Re: [Dev] Current time is not picked by XACML engine

2016-10-30 Thread Farasath Ahamed 
Farasath Ahamed
Software Engineer, WSO2 Inc.; http://wso2.com
Mobile: +94777603866
Blog: blog.farazath.com
Twitter: @farazath619 




On Mon, Oct 31, 2016 at 9:36 AM, Asela Pathberiya  wrote:

>
>
> On Sun, Oct 30, 2016 at 8:07 PM, Pulasthi Mahawithana 
> wrote:
>
>> Hi,
>>
>> I wrote a XACML policy which has a rule involving the current time. When
>> a request is made the XACML response is given as below.
>>
>> > lt>Indeterminate> Value="urn:oasis:names:tc:xacml:1.0:status:missing-attribute"/>Couldn't
>> find AttributeDesignator attribute
>> http://www.w3.org/20
>> 01/XMLSchema#time" Category="urn:oasis:names:tc:x
>> acml:3.0:attribute-category:environment" >
>> 
>>
>> Although the "CurrentEnvModule" class is able to provide the current
>> time. It is not not even called.
>>
>> When I debugged for the reason, I found out that at [1], the callHelper
>> method (which will pick the missing values from attribute finders) is not
>> called when the 'mapAttributes' do not have the category of the missing
>> attribute. Since the 'mappedAttributes' are taken from the XACML request,
>> according to the current implementation, The request should have at least
>> one attribute each from the categories we include in the policy. In my case
>> I need to send an attribute from "urn:oasis:names:tc:xacml:3.0:
>> attribute-category:environment" category in the XACML request in order
>> to get the current time.
>>
>> Is this intentional? Shouldn't we move the code at [1] to L146?
>>
>
> Yes.. it seems to be.  Please check line 5277 in XACML spec [2]
>
> [2] http://docs.oasis-open.org/xacml/3.0/xacml-3.0-core-spec-os-en.pdf
>

Even in that case this behaviour is expected only for environment
attributes right? With our current implementation we are expecting the same
for other categories as well. So shouldn't we do the change suggested by
Pulsathi?


>
>
>>
>> [1] https://github.com/wso2/balana/blob/master/modules/balan
>> a-core/src/main/java/org/wso2/balana/ctx/xacml3/XACML3Evalua
>> tionCtx.java#L142-L144
>> --
>> *Pulasthi Mahawithana*
>> Senior Software Engineer
>> WSO2 Inc., http://wso2.com/
>> Mobile: +94-71-5179022
>> Blog: http://blog.pulasthi.org
>>
>> 
>>
>
>
>
> --
> Thanks & Regards,
> Asela
>
> ATL
> Mobile : +94 777 625 933
>  +358 449 228 979
>
> http://soasecurity.org/
> http://xacmlinfo.org/
>
> ___
> Dev mailing list
> Dev@wso2.org
> http://wso2.org/cgi-bin/mailman/listinfo/dev
>
>
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] Current time is not picked by XACML engine

2016-10-30 Thread Asela Pathberiya 
On Sun, Oct 30, 2016 at 8:07 PM, Pulasthi Mahawithana 
wrote:

> Hi,
>
> I wrote a XACML policy which has a rule involving the current time. When a
> request is made the XACML response is given as below.
>
> <
> Result>Indeterminate Value="urn:oasis:names:tc:xacml:1.0:status:missing-
> attribute"/>Couldn't find AttributeDesignator
> attribute
> http://www.w3.org/
> 2001/XMLSchema#time" Category="urn:oasis:names:tc:
> xacml:3.0:attribute-category:environment" >
> 
>
> Although the "CurrentEnvModule" class is able to provide the current time.
> It is not not even called.
>
> When I debugged for the reason, I found out that at [1], the callHelper
> method (which will pick the missing values from attribute finders) is not
> called when the 'mapAttributes' do not have the category of the missing
> attribute. Since the 'mappedAttributes' are taken from the XACML request,
> according to the current implementation, The request should have at least
> one attribute each from the categories we include in the policy. In my case
> I need to send an attribute from "urn:oasis:names:tc:xacml:3.0:
> attribute-category:environment" category in the XACML request in order to
> get the current time.
>
> Is this intentional? Shouldn't we move the code at [1] to L146?
>

Yes.. it seems to be.  Please check line 5277 in XACML spec [2]

[2] http://docs.oasis-open.org/xacml/3.0/xacml-3.0-core-spec-os-en.pdf


>
> [1] https://github.com/wso2/balana/blob/master/modules/
> balana-core/src/main/java/org/wso2/balana/ctx/xacml3/
> XACML3EvaluationCtx.java#L142-L144
> --
> *Pulasthi Mahawithana*
> Senior Software Engineer
> WSO2 Inc., http://wso2.com/
> Mobile: +94-71-5179022
> Blog: http://blog.pulasthi.org
>
> 
>



-- 
Thanks & Regards,
Asela

ATL
Mobile : +94 777 625 933
 +358 449 228 979

http://soasecurity.org/
http://xacmlinfo.org/
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] [ESB] Use URL re-write mediator with recipient list endpoint

2016-10-30 Thread Isuru Udana 
Hi IsuruH,

URLRewite mediator only works with a single url at a given time.

Thanks.

On Sun, Oct 30, 2016 at 10:44 PM, Isuru Haththotuwa  wrote:

> Hi Devs,
>
> Can we do $subject? [1, 2]
>
> The endpoints are passed as a comma separated list, and used in recipient
> list endpoint with call mediator:
>
> 
>   
> 
>
> 
>   
> 
>
> The requirement is to do the same URL change in all the endpoints of the
> recipientlist.
>
>
> [1]. https://docs.wso2.com/display/ESB490/Recipient+List+Endpoint
>
> [2]. https://docs.wso2.com/display/ESB490/URLRewrite+Mediator
>
> --
> Thanks and Regards,
>
> Isuru H.
> +94 716 358 048* *
>
>
>


-- 
*Isuru Udana*
Technical Lead
WSO2 Inc.; http://wso2.com
email: isu...@wso2.com cell: +94 77 3791887
blog: http://mytecheye.blogspot.com/
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

[Dev] Transform an xml with payload factory and xpath

2016-10-30 Thread Bhathiya Jayasekara 
Hi devs,

I have below XML in the message context.

http://schemas.xmlsoap.org/soap/envelope/;>
   
  <*ns:getUserListOfRoleResponse* xmlns:ns="
http://service.ws.um.carbon.wso2.org;>
 usersx
 doctor
  
   


Is it possible to transform this to below one, just with a payload factory
(and xpath)?

  <*ns:results* xmlns:ns="http://service.ws.um.carbon.wso2.org;>
 usersx
 doctor
  

Basically what I tried is this with different xpaths, but none of them gave
me the expected output.

 

   $1


   http://service.ws.um.carbon.wso2.org;
evaluator="xml" *expression="//ns:getUserListOfRoleResponse/node()"*/>

 

Appreciate your help.

Thanks,

-- 
*Bhathiya Jayasekara*
*Senior Software Engineer,*
*WSO2 inc., http://wso2.com *

*Phone: +94715478185*
*LinkedIn: http://www.linkedin.com/in/bhathiyaj
*
*Twitter: https://twitter.com/bhathiyax *
*Blog: http://movingaheadblog.blogspot.com
*
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

[Dev] [ESB] Use URL re-write mediator with recipient list endpoint

2016-10-30 Thread Isuru Haththotuwa 
Hi Devs,

Can we do $subject? [1, 2]

The endpoints are passed as a comma separated list, and used in recipient
list endpoint with call mediator:


  

   

  


The requirement is to do the same URL change in all the endpoints of the
recipientlist.


[1]. https://docs.wso2.com/display/ESB490/Recipient+List+Endpoint

[2]. https://docs.wso2.com/display/ESB490/URLRewrite+Mediator

-- 
Thanks and Regards,

Isuru H.
+94 716 358 048* *
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

[Dev] Current time is not picked by XACML engine

2016-10-30 Thread Pulasthi Mahawithana 
Hi,

I wrote a XACML policy which has a rule involving the current time. When a
request is made the XACML response is given as below.

IndeterminateCouldn't
find AttributeDesignator attribute
http://www.w3.org/2001/XMLSchema#time;
Category="urn:oasis:names:tc:xacml:3.0:attribute-category:environment"
>


Although the "CurrentEnvModule" class is able to provide the current time.
It is not not even called.

When I debugged for the reason, I found out that at [1], the callHelper
method (which will pick the missing values from attribute finders) is not
called when the 'mapAttributes' do not have the category of the missing
attribute. Since the 'mappedAttributes' are taken from the XACML request,
according to the current implementation, The request should have at least
one attribute each from the categories we include in the policy. In my case
I need to send an attribute from
"urn:oasis:names:tc:xacml:3.0:attribute-category:environment" category in
the XACML request in order to get the current time.

Is this intentional? Shouldn't we move the code at [1] to L146?

[1]
https://github.com/wso2/balana/blob/master/modules/balana-core/src/main/java/org/wso2/balana/ctx/xacml3/XACML3EvaluationCtx.java#L142-L144
-- 
*Pulasthi Mahawithana*
Senior Software Engineer
WSO2 Inc., http://wso2.com/
Mobile: +94-71-5179022
Blog: http://blog.pulasthi.org


___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] [ESB 5] Access Response JSON Payload in a Class Mediator

2016-10-30 Thread Isuru Haththotuwa 
Hi Rajith/Raj,

Thanks for the responses. Both methods worked for me, and yes you need to
build the message first.

On Thu, Oct 27, 2016 at 7:16 PM, Rajkumar Rajaratnam 
wrote:

>
>
> On Thu, Oct 27, 2016 at 9:42 AM, Rajkumar Rajaratnam 
> wrote:
>
>> Hi Isuru,
>>
>> I think you have to build the message first and call
>> jsonPayloadToString(). Try this.
>>
>> try {
>>RelayUtils.buildMessage(a2mc);
>> } catch (IOException | XMLStreamException e) {
>>log.error("Error occurred while building the message", e);
>> }
>>
>> JsonUtil.jsonPayloadToString(a2mc);
>>
>
> ​This code worked for me in AM 1.10. ​
>
>
>>
>>
>> Also make sure you are using org.apache.synapse.commo
>> ns.json.JsonStreamFormatter/org.apache.synapse.commons.json.JsonStreamBuilder
>> for application/json.
>>
>> Thanks,
>> Raj.
>>
>> On Thu, Oct 27, 2016 at 9:28 AM, Rajith Vitharana 
>> wrote:
>>
>>> Hi Isuru,
>>>
>>> Below [1] worked for me to retrieve jsonbody. And then to set it back,
>>> what you did worked for me. IE [2]
>>>
>>> [1] - StringBuilder json = JsonUtil.toJsonString(synCtx.g
>>> etEnvelope().getBody());
>>> [2] - JsonUtil.getNewJsonPayload(
>>> ((Axis2MessageContext) synCtx).getAxis2MessageContext
>>> (),
>>> transformedJson, true, true);
>>>
>>> Thanks,
>>>
>>> On 27 October 2016 at 17:55, Isuru Haththotuwa  wrote:
>>>
 Hi,

 How to do $subject? Need to modify the response payload from BE and
 send it to the client.

 Tried [1], but did not work.

 [1].
String jsonPayloadToString = JsonUtil
 .jsonPayloadToString(((Axis2MessageContext)
 messageContext)
 .getAxis2MessageContext());
 try {
 JsonUtil.getNewJsonPayload(((Axis2MessageContext)
 messageContext).getAxis2MessageContext(),
 jsonPayloadToString, true, true);
 } catch (AxisFault axisFault) {
 log.error("Error building aggregated JSON payload",
 axisFault);
 return false;
 }

 --
 Thanks and Regards,

 Isuru H.
 +94 716 358 048* *



 ___
 Dev mailing list
 Dev@wso2.org
 http://wso2.org/cgi-bin/mailman/listinfo/dev


>>>
>>>
>>> --
>>> Rajith Vitharana
>>>
>>> Senior Software Engineer,
>>> WSO2 Inc. : wso2.com
>>> Mobile : +94715883223
>>> Blog : http://lankavitharana.blogspot.com/
>>> 
>>>
>>> ___
>>> Dev mailing list
>>> Dev@wso2.org
>>> http://wso2.org/cgi-bin/mailman/listinfo/dev
>>>
>>>
>>
>>
>> --
>> Rajkumar Rajaratnam
>> Committer & PMC Member, Apache Stratos
>> Senior Software Engineer, WSO2
>>
>> Mobile : +94777568639
>>
>
>
>
> --
> Rajkumar Rajaratnam
> Committer & PMC Member, Apache Stratos
> Senior Software Engineer, WSO2
>
> Mobile : +94777568639
>



-- 
Thanks and Regards,

Isuru H.
+94 716 358 048* *
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev