Re: [Dev] [GSoC Final Evaluation] Proposal 21: [IS] Document Based NoSQL Support for WSO2 Identity Server Database

[Asantha Thilina]

Hi Chamila,

I have added new pull requests to orbit[1] for new org.json version

[1]https://github.com/wso2/orbit/pull/225

thanks,
Asantha

On Fri, Aug 19, 2016 at 9:58 PM, Chamila Wijayarathna <
cdwijayarat...@gmail.com> wrote:

> Hi Asantha,
>
> For creating new orbit, you will have to send 1 PR to wso2/orbit
> repository[1] as well. There inside json folder, you'll have to define a
> new json orbit with new version (eg: 3.0.0wso2v2) and there you will have
> to refer the new json version you are depending on.
>
> In your PR, you are referring to 3.0.0wso2v1 which is depending on the
> older version we are talking about. So this will still cause the issue you
> are talking.
>
> Thank You!
>
> On Sat, Aug 20, 2016 at 12:47 AM, Asantha Thilina <
> asanthathil...@gmail.com> wrote:
>
>> Hi Johann,
>>
>> first of all ,sorry for the late reply earlier i wasn't added org.json to
>> bundleDef now i have fixed the issue and i have added new orbit as chamila
>> mentioned for org.json as defined in here[1] i have added version 20160212
>> because version 20140107  which is already in IS causing some problems
>> for my userstore methods even it successfully deployed ,after adding
>> version 20160212 solved the issue now my userstore is deploy org.json  
>> 20160212
>>  also to the IS during packaging and i have updated the PR[2] with the
>> latest modifications
>>
>> [1]https://github.com/wso2/orbit/blob/master/json/3.0.0.wso2v1/pom.xml
>> [2]https://github.com/wso2-extensions/identity-userstore-mongodb/pull/1
>>
>> thanks,
>> Asantha
>>
>> On Fri, Aug 19, 2016 at 5:45 AM, Johann Nallathamby 
>> wrote:
>>
>>> Hi Asantha,
>>>
>>> As Chamila mentioned you need to bundle the required library in your
>>> feature as well, so that it is self contained, and can be installed
>>> independently in any carbon server.
>>>
>>> Have you added that in your PR? I couldn't see a bundleDef for org.json.
>>>
>>> Regards,
>>> Johann.
>>>
>>> On Fri, Aug 19, 2016 at 3:04 PM, Asantha Thilina <
>>> asanthathil...@gmail.com> wrote:
>>>
 Hi all,

 First of all let me apologize for the late reply ,I have changed the
 org.json version as chamila said and now it's working no need to add json
 lib manually and version changed will not affected to any of my code i have
 updated the PR[1] with latest modifications now it's need
 mongodb-java-driver only to run the module no other extra library required

 [1]https://github.com/wso2-extensions/identity-userstore-mongodb/pull/1


 Thanks,
 Asantha

 On Fri, Aug 19, 2016 at 1:26 AM, Chamila Wijayarathna <
 cdwijayarat...@gmail.com> wrote:

> Hi Asantha,
>
> If you have used any new features of org.json which is not available
> in that old version, I think you will have to create an orbit with new
> org.json version.
>
> And I think it (either new or old version) need to be packed in your
> feature, so it can be installed into any carbon based product.
>
> Thanks!
>
> On Fri, Aug 19, 2016 at 3:17 PM, Asantha Thilina <
> asanthathil...@gmail.com> wrote:
>
>> Hi Chamila,
>>
>> ok thanks for the comment then i will change the version of my
>> dependency and test it
>>
>> Thanks,
>> Asantha
>>
>> On Fri, Aug 19, 2016 at 1:13 AM, Chamila Wijayarathna <
>> cdwijayarat...@gmail.com> wrote:
>>
>>> Hi Asantha, Tharindu,
>>>
>>> I think IS already packs json, but the version is 20140107 which
>>> comes from wso2 orbit bundle [1]. You are receiving the error due to
>>> version mismatch, because you are using  version 20160212.
>>>
>>> Can you try using existing dependency and check if your features
>>> work okay with that version?\\
>>>
>>> Thank You!
>>>
>>> [1]. https://github.com/wso2/orbit/blob/master/json/3.0.0.wso2v1
>>>
>>> On Fri, Aug 19, 2016 at 3:03 PM, Tharindu Edirisinghe <
>>> tharin...@wso2.com> wrote:
>>>
 I meant shipping with the product... by packing with the product.

 Yes, it should be packed by the feature.

 I'll look more into Charon's dependency as well.

 On Fri, Aug 19, 2016 at 10:26 AM, Chamila Wijayarathna <
 cdwijayarat...@gmail.com> wrote:

> Hi Harsha,
>
> The license seems to be okay, isn't it? It doesn't mention
> anything that prevent us from using it. Also I think we use same 
> library
> for json related stuff in charon as well. So it can't be an issue IMO.
>
> @Tharindu, Why we should pack this in product? Shouldn't we pack
> this in the feature?
>
> Thank You!
>
> On Fri, Aug 19, 2016 at 2:11 PM, Harsha Thirimanna <
> hars...@wso2.com> wrote:
>
>> As in the license, there are some restrictions.
>>
>> 

Re: [Dev] GSoC2016-Contact Development Team Feature

[Nathiesha Maddage]

Hi ,

Thank you for the suggestion. I started writing a blog post with all the
repository links in it as you have suggested.
I will send the link of the blog post as soon as possible.

Thanks and regards

Nathiesha

On Fri, Aug 19, 2016 at 8:31 AM, Kavith Lokuhewage  wrote:

> Hi Nathiesha,
>
> You already have two standalone github repos for the plugin and
> micro-service. Furthermore, you have a fork of devs-kernel repo with the
> code for the plugin is merged - the one you have prepared to send the pull
> request.
>
> Since there are multiple places and we cannot submit a single link for
> them - in my point of view - the best option is to write a blog post as
> they have suggested. You can include the links to individual repos and
> forked repo with a filter for your commits. Importantly, you can put the
> link for pull request too - once you sent it.
>
> This way, everyone will have a clear picture of your work and the best
> part - what is the final work that is going to be merged into WSO2
> repository.
>
> Thanks,
>
> *Kavith Lokuhewage*
> Senior Software Engineer
> WSO2 Inc. - http://wso2.com
> lean . enterprise . middleware
> Mobile - +94779145123
> Linkedin 
> Twitter 
>
> On Thu, Aug 18, 2016 at 11:55 AM, Nathiesha Maddage <
> nathieshamadd...@gmail.com> wrote:
>
>> Hi,
>>
>> I have completed almost all of the coding part now, and working with
>> fixing a few left errors and tidying the code.
>>
>> I plan to submit the plugin project, feature project and the
>> documentation as the deliverable.
>> For the final submission, I need to upload a URL that contains our
>> project. For that Google has provided certain examples such as the link of
>> Git Hub commits, a web page or a blog post, public folder in Google Drive
>> etc. [1]
>>
>> What would be the best way of submission, for our project?
>>
>> [1]. https://developers.google.com/open-source/gsoc/help/work-product
>>
>>
>> Thanks and regards
>>
>> Nathiesha
>>
>> On Thu, Aug 11, 2016 at 4:40 PM, Kavith Lokuhewage 
>> wrote:
>>
>>> Hi Nathiesha,
>>>
>>> Great! We can have the meeting at 3.00pm to 4.00pm tomorrow. I will send
>>> the invitation. Meanwhile, please push the latest changes to github before
>>> the meeting.
>>>
>>> Thanks,
>>>
>>> *Kavith Lokuhewage*
>>> Senior Software Engineer
>>> WSO2 Inc. - http://wso2.com
>>> lean . enterprise . middleware
>>> Mobile - +94779145123
>>> Linkedin 
>>> Twitter 
>>>
>>> On Thu, Aug 11, 2016 at 4:35 PM, Nathiesha Maddage <
>>> nathieshamadd...@gmail.com> wrote:
>>>
 Hi Kavith,

 I externalized the credentials in micro-service code and implemented
 the extension point. I plan to start on OSGI services part once I finalize
 the remaining small tasks in these sections.

 How about tomorrow evening for the next meeting? I have lectures in the
 morning. So it would be easy if we can arrange the meeting after 2 pm.

 Thanks and regards
 Nathiesha

 On Thu, Aug 11, 2016 at 11:42 AM, Kavith Lokuhewage 
 wrote:

> Hi Nathiesha,
>
> How is the progress on remaining tasks? As per the previous update,
> you are already done with configuring maven build + creating a basic
> micro-service for publishing reports, aren't you?
>
> The remaining work was to externalize hard coded credentials in
> micro-service code, implement the extension point for providing different
> JIRA keys to report errors for specific java packages and define an OSGI
> service to be able to contribute publishers via other eclipse plugins - if
> needed in future.
>
> It would be great if we can finalize these soon as we are reaching
> towards the end of GSOC program. Please suggest a time for a meeting
> tomorrow. We can discuss about the issues you are facing - if any - and
> discuss the plat to wrap the rest of the work by end of next week.
>
> Thanks,
>
> *Kavith Lokuhewage*
> Senior Software Engineer
> WSO2 Inc. - http://wso2.com
> lean . enterprise . middleware
> Mobile - +94779145123
> Linkedin 
> Twitter 
>
> On Fri, Aug 5, 2016 at 2:06 PM, Kavith Lokuhewage 
> wrote:
>
>> Hi Nathiesha,
>>
>> Please join the hangout https://hangouts.googl
>> e.com/hangouts/_/wso2.com/kavith
>>
>> Thanks,
>>
>> *Kavith Lokuhewage*
>> Senior Software Engineer
>> WSO2 Inc. - http://wso2.com
>> lean . enterprise . middleware
>> Mobile - +94779145123
>> Linkedin 
>> Twitter 
>>
>> 

Re: [Dev] Issue while doing mysql setup for ES migration

[Chandana Napagoda]

Hi Shakilla,

What is the MySQL server version you are using? Are you trying to create DB
tables manually or using -Dsetup?

Regards,
Chandana

On Fri, Aug 19, 2016 at 9:58 PM, Shakila Sivagnanarajah 
wrote:

> Hi Danesh thanks, 'AddAdmin' was set to false.
>
> mysql create queries for some tables are not found in the given in the sql
> query file(/dbscripts/mysql5.7.sql).
>
> 1. com.mysql.jdbc.exceptions.jdbc4.MySQLSyntaxErrorException: Table
> 'wso2_carbon_db_store.idp' doesn't exist
> 2. com.mysql.jdbc.exceptions.jdbc4.MySQLSyntaxErrorException: Table
> 'wso2_carbon_db_store.sp_app' doesn't exist
>
> Am I importing wrong sql file?
>
> Thanks
>
> On Fri, Aug 19, 2016 at 7:07 PM, Danesh Kuruppu  wrote:
>
>> Hi Shakila,
>>
>>
>>> Caused by: org.wso2.carbon.user.core.UserStoreException: Admin user can
>>> not be created in primary user store. Add-Admin has been set to false.
>>> Please pick a User name which is exist in the primary user store as Admin
>>> user
>>> at org.wso2.carbon.user.core.common.AbstractUserStoreManager.ad
>>> dInitialAdminData(AbstractUserStoreManager.java:3749)
>>> at org.wso2.carbon.user.core.jdbc.JDBCUserStoreManager.(J
>>> DBCUserStoreManager.java:281)
>>> at org.wso2.carbon.user.core.jdbc.JDBCUserStoreManager.(J
>>> DBCUserStoreManager.java:220)
>>> ... 27 more
>>>
>>>
>> Check whether you set False in user-mgt.xml. Seems
>> like admin user doesn't exist in your primary user store and server cannot
>> create the user since it is set to false.
>>
>> Thanks
>> --
>>
>> *Danesh Kuruppu*
>> Senior Software Engineer | WSO2
>>
>> Email: dan...@wso2.com
>> Mobile: +94 (77) 1690552
>> Web: WSO2 Inc 
>>
>>
>
>
> --
> Shakila Sivagnanarajah
> Software Engineer
> Mobile :+94 (0) 768 856837
> shak...@wso2.com
> WSO2, Inc.
> lean . enterprise . middleware
> http://www.wso2.com/
>



-- 
*Chandana Napagoda*
Senior Software Engineer
WSO2 Inc. - http://wso2.org

*Email  :  chand...@wso2.com **Mobile : +94718169299*

*Blog  :http://cnapagoda.blogspot.com *
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

[Dev] WSO2 Enterprise Service Bus 5.0.0 Released

[Senduran Balasubramaniyam]

*WSO2 Enterprise Service Bus 5.0.0 Released*

WSO2 Enterprise Service Bus team is pleased to announce the release of WSO2
Enterprise Service Bus 5.0.0.

WSO2 Enterprise Service Bus is a lightweight, high performance, near-zero
latency product, providing comprehensive support for several different
technologies like SOAP, WS* and REST as well as domain-specific solutions
and protocols like SAP, FIX and HL7. It goes above and beyond by being 100%
compliant with enterprise integration patterns. It also has 100+
ready-made, easy-to-use connectors to seamlessly integrate between cloud
service providers. WSO2 Enterprise Service Bus is 100% configuration
driven, which means no code needs to be written. Its capabilities can be
extended too with the many extension points to plug into.

WSO2 ESB 5.0.0 consists of runtime, tooling and analytics components.


For more information on WSO2 Enterprise Service Bus and to download the
product please visit http://wso2.com/products/enterprise-service-bus/. Also
take a look at the online product documentation.

*How to Run*

1. Extract the downloaded zip
2. Go to the bin directory in the extracted folder
3. Run the wso2server.sh or wso2server.bat as appropriate
4. Launch a web browser and navigate to https://localhost:9443/carbon to
access the admin console
5. Use "admin", "admin" as the username and password to login as an
admin

*Following New Features are included*

*ESB Runtime*

   - [ESBJAVA-1999 ] - Add
   websocket support to the ESB
   - [ESBJAVA-3851 ] -
   Distributed Transaction (XATransaction) For JMS Transport
   - [ESBJAVA-4078 ] - Support
   JMS 2.0.0
   - [ESBJAVA-4550 ] - Data
   mapping feature for ESB
   - [ESBJAVA-4854 ] - Proxy
   profile support
   - [ESBJAVA-4855 ] - Mediation
   Debugging capability for WSO2 ESB
   - [ESBJAVA-4857 ] - New ESB
   statistics and tracing integration with ESB analytics


*ESB Tooling*

   - [DEVTOOLESB-71 ] - Create
   tree by adding elements - json schema
   - [DEVTOOLESB-233 ] -
   Provide instruction for getting access token via Developer Studio
   - [DEVTOOLESB-452 ] -
   Generating the form editor for Local Entry
   - [DEVTOOLESB-457 ] - ESB
   Solution Project Creation
   - [DEVTOOLESB-738 ] -
   Mediator flow debugging support
   - [DEVTOOLESB-739 ] - Data
   Mapping Visual tool
   - [DEVTOOLESB-740 ] -
   Adding form editors for Endpoints, Message processors, Scheduled tasks
   - [DEVTOOLESB-741 ] -
   Adding form editors for Message Store, Template endpoints


*ESB Analytics*

   - [ANLYESB-192 ] - VizGrammar
   charts for Analytic Dashboard
   - [ANLYESB-193 ] - Create a
   separate product distribution for WSO2 ESB Analytics
   - [ANLYESB-194 ] - Create
   required gadgets for analytics dashboard with pub sub facility
   - [ANLYESB-195 ] -
   Summarization Spark script for ESB statistics
   - [ANLYESB-196 ] - Relational
   Provider for aggregated events in ESB Analytics
   - [ANLYESB-197 ] - Cross
   tenant statistic aggregate operations.
   - [ANLYESB-198 ] - Offline
   statistic calculation.
   - [ANLYESB-199 ] - Pre and
   post comparison for the mediator tracing.


*Complete list of bug fixes and improvements*

   - ESB Runtime 
   - ESB Tooling 
   - ESB Analytics 


*Key Features of WSO2 Enterprise Service Bus*

*Connect Anything to Anything*

   - Adapters to cloud services: 150+ connectors
    across various categories such as
   payments, CRM, ERP, social networks or legacy systems.
   - Transports: HTTP, HTTPS, Web sockets, POP, IMAP, SMTP, JMS 1.1, JMS
   2.0, AMQP, RabbitMQ, FIX, TCP, UDP, FTPS, SFTP, MLLP and SMS, MQTT, Apache
   Kafka
   - Formats & protocols: JSON, XML, SOAP 1.1, SOAP 1.2, WS-*, HTML, EDI,
   HL7, OAGIS, Hessian, Text, JPEG, MP4, all binary formats and CORBA/IIOP
   - Adapters to COTS systems: SAP BAPI & IDoc, IBM WebSphere 

Re: [Dev] [GSoC Final Evaluation] Proposal 21: [IS] Document Based NoSQL Support for WSO2 Identity Server Database

[Chamila Wijayarathna]

Hi Asantha,

For creating new orbit, you will have to send 1 PR to wso2/orbit
repository[1] as well. There inside json folder, you'll have to define a
new json orbit with new version (eg: 3.0.0wso2v2) and there you will have
to refer the new json version you are depending on.

In your PR, you are referring to 3.0.0wso2v1 which is depending on the
older version we are talking about. So this will still cause the issue you
are talking.

Thank You!

On Sat, Aug 20, 2016 at 12:47 AM, Asantha Thilina 
wrote:

> Hi Johann,
>
> first of all ,sorry for the late reply earlier i wasn't added org.json to
> bundleDef now i have fixed the issue and i have added new orbit as chamila
> mentioned for org.json as defined in here[1] i have added version 20160212
> because version 20140107  which is already in IS causing some problems
> for my userstore methods even it successfully deployed ,after adding
> version 20160212 solved the issue now my userstore is deploy org.json  
> 20160212
>  also to the IS during packaging and i have updated the PR[2] with the
> latest modifications
>
> [1]https://github.com/wso2/orbit/blob/master/json/3.0.0.wso2v1/pom.xml
> [2]https://github.com/wso2-extensions/identity-userstore-mongodb/pull/1
>
> thanks,
> Asantha
>
> On Fri, Aug 19, 2016 at 5:45 AM, Johann Nallathamby 
> wrote:
>
>> Hi Asantha,
>>
>> As Chamila mentioned you need to bundle the required library in your
>> feature as well, so that it is self contained, and can be installed
>> independently in any carbon server.
>>
>> Have you added that in your PR? I couldn't see a bundleDef for org.json.
>>
>> Regards,
>> Johann.
>>
>> On Fri, Aug 19, 2016 at 3:04 PM, Asantha Thilina <
>> asanthathil...@gmail.com> wrote:
>>
>>> Hi all,
>>>
>>> First of all let me apologize for the late reply ,I have changed the
>>> org.json version as chamila said and now it's working no need to add json
>>> lib manually and version changed will not affected to any of my code i have
>>> updated the PR[1] with latest modifications now it's need
>>> mongodb-java-driver only to run the module no other extra library required
>>>
>>> [1]https://github.com/wso2-extensions/identity-userstore-mongodb/pull/1
>>>
>>> Thanks,
>>> Asantha
>>>
>>> On Fri, Aug 19, 2016 at 1:26 AM, Chamila Wijayarathna <
>>> cdwijayarat...@gmail.com> wrote:
>>>
 Hi Asantha,

 If you have used any new features of org.json which is not available in
 that old version, I think you will have to create an orbit with new
 org.json version.

 And I think it (either new or old version) need to be packed in your
 feature, so it can be installed into any carbon based product.

 Thanks!

 On Fri, Aug 19, 2016 at 3:17 PM, Asantha Thilina <
 asanthathil...@gmail.com> wrote:

> Hi Chamila,
>
> ok thanks for the comment then i will change the version of my
> dependency and test it
>
> Thanks,
> Asantha
>
> On Fri, Aug 19, 2016 at 1:13 AM, Chamila Wijayarathna <
> cdwijayarat...@gmail.com> wrote:
>
>> Hi Asantha, Tharindu,
>>
>> I think IS already packs json, but the version is 20140107 which
>> comes from wso2 orbit bundle [1]. You are receiving the error due to
>> version mismatch, because you are using  version 20160212.
>>
>> Can you try using existing dependency and check if your features work
>> okay with that version?\\
>>
>> Thank You!
>>
>> [1]. https://github.com/wso2/orbit/blob/master/json/3.0.0.wso2v1
>>
>> On Fri, Aug 19, 2016 at 3:03 PM, Tharindu Edirisinghe <
>> tharin...@wso2.com> wrote:
>>
>>> I meant shipping with the product... by packing with the product.
>>>
>>> Yes, it should be packed by the feature.
>>>
>>> I'll look more into Charon's dependency as well.
>>>
>>> On Fri, Aug 19, 2016 at 10:26 AM, Chamila Wijayarathna <
>>> cdwijayarat...@gmail.com> wrote:
>>>
 Hi Harsha,

 The license seems to be okay, isn't it? It doesn't mention anything
 that prevent us from using it. Also I think we use same library for 
 json
 related stuff in charon as well. So it can't be an issue IMO.

 @Tharindu, Why we should pack this in product? Shouldn't we pack
 this in the feature?

 Thank You!

 On Fri, Aug 19, 2016 at 2:11 PM, Harsha Thirimanna <
 hars...@wso2.com> wrote:

> As in the license, there are some restrictions.
>
> http://www.json.org/license.html
>
> *Harsha Thirimanna*
> Associate Tech Lead | WSO2
>
> Email: hars...@wso2.com
> Mob: +94715186770
> Blog: http://harshathirimanna.blogspot.com/
> Twitter: http://twitter.com/harshathirimann
> Linked-In: linked-in: http://www.linkedin.com/pub/ha
> rsha-thirimanna/10/ab8/122
> 

[Dev] [VOTE] Release WSO2 Carbon Kernel 4.4.9 RC1

[Thusitha Thilina Dayaratne]

Hi Devs,

This is the 1st release candidate of WSO2 Carbon Kernel 4.4.9.

This release fixes the following issues
*https://wso2.org/jira/issues/?filter=13289
*

Please download, test your products with kernel 4.4.9 RC1 and vote. Vote
will be open for 72 hours or as longer as needed.

*Source and binary distribution files:*
*https://github.com/wso2/carbon-kernel/archive/v4.4.9-rc1.zip
*
http://svn.wso2.org/repos/wso2/people/thusithad/4.4.9/wso2carbon-4.4.9-rc1.zip

*Maven staging repository*
*https://maven.wso2.org/nexus/content/repositories/orgwso2carbon-1035
*

*The tag to be voted upon : *
*https://github.com/wso2/carbon-kernel/releases/tag/v4.4.9-rc1
*

[ ] Broken - Do not release (explain why)
[ ] Stable  - Go ahead and release

Thank you
Carbon Team

-- 
Thusitha Dayaratne
Software Engineer
WSO2 Inc. - lean . enterprise . middleware |  wso2.com

Mobile  +94712756809
Blog  alokayasoya.blogspot.com
Abouthttp://about.me/thusithathilina





-- 
Thusitha Dayaratne
Software Engineer
WSO2 Inc. - lean . enterprise . middleware |  wso2.com

Mobile  +94712756809
Blog  alokayasoya.blogspot.com
Abouthttp://about.me/thusithathilina

___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] Issue while doing mysql setup for ES migration

[Shakila Sivagnanarajah]

Hi Danesh thanks, 'AddAdmin' was set to false.

mysql create queries for some tables are not found in the given in the sql
query file(/dbscripts/mysql5.7.sql).

1. com.mysql.jdbc.exceptions.jdbc4.MySQLSyntaxErrorException: Table
'wso2_carbon_db_store.idp' doesn't exist
2. com.mysql.jdbc.exceptions.jdbc4.MySQLSyntaxErrorException: Table
'wso2_carbon_db_store.sp_app' doesn't exist

Am I importing wrong sql file?

Thanks

On Fri, Aug 19, 2016 at 7:07 PM, Danesh Kuruppu  wrote:

> Hi Shakila,
>
>
>> Caused by: org.wso2.carbon.user.core.UserStoreException: Admin user can
>> not be created in primary user store. Add-Admin has been set to false.
>> Please pick a User name which is exist in the primary user store as Admin
>> user
>> at org.wso2.carbon.user.core.common.AbstractUserStoreManager.ad
>> dInitialAdminData(AbstractUserStoreManager.java:3749)
>> at org.wso2.carbon.user.core.jdbc.JDBCUserStoreManager.(
>> JDBCUserStoreManager.java:281)
>> at org.wso2.carbon.user.core.jdbc.JDBCUserStoreManager.(
>> JDBCUserStoreManager.java:220)
>> ... 27 more
>>
>>
> Check whether you set False in user-mgt.xml. Seems
> like admin user doesn't exist in your primary user store and server cannot
> create the user since it is set to false.
>
> Thanks
> --
>
> *Danesh Kuruppu*
> Senior Software Engineer | WSO2
>
> Email: dan...@wso2.com
> Mobile: +94 (77) 1690552
> Web: WSO2 Inc 
>
>


-- 
Shakila Sivagnanarajah
Software Engineer
Mobile :+94 (0) 768 856837
shak...@wso2.com
WSO2, Inc.
lean . enterprise . middleware
http://www.wso2.com/
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] [GSoC Final Evaluation] Proposal 21: [IS] Document Based NoSQL Support for WSO2 Identity Server Database

[Asantha Thilina]

Hi Johann,

first of all ,sorry for the late reply earlier i wasn't added org.json to
bundleDef now i have fixed the issue and i have added new orbit as chamila
mentioned for org.json as defined in here[1] i have added version 20160212
because version 20140107  which is already in IS causing some problems for
my userstore methods even it successfully deployed ,after adding version
20160212 solved the issue now my userstore is deploy org.json  20160212
 also to the IS during packaging and i have updated the PR[2] with the
latest modifications

[1]https://github.com/wso2/orbit/blob/master/json/3.0.0.wso2v1/pom.xml
[2]https://github.com/wso2-extensions/identity-userstore-mongodb/pull/1

thanks,
Asantha

On Fri, Aug 19, 2016 at 5:45 AM, Johann Nallathamby  wrote:

> Hi Asantha,
>
> As Chamila mentioned you need to bundle the required library in your
> feature as well, so that it is self contained, and can be installed
> independently in any carbon server.
>
> Have you added that in your PR? I couldn't see a bundleDef for org.json.
>
> Regards,
> Johann.
>
> On Fri, Aug 19, 2016 at 3:04 PM, Asantha Thilina  > wrote:
>
>> Hi all,
>>
>> First of all let me apologize for the late reply ,I have changed the
>> org.json version as chamila said and now it's working no need to add json
>> lib manually and version changed will not affected to any of my code i have
>> updated the PR[1] with latest modifications now it's need
>> mongodb-java-driver only to run the module no other extra library required
>>
>> [1]https://github.com/wso2-extensions/identity-userstore-mongodb/pull/1
>>
>> Thanks,
>> Asantha
>>
>> On Fri, Aug 19, 2016 at 1:26 AM, Chamila Wijayarathna <
>> cdwijayarat...@gmail.com> wrote:
>>
>>> Hi Asantha,
>>>
>>> If you have used any new features of org.json which is not available in
>>> that old version, I think you will have to create an orbit with new
>>> org.json version.
>>>
>>> And I think it (either new or old version) need to be packed in your
>>> feature, so it can be installed into any carbon based product.
>>>
>>> Thanks!
>>>
>>> On Fri, Aug 19, 2016 at 3:17 PM, Asantha Thilina <
>>> asanthathil...@gmail.com> wrote:
>>>
 Hi Chamila,

 ok thanks for the comment then i will change the version of my
 dependency and test it

 Thanks,
 Asantha

 On Fri, Aug 19, 2016 at 1:13 AM, Chamila Wijayarathna <
 cdwijayarat...@gmail.com> wrote:

> Hi Asantha, Tharindu,
>
> I think IS already packs json, but the version is 20140107 which comes
> from wso2 orbit bundle [1]. You are receiving the error due to version
> mismatch, because you are using  version 20160212.
>
> Can you try using existing dependency and check if your features work
> okay with that version?\\
>
> Thank You!
>
> [1]. https://github.com/wso2/orbit/blob/master/json/3.0.0.wso2v1
>
> On Fri, Aug 19, 2016 at 3:03 PM, Tharindu Edirisinghe <
> tharin...@wso2.com> wrote:
>
>> I meant shipping with the product... by packing with the product.
>>
>> Yes, it should be packed by the feature.
>>
>> I'll look more into Charon's dependency as well.
>>
>> On Fri, Aug 19, 2016 at 10:26 AM, Chamila Wijayarathna <
>> cdwijayarat...@gmail.com> wrote:
>>
>>> Hi Harsha,
>>>
>>> The license seems to be okay, isn't it? It doesn't mention anything
>>> that prevent us from using it. Also I think we use same library for json
>>> related stuff in charon as well. So it can't be an issue IMO.
>>>
>>> @Tharindu, Why we should pack this in product? Shouldn't we pack
>>> this in the feature?
>>>
>>> Thank You!
>>>
>>> On Fri, Aug 19, 2016 at 2:11 PM, Harsha Thirimanna >> > wrote:
>>>
 As in the license, there are some restrictions.

 http://www.json.org/license.html

 *Harsha Thirimanna*
 Associate Tech Lead | WSO2

 Email: hars...@wso2.com
 Mob: +94715186770
 Blog: http://harshathirimanna.blogspot.com/
 Twitter: http://twitter.com/harshathirimann
 Linked-In: linked-in: http://www.linkedin.com/pub/ha
 rsha-thirimanna/10/ab8/122
 

 On Fri, Aug 19, 2016 at 9:30 AM, Tharindu Edirisinghe <
 tharin...@wso2.com> wrote:

> Thanks Asantha.
>
> @Johann/Darshana - Would it be possible to pack org.json [1]
> dependency to the product itself ?
>
> [1] https://mvnrepository.com/artifact/org.json/json/20160212
>
> Regards,
> TharinduE
>
> On Fri, Aug 19, 2016 at 12:48 AM, Asantha Thilina <
> asanthathil...@gmail.com> wrote:
>
>> Hi Tharindu,
>>
>> As you instructed i have finished all above process and i already
>> sent a PR[1] 

Re: [Dev] Issue while doing mysql setup for ES migration

[Danesh Kuruppu]

Hi Shakila,


> Caused by: org.wso2.carbon.user.core.UserStoreException: Admin user can
> not be created in primary user store. Add-Admin has been set to false.
> Please pick a User name which is exist in the primary user store as Admin
> user
> at org.wso2.carbon.user.core.common.AbstractUserStoreManager.
> addInitialAdminData(AbstractUserStoreManager.java:3749)
> at org.wso2.carbon.user.core.jdbc.JDBCUserStoreManager.<
> init>(JDBCUserStoreManager.java:281)
> at org.wso2.carbon.user.core.jdbc.JDBCUserStoreManager.<
> init>(JDBCUserStoreManager.java:220)
> ... 27 more
>
>
Check whether you set False in user-mgt.xml. Seems
like admin user doesn't exist in your primary user store and server cannot
create the user since it is set to false.

Thanks
-- 

*Danesh Kuruppu*
Senior Software Engineer | WSO2

Email: dan...@wso2.com
Mobile: +94 (77) 1690552
Web: WSO2 Inc 
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

[Dev] APIM 2.0.0 Unable to push resources to the registry using the Java API

[Alan Tucker]

Hi,

Using the Java API to push resources to the registry of APIM 2.0.0 fails. The 
same code used against APIM 1.10.0 succeeds.

Example code to reproduce is of the sort

> public class RegClient { 
> public static void main (String args[]) throws RegistryException, 
> MalformedURLException { 
> System.out.println("Accessing Registry Resource"); 
>  
> String tenantDomain = “mytenant.com "; 
> String url = "https://localhost:9443/t/ 
> "+tenantDomain+"/registry"; 
> String userName = “ad...@mytenant.com 
> "; 
> 
> String password = “admin"; 
> 
> System.setProperty("carbon.repo.write.mode", "true"); 
>   
> 
> //Get the file which needs to be added to the registry
> File file = new File(“/home/bob/Desktop/myPayload.json"); 
> RemoteRegistry remote_registry = new RemoteRegistry(new URL(url), 
> userName, password); 
> 
> //Import the file to config registry
> RegistryClientUtils.importToRegistry(file ,"/_system/config" 
> ,remote_registry); 
>  
> //Export  from registry 
> //RegistryClientUtils.exportFromRegistry(file 
> ,"/_system/governance/SomePayload.json" ,remote_registry);
>  
> System.out.println("Done"); 
> } 
> 
> }


the call to  RegistryClientUtils.importToRegistry(file ,"/_system/config" 
,remote_registry);  will fail.

Regards,

Alan

Typical exception is:

Caused by: org.wso2.carbon.registry.core.exceptions.RegistryException: Add 
resource fail. Suggested Path: 
/_system/governance/apimgt/applicationdata/customdata/somedata, Response 
Status: 403, Response Type: CLIENT_ERROR
at 
org.wso2.carbon.registry.app.RemoteRegistry.put(RemoteRegistry.java:543)
at 
org.wso2.carbon.registry.core.utils.RegistryClientUtils.processImport(RegistryClientUtils.java:113)
at 
org.wso2.carbon.registry.core.utils.RegistryClientUtils.processImport(RegistryClientUtils.java:102)
at 
org.wso2.carbon.registry.core.utils.RegistryClientUtils.processImport(RegistryClientUtils.java:102)
at 
org.wso2.carbon.registry.core.utils.RegistryClientUtils.processImport(RegistryClientUtils.java:102)
at 
org.wso2.carbon.registry.core.utils.RegistryClientUtils.importToRegistry(RegistryClientUtils.java:65)


And in the APIM log we see typically

[2016-08-18 15:57:34,699]  WARN - JavaLogger potential cross-site request 
forgery (CSRF) attack thwarted (user:, ip:127.0.0.1, method:POST, 
uri:/registry/atom/_system/governance/apimgt/applicationdata/customdata/somedata,
 error:required token is missing from the request)



        
Alan Tucker 
Spida Solutions 
London • Bath • UK 
+44 (0)78 0308 4376 
+44 (0)12 4981 5081 
www.spidasolutions.com 

 

___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

[Dev] Issue while doing mysql setup for ES migration

[Shakila Sivagnanarajah]

 Hi all,

I am trying to setup mysql databases from the mysql queries given with ES
pack 2.1.0. I created following databases and imported the queries. When I
start the server, It throws the exception [2]. If I get dumps for these two
databases from existing connector store and import, it starts without
error. Do we need to feed values into WSO2_CARBON_DB_STORE/REG_CONTENT
table before starting the server?

I configured the master-datasources as [3].

WSO2_CARBON_DB_STORE - /dbscripts/mysql5.7.sql
WSO2SOCIAL_DB - /dbscripts/social/mysql/resource.sql

[2016-08-19 18:18:03,407] ERROR
{org.wso2.carbon.user.core.common.DefaultRealm} -  nullType class
java.lang.reflect.InvocationTargetException
org.wso2.carbon.user.core.UserStoreException: nullType class
java.lang.reflect.InvocationTargetException
at
org.wso2.carbon.user.core.common.DefaultRealm.createObjectWithOptions(DefaultRealm.java:401)
at
org.wso2.carbon.user.core.common.DefaultRealm.initializeObjects(DefaultRealm.java:222)
at
org.wso2.carbon.user.core.common.DefaultRealm.init(DefaultRealm.java:127)
at
org.wso2.carbon.user.core.common.DefaultRealmService.initializeRealm(DefaultRealmService.java:263)
at
org.wso2.carbon.user.core.common.DefaultRealmService.(DefaultRealmService.java:100)
at
org.wso2.carbon.user.core.common.DefaultRealmService.(DefaultRealmService.java:113)
at
org.wso2.carbon.user.core.internal.Activator.startDeploy(Activator.java:68)
at
org.wso2.carbon.user.core.internal.BundleCheckActivator.start(BundleCheckActivator.java:61)
at
org.eclipse.osgi.framework.internal.core.BundleContextImpl$1.run(BundleContextImpl.java:711)
at java.security.AccessController.doPrivileged(Native Method)
at
org.eclipse.osgi.framework.internal.core.BundleContextImpl.startActivator(BundleContextImpl.java:702)
at
org.eclipse.osgi.framework.internal.core.BundleContextImpl.start(BundleContextImpl.java:683)
at
org.eclipse.osgi.framework.internal.core.BundleHost.startWorker(BundleHost.java:381)
at
org.eclipse.osgi.framework.internal.core.AbstractBundle.resume(AbstractBundle.java:390)
at
org.eclipse.osgi.framework.internal.core.Framework.resumeBundle(Framework.java:1176)
at
org.eclipse.osgi.framework.internal.core.StartLevelManager.resumeBundles(StartLevelManager.java:559)
at
org.eclipse.osgi.framework.internal.core.StartLevelManager.resumeBundles(StartLevelManager.java:544)
at
org.eclipse.osgi.framework.internal.core.StartLevelManager.incFWSL(StartLevelManager.java:457)
at
org.eclipse.osgi.framework.internal.core.StartLevelManager.doSetStartLevel(StartLevelManager.java:243)
at
org.eclipse.osgi.framework.internal.core.StartLevelManager.dispatchEvent(StartLevelManager.java:438)
at
org.eclipse.osgi.framework.internal.core.StartLevelManager.dispatchEvent(StartLevelManager.java:1)
at
org.eclipse.osgi.framework.eventmgr.EventManager.dispatchEvent(EventManager.java:230)
at
org.eclipse.osgi.framework.eventmgr.EventManager$EventThread.run(EventManager.java:340)
Caused by: java.lang.reflect.InvocationTargetException
at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native
Method)
at
sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:57)
at
sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
at java.lang.reflect.Constructor.newInstance(Constructor.java:525)
at
org.wso2.carbon.user.core.common.DefaultRealm.createObjectWithOptions(DefaultRealm.java:355)
... 22 more
Caused by: org.wso2.carbon.user.core.UserStoreException: Admin user can not
be created in primary user store. Add-Admin has been set to false. Please
pick a User name which is exist in the primary user store as Admin user
at
org.wso2.carbon.user.core.common.AbstractUserStoreManager.addInitialAdminData(AbstractUserStoreManager.java:3749)
at
org.wso2.carbon.user.core.jdbc.JDBCUserStoreManager.(JDBCUserStoreManager.java:281)
at
org.wso2.carbon.user.core.jdbc.JDBCUserStoreManager.(JDBCUserStoreManager.java:220)
... 27 more
[2016-08-19 18:18:03,409] ERROR
{org.wso2.carbon.user.core.internal.Activator} -  Cannot start User Manager
Core bundle
org.wso2.carbon.user.core.UserStoreException: Cannot initialize the realm.
at
org.wso2.carbon.user.core.common.DefaultRealmService.initializeRealm(DefaultRealmService.java:273)
at
org.wso2.carbon.user.core.common.DefaultRealmService.(DefaultRealmService.java:100)
at
org.wso2.carbon.user.core.common.DefaultRealmService.(DefaultRealmService.java:113)
at
org.wso2.carbon.user.core.internal.Activator.startDeploy(Activator.java:68)
at
org.wso2.carbon.user.core.internal.BundleCheckActivator.start(BundleCheckActivator.java:61)
at

[Dev] [MB][3.2.0][Performance] Make wait strategy configurable

[Ramith Jayasinghe]

what do you think about subject?
I briefly experimented with BlockingWaitStrategy (we use this right now),
SleepingWaitStrategy, YieldingWaitStrategy

it seems,
 BlockingWaitStrategy - takes high CPU in one thread always ( in the thread
pool)
 YieldingWaitStrategy - CPU seems to be distributed across the pool. BUT
when the server is idle Disruptor eats lot of CPU doing thread.yield().
therefore not good.

SleepingWaitStrategy - CPU consumption is less. we need to check latency
introduced by thread.sleep ( over blocking wait)


regards,
-- 
Ramith Jayasinghe
Technical Lead
WSO2 Inc., http://wso2.com
lean.enterprise.middleware

E: ram...@wso2.com
P: +94 772534930
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] [Announce] [Architecture] WSO2 Dashboard Server 2.1.0-Alpha Released!

[Nisala Nanayakkara]

Hi,

Thanks for prompt reply. I will arrange a meeting to discuss this matter.

Thanks,
Nisala

On Fri, Aug 19, 2016 at 10:52 AM, Susinda Perera  wrote:

> Hi Nisala
>
> We may need to create a new repo and host these maven plugins. As an
> example esb uses maven-tooling-esb[1] and bps uses maven-tooling-bps[2] to
> maintain the maven plugins. As we already have the maven plugins i think we
> can easily build the DevStudio based tooling with using these plugins.
> Please arrange a time to discuss this.
>
> [1] - https://github.com/wso2/maven-tooling-esb
> [2] - https://github.com/wso2/maven-tooling-bps
>
>
>
> On Thu, Aug 18, 2016 at 6:45 PM, Nisala Nanayakkara 
> wrote:
>
>> Hi,
>>
>> I have implemented maven - plugins for each artifacts in WSO2 Dashboard
>> Server. So there are four maven - plugins for dashboards,gadgets,layouts
>> and themes which can be used to generate a CAR file consisting with these
>> artifacts. But we are not very much clear about where we have to maintain
>> these maven - plugins. Is it better to keep it within our carbon-dashboards
>> repository ? Or is it better to maintain these as a separate repository.
>>
>> @DevStudioTeam : Can you provide recommended way of maintaining these
>> maven-plugins ?
>>
>> Thanks,
>> Nisala
>>
>> On Mon, Aug 15, 2016 at 10:51 AM, Susinda Perera 
>> wrote:
>>
>>> Do we have tooling support for this new release, like create/edit/deploy
>>> gadgets/dashboards etc. If not shall we add this to roadmap. DevS team will
>>> be able to help on this task.
>>>
>>> Thanks
>>> Susinda
>>>
>>> On Fri, Aug 12, 2016 at 8:23 PM, Megala Uthayakumar 
>>> wrote:
>>>
 WSO2 Dashboard Server 2.1.0-Alpha Released!

 WSO2 Dashboard Server team is pleased to announce the release of WSO2
 Dashboard Server 2.1.0 Alpha. This release comes with the following bug
 fixes, improvements and tasks. You can download the distribution from [1]
 and view the documentation at [2].
 Bug

- [UES-990 ] - All the query
params get appended to the url when navigating via hierarchical menu
- [UES-1016 ] - Tenant ID is
always super tenant ID in Gadget Generation Wizard
- [UES-1018 ] - DS Console
differs from the WSO2 theme
- [UES-1022 ] - Product
version in footer is incorrect
- [UES-1023 ] - Create view
menu rendered incorrectly
- [UES-1028 ] - Creating
gadgets in third-party store - Thumbnail image does not show

 Improvement

- [UES-970 ] - Add download
functionality to gadgets listed
- [UES-995 ] - Having a
landing page for a dashboard is optional
- [UES-1003 ] - Modify the
ES extension to not allow the assets to be editable in published asset
- [UES-1010 ] - Add shindig
features to get the hostName,port and tenant domain
- [UES-1012 ] - Store the
theme level properties to dashboard.json and retrieve these theme
properties while rendering the page
- [UES-1014 ] - Add new
gadget/layout button at the end of the gadget listing and layout 
 listings
when user designs dashboard
- [UES-1015 ] - Dashboard
page loading icon for embeddable gadget feature

 Task

- [UES-1005 ] - Provide
common repository for js libraries to use in gadgets
- [UES-1006 ] - Dashboard
page loading icon to show after all gadgets are loaded
- [UES-1007 ] - Fixed the
issue in PDF download feature in firefox browser
- [UES-1008 ] - Fixing
issues in running the dashboard server with samples
- [UES-1029 ] - Create
Puppet script for Dashboard Server Auto Deployment

 Reporting Issues

 Issues can be reported through the Public JIRA
  project for WSO2 Dashboard Server.


 [1]- https://github.com/wso2/product-ds/releases/download/v2
 .1.0-alpha/wso2ds-2.1.0-SNAPSHOT.zip

 [2]- https://docs.wso2.com/display/DS210/WSO2+Dashboard+Serv
 er+Documentation


 Thanks,

 Dashboard Server Team.

 --
 Megala 

[Dev] WSO2 Process Center 1.0.0 - Alpha Released

[Waruna Jayaweera]

WSO2 Process Center 1.0.0 - Alpha Released

WSO2 Process Center (WSO2 PC) team is pleased to announce the alpha release
of its version 1.0.0.

WSO2 Process Center (WSO2 PC) forms the central component of WSO2’s BPM
platform by providing centralized storage, governance, monitoring/analytics
and improvement support for business processes. Meeting the requirements of
all users in the BPM platform, it enables process users to discover
relevant processes and initiate automated processes; domain experts to
design processes using different formats; and process owners to monitor
existing processes, analyze process history, and identify possibilities for
optimization.

Interested in playing with an alpha release? Download the latest alpha
release !

WSO2 Process Center 1.0.0 - Alpha - Download

Key Features

   - Process Designer and Explorer
   - Process Analytics
   - Support for managing executable BPMN archives
   - Process import and export
   - Process activity log
   - Associations support among processes
   - Process level permissions

Fixed Issues
This release contains following improvements ,tasks, new features and bug
fixes

WSO2 Process Center 1.0.0 - Alpha - Fixed Issues

Known Issues
Known issue for this release.

WSO2 Process Center 1.0.0 - Alpha - Known Issues

Reporting Issues

Issues, documentation errors and feature requests regarding WSO2 Process
Center can be reported through the public issue tracking system.
https://wso2.org/jira/browse/PC.
Contact usWSO2 Process Center developers can be contacted via the
Development  and Architecture  mailing
lists.
Alternatively, questions can also be raised in the stack overflow forum :
http://stackoverflow.com/questions/tagged/wso2

Thank you for your interest in WSO2 Process Center.
*-The WSO2 Process Center Team -*

-- 
Regards,

Waruna Lakshitha Jayaweera
Senior Software Engineer
WSO2 Inc; http://wso2.com
phone: +94713255198
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] [AppM] SAML response signature validation in tenants

[Johann Nallathamby]

Hi Dinusha,

On Fri, Aug 19, 2016 at 3:59 PM, Dinusha Senanayaka 
wrote:

> IMO, there should be a common SSOUtil package with all common SSO
> functions client needed, which can use in all products.
> - Request/Response signing
> - Signature validation
> - All other SAML Response related validations (audience, validity period
> etc)
>
>
This is something we noticed during the security war room we recently had
> as well. Most of the products APIM, AppM, GReg, ES, DS etc (in jagery-apps)
> have handled these validations using different methods. Some have write own
> utils, some have called *org.wso2.carbon.identity.sso.saml.util.SAMLSSOUtil
> *and so. Effort we had to put was huge and repetitive because of not
> having a common code.
>

+1. The sso.agent was intended to be used as a library. Even the carbon
dependencies are optional dependencies.

>
> For this scenario, I think using all the methods from 
> *org.wso2.carbon.identity.sso.saml.util.SAMLSSOUtil
> *is cleaner, rather using different dependencies, unless we introduce a
> clear common new module.
>

The sso.saml bundle is not written thinking to be used as a library. It has
several dependencies also. Its a server side bundle.


>
>
> Regards,
> Dinusha.
>
> On Fri, Aug 19, 2016 at 3:31 PM, Rushmin Fernando 
> wrote:
>
>> In our case we can re-use *org.wso2.carbon.webapp.mgt  *for signature
>> validation since it has implemented it with the use of the agent code.
>>
>> And we can use the agent utils (*org.wso2.carbon.identity.sso.agent) *for
>> unmarshelling the response
>>
>> But didn't see a util to marshall the requests ? Is it missing here ?
>>
>>
>> On Fri, Aug 19, 2016 at 3:24 PM, Johann Nallathamby 
>> wrote:
>>
>>>
>>>
>>> On Fri, Aug 19, 2016 at 12:26 PM, Darshana Gunawardana <
>>> darsh...@wso2.com> wrote:
>>>


 On Fri, Aug 19, 2016 at 10:25 AM, Johann Nallathamby 
 wrote:

> This is what we have the SSO agent for.
>

 SSO Agent is not carbon specific. Hence it does not have reading
 tenant's key and validating the signature.

 SSO Agent have an interface to plug carbon use cases. AS SSO valve
 reference shared above have that specific implementation. That
 implementation invoked via sso agent.

>>>
>>> +1. That should be the way to go here also.
>>>
>>>

 Thanks


> @Rushmin, did you check the SSOAgent code? This was improved recently
> also and is used in AS 6.0. The goal of the implementation was to make it 
> a
> library to be used everywhere in the platform. Can you please check on
> that? If there are any limitations we need to fix that library and try to
> use it everywhere we need it.
>
> Please check with Kernel team where to get this and use this.
>
> On Fri, Aug 19, 2016 at 9:56 AM, Ishara Karunarathna  > wrote:
>
>> Hi,
>>
>> On Fri, Aug 19, 2016 at 9:47 AM, Darshana Gunawardana <
>> darsh...@wso2.com> wrote:
>>
>>>
>>>
>>> On Thu, Aug 18, 2016 at 4:43 PM, Rushmin Fernando 
>>> wrote:
>>>

 In current App Manager the service providers of tenants are getting
 created in the super tenant space.

 We are in the process of creating the service providers in the
 relevant tenants.

 In the app manager gateway, we use SAML SSO to authenticate the
 users, and the aforementioned service providers are used.

 When it comes to validating the the SAML response signature, I can
 see that we can re-use
 *org.wso2.carbon.identity.sso.saml.util.SAMLSSOUtil::getX509CredentialImplForTenant()*

 As per the code, it uses the tenant key store to get the
 certificates. And we can get the certificate by using the tenant name 
 as
 the alias

 @IS team, do you see any issues with re-using this code in our
 gateway ?

>>>
>>> Using this util makes gateway -which is a client side(sp) component-
>>> depends on the SAML component -which is server side(idp) component-
>>>
>>> IMO, its not nice to have that dependency. Once example is, this
>>> dependency will expose you a samlsso (idp) endpoint from the gateway. 
>>> And
>>> also gateway profile would need to have saml components and makes you to
>>> have whole framework related dependencies as well.
>>>
>>> Thinking about client side (sp) components which already doing this
>>> there are two components we have in wso2 platform.
>>> 1. Carbon SAML authenticator : https://github.com/wso2-exte
>>> nsions/identity-carbon-auth-saml2
>>> 2. AS SSO valve : https://github.com/wso2/carb
>>> on-deployment/blob/4.7.x/components/webapp-mgt/org.wso2.carb
>>> 

Re: [Dev] Clarification about Entity Expansion Limit

[Prakhash Sivakumar]

[+Senduran]

On Fri, Aug 19, 2016 at 4:06 PM, Prakhash Sivakumar 
wrote:

> HI Shafreen,
>
> AFAIK we are setting entity expansion limit to 0 in code level to prevent
> this entity expansion, will that affect this configuration ?.
>
> Thanks
>
>
> On Fri, Aug 19, 2016 at 3:40 PM, Shafreen Anfar  wrote:
>
>> Hi Bhathiya,
>>
>> Well, to be honest I find it hard to understand the rational behind that
>> statement too. Entity Expansion Limit is there to prevent entity expansion
>> attack [1]. I don't think it has anything to do with clustering.
>>
>> [1] http://blog.bdoughan.com/2011/03/preventing-entity-expansion
>> -attacks-in.html
>>
>> On Thu, Aug 18, 2016 at 10:26 PM, Bhathiya Jayasekara 
>> wrote:
>>
>>> Hi ESB team,
>>>
>>> In "JVM Level Tuning" doc[1] in ESB, it says
>>>
>>> "If one or more worker nodes in a clustered deployment require access
>>> to the management console, you need to increase the entity expansion limit.
>>> "
>>>
>>> Could you please explain the rational behind this. I think we need to
>>> explain it in the doc too.
>>>
>>> [1] https://docs.wso2.com/display/ESB490/Java+Virtual+Machin
>>> e+(JVM)+Level+Tuning
>>>
>>> Thanks,
>>>
>>> --
>>> *Bhathiya Jayasekara*
>>> *Senior Software Engineer,*
>>> *WSO2 inc., http://wso2.com *
>>>
>>> *Phone: +94715478185 <%2B94715478185>*
>>> *LinkedIn: http://www.linkedin.com/in/bhathiyaj
>>> *
>>> *Twitter: https://twitter.com/bhathiyax *
>>> *Blog: http://movingaheadblog.blogspot.com
>>> *
>>>
>>
>>
>>
>> --
>> Regards,
>> *Shafreen*
>> Software Engineer
>> WSO2 Inc
>> Mobile : 077-556-395-1
>>
>> ___
>> Dev mailing list
>> Dev@wso2.org
>> http://wso2.org/cgi-bin/mailman/listinfo/dev
>>
>>
>
>
> --
> Prakhash Sivakumar
> Software Engineer | WSO2 Inc
> Platform Security Team
> Mobile : +94771510080
> Blog : https://medium.com/@PrakhashS
>



-- 
Prakhash Sivakumar
Software Engineer | WSO2 Inc
Platform Security Team
Mobile : +94771510080
Blog : https://medium.com/@PrakhashS
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] Clarification about Entity Expansion Limit

[Prakhash Sivakumar]

HI Shafreen,

AFAIK we are setting entity expansion limit to 0 in code level to prevent
this entity expansion, will that affect this configuration ?.

Thanks


On Fri, Aug 19, 2016 at 3:40 PM, Shafreen Anfar  wrote:

> Hi Bhathiya,
>
> Well, to be honest I find it hard to understand the rational behind that
> statement too. Entity Expansion Limit is there to prevent entity expansion
> attack [1]. I don't think it has anything to do with clustering.
>
> [1] http://blog.bdoughan.com/2011/03/preventing-entity-
> expansion-attacks-in.html
>
> On Thu, Aug 18, 2016 at 10:26 PM, Bhathiya Jayasekara 
> wrote:
>
>> Hi ESB team,
>>
>> In "JVM Level Tuning" doc[1] in ESB, it says
>>
>> "If one or more worker nodes in a clustered deployment require access to
>> the management console, you need to increase the entity expansion limit."
>>
>> Could you please explain the rational behind this. I think we need to
>> explain it in the doc too.
>>
>> [1] https://docs.wso2.com/display/ESB490/Java+Virtual+Machin
>> e+(JVM)+Level+Tuning
>>
>> Thanks,
>>
>> --
>> *Bhathiya Jayasekara*
>> *Senior Software Engineer,*
>> *WSO2 inc., http://wso2.com *
>>
>> *Phone: +94715478185 <%2B94715478185>*
>> *LinkedIn: http://www.linkedin.com/in/bhathiyaj
>> *
>> *Twitter: https://twitter.com/bhathiyax *
>> *Blog: http://movingaheadblog.blogspot.com
>> *
>>
>
>
>
> --
> Regards,
> *Shafreen*
> Software Engineer
> WSO2 Inc
> Mobile : 077-556-395-1
>
> ___
> Dev mailing list
> Dev@wso2.org
> http://wso2.org/cgi-bin/mailman/listinfo/dev
>
>


-- 
Prakhash Sivakumar
Software Engineer | WSO2 Inc
Platform Security Team
Mobile : +94771510080
Blog : https://medium.com/@PrakhashS
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] [AppM] SAML response signature validation in tenants

[Dinusha Senanayaka]

IMO, there should be a common SSOUtil package with all common SSO functions
client needed, which can use in all products.
- Request/Response signing
- Signature validation
- All other SAML Response related validations (audience, validity period
etc)

This is something we noticed during the security war room we recently had
as well. Most of the products APIM, AppM, GReg, ES, DS etc (in jagery-apps)
have handled these validations using different methods. Some have write own
utils, some have called *org.wso2.carbon.identity.sso.saml.util.SAMLSSOUtil
*and so. Effort we had to put was huge and repetitive because of not having
a common code.

For this scenario, I think using all the methods from
*org.wso2.carbon.identity.sso.saml.util.SAMLSSOUtil
*is cleaner, rather using different dependencies, unless we introduce a
clear common new module.

Regards,
Dinusha.

On Fri, Aug 19, 2016 at 3:31 PM, Rushmin Fernando  wrote:

> In our case we can re-use *org.wso2.carbon.webapp.mgt  *for signature
> validation since it has implemented it with the use of the agent code.
>
> And we can use the agent utils (*org.wso2.carbon.identity.sso.agent) *for
> unmarshelling the response
>
> But didn't see a util to marshall the requests ? Is it missing here ?
>
>
> On Fri, Aug 19, 2016 at 3:24 PM, Johann Nallathamby 
> wrote:
>
>>
>>
>> On Fri, Aug 19, 2016 at 12:26 PM, Darshana Gunawardana > > wrote:
>>
>>>
>>>
>>> On Fri, Aug 19, 2016 at 10:25 AM, Johann Nallathamby 
>>> wrote:
>>>
 This is what we have the SSO agent for.

>>>
>>> SSO Agent is not carbon specific. Hence it does not have reading
>>> tenant's key and validating the signature.
>>>
>>> SSO Agent have an interface to plug carbon use cases. AS SSO valve
>>> reference shared above have that specific implementation. That
>>> implementation invoked via sso agent.
>>>
>>
>> +1. That should be the way to go here also.
>>
>>
>>>
>>> Thanks
>>>
>>>
 @Rushmin, did you check the SSOAgent code? This was improved recently
 also and is used in AS 6.0. The goal of the implementation was to make it a
 library to be used everywhere in the platform. Can you please check on
 that? If there are any limitations we need to fix that library and try to
 use it everywhere we need it.

 Please check with Kernel team where to get this and use this.

 On Fri, Aug 19, 2016 at 9:56 AM, Ishara Karunarathna 
 wrote:

> Hi,
>
> On Fri, Aug 19, 2016 at 9:47 AM, Darshana Gunawardana <
> darsh...@wso2.com> wrote:
>
>>
>>
>> On Thu, Aug 18, 2016 at 4:43 PM, Rushmin Fernando 
>> wrote:
>>
>>>
>>> In current App Manager the service providers of tenants are getting
>>> created in the super tenant space.
>>>
>>> We are in the process of creating the service providers in the
>>> relevant tenants.
>>>
>>> In the app manager gateway, we use SAML SSO to authenticate the
>>> users, and the aforementioned service providers are used.
>>>
>>> When it comes to validating the the SAML response signature, I can
>>> see that we can re-use
>>> *org.wso2.carbon.identity.sso.saml.util.SAMLSSOUtil::getX509CredentialImplForTenant()*
>>>
>>> As per the code, it uses the tenant key store to get the
>>> certificates. And we can get the certificate by using the tenant name as
>>> the alias
>>>
>>> @IS team, do you see any issues with re-using this code in our
>>> gateway ?
>>>
>>
>> Using this util makes gateway -which is a client side(sp) component-
>> depends on the SAML component -which is server side(idp) component-
>>
>> IMO, its not nice to have that dependency. Once example is, this
>> dependency will expose you a samlsso (idp) endpoint from the gateway. And
>> also gateway profile would need to have saml components and makes you to
>> have whole framework related dependencies as well.
>>
>> Thinking about client side (sp) components which already doing this
>> there are two components we have in wso2 platform.
>> 1. Carbon SAML authenticator : https://github.com/wso2-exte
>> nsions/identity-carbon-auth-saml2
>> 2. AS SSO valve : https://github.com/wso2/carb
>> on-deployment/blob/4.7.x/components/webapp-mgt/org.wso2.carb
>> on.webapp.mgt/src/main/java/org/wso2/carbon/webapp/mgt/sso/S
>> AMLSignatureValidatorImpl.java
>>
>> Better to use utls from those two components, if we have such
>> methods. Most suitable component for gateway is #2, since carbon
>> authenticator don't have usage in gateway.
>>
>> I guess it's even worthy initiate separate component to handle all
>> these saml utils, given that we have isolated components across the
>> platform and we have to fix huge number of components if we identified a
>> core issue.
>>
> 

Re: [Dev] Clarification about Entity Expansion Limit

[Shafreen Anfar]

Hi Bhathiya,

Well, to be honest I find it hard to understand the rational behind that
statement too. Entity Expansion Limit is there to prevent entity expansion
attack [1]. I don't think it has anything to do with clustering.

[1]
http://blog.bdoughan.com/2011/03/preventing-entity-expansion-attacks-in.html


On Thu, Aug 18, 2016 at 10:26 PM, Bhathiya Jayasekara 
wrote:

> Hi ESB team,
>
> In "JVM Level Tuning" doc[1] in ESB, it says
>
> "If one or more worker nodes in a clustered deployment require access to
> the management console, you need to increase the entity expansion limit."
>
> Could you please explain the rational behind this. I think we need to
> explain it in the doc too.
>
> [1] https://docs.wso2.com/display/ESB490/Java+Virtual+
> Machine+(JVM)+Level+Tuning
>
> Thanks,
>
> --
> *Bhathiya Jayasekara*
> *Senior Software Engineer,*
> *WSO2 inc., http://wso2.com *
>
> *Phone: +94715478185 <%2B94715478185>*
> *LinkedIn: http://www.linkedin.com/in/bhathiyaj
> *
> *Twitter: https://twitter.com/bhathiyax *
> *Blog: http://movingaheadblog.blogspot.com
> *
>



-- 
Regards,
*Shafreen*
Software Engineer
WSO2 Inc
Mobile : 077-556-395-1
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] [AppM] SAML response signature validation in tenants

[Rushmin Fernando]

In our case we can re-use *org.wso2.carbon.webapp.mgt  *for signature
validation since it has implemented it with the use of the agent code.

And we can use the agent utils (*org.wso2.carbon.identity.sso.agent) *for
unmarshelling the response

But didn't see a util to marshall the requests ? Is it missing here ?


On Fri, Aug 19, 2016 at 3:24 PM, Johann Nallathamby  wrote:

>
>
> On Fri, Aug 19, 2016 at 12:26 PM, Darshana Gunawardana 
> wrote:
>
>>
>>
>> On Fri, Aug 19, 2016 at 10:25 AM, Johann Nallathamby 
>> wrote:
>>
>>> This is what we have the SSO agent for.
>>>
>>
>> SSO Agent is not carbon specific. Hence it does not have reading tenant's
>> key and validating the signature.
>>
>> SSO Agent have an interface to plug carbon use cases. AS SSO valve
>> reference shared above have that specific implementation. That
>> implementation invoked via sso agent.
>>
>
> +1. That should be the way to go here also.
>
>
>>
>> Thanks
>>
>>
>>> @Rushmin, did you check the SSOAgent code? This was improved recently
>>> also and is used in AS 6.0. The goal of the implementation was to make it a
>>> library to be used everywhere in the platform. Can you please check on
>>> that? If there are any limitations we need to fix that library and try to
>>> use it everywhere we need it.
>>>
>>> Please check with Kernel team where to get this and use this.
>>>
>>> On Fri, Aug 19, 2016 at 9:56 AM, Ishara Karunarathna 
>>> wrote:
>>>
 Hi,

 On Fri, Aug 19, 2016 at 9:47 AM, Darshana Gunawardana <
 darsh...@wso2.com> wrote:

>
>
> On Thu, Aug 18, 2016 at 4:43 PM, Rushmin Fernando 
> wrote:
>
>>
>> In current App Manager the service providers of tenants are getting
>> created in the super tenant space.
>>
>> We are in the process of creating the service providers in the
>> relevant tenants.
>>
>> In the app manager gateway, we use SAML SSO to authenticate the
>> users, and the aforementioned service providers are used.
>>
>> When it comes to validating the the SAML response signature, I can
>> see that we can re-use
>> *org.wso2.carbon.identity.sso.saml.util.SAMLSSOUtil::getX509CredentialImplForTenant()*
>>
>> As per the code, it uses the tenant key store to get the
>> certificates. And we can get the certificate by using the tenant name as
>> the alias
>>
>> @IS team, do you see any issues with re-using this code in our
>> gateway ?
>>
>
> Using this util makes gateway -which is a client side(sp) component-
> depends on the SAML component -which is server side(idp) component-
>
> IMO, its not nice to have that dependency. Once example is, this
> dependency will expose you a samlsso (idp) endpoint from the gateway. And
> also gateway profile would need to have saml components and makes you to
> have whole framework related dependencies as well.
>
> Thinking about client side (sp) components which already doing this
> there are two components we have in wso2 platform.
> 1. Carbon SAML authenticator : https://github.com/wso2-exte
> nsions/identity-carbon-auth-saml2
> 2. AS SSO valve : https://github.com/wso2/carb
> on-deployment/blob/4.7.x/components/webapp-mgt/org.wso2.carb
> on.webapp.mgt/src/main/java/org/wso2/carbon/webapp/mgt/sso/S
> AMLSignatureValidatorImpl.java
>
> Better to use utls from those two components, if we have such methods.
> Most suitable component for gateway is #2, since carbon authenticator 
> don't
> have usage in gateway.
>
> I guess it's even worthy initiate separate component to handle all
> these saml utils, given that we have isolated components across the
> platform and we have to fix huge number of components if we identified a
> core issue.
>
 +1 with darshans idea. And later better to have some common set of
 libraries to handle this kind of scenarios.

>
> Thanks,
>
>
>> @Amila, in a cloud story do we need to configure the key aliases for
>> each tenant or can we live with the default alias (which is the tenant
>> domain name) ?
>>
>>
>>
>> --
>> *Best Regards*
>>
>> *Rushmin Fernando*
>> *Technical Lead*
>>
>> WSO2 Inc.  - Lean . Enterprise . Middleware
>>
>> mobile : +94772891266
>>
>>
>>
>
>
> --
> Regards,
>
>
> *Darshana Gunawardana*Associate Technical Lead
> WSO2 Inc.; http://wso2.com
>
> *E-mail: darsh...@wso2.com *
> *Mobile: +94718566859 <%2B94718566859>*Lean . Enterprise . Middleware
>



 --
 Ishara Karunarathna
 Associate Technical Lead
 WSO2 Inc. - lean . enterprise . middleware |  wso2.com

 email: isha...@wso2.com,   blog: isharaaruna.blogspot.com,   

Re: [Dev] [AppM] SAML response signature validation in tenants

[Johann Nallathamby]

On Fri, Aug 19, 2016 at 12:26 PM, Darshana Gunawardana 
wrote:

>
>
> On Fri, Aug 19, 2016 at 10:25 AM, Johann Nallathamby 
> wrote:
>
>> This is what we have the SSO agent for.
>>
>
> SSO Agent is not carbon specific. Hence it does not have reading tenant's
> key and validating the signature.
>
> SSO Agent have an interface to plug carbon use cases. AS SSO valve
> reference shared above have that specific implementation. That
> implementation invoked via sso agent.
>

+1. That should be the way to go here also.


>
> Thanks
>
>
>> @Rushmin, did you check the SSOAgent code? This was improved recently
>> also and is used in AS 6.0. The goal of the implementation was to make it a
>> library to be used everywhere in the platform. Can you please check on
>> that? If there are any limitations we need to fix that library and try to
>> use it everywhere we need it.
>>
>> Please check with Kernel team where to get this and use this.
>>
>> On Fri, Aug 19, 2016 at 9:56 AM, Ishara Karunarathna 
>> wrote:
>>
>>> Hi,
>>>
>>> On Fri, Aug 19, 2016 at 9:47 AM, Darshana Gunawardana >> > wrote:
>>>


 On Thu, Aug 18, 2016 at 4:43 PM, Rushmin Fernando 
 wrote:

>
> In current App Manager the service providers of tenants are getting
> created in the super tenant space.
>
> We are in the process of creating the service providers in the
> relevant tenants.
>
> In the app manager gateway, we use SAML SSO to authenticate the users,
> and the aforementioned service providers are used.
>
> When it comes to validating the the SAML response signature, I can see
> that we can re-use
> *org.wso2.carbon.identity.sso.saml.util.SAMLSSOUtil::getX509CredentialImplForTenant()*
>
> As per the code, it uses the tenant key store to get the certificates.
> And we can get the certificate by using the tenant name as the alias
>
> @IS team, do you see any issues with re-using this code in our gateway
> ?
>

 Using this util makes gateway -which is a client side(sp) component-
 depends on the SAML component -which is server side(idp) component-

 IMO, its not nice to have that dependency. Once example is, this
 dependency will expose you a samlsso (idp) endpoint from the gateway. And
 also gateway profile would need to have saml components and makes you to
 have whole framework related dependencies as well.

 Thinking about client side (sp) components which already doing this
 there are two components we have in wso2 platform.
 1. Carbon SAML authenticator : https://github.com/wso2-exte
 nsions/identity-carbon-auth-saml2
 2. AS SSO valve : https://github.com/wso2/carb
 on-deployment/blob/4.7.x/components/webapp-mgt/org.wso2.carb
 on.webapp.mgt/src/main/java/org/wso2/carbon/webapp/mgt/sso/
 SAMLSignatureValidatorImpl.java

 Better to use utls from those two components, if we have such methods.
 Most suitable component for gateway is #2, since carbon authenticator don't
 have usage in gateway.

 I guess it's even worthy initiate separate component to handle all
 these saml utils, given that we have isolated components across the
 platform and we have to fix huge number of components if we identified a
 core issue.

>>> +1 with darshans idea. And later better to have some common set of
>>> libraries to handle this kind of scenarios.
>>>

 Thanks,


> @Amila, in a cloud story do we need to configure the key aliases for
> each tenant or can we live with the default alias (which is the tenant
> domain name) ?
>
>
>
> --
> *Best Regards*
>
> *Rushmin Fernando*
> *Technical Lead*
>
> WSO2 Inc.  - Lean . Enterprise . Middleware
>
> mobile : +94772891266
>
>
>


 --
 Regards,


 *Darshana Gunawardana*Associate Technical Lead
 WSO2 Inc.; http://wso2.com

 *E-mail: darsh...@wso2.com *
 *Mobile: +94718566859 <%2B94718566859>*Lean . Enterprise . Middleware

>>>
>>>
>>>
>>> --
>>> Ishara Karunarathna
>>> Associate Technical Lead
>>> WSO2 Inc. - lean . enterprise . middleware |  wso2.com
>>>
>>> email: isha...@wso2.com,   blog: isharaaruna.blogspot.com,   mobile:
>>> +94717996791
>>>
>>>
>>>
>>
>>
>> --
>> Thanks & Regards,
>>
>> *Johann Dilantha Nallathamby*
>> Technical Lead & Product Lead of WSO2 Identity Server
>> Governance Technologies Team
>> WSO2, Inc.
>> lean.enterprise.middleware
>>
>> Mobile - *+9476950*
>> Blog - *http://nallaa.wordpress.com *
>>
>
>
>
> --
> Regards,
>
>
> *Darshana Gunawardana*Associate Technical Lead
> WSO2 Inc.; http://wso2.com
>
> *E-mail: darsh...@wso2.com *
> *Mobile: +94718566859 <%2B94718566859>*Lean . 

Re: [Dev] [GSoC Final Evaluation] Proposal 21: [IS] Document Based NoSQL Support for WSO2 Identity Server Database

[Johann Nallathamby]

Hi Asantha,

As Chamila mentioned you need to bundle the required library in your
feature as well, so that it is self contained, and can be installed
independently in any carbon server.

Have you added that in your PR? I couldn't see a bundleDef for org.json.

Regards,
Johann.

On Fri, Aug 19, 2016 at 3:04 PM, Asantha Thilina 
wrote:

> Hi all,
>
> First of all let me apologize for the late reply ,I have changed the
> org.json version as chamila said and now it's working no need to add json
> lib manually and version changed will not affected to any of my code i have
> updated the PR[1] with latest modifications now it's need
> mongodb-java-driver only to run the module no other extra library required
>
> [1]https://github.com/wso2-extensions/identity-userstore-mongodb/pull/1
>
> Thanks,
> Asantha
>
> On Fri, Aug 19, 2016 at 1:26 AM, Chamila Wijayarathna <
> cdwijayarat...@gmail.com> wrote:
>
>> Hi Asantha,
>>
>> If you have used any new features of org.json which is not available in
>> that old version, I think you will have to create an orbit with new
>> org.json version.
>>
>> And I think it (either new or old version) need to be packed in your
>> feature, so it can be installed into any carbon based product.
>>
>> Thanks!
>>
>> On Fri, Aug 19, 2016 at 3:17 PM, Asantha Thilina <
>> asanthathil...@gmail.com> wrote:
>>
>>> Hi Chamila,
>>>
>>> ok thanks for the comment then i will change the version of my
>>> dependency and test it
>>>
>>> Thanks,
>>> Asantha
>>>
>>> On Fri, Aug 19, 2016 at 1:13 AM, Chamila Wijayarathna <
>>> cdwijayarat...@gmail.com> wrote:
>>>
 Hi Asantha, Tharindu,

 I think IS already packs json, but the version is 20140107 which comes
 from wso2 orbit bundle [1]. You are receiving the error due to version
 mismatch, because you are using  version 20160212.

 Can you try using existing dependency and check if your features work
 okay with that version?\\

 Thank You!

 [1]. https://github.com/wso2/orbit/blob/master/json/3.0.0.wso2v1

 On Fri, Aug 19, 2016 at 3:03 PM, Tharindu Edirisinghe <
 tharin...@wso2.com> wrote:

> I meant shipping with the product... by packing with the product.
>
> Yes, it should be packed by the feature.
>
> I'll look more into Charon's dependency as well.
>
> On Fri, Aug 19, 2016 at 10:26 AM, Chamila Wijayarathna <
> cdwijayarat...@gmail.com> wrote:
>
>> Hi Harsha,
>>
>> The license seems to be okay, isn't it? It doesn't mention anything
>> that prevent us from using it. Also I think we use same library for json
>> related stuff in charon as well. So it can't be an issue IMO.
>>
>> @Tharindu, Why we should pack this in product? Shouldn't we pack this
>> in the feature?
>>
>> Thank You!
>>
>> On Fri, Aug 19, 2016 at 2:11 PM, Harsha Thirimanna 
>> wrote:
>>
>>> As in the license, there are some restrictions.
>>>
>>> http://www.json.org/license.html
>>>
>>> *Harsha Thirimanna*
>>> Associate Tech Lead | WSO2
>>>
>>> Email: hars...@wso2.com
>>> Mob: +94715186770
>>> Blog: http://harshathirimanna.blogspot.com/
>>> Twitter: http://twitter.com/harshathirimann
>>> Linked-In: linked-in: http://www.linkedin.com/pub/ha
>>> rsha-thirimanna/10/ab8/122
>>> 
>>>
>>> On Fri, Aug 19, 2016 at 9:30 AM, Tharindu Edirisinghe <
>>> tharin...@wso2.com> wrote:
>>>
 Thanks Asantha.

 @Johann/Darshana - Would it be possible to pack org.json [1]
 dependency to the product itself ?

 [1] https://mvnrepository.com/artifact/org.json/json/20160212

 Regards,
 TharinduE

 On Fri, Aug 19, 2016 at 12:48 AM, Asantha Thilina <
 asanthathil...@gmail.com> wrote:

> Hi Tharindu,
>
> As you instructed i have finished all above process and i already
> sent a PR[1] to product-is with my modifications and earlier i have 
> sent a
> PR[2] to identity-userstore-mongodb
> during the deployment of the product-is i face the following issue
> In my MongoDBUserStoreManager plugin i will be using org.json[2]
> lib for query purposes so it is a dependent for my plugin to work 
> ,For the
> moment i manually added json lib to dropin folder to activate my 
> bundle
> otherwise i will get following error when i open osgi console and 
> checked
> Missing optionally imported package org.json_[20160212.0.0,2016021
> 3.0.0).
> In order to activate the bundle need to add mongo-java-driver[4]
> also to dropins folder after that it will activate successfully,
> Is there any method to ship the json lib also with my bundle when
> deploying it to IS?
> 

Re: [Dev] [GSoC Final Evaluation] Proposal 21: [IS] Document Based NoSQL Support for WSO2 Identity Server Database

[Asantha Thilina]

Hi all,

First of all let me apologize for the late reply ,I have changed the
org.json version as chamila said and now it's working no need to add json
lib manually and version changed will not affected to any of my code i have
updated the PR[1] with latest modifications now it's need
mongodb-java-driver only to run the module no other extra library required

[1]https://github.com/wso2-extensions/identity-userstore-mongodb/pull/1

Thanks,
Asantha

On Fri, Aug 19, 2016 at 1:26 AM, Chamila Wijayarathna <
cdwijayarat...@gmail.com> wrote:

> Hi Asantha,
>
> If you have used any new features of org.json which is not available in
> that old version, I think you will have to create an orbit with new
> org.json version.
>
> And I think it (either new or old version) need to be packed in your
> feature, so it can be installed into any carbon based product.
>
> Thanks!
>
> On Fri, Aug 19, 2016 at 3:17 PM, Asantha Thilina  > wrote:
>
>> Hi Chamila,
>>
>> ok thanks for the comment then i will change the version of my dependency
>> and test it
>>
>> Thanks,
>> Asantha
>>
>> On Fri, Aug 19, 2016 at 1:13 AM, Chamila Wijayarathna <
>> cdwijayarat...@gmail.com> wrote:
>>
>>> Hi Asantha, Tharindu,
>>>
>>> I think IS already packs json, but the version is 20140107 which comes
>>> from wso2 orbit bundle [1]. You are receiving the error due to version
>>> mismatch, because you are using  version 20160212.
>>>
>>> Can you try using existing dependency and check if your features work
>>> okay with that version?\\
>>>
>>> Thank You!
>>>
>>> [1]. https://github.com/wso2/orbit/blob/master/json/3.0.0.wso2v1
>>>
>>> On Fri, Aug 19, 2016 at 3:03 PM, Tharindu Edirisinghe <
>>> tharin...@wso2.com> wrote:
>>>
 I meant shipping with the product... by packing with the product.

 Yes, it should be packed by the feature.

 I'll look more into Charon's dependency as well.

 On Fri, Aug 19, 2016 at 10:26 AM, Chamila Wijayarathna <
 cdwijayarat...@gmail.com> wrote:

> Hi Harsha,
>
> The license seems to be okay, isn't it? It doesn't mention anything
> that prevent us from using it. Also I think we use same library for json
> related stuff in charon as well. So it can't be an issue IMO.
>
> @Tharindu, Why we should pack this in product? Shouldn't we pack this
> in the feature?
>
> Thank You!
>
> On Fri, Aug 19, 2016 at 2:11 PM, Harsha Thirimanna 
> wrote:
>
>> As in the license, there are some restrictions.
>>
>> http://www.json.org/license.html
>>
>> *Harsha Thirimanna*
>> Associate Tech Lead | WSO2
>>
>> Email: hars...@wso2.com
>> Mob: +94715186770
>> Blog: http://harshathirimanna.blogspot.com/
>> Twitter: http://twitter.com/harshathirimann
>> Linked-In: linked-in: http://www.linkedin.com/pub/ha
>> rsha-thirimanna/10/ab8/122
>> 
>>
>> On Fri, Aug 19, 2016 at 9:30 AM, Tharindu Edirisinghe <
>> tharin...@wso2.com> wrote:
>>
>>> Thanks Asantha.
>>>
>>> @Johann/Darshana - Would it be possible to pack org.json [1]
>>> dependency to the product itself ?
>>>
>>> [1] https://mvnrepository.com/artifact/org.json/json/20160212
>>>
>>> Regards,
>>> TharinduE
>>>
>>> On Fri, Aug 19, 2016 at 12:48 AM, Asantha Thilina <
>>> asanthathil...@gmail.com> wrote:
>>>
 Hi Tharindu,

 As you instructed i have finished all above process and i already
 sent a PR[1] to product-is with my modifications and earlier i have 
 sent a
 PR[2] to identity-userstore-mongodb
 during the deployment of the product-is i face the following issue
 In my MongoDBUserStoreManager plugin i will be using org.json[2]
 lib for query purposes so it is a dependent for my plugin to work ,For 
 the
 moment i manually added json lib to dropin folder to activate my bundle
 otherwise i will get following error when i open osgi console and 
 checked
 Missing optionally imported package org.json_[20160212.0.0,2016021
 3.0.0).
 In order to activate the bundle need to add mongo-java-driver[4]
 also to dropins folder after that it will activate successfully,
 Is there any method to ship the json lib also with my bundle when
 deploying it to IS?
 [1]https://github.com/wso2/product-is/pull/668
 [2]https://github.com/wso2-extensions/identity-userstore-mon
 godb/pull/1
 [3]https://mvnrepository.com/artifact/org.json/json/20160212
 [4]https://mvnrepository.com/artifact/org.mongodb/mongo-java
 -driver/3.2.2

 Thanks,
 Asantha



 On Thu, Aug 18, 2016 at 2:19 AM, Tharindu Edirisinghe <
 tharin...@wso2.com> wrote:

> Hi Asntha,
>
> 

Re: [Dev] [VOTE] Release WSO2 Enterprise Service Bus 5.0.0 RC4

[Senduran Balasubramaniyam]

Hi All,

Thanks for testing and verifying WSO2 Enterprise Service Bus 5.0.0 RC4. We
are closing the vote now. The vote has passed with 10 +1s and 0 -1s.
Therefore we are proceeding with  WSO2 Enterprise Service Bus 5.0.0
release.

Thanks,
- WSO2 ESB Team -

On Fri, Aug 19, 2016 at 2:45 PM, Vijitha Ekanayake 
wrote:

> Hi All,
>
> I have tested basic use cases of data mapper.
>
> [+] Stable - go ahead and release
>
> Thanks,
> Vijitha.
>
> On Fri, Aug 19, 2016 at 2:38 PM, Kevin Ratnasekera  wrote:
>
>> Hi All,
>>
>> I have tested and verified the following,
>>
>>-  Websocket transport and it s basic use cases.
>>
>> [+] Stable - go ahead and release
>>
>> Regards
>> Kevin
>>
>>
>> On Fri, Aug 19, 2016 at 1:21 PM, Rajith Vitharana 
>> wrote:
>>
>>> Hi All,
>>>
>>> Tested and verified following
>>>
>>>
>>>- Synapse VFS transport/ cluster awareness
>>>- Tooling support for proxy creation
>>>- Analytics in cluster
>>>
>>> [+] Stable - go ahead and release
>>>
>>> Thanks,
>>>
>>> On 19 August 2016 at 12:31, Nuwan Wimalasekara  wrote:
>>>
 Hi all.

 Tested and verified following


- ESB Mediation Debugging


 [+] Stable - go ahead and release.

 Thanks,
 Nuwnaw

 On Fri, Aug 19, 2016 at 12:21 PM, Prabath Ariyarathna <
 prabat...@wso2.com> wrote:

> Hi All.
>
> Tested and verified following.
>
>- File(VFS) Inbound Endpoint.
>- HTTP/HTTPS Inbound Endpoints.
>- Custom Inbound Endpoint.
>- RabbitMQ Inbound Endpoint.
>
> [+] Stable - go ahead and release.
>
> Thanks.
>
> On Fri, Aug 19, 2016 at 11:30 AM, Nadeeshaan Gunasinghe <
> nadeesh...@wso2.com> wrote:
>
>> Hi all,
>>
>> Tested the following,
>>
>>
>>- Inbound Endpoints
>>  VFS, HTTP, HTTPS, WSO2 MB, JMS
>>- JMS scenarios
>>  Message Processor, Message Store with ActiveMQ, Rabbit MQ
>>and WSO2 MB
>>- Capp Deployment through tooling
>>
>> [+] Stable - go ahead and release
>>
>> Thanks,
>>
>> *Nadeeshaan Gunasinghe*
>> Software Engineer, WSO2 Inc. http://wso2.com
>> +94770596754 | nadeesh...@wso2.com | Skype: nadeeshaan.gunasinghe
>> <#m_-289290036879051436_m_-7647258026462985625_m_-860390395190705528_m_-6069497498545935869_m_7132569658457042904_m_5569028783450022843_>
>> 
>> 
>>   
>> Get a signature like this: Click here!
>> 
>>
>> On Wed, Aug 17, 2016 at 8:13 AM, Senduran Balasubramaniyam <
>> sendu...@wso2.com> wrote:
>>
>>> Hi All,
>>>
>>> This is the 4th Release Candidate of WSO2 Enterprise Service Bus
>>> 5.0.0
>>>
>>> Please download, test the product and vote. Vote will be open for 72
>>> hours or as needed.
>>>
>>> Source and distribution
>>>
>>> Run-time: https://github.com/wso2/produc
>>> t-esb/releases/tag/v5.0.0-rc4
>>> Tooling   : https://github.com/wso2/devstu
>>> dio-tooling-esb/releases/tag/v5.0.0-rc4
>>> Analytics: https://github.com/wso2/analyt
>>> ics-esb/releases/tag/v5.0.0-rc4
>>>
>>> Please vote as follows.
>>> [+] Stable - go ahead and release
>>> [-] Broken - do not release (explain why)
>>>
>>> Thanks,
>>> - WSO2 ESB Team -
>>>
>>> --
>>> *Senduran *
>>> Senior Software Engineer,
>>> WSO2, Inc.;  http://wso2.com/ 
>>> Mobile: +94 77 952 6548
>>>
>>
>>
>> ___
>> Dev mailing list
>> Dev@wso2.org
>> http://wso2.org/cgi-bin/mailman/listinfo/dev
>>
>>
>
>
> --
>
> *Prabath Ariyarathna*
>
> *Associate Technical Lead*
>
> *WSO2, Inc. *
>
> *lean . enterprise . middleware *
>
>
> *Email: prabat...@wso2.com *
>
> *Blog: http://prabu-lk.blogspot.com *
>
> *Flicker : https://www.flickr.com/photos/47759189@N08
> *
>
> *Mobile: +94 77 699 4730 *
>
>
>
>
>
>
> ___
> Dev mailing list
> Dev@wso2.org
> http://wso2.org/cgi-bin/mailman/listinfo/dev
>
>


 --
 Nuwan Wimalasekara
 Associate Technical Lead
 WSO2, Inc.: http://wso2.com
 lean. 

Re: [Dev] [VOTE] Release WSO2 Enterprise Service Bus 5.0.0 RC4

[Vijitha Ekanayake]

Hi All,

I have tested basic use cases of data mapper.

[+] Stable - go ahead and release

Thanks,
Vijitha.

On Fri, Aug 19, 2016 at 2:38 PM, Kevin Ratnasekera  wrote:

> Hi All,
>
> I have tested and verified the following,
>
>-  Websocket transport and it s basic use cases.
>
> [+] Stable - go ahead and release
>
> Regards
> Kevin
>
>
> On Fri, Aug 19, 2016 at 1:21 PM, Rajith Vitharana 
> wrote:
>
>> Hi All,
>>
>> Tested and verified following
>>
>>
>>- Synapse VFS transport/ cluster awareness
>>- Tooling support for proxy creation
>>- Analytics in cluster
>>
>> [+] Stable - go ahead and release
>>
>> Thanks,
>>
>> On 19 August 2016 at 12:31, Nuwan Wimalasekara  wrote:
>>
>>> Hi all.
>>>
>>> Tested and verified following
>>>
>>>
>>>- ESB Mediation Debugging
>>>
>>>
>>> [+] Stable - go ahead and release.
>>>
>>> Thanks,
>>> Nuwnaw
>>>
>>> On Fri, Aug 19, 2016 at 12:21 PM, Prabath Ariyarathna <
>>> prabat...@wso2.com> wrote:
>>>
 Hi All.

 Tested and verified following.

- File(VFS) Inbound Endpoint.
- HTTP/HTTPS Inbound Endpoints.
- Custom Inbound Endpoint.
- RabbitMQ Inbound Endpoint.

 [+] Stable - go ahead and release.

 Thanks.

 On Fri, Aug 19, 2016 at 11:30 AM, Nadeeshaan Gunasinghe <
 nadeesh...@wso2.com> wrote:

> Hi all,
>
> Tested the following,
>
>
>- Inbound Endpoints
>  VFS, HTTP, HTTPS, WSO2 MB, JMS
>- JMS scenarios
>  Message Processor, Message Store with ActiveMQ, Rabbit MQ
>and WSO2 MB
>- Capp Deployment through tooling
>
> [+] Stable - go ahead and release
>
> Thanks,
>
> *Nadeeshaan Gunasinghe*
> Software Engineer, WSO2 Inc. http://wso2.com
> +94770596754 | nadeesh...@wso2.com | Skype: nadeeshaan.gunasinghe
> <#m_-7647258026462985625_m_-860390395190705528_m_-6069497498545935869_m_7132569658457042904_m_5569028783450022843_>
> 
> 
>   
> Get a signature like this: Click here!
> 
>
> On Wed, Aug 17, 2016 at 8:13 AM, Senduran Balasubramaniyam <
> sendu...@wso2.com> wrote:
>
>> Hi All,
>>
>> This is the 4th Release Candidate of WSO2 Enterprise Service Bus 5.0.0
>>
>> Please download, test the product and vote. Vote will be open for 72
>> hours or as needed.
>>
>> Source and distribution
>>
>> Run-time: https://github.com/wso2/produc
>> t-esb/releases/tag/v5.0.0-rc4
>> Tooling   : https://github.com/wso2/devstu
>> dio-tooling-esb/releases/tag/v5.0.0-rc4
>> Analytics: https://github.com/wso2/analyt
>> ics-esb/releases/tag/v5.0.0-rc4
>>
>> Please vote as follows.
>> [+] Stable - go ahead and release
>> [-] Broken - do not release (explain why)
>>
>> Thanks,
>> - WSO2 ESB Team -
>>
>> --
>> *Senduran *
>> Senior Software Engineer,
>> WSO2, Inc.;  http://wso2.com/ 
>> Mobile: +94 77 952 6548
>>
>
>
> ___
> Dev mailing list
> Dev@wso2.org
> http://wso2.org/cgi-bin/mailman/listinfo/dev
>
>


 --

 *Prabath Ariyarathna*

 *Associate Technical Lead*

 *WSO2, Inc. *

 *lean . enterprise . middleware *


 *Email: prabat...@wso2.com *

 *Blog: http://prabu-lk.blogspot.com *

 *Flicker : https://www.flickr.com/photos/47759189@N08
 *

 *Mobile: +94 77 699 4730 *






 ___
 Dev mailing list
 Dev@wso2.org
 http://wso2.org/cgi-bin/mailman/listinfo/dev


>>>
>>>
>>> --
>>> Nuwan Wimalasekara
>>> Associate Technical Lead
>>> WSO2, Inc.: http://wso2.com
>>> lean. enterprise. middleware
>>>
>>> phone: +94 71 668 4620
>>>
>>>
>>>
>>>
>>> ___
>>> Dev mailing list
>>> Dev@wso2.org
>>> http://wso2.org/cgi-bin/mailman/listinfo/dev
>>>
>>>
>>
>>
>> --
>> Rajith Vitharana
>>
>> Senior Software Engineer,
>> WSO2 Inc. : wso2.com
>> Mobile : +94715883223
>> Blog : http://lankavitharana.blogspot.com/
>> 
>>
>> ___
>> Dev mailing list
>> Dev@wso2.org
>> http://wso2.org/cgi-bin/mailman/listinfo/dev
>>
>>
>
>
> --
> 

Re: [Dev] [VOTE] Release WSO2 Enterprise Service Bus 5.0.0 RC4

[Kevin Ratnasekera]

Hi All,

I have tested and verified the following,

   -  Websocket transport and it s basic use cases.

[+] Stable - go ahead and release

Regards
Kevin


On Fri, Aug 19, 2016 at 1:21 PM, Rajith Vitharana  wrote:

> Hi All,
>
> Tested and verified following
>
>
>- Synapse VFS transport/ cluster awareness
>- Tooling support for proxy creation
>- Analytics in cluster
>
> [+] Stable - go ahead and release
>
> Thanks,
>
> On 19 August 2016 at 12:31, Nuwan Wimalasekara  wrote:
>
>> Hi all.
>>
>> Tested and verified following
>>
>>
>>- ESB Mediation Debugging
>>
>>
>> [+] Stable - go ahead and release.
>>
>> Thanks,
>> Nuwnaw
>>
>> On Fri, Aug 19, 2016 at 12:21 PM, Prabath Ariyarathna > > wrote:
>>
>>> Hi All.
>>>
>>> Tested and verified following.
>>>
>>>- File(VFS) Inbound Endpoint.
>>>- HTTP/HTTPS Inbound Endpoints.
>>>- Custom Inbound Endpoint.
>>>- RabbitMQ Inbound Endpoint.
>>>
>>> [+] Stable - go ahead and release.
>>>
>>> Thanks.
>>>
>>> On Fri, Aug 19, 2016 at 11:30 AM, Nadeeshaan Gunasinghe <
>>> nadeesh...@wso2.com> wrote:
>>>
 Hi all,

 Tested the following,


- Inbound Endpoints
  VFS, HTTP, HTTPS, WSO2 MB, JMS
- JMS scenarios
  Message Processor, Message Store with ActiveMQ, Rabbit MQ and
WSO2 MB
- Capp Deployment through tooling

 [+] Stable - go ahead and release

 Thanks,

 *Nadeeshaan Gunasinghe*
 Software Engineer, WSO2 Inc. http://wso2.com
 +94770596754 | nadeesh...@wso2.com | Skype: nadeeshaan.gunasinghe
 <#m_-860390395190705528_m_-6069497498545935869_m_7132569658457042904_m_5569028783450022843_>
 
   
   
 Get a signature like this: Click here!
 

 On Wed, Aug 17, 2016 at 8:13 AM, Senduran Balasubramaniyam <
 sendu...@wso2.com> wrote:

> Hi All,
>
> This is the 4th Release Candidate of WSO2 Enterprise Service Bus 5.0.0
>
> Please download, test the product and vote. Vote will be open for 72
> hours or as needed.
>
> Source and distribution
>
> Run-time: https://github.com/wso2/produc
> t-esb/releases/tag/v5.0.0-rc4
> Tooling   : https://github.com/wso2/devstu
> dio-tooling-esb/releases/tag/v5.0.0-rc4
> Analytics: https://github.com/wso2/analyt
> ics-esb/releases/tag/v5.0.0-rc4
>
> Please vote as follows.
> [+] Stable - go ahead and release
> [-] Broken - do not release (explain why)
>
> Thanks,
> - WSO2 ESB Team -
>
> --
> *Senduran *
> Senior Software Engineer,
> WSO2, Inc.;  http://wso2.com/ 
> Mobile: +94 77 952 6548
>


 ___
 Dev mailing list
 Dev@wso2.org
 http://wso2.org/cgi-bin/mailman/listinfo/dev


>>>
>>>
>>> --
>>>
>>> *Prabath Ariyarathna*
>>>
>>> *Associate Technical Lead*
>>>
>>> *WSO2, Inc. *
>>>
>>> *lean . enterprise . middleware *
>>>
>>>
>>> *Email: prabat...@wso2.com *
>>>
>>> *Blog: http://prabu-lk.blogspot.com *
>>>
>>> *Flicker : https://www.flickr.com/photos/47759189@N08
>>> *
>>>
>>> *Mobile: +94 77 699 4730 *
>>>
>>>
>>>
>>>
>>>
>>>
>>> ___
>>> Dev mailing list
>>> Dev@wso2.org
>>> http://wso2.org/cgi-bin/mailman/listinfo/dev
>>>
>>>
>>
>>
>> --
>> Nuwan Wimalasekara
>> Associate Technical Lead
>> WSO2, Inc.: http://wso2.com
>> lean. enterprise. middleware
>>
>> phone: +94 71 668 4620
>>
>>
>>
>>
>> ___
>> Dev mailing list
>> Dev@wso2.org
>> http://wso2.org/cgi-bin/mailman/listinfo/dev
>>
>>
>
>
> --
> Rajith Vitharana
>
> Senior Software Engineer,
> WSO2 Inc. : wso2.com
> Mobile : +94715883223
> Blog : http://lankavitharana.blogspot.com/
> 
>
> ___
> Dev mailing list
> Dev@wso2.org
> http://wso2.org/cgi-bin/mailman/listinfo/dev
>
>


-- 
*Kevin Ratnaskera*
Software Engineer
WSO2 Inc. - http://wso2.com
lean . enterprise . middleware
Mobile - +94774696950
Linkedin - https://www.linkedin.com/in/djkevincr
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] [AppM] Creating XACML Policies and Service Providers in Tenants

[Harsha Thirimanna]

On Fri, Aug 19, 2016 at 2:28 PM, Rushmin Fernando  wrote:

>
>
> On Fri, Aug 19, 2016 at 2:17 PM, Harsha Thirimanna 
> wrote:
>
>>
>> On Fri, Aug 19, 2016 at 2:11 PM, Rushmin Fernando 
>> wrote:
>>
>>>
>>> Thank you for the info Harsha :-)
>>>
>>> We have implemented an interceptor for OAuth for AppM ReST API. We can
>>> adopt the generic component you are implementing, in a future release.
>>>
>>> *The issue we currently have is* to exchange an OAuth token for an HTTP
>>> cookie. The plan is to use this cookie to invoke admin service.
>>>
>>> There is a class (an authenticator) which we can use to get a cookie
>>> from a SAML assertion.
>>>
>>
>> ​Which one you are talking about ?​
>>
>>
>
>
> [1] is the one we are using. We call this admis service method ( login() )
> with the user's SAML response and get 'set-cookie' header value of the
> service call response.
>
>
>
>>
>>> I'm looking for something similar for OAuth token --> cookie scenario.
>>>
>>> Is there a code being implemented for this ?
>>>
>> ​As I explained above, autheticators are handlers in our case and you can
>> implement it within our generic approach. ​
>>
>>
>
> Can you please share the code ?
>

​https://github.com/wso2-extensions/identity-inbound-auth-oauth
​


>
>
> [1] - https://github.com/wso2/carbon-identity/blob/
> 8cd996c1dc6d9e7c0df491322af6e9ddf1cf3709/components/carbon-
> authenticators/saml2-sso-authenticator/org.wso2.carbon.
> identity.authenticator.saml2.sso/src/main/java/org/wso2/
> carbon/identity/authenticator/saml2/sso/SAML2SSOAuthenticator.java#L84
>
>
>
>
>>
>>> On Tue, Aug 9, 2016 at 8:13 AM, Harsha Thirimanna 
>>> wrote:
>>>
 Hi All,
 Yes, We were tying to solve this problem in generic manner that can be
 used across the platform. For that, we have written a component to register
 authentication handler and the interceptors to intercept rest call. For now
 we have written Basic and OAuth token base handlers. But anyone can write
 custom handlers and register as a OSGi to use by the interceptors. As
 Interceptors , we wrote common tomcat valve and hope to write servlet
 filter and cxf filter.

 You also can intercept the request in your own place and authenticate
 the request using our generic component. It has a manager class to do the
 authentication. Handler will pick based on can handle method by handler
 manager.

 In addition, we have develop another interceptor point to do the
 authorization and it is also like same authentication component. You can
 write your own handlers, and intercept by any place. We have written an
 another valve as interceptor and authorization handler check the permission
 as configure in identity.xml as follows.

 
 >>> http-method="all">
 /permission/admin/login
 
>>> http-method="put,post">
 /permission/admin/test
 
 

 We are going to release 1.0.0 M1 with next upcoming milestone in 5.3.0.
 Your ideas welcome to improve this component in more generic manner.
 Please let us know anything related to this.





 *Harsha Thirimanna*
 Associate Tech Lead | WSO2

 Email: hars...@wso2.com
 Mob: +94715186770
 Blog: http://harshathirimanna.blogspot.com/
 Twitter: http://twitter.com/harshathirimann
 Linked-In: linked-in: http://www.linkedin.com/pub/ha
 rsha-thirimanna/10/ab8/122
 

 On Tue, Aug 9, 2016 at 4:00 AM, Farasath Ahamed 
 wrote:

> Hi Rushmin,
>
> On Mon, Aug 8, 2016 at 4:14 PM, Rushmin Fernando 
> wrote:
>
>> Thanks Ishara !
>>
>> Since our products are adopting OAuth protected ReST APIs, is there
>> an OAuth authencator being developed and planed to be developed ?
>>
>
> Harsha has worked on developing a generic component that can be used
> by OAuth protected REST APIs[1]. Adding Harsha as he can provide more
> details on this.
>
> [1] https://github.com/wso2-extensions/identity-carbon-auth-rest
>
>
>
>> Regards,
>> Rushmin
>>
>>
>>
>> On Mon, Aug 8, 2016 at 4:04 PM, Ishara Karunarathna > > wrote:
>>
>>> Hi Dinusha,
>>>
>>> In this case I think publisher user should be able to create those
>>> SP, XACML policies etc.
>>> Since publisher use is within the publisher role you can assign
>>> necessary permission to that role.
>>> Once user login (SSO) to publisher with his credential  he can get a
>>> cookie for that
>>> and he can use that  cookie to authenticate to the admin services.
>>>
>>> @Rushmin,
>>> We don't have a authenticator for OAuth token. Better to get a ID
>>> token using OIDC or after 

Re: [Dev] [AppM] Creating XACML Policies and Service Providers in Tenants

[Rushmin Fernando]

On Fri, Aug 19, 2016 at 2:17 PM, Harsha Thirimanna  wrote:

>
> On Fri, Aug 19, 2016 at 2:11 PM, Rushmin Fernando 
> wrote:
>
>>
>> Thank you for the info Harsha :-)
>>
>> We have implemented an interceptor for OAuth for AppM ReST API. We can
>> adopt the generic component you are implementing, in a future release.
>>
>> *The issue we currently have is* to exchange an OAuth token for an HTTP
>> cookie. The plan is to use this cookie to invoke admin service.
>>
>> There is a class (an authenticator) which we can use to get a cookie from
>> a SAML assertion.
>>
>
> ​Which one you are talking about ?​
>
>


[1] is the one we are using. We call this admis service method ( login() )
with the user's SAML response and get 'set-cookie' header value of the
service call response.



>
>> I'm looking for something similar for OAuth token --> cookie scenario.
>>
>> Is there a code being implemented for this ?
>>
> ​As I explained above, autheticators are handlers in our case and you can
> implement it within our generic approach. ​
>
>

Can you please share the code ?


[1] -
https://github.com/wso2/carbon-identity/blob/8cd996c1dc6d9e7c0df491322af6e9ddf1cf3709/components/carbon-authenticators/saml2-sso-authenticator/org.wso2.carbon.identity.authenticator.saml2.sso/src/main/java/org/wso2/carbon/identity/authenticator/saml2/sso/SAML2SSOAuthenticator.java#L84





>
>> On Tue, Aug 9, 2016 at 8:13 AM, Harsha Thirimanna 
>> wrote:
>>
>>> Hi All,
>>> Yes, We were tying to solve this problem in generic manner that can be
>>> used across the platform. For that, we have written a component to register
>>> authentication handler and the interceptors to intercept rest call. For now
>>> we have written Basic and OAuth token base handlers. But anyone can write
>>> custom handlers and register as a OSGi to use by the interceptors. As
>>> Interceptors , we wrote common tomcat valve and hope to write servlet
>>> filter and cxf filter.
>>>
>>> You also can intercept the request in your own place and authenticate
>>> the request using our generic component. It has a manager class to do the
>>> authentication. Handler will pick based on can handle method by handler
>>> manager.
>>>
>>> In addition, we have develop another interceptor point to do the
>>> authorization and it is also like same authentication component. You can
>>> write your own handlers, and intercept by any place. We have written an
>>> another valve as interceptor and authorization handler check the permission
>>> as configure in identity.xml as follows.
>>>
>>> 
>>> >> http-method="all">
>>> /permission/admin/login
>>> 
>>>>> http-method="put,post">
>>> /permission/admin/test
>>> 
>>> 
>>>
>>> We are going to release 1.0.0 M1 with next upcoming milestone in 5.3.0.
>>> Your ideas welcome to improve this component in more generic manner.
>>> Please let us know anything related to this.
>>>
>>>
>>>
>>>
>>>
>>> *Harsha Thirimanna*
>>> Associate Tech Lead | WSO2
>>>
>>> Email: hars...@wso2.com
>>> Mob: +94715186770
>>> Blog: http://harshathirimanna.blogspot.com/
>>> Twitter: http://twitter.com/harshathirimann
>>> Linked-In: linked-in: http://www.linkedin.com/pub/ha
>>> rsha-thirimanna/10/ab8/122
>>> 
>>>
>>> On Tue, Aug 9, 2016 at 4:00 AM, Farasath Ahamed 
>>> wrote:
>>>
 Hi Rushmin,

 On Mon, Aug 8, 2016 at 4:14 PM, Rushmin Fernando 
 wrote:

> Thanks Ishara !
>
> Since our products are adopting OAuth protected ReST APIs, is there an
> OAuth authencator being developed and planed to be developed ?
>

 Harsha has worked on developing a generic component that can be used by
 OAuth protected REST APIs[1]. Adding Harsha as he can provide more details
 on this.

 [1] https://github.com/wso2-extensions/identity-carbon-auth-rest



> Regards,
> Rushmin
>
>
>
> On Mon, Aug 8, 2016 at 4:04 PM, Ishara Karunarathna 
> wrote:
>
>> Hi Dinusha,
>>
>> In this case I think publisher user should be able to create those
>> SP, XACML policies etc.
>> Since publisher use is within the publisher role you can assign
>> necessary permission to that role.
>> Once user login (SSO) to publisher with his credential  he can get a
>> cookie for that
>> and he can use that  cookie to authenticate to the admin services.
>>
>> @Rushmin,
>> We don't have a authenticator for OAuth token. Better to get a ID
>> token using OIDC or after validating OAuth token
>> and create a carbon authenticator like saml carbon authenticator.
>>
>> Thanks,
>> Ishara
>>
>>
>>
>>
>> On Mon, Aug 8, 2016 at 3:47 PM, Rushmin Fernando 
>> wrote:
>>
>>> In addition to creating these entries from the UI, we need to 

Re: [Dev] [AppM] Creating XACML Policies and Service Providers in Tenants

[Harsha Thirimanna]

On Fri, Aug 19, 2016 at 2:11 PM, Rushmin Fernando  wrote:

>
> Thank you for the info Harsha :-)
>
> We have implemented an interceptor for OAuth for AppM ReST API. We can
> adopt the generic component you are implementing, in a future release.
>
> *The issue we currently have is* to exchange an OAuth token for an HTTP
> cookie. The plan is to use this cookie to invoke admin service.
>
> There is a class (an authenticator) which we can use to get a cookie from
> a SAML assertion.
>

​Which one you are talking about ?​


>
> I'm looking for something similar for OAuth token --> cookie scenario.
>
> Is there a code being implemented for this ?
>
​As I explained above, autheticators are handlers in our case and you can
implement it within our generic approach. ​


>
> On Tue, Aug 9, 2016 at 8:13 AM, Harsha Thirimanna 
> wrote:
>
>> Hi All,
>> Yes, We were tying to solve this problem in generic manner that can be
>> used across the platform. For that, we have written a component to register
>> authentication handler and the interceptors to intercept rest call. For now
>> we have written Basic and OAuth token base handlers. But anyone can write
>> custom handlers and register as a OSGi to use by the interceptors. As
>> Interceptors , we wrote common tomcat valve and hope to write servlet
>> filter and cxf filter.
>>
>> You also can intercept the request in your own place and authenticate the
>> request using our generic component. It has a manager class to do the
>> authentication. Handler will pick based on can handle method by handler
>> manager.
>>
>> In addition, we have develop another interceptor point to do the
>> authorization and it is also like same authentication component. You can
>> write your own handlers, and intercept by any place. We have written an
>> another valve as interceptor and authorization handler check the permission
>> as configure in identity.xml as follows.
>>
>> 
>> > http-method="all">
>> /permission/admin/login
>> 
>>> http-method="put,post">
>> /permission/admin/test
>> 
>> 
>>
>> We are going to release 1.0.0 M1 with next upcoming milestone in 5.3.0.
>> Your ideas welcome to improve this component in more generic manner.
>> Please let us know anything related to this.
>>
>>
>>
>>
>>
>> *Harsha Thirimanna*
>> Associate Tech Lead | WSO2
>>
>> Email: hars...@wso2.com
>> Mob: +94715186770
>> Blog: http://harshathirimanna.blogspot.com/
>> Twitter: http://twitter.com/harshathirimann
>> Linked-In: linked-in: http://www.linkedin.com/pub/ha
>> rsha-thirimanna/10/ab8/122
>> 
>>
>> On Tue, Aug 9, 2016 at 4:00 AM, Farasath Ahamed 
>> wrote:
>>
>>> Hi Rushmin,
>>>
>>> On Mon, Aug 8, 2016 at 4:14 PM, Rushmin Fernando 
>>> wrote:
>>>
 Thanks Ishara !

 Since our products are adopting OAuth protected ReST APIs, is there an
 OAuth authencator being developed and planed to be developed ?

>>>
>>> Harsha has worked on developing a generic component that can be used by
>>> OAuth protected REST APIs[1]. Adding Harsha as he can provide more details
>>> on this.
>>>
>>> [1] https://github.com/wso2-extensions/identity-carbon-auth-rest
>>>
>>>
>>>
 Regards,
 Rushmin



 On Mon, Aug 8, 2016 at 4:04 PM, Ishara Karunarathna 
 wrote:

> Hi Dinusha,
>
> In this case I think publisher user should be able to create those SP,
> XACML policies etc.
> Since publisher use is within the publisher role you can assign
> necessary permission to that role.
> Once user login (SSO) to publisher with his credential  he can get a
> cookie for that
> and he can use that  cookie to authenticate to the admin services.
>
> @Rushmin,
> We don't have a authenticator for OAuth token. Better to get a ID
> token using OIDC or after validating OAuth token
> and create a carbon authenticator like saml carbon authenticator.
>
> Thanks,
> Ishara
>
>
>
>
> On Mon, Aug 8, 2016 at 3:47 PM, Rushmin Fernando 
> wrote:
>
>> In addition to creating these entries from the UI, we need to create
>> the same using our ReST API as well. And the API is OAuth protected.
>>
>> Is there an authenticator which gives back a cookie for an OAuth
>> token as well ?
>>
>> On Mon, Aug 8, 2016 at 3:29 PM, Ishara Karunarathna > > wrote:
>>
>>> Hi Lahiru.
>>>
>>>
>>> Its not the admin user.User trying to do this operation should have
>>> enough permission to do this.
>>>
>>> Use
>>>
>>>
>>>
>>> *entitlement/policy/view*
>>>
>>> Add this permission to the user who is trying to view those policies.
>>>
>>>
>>> BR,
>>>
>>> Ishara
>>>
>>>
>>> On Mon, Aug 8, 2016 at 3:20 PM, Lahiru Cooray 

Re: [Dev] [MB][3.2.0][Analytics] Remove metrics view from product distribution

[Indika Sampath]

We have set default reporter to JDBC in metrics.xml with product-mb
distribution. IMO, if we are planning to remove messaging metrics page,
then no use of having JDBC reporter as well.

On Fri, Aug 19, 2016 at 2:08 PM, Ramith Jayasinghe  wrote:

> since MB v 3.0.0, it included carbon-matrices lib and there are graphs to
> show useful statistics.
> (Management Console -> Monitor -> Messaging Metrics).
>
> However, given that we are going to ship a analytics-mb distribution. Do
> we need to have this GUI/page in management console?
>
> --
> Ramith Jayasinghe
> Technical Lead
> WSO2 Inc., http://wso2.com
> lean.enterprise.middleware
>
> E: ram...@wso2.com
> P: +94 772534930
>



-- 
Indika Sampath
Senior Software Engineer
WSO2 Inc.
http://wso2.com

Phone: +94 716 424 744
Blog: http://indikasampath.blogspot.com/
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] [AppM] Creating XACML Policies and Service Providers in Tenants

[Rushmin Fernando]

Thank you for the info Harsha :-)

We have implemented an interceptor for OAuth for AppM ReST API. We can
adopt the generic component you are implementing, in a future release.

*The issue we currently have is* to exchange an OAuth token for an HTTP
cookie. The plan is to use this cookie to invoke admin service.

There is a class (an authenticator) which we can use to get a cookie from a
SAML assertion.

I'm looking for something similar for OAuth token --> cookie scenario.

Is there a code being implemented for this ?

On Tue, Aug 9, 2016 at 8:13 AM, Harsha Thirimanna  wrote:

> Hi All,
> Yes, We were tying to solve this problem in generic manner that can be
> used across the platform. For that, we have written a component to register
> authentication handler and the interceptors to intercept rest call. For now
> we have written Basic and OAuth token base handlers. But anyone can write
> custom handlers and register as a OSGi to use by the interceptors. As
> Interceptors , we wrote common tomcat valve and hope to write servlet
> filter and cxf filter.
>
> You also can intercept the request in your own place and authenticate the
> request using our generic component. It has a manager class to do the
> authentication. Handler will pick based on can handle method by handler
> manager.
>
> In addition, we have develop another interceptor point to do the
> authorization and it is also like same authentication component. You can
> write your own handlers, and intercept by any place. We have written an
> another valve as interceptor and authorization handler check the permission
> as configure in identity.xml as follows.
>
> 
>  http-method="all">
> /permission/admin/login
> 
>
> /permission/admin/test
> 
> 
>
> We are going to release 1.0.0 M1 with next upcoming milestone in 5.3.0.
> Your ideas welcome to improve this component in more generic manner.
> Please let us know anything related to this.
>
>
>
>
>
> *Harsha Thirimanna*
> Associate Tech Lead | WSO2
>
> Email: hars...@wso2.com
> Mob: +94715186770
> Blog: http://harshathirimanna.blogspot.com/
> Twitter: http://twitter.com/harshathirimann
> Linked-In: linked-in: http://www.linkedin.com/pub/ha
> rsha-thirimanna/10/ab8/122
> 
>
> On Tue, Aug 9, 2016 at 4:00 AM, Farasath Ahamed 
> wrote:
>
>> Hi Rushmin,
>>
>> On Mon, Aug 8, 2016 at 4:14 PM, Rushmin Fernando 
>> wrote:
>>
>>> Thanks Ishara !
>>>
>>> Since our products are adopting OAuth protected ReST APIs, is there an
>>> OAuth authencator being developed and planed to be developed ?
>>>
>>
>> Harsha has worked on developing a generic component that can be used by
>> OAuth protected REST APIs[1]. Adding Harsha as he can provide more details
>> on this.
>>
>> [1] https://github.com/wso2-extensions/identity-carbon-auth-rest
>>
>>
>>
>>> Regards,
>>> Rushmin
>>>
>>>
>>>
>>> On Mon, Aug 8, 2016 at 4:04 PM, Ishara Karunarathna 
>>> wrote:
>>>
 Hi Dinusha,

 In this case I think publisher user should be able to create those SP,
 XACML policies etc.
 Since publisher use is within the publisher role you can assign
 necessary permission to that role.
 Once user login (SSO) to publisher with his credential  he can get a
 cookie for that
 and he can use that  cookie to authenticate to the admin services.

 @Rushmin,
 We don't have a authenticator for OAuth token. Better to get a ID token
 using OIDC or after validating OAuth token
 and create a carbon authenticator like saml carbon authenticator.

 Thanks,
 Ishara




 On Mon, Aug 8, 2016 at 3:47 PM, Rushmin Fernando 
 wrote:

> In addition to creating these entries from the UI, we need to create
> the same using our ReST API as well. And the API is OAuth protected.
>
> Is there an authenticator which gives back a cookie for an OAuth token
> as well ?
>
> On Mon, Aug 8, 2016 at 3:29 PM, Ishara Karunarathna 
> wrote:
>
>> Hi Lahiru.
>>
>>
>> Its not the admin user.User trying to do this operation should have
>> enough permission to do this.
>>
>> Use
>>
>>
>>
>> *entitlement/policy/view*
>>
>> Add this permission to the user who is trying to view those policies.
>>
>>
>> BR,
>>
>> Ishara
>>
>>
>> On Mon, Aug 8, 2016 at 3:20 PM, Lahiru Cooray 
>> wrote:
>>
>>> + [DEV]
>>>
>>> On Mon, Aug 8, 2016 at 3:19 PM, Lahiru Cooray 
>>> wrote:
>>>
 Hi all,

 *Current behaviour:*
 Currently in AppM, when we are creating XACML policies/Service
 Providers via IS admin services, we are providing the super tenant 
 admin
 credentials (where the credentials are 

[Dev] [MB][3.2.0][Analytics] Remove metrics view from product distribution

[Ramith Jayasinghe]

since MB v 3.0.0, it included carbon-matrices lib and there are graphs to
show useful statistics.
(Management Console -> Monitor -> Messaging Metrics).

However, given that we are going to ship a analytics-mb distribution. Do we
need to have this GUI/page in management console?

-- 
Ramith Jayasinghe
Technical Lead
WSO2 Inc., http://wso2.com
lean.enterprise.middleware

E: ram...@wso2.com
P: +94 772534930
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

[Dev] [GSoC Dockerfiles] Open issues has been addressed

[Abhishek Tiwari]

Hi All,

I have addressed all the open issues (except for smoketest separation and
adding kubernetes testing). Please test and let me know if the fix that I
added addresses the concerned raised before.

Repository URL [1].

Thanks
Abhishek

[1]. https://github.com/abhishek0198/wso2dockerfiles-test-framework
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

[Dev] [IS]Use defferent keys for SAML response signing and assertion encryption

[Chamara Philips]

It is not a must to use the same public key for both SAML Response Signing
and Assertion encrypting. In the service provider metadata file,
the KeyDescriptor tag is as follows.
 
 
But currently when setting a SAML service provider, we use the same public
key of the service provider for both response signing and assertion
encryption. IMO this is a good improvement to introduce with the metadata
profile implementation.


-- 
Hareendra Chamara Philips
*Software  Engineer*
Mobile : +94 (0) 767 184161
chama...@wso2.com
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] [GSoC Dockerfiles] Added ability to run smoke tests from test framework

[Abhishek Tiwari]

Hi Thanuja,

I have added the fix to look for ERROR level rather than any error keyword.
Please test it and let me know if it fixes the issue.

The new repository URL is [1].

Thanks
Abhishek

[1]. https://github.com/abhishek0198/wso2dockerfiles-test-framework

On Thu, Aug 18, 2016 at 10:49 AM, Abhishek Tiwari <
abhishek.tiwari0...@gmail.com> wrote:

> Hi Thanuja,
>
> Thanks a lot of using the test framework and pointing out the issue. The
> check of errors in carbon log is dumb at this point. I will change it look
> for the correct logging level to find errors.
>
> Imesh,
> Sincerely appreciate code level feedback and creating issues on Github. I
> will address all these shortly.
>
> Thanks
> Abhishek
>
> On Thu, Aug 18, 2016 at 2:39 AM, Thanuja Uruththirakodeeswaran <
> thanu...@wso2.com> wrote:
>
>> Hi Abhishek,
>>
>> Great work on Dockerfiles test framework!!! I have used the test
>> framework to check the flow of building and running WSO2 BPS 3.5.1 docker
>> image. According to the framework log[1], the test fails because of an
>> error in the carbon server log. But when I check the carbon server log,
>> there were no *ERROR* logs and it has 'error' as part of a word in
>> line[2].
>>
>> For this scenario, we should not make the test to be failed. I think
>> instead of simply grepping the 'error' word as in[3], we should grep the
>> *ERROR* logs.
>>
>> [1].
>> 2016/08/18 14:20:28 main.go:151: Starting test setup up
>> 2016/08/18 14:20:28 main.go:154: Completed test setup up
>> 2016/08/18 14:20:28 main.go:106: Running tests for wso2bps, 3.5.1, using
>> puppet provisioning, under default platform.
>> 2016/08/18 14:20:28 common-utils.go:37: Starting building image...
>> 2016/08/18 14:20:57 common-utils.go:45: Successfully built docker image.
>> 2016/08/18 14:20:57 common-utils.go:85: No errors were found in docker
>> build logs
>> 2016/08/18 14:20:57 common-utils.go:58: Running image...
>> 2016/08/18 14:20:59 common-utils.go:66: Successfully ran docker image.
>> 2016/08/18 14:20:59 common-utils.go:98: No errors were found in docker
>> run logs
>> 2016/08/18 14:20:59 common-utils.go:130: Attempt: 1. Port 9763 is not
>> open in the docker container.
>> 2016/08/18 14:20:59 common-utils.go:133: Sleeping for 2 seconds
>> 2016/08/18 14:21:01 common-utils.go:130: Attempt: 2. Port 9763 is not
>> open in the docker container.
>> 2016/08/18 14:21:01 common-utils.go:133: Sleeping for 4 seconds
>> 2016/08/18 14:21:05 common-utils.go:130: Attempt: 3. Port 9763 is not
>> open in the docker container.
>> 2016/08/18 14:21:05 common-utils.go:133: Sleeping for 6 seconds
>> 2016/08/18 14:21:11 common-utils.go:130: Attempt: 4. Port 9763 is not
>> open in the docker container.
>> 2016/08/18 14:21:11 common-utils.go:133: Sleeping for 8 seconds
>> 2016/08/18 14:21:19 common-utils.go:136: Port 9763 is open in the docker
>> container.
>> 2016/08/18 14:21:19 common-utils.go:136: Port 9443 is open in the docker
>> container.
>> 2016/08/18 14:21:20 common-utils.go:153: Carbon server is up and running.
>> 2016/08/18 14:21:20 common-utils.go:166: Checking Carbon server logs for
>> any errors
>> 2016/08/18 14:21:20 docker-utils.go:105: Successfully copied carbon
>> server logs from docker container
>> 2016/08/18 14:21:20 common-utils.go:173: Errors founds in carbon server
>> logs, please check them under wso2bps3.5.1logs
>> 2016/08/18 14:21:20 main.go:146: Test completed for wso2bps, 3.5.1.
>> 2016/08/18 14:21:20 main.go:158: Starting test clean up
>> 2016/08/18 14:21:20 docker-utils.go:61: Stopping and removing docker
>> container with id: 6f28d71772e6
>> 2016/08/18 14:21:31 docker-utils.go:67: Successfully stopped and removed
>> docker container
>> 2016/08/18 14:21:31 docker-utils.go:43: Removing docker image
>> wso2bps:3.5.1
>> 2016/08/18 14:21:31 docker-utils.go:47: Successfully removed docker image
>> 2016/08/18 14:21:31 main.go:161: Completed test clean up
>>
>> [2].
>> TID: [-1234] [] [2016-08-18 08:51:15,701]  INFO
>> {org.springframework.beans.factory.support.DefaultListableBeanFactory} -
>>  Pre-instantiating singletons in org.springframework.beans.fact
>> ory.support.DefaultListableBeanFactory@38d281d4: defining beans
>> [cxf,org.apache.cxf.bus.spring.BusWiringBeanFactoryPostProce
>> ssor,org.apache.cxf.bus.spring.Jsr250BeanPostProcessor
>> ,org.apache.cxf.bus.spring.BusExtensionPostProcessor,deploym
>> entService,runtimeService,queryRuntimeService,historyService
>> ,formService,processDefinitionService,identityService,manage
>> mentService,statsService,authenticationBean,exceptionHandlerBean,error
>> HandlerBean,jacksonBean]; root of factory hierarchy
>> {org.springframework.beans.factory.support.DefaultListableBeanFactory}
>>
>> [3]. https://github.com/abhishek0198/test-framework/blob/
>> master/common/common-utils.go#L169
>>
>> Thanks.
>>
>>
>> On Fri, Aug 12, 2016 at 3:04 PM, Abhishek Tiwari <
>> abhishek.tiwari0...@gmail.com> wrote:
>>
>>> Here is the correct link:
>>>
>>> 

Re: [Dev] [VOTE] Release WSO2 Enterprise Service Bus 5.0.0 RC4

[Rajith Vitharana]

Hi All,

Tested and verified following


   - Synapse VFS transport/ cluster awareness
   - Tooling support for proxy creation
   - Analytics in cluster

[+] Stable - go ahead and release

Thanks,

On 19 August 2016 at 12:31, Nuwan Wimalasekara  wrote:

> Hi all.
>
> Tested and verified following
>
>
>- ESB Mediation Debugging
>
>
> [+] Stable - go ahead and release.
>
> Thanks,
> Nuwnaw
>
> On Fri, Aug 19, 2016 at 12:21 PM, Prabath Ariyarathna 
> wrote:
>
>> Hi All.
>>
>> Tested and verified following.
>>
>>- File(VFS) Inbound Endpoint.
>>- HTTP/HTTPS Inbound Endpoints.
>>- Custom Inbound Endpoint.
>>- RabbitMQ Inbound Endpoint.
>>
>> [+] Stable - go ahead and release.
>>
>> Thanks.
>>
>> On Fri, Aug 19, 2016 at 11:30 AM, Nadeeshaan Gunasinghe <
>> nadeesh...@wso2.com> wrote:
>>
>>> Hi all,
>>>
>>> Tested the following,
>>>
>>>
>>>- Inbound Endpoints
>>>  VFS, HTTP, HTTPS, WSO2 MB, JMS
>>>- JMS scenarios
>>>  Message Processor, Message Store with ActiveMQ, Rabbit MQ and
>>>WSO2 MB
>>>- Capp Deployment through tooling
>>>
>>> [+] Stable - go ahead and release
>>>
>>> Thanks,
>>>
>>> *Nadeeshaan Gunasinghe*
>>> Software Engineer, WSO2 Inc. http://wso2.com
>>> +94770596754 | nadeesh...@wso2.com | Skype: nadeeshaan.gunasinghe
>>> <#m_-6069497498545935869_m_7132569658457042904_m_5569028783450022843_>
>>> 
>>>   
>>> 
>>> Get a signature like this: Click here!
>>> 
>>>
>>> On Wed, Aug 17, 2016 at 8:13 AM, Senduran Balasubramaniyam <
>>> sendu...@wso2.com> wrote:
>>>
 Hi All,

 This is the 4th Release Candidate of WSO2 Enterprise Service Bus 5.0.0

 Please download, test the product and vote. Vote will be open for 72
 hours or as needed.

 Source and distribution

 Run-time: https://github.com/wso2/produc
 t-esb/releases/tag/v5.0.0-rc4
 Tooling   : https://github.com/wso2/devstu
 dio-tooling-esb/releases/tag/v5.0.0-rc4
 Analytics: https://github.com/wso2/analyt
 ics-esb/releases/tag/v5.0.0-rc4

 Please vote as follows.
 [+] Stable - go ahead and release
 [-] Broken - do not release (explain why)

 Thanks,
 - WSO2 ESB Team -

 --
 *Senduran *
 Senior Software Engineer,
 WSO2, Inc.;  http://wso2.com/ 
 Mobile: +94 77 952 6548

>>>
>>>
>>> ___
>>> Dev mailing list
>>> Dev@wso2.org
>>> http://wso2.org/cgi-bin/mailman/listinfo/dev
>>>
>>>
>>
>>
>> --
>>
>> *Prabath Ariyarathna*
>>
>> *Associate Technical Lead*
>>
>> *WSO2, Inc. *
>>
>> *lean . enterprise . middleware *
>>
>>
>> *Email: prabat...@wso2.com *
>>
>> *Blog: http://prabu-lk.blogspot.com *
>>
>> *Flicker : https://www.flickr.com/photos/47759189@N08
>> *
>>
>> *Mobile: +94 77 699 4730 *
>>
>>
>>
>>
>>
>>
>> ___
>> Dev mailing list
>> Dev@wso2.org
>> http://wso2.org/cgi-bin/mailman/listinfo/dev
>>
>>
>
>
> --
> Nuwan Wimalasekara
> Associate Technical Lead
> WSO2, Inc.: http://wso2.com
> lean. enterprise. middleware
>
> phone: +94 71 668 4620
>
>
>
>
> ___
> Dev mailing list
> Dev@wso2.org
> http://wso2.org/cgi-bin/mailman/listinfo/dev
>
>


-- 
Rajith Vitharana

Senior Software Engineer,
WSO2 Inc. : wso2.com
Mobile : +94715883223
Blog : http://lankavitharana.blogspot.com/

___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] Extensive amount of warning logs are printed once the IS520-Analytics server starts up.

[Sinthuja Ragendran]

Hi,


On Thu, Aug 18, 2016 at 10:12 PM, Tanya Madurapperuma 
wrote:

>
>
> On Thu, Aug 18, 2016 at 9:18 PM, Mohanadarshan Vivekanandalingam <
> mo...@wso2.com> wrote:
>
>>
>>
>> On Thu, Aug 18, 2016 at 3:55 PM, Tanya Madurapperuma 
>> wrote:
>>
>>> This warning is coming from shindig which is the underlying library that
>>> we used for gadget rendering and is a 3rd party library. Quick solution for
>>> this is to increase maxDepth value as mentioned in [1] by Mohan.
>>> If not we will have to analyze EhCache memory for memory consuming
>>> objects [2] [3]
>>>
>>> [1] https://wso2.org/jira/browse/ANLYIS-48
>>> [2] https://cwiki.apache.org/confluence/display/SHINDIG/Debuggin
>>> g+EhCache's+SizeOfEngine
>>> [3] https://cwiki.apache.org/confluence/display/SHINDIG/EhCache+
>>> Memory+Analysis
>>>
>>
>> @Tanya, Thanks for the response.. I think, increasing the maxDepth value
>> is not helpful all the time.. Whether you guys, explored about this more ?
>>
> AFAIK it depends on the rendered gadgets in the dashboard. Hence need to
> be explored on the particular dashboard itself.
>
>> Since it is observed in various products/cases. If this log does not
>> reflect any useful info then can, we disable that at log4j level ?
>>
> @ Sinthuja and team : WDYT? Shall we invest sometime on this?
>

I discussed sometime back regarding this with mohan, increasing the cache
size also will not be the suitable solution, because anyhow that limit also
will hit and this log will come. Also it's a harmless exception, lets
disable in the log4j.properties level.

Thanks,
Sinthuja.

>
> Thanks,
> Tanya
>
>>
>> Thanks,
>> Mohan
>>
>>
>>>
>>> Thanks,
>>> Tanya
>>>
>>> On Thu, Aug 18, 2016 at 3:40 PM, Mohanadarshan Vivekanandalingam <
>>> mo...@wso2.com> wrote:
>>>
 [Moving to DEV]

 Related UES/DS jira is [1]..

 @Sewmini, above logs are only printed once for a user (When loading a
 gadget for first time - once for each gadget)..

 [1] https://wso2.org/jira/browse/UES-658


 Thanks,
 Mohan


 On Thu, Aug 18, 2016 at 3:34 PM, Sewmini Jayaweera 
 wrote:

> Hi DS team,
>
> I observed the same issue reported in [1] in the latest Analytics pack
> given. I reopened the issue since repeatedly printed warning may mislead
> user thinking it's a critical issue eve,n though it is harmless and it
> doesn't give a good impression to the user.
>
> It would be great if we can get this fixed. If it is difficult to fix
> it in this release can we change it to an improvement and fix it later
> without having it as won't fix?
>
> [1]. https://wso2.org/jira/browse/ANLYIS-48
>
> Thank you in advance.
> Kind regards,
>
> Sewmini Jayaweera
> *Software Engineer - QA Team*
> Mobile: +94 (0) 773 381 250
> sewm...@wso2.com
>



 --
 *V. Mohanadarshan*
 *Associate Tech Lead,*
 *Data Technologies Team,*
 *WSO2, Inc. http://wso2.com  *
 *lean.enterprise.middleware.*

 email: mo...@wso2.com
 phone:(+94) 771117673

>>>
>>>
>>>
>>> --
>>> Tanya Madurapperuma
>>>
>>> Senior Software Engineer,
>>> WSO2 Inc. : wso2.com
>>> Mobile : +94718184439
>>> Blog : http://tanyamadurapperuma.blogspot.com
>>>
>>
>>
>>
>> --
>> *V. Mohanadarshan*
>> *Associate Tech Lead,*
>> *Data Technologies Team,*
>> *WSO2, Inc. http://wso2.com  *
>> *lean.enterprise.middleware.*
>>
>> email: mo...@wso2.com
>> phone:(+94) 771117673
>>
>
>
>
> --
> Tanya Madurapperuma
>
> Senior Software Engineer,
> WSO2 Inc. : wso2.com
> Mobile : +94718184439
> Blog : http://tanyamadurapperuma.blogspot.com
>



-- 
*Sinthuja Rajendran*
Technical Lead
WSO2, Inc.:http://wso2.com

Blog: http://sinthu-rajan.blogspot.com/
Mobile: +94774273955
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] [VOTE] Release WSO2 Enterprise Service Bus 5.0.0 RC4

[Viraj Rajaguru]

Hi all,

I've tested followings.

   - "ESB Solution project" creation and artifact creation (API, Proxy,
   Inbound endpoint, Sequence, Endpoint, Message Store, Message Processor,
   Task)
   - Creating CAR files with the tool and deploying to ESB server after
   adding the server as a remote server and starting inside the tool.
   - Creating CAR files with Maven.
   - Creating artifacts with Connectors and deploy.
   - Creating Class mediators with the tool and deploy.
   - Datamapper feature.
   - Mediation debugger feature.

[+] - Stable, go ahead and release.

Thanks,
Viraj.

On Fri, Aug 19, 2016 at 12:31 PM, Nuwan Wimalasekara 
wrote:

> Hi all.
>
> Tested and verified following
>
>
>- ESB Mediation Debugging
>
>
> [+] Stable - go ahead and release.
>
> Thanks,
> Nuwnaw
>
> On Fri, Aug 19, 2016 at 12:21 PM, Prabath Ariyarathna 
> wrote:
>
>> Hi All.
>>
>> Tested and verified following.
>>
>>- File(VFS) Inbound Endpoint.
>>- HTTP/HTTPS Inbound Endpoints.
>>- Custom Inbound Endpoint.
>>- RabbitMQ Inbound Endpoint.
>>
>> [+] Stable - go ahead and release.
>>
>> Thanks.
>>
>> On Fri, Aug 19, 2016 at 11:30 AM, Nadeeshaan Gunasinghe <
>> nadeesh...@wso2.com> wrote:
>>
>>> Hi all,
>>>
>>> Tested the following,
>>>
>>>
>>>- Inbound Endpoints
>>>  VFS, HTTP, HTTPS, WSO2 MB, JMS
>>>- JMS scenarios
>>>  Message Processor, Message Store with ActiveMQ, Rabbit MQ and
>>>WSO2 MB
>>>- Capp Deployment through tooling
>>>
>>> [+] Stable - go ahead and release
>>>
>>> Thanks,
>>>
>>> *Nadeeshaan Gunasinghe*
>>> Software Engineer, WSO2 Inc. http://wso2.com
>>> +94770596754 | nadeesh...@wso2.com | Skype: nadeeshaan.gunasinghe
>>> <#m_-7683677138807661042_m_7132569658457042904_m_5569028783450022843_>
>>> 
>>>   
>>> 
>>> Get a signature like this: Click here!
>>> 
>>>
>>> On Wed, Aug 17, 2016 at 8:13 AM, Senduran Balasubramaniyam <
>>> sendu...@wso2.com> wrote:
>>>
 Hi All,

 This is the 4th Release Candidate of WSO2 Enterprise Service Bus 5.0.0

 Please download, test the product and vote. Vote will be open for 72
 hours or as needed.

 Source and distribution

 Run-time: https://github.com/wso2/produc
 t-esb/releases/tag/v5.0.0-rc4
 Tooling   : https://github.com/wso2/devstu
 dio-tooling-esb/releases/tag/v5.0.0-rc4
 Analytics: https://github.com/wso2/analyt
 ics-esb/releases/tag/v5.0.0-rc4

 Please vote as follows.
 [+] Stable - go ahead and release
 [-] Broken - do not release (explain why)

 Thanks,
 - WSO2 ESB Team -

 --
 *Senduran *
 Senior Software Engineer,
 WSO2, Inc.;  http://wso2.com/ 
 Mobile: +94 77 952 6548

>>>
>>>
>>> ___
>>> Dev mailing list
>>> Dev@wso2.org
>>> http://wso2.org/cgi-bin/mailman/listinfo/dev
>>>
>>>
>>
>>
>> --
>>
>> *Prabath Ariyarathna*
>>
>> *Associate Technical Lead*
>>
>> *WSO2, Inc. *
>>
>> *lean . enterprise . middleware *
>>
>>
>> *Email: prabat...@wso2.com *
>>
>> *Blog: http://prabu-lk.blogspot.com *
>>
>> *Flicker : https://www.flickr.com/photos/47759189@N08
>> *
>>
>> *Mobile: +94 77 699 4730 *
>>
>>
>>
>>
>>
>>
>> ___
>> Dev mailing list
>> Dev@wso2.org
>> http://wso2.org/cgi-bin/mailman/listinfo/dev
>>
>>
>
>
> --
> Nuwan Wimalasekara
> Associate Technical Lead
> WSO2, Inc.: http://wso2.com
> lean. enterprise. middleware
>
> phone: +94 71 668 4620
>
>
>
>
> ___
> Dev mailing list
> Dev@wso2.org
> http://wso2.org/cgi-bin/mailman/listinfo/dev
>
>


-- 
Viraj Rajaguru
Associate Technical Lead
WSO2 Inc. : http://wso2.com

Mobile: +94 77 3683068
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

[Dev] [C5] Downgrading maven-surefire-plugin version to 2.18.1

[Chanaka Cooray]

Hi all,

I encountered a problem while running pax-exam tests in carbon-kernel with
the maven-surefire-plugin version 2.19.1 which is the current plugin
version in the carbon-parent[1]. I found the same problem in the pax exam
forum[2] and seems like it is due to timeout issue with the new version of
the plugin. So according to the forum, it says to stick with 2.18.1 until
there is a fix available. When I switched to 2.18.1 in our OSGi tests, then
everything works fine as expected. So we have to downgrade that plugin
version in carbon-parent temporarily.

Please raise your concerns, if any.

[1] https://github.com/wso2/carbon-parent/blob/master/pom.xml
[2] https://groups.google.com/forum/#!topic/ops4j/1pBcHkBihzg

Thanks,
Chanaka.

-- 
Chanaka Cooray
Software Engineer, WSO2 Inc. http://wso2.com
Email: chana...@wso2.com
Mobile: +94713149860

___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

[Dev] UnSubscribe

[S, Sumit (Sumit)]

UnSubscribe me from PDL please.
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] [VOTE] Release WSO2 Enterprise Service Bus 5.0.0 RC4

[Nuwan Wimalasekara]

Hi all.

Tested and verified following


   - ESB Mediation Debugging


[+] Stable - go ahead and release.

Thanks,
Nuwnaw

On Fri, Aug 19, 2016 at 12:21 PM, Prabath Ariyarathna 
wrote:

> Hi All.
>
> Tested and verified following.
>
>- File(VFS) Inbound Endpoint.
>- HTTP/HTTPS Inbound Endpoints.
>- Custom Inbound Endpoint.
>- RabbitMQ Inbound Endpoint.
>
> [+] Stable - go ahead and release.
>
> Thanks.
>
> On Fri, Aug 19, 2016 at 11:30 AM, Nadeeshaan Gunasinghe <
> nadeesh...@wso2.com> wrote:
>
>> Hi all,
>>
>> Tested the following,
>>
>>
>>- Inbound Endpoints
>>  VFS, HTTP, HTTPS, WSO2 MB, JMS
>>- JMS scenarios
>>  Message Processor, Message Store with ActiveMQ, Rabbit MQ and
>>WSO2 MB
>>- Capp Deployment through tooling
>>
>> [+] Stable - go ahead and release
>>
>> Thanks,
>>
>> *Nadeeshaan Gunasinghe*
>> Software Engineer, WSO2 Inc. http://wso2.com
>> +94770596754 | nadeesh...@wso2.com | Skype: nadeeshaan.gunasinghe
>> <#m_7132569658457042904_m_5569028783450022843_>
>> 
>>   
>> 
>> Get a signature like this: Click here!
>> 
>>
>> On Wed, Aug 17, 2016 at 8:13 AM, Senduran Balasubramaniyam <
>> sendu...@wso2.com> wrote:
>>
>>> Hi All,
>>>
>>> This is the 4th Release Candidate of WSO2 Enterprise Service Bus 5.0.0
>>>
>>> Please download, test the product and vote. Vote will be open for 72
>>> hours or as needed.
>>>
>>> Source and distribution
>>>
>>> Run-time: https://github.com/wso2/produc
>>> t-esb/releases/tag/v5.0.0-rc4
>>> Tooling   : https://github.com/wso2/devstu
>>> dio-tooling-esb/releases/tag/v5.0.0-rc4
>>> Analytics: https://github.com/wso2/analyt
>>> ics-esb/releases/tag/v5.0.0-rc4
>>>
>>> Please vote as follows.
>>> [+] Stable - go ahead and release
>>> [-] Broken - do not release (explain why)
>>>
>>> Thanks,
>>> - WSO2 ESB Team -
>>>
>>> --
>>> *Senduran *
>>> Senior Software Engineer,
>>> WSO2, Inc.;  http://wso2.com/ 
>>> Mobile: +94 77 952 6548
>>>
>>
>>
>> ___
>> Dev mailing list
>> Dev@wso2.org
>> http://wso2.org/cgi-bin/mailman/listinfo/dev
>>
>>
>
>
> --
>
> *Prabath Ariyarathna*
>
> *Associate Technical Lead*
>
> *WSO2, Inc. *
>
> *lean . enterprise . middleware *
>
>
> *Email: prabat...@wso2.com *
>
> *Blog: http://prabu-lk.blogspot.com *
>
> *Flicker : https://www.flickr.com/photos/47759189@N08
> *
>
> *Mobile: +94 77 699 4730 *
>
>
>
>
>
>
> ___
> Dev mailing list
> Dev@wso2.org
> http://wso2.org/cgi-bin/mailman/listinfo/dev
>
>


-- 
Nuwan Wimalasekara
Associate Technical Lead
WSO2, Inc.: http://wso2.com
lean. enterprise. middleware

phone: +94 71 668 4620
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] [AppM] SAML response signature validation in tenants

[Darshana Gunawardana]

On Fri, Aug 19, 2016 at 10:25 AM, Johann Nallathamby 
wrote:

> This is what we have the SSO agent for.
>

SSO Agent is not carbon specific. Hence it does not have reading tenant's
key and validating the signature.

SSO Agent have an interface to plug carbon use cases. AS SSO valve
reference shared above have that specific implementation. That
implementation invoked via sso agent.

Thanks


> @Rushmin, did you check the SSOAgent code? This was improved recently also
> and is used in AS 6.0. The goal of the implementation was to make it a
> library to be used everywhere in the platform. Can you please check on
> that? If there are any limitations we need to fix that library and try to
> use it everywhere we need it.
>
> Please check with Kernel team where to get this and use this.
>
> On Fri, Aug 19, 2016 at 9:56 AM, Ishara Karunarathna 
> wrote:
>
>> Hi,
>>
>> On Fri, Aug 19, 2016 at 9:47 AM, Darshana Gunawardana 
>> wrote:
>>
>>>
>>>
>>> On Thu, Aug 18, 2016 at 4:43 PM, Rushmin Fernando 
>>> wrote:
>>>

 In current App Manager the service providers of tenants are getting
 created in the super tenant space.

 We are in the process of creating the service providers in the relevant
 tenants.

 In the app manager gateway, we use SAML SSO to authenticate the users,
 and the aforementioned service providers are used.

 When it comes to validating the the SAML response signature, I can see
 that we can re-use
 *org.wso2.carbon.identity.sso.saml.util.SAMLSSOUtil::getX509CredentialImplForTenant()*

 As per the code, it uses the tenant key store to get the certificates.
 And we can get the certificate by using the tenant name as the alias

 @IS team, do you see any issues with re-using this code in our gateway ?

>>>
>>> Using this util makes gateway -which is a client side(sp) component-
>>> depends on the SAML component -which is server side(idp) component-
>>>
>>> IMO, its not nice to have that dependency. Once example is, this
>>> dependency will expose you a samlsso (idp) endpoint from the gateway. And
>>> also gateway profile would need to have saml components and makes you to
>>> have whole framework related dependencies as well.
>>>
>>> Thinking about client side (sp) components which already doing this
>>> there are two components we have in wso2 platform.
>>> 1. Carbon SAML authenticator : https://github.com/wso2-exte
>>> nsions/identity-carbon-auth-saml2
>>> 2. AS SSO valve : https://github.com/wso2/carb
>>> on-deployment/blob/4.7.x/components/webapp-mgt/org.wso2.carb
>>> on.webapp.mgt/src/main/java/org/wso2/carbon/webapp/mgt/
>>> sso/SAMLSignatureValidatorImpl.java
>>>
>>> Better to use utls from those two components, if we have such methods.
>>> Most suitable component for gateway is #2, since carbon authenticator don't
>>> have usage in gateway.
>>>
>>> I guess it's even worthy initiate separate component to handle all these
>>> saml utils, given that we have isolated components across the platform and
>>> we have to fix huge number of components if we identified a core issue.
>>>
>> +1 with darshans idea. And later better to have some common set of
>> libraries to handle this kind of scenarios.
>>
>>>
>>> Thanks,
>>>
>>>
 @Amila, in a cloud story do we need to configure the key aliases for
 each tenant or can we live with the default alias (which is the tenant
 domain name) ?



 --
 *Best Regards*

 *Rushmin Fernando*
 *Technical Lead*

 WSO2 Inc.  - Lean . Enterprise . Middleware

 mobile : +94772891266



>>>
>>>
>>> --
>>> Regards,
>>>
>>>
>>> *Darshana Gunawardana*Associate Technical Lead
>>> WSO2 Inc.; http://wso2.com
>>>
>>> *E-mail: darsh...@wso2.com *
>>> *Mobile: +94718566859 <%2B94718566859>*Lean . Enterprise . Middleware
>>>
>>
>>
>>
>> --
>> Ishara Karunarathna
>> Associate Technical Lead
>> WSO2 Inc. - lean . enterprise . middleware |  wso2.com
>>
>> email: isha...@wso2.com,   blog: isharaaruna.blogspot.com,   mobile:
>> +94717996791
>>
>>
>>
>
>
> --
> Thanks & Regards,
>
> *Johann Dilantha Nallathamby*
> Technical Lead & Product Lead of WSO2 Identity Server
> Governance Technologies Team
> WSO2, Inc.
> lean.enterprise.middleware
>
> Mobile - *+9476950*
> Blog - *http://nallaa.wordpress.com *
>



-- 
Regards,


*Darshana Gunawardana*Associate Technical Lead
WSO2 Inc.; http://wso2.com

*E-mail: darsh...@wso2.com *
*Mobile: +94718566859*Lean . Enterprise . Middleware
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] [VOTE] Release WSO2 Enterprise Service Bus 5.0.0 RC4

[Nuwan Pallewela]

Hi ,

I have tested following,

   - Data Mapper scenarios objects and arrays
   - Data Mapper scenarios with optional elements

[+] Stable - go ahead and release

Thanks,
Nuwan

On Fri, Aug 19, 2016 at 11:30 AM, Nadeeshaan Gunasinghe  wrote:

> Hi all,
>
> Tested the following,
>
>
>- Inbound Endpoints
>  VFS, HTTP, HTTPS, WSO2 MB, JMS
>- JMS scenarios
>  Message Processor, Message Store with ActiveMQ, Rabbit MQ and
>WSO2 MB
>- Capp Deployment through tooling
>
> [+] Stable - go ahead and release
>
> Thanks,
>
> *Nadeeshaan Gunasinghe*
> Software Engineer, WSO2 Inc. http://wso2.com
> +94770596754 | nadeesh...@wso2.com | Skype: nadeeshaan.gunasinghe
> <#m_-4522359693694421102_>
> 
>   
> 
> Get a signature like this: Click here!
> 
>
> On Wed, Aug 17, 2016 at 8:13 AM, Senduran Balasubramaniyam <
> sendu...@wso2.com> wrote:
>
>> Hi All,
>>
>> This is the 4th Release Candidate of WSO2 Enterprise Service Bus 5.0.0
>>
>> Please download, test the product and vote. Vote will be open for 72
>> hours or as needed.
>>
>> Source and distribution
>>
>> Run-time: https://github.com/wso2/product-esb/releases/tag/v5.0.0-rc4
>> Tooling   : https://github.com/wso2/devstu
>> dio-tooling-esb/releases/tag/v5.0.0-rc4
>> Analytics: https://github.com/wso2/analytics-esb/releases/tag/v5.0.0-
>> rc4
>>
>> Please vote as follows.
>> [+] Stable - go ahead and release
>> [-] Broken - do not release (explain why)
>>
>> Thanks,
>> - WSO2 ESB Team -
>>
>> --
>> *Senduran *
>> Senior Software Engineer,
>> WSO2, Inc.;  http://wso2.com/ 
>> Mobile: +94 77 952 6548
>>
>
>
> ___
> Dev mailing list
> Dev@wso2.org
> http://wso2.org/cgi-bin/mailman/listinfo/dev
>
>


-- 
--

*Nuwan Chamara Pallewela*


*Software Engineer*

*WSO2, Inc. *http://wso2.com
*lean . enterprise . middleware*

Email   *nuw...@wso2.com *
Mobile  *+94719079739@*
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] [VOTE] Release WSO2 Enterprise Service Bus 5.0.0 RC4

[Prabath Ariyarathna]

Hi All.

Tested and verified following.

   - File(VFS) Inbound Endpoint.
   - HTTP/HTTPS Inbound Endpoints.
   - Custom Inbound Endpoint.
   - RabbitMQ Inbound Endpoint.

[+] Stable - go ahead and release.

Thanks.

On Fri, Aug 19, 2016 at 11:30 AM, Nadeeshaan Gunasinghe  wrote:

> Hi all,
>
> Tested the following,
>
>
>- Inbound Endpoints
>  VFS, HTTP, HTTPS, WSO2 MB, JMS
>- JMS scenarios
>  Message Processor, Message Store with ActiveMQ, Rabbit MQ and
>WSO2 MB
>- Capp Deployment through tooling
>
> [+] Stable - go ahead and release
>
> Thanks,
>
> *Nadeeshaan Gunasinghe*
> Software Engineer, WSO2 Inc. http://wso2.com
> +94770596754 | nadeesh...@wso2.com | Skype: nadeeshaan.gunasinghe
> <#m_5569028783450022843_>
> 
>   
> 
> Get a signature like this: Click here!
> 
>
> On Wed, Aug 17, 2016 at 8:13 AM, Senduran Balasubramaniyam <
> sendu...@wso2.com> wrote:
>
>> Hi All,
>>
>> This is the 4th Release Candidate of WSO2 Enterprise Service Bus 5.0.0
>>
>> Please download, test the product and vote. Vote will be open for 72
>> hours or as needed.
>>
>> Source and distribution
>>
>> Run-time: https://github.com/wso2/product-esb/releases/tag/v5.0.0-rc4
>> Tooling   : https://github.com/wso2/devstu
>> dio-tooling-esb/releases/tag/v5.0.0-rc4
>> Analytics: https://github.com/wso2/analytics-esb/releases/tag/v5.0.0-
>> rc4
>>
>> Please vote as follows.
>> [+] Stable - go ahead and release
>> [-] Broken - do not release (explain why)
>>
>> Thanks,
>> - WSO2 ESB Team -
>>
>> --
>> *Senduran *
>> Senior Software Engineer,
>> WSO2, Inc.;  http://wso2.com/ 
>> Mobile: +94 77 952 6548
>>
>
>
> ___
> Dev mailing list
> Dev@wso2.org
> http://wso2.org/cgi-bin/mailman/listinfo/dev
>
>


-- 

*Prabath Ariyarathna*

*Associate Technical Lead*

*WSO2, Inc. *

*lean . enterprise . middleware *


*Email: prabat...@wso2.com *

*Blog: http://prabu-lk.blogspot.com *

*Flicker : https://www.flickr.com/photos/47759189@N08
*

*Mobile: +94 77 699 4730 *
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] Preserving URL parameters across different pages in a dashboard

[Kalpa Welivitigoda]

Thanks all for the input. I will try the gadget state API approach and will
update.

On Fri, Aug 19, 2016 at 11:52 AM, Lasantha Samarakoon 
wrote:

> Hi Kalpa,
>
> ​You can use the gadget state API to store the date picker state in the
> URL hash. This has been implemented in order to facilitate dashboard
> sharing (i.e. A person can drill down into some level and share it, so the
> others can directly see that level instead of drilling down again.)
>
> But I am not sure regarding you can maintain the URL hash while moving to
> another page via the dashboard menu.  If it is not, then it'll be a kind of
> improvement which we need to provide :)
>
>
> Regards,
>
> *Lasantha Samarakoon* | Software Engineer
> WSO2, Inc.
> #20, Palm Grove, Colombo 03, Sri Lanka
> Mobile: +94 (71) 214 1576
> Email:  lasant...@wso2.com
> Web:www.wso2.com
>
> lean . enterprise . middleware
>
> On Fri, Aug 19, 2016 at 10:07 AM, Tanya Madurapperuma 
> wrote:
>
>> Can't you use the gadget state api to achieve your requirement? Please
>> refer to gadget-state.zip at [1] for reference.
>>
>> [1] https://github.com/wso2/product-ds/blob/master/modules/
>> integration/tests-ui-integration/tests-ui/src/test/resources/gadgets
>>
>> Thanks,
>> Tanya
>>
>> On Fri, Aug 19, 2016 at 8:56 AM, Megala Uthayakumar 
>> wrote:
>>
>>> Hi Kalpa,
>>>
>>> I hope you are using carbon-dashboards  v2.0.0 [1] . In that version,
>>> when rendering the pages in view mode, we are manually appending all the
>>> query parameters from landing page[2] to other pages as well, because of
>>> that only you were able to get the same query parameters in other pages as
>>> well after reloading. But with the v2.0.1, we have already removed
>>> appending all the query parameters manually. So even that will not work in
>>> future versions. Is it possible to achieve this without appending the
>>> parameters to URL itself?
>>>
>>> [1] https://github.com/wso2/analytics-http/blob/master/pom.xml#L486
>>> [2] https://github.com/wso2/carbon-dashboards/blob/v2.0.0/ap
>>> ps/portal/theme/templates/dashboard.jag#L29
>>>
>>> On Thu, Aug 18, 2016 at 5:34 PM, Kalpa Welivitigoda 
>>> wrote:
>>>
 Hi dev,

 I am working on http analytics dashboard, there we have a date time
 picker gadget. Once a date time range is selected, the gadget publishes
 those information to a topic so that other gadgets in the same page can
 update accordingly.

 I have several pages, I am trying to preserve the date time selection
 from one page to another.

 The approach I am trying is to update the url parameters (start_time
 and end_time) when a date time selection is made. I am using
 *window.parent.history.**pushState* for this purpose. This works fine.
 But when I navigate to another page, these URL parameters are lost. If I
 set the URL parameters and reload the page, they are preserved in the other
 pages as well. I am looking for a way to accomplish this without reloading
 the page.

 Have we come across a similar requirement before?


 --
 Best Regards,

 Kalpa Welivitigoda
 Senior Software Engineer, WSO2 Inc. http://wso2.com
 Email: kal...@wso2.com
 Mobile: +94776509215

 [image: http://wso2.com/signature] 

 ___
 Dev mailing list
 Dev@wso2.org
 http://wso2.org/cgi-bin/mailman/listinfo/dev


>>>
>>>
>>> --
>>> Megala Uthayakumar
>>>
>>> Software Engineer
>>> Mobile : 0779967122
>>>
>>
>>
>>
>> --
>> Tanya Madurapperuma
>>
>> Senior Software Engineer,
>> WSO2 Inc. : wso2.com
>> Mobile : +94718184439
>> Blog : http://tanyamadurapperuma.blogspot.com
>>
>> ___
>> Dev mailing list
>> Dev@wso2.org
>> http://wso2.org/cgi-bin/mailman/listinfo/dev
>>
>>
>
> ___
> Dev mailing list
> Dev@wso2.org
> http://wso2.org/cgi-bin/mailman/listinfo/dev
>
>


-- 
Best Regards,

Kalpa Welivitigoda
Senior Software Engineer, WSO2 Inc. http://wso2.com
Email: kal...@wso2.com
Mobile: +94776509215

[image: http://wso2.com/signature] 
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] [AppM] SAML response signature validation in tenants

[Rushmin Fernando]

Thanks for the feedback.

+1 for not-using an IDP side component.

I quickly went through the *org.wso2.carbon.identity.sso.agent* code and
the *org.wso2.carbon.webapp.mgt code*

Following are the tasks we are currently getting done using
*org.wso2.carbon.identity.sso.saml.util.SAMLSSOUtil*

1) Marshalling the SAML requests
2) Unmarshalling the SAML responses
3) Validating the response signature

I could see the methods to achieve #2 and #3 using the suggested SP side
components. But couldn't find a uitl method for #1.

Do we have a util method for #1 ?



On Fri, Aug 19, 2016 at 10:25 AM, Johann Nallathamby 
wrote:

> This is what we have the SSO agent for.
>
> @Rushmin, did you check the SSOAgent code? This was improved recently also
> and is used in AS 6.0. The goal of the implementation was to make it a
> library to be used everywhere in the platform. Can you please check on
> that? If there are any limitations we need to fix that library and try to
> use it everywhere we need it.
>
> Please check with Kernel team where to get this and use this.
>
> On Fri, Aug 19, 2016 at 9:56 AM, Ishara Karunarathna 
> wrote:
>
>> Hi,
>>
>> On Fri, Aug 19, 2016 at 9:47 AM, Darshana Gunawardana 
>> wrote:
>>
>>>
>>>
>>> On Thu, Aug 18, 2016 at 4:43 PM, Rushmin Fernando 
>>> wrote:
>>>

 In current App Manager the service providers of tenants are getting
 created in the super tenant space.

 We are in the process of creating the service providers in the relevant
 tenants.

 In the app manager gateway, we use SAML SSO to authenticate the users,
 and the aforementioned service providers are used.

 When it comes to validating the the SAML response signature, I can see
 that we can re-use
 *org.wso2.carbon.identity.sso.saml.util.SAMLSSOUtil::getX509CredentialImplForTenant()*

 As per the code, it uses the tenant key store to get the certificates.
 And we can get the certificate by using the tenant name as the alias

 @IS team, do you see any issues with re-using this code in our gateway ?

>>>
>>> Using this util makes gateway -which is a client side(sp) component-
>>> depends on the SAML component -which is server side(idp) component-
>>>
>>> IMO, its not nice to have that dependency. Once example is, this
>>> dependency will expose you a samlsso (idp) endpoint from the gateway. And
>>> also gateway profile would need to have saml components and makes you to
>>> have whole framework related dependencies as well.
>>>
>>> Thinking about client side (sp) components which already doing this
>>> there are two components we have in wso2 platform.
>>> 1. Carbon SAML authenticator : https://github.com/wso2-exte
>>> nsions/identity-carbon-auth-saml2
>>> 2. AS SSO valve : https://github.com/wso2/carb
>>> on-deployment/blob/4.7.x/components/webapp-mgt/org.wso2.carb
>>> on.webapp.mgt/src/main/java/org/wso2/carbon/webapp/mgt/
>>> sso/SAMLSignatureValidatorImpl.java
>>>
>>> Better to use utls from those two components, if we have such methods.
>>> Most suitable component for gateway is #2, since carbon authenticator don't
>>> have usage in gateway.
>>>
>>> I guess it's even worthy initiate separate component to handle all these
>>> saml utils, given that we have isolated components across the platform and
>>> we have to fix huge number of components if we identified a core issue.
>>>
>> +1 with darshans idea. And later better to have some common set of
>> libraries to handle this kind of scenarios.
>>
>>>
>>> Thanks,
>>>
>>>
 @Amila, in a cloud story do we need to configure the key aliases for
 each tenant or can we live with the default alias (which is the tenant
 domain name) ?



 --
 *Best Regards*

 *Rushmin Fernando*
 *Technical Lead*

 WSO2 Inc.  - Lean . Enterprise . Middleware

 mobile : +94772891266



>>>
>>>
>>> --
>>> Regards,
>>>
>>>
>>> *Darshana Gunawardana*Associate Technical Lead
>>> WSO2 Inc.; http://wso2.com
>>>
>>> *E-mail: darsh...@wso2.com *
>>> *Mobile: +94718566859 <%2B94718566859>*Lean . Enterprise . Middleware
>>>
>>
>>
>>
>> --
>> Ishara Karunarathna
>> Associate Technical Lead
>> WSO2 Inc. - lean . enterprise . middleware |  wso2.com
>>
>> email: isha...@wso2.com,   blog: isharaaruna.blogspot.com,   mobile:
>> +94717996791
>>
>>
>>
>
>
> --
> Thanks & Regards,
>
> *Johann Dilantha Nallathamby*
> Technical Lead & Product Lead of WSO2 Identity Server
> Governance Technologies Team
> WSO2, Inc.
> lean.enterprise.middleware
>
> Mobile - *+9476950*
> Blog - *http://nallaa.wordpress.com *
>



-- 
*Best Regards*

*Rushmin Fernando*
*Technical Lead*

WSO2 Inc.  - Lean . Enterprise . Middleware

mobile : +94772891266
___
Dev mailing list
Dev@wso2.org

Re: [Dev] Preserving URL parameters across different pages in a dashboard

[Lasantha Samarakoon]

Hi Kalpa,

​You can use the gadget state API to store the date picker state in the URL
hash. This has been implemented in order to facilitate dashboard sharing
(i.e. A person can drill down into some level and share it, so the others
can directly see that level instead of drilling down again.)

But I am not sure regarding you can maintain the URL hash while moving to
another page via the dashboard menu.  If it is not, then it'll be a kind of
improvement which we need to provide :)


Regards,

*Lasantha Samarakoon* | Software Engineer
WSO2, Inc.
#20, Palm Grove, Colombo 03, Sri Lanka
Mobile: +94 (71) 214 1576
Email:  lasant...@wso2.com
Web:www.wso2.com

lean . enterprise . middleware

On Fri, Aug 19, 2016 at 10:07 AM, Tanya Madurapperuma 
wrote:

> Can't you use the gadget state api to achieve your requirement? Please
> refer to gadget-state.zip at [1] for reference.
>
> [1] https://github.com/wso2/product-ds/blob/master/
> modules/integration/tests-ui-integration/tests-ui/src/test/
> resources/gadgets
>
> Thanks,
> Tanya
>
> On Fri, Aug 19, 2016 at 8:56 AM, Megala Uthayakumar 
> wrote:
>
>> Hi Kalpa,
>>
>> I hope you are using carbon-dashboards  v2.0.0 [1] . In that version,
>> when rendering the pages in view mode, we are manually appending all the
>> query parameters from landing page[2] to other pages as well, because of
>> that only you were able to get the same query parameters in other pages as
>> well after reloading. But with the v2.0.1, we have already removed
>> appending all the query parameters manually. So even that will not work in
>> future versions. Is it possible to achieve this without appending the
>> parameters to URL itself?
>>
>> [1] https://github.com/wso2/analytics-http/blob/master/pom.xml#L486
>> [2] https://github.com/wso2/carbon-dashboards/blob/v2.0.0/ap
>> ps/portal/theme/templates/dashboard.jag#L29
>>
>> On Thu, Aug 18, 2016 at 5:34 PM, Kalpa Welivitigoda 
>> wrote:
>>
>>> Hi dev,
>>>
>>> I am working on http analytics dashboard, there we have a date time
>>> picker gadget. Once a date time range is selected, the gadget publishes
>>> those information to a topic so that other gadgets in the same page can
>>> update accordingly.
>>>
>>> I have several pages, I am trying to preserve the date time selection
>>> from one page to another.
>>>
>>> The approach I am trying is to update the url parameters (start_time and
>>> end_time) when a date time selection is made. I am using
>>> *window.parent.history.**pushState* for this purpose. This works fine.
>>> But when I navigate to another page, these URL parameters are lost. If I
>>> set the URL parameters and reload the page, they are preserved in the other
>>> pages as well. I am looking for a way to accomplish this without reloading
>>> the page.
>>>
>>> Have we come across a similar requirement before?
>>>
>>>
>>> --
>>> Best Regards,
>>>
>>> Kalpa Welivitigoda
>>> Senior Software Engineer, WSO2 Inc. http://wso2.com
>>> Email: kal...@wso2.com
>>> Mobile: +94776509215
>>>
>>> [image: http://wso2.com/signature] 
>>>
>>> ___
>>> Dev mailing list
>>> Dev@wso2.org
>>> http://wso2.org/cgi-bin/mailman/listinfo/dev
>>>
>>>
>>
>>
>> --
>> Megala Uthayakumar
>>
>> Software Engineer
>> Mobile : 0779967122
>>
>
>
>
> --
> Tanya Madurapperuma
>
> Senior Software Engineer,
> WSO2 Inc. : wso2.com
> Mobile : +94718184439
> Blog : http://tanyamadurapperuma.blogspot.com
>
> ___
> Dev mailing list
> Dev@wso2.org
> http://wso2.org/cgi-bin/mailman/listinfo/dev
>
>
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] [VOTE] Release WSO2 Enterprise Service Bus 5.0.0 RC4

[Nadeeshaan Gunasinghe]

Hi all,

Tested the following,


   - Inbound Endpoints
 VFS, HTTP, HTTPS, WSO2 MB, JMS
   - JMS scenarios
 Message Processor, Message Store with ActiveMQ, Rabbit MQ and WSO2
   MB
   - Capp Deployment through tooling

[+] Stable - go ahead and release

Thanks,

*Nadeeshaan Gunasinghe*
Software Engineer, WSO2 Inc. http://wso2.com
+94770596754 | nadeesh...@wso2.com | Skype: nadeeshaan.gunasinghe <#>

  

Get a signature like this: Click here!


On Wed, Aug 17, 2016 at 8:13 AM, Senduran Balasubramaniyam <
sendu...@wso2.com> wrote:

> Hi All,
>
> This is the 4th Release Candidate of WSO2 Enterprise Service Bus 5.0.0
>
> Please download, test the product and vote. Vote will be open for 72 hours
> or as needed.
>
> Source and distribution
>
> Run-time: https://github.com/wso2/product-esb/releases/tag/v5.0.0-rc4
> Tooling   : https://github.com/wso2/devstudio-tooling-esb/
> releases/tag/v5.0.0-rc4
> Analytics: https://github.com/wso2/analytics-esb/releases/tag/v5.
> 0.0-rc4
>
> Please vote as follows.
> [+] Stable - go ahead and release
> [-] Broken - do not release (explain why)
>
> Thanks,
> - WSO2 ESB Team -
>
> --
> *Senduran *
> Senior Software Engineer,
> WSO2, Inc.;  http://wso2.com/ 
> Mobile: +94 77 952 6548
>
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev