Re: [Dev] [Architecture] [VOTE] Release WSO2 API Manager 2.1.0 RC2

2017-01-11 Thread Abimaran Kugathasan 
Hi Rajkumar,

On Wed, Jan 11, 2017 at 11:08 PM, Rajkumar Rajaratnam 
wrote:

> IDP initiated SSO for Store is also not working. Should be the same case
> with Publisher. Reason for this issue is as below.
>
> For SP initiated SSO, we read SSO properties from site.json and set them
> to SSO relaying party object in sso/filter [1].
>
> For IDP initiated SSO, the same thing should be done in jaggery_acs.jag.
> Why?, because the very first request to API Store will land on
> jaggery_acs.jag and since SSO properties are not there in SSO relaying
> party object, you will get NPE like below.
>  ​
>


Why should someone allowed  to hit SP, if IDP initiated SSO configured? I
do understand the annonymous access API Manager should allowed for API
Srore, but, when someone requested to login, don't we redirect to IDP login?


>
>
> [2017-01-11 12:34:07,151] ERROR - Util Error when getting key store of
> tenant carbon.super
> java.lang.NullPointerException
> at java.io.File.(File.java:277)
> at org.wso2.carbon.hostobjects.sso.internal.util.Util.
> validateSignature(Util.java:281)
> at org.wso2.carbon.hostobjects.sso.SAMLSSORelyingPartyObject.
> jsFunction_validateSignature(SAMLSSORelyingPartyObject.java:168)
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> at sun.reflect.NativeMethodAccessorImpl.invoke(
> NativeMethodAccessorImpl.java:62)
> at sun.reflect.DelegatingMethodAccessorImpl.invoke(
> DelegatingMethodAccessorImpl.java:43)
> at java.lang.reflect.Method.invoke(Method.java:498)
> at org.mozilla.javascript.MemberBox.invoke(MemberBox.java:126)
> at org.mozilla.javascript.FunctionObject.call(FunctionObject.java:386)
> at org.mozilla.javascript.optimizer.OptRuntime.call1(OptRuntime.java:32)
> at org.jaggeryjs.rhino.store.jagg.c0._c_anonymous_1(/store/
> jagg/jaggery_acs.jag:70)
> at org.jaggeryjs.rhino.store.jagg.c0.call(/store/jagg/jaggery_acs.jag)
> at org.mozilla.javascript.optimizer.OptRuntime.call0(OptRuntime.java:23)
> at org.jaggeryjs.rhino.store.jagg.c0._c_script_0(/store/
> jagg/jaggery_acs.jag:5)
> at org.jaggeryjs.rhino.store.jagg.c0.call(/store/jagg/jaggery_acs.jag)
> at org.mozilla.javascript.ContextFactory.doTopCall(
> ContextFactory.java:394)
> at org.mozilla.javascript.ScriptRuntime.doTopCall(ScriptRuntime.java:3091)
> at org.jaggeryjs.rhino.store.jagg.c0.call(/store/jagg/jaggery_acs.jag)
> at org.jaggeryjs.rhino.store.jagg.c0.exec(/store/jagg/jaggery_acs.jag)
> at org.jaggeryjs.scriptengine.engine.RhinoEngine.execScript(
> RhinoEngine.java:567)
> at org.jaggeryjs.scriptengine.engine.RhinoEngine.exec(
> RhinoEngine.java:273)
> at org.jaggeryjs.jaggery.core.manager.WebAppManager.exec(
> WebAppManager.java:588)
> at org.jaggeryjs.jaggery.core.manager.WebAppManager.execute(
> WebAppManager.java:508)
> at org.jaggeryjs.jaggery.core.JaggeryServlet.doPost(
> JaggeryServlet.java:29)
> at javax.servlet.http.HttpServlet.service(HttpServlet.java:650)
> at javax.servlet.http.HttpServlet.service(HttpServlet.java:731)
> at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(
> ApplicationFilterChain.java:303)
> at org.apache.catalina.core.ApplicationFilterChain.doFilter(
> ApplicationFilterChain.java:208)
> at org.apache.catalina.core.ApplicationDispatcher.invoke(
> ApplicationDispatcher.java:747)
> at org.apache.catalina.core.ApplicationDispatcher.processRequest(
> ApplicationDispatcher.java:485)
> at org.apache.catalina.core.ApplicationDispatcher.doForward(
> ApplicationDispatcher.java:377)
> at org.apache.catalina.core.ApplicationDispatcher.forward(
> ApplicationDispatcher.java:337)
> at org.jaggeryjs.jaggery.core.JaggeryFilter.doFilter(
> JaggeryFilter.java:21)
> at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(
> ApplicationFilterChain.java:241)
> at org.apache.catalina.core.ApplicationFilterChain.doFilter(
> ApplicationFilterChain.java:208)
> at org.wso2.carbon.ui.filters.cache.ContentTypeBasedCachePreventio
> nFilter.doFilter(ContentTypeBasedCachePreventionFilter.java:53)
> at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(
> ApplicationFilterChain.java:241)
> at org.apache.catalina.core.ApplicationFilterChain.doFilter(
> ApplicationFilterChain.java:208)
> at org.apache.catalina.filters.HttpHeaderSecurityFilter.doFilter(
> HttpHeaderSecurityFilter.java:120)
> at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(
> ApplicationFilterChain.java:241)
> at org.apache.catalina.core.ApplicationFilterChain.doFilter(
> ApplicationFilterChain.java:208)
> at org.apache.catalina.core.StandardWrapperValve.invoke(
> StandardWrapperValve.java:218)
> at org.apache.catalina.core.StandardContextValve.invoke(
> StandardContextValve.java:122)
> at org.apache.catalina.authenticator.AuthenticatorBase.invoke(
> AuthenticatorBase.java:505)
> at org.apache.catalina.core.StandardHostValve.invoke(
> StandardHostValve.java:169)
> at org.apache.catalina.valves.ErrorReportValve.invoke(
> ErrorReportValve.java:103)
> at

Re: [Dev] Integration tests for WSO2 IOT Server

2017-01-11 Thread Menaka Jayawardena 
Hi,

The issue was fixed with custom extensions and it's working fine.

Thank you very much for the help guys.

Best regards,
Menaka


On Wed, Jan 4, 2017 at 10:27 AM, Menaka Jayawardena  wrote:

> Hi Sumedha,
>
> When using the single script, it does not start the servers. It hangs
> until timeout.
>
> I think as Nuwan mentioned, we have to write a custom extension to start
> the servers that we need. But the problem it, if we do so we have to
> rewrite the whole flow as test framework has concrete classes to get the
> carbon home dir and start the server. We have to change that.
>
> I also spoke to Azeez regarding this issue and he said that we have to
> debug the test framework and find the issue. So we can fix it and get a
> release from them.
>
> Thanks and Regards,
> Menaka
>
>
> On Wed, Jan 4, 2017 at 9:31 AM, Sumedha Rubasinghe 
> wrote:
>
>> Menaka,
>> For now, shall we not start the servers using this single script?. It's
>> bit complex to trouble shoot with all logs going to a single file.
>>
>> On Tue, Jan 3, 2017 at 12:48 PM, Menaka Jayawardena 
>> wrote:
>>
>>> Hi,
>>>
>>> In IOTS we have 3 separate servers (Analytics, Broker and IOT Core),
>>> which are invoked by a single shell script. (Or we can manually start each
>>> server individually). And in order to execute a full IOT scenario, all the
>>> three servers have to be up and running.
>>>
>>> There were some integration tests which were written before this change
>>> (Separating the servers), which test scenarios such as user login, device
>>> type installation, and virtual device enrollment etc.
>>>
>>> As Test Automation Framework looks for wso2server.sh in
>>> {carbon_home}/bin directory, I renamed the script. (was start-all.sh)
>>>
>>> When running, I got the following error.
>>>
>>> I think as the servers are started in processes forked by the
>>> 'start-all' script TAF does not have the access to the logs.
>>>
>>> Is there any fix for this issue?
>>>
>>> Can we change the script location in test configuration file?
>>>
>>> - ERROR MSG --
>>>
>>> INFO: Starting carbon server.
>>> Jan 03, 2017 12:08:15 PM org.wso2.carbon.automation.ext
>>> ensions.servers.carbonserver.CarbonServerExtension handleException
>>> SEVERE: Fail to start carbon server
>>> java.lang.RuntimeException: Port 9763 is not open
>>> at org.wso2.carbon.automation.extensions.servers.utils.ClientCo
>>> nnectionUtil.waitForPort(ClientConnectionUtil.java:248)
>>> at org.wso2.carbon.automation.extensions.servers.carbonserver.C
>>> arbonServerManager.startServerUsingCarbonHome(CarbonServerMa
>>> nager.java:120)
>>> at org.wso2.carbon.automation.extensions.servers.carbonserver.T
>>> estServerManager.startServer(TestServerManager.java:116)
>>> at org.wso2.carbon.automation.extensions.servers.carbonserver.C
>>> arbonServerExtension.onExecutionStart(CarbonServerExtension.java:50)
>>> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
>>> at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAcce
>>> ssorImpl.java:62)
>>> at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMe
>>> thodAccessorImpl.java:43)
>>> at java.lang.reflect.Method.invoke(Method.java:498)
>>> at org.wso2.carbon.automation.engine.extensions.TestNGExtension
>>> Executor.executeExtensible(TestNGExtensionExecutor.java:75)
>>> at org.wso2.carbon.automation.engine.testlisteners.TestExecutio
>>> nListener.onExecutionStart(TestExecutionListener.java:47)
>>> at org.testng.TestNG.runExecutionListeners(TestNG.java:1068)
>>> at org.testng.TestNG.run(TestNG.java:1015)
>>> at org.apache.maven.surefire.testng.TestNGExecutor.run(TestNGEx
>>> ecutor.java:295)
>>> at org.apache.maven.surefire.testng.TestNGXmlTestSuite.execute(
>>> TestNGXmlTestSuite.java:84)
>>> at org.apache.maven.surefire.testng.TestNGProvider.invoke(TestN
>>> GProvider.java:90)
>>> at org.apache.maven.surefire.booter.ForkedBooter.invokeProvider
>>> InSameClassLoader(ForkedBooter.java:203)
>>> at org.apache.maven.surefire.booter.ForkedBooter.runSuitesInPro
>>> cess(ForkedBooter.java:155)
>>> at org.apache.maven.surefire.booter.ForkedBooter.main(ForkedBoo
>>> ter.java:103)
>>>
>>> Jan 03, 2017 12:08:15 PM org.wso2.carbon.automation.eng
>>> ine.testlisteners.TestExecutionListener handleException
>>> SEVERE: Execution error occurred in TestExecutionListener:-
>>> java.lang.reflect.InvocationTargetException
>>> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
>>> at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAcce
>>> ssorImpl.java:62)
>>> at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMe
>>> thodAccessorImpl.java:43)
>>> at java.lang.reflect.Method.invoke(Method.java:498)
>>> at org.wso2.carbon.automation.engine.extensions.TestNGExtension
>>> Executor.executeExtensible(TestNGExtensionExecutor.java:75)
>>> at org.wso2.carbon.automation.engine.testlisteners.TestExecutio
>>>

Re: [Dev] Error while validating the signature in SAML Grant Type

2017-01-11 Thread Farasath Ahamed 
Is the service provider created in super tenant and the rest of tenants
access it as a SaaS app?

Also what is oauth component version used in IoT server?

On Jan 11, 2017 9:47 PM, "Vishanth Balasubramaniam" 
wrote:

Hi,

In WSO2 IoT, we have created a service provider for our webapp and we use
SAML grant type to create OAUTH Token. This works fine for the super tenant
mode, but it fails for the tenant flow with the following error

ERROR - SAML2BearerGrantHandler Error while validating the signature.

org.opensaml.xml.validation.ValidationException: Signature did not validate
against the credential's key

at org.opensaml.xml.signature.SignatureValidator.validate(
SignatureValidator.java:79)

at org.wso2.carbon.identity.oauth2.token.handlers.grant.
saml.SAML2BearerGrantHandler.validateGrant(SAML2BearerGrantHandler.java:511)

at org.wso2.carbon.identity.oauth2.token.AccessTokenIssuer.issue(
AccessTokenIssuer.java:212)

at org.wso2.carbon.identity.oauth2.OAuth2Service.issueAccessToken(
OAuth2Service.java:223)

at org.wso2.carbon.identity.oauth.endpoint.token.OAuth2TokenEndpoint.
getAccessToken(OAuth2TokenEndpoint.java:287)

at org.wso2.carbon.identity.oauth.endpoint.token.OAuth2TokenEndpoint.
issueAccessToken(OAuth2TokenEndpoint.java:151)

at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)

at sun.reflect.NativeMethodAccessorImpl.invoke(
NativeMethodAccessorImpl.java:57)

at sun.reflect.DelegatingMethodAccessorImpl.invoke(
DelegatingMethodAccessorImpl.java:43)

at java.lang.reflect.Method.invoke(Method.java:606)

When debugging we identified that the SSO signature is signed with super
tenant key-store but it gets verified in the grant type with tenant's
key-store.

Have you all encountered this issue before? How can this be achieved?

Regards,
Vishanth

-- 
*Vishanth Balasubramaniam*
Committer & PMC Member, Apache Stratos,
Software Engineer, WSO2 Inc.; http://wso2.com

mobile: *+94 77 17 377 18*
about me: *http://about.me/vishanth *

___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] [ESB 5] Validate Mediator class not found

2017-01-11 Thread Rajith Vitharana 
Hi Federico,

I tried the same scenario, but it works fine for me, I even checked the
osgi bundles, they are exporting and importing correct packages as
expected(jackson-core_2.6.1.wso2v1.jar
exports com.fasterxml.jackson.core.filter;version="2.6.1.wso2v1";
and jackson-databind_2.6.1.wso2v3.jar
imports 
com.fasterxml.jackson.core.filter;version="[2.6.1,2.6.2)";resolution:=optional)

So I didn't faced any issues with validate mediator. So will you be able to
share more details about the Car file you are using and the schema
"RicpagInputXSD"
as well?

Thanks,

On 11 January 2017 at 10:11, Federico Valeri  wrote:

> Hi all, I'm using the latest ESB version (5.0.0) and I have a strange
> "class not found" error as soon as I deploy a CAR with a really simple
> Validation Mediator (basically it's a cut and paste from the official doc).
> If I remove the validate tag, the deploy complete successfully and it works.
>
> The error:
>
> java.lang.NoClassDefFoundError: com/fasterxml/jackson/core/
> filter/TokenFilter
> Caused by: java.lang.ClassNotFoundException:
> com.fasterxml.jackson.core.filter.TokenFilter cannot be found by
> jackson-databind_2.6.1.wso2v1
>
> The code:
>
> 
> 
> 
>   
> 
> 
>   
>value="true"/>
>scope="default"/>
> 
>   
>
> What I miss?
> Tnx
>
> ___
> Dev mailing list
> Dev@wso2.org
> http://wso2.org/cgi-bin/mailman/listinfo/dev
>
>


-- 
Rajith Vitharana

Senior Software Engineer,
WSO2 Inc. : wso2.com
Mobile : +94715883223
Blog : http://lankavitharana.blogspot.com/

___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] [Architecture] [VOTE] Release WSO2 API Manager 2.1.0 RC2

2017-01-11 Thread Rajkumar Rajaratnam 
IDP initiated SSO for Store is also not working. Should be the same case
with Publisher. Reason for this issue is as below.

For SP initiated SSO, we read SSO properties from site.json and set them to
SSO relaying party object in sso/filter [1].

For IDP initiated SSO, the same thing should be done in jaggery_acs.jag.
Why?, because the very first request to API Store will land on
jaggery_acs.jag and since SSO properties are not there in SSO relaying
party object, you will get NPE like below.
 ​


[2017-01-11 12:34:07,151] ERROR - Util Error when getting key store of
tenant carbon.super
java.lang.NullPointerException
at java.io.File.(File.java:277)
at
org.wso2.carbon.hostobjects.sso.internal.util.Util.validateSignature(Util.java:281)
at
org.wso2.carbon.hostobjects.sso.SAMLSSORelyingPartyObject.jsFunction_validateSignature(SAMLSSORelyingPartyObject.java:168)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at org.mozilla.javascript.MemberBox.invoke(MemberBox.java:126)
at org.mozilla.javascript.FunctionObject.call(FunctionObject.java:386)
at org.mozilla.javascript.optimizer.OptRuntime.call1(OptRuntime.java:32)
at
org.jaggeryjs.rhino.store.jagg.c0._c_anonymous_1(/store/jagg/jaggery_acs.jag:70)
at org.jaggeryjs.rhino.store.jagg.c0.call(/store/jagg/jaggery_acs.jag)
at org.mozilla.javascript.optimizer.OptRuntime.call0(OptRuntime.java:23)
at
org.jaggeryjs.rhino.store.jagg.c0._c_script_0(/store/jagg/jaggery_acs.jag:5)
at org.jaggeryjs.rhino.store.jagg.c0.call(/store/jagg/jaggery_acs.jag)
at org.mozilla.javascript.ContextFactory.doTopCall(ContextFactory.java:394)
at org.mozilla.javascript.ScriptRuntime.doTopCall(ScriptRuntime.java:3091)
at org.jaggeryjs.rhino.store.jagg.c0.call(/store/jagg/jaggery_acs.jag)
at org.jaggeryjs.rhino.store.jagg.c0.exec(/store/jagg/jaggery_acs.jag)
at
org.jaggeryjs.scriptengine.engine.RhinoEngine.execScript(RhinoEngine.java:567)
at org.jaggeryjs.scriptengine.engine.RhinoEngine.exec(RhinoEngine.java:273)
at
org.jaggeryjs.jaggery.core.manager.WebAppManager.exec(WebAppManager.java:588)
at
org.jaggeryjs.jaggery.core.manager.WebAppManager.execute(WebAppManager.java:508)
at org.jaggeryjs.jaggery.core.JaggeryServlet.doPost(JaggeryServlet.java:29)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:650)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:731)
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:303)
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
at
org.apache.catalina.core.ApplicationDispatcher.invoke(ApplicationDispatcher.java:747)
at
org.apache.catalina.core.ApplicationDispatcher.processRequest(ApplicationDispatcher.java:485)
at
org.apache.catalina.core.ApplicationDispatcher.doForward(ApplicationDispatcher.java:377)
at
org.apache.catalina.core.ApplicationDispatcher.forward(ApplicationDispatcher.java:337)
at org.jaggeryjs.jaggery.core.JaggeryFilter.doFilter(JaggeryFilter.java:21)
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
at
org.wso2.carbon.ui.filters.cache.ContentTypeBasedCachePreventionFilter.doFilter(ContentTypeBasedCachePreventionFilter.java:53)
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
at
org.apache.catalina.filters.HttpHeaderSecurityFilter.doFilter(HttpHeaderSecurityFilter.java:120)
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
at
org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:218)
at
org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:122)
at
org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:505)
at
org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:169)
at
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:103)
at
org.wso2.carbon.tomcat.ext.valves.CompositeValve.continueInvocation(CompositeValve.java:99)
at
org.wso2.carbon.tomcat.ext.valves.CarbonTomcatValve$1.invoke(CarbonTomcatValve.java:47)
at
org.wso2.carbon.webapp.mgt.TenantLazyLoaderValve.invoke(TenantLazyLoaderValve.java:57)
at
org.wso2.carbon.event.receiver.core.internal.tenantmgt.TenantLazyLoaderValve.invoke(TenantLazyLoaderValve.java:48)
at
org.wso2.carbon.tomcat.ext.valves.TomcatValveContainer.invokeValves(TomcatValveContainer.java:47)
at

Re: [Dev] Wso2IS info recovery sample

2017-01-11 Thread Koné Alioune Badara 
Hello,

Following my last email, the probleme is that, I created a tenant which
uses a ReadOnlyLdapUserStore as user store. When I'm trying to create a
user through the askPassword feature, I'm getting an error saying that
: Invalid confirmation code for the user. But when I create a user in the
main tenant using the sanme feature, it works fine. So can you give me any
details on the problem?

Still can you confirm that when I disable the captcha in the
identity-mgt.properties file it is disable for all the tenant?

Regards,


2017-01-11 18:10 GMT+01:00 Koné Alioune Badara :

> Hi,
>
> How can I disable the captcha validation for the tenants for the
> AskPassword FEATURE ?
>
> --
> Cordialement,
>
> Alioune B KONÉ.
>



-- 
Cordialement,

Alioune B KONÉ.
MASTER ETNA 2016.
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

[Dev] Wso2IS info recovery sample

2017-01-11 Thread Koné Alioune Badara 
Hi,

How can I disable the captcha validation for the tenants for the
AskPassword FEATURE ?

-- 
Cordialement,

Alioune B KONÉ.
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

[Dev] [API-Import-Export] Support templates when importing APIs

2017-01-11 Thread JOSE MARIA ALVAREZ FERNANDEZ 
Hello all,As part of our project here, we have created another pull request to try to be more agile when importing APIs, so that we don't have to compile the API every time we want to change the environment backend URLs for an API.The pull request is here:https://github.com/wso2/product-apim/pull/1294It basically affects the api-import-export application. Please, review the PR let me know your thoughts about the idea and the implementation. We haven't provided a default implementation because it is out of our scope right now, but it should be pretty easy to do something properties-based in the machine.All the details about how it works are in the PR, but comment or doubt are more than welcome.Thank you all,Jose Maria.

www.elcorteingles.es


---

Este mensaje, y en su caso, cualquier fichero anexo al mismo, puede
contener información confidencial, siendo para uso exclusivo del 
destinatario, quedando prohibida su divulgación copia o  distribución a 
terceros sin la autorización expresa del remitente. Si Vd. ha recibido 
este mensaje erróneamente, se ruega lo  notifique al remitente y 
proceda a su borrado.
Gracias por su colaboración.

This message (including any attachments) may contain confidential 
information. It is intended for use by the recipient only. Any 
dissemination, copying or distribution to third parties without the 
express consent of the sender is strictly prohibited. If you have 
received this message in error, please delete it immediately and 
notify the sender. 
Thank you for your collaboration.
 

___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

[Dev] Error while validating the signature in SAML Grant Type

2017-01-11 Thread Vishanth Balasubramaniam 
Hi,

In WSO2 IoT, we have created a service provider for our webapp and we use
SAML grant type to create OAUTH Token. This works fine for the super tenant
mode, but it fails for the tenant flow with the following error

ERROR - SAML2BearerGrantHandler Error while validating the signature.

org.opensaml.xml.validation.ValidationException: Signature did not validate
against the credential's key

at
org.opensaml.xml.signature.SignatureValidator.validate(SignatureValidator.java:79)

at
org.wso2.carbon.identity.oauth2.token.handlers.grant.saml.SAML2BearerGrantHandler.validateGrant(SAML2BearerGrantHandler.java:511)

at
org.wso2.carbon.identity.oauth2.token.AccessTokenIssuer.issue(AccessTokenIssuer.java:212)

at
org.wso2.carbon.identity.oauth2.OAuth2Service.issueAccessToken(OAuth2Service.java:223)

at
org.wso2.carbon.identity.oauth.endpoint.token.OAuth2TokenEndpoint.getAccessToken(OAuth2TokenEndpoint.java:287)

at
org.wso2.carbon.identity.oauth.endpoint.token.OAuth2TokenEndpoint.issueAccessToken(OAuth2TokenEndpoint.java:151)

at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)

at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)

at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)

at java.lang.reflect.Method.invoke(Method.java:606)

When debugging we identified that the SSO signature is signed with super
tenant key-store but it gets verified in the grant type with tenant's
key-store.

Have you all encountered this issue before? How can this be achieved?

Regards,
Vishanth

-- 
*Vishanth Balasubramaniam*
Committer & PMC Member, Apache Stratos,
Software Engineer, WSO2 Inc.; http://wso2.com

mobile: *+94 77 17 377 18*
about me: *http://about.me/vishanth *
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

[Dev] [ESB 5] Validate Mediator class not found

2017-01-11 Thread Federico Valeri 
Hi all, I'm using the latest ESB version (5.0.0) and I have a strange
"class not found" error as soon as I deploy a CAR with a really simple
Validation Mediator (basically it's a cut and paste from the official doc).
If I remove the validate tag, the deploy complete successfully and it works.

The error:

java.lang.NoClassDefFoundError:
com/fasterxml/jackson/core/filter/TokenFilter
Caused by: java.lang.ClassNotFoundException:
com.fasterxml.jackson.core.filter.TokenFilter cannot be found by
jackson-databind_2.6.1.wso2v1

The code:




  
http://schemas.xmlsoap.org/soap/envelope/"/>

  
  
  

  

What I miss?
Tnx
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] [UUF] Document onRequest() method in the UUF developer's guide

2017-01-11 Thread KasunG Gajasinghe 
Hi Sajith,

+1. Having one single method like #onRequest to handle both GET and POST is
considered a bad practice as per HTTP specification since these HTTP
methods serve different purposes entirely.

In Servlets, we have #doGet and #doPost to handle GET and POST requests
separately. Something to think about, since we cannot easily change the API
once the GA is out!

Thanks.


On Wed, Jan 11, 2017 at 6:15 PM, Sagara Gunathunga  wrote:

>
> Shouldn't we add and maintain this doc in UUF Github repo itself ?
>
> Thanks !
>
> On Wed, Jan 11, 2017 at 5:59 PM, SajithAR Ariyarathna 
> wrote:
>
>> [+ShanM]
>>
>> On Wed, Jan 11, 2017 at 5:54 PM, Indunil Upeksha Rathnayake <
>> indu...@wso2.com> wrote:
>>
>>> Hi UUF team,
>>>
>>> I think it's better to give some description about the "onRequest()"
>>> method and how it works in [1], since for a beginner, it might be somewhat
>>> difficult to understand.
>>>
>>> [1] https://docs.google.com/document/d/10UDdArHV1eYEfiONu8saqPnn
>>> JyUjH3vxOrv0k0rK5hc/edit
>>>
>>> Thanks and Regards
>>> --
>>> Indunil Upeksha Rathnayake
>>> Software Engineer | WSO2 Inc
>>> Emailindu...@wso2.com
>>> Mobile   0772182255 <077%20218%202255>
>>>
>>
>>
>>
>> --
>> Sajith Janaprasad Ariyarathna
>> Software Engineer; WSO2, Inc.;  http://wso2.com/
>> 
>>
>> ___
>> Dev mailing list
>> Dev@wso2.org
>> http://wso2.org/cgi-bin/mailman/listinfo/dev
>>
>>
>
>
> --
> Sagara Gunathunga
>
> Associate Director / Architect; WSO2, Inc.;  http://wso2.com
> V.P Apache Web Services;http://ws.apache.org/
> Linkedin; http://www.linkedin.com/in/ssagara
> Blog ;  http://ssagara.blogspot.com
>
>
> ___
> Dev mailing list
> Dev@wso2.org
> http://wso2.org/cgi-bin/mailman/listinfo/dev
>
>


-- 

*Kasun Gajasinghe*Associate Technical Lead, WSO2 Inc.
email: kasung AT spamfree wso2.com
linked-in: http://lk.linkedin.com/in/gajasinghe
blog: http://kasunbg.org
phone: +1 650-745-4499, 77 678 0813
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] Clarification on invoking particular fragment in UUF

2017-01-11 Thread KasunG Gajasinghe 
Hi Shan/Sajith,

On Wed, Jan 11, 2017 at 12:57 PM, Shan Mahanama  wrote:

> Hi all,
>
> We can solve this by adding a hidden field to each form.
>
> 
>
> Then inside of the onRequest function, we can check the value of the
> hidden field.
>
> if (env.request.method == "POST" && env.request.formParams["tabId"]="tab1") {
>
> // do stuff related to tab1
>
> }
>
>
As discussed separately, any page that has more than one html form will
face this problem. And, to be in the safe side, we'll be forced to add this
hidden field to all the forms. Having to do this in all the #onRequests is
not a good work-around. :-(

In Java world, this is handled by having servlets for each form since that
is how the forms are usually processed. So, the action attribute has the
servlet's url. After processing, the servlet forwards (note: not redirect!)
you to a jsp page.

Can we support something similar to jsp forwards in UUF? This may mean we
could directly invoke a JS content. I see that we already have
#sendRedirect method which is analogous to jsp redirect. The missing piece
is the forward.


If a fragment is used only in one place, that means that fragment is not
> reused. So you can remove the fragment and add the fragment content
> directly into the page. Our recommendation is, not to create a fragment
> until the code is reused somewhere else.
>
>
This could occur if one page has two forms as well.

Thanks,
KasunG



> Thanks,
> Shan.
>
> On Wed, Jan 11, 2017 at 11:44 AM, KasunG Gajasinghe 
> wrote:
>
>> +Dev
>>
>> On Wed, Jan 11, 2017 at 12:49 AM, Denuwanthi De Silva <
>> denuwan...@wso2.com> wrote:
>>
>>> Hi,
>>>
>>> During user-portal implementations for IS, I can see that the POST
>>> methods of all fragments get invoked if you do a POST only in one fragment.
>>>
>>> Ex:
>>> we have base account-settings page.
>>> It has several tabs/menu like "profiles", "password"
>>> We define fragment for each tab inside account-setting.hbs
>>>
>>> But when we go inside one tab and do a Submit (POST) it invokes the POST
>>> methods inside ''onReuest" methods of each fragment.
>>>
>>> Is there a way we can make only needed fragment is invoked when it is
>>> selected?
>>>
>>> Ex: provide an env.param for each fragment
>>>
>>> {{fragment "org.wso2.carbon.iam.user-portal.feature.profile" 
>>> envParam="profile"}}
>>>
>>> and and and AND statement like
>>>
>>> if (env.request.method == "POST" && env.params.envParam="profile") {
>>>
>>>
>>> Then, only the desired fragment will be invoked.
>>>
>>> Can anyone shed some light on this matter as it is affecting the update
>>> password flow due to and update calim happening inside profile.js
>>>
>>>
>>> Thanks
>>>
>>> --
>>> Denuwanthi De Silva
>>> Senior Software Engineer;
>>> WSO2 Inc.; http://wso2.com,
>>> Email: denuwan...@wso2.com
>>> Blog: https://denuwanthi.wordpress.com/
>>>
>>
>>
>>
>> --
>>
>> *Kasun Gajasinghe*Associate Technical Lead, WSO2 Inc.
>> email: kasung AT spamfree wso2.com
>> linked-in: http://lk.linkedin.com/in/gajasinghe
>> blog: http://kasunbg.org
>> phone: +1 650-745-4499 <(650)%20745-4499>, 77 678 0813
>>
>>
>> ___
>> Dev mailing list
>> Dev@wso2.org
>> http://wso2.org/cgi-bin/mailman/listinfo/dev
>>
>>
>
>
> --
> Shan Mahanama
>
> Software Engineer, WSO2 Inc. http://wso2.com
> 
> Email: sh...@wso2.com
> Mobile: +94 71 2000 498
>
>
>


-- 

*Kasun Gajasinghe*Associate Technical Lead, WSO2 Inc.
email: kasung AT spamfree wso2.com
linked-in: http://lk.linkedin.com/in/gajasinghe
blog: http://kasunbg.org
phone: +1 650-745-4499 <+1%20650-745-4499>, 77 678 0813
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

[Dev] WSO2 Identity Server 5.3.0 Released !

2017-01-11 Thread Pulasthi Mahawithana 
WSO2 Identity Server 5.3.0 Released !

WSO2 Identity Server team is pleased to announce the release of version
5.3.0 of the WSO2 Identity Server (IS).

WSO2 Identity Server is an open source Identity and Entitlement Management
server. It supports a wide array of authentication protocols such as SAML
2.0 Web SSO, OAuth 2.0/1.0a, OpenID Connect and WS-Federation Passive. It
supports role based authorization and fine grained authorization with XACML
2.0/3.0 while inbound/outbound provisioning is supported through SCIM and
SPML.

WSO2 Identity Server is developed on top of the revolutionary WSO2 Carbon
platform, an OSGi based framework that provides seamless modularity to your
SOA solution via componentization.

All the major features have been developed as pluggable Carbon components.

You can download this distribution from http://wso2.com/products/
identity-server/.

Online documentation is available at http://docs.wso2.org/wiki/
display/IS530/WSO2+Identity+Server+Documentation.

How to Run

1. Extract the downloaded zip

2. Go to the bin directory in the extracted folder

3. Run the wso2server.sh or wso2server.bat files as appropriate

4. If you need to start the OSGi console with the server, use the property
-DosgiConsole when starting the server.

New Features in this Release


   -

   Improved Identity Management Capabilities : Identity management features
   in WSO2 Identity Server 5.3.0, has been re-designed to provide strong
   out-of-the-box support for key identity management use cases, including
   password policies, login policies and account management policies.
   -

  Password policies
  -

 Password history validation (ability to keep track of user's old
 passwords). See Password History Validation
 .
 -

 Password Patterns Configuration, See Password Patterns
 
 -

  Login policies
  -

 Google ReCaptcha support for single sign on. See Setting Up
 ReCaptcha
 .
 -

 Account locking in single and multi-tenant environments. See User
 Account Locking and Account Disabling
 

 .
 -

  Account management policies.
  -

 Account suspension reminders and locking idle accounts. See User
 Account Suspension
 .
 -

 Password and username recovery with challenge questions or
 notifications. We also support challenge questions
internalization. See Password
 Recovery .
 -

 Password reset via admin. For more information, See Forced
 Password Reset
 .
 -

 Google ReCaptcha support for password recovery flow and self sign
 up. See Setting Up ReCaptcha
 .


   -

  HTML support for email templates, template internalization and
  dynamic properties for email templates. See Customizing Automated
  Emails
  .
  -

  Brute force attack prevention. See Mitigating Brute Force Attacks
  .
  -

   Login session monitoring and termination: WSO2 IS now supports
   monitoring user sessions and authentication activities via alerts, and
   manual termination of user sessions for better security. See Terminating
   User Sessions
   .
   -

   Rule based provisioning: WSO2 IS 5.3.0 has the ability to adopt
   provision flows based on rules. These rules can be based on entities
   related to an event such as user, idp, sp  as well as environmental factors
   like time and region.
   -

   Prompt for missing predefined required attributes in the authentication
   flow: The user will be prompted to fill the missing attributes or claim
   values, in the event of  a missing mandatory claim  at the point of login.
   See Configuring Claims for a Service Provider
   

   .
   -

   OAuth 2.0/OpenID Connect Enhancements: Following OpenID Connect
   specifications were implemented to enrich the OpenID connect support in
   Identity Server.
   -

  OpenID Connect Dynamic Client Registration. See OpenID Connect
  Dynamic Client Registration
  

  .
  -

  Token Introspection. See

[Dev] Ldap UserStore Configuration: Use of Auxiliary Object Classes

2017-01-11 Thread kawas 
Hello,

Using Ldap as a UserStore, I want to use custom attributes for my users
mainly in claims mapping.

I don't really like the idea of creating a new objectClass in Ldap and
configure WSO2 IS accordingly,
- Would it be possible to specify optional auxiliary objectClasses in
UserStore configuration ?


Regards,

Kawas
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] [Architecture] [VOTE] Release WSO2 API Manager 2.1.0 RC2

2017-01-11 Thread Malintha Amarasinghe 
Hi all,

We are calling off the vote due to the problems found in stat graphs. We
will do a RC3 soon.

Thanks!
Malintha

On Wed, Jan 11, 2017 at 12:01 PM, Abimaran Kugathasan 
wrote:

> Tested Endpoints, Throttling and general API invocations scenarios
>
> [+] Stable - go ahead and release
>
> On Wed, Jan 11, 2017 at 11:20 AM, Praminda Jayawardana 
> wrote:
>
>> Tested client SDK generation for super tenant, non admin, tenant and self
>> signup users.
>>
>> [+] Stable - go ahead and release
>>
>> On Wed, Jan 11, 2017 at 10:56 AM, Arshardh Ifthikar 
>> wrote:
>>
>>> Tested the Websocket API feature
>>>
>>> [+] Stable - go ahead and release
>>>
>>> On Wed, Jan 11, 2017 at 10:52 AM, Tharindu Dharmarathna <
>>> tharin...@wso2.com> wrote:
>>>
 Tested the Blocking condition and Advance throtting feature

 [+] Stable - go ahead and release


 On Wed, Jan 11, 2017 at 10:50 AM, Chamila Adhikarinayake <
 chami...@wso2.com> wrote:

> Tested workflows for API lifecycle state change feature.
>
> [+] Stable - go ahead and release
>
> On Tue, Jan 10, 2017 at 4:35 PM, Malintha Amarasinghe <
> malint...@wso2.com> wrote:
>
>> Hi All,
>>
>> This is the 2nd Release Candidate of WSO2 API Manager 2.1.0
>>
>> Please download, test the product and vote. The vote will be open for
>> 72 hours or as needed.
>>
>> Source and distribution
>>
>> Run-time : https://github.com/wso2/prod
>> uct-apim/releases/download/v2.1.0-rc2/wso2am-2.1.0-RC2.zip
>> Analytics : https://github.com/wso2/anal
>> ytics-apim/releases/download/v2.1.0-rc2/wso2am-analytics-2.1
>> .0-RC2.zip
>> Tooling : https://github.com/wso2/devs
>> tudio-tooling-apim/releases/tag/v2.1.0-rc2
>>
>>
>> This release fixes the following issues:
>> Runtime : https://wso2.org/jira/issues/?filter=13623
>> Analytics : https://wso2.org/jira/issues/?filter=13624
>> Tooling : https://wso2.org/jira/browse/DEVTOOLAPI-1
>>
>>
>> Please vote as follows.
>> [+] Stable - go ahead and release
>> [-] Broken - do not release (explain why)
>>
>>
>> Thanks,
>> - WSO2 API Manager Team -
>>
>> --
>> Malintha Amarasinghe
>> Software Engineer
>> *WSO2, Inc. - lean | enterprise | middleware*
>> http://wso2.com/
>>
>> Mobile : +94 712383306 <+94%2071%20238%203306>
>>
>> ___
>> Architecture mailing list
>> architect...@wso2.org
>> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
>>
>>
>
>
> --
> Regards,
> Chamila Adhikarinayake
> Software Engineer
> WSO2, Inc.
> Mobile - +94712346437 <+94%2071%20234%206437>
> Email  - chami...@wso2.com
> Blog  -  http://helpfromadhi.blogspot.com/
>
> ___
> Architecture mailing list
> architect...@wso2.org
> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
>
>


 --

 *Tharindu Dharmarathna*Software Engineer
 WSO2 Inc.; http://wso2.com
 lean.enterprise.middleware

 mobile: *+94779109091 <+94%2077%20910%209091>*

 ___
 Architecture mailing list
 architect...@wso2.org
 https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture


>>>
>>>
>>> --
>>> *Arshardh Ifthikar*
>>> Trainee Software Engineer
>>> WSO2, Inc.
>>> Mobile: +94719806525 <+94%2071%20980%206525>
>>>
>>> ___
>>> Dev mailing list
>>> Dev@wso2.org
>>> http://wso2.org/cgi-bin/mailman/listinfo/dev
>>>
>>>
>>
>>
>> --
>>
>> *Praminda Jayawardana*
>> Software Engineer
>> WSO2 Inc.; http://wso2.com
>> Mobile : +94 (0) 716 590918 <+94%2071%20659%200918>
>>
>> ___
>> Architecture mailing list
>> architect...@wso2.org
>> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
>>
>>
>
>
> --
> Thanks
> Abimaran Kugathasan
> Senior Software Engineer - API Technologies
>
> Email : abima...@wso2.com
> Mobile : +94 773922820 <+94%2077%20392%202820>
>
> 
> 
>   
> 
>
>
> ___
> Dev mailing list
> Dev@wso2.org
> http://wso2.org/cgi-bin/mailman/listinfo/dev
>
>


-- 
Malintha Amarasinghe
Software Engineer
*WSO2, Inc. - lean | enterprise | middleware*
http://wso2.com/

Mobile : +94 712383306
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] [UUF] Document onRequest() method in the UUF developer's guide

2017-01-11 Thread Sagara Gunathunga 
Shouldn't we add and maintain this doc in UUF Github repo itself ?

Thanks !

On Wed, Jan 11, 2017 at 5:59 PM, SajithAR Ariyarathna 
wrote:

> [+ShanM]
>
> On Wed, Jan 11, 2017 at 5:54 PM, Indunil Upeksha Rathnayake <
> indu...@wso2.com> wrote:
>
>> Hi UUF team,
>>
>> I think it's better to give some description about the "onRequest()"
>> method and how it works in [1], since for a beginner, it might be somewhat
>> difficult to understand.
>>
>> [1] https://docs.google.com/document/d/10UDdArHV1eYEfiONu8saqPnn
>> JyUjH3vxOrv0k0rK5hc/edit
>>
>> Thanks and Regards
>> --
>> Indunil Upeksha Rathnayake
>> Software Engineer | WSO2 Inc
>> Emailindu...@wso2.com
>> Mobile   0772182255
>>
>
>
>
> --
> Sajith Janaprasad Ariyarathna
> Software Engineer; WSO2, Inc.;  http://wso2.com/
> 
>
> ___
> Dev mailing list
> Dev@wso2.org
> http://wso2.org/cgi-bin/mailman/listinfo/dev
>
>


-- 
Sagara Gunathunga

Associate Director / Architect; WSO2, Inc.;  http://wso2.com
V.P Apache Web Services;http://ws.apache.org/
Linkedin; http://www.linkedin.com/in/ssagara
Blog ;  http://ssagara.blogspot.com
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] [UUF] Document onRequest() method in the UUF developer's guide

2017-01-11 Thread SajithAR Ariyarathna 
[+ShanM]

On Wed, Jan 11, 2017 at 5:54 PM, Indunil Upeksha Rathnayake <
indu...@wso2.com> wrote:

> Hi UUF team,
>
> I think it's better to give some description about the "onRequest()"
> method and how it works in [1], since for a beginner, it might be somewhat
> difficult to understand.
>
> [1] https://docs.google.com/document/d/10UDdArHV1eYEfiONu8saqPnnJyUjH
> 3vxOrv0k0rK5hc/edit
>
> Thanks and Regards
> --
> Indunil Upeksha Rathnayake
> Software Engineer | WSO2 Inc
> Emailindu...@wso2.com
> Mobile   0772182255
>



-- 
Sajith Janaprasad Ariyarathna
Software Engineer; WSO2, Inc.;  http://wso2.com/

___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

[Dev] [UUF] Document onRequest() method in the UUF developer's guide

2017-01-11 Thread Indunil Upeksha Rathnayake 
Hi UUF team,

I think it's better to give some description about the "onRequest()" method
and how it works in [1], since for a beginner, it might be somewhat
difficult to understand.

[1]
https://docs.google.com/document/d/10UDdArHV1eYEfiONu8saqPnnJyUjH3vxOrv0k0rK5hc/edit

Thanks and Regards
-- 
Indunil Upeksha Rathnayake
Software Engineer | WSO2 Inc
Emailindu...@wso2.com
Mobile   0772182255
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] [WSO2 IS] SCIM call to create a role with permissions

2017-01-11 Thread Dilshani Subasinghe 
Hi Hanen,

Your cURL command use "admin" permission to make the call and not to add
permissions to your group. As u create groups with basic authentication,
you may not add different permissions via the SCIM call. Even though its
call as roles, it will be map with groups in WSO2 IS.

Reference: https://docs.wso2.com/display/IS520/SCIM+APIs

Regards,
Dilshani


On Tue, Jan 10, 2017 at 10:42 PM, Hanen Ben Rhouma 
wrote:

> Hi,
>
> Is it possible to create a role with a list of permissions through SCIM ?
> I created one with this command
>
> curl -v -k --user admin:admin --data '{"displayName":
> "TenantAdmin","members": 
> [{"value":"09f55b8d-9a94-484c-9fff-09e02013167a","hanen":
> "hanen"}]}' --header "Content-Type:application/json"
> https://localhost:9443/wso2/scim/Groups
>
> but the result is stripped of any kind of permission, is it possible to
> assign them through such calls ?
>
>
> Regards,
> Hanen
>
> ___
> Dev mailing list
> Dev@wso2.org
> http://wso2.org/cgi-bin/mailman/listinfo/dev
>
>


-- 
Best Regards,

Dilshani Subasinghe
Software Engineer - QA *|* WSO2
lean *|* enterprise *|* middleware

Mobile : +94773375185
Blog: dilshani.me


___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev