Re: [Dev] ACT tests in an EC2 environment tps drops in a few min

[Miyuru Wanninayaka]

EC2 might throttling network as we are flooding it with requests. We
observed same behavior when we do ESB performance tests. Due to that, we
ran client, server and backend in a single EC2 instance.

On Thu, Jul 28, 2016 at 11:15 AM, Ishara Karunarathna 
wrote:

> Hi All,
>
> We have 3 m3.2xlarge EC2 instances each for jmeter, IS and Mysql.
> we are running with 500 concurrent threads.  And to the user add operation
> only.
>
> Even with 5m users we get 1000+ tps for few min and it get down to 200 tps
> after that.
> But last day same test ran without any issues.
>
> Can there be a issue in EC2 configs or can be a any other issue ?
> Appreciate your fed back on this.
>
> Thanks,
> Ishara
>
> --
> Ishara Karunarathna
> Associate Technical Lead
> WSO2 Inc. - lean . enterprise . middleware |  wso2.com
>
> email: isha...@wso2.com,   blog: isharaaruna.blogspot.com,   mobile:
> +94717996791
>
>
>


-- 
Miyuru Wanninayaka
Associate Director / Architect
WSO2 Inc. : http://wso2.com

Mobile : +94 77 209 9788
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

[Dev] ACT tests in an EC2 environment tps drops in a few min

[Ishara Karunarathna]

Hi All,

We have 3 m3.2xlarge EC2 instances each for jmeter, IS and Mysql.
we are running with 500 concurrent threads.  And to the user add operation
only.

Even with 5m users we get 1000+ tps for few min and it get down to 200 tps
after that.
But last day same test ran without any issues.

Can there be a issue in EC2 configs or can be a any other issue ?
Appreciate your fed back on this.

Thanks,
Ishara

-- 
Ishara Karunarathna
Associate Technical Lead
WSO2 Inc. - lean . enterprise . middleware |  wso2.com

email: isha...@wso2.com,   blog: isharaaruna.blogspot.com,   mobile:
+94717996791
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] [APIM200] [Cluster] PKIX path building failed :Exception throwing on all nodes of apim cluster

[Kavitha Subramaniyam]

Hi Nuwan,
Ok. About this certification issue, I have added already the nginx certs to
each carbon trust store (which attached in above reply) but not the carbon
server's certs since I'm using default carbon key store in all nodes.

Thanks,

On Wed, Jul 27, 2016 at 7:44 PM, Nuwan Dias  wrote:

> No changes have been made to those. And it seems I was mistaken regarding
> the config. I got to know from Harsha that is actually the Key Manager URL
> we use in this instance.
>
> Like I said, this error is quite common. If you google it you will find
> multiple instances of it and the reason always is the cert not being
> available in the trust store.
>
> Our guess is that you are using two certs. One for nginx and one for
> carbon. You may have put the cert of the carbon servers in the trust store
> but may not have put the nginx cert into your trust store. You need to
> validate the certs in the trust store and ensure all required certs are in
> there.
>
> Thanks,
> NuwanD.
>
> On Wed, Jul 27, 2016 at 7:40 PM, Kavitha Subramaniyam 
> wrote:
>
>> Hi Nuwan,
>> With the earlier packs we used the default values for the 
>> config in api-manager.xml and we didn't encounter this issue.
>> Have there been any changes they might have made this configuration
>> relevant to RC4 ? As of now we are using the default values. Do we have to
>> update it?
>>
>> Thanks,
>>
>> On Wed, Jul 27, 2016 at 7:21 PM, Kavitha Subramaniyam 
>> wrote:
>>
>>> Hi
>>> Nuwan, I have checked the  config in api-mgt.xml and it
>>> is a default config for all nodes. I don't understand why this is looking
>>> for server certificate though I have added cert it self to relevant
>>> node(publisher cert added to publisher's key store too).
>>>
>>> @Amila, I have done setting BlockCondition element to false to other
>>> nodes and, now I can't see the above error in both Publisher & Store nodes.
>>> But anyway it is a need to fix this issue on GW nodes. I'm attaching conf
>>> and key store/certs of one of GW node here with. Please have a look..
>>>
>>>
>>> Thanks,
>>> Kavitha
>>>
>>>
>>> On Wed, Jul 27, 2016 at 4:38 PM, Amila De Silva  wrote:
>>>
 Hi Kavitha,

 KeyTemplate Retriever only needs to run on GW nodes. You can disable
 this on other nodes by setting BlockCondition element to false.
 For retrieving KeyTemplates, the retriever uses url of the KM to call
 the endpoint. One reason for this error occurring could be not having Certs
 of the Nginx in the client-truststore.
 Can you also share the Key Stores/Certs and the configurations?






 On Wed, Jul 27, 2016 at 4:06 PM, Kavitha Subramaniyam  wrote:

> Hi apim team,
>
> I'm getting a certification issue [1]in cluster nodes (every nodes:
> publisher, store, gateway) which configured with APIM2.0.0RC4 pack. I have
> imported all relevant certs to keystore properly as per below steps:
> - Created certs in nginx and copied to /etc/nginx/ssl
> - Updated relevant conf in /etc/nginx/conf.d
> - Copied those certs in to each node respectively
> /repository/resources/security
> - Imported certs to client-truststore.jks using below command
>
> keytool -import -alias apimpublisher -file apimpublisher.crt -keystore
> client-truststore.jks
>
>
> Cluster details: clustered following the doc [2]
> 1 Publisher, 2 Store, 2 gateway workers and 2 IS keymanager nodes
> fronted by nginx
>
>
> Further I tried this also: added certificate for apim to the keystore
> of used java as below and checked it; *but the issue is still there*.
> keytool -export -alias wso2carbon -keystore
> /repository/resources/security/wso2carbon.jks -storepass
> wso2carbon -file mycert.pem
> keytool -import -trustcacerts -file mycert.pem -alias wso2carbon
> -keystore $JAVA_HOME/jre/lib/security/cacerts
>
>
> Observed below Warn and Error on server startup. Please see the
> attached log from publisher node (server startup with 
> -Djavax.net.debug=all)
>
> Could you please have a look into this and give your feedback?
>
> [1]
>
> TID: [-1] [] [2016-07-27 10:14:50,813]  WARN
> {org.wso2.carbon.apimgt.gateway.throttling.util.KeyTemplateRetriever} -
>  Failed retrieving throttling data from remote endpoint:
> sun.security.validator.ValidatorException: PKIX path building failed:
> sun.security.provider.certpath.SunCertPathBuilderException: unable to find
> valid certification path to requested target. Retrying after 15 seconds...
> {org.wso2.carbon.apimgt.gateway.throttling.util.KeyTemplateRetriever}
> TID: [-1] [] [2016-07-27 10:15:05,854] ERROR
> {org.wso2.carbon.apimgt.gateway.throttling.util.KeyTemplateRetriever} -
>  Exception when retrieving throttling data from remote endpoint
>  

Re: [Dev] [BPS] Secure vault for BPMN Analytics configuration

[Rajith Vitharana]

Hi Waruna,

Try adding namespace for "svns" to the property.

Thanks,

On Thu, Jul 28, 2016 at 10:09 AM, Waruna Jayaweera  wrote:

> Hi,
> I have enabled the secure vault for activiti.xml and but I am getting
> exception [1] during server  start up.  Carbon secure vault implementation
> will add svns:secretAlias to activiti.xml as follows.
>  value="admin">password
>
> But
> org.activiti.engine.impl.cfg.BeansConfigurationHelper.parseProcessEngineConfiguration
> cannot parse the xml after that. Any idea how we can fix that?
>
> [1]  ERROR {org.wso2.carbon.bpmn.core.internal.BPMNServiceComponent} -
>  Failed to initialize the BPMN core component.
> org.springframework.beans.factory.xml.XmlBeanDefinitionStoreException:
> Line 35 in XML document from resource loaded through InputStream is
> invalid; nested exception is org.xml.sax.SAXParseException:
> cvc-complex-type.3.2.2: Attribute 'svns:secretAlias' is not allowed to
> appear in element 'property'.
> at
> org.springframework.beans.factory.xml.XmlBeanDefinitionReader.doLoadBeanDefinitions(XmlBeanDefinitionReader.java:396)
> at
> org.springframework.beans.factory.xml.XmlBeanDefinitionReader.loadBeanDefinitions(XmlBeanDefinitionReader.java:334)
> at
> org.springframework.beans.factory.xml.XmlBeanDefinitionReader.loadBeanDefinitions(XmlBeanDefinitionReader.java:302)
> at
> org.activiti.engine.impl.cfg.BeansConfigurationHelper.parseProcessEngineConfiguration(BeansConfigurationHelper.java:35)
> at
> org.activiti.engine.impl.cfg.BeansConfigurationHelper.parseProcessEngineConfigurationFromInputStream(BeansConfigurationHelper.java:43)
> at
> org.activiti.engine.ProcessEngineConfiguration.createProcessEngineConfigurationFromInputStream(ProcessEngineConfiguration.java:244)
> at
> org.activiti.engine.ProcessEngineConfiguration.createProcessEngineConfigurationFromInputStream(ProcessEngineConfiguration.java:240)
> at
> org.wso2.carbon.bpmn.core.ActivitiEngineBuilder.buildEngine(ActivitiEngineBuilder.java:89)
> at
> org.wso2.carbon.bpmn.core.internal.BPMNServiceComponent.activate(BPMNServiceComponent.java:49)
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> at
> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
> at
> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
> at java.lang.reflect.Method.invoke(Method.java:606)
> at
> org.eclipse.equinox.internal.ds.model.ServiceComponent.activate(ServiceComponent.java:260)
> at
> org.eclipse.equinox.internal.ds.model.ServiceComponentProp.activate(ServiceComponentProp.java:146)
> at
> org.eclipse.equinox.internal.ds.model.ServiceComponentProp.build(ServiceComponentProp.java:345)
> at
> org.eclipse.equinox.internal.ds.InstanceProcess.buildComponent(InstanceProcess.java:620)
> at
> org.eclipse.equinox.internal.ds.InstanceProcess.buildComponents(InstanceProcess.java:197)
> at org.eclipse.equinox.internal.ds.Resolver.getEligible(Resolver.java:343)
> at
> org.eclipse.equinox.internal.ds.SCRManager.serviceChanged(SCRManager.java:222)
> at
> org.eclipse.osgi.internal.serviceregistry.FilteredServiceListener.serviceChanged(FilteredServiceListener.java:107)
> at
> org.eclipse.osgi.framework.internal.core.BundleContextImpl.dispatchEvent(BundleContextImpl.java:861)
> at
> org.eclipse.osgi.framework.eventmgr.EventManager.dispatchEvent(EventManager.java:230)
> at
> org.eclipse.osgi.framework.eventmgr.ListenerQueue.dispatchEventSynchronous(ListenerQueue.java:148)
> at
> org.eclipse.osgi.internal.serviceregistry.ServiceRegistry.publishServiceEventPrivileged(ServiceRegistry.java:819)
> at
> org.eclipse.osgi.internal.serviceregistry.ServiceRegistry.publishServiceEvent(ServiceRegistry.java:771)
> at
> org.eclipse.osgi.internal.serviceregistry.ServiceRegistrationImpl.register(ServiceRegistrationImpl.java:130)
> at
> org.eclipse.osgi.internal.serviceregistry.ServiceRegistry.registerService(ServiceRegistry.java:214)
> at
> org.eclipse.osgi.framework.internal.core.BundleContextImpl.registerService(BundleContextImpl.java:433)
> at
> org.eclipse.osgi.framework.internal.core.BundleContextImpl.registerService(BundleContextImpl.java:451)
> at
> org.wso2.carbon.ndatasource.core.internal.DataSourceServiceComponent.registerServices(DataSourceServiceComponent.java:126)
> at
> org.wso2.carbon.ndatasource.core.internal.DataSourceServiceComponent.initSuperTenantUserDataSources(DataSourceServiceComponent.java:221)
> at
> org.wso2.carbon.ndatasource.core.internal.DataSourceServiceComponent.checkInitTenantUserDataSources(DataSourceServiceComponent.java:206)
> at
> org.wso2.carbon.ndatasource.core.internal.DataSourceServiceComponent.setRegistryService(DataSourceServiceComponent.java:157)
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> at
> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
> at
> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
> at 

Re: [Dev] Fwd: Releasing an update for DevS kernel 4.1.0

[Kavith Lokuhewage]

Hi Viraj,

Update is staged at [1] and available via common staging update URL [2] for
kernel 4.1.0.
Please verify the update, upon verification, we will get it published to
product dist server.

Thanks,

[1]
http://builder1.us1.wso2.org/~developerstudio/developer-studio-kernel/4.1.0/platform-bundles/updates/platform-p2-4.1.0-201607270157/

[2]
http://builder1.us1.wso2.org/~developerstudio/developer-studio-kernel/4.1.0/updates/

*Kavith Lokuhewage*
Senior Software Engineer
WSO2 Inc. - http://wso2.com
lean . enterprise . middleware
Mobile - +94779145123
Linkedin   Twitter


On Tue, Jul 26, 2016 at 8:10 PM, Viraj Rajaguru  wrote:

> Thanks Kavith !
>
> On Tue, Jul 26, 2016 at 8:08 PM, Kavith Lokuhewage 
> wrote:
>
>> Hi Viraj,
>>
>> I will prepare platform update and let you know once it is published.
>>
>> Thanks,
>>
>> On 26 Jul 2016 8:02 p.m., "Viraj Rajaguru"  wrote:
>>
>>> Hi Kavith,
>>>
>>> Sent a pull request[1].
>>>
>>> Thanks,
>>> Viraj.
>>>
>>> [1] - https://github.com/wso2/devstudio-tooling-platform/pull/1
>>>
>>> On Tue, Jul 26, 2016 at 2:17 PM, Kavith Lokuhewage 
>>> wrote:
>>>
 Hi Viraj,

 Please send the PR with the fix to master branch. We will release the
 update for 4.1.0.

 Thanks,

 *Kavith Lokuhewage*
 Senior Software Engineer
 WSO2 Inc. - http://wso2.com
 lean . enterprise . middleware
 Mobile - +94779145123
 Linkedin 
 Twitter 

 On Fri, Jul 22, 2016 at 3:47 PM, Viraj Rajaguru  wrote:

>
> -- Forwarded message --
> From: Viraj Rajaguru 
> Date: Fri, Jul 22, 2016 at 3:46 PM
> Subject: Releasing an update for DevS kernel 4.1.0
> To: Jasintha Dasanayake , Kavith Lokuhewage <
> kav...@wso2.com>, Susinda Perera , Sohani
> Weerasinghe , Nuwan Pallewela ,
> Chanaka Fernando , Jagath Sisirakumara Ariyarathne
> 
>
>
> Hi DevS kernel team,
>
> We faced an issue while deploying CAR files when webContextRoot is
> enabled in carbon.xml. See the public Jira[1]. This needs to be fixed in
> "devstudio-tooling-platform". Can we have this fix as an update for Kernel
> 4.1.0 since this is a blocker for ESB tolling release. Fix is attached to
> the jira.
>
> BTW, is there any 4.1.0 update branch so that we can send pull
> requests?
>
> Thanks,
> Viraj.
>
> [1] - https://wso2.org/jira/browse/DEVTOOLESB-637
> --
> Viraj Rajaguru
> Associate Technical Lead
> WSO2 Inc. : http://wso2.com
>
> Mobile: +94 77 3683068
>
>
>
>
>
>
> --
> Viraj Rajaguru
> Associate Technical Lead
> WSO2 Inc. : http://wso2.com
>
> Mobile: +94 77 3683068
>
>
>
>
> ___
> Dev mailing list
> Dev@wso2.org
> http://wso2.org/cgi-bin/mailman/listinfo/dev
>
>

>>>
>>>
>>> --
>>> Viraj Rajaguru
>>> Associate Technical Lead
>>> WSO2 Inc. : http://wso2.com
>>>
>>> Mobile: +94 77 3683068
>>>
>>>
>>>
>>>
>
>
> --
> Viraj Rajaguru
> Associate Technical Lead
> WSO2 Inc. : http://wso2.com
>
> Mobile: +94 77 3683068
>
>
>
>
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] [C5] [CAAS] On Authentication: Invoking loginContext.login() returns LoginException of CNF for UsernamePasswordLoginModule

[Jayanga Kaushalya]

*Jayanga Kaushalya*
Software Engineer
Mobile: +94777860160
WSO2 Inc. | http://wso2.com
lean.enterprise.middleware

On Wed, Jul 27, 2016 at 10:10 PM, Rasika Perera  wrote:

> Hi Jayanga and All,
>
>>
>> Thanks for the clarification. Would that mean foo-connector.yml will define 
>> the connector type configuration and store-config.yml will
> be referred foo-connector for different store-connector instances ? Or are we 
> repeating same configuration on both files?
>
> Yes, you need to refer connectors that you need to use, in the
store-config.yml (As a comma separated list). You can define connector
specific configurations in the specific foo-connector.yml or in the
store-config.yml. No need to repeat in both locations.

> I am using following versions
> carbon.security.caas.version: 1.0.0-m2
> ​ ​and c
> arbon.security.userstore.jdbc.version: 1.0.0-m2
> ​. ​
> And jdbc-connector.yml contains this
> ​(just uncommented defaults)​
> ;
>
> name: "jdbc-store-connector"
> dataSource: "jdbc/WSO2CARBON_DB"
>
>
If both CAAS and the userstore.jdbc are in the m2 version, then no need to
un-comment those configurations. m2 version is defaulted to use the JDBC
connector so the relevant configurations will be available in the
store-config.yml. Please comment those configurations and use. If you need
to use connector specific configurations, then please use the latest format
[1] that is available.

> Thanks,
> Rasika
>
> [1]
https://github.com/wso2-extensions/carbon-security-user-store-jdbc/blob/master/feature/resources/conf/jdbc-authorization-connector.yml

Thanks!

>
> On Wed, Jul 27, 2016 at 6:11 PM, Jayanga Kaushalya 
> wrote:
>
>> [Adding Sameera, Darshana]
>>
>> On Wed, Jul 27, 2016 at 3:58 PM, Rasika Perera  wrote:
>>
>>> [Adding Niranjan, Sumedha, Manu]
>>> ​
>>> Hi Jayanga,
>>>
>>> When the user-store connector[1] feature is added carbon-security
>>> component is activated. It is true that Carbon-Security component will not
>>> up until it satisfy all connectors dependencies. But IMO we need to provide
>>> intuitive error message when at least one connector is not provided
>>> (definitely bundlecontext is null is not the correct error message).
>>> Implementation should demand it, rather than docs. And if you need all
>>> connectors to up before your Carbon-Security-Component; try
>>> Startup-Order-Resolver which is used in MSF4J (There's a blog[2] on this by
>>> Sameera).
>>>
>>
>> There can be multiple connectors available for the CAAS at the run time
>> but it should only wait for the connectors that are specified in the
>> store-config.yml. Currently there is no feature in the startup resolver to
>> specifically wait until the dynamically given component is up. This feature
>> will be added into the startup resolver in future. Until that, we will add
>> startup resolver to wait until all of the required components to be active
>> and it will give a proper warning if there are missing components.
>>
>>>
>>> When turning on default configuration on "jdbc-connector.yml". Now I am
>>> getting this error;
>>>
>>> [2016-07-27 15:47:01,178] ERROR
>>> {org.wso2.carbon.security.caas.internal.CarbonSecurityComponent} - Cannot
>>> create property=dataSource for
>>> JavaBean=org.wso2.carbon.security.caas.internal.config.StoreConnectorConfigEntry@12a09b44
>>>  in 'reader', line 16, column 1:
>>> name: "jdbc-store-connector"
>>> ^
>>> Unable to find property 'dataSource' on class:
>>> org.wso2.carbon.security.caas.internal.config.StoreConnectorConfigEntry
>>>  in 'reader', line 17, column 13:
>>> dataSource: "jdbc/WSO2CARBON_DB"
>>> ^
>>> Cannot create property=dataSource for
>>> JavaBean=org.wso2.carbon.security.caas.internal.config.StoreConnectorConfigEntry@12a09b44
>>>  in 'reader', line 16, column 1:
>>> name: "jdbc-store-connector"
>>> ^
>>> Unable to find property 'dataSource' on class:
>>> org.wso2.carbon.security.caas.internal.config.StoreConnectorConfigEntry
>>>  in 'reader', line 17, column 13:
>>> dataSource: "jdbc/WSO2CARBON_DB"
>>>
>>> Seems like configuration elements are not matched with the mapped
>>> object. What should be the correct configuration and any docs?i
>>>
>>
>> What carbon-security-user-store-jdbc version are you using ? Please use
>> the configurations that are used in the latest version.
>>
>>>
>>> When debugging this issue I also came across that carbon-security is
>>> owning configuration files space of "*-connector.yml" in [3]. Why do we
>>> need to introduce a new config file for each connector? Can't we use
>>> "connectors.yml" which will contains all connector configurations?
>>>
>>
>> There are two ways to specify connectors related to the carbon security.
>> One method is to specify all of the connector details in the main
>> store-config.yml [1] and the other way is to specify them in a separate
>> configuration file for each connector. Reason for using a single
>> configuration file for 

[Dev] [BPS] Secure vault for BPMN Analytics configuration

[Waruna Jayaweera]

Hi,
I have enabled the secure vault for activiti.xml and but I am getting
exception [1] during server  start up.  Carbon secure vault implementation
will add svns:secretAlias to activiti.xml as follows.
password

But
org.activiti.engine.impl.cfg.BeansConfigurationHelper.parseProcessEngineConfiguration
cannot parse the xml after that. Any idea how we can fix that?

[1]  ERROR {org.wso2.carbon.bpmn.core.internal.BPMNServiceComponent} -
 Failed to initialize the BPMN core component.
org.springframework.beans.factory.xml.XmlBeanDefinitionStoreException: Line
35 in XML document from resource loaded through InputStream is invalid;
nested exception is org.xml.sax.SAXParseException: cvc-complex-type.3.2.2:
Attribute 'svns:secretAlias' is not allowed to appear in element 'property'.
at
org.springframework.beans.factory.xml.XmlBeanDefinitionReader.doLoadBeanDefinitions(XmlBeanDefinitionReader.java:396)
at
org.springframework.beans.factory.xml.XmlBeanDefinitionReader.loadBeanDefinitions(XmlBeanDefinitionReader.java:334)
at
org.springframework.beans.factory.xml.XmlBeanDefinitionReader.loadBeanDefinitions(XmlBeanDefinitionReader.java:302)
at
org.activiti.engine.impl.cfg.BeansConfigurationHelper.parseProcessEngineConfiguration(BeansConfigurationHelper.java:35)
at
org.activiti.engine.impl.cfg.BeansConfigurationHelper.parseProcessEngineConfigurationFromInputStream(BeansConfigurationHelper.java:43)
at
org.activiti.engine.ProcessEngineConfiguration.createProcessEngineConfigurationFromInputStream(ProcessEngineConfiguration.java:244)
at
org.activiti.engine.ProcessEngineConfiguration.createProcessEngineConfigurationFromInputStream(ProcessEngineConfiguration.java:240)
at
org.wso2.carbon.bpmn.core.ActivitiEngineBuilder.buildEngine(ActivitiEngineBuilder.java:89)
at
org.wso2.carbon.bpmn.core.internal.BPMNServiceComponent.activate(BPMNServiceComponent.java:49)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:606)
at
org.eclipse.equinox.internal.ds.model.ServiceComponent.activate(ServiceComponent.java:260)
at
org.eclipse.equinox.internal.ds.model.ServiceComponentProp.activate(ServiceComponentProp.java:146)
at
org.eclipse.equinox.internal.ds.model.ServiceComponentProp.build(ServiceComponentProp.java:345)
at
org.eclipse.equinox.internal.ds.InstanceProcess.buildComponent(InstanceProcess.java:620)
at
org.eclipse.equinox.internal.ds.InstanceProcess.buildComponents(InstanceProcess.java:197)
at org.eclipse.equinox.internal.ds.Resolver.getEligible(Resolver.java:343)
at
org.eclipse.equinox.internal.ds.SCRManager.serviceChanged(SCRManager.java:222)
at
org.eclipse.osgi.internal.serviceregistry.FilteredServiceListener.serviceChanged(FilteredServiceListener.java:107)
at
org.eclipse.osgi.framework.internal.core.BundleContextImpl.dispatchEvent(BundleContextImpl.java:861)
at
org.eclipse.osgi.framework.eventmgr.EventManager.dispatchEvent(EventManager.java:230)
at
org.eclipse.osgi.framework.eventmgr.ListenerQueue.dispatchEventSynchronous(ListenerQueue.java:148)
at
org.eclipse.osgi.internal.serviceregistry.ServiceRegistry.publishServiceEventPrivileged(ServiceRegistry.java:819)
at
org.eclipse.osgi.internal.serviceregistry.ServiceRegistry.publishServiceEvent(ServiceRegistry.java:771)
at
org.eclipse.osgi.internal.serviceregistry.ServiceRegistrationImpl.register(ServiceRegistrationImpl.java:130)
at
org.eclipse.osgi.internal.serviceregistry.ServiceRegistry.registerService(ServiceRegistry.java:214)
at
org.eclipse.osgi.framework.internal.core.BundleContextImpl.registerService(BundleContextImpl.java:433)
at
org.eclipse.osgi.framework.internal.core.BundleContextImpl.registerService(BundleContextImpl.java:451)
at
org.wso2.carbon.ndatasource.core.internal.DataSourceServiceComponent.registerServices(DataSourceServiceComponent.java:126)
at
org.wso2.carbon.ndatasource.core.internal.DataSourceServiceComponent.initSuperTenantUserDataSources(DataSourceServiceComponent.java:221)
at
org.wso2.carbon.ndatasource.core.internal.DataSourceServiceComponent.checkInitTenantUserDataSources(DataSourceServiceComponent.java:206)
at
org.wso2.carbon.ndatasource.core.internal.DataSourceServiceComponent.setRegistryService(DataSourceServiceComponent.java:157)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:606)
at
org.eclipse.equinox.internal.ds.model.ComponentReference.bind(ComponentReference.java:376)
at
org.eclipse.equinox.internal.ds.model.ServiceComponentProp.bindReference(ServiceComponentProp.java:430)
at
org.eclipse.equinox.internal.ds.InstanceProcess.dynamicBind(InstanceProcess.java:416)
at 

[Dev] WSO2 Developer Studio Kernel 4.2.0 released

[Kavith Lokuhewage]

Hi All,

Developer Studio team is pleased to announce WSO2 Developer Studio Kernel
4.2.0 release.

P2 repository and RCP products of WSO2 developer Studio Kernel 4.2.0 is
available here
.

Source and Tag Location for this release is available here

.

With the 4.2.0 release, WSO2 Developer Studio kernel also provides an
Eclipse RCP based distribution - further reducing the size.

We have also introduced a web based dashboard for Developer Studio to
enhance user experience.

Also the XULRunner is embedded to maintain an unbroken user experience in
WSO2 Developer Studio on windows platform - when using web technologies.

We have also fixed a few bugs.

- https://wso2.org/jira/browse/DEVTOOLESB-441
- https://wso2.org/jira/browse/TOOLS-342

- https://wso2.org/jira/browse/TOOLS-3436

Thanks,
DevS Team.

*Kavith Lokuhewage*
Senior Software Engineer
WSO2 Inc. - http://wso2.com
lean . enterprise . middleware
Mobile - +94779145123
Linkedin   Twitter

___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

[Dev] [VOTE] Release WSO2 API Manager 2.0.0 RC5

[Abimaran Kugathasan]

*WSO2 API Manager 2.0.0-RC5 Released*

This is the 5th Release Candidate of the WSO2 API Manager 2.0.0

Source & binary distribution files of API Manager 2.0.0-RC5 :

 Runtime :
*https://github.com/wso2/product-apim/releases/tag/v2.0.0-rc5
*
 Analytics :
*https://github.com/wso2/analytics-apim/releases/tag/v2.0.0-rc5
*

Please download, test the product and vote. Vote will be open for 72 hours
or as needed.
Refer to github readme for guides.

Please vote as follows.
[+] Stable - go ahead and release
[-]  Broken - do not release (please explain why)

-- 
Thanks
Abimaran Kugathasan
Senior Software Engineer - API Technologies

Email : abima...@wso2.com
Mobile : +94 773922820


  
  
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] [GSOC 16] Initial Project Progress

[Osura Rathnayake]

Hi All,

Please read my blog if you have some free time [1] and your suggestions and
comments are most welcome. I have updated it with posts on Azure Membership
Scheme, Centralized logging in Azure and monitoring in Azure.

[1] http://osuran.blogspot.com/

Thank you,

On Wed, Jul 27, 2016 at 9:17 AM, Osura Rathnayake 
wrote:

> Hi All,
>
> Following are the meeting notes of the hangout we had on 25th of July,
> 2016.
>
> *Centralized logging*
>
> Azure Log Analytics provides centralized logging which facilitates the
> users to get logs from a given location in a VM, to a centralized location
> so that they can analyse and query those logs as they need.
> *next task - Documentation in terms of a blog post or webinar
>
> *Auto scaling*
>
> Auto scaling is achieved through scale sets in Azure. Scale set is a set
> of VMs and auto scaling rules that defines auto scale metrics & actions and
> the specification of the VMs.
>
> *Limitations - Azure portal doesn't support addition of auto scale rules,
> it only allows to add a simple scale set with a given number of instances.
> Whereas azure CLI, Powershell and REST API supports full functionality.
>
> I have added the template to the github repo which I used to create the
> auto scale settings which includes the ability to add a custom VM image and
> auto scale rules. When you deploy from this template you should give the
> URI of the VM image. you can edit auto scale rules using CLI, Power shell
> or REST API. Azure Resource Explorer  can be
> used if you choose REST API to modify.
>
> *next tasks - 1) Have to figure out a way to pass application and user
> data such as usernames and passwords of database, to the VM image through
> the template. 2) Documentaion
>
>
> *Load balancing*
>
> Following are some key terms you need to know.
>
> · Backend pool: This is a pool of virtual machines that share the
> traffic
>
> · Probe: The load balancer can probe the health of the various
> server instances. When a probe fails to respond, the load balancer stops
> sending new connections to the unhealthy instances. Existing connections
> are not impacted.
>
> · Availability set: when you have a set of virtual machines for
> the same purpose, azure recommends to add them to an availability set.
>
> We can add load balancing rules such that requests coming from a given URL
>  are shared among the VMs in backend pool. if we configure the load
> balancer with auto scaling, VMs in the scale set can be added to the
> backend pool so if the auto scale rules are met, it can scale in or out.
>
> *next tasks - 1)  research more about Probe and service health checking.
> 2)  documentation 3) How to automate the whole deployment process.
>
> [1] https://github.com/osuran/Azure-templates
>
> Thank you,
>
>
> On Mon, Jul 25, 2016 at 11:46 AM, Osura Rathnayake 
> wrote:
>
>> Hi Isuru,
>>
>> Thank you. That will solve the issue.
>>
>> On Mon, Jul 25, 2016 at 11:44 AM, Isuru Haththotuwa 
>> wrote:
>>
>>> Hi Osura,
>>>
>>> If you need any customizations/configurations done at the VM startup,
>>> you can use /etc/rc.local script to do it. Also, if you define the
>>> JAVA_HOME in a system wide bashrc file at /etc/bash.bashrc it won't get
>>> deleted when the user home is removed.
>>>
>>>
>>> On Mon, Jul 25, 2016 at 11:31 AM, Osura Rathnayake 
>>> wrote:
>>>
 Hi Imesh,

 You can only capture a generalized VM image, so when it's being
 generalized, all of the data in '/home' is erased. Since .bashrc is also in
 '/home/', it's also erased. Only the data that are not
 in '/home' is preserved.

 Okay I will try out these steps.

 Thanks,

 On Mon, Jul 25, 2016 at 10:14 AM, Imesh Gunaratne 
 wrote:

> Hi Osura,
>
> On Sun, Jul 24, 2016 at 6:30 PM, Osura Rathnayake 
> wrote:
>
>> Hi Mentors,
>>
>> I could successfully configure auto scaling with a VM which has a
>> WSO2 application server installed in it. When capturing a VM, it first 
>> get
>> deallocated and then generalized.
>>
>
> ​I'm sorry I did not get this. Can you please elaborate this further?
> ​
>
>
>> So the Java home set in .bashrc is gone in the captured image of the
>> VM. So I had to reset the Java home and also I had to manually start the
>> server after the startup of the VM.
>>
>
> ​​I think you are trying to create a VM image from a running VM
> instance and try to reuse that. Can you please try following:
>
>
>1. Create a VM instance from Ubuntu 14.04 VM image
>2. Extract JDK 1.7 (JAVA_HOME) and the WSO2 server distribution
>(CARBON_HOME) to /opt/ directory.
>3. Write a brash script (init.sh) to start the WSO2 server by
>invoking CARBON_HOME/bin/wso2server.sh
>   

[Dev] GSoC Project: HTTP Load Balancer On Top Of WSO2 Gateway Discussion

[Kasun Indrasiri]

Hi Venkat,

As per the benchmark results, the results that you get for LB seems to be
constrained by the performance of the backend. So, I would like suggest you
to use a backend that performs better.
@Ranwaka : Can you share the backend service that you used for benchmarking
our HTTP transport?

Lets do another iteration with above changes.

As the benchmarking too, please give a try on 'wrk'. We found this to be a
much more light weight and well suited for http load testing.
Sample :

wrk -t2 -d5s -c100 -s sample.lua  "
http://127.0.0.1:9000/services/SimpleStockQuoteService;

sample.lua
---
wrk.method = "POST"
wrk.body   = "payload..."
wrk.headers["Content-Type"] = "text/xml"
wrk.headers["SOAPAction"] = "urn:getQuote"

[1] https://github.com/wg/wrk

On Sun, Jul 24, 2016 at 9:24 PM, Venkat Raman  wrote:

> Hi Isuru,
>
> Please find 9th week's progress.
>
> 1) Customizing MSF4J's performance benchmark scripts for testing our LB.
>
> 2) Did preliminary TPS and Latency bench-marking between Nginx, GW-LB and
> Direct MSF4J BE.  I'm attaching it again for your reference.
>
> 3) Did few improvements on Callback pool's implementation.
>
> Kasun has  scheduled meeting today 10:30 to 11:30 PM IST.  Can we have our
> review tomorrow .?
>
>
>
>
> *Thanks,*
> *Venkat.*
>
> On Sun, Jul 24, 2016 at 4:25 PM, Venkat Raman 
> wrote:
>
>> There Isuru..?
>>
>>
>>
>>
>> *Thanks,*
>> *Venkat.*
>>
>> On Sat, Jul 23, 2016 at 10:17 PM, Venkat Raman 
>> wrote:
>>
>>> Hi Kasun,
>>>
>>> PFA
>>>
>>>
>>>
>>>
>>> *Thanks,*
>>> *Venkat.*
>>>
>>> On Sat, Jul 23, 2016 at 10:08 PM, Venkat Raman 
>>> wrote:
>>>
 Hi Kasun,

 It would be great if meeting is after 9 PM IST.




 *Thanks,*
 *Venkat.*

 On Sat, Jul 23, 2016 at 10:00 PM, Kasun Indrasiri 
 wrote:

> Hi Venkat,
>
> Scheduled a meeting on Monday.
>
> On Sat, Jul 23, 2016 at 5:06 AM, Venkat Raman 
> wrote:
>
>> I missed to mention about test environment.
>>
>> OS Ubuntu 16.04 64 bit - VM
>> 4 GB RAM, 4 Cores
>>
>> Host Machine is Macbook Pro 16GB RAM
>>
>> Also kindly find the attached ApacheBench results too.
>>
>>
>>
>>
>>
>> *Venkat.*
>>
>> On Sat, Jul 23, 2016 at 5:06 PM, Venkat Raman 
>> wrote:
>>
>>> Hi All,
>>>
>>> I've customized perf-benchmark scripts for our LB.  Kindly find it here.
>>>
>>> 
>>>
>>> You can also find Nginx config that I used for this bench-marking
>>> here.
>>> 
>>>
>>> I've also attached preliminary test results.  Kindly have a look at
>>> it.
>>>
>>> @IsuruR - We should have a discussion/code review ASAP.  You can see
>>> that test results are good and promising, but it can be improvised.  
>>> Kindly
>>> note that we have only few weeks left.  I understand that you are very
>>> busy, but kindly do allocate little time for this also Isuru.
>>>
>>> Once we do our code review, with Samiyuru's guidance I'll do memory
>>> test also. If you are free we can do it today or tomorrow.
>>>
>>> @Kasun - If you are free we can have demo today / tomorrow.
>>>
>>>
>>> Will be looking forward to hear from you.
>>>
>>>
>>>
>>> *Thanks,*
>>> *Venkat.*
>>>
>>> On Thu, Jul 21, 2016 at 11:13 AM, Venkat Raman >> > wrote:
>>>
 Hi IsuruP and Samiyuru,

 Good morning.  Kindly find the project here.
 

 I also gave a demo to IsuruR and he is happy with the features
 implemented so far.

 Now we are in performance testing phase.  We need to do performance
 bench-marking similar to that of MSF4J.  For the project scope we have
 planned to compare with Nginx.

 Yesterday I tested Nginx and our LB with 1,000,000 requests and
 10,000 concurrency.  Performance was close.  Test was done with apache
 benchmark on Ubuntu 64 bit VM with 8 GB RAM and 3 CPU cores. I used 
 VMware
 Fusion as Hypervisor. Host machine is MacBook pro 16GB.

 I also tried MSF4J bench-marking scripts.  We need to do a similar
 comparison between Nginx and our LB.  It would be great if you could 
 help
 and guide me through it.

 Looking forward to hear from you.



 *Thanks,*
 *Venkat.*

 On Thu, Jul 21, 2016 at 9:43 AM, Venkat Raman 

Re: [Dev] [C5] [CAAS] On Authentication: Invoking loginContext.login() returns LoginException of CNF for UsernamePasswordLoginModule

[Rasika Perera]

Hi Jayanga and All,

There can be multiple connectors available for the CAAS at the run time but
> it should only wait for the connectors that are specified in the
> store-config.yml. Currently there is no feature in the startup resolver to
> specifically wait until the dynamically given component is up. This feature
> will be added into the startup resolver in future. Until that, we will add
> startup resolver to wait until all of the required components to be active
> and it will give a proper warning if there are missing components.

​+1, It would make it easier to figure out what went wrong.

There are two ways to specify connectors related to the carbon
security. One method is to specify all of the
> connector details in the main store-config.yml [1] and the other way is to 
> specify them in a separate configuration
> file for each connector. Reason for using a single configuration file for 
> each connector is that there can be multiple
> connectors from the same type and there are future requirements where there 
> can be configurations that are specific
> to each connector. this will make using a single file little bit messy. 
> Connectors are extensions for the CAAS and
> having the configuration file with the extension will make it is to pack with.

 Thanks for the clarification. Would that mean foo-connector.yml will
define the connector type configuration and store-config.yml will
be referred foo-connector for different store-connector instances ? Or
are we repeating same configuration on both files?

What carbon-security-user-store-jdbc version are you using ? Please use the
> configurations that are used in the latest version.

I am using following versions
carbon.security.caas.version: 1.0.0-m2
​ ​and c
arbon.security.userstore.jdbc.version: 1.0.0-m2
​. ​
And jdbc-connector.yml contains this
​(just uncommented defaults)​
;

name: "jdbc-store-connector"
dataSource: "jdbc/WSO2CARBON_DB"

We are trying to implement basic authentication on UUF using CAAS.
This is a major blocker for us since we are on a tight schedule. Thus,
your
assistance is greatly appreciated.

Thanks,
Rasika


On Wed, Jul 27, 2016 at 6:11 PM, Jayanga Kaushalya 
wrote:

> [Adding Sameera, Darshana]
>
> On Wed, Jul 27, 2016 at 3:58 PM, Rasika Perera  wrote:
>
>> [Adding Niranjan, Sumedha, Manu]
>> ​
>> Hi Jayanga,
>>
>> When the user-store connector[1] feature is added carbon-security
>> component is activated. It is true that Carbon-Security component will not
>> up until it satisfy all connectors dependencies. But IMO we need to provide
>> intuitive error message when at least one connector is not provided
>> (definitely bundlecontext is null is not the correct error message).
>> Implementation should demand it, rather than docs. And if you need all
>> connectors to up before your Carbon-Security-Component; try
>> Startup-Order-Resolver which is used in MSF4J (There's a blog[2] on this by
>> Sameera).
>>
>
> There can be multiple connectors available for the CAAS at the run time
> but it should only wait for the connectors that are specified in the
> store-config.yml. Currently there is no feature in the startup resolver to
> specifically wait until the dynamically given component is up. This feature
> will be added into the startup resolver in future. Until that, we will add
> startup resolver to wait until all of the required components to be active
> and it will give a proper warning if there are missing components.
>
>>
>> When turning on default configuration on "jdbc-connector.yml". Now I am
>> getting this error;
>>
>> [2016-07-27 15:47:01,178] ERROR
>> {org.wso2.carbon.security.caas.internal.CarbonSecurityComponent} - Cannot
>> create property=dataSource for
>> JavaBean=org.wso2.carbon.security.caas.internal.config.StoreConnectorConfigEntry@12a09b44
>>  in 'reader', line 16, column 1:
>> name: "jdbc-store-connector"
>> ^
>> Unable to find property 'dataSource' on class:
>> org.wso2.carbon.security.caas.internal.config.StoreConnectorConfigEntry
>>  in 'reader', line 17, column 13:
>> dataSource: "jdbc/WSO2CARBON_DB"
>> ^
>> Cannot create property=dataSource for
>> JavaBean=org.wso2.carbon.security.caas.internal.config.StoreConnectorConfigEntry@12a09b44
>>  in 'reader', line 16, column 1:
>> name: "jdbc-store-connector"
>> ^
>> Unable to find property 'dataSource' on class:
>> org.wso2.carbon.security.caas.internal.config.StoreConnectorConfigEntry
>>  in 'reader', line 17, column 13:
>> dataSource: "jdbc/WSO2CARBON_DB"
>>
>> Seems like configuration elements are not matched with the mapped object.
>> What should be the correct configuration and any docs?i
>>
>
> What carbon-security-user-store-jdbc version are you using ? Please use
> the configurations that are used in the latest version.
>
>>
>> When debugging this issue I also came across that carbon-security is
>> owning configuration files space of "*-connector.yml" in [3]. Why do we

[Dev] Fails to read shared IdP from the configuration file

[Gayan Yalpathwala]

Hi,

I have the following IdP configuration with the prefix "SHARED_" added to
the IdentityProviderName as per the doc in [1]. This fails with a complain
that no claim mappings are returned from the DB under the same IDP_ID. Is
this a valid check to be done or can this be called a bug?


SHARED_Corporate
Corporate

https://localhost:9444/oauth2/token

true





SAMLSSOAuthenticator
samlsso
true


IdpEntityId
url


IsLogoutEnabled
false


SPEntityId
id


SSOUrl
url


isAssertionSigned
true


commonAuthQueryParams



IsUserIdInClaims
true


IsLogoutReqSigned
false


IsAssertionEncrypted
false


IsAuthReqSigned
false


IsAuthnRespSigned
false


LogoutReqUrl
false





SAMLSSOAuthenticator




   false
   
  
 
http://wso2.org/claims/emailaddress
 
 

http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
 
  
  
 
http://wso2.org/claims/role
 
 

http://schemas.xmlsoap.org/ws/2005/05/identity/claims/role
 
  
  
 
http://wso2.org/claims/givenname
 
 

http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname
 
  
  
 
http://wso2.org/claims/lastname
 
 

http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname
 
  
  
 
http://wso2.org/claims/uid
 
 

http://schemas.xmlsoap.org/ws/2005/05/identity/claims/uid
 
  
   






[2016-07-27 16:58:13,624] ERROR
{org.wso2.carbon.idp.mgt.internal.IdPManagementServiceComponent} -  Error
while loading idp from file system.
org.wso2.carbon.idp.mgt.IdentityProviderManagementException: No Identity
Provider claim URIs defined for tenant -1234
at
org.wso2.carbon.idp.mgt.dao.IdPManagementDAO.addIdPClaimMappings(IdPManagementDAO.java:2121)
at
org.wso2.carbon.idp.mgt.dao.IdPManagementDAO.addIdP(IdPManagementDAO.java:1562)
at
org.wso2.carbon.idp.mgt.dao.CacheBackedIdPMgtDAO.addIdP(CacheBackedIdPMgtDAO.java:238)
at
org.wso2.carbon.idp.mgt.IdentityProviderManager.addIdP(IdentityProviderManager.java:1190)
at
org.wso2.carbon.idp.mgt.internal.IdPManagementServiceComponent.buildFileBasedIdPList(IdPManagementServiceComponent.java:211)
at
org.wso2.carbon.idp.mgt.internal.IdPManagementServiceComponent.activate(IdPManagementServiceComponent.java:167)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:483)
at
org.eclipse.equinox.internal.ds.model.ServiceComponent.activate(ServiceComponent.java:260)
at
org.eclipse.equinox.internal.ds.model.ServiceComponentProp.activate(ServiceComponentProp.java:146)
at
org.eclipse.equinox.internal.ds.model.ServiceComponentProp.build(ServiceComponentProp.java:345)
at
org.eclipse.equinox.internal.ds.InstanceProcess.buildComponent(InstanceProcess.java:620)
at
org.eclipse.equinox.internal.ds.InstanceProcess.buildComponents(InstanceProcess.java:197)
at org.eclipse.equinox.internal.ds.Resolver.getEligible(Resolver.java:343)
at
org.eclipse.equinox.internal.ds.SCRManager.serviceChanged(SCRManager.java:222)
at
org.eclipse.osgi.internal.serviceregistry.FilteredServiceListener.serviceChanged(FilteredServiceListener.java:107)


[1]
https://docs.wso2.com/display/IS510/Configuring+a+SP+and+IdP+Using+Configuration+Files

-- 
*Gayan Kaushalya Yalpathwala*
Software Engineer
WSO2 Inc.; http://wso2.com
lean.enterprise.middleware

LK: +94 71 868 2704
UK: +44 747 844 3609


___
Dev mailing list

Re: [Dev] Misleading Aggregate Mediator Description

[Praneesha Chandrasiri]

Thanks Isuru!

On Wed, Jul 27, 2016 at 8:47 PM, Isuru Udana  wrote:

> Hi Praneesha,
>
> I will get back soon.
>
>
> On Wed, Jul 27, 2016 at 8:15 PM, Praneesha Chandrasiri  > wrote:
>
>> hi Isuru,
>>
>> A kind reminder on this, in case you missed this email.
>>
>>
>> On Thu, Jul 21, 2016 at 5:05 PM, Praneesha Chandrasiri <
>> pranee...@wso2.com> wrote:
>>
>>> hi Isuru,
>>>
>>> This is a kind reminder on the above.
>>>
>>> On Tue, Jul 12, 2016 at 6:30 PM, Praneesha Chandrasiri <
>>> pranee...@wso2.com> wrote:
>>>
 hi Isuru,

 Could you please review the above description given by Rajeevan, so
 that I can work on [1] to add it to ESB docs.

 [1] https://wso2.org/jira/browse/DOCUMENTATION-3539

 On Wed, Jun 29, 2016 at 7:46 AM, Vimalanathan Rajeevan <
 rajeev...@wso2.com> wrote:

> Thanks Isuru for your response.
>
> What about the description below?
>
> The *Aggregate mediator* implements the Aggregator enterprise
> integration pattern
> 
> and aggregates the *response messages* for messages that were split
> by the Clone  or
> Iterate 
> mediator.
>
> Does this explain the full functionality of Aggregate mediator?
> Appreciate your response on this.
>
> Thanks,
> Rajeevan
>
> On Tue, Jun 28, 2016 at 1:48 AM, Isuru Udana  wrote:
>
>> Hi Rajeevan,
>>
>> On Tue, Jun 28, 2016 at 10:11 AM, Vimalanathan Rajeevan <
>> rajeev...@wso2.com> wrote:
>>
>>> Hi,
>>>
>>> The description[1] is as below,
>>>
>>> The *Aggregate mediator* implements the Aggregator enterprise
>>> integration pattern
>>> 
>>> and aggregates the *response messages* for messages that were split
>>> by the Clone 
>>> or Iterate 
>>> mediator and sent using the Send
>>>  mediator.
>>>
>>> Doesn't above paragraph mean that Aggregate mediator will aggregate
>>> messages and send that using a Send mediator even if we don't explicitly
>>> call Send mediator?
>>> Also as I believe there are some places we don't even use a Send
>>> mediator when there is an Aggregate mediator.
>>> Appreciate your thoughts on this.
>>>
>> Thanks for pointing this, It seems above statement is confusing. And
>> as you mentioned there are situations where we are not using the send
>> mediator.
>>
>> We need a better description which explains the behaviour.
>>
>>
>>> [1] https://docs.wso2.com/display/ESB490/Aggregate+Mediator
>>>
>>> Thanks,
>>> Rajeevan
>>> --
>>> Vimalanathan Rajeevan
>>> Software Engineer,
>>> WSO2, Inc. *http://wso2.com* 
>>> Lean.Enterprise.Middleware
>>>
>>> Mobile:
>>> *+94 773090875 <%2B94%20773090875>*
>>> LinkedIn:
>>> *https://www.linkedin.com/in/RajeevanVimalanathan
>>> *
>>>
>>
>>
>>
>> --
>> *Isuru Udana*
>> Technical Lead
>> WSO2 Inc.; http://wso2.com
>> email: isu...@wso2.com cell: +94 77 3791887
>> blog: http://mytecheye.blogspot.com/
>>
>
>
>
> --
> Vimalanathan Rajeevan
> Software Engineer,
> WSO2, Inc. *http://wso2.com* 
> Lean.Enterprise.Middleware
>
> Mobile:
> *+94 773090875 <%2B94%20773090875>*
> LinkedIn:
> *https://www.linkedin.com/in/RajeevanVimalanathan
> *
>
> ___
> Dev mailing list
> Dev@wso2.org
> http://wso2.org/cgi-bin/mailman/listinfo/dev
>
>


 --
 Thanks & Best Regards,
 *Praneesha Chandrasiri*
 *Technical Writer*
 *WSO2 Inc. *
 *Mobile: +(94) 718156888 <%2B%2894%29%20718156888>*
 *E-mail: pranee...@wso2.com *


>>>
>>>
>>> --
>>> Thanks & Best Regards,
>>> *Praneesha Chandrasiri*
>>> *Technical Writer*
>>> *WSO2 Inc. *
>>> *Mobile: +(94) 718156888 <%2B%2894%29%20718156888>*
>>> *E-mail: pranee...@wso2.com *
>>> 
>>>
>>>
>>
>>
>> --
>> Thanks & Best Regards,
>> *Praneesha Chandrasiri*
>> *Technical Writer*
>> *WSO2 Inc. *
>> *Mobile: +(94) 718156888 <%2B%2894%29%20718156888>*
>> *E-mail: pranee...@wso2.com *
>> 
>>
>>
>
>
> --
> *Isuru Udana*
> Technical Lead
> WSO2 Inc.; http://wso2.com
> email: isu...@wso2.com cell: 

Re: [Dev] Misleading Aggregate Mediator Description

[Isuru Udana]

Hi Praneesha,

I will get back soon.


On Wed, Jul 27, 2016 at 8:15 PM, Praneesha Chandrasiri 
wrote:

> hi Isuru,
>
> A kind reminder on this, in case you missed this email.
>
>
> On Thu, Jul 21, 2016 at 5:05 PM, Praneesha Chandrasiri  > wrote:
>
>> hi Isuru,
>>
>> This is a kind reminder on the above.
>>
>> On Tue, Jul 12, 2016 at 6:30 PM, Praneesha Chandrasiri <
>> pranee...@wso2.com> wrote:
>>
>>> hi Isuru,
>>>
>>> Could you please review the above description given by Rajeevan, so that
>>> I can work on [1] to add it to ESB docs.
>>>
>>> [1] https://wso2.org/jira/browse/DOCUMENTATION-3539
>>>
>>> On Wed, Jun 29, 2016 at 7:46 AM, Vimalanathan Rajeevan <
>>> rajeev...@wso2.com> wrote:
>>>
 Thanks Isuru for your response.

 What about the description below?

 The *Aggregate mediator* implements the Aggregator enterprise
 integration pattern
  and
 aggregates the *response messages* for messages that were split by the
 Clone  or Iterate
  mediator.

 Does this explain the full functionality of Aggregate mediator?
 Appreciate your response on this.

 Thanks,
 Rajeevan

 On Tue, Jun 28, 2016 at 1:48 AM, Isuru Udana  wrote:

> Hi Rajeevan,
>
> On Tue, Jun 28, 2016 at 10:11 AM, Vimalanathan Rajeevan <
> rajeev...@wso2.com> wrote:
>
>> Hi,
>>
>> The description[1] is as below,
>>
>> The *Aggregate mediator* implements the Aggregator enterprise
>> integration pattern
>> 
>> and aggregates the *response messages* for messages that were split
>> by the Clone 
>> or Iterate 
>> mediator and sent using the Send
>>  mediator.
>>
>> Doesn't above paragraph mean that Aggregate mediator will aggregate
>> messages and send that using a Send mediator even if we don't explicitly
>> call Send mediator?
>> Also as I believe there are some places we don't even use a Send
>> mediator when there is an Aggregate mediator.
>> Appreciate your thoughts on this.
>>
> Thanks for pointing this, It seems above statement is confusing. And
> as you mentioned there are situations where we are not using the send
> mediator.
>
> We need a better description which explains the behaviour.
>
>
>> [1] https://docs.wso2.com/display/ESB490/Aggregate+Mediator
>>
>> Thanks,
>> Rajeevan
>> --
>> Vimalanathan Rajeevan
>> Software Engineer,
>> WSO2, Inc. *http://wso2.com* 
>> Lean.Enterprise.Middleware
>>
>> Mobile:
>> *+94 773090875 <%2B94%20773090875>*
>> LinkedIn:
>> *https://www.linkedin.com/in/RajeevanVimalanathan
>> *
>>
>
>
>
> --
> *Isuru Udana*
> Technical Lead
> WSO2 Inc.; http://wso2.com
> email: isu...@wso2.com cell: +94 77 3791887
> blog: http://mytecheye.blogspot.com/
>



 --
 Vimalanathan Rajeevan
 Software Engineer,
 WSO2, Inc. *http://wso2.com* 
 Lean.Enterprise.Middleware

 Mobile:
 *+94 773090875 <%2B94%20773090875>*
 LinkedIn:
 *https://www.linkedin.com/in/RajeevanVimalanathan
 *

 ___
 Dev mailing list
 Dev@wso2.org
 http://wso2.org/cgi-bin/mailman/listinfo/dev


>>>
>>>
>>> --
>>> Thanks & Best Regards,
>>> *Praneesha Chandrasiri*
>>> *Technical Writer*
>>> *WSO2 Inc. *
>>> *Mobile: +(94) 718156888 <%2B%2894%29%20718156888>*
>>> *E-mail: pranee...@wso2.com *
>>>
>>>
>>
>>
>> --
>> Thanks & Best Regards,
>> *Praneesha Chandrasiri*
>> *Technical Writer*
>> *WSO2 Inc. *
>> *Mobile: +(94) 718156888 <%2B%2894%29%20718156888>*
>> *E-mail: pranee...@wso2.com *
>> 
>>
>>
>
>
> --
> Thanks & Best Regards,
> *Praneesha Chandrasiri*
> *Technical Writer*
> *WSO2 Inc. *
> *Mobile: +(94) 718156888 <%2B%2894%29%20718156888>*
> *E-mail: pranee...@wso2.com *
> 
>
>


-- 
*Isuru Udana*
Technical Lead
WSO2 Inc.; http://wso2.com
email: isu...@wso2.com cell: +94 77 3791887
blog: http://mytecheye.blogspot.com/
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] Misleading Aggregate Mediator Description

[Praneesha Chandrasiri]

hi Isuru,

A kind reminder on this, in case you missed this email.


On Thu, Jul 21, 2016 at 5:05 PM, Praneesha Chandrasiri 
wrote:

> hi Isuru,
>
> This is a kind reminder on the above.
>
> On Tue, Jul 12, 2016 at 6:30 PM, Praneesha Chandrasiri  > wrote:
>
>> hi Isuru,
>>
>> Could you please review the above description given by Rajeevan, so that
>> I can work on [1] to add it to ESB docs.
>>
>> [1] https://wso2.org/jira/browse/DOCUMENTATION-3539
>>
>> On Wed, Jun 29, 2016 at 7:46 AM, Vimalanathan Rajeevan <
>> rajeev...@wso2.com> wrote:
>>
>>> Thanks Isuru for your response.
>>>
>>> What about the description below?
>>>
>>> The *Aggregate mediator* implements the Aggregator enterprise
>>> integration pattern
>>>  and
>>> aggregates the *response messages* for messages that were split by the
>>> Clone  or Iterate
>>>  mediator.
>>>
>>> Does this explain the full functionality of Aggregate mediator?
>>> Appreciate your response on this.
>>>
>>> Thanks,
>>> Rajeevan
>>>
>>> On Tue, Jun 28, 2016 at 1:48 AM, Isuru Udana  wrote:
>>>
 Hi Rajeevan,

 On Tue, Jun 28, 2016 at 10:11 AM, Vimalanathan Rajeevan <
 rajeev...@wso2.com> wrote:

> Hi,
>
> The description[1] is as below,
>
> The *Aggregate mediator* implements the Aggregator enterprise
> integration pattern
> 
> and aggregates the *response messages* for messages that were split
> by the Clone  or
> Iterate 
> mediator and sent using the Send
>  mediator.
>
> Doesn't above paragraph mean that Aggregate mediator will aggregate
> messages and send that using a Send mediator even if we don't explicitly
> call Send mediator?
> Also as I believe there are some places we don't even use a Send
> mediator when there is an Aggregate mediator.
> Appreciate your thoughts on this.
>
 Thanks for pointing this, It seems above statement is confusing. And as
 you mentioned there are situations where we are not using the send 
 mediator.

 We need a better description which explains the behaviour.


> [1] https://docs.wso2.com/display/ESB490/Aggregate+Mediator
>
> Thanks,
> Rajeevan
> --
> Vimalanathan Rajeevan
> Software Engineer,
> WSO2, Inc. *http://wso2.com* 
> Lean.Enterprise.Middleware
>
> Mobile:
> *+94 773090875 <%2B94%20773090875>*
> LinkedIn:
> *https://www.linkedin.com/in/RajeevanVimalanathan
> *
>



 --
 *Isuru Udana*
 Technical Lead
 WSO2 Inc.; http://wso2.com
 email: isu...@wso2.com cell: +94 77 3791887
 blog: http://mytecheye.blogspot.com/

>>>
>>>
>>>
>>> --
>>> Vimalanathan Rajeevan
>>> Software Engineer,
>>> WSO2, Inc. *http://wso2.com* 
>>> Lean.Enterprise.Middleware
>>>
>>> Mobile:
>>> *+94 773090875 <%2B94%20773090875>*
>>> LinkedIn:
>>> *https://www.linkedin.com/in/RajeevanVimalanathan
>>> *
>>>
>>> ___
>>> Dev mailing list
>>> Dev@wso2.org
>>> http://wso2.org/cgi-bin/mailman/listinfo/dev
>>>
>>>
>>
>>
>> --
>> Thanks & Best Regards,
>> *Praneesha Chandrasiri*
>> *Technical Writer*
>> *WSO2 Inc. *
>> *Mobile: +(94) 718156888 <%2B%2894%29%20718156888>*
>> *E-mail: pranee...@wso2.com *
>>
>>
>
>
> --
> Thanks & Best Regards,
> *Praneesha Chandrasiri*
> *Technical Writer*
> *WSO2 Inc. *
> *Mobile: +(94) 718156888 <%2B%2894%29%20718156888>*
> *E-mail: pranee...@wso2.com *
> 
>
>


-- 
Thanks & Best Regards,
*Praneesha Chandrasiri*
*Technical Writer*
*WSO2 Inc. *
*Mobile: +(94) 718156888*
*E-mail: pranee...@wso2.com *

___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] [APIM200] [Cluster] PKIX path building failed :Exception throwing on all nodes of apim cluster

[Nuwan Dias]

No changes have been made to those. And it seems I was mistaken regarding
the config. I got to know from Harsha that is actually the Key Manager URL
we use in this instance.

Like I said, this error is quite common. If you google it you will find
multiple instances of it and the reason always is the cert not being
available in the trust store.

Our guess is that you are using two certs. One for nginx and one for
carbon. You may have put the cert of the carbon servers in the trust store
but may not have put the nginx cert into your trust store. You need to
validate the certs in the trust store and ensure all required certs are in
there.

Thanks,
NuwanD.

On Wed, Jul 27, 2016 at 7:40 PM, Kavitha Subramaniyam 
wrote:

> Hi Nuwan,
> With the earlier packs we used the default values for the 
> config in api-manager.xml and we didn't encounter this issue.
> Have there been any changes they might have made this configuration
> relevant to RC4 ? As of now we are using the default values. Do we have to
> update it?
>
> Thanks,
>
> On Wed, Jul 27, 2016 at 7:21 PM, Kavitha Subramaniyam 
> wrote:
>
>> Hi
>> Nuwan, I have checked the  config in api-mgt.xml and it
>> is a default config for all nodes. I don't understand why this is looking
>> for server certificate though I have added cert it self to relevant
>> node(publisher cert added to publisher's key store too).
>>
>> @Amila, I have done setting BlockCondition element to false to other
>> nodes and, now I can't see the above error in both Publisher & Store nodes.
>> But anyway it is a need to fix this issue on GW nodes. I'm attaching conf
>> and key store/certs of one of GW node here with. Please have a look..
>>
>>
>> Thanks,
>> Kavitha
>>
>>
>> On Wed, Jul 27, 2016 at 4:38 PM, Amila De Silva  wrote:
>>
>>> Hi Kavitha,
>>>
>>> KeyTemplate Retriever only needs to run on GW nodes. You can disable
>>> this on other nodes by setting BlockCondition element to false.
>>> For retrieving KeyTemplates, the retriever uses url of the KM to call
>>> the endpoint. One reason for this error occurring could be not having Certs
>>> of the Nginx in the client-truststore.
>>> Can you also share the Key Stores/Certs and the configurations?
>>>
>>>
>>>
>>>
>>>
>>>
>>> On Wed, Jul 27, 2016 at 4:06 PM, Kavitha Subramaniyam 
>>> wrote:
>>>
 Hi apim team,

 I'm getting a certification issue [1]in cluster nodes (every nodes:
 publisher, store, gateway) which configured with APIM2.0.0RC4 pack. I have
 imported all relevant certs to keystore properly as per below steps:
 - Created certs in nginx and copied to /etc/nginx/ssl
 - Updated relevant conf in /etc/nginx/conf.d
 - Copied those certs in to each node respectively
 /repository/resources/security
 - Imported certs to client-truststore.jks using below command

 keytool -import -alias apimpublisher -file apimpublisher.crt -keystore
 client-truststore.jks


 Cluster details: clustered following the doc [2]
 1 Publisher, 2 Store, 2 gateway workers and 2 IS keymanager nodes
 fronted by nginx


 Further I tried this also: added certificate for apim to the keystore
 of used java as below and checked it; *but the issue is still there*.
 keytool -export -alias wso2carbon -keystore
 /repository/resources/security/wso2carbon.jks -storepass
 wso2carbon -file mycert.pem
 keytool -import -trustcacerts -file mycert.pem -alias wso2carbon
 -keystore $JAVA_HOME/jre/lib/security/cacerts


 Observed below Warn and Error on server startup. Please see the
 attached log from publisher node (server startup with 
 -Djavax.net.debug=all)

 Could you please have a look into this and give your feedback?

 [1]

 TID: [-1] [] [2016-07-27 10:14:50,813]  WARN
 {org.wso2.carbon.apimgt.gateway.throttling.util.KeyTemplateRetriever} -
  Failed retrieving throttling data from remote endpoint:
 sun.security.validator.ValidatorException: PKIX path building failed:
 sun.security.provider.certpath.SunCertPathBuilderException: unable to find
 valid certification path to requested target. Retrying after 15 seconds...
 {org.wso2.carbon.apimgt.gateway.throttling.util.KeyTemplateRetriever}
 TID: [-1] [] [2016-07-27 10:15:05,854] ERROR
 {org.wso2.carbon.apimgt.gateway.throttling.util.KeyTemplateRetriever} -
  Exception when retrieving throttling data from remote endpoint
  {org.wso2.carbon.apimgt.gateway.throttling.util.KeyTemplateRetriever}
 javax.net.ssl.SSLHandshakeException:
 sun.security.validator.ValidatorException: PKIX path building failed:
 sun.security.provider.certpath.SunCertPathBuilderException: unable to find
 valid certification path to requested target
 at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
 at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1949)
 

Re: [Dev] [APIM200] [Cluster] PKIX path building failed :Exception throwing on all nodes of apim cluster

[Kavitha Subramaniyam]

Hi Nuwan,
With the earlier packs we used the default values for the 
config in api-manager.xml and we didn't encounter this issue.
Have there been any changes they might have made this configuration
relevant to RC4 ? As of now we are using the default values. Do we have to
update it?

Thanks,

On Wed, Jul 27, 2016 at 7:21 PM, Kavitha Subramaniyam 
wrote:

> Hi
> Nuwan, I have checked the  config in api-mgt.xml and it
> is a default config for all nodes. I don't understand why this is looking
> for server certificate though I have added cert it self to relevant
> node(publisher cert added to publisher's key store too).
>
> @Amila, I have done setting BlockCondition element to false to other
> nodes and, now I can't see the above error in both Publisher & Store nodes.
> But anyway it is a need to fix this issue on GW nodes. I'm attaching conf
> and key store/certs of one of GW node here with. Please have a look..
>
>
> Thanks,
> Kavitha
>
>
> On Wed, Jul 27, 2016 at 4:38 PM, Amila De Silva  wrote:
>
>> Hi Kavitha,
>>
>> KeyTemplate Retriever only needs to run on GW nodes. You can disable this
>> on other nodes by setting BlockCondition element to false.
>> For retrieving KeyTemplates, the retriever uses url of the KM to call the
>> endpoint. One reason for this error occurring could be not having Certs of
>> the Nginx in the client-truststore.
>> Can you also share the Key Stores/Certs and the configurations?
>>
>>
>>
>>
>>
>>
>> On Wed, Jul 27, 2016 at 4:06 PM, Kavitha Subramaniyam 
>> wrote:
>>
>>> Hi apim team,
>>>
>>> I'm getting a certification issue [1]in cluster nodes (every nodes:
>>> publisher, store, gateway) which configured with APIM2.0.0RC4 pack. I have
>>> imported all relevant certs to keystore properly as per below steps:
>>> - Created certs in nginx and copied to /etc/nginx/ssl
>>> - Updated relevant conf in /etc/nginx/conf.d
>>> - Copied those certs in to each node respectively
>>> /repository/resources/security
>>> - Imported certs to client-truststore.jks using below command
>>>
>>> keytool -import -alias apimpublisher -file apimpublisher.crt -keystore
>>> client-truststore.jks
>>>
>>>
>>> Cluster details: clustered following the doc [2]
>>> 1 Publisher, 2 Store, 2 gateway workers and 2 IS keymanager nodes
>>> fronted by nginx
>>>
>>>
>>> Further I tried this also: added certificate for apim to the keystore of
>>> used java as below and checked it; *but the issue is still there*.
>>> keytool -export -alias wso2carbon -keystore
>>> /repository/resources/security/wso2carbon.jks -storepass
>>> wso2carbon -file mycert.pem
>>> keytool -import -trustcacerts -file mycert.pem -alias wso2carbon
>>> -keystore $JAVA_HOME/jre/lib/security/cacerts
>>>
>>>
>>> Observed below Warn and Error on server startup. Please see the attached
>>> log from publisher node (server startup with -Djavax.net.debug=all)
>>>
>>> Could you please have a look into this and give your feedback?
>>>
>>> [1]
>>>
>>> TID: [-1] [] [2016-07-27 10:14:50,813]  WARN
>>> {org.wso2.carbon.apimgt.gateway.throttling.util.KeyTemplateRetriever} -
>>>  Failed retrieving throttling data from remote endpoint:
>>> sun.security.validator.ValidatorException: PKIX path building failed:
>>> sun.security.provider.certpath.SunCertPathBuilderException: unable to find
>>> valid certification path to requested target. Retrying after 15 seconds...
>>> {org.wso2.carbon.apimgt.gateway.throttling.util.KeyTemplateRetriever}
>>> TID: [-1] [] [2016-07-27 10:15:05,854] ERROR
>>> {org.wso2.carbon.apimgt.gateway.throttling.util.KeyTemplateRetriever} -
>>>  Exception when retrieving throttling data from remote endpoint
>>>  {org.wso2.carbon.apimgt.gateway.throttling.util.KeyTemplateRetriever}
>>> javax.net.ssl.SSLHandshakeException:
>>> sun.security.validator.ValidatorException: PKIX path building failed:
>>> sun.security.provider.certpath.SunCertPathBuilderException: unable to find
>>> valid certification path to requested target
>>> at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
>>> at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1949)
>>> at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:302)
>>> at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:296)
>>> at
>>> sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1509)
>>> at
>>> sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:216)
>>> at sun.security.ssl.Handshaker.processLoop(Handshaker.java:979)
>>> at sun.security.ssl.Handshaker.process_record(Handshaker.java:914)
>>> at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1062)
>>> at
>>> sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1375)
>>> at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1403)
>>> at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1387)
>>> at
>>> org.apache.http.conn.ssl.SSLSocketFactory.connectSocket(SSLSocketFactory.java:533)
>>> 

Re: [Dev] [C5] [CAAS] On Authentication: Invoking loginContext.login() returns LoginException of CNF for UsernamePasswordLoginModule

[Jayanga Kaushalya]

[Adding Sameera, Darshana]

On Wed, Jul 27, 2016 at 3:58 PM, Rasika Perera  wrote:

> [Adding Niranjan, Sumedha, Manu]
> ​
> Hi Jayanga,
>
> When the user-store connector[1] feature is added carbon-security
> component is activated. It is true that Carbon-Security component will not
> up until it satisfy all connectors dependencies. But IMO we need to provide
> intuitive error message when at least one connector is not provided
> (definitely bundlecontext is null is not the correct error message).
> Implementation should demand it, rather than docs. And if you need all
> connectors to up before your Carbon-Security-Component; try
> Startup-Order-Resolver which is used in MSF4J (There's a blog[2] on this by
> Sameera).
>

There can be multiple connectors available for the CAAS at the run time but
it should only wait for the connectors that are specified in the
store-config.yml. Currently there is no feature in the startup resolver to
specifically wait until the dynamically given component is up. This feature
will be added into the startup resolver in future. Until that, we will add
startup resolver to wait until all of the required components to be active
and it will give a proper warning if there are missing components.

>
> When turning on default configuration on "jdbc-connector.yml". Now I am
> getting this error;
>
> [2016-07-27 15:47:01,178] ERROR
> {org.wso2.carbon.security.caas.internal.CarbonSecurityComponent} - Cannot
> create property=dataSource for
> JavaBean=org.wso2.carbon.security.caas.internal.config.StoreConnectorConfigEntry@12a09b44
>  in 'reader', line 16, column 1:
> name: "jdbc-store-connector"
> ^
> Unable to find property 'dataSource' on class:
> org.wso2.carbon.security.caas.internal.config.StoreConnectorConfigEntry
>  in 'reader', line 17, column 13:
> dataSource: "jdbc/WSO2CARBON_DB"
> ^
> Cannot create property=dataSource for
> JavaBean=org.wso2.carbon.security.caas.internal.config.StoreConnectorConfigEntry@12a09b44
>  in 'reader', line 16, column 1:
> name: "jdbc-store-connector"
> ^
> Unable to find property 'dataSource' on class:
> org.wso2.carbon.security.caas.internal.config.StoreConnectorConfigEntry
>  in 'reader', line 17, column 13:
> dataSource: "jdbc/WSO2CARBON_DB"
>
> Seems like configuration elements are not matched with the mapped object.
> What should be the correct configuration and any docs?i
>

What carbon-security-user-store-jdbc version are you using ? Please use the
configurations that are used in the latest version.

>
> When debugging this issue I also came across that carbon-security is
> owning configuration files space of "*-connector.yml" in [3]. Why do we
> need to introduce a new config file for each connector? Can't we use
> "connectors.yml" which will contains all connector configurations?
>

There are two ways to specify connectors related to the carbon security.
One method is to specify all of the connector details in the main
store-config.yml [1] and the other way is to specify them in a separate
configuration file for each connector. Reason for using a single
configuration file for each connector is that there can be multiple
connectors from the same type and there are future requirements where there
can be configurations that are specific to each connector. this will make
using a single file little bit messy. Connectors are extensions for the
CAAS and having the configuration file with the extension will make it is
to pack with.

>
> Thanks,
> Rasika
>
> [1] https://github.com/wso2-extensions/carbon-security-user-store-jdbc
> [2]
> https://medium.com/@sameera.jayasoma/resolving-startup-order-of-carbon-components-in-wso2-carbon-5-0-0-497fe3287e67#.uvmrvsl28​
> [3]
> https://github.com/wso2/carbon-security/blob/master/components/org.wso2.carbon.security.caas/src/main/java/org/wso2/carbon/security/caas/internal/config/StoreConfigBuilder.java#L286
>
> [1]
https://github.com/wso2/carbon-security/blob/v1.0.0-m2/feature/resources/conf/store-config.yml


Thanks!

>
> On Wed, Jul 27, 2016 at 12:48 PM, Jayanga Kaushalya 
> wrote:
>
>> Hi Rasika,
>>
>> Is there any active connectors available for user stores? There should be
>> at least a single connector present for each store to activate the carbon
>> security successfully.
>>
>> Thanks!
>>
>> *Jayanga Kaushalya*
>> Software Engineer
>> Mobile: +94777860160
>> WSO2 Inc. | http://wso2.com
>> lean.enterprise.middleware
>>
>> On Tue, Jul 26, 2016 at 11:04 PM, Rasika Perera  wrote:
>>
>>> Hi Thanuja,
>>>
>>> This issue got resolved by updating version into 1.0.0-m2. Now I am
>>> getting BundleContext is null exception.
>>>
>>> java.lang.IllegalStateException: BundleContext is null.
 at
 org.wso2.carbon.security.caas.internal.CarbonSecurityDataHolder.getBundleContext(CarbonSecurityDataHolder.java:125)
 at
 

Re: [Dev] [APIM200] [Cluster] PKIX path building failed :Exception throwing on all nodes of apim cluster

[Amila De Silva]

Hi Kavitha,

KeyTemplate Retriever only needs to run on GW nodes. You can disable this
on other nodes by setting BlockCondition element to false.
For retrieving KeyTemplates, the retriever uses url of the KM to call the
endpoint. One reason for this error occurring could be not having Certs of
the Nginx in the client-truststore.
Can you also share the Key Stores/Certs and the configurations?






On Wed, Jul 27, 2016 at 4:06 PM, Kavitha Subramaniyam 
wrote:

> Hi apim team,
>
> I'm getting a certification issue [1]in cluster nodes (every nodes:
> publisher, store, gateway) which configured with APIM2.0.0RC4 pack. I have
> imported all relevant certs to keystore properly as per below steps:
> - Created certs in nginx and copied to /etc/nginx/ssl
> - Updated relevant conf in /etc/nginx/conf.d
> - Copied those certs in to each node respectively
> /repository/resources/security
> - Imported certs to client-truststore.jks using below command
>
> keytool -import -alias apimpublisher -file apimpublisher.crt -keystore
> client-truststore.jks
>
>
> Cluster details: clustered following the doc [2]
> 1 Publisher, 2 Store, 2 gateway workers and 2 IS keymanager nodes fronted
> by nginx
>
>
> Further I tried this also: added certificate for apim to the keystore of
> used java as below and checked it; *but the issue is still there*.
> keytool -export -alias wso2carbon -keystore
> /repository/resources/security/wso2carbon.jks -storepass
> wso2carbon -file mycert.pem
> keytool -import -trustcacerts -file mycert.pem -alias wso2carbon -keystore
> $JAVA_HOME/jre/lib/security/cacerts
>
>
> Observed below Warn and Error on server startup. Please see the attached
> log from publisher node (server startup with -Djavax.net.debug=all)
>
> Could you please have a look into this and give your feedback?
>
> [1]
>
> TID: [-1] [] [2016-07-27 10:14:50,813]  WARN
> {org.wso2.carbon.apimgt.gateway.throttling.util.KeyTemplateRetriever} -
>  Failed retrieving throttling data from remote endpoint:
> sun.security.validator.ValidatorException: PKIX path building failed:
> sun.security.provider.certpath.SunCertPathBuilderException: unable to find
> valid certification path to requested target. Retrying after 15 seconds...
> {org.wso2.carbon.apimgt.gateway.throttling.util.KeyTemplateRetriever}
> TID: [-1] [] [2016-07-27 10:15:05,854] ERROR
> {org.wso2.carbon.apimgt.gateway.throttling.util.KeyTemplateRetriever} -
>  Exception when retrieving throttling data from remote endpoint
>  {org.wso2.carbon.apimgt.gateway.throttling.util.KeyTemplateRetriever}
> javax.net.ssl.SSLHandshakeException:
> sun.security.validator.ValidatorException: PKIX path building failed:
> sun.security.provider.certpath.SunCertPathBuilderException: unable to find
> valid certification path to requested target
> at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
> at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1949)
> at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:302)
> at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:296)
> at
> sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1509)
> at
> sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:216)
> at sun.security.ssl.Handshaker.processLoop(Handshaker.java:979)
> at sun.security.ssl.Handshaker.process_record(Handshaker.java:914)
> at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1062)
> at
> sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1375)
> at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1403)
> at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1387)
> at
> org.apache.http.conn.ssl.SSLSocketFactory.connectSocket(SSLSocketFactory.java:533)
> at
> org.apache.http.conn.ssl.SSLSocketFactory.connectSocket(SSLSocketFactory.java:401)
> at
> org.apache.http.impl.conn.DefaultClientConnectionOperator.openConnection(DefaultClientConnectionOperator.java:178)
> at
> org.apache.http.impl.conn.AbstractPoolEntry.open(AbstractPoolEntry.java:144)
> at
> org.apache.http.impl.conn.AbstractPooledConnAdapter.open(AbstractPooledConnAdapter.java:131)
> at
> org.apache.http.impl.client.DefaultRequestDirector.tryConnect(DefaultRequestDirector.java:610)
> at
> org.apache.http.impl.client.DefaultRequestDirector.execute(DefaultRequestDirector.java:445)
> at
> org.apache.http.impl.client.AbstractHttpClient.doExecute(AbstractHttpClient.java:863)
> at
> org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:82)
> at
> org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:106)
> at
> org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:57)
> at
> org.wso2.carbon.apimgt.gateway.throttling.util.KeyTemplateRetriever.retrieveKeyTemplateData(KeyTemplateRetriever.java:83)
> at
> 

Re: [Dev] [APIM200] [Cluster] PKIX path building failed :Exception throwing on all nodes of apim cluster

[Nuwan Dias]

This error almost always occurs due to the server certificate not being
available on the trust store of the client.

If this error appears on the Publisher logs, that means the publisher is
the client and it is trying to connect to a server. According to the error
logs it tries to connect to the server located at
 in the api-manager.xml. If the certificate of
that server isn't available on the trust store of the publisher, this error
can occur. You will need to list the certs in the trust store and check if
the relevant cert is properly imported to it.

Thanks,
NuwanD.

On Wed, Jul 27, 2016 at 4:06 PM, Kavitha Subramaniyam 
wrote:

> Hi apim team,
>
> I'm getting a certification issue [1]in cluster nodes (every nodes:
> publisher, store, gateway) which configured with APIM2.0.0RC4 pack. I have
> imported all relevant certs to keystore properly as per below steps:
> - Created certs in nginx and copied to /etc/nginx/ssl
> - Updated relevant conf in /etc/nginx/conf.d
> - Copied those certs in to each node respectively
> /repository/resources/security
> - Imported certs to client-truststore.jks using below command
>
> keytool -import -alias apimpublisher -file apimpublisher.crt -keystore
> client-truststore.jks
>
>
> Cluster details: clustered following the doc [2]
> 1 Publisher, 2 Store, 2 gateway workers and 2 IS keymanager nodes fronted
> by nginx
>
>
> Further I tried this also: added certificate for apim to the keystore of
> used java as below and checked it; *but the issue is still there*.
> keytool -export -alias wso2carbon -keystore
> /repository/resources/security/wso2carbon.jks -storepass
> wso2carbon -file mycert.pem
> keytool -import -trustcacerts -file mycert.pem -alias wso2carbon -keystore
> $JAVA_HOME/jre/lib/security/cacerts
>
>
> Observed below Warn and Error on server startup. Please see the attached
> log from publisher node (server startup with -Djavax.net.debug=all)
>
> Could you please have a look into this and give your feedback?
>
> [1]
>
> TID: [-1] [] [2016-07-27 10:14:50,813]  WARN
> {org.wso2.carbon.apimgt.gateway.throttling.util.KeyTemplateRetriever} -
>  Failed retrieving throttling data from remote endpoint:
> sun.security.validator.ValidatorException: PKIX path building failed:
> sun.security.provider.certpath.SunCertPathBuilderException: unable to find
> valid certification path to requested target. Retrying after 15 seconds...
> {org.wso2.carbon.apimgt.gateway.throttling.util.KeyTemplateRetriever}
> TID: [-1] [] [2016-07-27 10:15:05,854] ERROR
> {org.wso2.carbon.apimgt.gateway.throttling.util.KeyTemplateRetriever} -
>  Exception when retrieving throttling data from remote endpoint
>  {org.wso2.carbon.apimgt.gateway.throttling.util.KeyTemplateRetriever}
> javax.net.ssl.SSLHandshakeException:
> sun.security.validator.ValidatorException: PKIX path building failed:
> sun.security.provider.certpath.SunCertPathBuilderException: unable to find
> valid certification path to requested target
> at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
> at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1949)
> at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:302)
> at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:296)
> at
> sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1509)
> at
> sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:216)
> at sun.security.ssl.Handshaker.processLoop(Handshaker.java:979)
> at sun.security.ssl.Handshaker.process_record(Handshaker.java:914)
> at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1062)
> at
> sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1375)
> at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1403)
> at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1387)
> at
> org.apache.http.conn.ssl.SSLSocketFactory.connectSocket(SSLSocketFactory.java:533)
> at
> org.apache.http.conn.ssl.SSLSocketFactory.connectSocket(SSLSocketFactory.java:401)
> at
> org.apache.http.impl.conn.DefaultClientConnectionOperator.openConnection(DefaultClientConnectionOperator.java:178)
> at
> org.apache.http.impl.conn.AbstractPoolEntry.open(AbstractPoolEntry.java:144)
> at
> org.apache.http.impl.conn.AbstractPooledConnAdapter.open(AbstractPooledConnAdapter.java:131)
> at
> org.apache.http.impl.client.DefaultRequestDirector.tryConnect(DefaultRequestDirector.java:610)
> at
> org.apache.http.impl.client.DefaultRequestDirector.execute(DefaultRequestDirector.java:445)
> at
> org.apache.http.impl.client.AbstractHttpClient.doExecute(AbstractHttpClient.java:863)
> at
> org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:82)
> at
> org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:106)
> at
> org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:57)
> at
> 

Re: [Dev] Fwd: GSOC2016: [ML][CEP] [SAMOA]Predictive analytic with online data for WSO2 Machine Learner-Samoa Integration

[Mahesh Dananjaya]

Hi Srinath,

"I think this is OK. I assume this is much easier. Let's do this and check
the performance",
I also think so. I am currently on this and have a progress in this.for
your question,
"If we use MOA directly, would we loose the distributed support in SAOMA.
Let's do a call when you can, so we can dsicuss this in detail."
 I have to check for that.i think  if we are using MOA, we can use
distributed clusters. As i wen through their documentation MOA itself
cannot support distribution. But samoa can. What samoa does is providing
streaming and clustering support by wrapping MOA algorithms. So i think we
dont need to go for that option,directly MOA. Because now we can handle
samoa building blocks.So we had 2 options for integrating it with cep
without exploiting samoa architecture which is highly modular,scalable and
flexible.
1. Develop Samoa topologies with basic samoa building blocks which make use
of MOA algorithms.
2. Creating New streaming options with samoa stream building blocks which
can feed cep siddhi events into samoa streams and get results samoa streams
to cep back.

As 2nd option is easy and  take reasonable time i am currently developing
some modules to integrate cep streams into samoa which can be easily
further extended to 1 option as well. So i had to modify stream and
entrance modules for that and i think is has good progress.
 So now i can feed my custom input stream to samoa topologies. That means i
can easily integrate cep event stream into samoa instance stream. currently
i am verifying the streaming clustering algorithms and its results with my
custom input input streams which can be connected to samoa instance
streams. As i have already developed siddhi extension for streaming, i can
use them to feed my custom input streams now.  As the initial step i am go
with the streaming clustering algorithms. Those are in my GSOC github repo
[1].
clustering - Streaming Clustering Support with samoa and CEP
streaming - Streaming extension for samoa for cep evet streams

i am currenlty working on the verification of results with some of our
custom streams and then we will just have to integrate it with my
extensions, which are already developed for cep as my first part.thank you.
regards,
Mahesh.

[1]
https://github.com/dananjayamahesh/GSOC2016/tree/master/gsoc/samoa/streaming/src/main/java/org/gsoc/samoa/streaming

On Fri, Jul 22, 2016 at 3:17 PM, Srinath Perera  wrote:

> Hi Mahesh,
>
> On Thu, Jul 21, 2016 at 2:10 PM, Mahesh Dananjaya <
> dananjayamah...@gmail.com> wrote:
>
>> Hi All,
>> I am onto connecting cep streams with samoa streams to data analysis
>> using samoa framework. To connect samoa with cep siddhi event streams what
>> i we can do is that try to convert cep streams into samoa streams or else
>> writing wrpper for samoa for cep  streasm to be used. In both cases i have
>> to covert siddhi cep streasm into samoa streams. Samoa is using MOA to
>> analyse data. Moo contains ML framework to analyse stream data. Samoa is
>> wrapping MOA withsome of its classes.
>>
>> Samoa streams is based on MOA, Instance and InstanceStreams. Samoa see
>> streams as a stream of instances [1]. So if we are going to convert cep
>> events into samoa instances , it will take time. But if we have some
>> similarity between cep siddhi streams and samoa streasm we can reduce the
>> time.
>> 1. What is the underlying infrastructure for cep siddhi streasm.?
>> 2. Are there anything as Instances or InstanceStreams kind of
>> implmentation underlying cep streams?
>> 3. How can i get more underestanding on CEP siddhi streams.
>>
>> On the other hand i can use my cep siddhi extension and put those events
>> into event queue and convert them into samoa instances and feed them into
>> samoa streaming ml topologies.
>>
> I think this is OK. I assume this is much easier. Let's do this and check
> the performance.
>
>
>> There is another option. In Samoa what they are basically doing is that
>> wrapping MOA ML framework and write some classes for build streaming ml
>> topologies. So as the other option i can wrap samoa moa with my design and
>> use moa ml framework directly. (No need for Samoa extension). I have
>> building some topologies to streaming data analysis [2]. Main problem is
>> that lack of documentation. Anyway i had go through their whole samoa
>> design.thank you.
>>
>
> If we use MOA directly, would we loose the distributed support in SAOMA.
> Let's do a call when you can, so we can dsicuss this in detail.
>
> --Srinath
>
>
>
>> regards,
>> Mahesh.
>>
>> [1]
>> https://github.com/apache/incubator-samoa/blob/master/samoa-api/src/main/java/org/apache/samoa/streams/clustering/ClusteringStream.java
>> [2]
>> https://github.com/dananjayamahesh/GSOC2016/tree/master/gsoc/samoa/streaming/src/main/java/org/gsoc/samoa/streaming
>>
>> On Mon, Jul 18, 2016 at 11:40 AM, Mahesh Dananjaya <
>> dananjayamah...@gmail.com> wrote:
>>
>>> Hi Maheshakya,
>>> Samoa modules built as topologies 

Re: [Dev] [C5] [CAAS] On Authentication: Invoking loginContext.login() returns LoginException of CNF for UsernamePasswordLoginModule

[Rasika Perera]

[Adding Niranjan, Sumedha, Manu]
​
Hi Jayanga,

When the user-store connector[1] feature is added carbon-security component
is activated. It is true that Carbon-Security component will not up until
it satisfy all connectors dependencies. But IMO we need to provide
intuitive error message when at least one connector is not provided
(definitely bundlecontext is null is not the correct error message).
Implementation should demand it, rather than docs. And if you need all
connectors to up before your Carbon-Security-Component; try
Startup-Order-Resolver which is used in MSF4J (There's a blog[2] on this by
Sameera).

When turning on default configuration on "jdbc-connector.yml". Now I am
getting this error;

[2016-07-27 15:47:01,178] ERROR
{org.wso2.carbon.security.caas.internal.CarbonSecurityComponent} - Cannot
create property=dataSource for
JavaBean=org.wso2.carbon.security.caas.internal.config.StoreConnectorConfigEntry@12a09b44
 in 'reader', line 16, column 1:
name: "jdbc-store-connector"
^
Unable to find property 'dataSource' on class:
org.wso2.carbon.security.caas.internal.config.StoreConnectorConfigEntry
 in 'reader', line 17, column 13:
dataSource: "jdbc/WSO2CARBON_DB"
^
Cannot create property=dataSource for
JavaBean=org.wso2.carbon.security.caas.internal.config.StoreConnectorConfigEntry@12a09b44
 in 'reader', line 16, column 1:
name: "jdbc-store-connector"
^
Unable to find property 'dataSource' on class:
org.wso2.carbon.security.caas.internal.config.StoreConnectorConfigEntry
 in 'reader', line 17, column 13:
dataSource: "jdbc/WSO2CARBON_DB"

Seems like configuration elements are not matched with the mapped object.
What should be the correct configuration and any docs?

When debugging this issue I also came across that carbon-security is owning
configuration files space of "*-connector.yml" in [3]. Why do we need to
introduce a new config file for each connector? Can't we use
"connectors.yml" which will contains all connector configurations?

Thanks,
Rasika

[1] https://github.com/wso2-extensions/carbon-security-user-store-jdbc
[2]
https://medium.com/@sameera.jayasoma/resolving-startup-order-of-carbon-components-in-wso2-carbon-5-0-0-497fe3287e67#.uvmrvsl28​
[3]
https://github.com/wso2/carbon-security/blob/master/components/org.wso2.carbon.security.caas/src/main/java/org/wso2/carbon/security/caas/internal/config/StoreConfigBuilder.java#L286


On Wed, Jul 27, 2016 at 12:48 PM, Jayanga Kaushalya 
wrote:

> Hi Rasika,
>
> Is there any active connectors available for user stores? There should be
> at least a single connector present for each store to activate the carbon
> security successfully.
>
> Thanks!
>
> *Jayanga Kaushalya*
> Software Engineer
> Mobile: +94777860160
> WSO2 Inc. | http://wso2.com
> lean.enterprise.middleware
>
> On Tue, Jul 26, 2016 at 11:04 PM, Rasika Perera  wrote:
>
>> Hi Thanuja,
>>
>> This issue got resolved by updating version into 1.0.0-m2. Now I am
>> getting BundleContext is null exception.
>>
>> java.lang.IllegalStateException: BundleContext is null.
>>> at
>>> org.wso2.carbon.security.caas.internal.CarbonSecurityDataHolder.getBundleContext(CarbonSecurityDataHolder.java:125)
>>> at
>>> org.wso2.carbon.security.caas.api.util.CarbonSecurityUtils.getCallbackHandlers(CarbonSecurityUtils.java:39)
>>> at
>>> org.wso2.carbon.security.caas.api.ProxyCallbackHandler.handle(ProxyCallbackHandler.java:65)
>>> at
>>> javax.security.auth.login.LoginContext$SecureCallbackHandler$1.run(LoginContext.java:939)
>>> at
>>> javax.security.auth.login.LoginContext$SecureCallbackHandler$1.run(LoginContext.java:936)
>>> at java.security.AccessController.doPrivileged(Native Method)
>>> at
>>> javax.security.auth.login.LoginContext$SecureCallbackHandler.handle(LoginContext.java:936)
>>> at
>>> org.wso2.carbon.security.caas.api.module.UsernamePasswordLoginModule.login(UsernamePasswordLoginModule.java:103)
>>> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at
>>> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
>>> at
>>> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
>>> at java.lang.reflect.Method.invoke(Method.java:497)
>>> at javax.security.auth.login.LoginContext.invoke(LoginContext.java:755)
>>> at
>>> javax.security.auth.login.LoginContext.access$000(LoginContext.java:195)
>>> at javax.security.auth.login.LoginContext$4.run(LoginContext.java:682)
>>> at javax.security.auth.login.LoginContext$4.run(LoginContext.java:680)
>>> at java.security.AccessController.doPrivileged(Native Method)
>>> at
>>> javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680)
>>> at javax.security.auth.login.LoginContext.login(LoginContext.java:587)
>>> at
>>> org.wso2.carbon.uuf.sample.simpleauth.bundle.SimpleAuthHandler.authenticateByCaas(SimpleAuthHandler.java:60)
>>
>>
>> When debugging found that CarbonSecurityComponent's @Activate method[1]
>> 

[Dev] Merge changes done for https://wso2.org/jira/browse/CPARENT-6

[Isuru Perera]

Hi,

Could you please review the PR in [1].

I also noticed that carbon-parent version 5 is released [2], but the master
branch still has 5-SNAPSHOT [3].

[1] https://wso2.org/jira/browse/CPARENT-6
[2] https://github.com/wso2/carbon-parent/releases/tag/carbon-parent-5
[3] https://github.com/wso2/carbon-parent/blob/master/pom.xml#L22

-- 
Isuru Perera
Associate Technical Lead | WSO2, Inc. | http://wso2.com/
Lean . Enterprise . Middleware

about.me/chrishantha
Contact: +IsuruPereraWSO2 
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] [C5] [CAAS] On Authentication: Invoking loginContext.login() returns LoginException of CNF for UsernamePasswordLoginModule

[Jayanga Kaushalya]

Hi Rasika,

Is there any active connectors available for user stores? There should be
at least a single connector present for each store to activate the carbon
security successfully.

Thanks!

*Jayanga Kaushalya*
Software Engineer
Mobile: +94777860160
WSO2 Inc. | http://wso2.com
lean.enterprise.middleware

On Tue, Jul 26, 2016 at 11:04 PM, Rasika Perera  wrote:

> Hi Thanuja,
>
> This issue got resolved by updating version into 1.0.0-m2. Now I am
> getting BundleContext is null exception.
>
> java.lang.IllegalStateException: BundleContext is null.
>> at
>> org.wso2.carbon.security.caas.internal.CarbonSecurityDataHolder.getBundleContext(CarbonSecurityDataHolder.java:125)
>> at
>> org.wso2.carbon.security.caas.api.util.CarbonSecurityUtils.getCallbackHandlers(CarbonSecurityUtils.java:39)
>> at
>> org.wso2.carbon.security.caas.api.ProxyCallbackHandler.handle(ProxyCallbackHandler.java:65)
>> at
>> javax.security.auth.login.LoginContext$SecureCallbackHandler$1.run(LoginContext.java:939)
>> at
>> javax.security.auth.login.LoginContext$SecureCallbackHandler$1.run(LoginContext.java:936)
>> at java.security.AccessController.doPrivileged(Native Method)
>> at
>> javax.security.auth.login.LoginContext$SecureCallbackHandler.handle(LoginContext.java:936)
>> at
>> org.wso2.carbon.security.caas.api.module.UsernamePasswordLoginModule.login(UsernamePasswordLoginModule.java:103)
>> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at
>> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
>> at
>> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
>> at java.lang.reflect.Method.invoke(Method.java:497)
>> at javax.security.auth.login.LoginContext.invoke(LoginContext.java:755)
>> at
>> javax.security.auth.login.LoginContext.access$000(LoginContext.java:195)
>> at javax.security.auth.login.LoginContext$4.run(LoginContext.java:682)
>> at javax.security.auth.login.LoginContext$4.run(LoginContext.java:680)
>> at java.security.AccessController.doPrivileged(Native Method)
>> at
>> javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680)
>> at javax.security.auth.login.LoginContext.login(LoginContext.java:587)
>> at
>> org.wso2.carbon.uuf.sample.simpleauth.bundle.SimpleAuthHandler.authenticateByCaas(SimpleAuthHandler.java:60)
>
>
> When debugging found that CarbonSecurityComponent's @Activate method[1]
> is not invoked by OSGi. Then checked bundles on osgi console,  both
> fragment and bundle is Active.
>
>79|Active|4|org.wso2.carbon.security.caas (1.0.0.m2)
>>80|Resolved   |1|org.wso2.carbon.security.caas.boot (1.0.0.m2)
>
>
> Any thoughts on resolving this issue?
>
> [1]
> https://github.com/wso2/carbon-security/blob/release-1.0.0-m2/components/org.wso2.carbon.security.caas/src/main/java/org/wso2/carbon/security/caas/internal/CarbonSecurityComponent.java#L80
>
> On Tue, Jul 26, 2016 at 6:18 PM, Thanuja Jayasinghe 
> wrote:
>
>> Hi Rasika,
>>
>> This issue happens when 'carbon-security-caas' module does not activate
>> properly. Can you debug the code [1], and check whether activate method is
>> getting called.
>>
>> [1] -
>> https://github.com/wso2/carbon-security/blob/master/components/org.wso2.carbon.security.caas/src/main/java/org/wso2/carbon/security/caas/internal/CarbonSecurityComponent.java#L80
>>
>> Thanks,
>>
>> On Mon, Jul 25, 2016 at 7:09 PM, Rasika Perera  wrote:
>>
>>> Hi All,
>>>
>>> I am trying to invoke basic authentication with CAAS. I have installed
>>> "org.wso2.carbon.security.caas.feature" and imported following packages;
>>>
>>> org.wso2.carbon.security.caas.api.*,
>>> org.wso2.carbon.kernel.context,
>>> org.wso2.carbon.messaging
>>>
>>> Further I have added config location into the startup script;
>>>
>>> -Djava.security.auth.login.config="$CARBON_HOME/conf/security/carbon-jaas.config"\
>>>
>>> My code snippet is as below (based on JAAS sample[1]);
>>>
>>> PrivilegedCarbonContext.destroyCurrentContext();
>>> CarbonMessage carbonMessage = new DefaultCarbonMessage();
>>> carbonMessage.setHeader("Authorization", "Basic " + Base64.getEncoder()
>>> .encodeToString("admin:admin".getBytes())
>>> );
>>>
>>> ProxyCallbackHandler callbackHandler = new 
>>> ProxyCallbackHandler(carbonMessage);
>>> LoginContext loginContext = new LoginContext("CarbonSecurityConfig", 
>>> callbackHandler);
>>> loginContext.login();
>>>
>>> ​I am getting following error at the line "loginContext.login()";
>>>
>>> Caused by: javax.security.auth.login.LoginException: unable to find
>>> LoginModule class:
>>> org.wso2.carbon.security.caas.api.module.UsernamePasswordLoginModule
>>> at javax.security.auth.login.LoginContext.invoke(LoginContext.java:794)
>>> at
>>> javax.security.auth.login.LoginContext.access$000(LoginContext.java:195)
>>> at javax.security.auth.login.LoginContext$4.run(LoginContext.java:682)
>>> at 

Re: [Dev] SnakeYAML is already an OSGi bundle. Why do we have SnakeYAML in orbit?

[Isuru Perera]

Hi Shan,

Any updates on this?

On Thu, Jun 30, 2016 at 9:58 AM, Shan Mahanama  wrote:

> Hi Kishanthan,
>
> I will check it and update you as soon as possible.
>
> Thanks,
> Shan.
>
> On Wed, Jun 29, 2016 at 6:20 PM, Kishanthan Thangarajah <
> kishant...@wso2.com> wrote:
>
>> Thanks Isuru.
>>
>> @Shan, let's check on this and try to fix it.
>>
>> On Wed, Jun 29, 2016 at 6:12 PM, Isuru Perera  wrote:
>>
>>> Hi Kishanthan,
>>>
>>> I created a JIRA: https://wso2.org/jira/browse/CARBON-15972
>>>
>>> I just saw that stackoverflow question when searching for some other
>>> issue.
>>>
>>> Thanks!
>>>
>>> Best Regards,
>>> It would also be great if you can create a jira for this with the
>>> information so that we could add this for next kernel release.
>>>
>>> On Wed, Jun 29, 2016 at 4:51 PM, Kishanthan Thangarajah <
>>> kishant...@wso2.com> wrote:
>>>
 Thanks Isuru. We can try and add this option, which would remove the
 need for Dynamic-Import.

 On Wed, Jun 29, 2016 at 3:42 PM, Isuru Perera  wrote:

> I just saw that SnakeYaml provides a "CustomClassLoaderConstructor".
> Could you please check on that.
>
> See:
> http://stackoverflow.com/questions/4940379/using-snakeyaml-under-osgi/4944346#4944346
>
>
> On Thu, May 19, 2016 at 1:31 PM, Isuru Perera  wrote:
>
>> Thanks for info.
>>
>> Shall we ask the snakeyaml developers to add the Dynamic-Import
>> header. May be we can create an issue [1]. Otherwise, that library is not
>> useful in an OSGi container, right?
>>
>> [1]
>> https://bitbucket.org/asomov/snakeyaml/issues?status=new=open
>>
>> On Thu, May 5, 2016 at 7:25 AM, Kishanthan Thangarajah <
>> kishant...@wso2.com> wrote:
>>
>>> This is because we had to add Dynamic-Import header to this bundle,
>>> which is missing in the original bundle, as snakeyaml was loading 
>>> classes
>>> dynamically when trying to build and construct the bean object for the
>>> configuration.
>>>
>>> On Wed, May 4, 2016 at 12:16 PM, Isuru Perera 
>>> wrote:
>>>
 Hi,

 $subject [1]. See manifest entries in latest JARs [2]

 [1]
 https://github.com/wso2/orbit/tree/master/snakeyaml/1.16.0.wso2v1
 [2]
 http://search.maven.org/#search|gav|1|g%3A%22org.yaml%22%20AND%20a%3A%22snakeyaml%22
 

 --
 Isuru Perera
 Associate Technical Lead | WSO2, Inc. | http://wso2.com/
 Lean . Enterprise . Middleware

 about.me/chrishantha
 Contact: +IsuruPereraWSO2
 

>>>
>>>
>>>
>>> --
>>> *Kishanthan Thangarajah*
>>> Associate Technical Lead,
>>> Platform Technologies Team,
>>> WSO2, Inc.
>>> lean.enterprise.middleware
>>>
>>> Mobile - +94773426635
>>> Blog - *http://kishanthan.wordpress.com
>>> *
>>> Twitter - *http://twitter.com/kishanthan
>>> *
>>>
>>
>>
>>
>> --
>> Isuru Perera
>> Associate Technical Lead | WSO2, Inc. | http://wso2.com/
>> Lean . Enterprise . Middleware
>>
>> about.me/chrishantha
>> Contact: +IsuruPereraWSO2
>> 
>>
>
>
>
> --
> Isuru Perera
> Associate Technical Lead | WSO2, Inc. | http://wso2.com/
> Lean . Enterprise . Middleware
>
> about.me/chrishantha
> Contact: +IsuruPereraWSO2
> 
>



 --
 *Kishanthan Thangarajah*
 Technical Lead,
 Platform Technologies Team,
 WSO2, Inc.
 lean.enterprise.middleware

 Mobile - +94773426635
 Blog - *http://kishanthan.wordpress.com
 *
 Twitter - *http://twitter.com/kishanthan
 *

>>>
>>>
>>>
>>> --
>>> *Kishanthan Thangarajah*
>>> Technical Lead,
>>> Platform Technologies Team,
>>> WSO2, Inc.
>>> lean.enterprise.middleware
>>>
>>> Mobile - +94773426635
>>> Blog - *http://kishanthan.wordpress.com
>>> *
>>> Twitter - *http://twitter.com/kishanthan
>>> *
>>>
>>
>>
>>
>> --
>> *Kishanthan Thangarajah*
>> Technical Lead,
>> Platform Technologies Team,
>> WSO2, Inc.
>> lean.enterprise.middleware
>>
>> Mobile - +94773426635
>> Blog - *http://kishanthan.wordpress.com
>> *
>> Twitter - *http://twitter.com/kishanthan *
>>
>
>
>
> --
> Shan Mahanama
> Software Engineer, WSO2 Inc. http://wso2.com
> 

[Dev] [Jaggerry][BPS] Check user permission using jaggery user.User not working for tenants

[Milinda Perera]

Hi,

We are checking the user permission in jaggery in following way:

function isUserAuthorized(username, permission, action, bpsUrl){
var carbon = require('carbon'),
process = require('process'),
srv = new carbon.server.Server({url: bpsUrl}),
tenantId = carbon.server.tenantId(),
userManager = new carbon.user.UserManager(srv, tenantId),
user = new carbon.user.User(userManager, username);
return user.isAuthorized(permission, action);
}

it works perfectly fine for super tenant but get false for tenant users
even they have relevant permission.

Thanks,
Milinda

-- 
Milinda Perera
Software Engineer;
WSO2 Inc. http://wso2.com ,
Mobile: (+94) 714 115 032
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev