pallewatte about.me/manzzup <http://about.me/manzzup>
_______________________________________________ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev