Re: [Dev] (no subject)

2017-11-15 Thread Dilusha Alphonso 
Hi All,

According to the internal discussion with Mushthaq Rumy, I got an idea on
how to use the single user to achieve this.

After that, I created one user and assigned the particular role for this
user and assigned the same scope to both resources. Now both resources are
working fine.

Thanks for your support.

Thanks
Dilusha


On Wed, Nov 15, 2017 at 6:43 PM, Mushthaq Rumy  wrote:

> Hi Dilusha,
>
> AFAIK, since this is scope based permission for resources, this should
> work for both POST and DELETE resources even with the same user with the
> Administrator role.
>
> For example, if you create a scope with Administrator role and add this
> scope to all 3 resources, you should be able to generate an access token
> with the curl command.
>
> Have you given the correct scope while generating the access token? If so
> could please you provide the response of the access token generation curl?
>
> Thanks & Regards,
> Mushthaq
>
> On Wed, Nov 15, 2017 at 4:54 PM, Dilusha Alphonso 
> wrote:
>
>> Hi All,
>>
>> The Administrator(role) has resource permission for DELETE and POST.
>>
>> First  I have assigned the same user to both resources. so that
>> doesn't work for POST. But works for DELETE.
>>
>> After that, I created a new user (Admin_user) and assigned the same role
>> (Administrator). I used that username and password to get the access token.
>> I tested the POST resource with that access token. Now POST resource is
>> working fine.
>> Is this correct method?
>>
>> Thanks
>> Dilusha.
>>
>>
>>
>> On Wed, Nov 15, 2017 at 3:51 PM, Pubudu Gunatilaka 
>> wrote:
>>
>>> Hi Dilusha,
>>>
>>> Please make sure you have the correct scope in the response of the token
>>> generation.
>>>
>>> Thank you!
>>>
>>> On Wed, Nov 15, 2017 at 5:52 PM, Dilusha Alphonso 
>>> wrote:
>>>
 Hi All,

 I am trying to add SCOPE to API manager 2.1.0. I have the user role. We
 have to give the resource permission for the particular role.I follow this
 link [1]

 1. I created a new user in APIM management console using super tenant.
 ( user is User_Administrator) I didn't give any permission to that user.
 2. I assigned the roles to that user. ( user role is administrator).
 3. After I added the scope of the resource  API in the publisher for
 roles.
 4.I used the curl command to get the access token for that particular
 user.
 5.After I got access token I used it in the curl command to access the
 resource.  The GET and DELETE are working fine. but POST is giving the
 following error response.

 {"fault":{"code":900910,"message":"The access token does not allow you
 to access the requested resource","description":"Access failure for
 API: /test/1.0.0, version: 1.0.0 status: (900910) - The access token does
 not allow you to access the requested resource"}}

 It will be great if any of you can suggest a solution for this.


 [1].https://wso2.com/library/articles/2017/01/article-an-ove
 rview-of-scope-management-with-wso2-api-manager/


 Thanks
 Dilusha
 --


 *Best Regards,Dilusha Alphonso*

 *Software Engineer - Support Team*


 *WSO2*
 *Mobile : *

 *+94766837098 <+94%2076%20683%207098>[image: http://wso2.com/signature]
 *

 ___
 Dev mailing list
 Dev@wso2.org
 http://wso2.org/cgi-bin/mailman/listinfo/dev


>>>
>>>
>>> --
>>> *Pubudu Gunatilaka*
>>> Committer and PMC Member - Apache Stratos
>>> Senior Software Engineer
>>> WSO2, Inc.: http://wso2.com
>>> mobile : +94774078049 <%2B94772207163>
>>>
>>>
>>
>>
>> --
>>
>>
>> *Best Regards,Dilusha Alphonso*
>>
>> *Software Engineer - Support Team*
>>
>>
>> *WSO2*
>> *Mobile : *
>>
>> *+94766837098 <+94%2076%20683%207098>[image: http://wso2.com/signature]
>> *
>>
>> ___
>> Dev mailing list
>> Dev@wso2.org
>> http://wso2.org/cgi-bin/mailman/listinfo/dev
>>
>>
>
>
> --
> Mushthaq Rumy
> *Software Engineer*
> Mobile : +94 (0) 779 492140 <%2B94%20%280%29%20773%20451194>
> Email : musht...@wso2.com
> WSO2, Inc.; http://wso2.com/
> lean . enterprise . middleware.
>
> 
>



-- 


*Best Regards,Dilusha Alphonso*

*Software Engineer - Support Team*


*WSO2*
*Mobile : *

*+94766837098[image: http://wso2.com/signature] *
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] [IS] SAML 2 SSO Login Session Issue

2017-11-15 Thread Thilina Madumal 
Hi Dilshani,

In Travelocity app, once the user gets authenticated, on the Travelocity
server side it creates a session (this implementation can by following the
SSO-AgentFilter [1]).

Web applications use cookies to communicate details about the sessions
created on the server side to the front-end (or to the browser).
Then when a request comes from the browser to the server-side, in the
request header browser includes the cookies that have been saved against
that particular domain. As a request comes to the server side (tomcat
container in travelocity example), server-side retrieves the session using
this cookie details.

Cookie acceptance policy is different from browser to browser unless
otherwise specified in the cookie spec [2].
So in some cases, some browsers might not accept some cookies. localhost
domain, ip can be some examples.

When the cookie is not accepted by the browser it will not send the cookie
back with requests. Because of this server-side fails to retrieve the
session.
This can be the reason for the problem you face.

Please feel free to ask anything that is not clear.


[1]
https://github.com/wso2-extensions/identity-agent-sso/blob/master/components/org.wso2.carbon.identity.sso.agent/src/main/java/org/wso2/carbon/identity/sso/agent/SSOAgentFilter.java
[2] https://tools.ietf.org/html/rfc6265

Best,
Thilina.


On Tue, Nov 14, 2017 at 10:29 AM, Dilshani Subasinghe 
wrote:

> Hi,
>
> @ Hasintha/Godwin - As Thanuj explained here, it is the session created by
> Travelocity which keeps SAML2 assertion. I misunderstood the scenario as it
> is going to set by SAML 2 flow by WSO2 IS. I will look into Travelocity
> logic which set the cookie here.
>
> Thanks Thanuja for the explanation.
>
> Regards,
> Dilshani
>
> On Tue, Nov 14, 2017 at 10:22 AM, Godwin Shrimal  wrote:
>
>> Hi Dilshani,
>>
>> What do u mean by "while sending the SAML request it may not set the
>> session."  and "it may attach session correctly in the request."  ?
>>
>> I am not clear what are you referring attaching session in the request
>> here?
>>
>>
>> Thanks
>> Godwin
>>
>> On Mon, Nov 13, 2017 at 7:04 PM, Dilshani Subasinghe 
>> wrote:
>>
>>> Hi IS Team,
>>>
>>> Configured SAML 2 SSO in WSO2 IS 5.3.0 for the scenario of "SAML2 Bearer
>>> Assertion Profile for OAuth 2.0 with WSO2 Travelocity". It worked well and
>>> moved the setup to cloud instance.
>>>
>>> When it is working in cloud set up, it identified that while sending the
>>> SAML request it may not set the session. I used IP instead of hostname.
>>> When we give hostname in assertion URL, it may attach session correctly in
>>> the request.
>>>
>>> Is that the expected behavior? Why we can't attach session correctly
>>> with IP.  I tried to use IP as we may have to add hostname as we accessing
>>> it remotely. Any solution for that?
>>>
>>> [1] https://docs.wso2.com/display/IS530/SAML2+Bearer+Asserti
>>> on+Profile+for+OAuth+2.0+with+WSO2+Travelocity
>>>
>>> Thanks,
>>> Dilshani
>>>
>>> --
>>>
>>> Dilshani Subasinghe
>>> Software Engineer - QA *|* WSO2
>>> lean *|* enterprise *|* middleware
>>>
>>> Mobile : +94773375185 <+94%2077%20337%205185>
>>> Blog: dilshani.me
>>>
>>> 
>>>
>>
>>
>>
>> --
>> *Godwin Amila Shrimal*
>> Associate Technical Lead
>> WSO2 Inc.; http://wso2.com
>> lean.enterprise.middleware
>>
>> mobile: *+94772264165*
>> linkedin: *https://www.linkedin.com/in/godwin-amila-2ba26844/
>> *
>> twitter: https://twitter.com/godwinamila
>> 
>>
>
>
>
> --
>
> Dilshani Subasinghe
> Software Engineer - QA *|* WSO2
> lean *|* enterprise *|* middleware
>
> Mobile : +94773375185 <+94%2077%20337%205185>
> Blog: dilshani.me
>
> 
>



-- 
*Thilina Madumal*
*Software Engineer | **WSO2*
Email: thilina...@wso2.com
Mobile: *+ <+94%2077%20767%201807>94 774553167*
Web:  http://wso2.com


___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] Passing payloads from API to ESB

2017-11-15 Thread Dushantha Batuwita 
Hi Buddhimala:

my pleasure

regards

On Thu, Nov 16, 2017 at 10:40 AM, Buddhimala Ranasinghe  wrote:

> Hi Dushantha,
>
> Thank you for the explanation and the solution. It is working for me now.
>
> Regards,
> Buddhimala
>
> On Wed, Nov 15, 2017 at 5:32 PM, Dushantha Batuwita 
> wrote:
>
>> Hi Priya
>>
>> please find the attached image which I was referring in the above answer.
>> sorry for the mixup
>> Regards
>>
>> On Wed, Nov 15, 2017 at 5:30 PM, Dushantha Batuwita 
>> wrote:
>>
>>> Hi Piriya
>>>
>>> Above approach, you can implement in the POST and PUT.
>>> The resource type GET produces a request that does not have a body
>>> (payload),
>>> hence we set the required parameter as a query parameter when you set
>>> the resource GET while creating the API in publisher. (please refer to the
>>> attached image )
>>> Then the request parameter is accessed within the payload mediator of
>>> the proxy service ( within the  element) in ESB as the following
>>> example.
>>>
>>>
>>>
>>> 
>>> 
>>> http://service.sample.oasis.com;
>>> xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/; xmlns:xsd="
>>> http://dto.service.sample.oasis.com/xsd;>
>>> 1
>>> 
>>> 
>>> 
>>> $1
>>> 
>>> 
>>> 
>>> 
>>> 
>>> http://org.apache.synapse/xsd"/>
>>> 
>>> 
>>>
>>>
>>> please refer to the following link for better understanding of the REST
>>> Parameters
>>> https://www.soapui.org/rest-testing/understanding-rest-parameters.html
>>>
>>> many thanks
>>>
>>>
>>> On Wed, Nov 15, 2017 at 5:19 PM, Piriya Sivalingam 
>>> wrote:
>>>
 Hi Dushantha,

 Since I have GET, POST,PUT, DELETE methods in my proxy, do you say the
 above-suggested method will work for GET. I have tried it but could not
 achieve it.
 And if I am correct, your example is about POST or PUT method.
 Could you please let me know whether I can use the same way for all
 four methods or only specific to POST method.

 Thank you.


 On Wed, Nov 15, 2017 at 3:10 PM, Dushantha Batuwita  wrote:

> please refer to the above answers
>
> Regards
>
> On Wed, Nov 15, 2017 at 2:35 PM, Dushantha Batuwita <
> dushan...@wso2.com> wrote:
>
>> Hi Buddhimala
>> Accessing the JSON payload parameters and retrieving those within the
>> proxy service can be achieved with the  element of the Payload
>> factory mediator according to your scenario.
>> Setting already retrieved parameters to the predefined soap structure
>> is accomplished within the  element.
>>
>> suppose that we need to access the following JSON structure
>>
>> {
>> "orderLine": {
>>
>> "ordername": "Cooking Item",
>> "orderid": "123456",
>> "product": {
>>
>> "productname": "coconutoil",
>> "productgrade": "drade1",
>> "productcolour": "white"
>>
>> }
>> }
>> }
>>
>>
>> and retrieve the values in order to set to the soap structure given
>> bellow within the payload factory is as follows refer to document[1] for
>> further details
>> 
>> 
>> > xmlns:ser="http://service.sample.oasis.com;
>> xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/; xmlns:xsd="
>> http://dto.service.sample.oasis.com/xsd;>
>> 
>>  
>> 
>> 
>> 
>> $1
>> $2
>> $3> ductcolour>
>> 
>> $4
>> $5
>>
>> 
>> 
>> 
>> 
>> 
>> 
>> > *expression="$.orderLine.product.productname"*/>
>> 
>> 
>> 
>> 
>> 
>> 
>>
>> NOTE: when you set the $n parameter to be couches to follow the order
>> in which the args are defined. i.e. the first line of the arg refer to 
>> $1..
>> and etc
>>
>> Regards
>>
>> On Wed, Nov 15, 2017 at 2:32 PM, Buddhimala Ranasinghe <
>> buddhim...@wso2.com> wrote:
>>
>>> Hi All,
>>>
>>> I need to pass a json payload from an API to ESB proxy service. In
>>> ESB, I'm using parameters in the passed JSON payload inside 
>>> payloadFactory
>>> mediator in my ESB which will be sent towards a secured SOAP BE. Can you
>>> please guide

Re: [Dev] Resolving a confusion about Openid as an inbound authentication

2017-11-15 Thread Thilina Madumal 
Hi Shanika,

In your use-case, what you want to achieve is Single Sign-On (SSO)
behaviour then you have preferably two options, SAML2-SSO and
OpenID-Connect (OIDC). IMO for your use-case you do not need to adopt both
protocols, just pick a one and go ahead. I would recommend OIDC.

Use the Identity-Server (IS) as the Identity Bus [1] for authenticating
with Facebook, Google, and etc. IS will deal with the different protocols
that Facebook, Google, and other IDPs use and will communicate with your
app with the protocol that you have chosen (SAML2 or OIDC).

AFAIK Travelocity application has problems when working with OpenID
configs. Those need to be fixed at the code level, I believe. Maybe that's
why it has not been documented, not sure though. Since OpenID is a fading
away norm would not recommend going with OpenID.

Please feel free to ask any questions if anything is not clear.

[1] https://docs.wso2.com/display/IS530/Identity+Bus

Best,
Thilina


On Tue, Nov 14, 2017 at 11:12 AM, Shanika Wickramasinghe 
wrote:

> Hi All,
>
> Thank you all for the clarification
>
> Thankyou,
> Shanika.
>
> On Tue, Nov 14, 2017 at 7:30 AM, Tharindu Edirisinghe 
> wrote:
>
>> Hi Shanika,
>>
>> The reason for the PKIX path building failure error is the public
>> certificate of the HTTPS endpoint that travelocity tries to invoke is not
>> being available in the truststore of travelocity app.
>>
>> It seems you are trying to invoke the following link.
>>
>> http://localhost:8080/travelocity.com/openid?OpenId.ClaimedI
>> d=https://localhost:9443/openid/
>>
>> This should invoke the identity server URL. If that is the case, the
>> public certificate of Identity Server is not available in the truststore
>> JKS file of travelocity app. You can import it to the truststore and this
>> issue should be resolved with that.
>>
>> Thanks,
>> TharinduE
>>
>> On Fri, Nov 10, 2017 at 11:18 PM, Nilasini Thirunavukkarasu <
>> nilas...@wso2.com> wrote:
>>
>>> Hi Shanika,
>>>
>>> Travelocity sample allows SAML & openid (not opeinid connect). Currently
>>> we doesn't have one sample application which accepts both (SAML & openid
>>> connect) protocol instead we are having travelocity sample for SAML &
>>> playground sample for openid connect. In order try openid connect hope [1]
>>> & [2] would be helpful for you.
>>>
>>> [1] https://docs.wso2.com/display/IS530/Basic+Client+Profile
>>> +with+Playground
>>> [2]https://docs.wso2.com/display/IS520/Session+Management+wi
>>> th+Playground
>>>
>>> One more thing, openid feature is going to be deprecated so recommended
>>> way is to use openid connect, Still if you want to find the configuration
>>> detail you can find it through 5.1.0 doc[3].
>>>
>>> [3] https://docs.wso2.com/display/IS510/Configuring+OpenID+S
>>> ingle-Sign-On
>>>
>>> Thanks,
>>> Nila.
>>>
>>>
>>> On Wed, Nov 8, 2017 at 3:56 PM, Shanika Wickramasinghe <
>>> shani...@wso2.com> wrote:
>>>
 Hi All,

 I raised a document JIRA related to the concern that I have mentioned
 in Question 2 [1]
 When I add a service provider the name that i give for the service
 provider is automatically taken as the Openid Realm value by the Identity
 Server. With that automatically taken Openid realm value I tred to access
 the openid (3 rd link ) in the travelocity login page. Then gave a error
 message as [2]. I found a reported JIRA [3] which mention that getting the
 service provider name automatically for the openid realm value is wrong and
 JIRA says that this issue was fixed. But it seems like yet the issue is not
 fixed.
 Appreciate any guidance on what is the correct input value for the
 openid realm and how a user can find what they need to input as the openid
 realm value.


 [1]. https://wso2.org/jira/browse/DOCUMENTATION-6378?filter=14372
 [2]. openid-login-error.png
 [3]. https://wso2.org/jira/browse/IDENTITY-2443

 On Wed, Nov 8, 2017 at 2:20 PM, Godwin Shrimal  wrote:

> Hi Shanika,
>
> Please see my answers to your questions.
>
> Question1: This is not related to OAuth/Openid Connect Configuration
> it's about OpenID Configuration. Those are basically two inbound 
> protocols.
> We need to enhance the documentation if there are gaps. Please create a
> document Jira for this.
>
> Question1: It allows to authenticate using OpenID protocol and you
> need to configure OpenID Realm under OpenID Configuration. Please
> create a document Jira for this.
>
> Thanks
> Godwin
>
>
> On Tue, Nov 7, 2017 at 7:13 PM, Shanika Wickramasinghe <
> shani...@wso2.com> wrote:
>
>> Hi All,
>>
>> I am Implementing a web app called doctors app for a Hospital
>> Management System and want to implement the Application Login Using 
>> several
>> Identity providers such as Facebook, Yahoo and Gmail. My application

Re: [Dev] [IS] [OAuth] Validating and renewing an access token with one call.

2017-11-15 Thread Shazni Nazeer 
I think the 2nd option is better, i.e for OAuth2 client to retry when the
resource server returns error when token is invalid or expired. Refreshing
based on expiry time is hard to implement and explicit revoke would have
made the token invalid before refresh happens.

On Wed, Nov 15, 2017 at 7:03 AM, Saneth Dharmakeerthi 
wrote:

> Hi all
>
> Two options provided by  Farasath is better than using refresh token all
> the time and creating a custom API  to do both validate and refresh task.
>
>
>- Using refresh token all the time is not good for performance wise.
>- Creating a custom API  to do both validate and refresh task is not
>suitable because resource server does the access token validation and the
>refresh token call happens in between OAuth client and authorization
>server. So giving the refresh token to resource server seems a spec
>violation and security risk.
>
>
> Thanks and Best Regards,
>
> Saneth Dharmakeerthi
> *Associate Technical Lead*
> WSO2, Inc.
> Mobile: +94772325511 <+94%2077%20232%205511>
>
> 
>
> On Wed, Nov 15, 2017 at 11:24 AM, Farasath Ahamed 
> wrote:
>
>>
>>
>> Farasath Ahamed
>> Software Engineer, WSO2 Inc.; http://wso2.com
>> Mobile: +94777603866
>> Blog: blog.farazath.com
>> Twitter: @farazath619 
>> 
>>
>>
>>
>> On Wed, Nov 15, 2017 at 10:56 AM, Thilina Madumal 
>> wrote:
>>
>>>
>>>
>>> On Wed, Nov 15, 2017 at 9:42 AM, Farasath Ahamed 
>>> wrote:
>>>



 On Wed, Nov 15, 2017 at 9:03 AM, Thilina Madumal 
 wrote:

> Hi Farazath,
>
> Thanks for the reply. Please see the inline comments.
>
> On Tue, Nov 14, 2017 at 11:10 PM, Farasath Ahamed 
> wrote:
>
>>
>>
>> On Tuesday, November 14, 2017, Thilina Madumal 
>> wrote:
>>
>>> Hi Devs,
>>>
>>> I'm working implementing an SPA that uses OAuth access-token in
>>> securing resource access.
>>> In the documentation [1] I found that to validate the access token
>>> that I already have obtained, the introspection endpoint can be used.
>>>
>>> My question is, is there a way where I can send both the accesss
>>> token and the refresh token, then IS will validate the access token, 
>>> and if
>>> the access token is expired IS will issue a new access token for the 
>>> given
>>> refresh token.
>>>
>>> I understand that the above use-case can be achieved by 2 requests
>>> to the IS. But I'm curious is to know whether there is a way to achieve
>>> this by a single request.
>>>
>>
>> Introspection Endpoint is basically an endpoint used to gather
>> validate and gather metadata about the access token.
>>
>> Usually this will be used by a resource server to validate an access
>> token presented by an oauth client. Resource server will introspect the
>> token to get metadata and authorize access.
>>
>> Meanwhile, a refresh token flow is between the oauth client and
>> authorization server.
>>
>> So the requirement you have presented does not fit into the
>> introspection call/endpoint. ie. Introspection and token refresh in one
>> call simply because there are two completely different flows.
>>
>
> In end-user perspective this would be a nice to have feature unless it
> is not a spec violation.
> On the other hand it do not need to be the introspection endpoint, it
> can be some custom endpoint where it takes the access-token and
> refresh-token and has the following behavior;
>
>- if the access-token is still valid return the same accesss-token
>and refresh-token.
>- if access-token is expired exchange the refresh-token for a new
>access-token, and return the new access-token and a new refresh-token.
>
> Okay in that case we can go for a custom grant type. Grant type will
 accept an access token and a refresh token and have the behaviour you have
 described. Anyways if the requirement is to make sure we have an active
 token all the time why not simply refresh the token :)

>>>
>>> Is it a recommended approach? I mean refreshing the access-token
>>> frequently. Just asking for the curiosity :)
>>>
>>
>> There are two options,
>>
>> 1. OAuth client keeps track of the expiry and does a refresh when the
>> token is about to expiry.
>> 2. OAuth client has a retry mechanism when an the resource server returns
>> an error when a expired token is used.
>>
>>>
>>>
>>>



> Anyhow need to consider the practicality of the use-case furthermore.
>
>
>>
>> In you use case why does the SPA have to do the introspection call?
>> Shouldn't it be the resource server consumed by SPA that needs to

Re: [Dev] 'Input too long' error occurred while executing Siddhi.bat file

2017-11-15 Thread Raveen Rathnayake 
HI Rasika,

Thanks for the suggestion. I will check this.


On Wed, Nov 15, 2017 at 6:07 PM, Rasika Perera  wrote:

> Hi Raveen,
>
> Yes issue might be because of JAR files list of 279 makes the windows
> 'java' command hits the O/S limit. In your script, below loop is adding the
> fully qualified paths for the each jar file into the "classpath" of the
> java command.
>
> FOR %%D in ("%SIDDHI_HOME%\lib\*.jar") DO set 
> SIDDHI_CLASSPATH=!SIDDHI_CLASSPATH!;
> "%SIDDHI_HOME%\lib\%%~nD%%~xD"
>
> As per this SO answer[1]; did you try adding wild card imports instead of the 
> for-loop? For example;
>
> set SIDDHI_CLASSPATH=!SIDDHI_CLASSPATH!;"SIDDHI_HOME%\lib\*"
>
> [1] https://stackoverflow.com/a/219801/1560536
>
>
> On Tue, Nov 14, 2017 at 5:00 PM, Raveen Rathnayake 
> wrote:
>
>> Hi all,
>>
>> Currently I am in the process of developing a SDK for Siddhi. In this SDK
>> I am packing all the Siddhi Extensions with it. All the jars(*all
>> together 279*) related to these extensions are located in the*
>> {siddhi.home}/lib* folder. Executable files(*siddhi.sh* and *siddhi.bat*)
>> are located in the *{siddhi.home}/bin* folder. In the* siddhi.bat* file
>> I am adding all the jar files in the *{siddhi.home}/lib* folder to the
>> *classpath*. When I tried to execute the* siddhi.bat* file I am getting
>> an error  saying "*The input line is too long*." After googling about
>> the error, I found that this error was caused because in windows a single 
>> command
>> has a limit of ~250 characters. Since this 250 limit is exceeded by
>> classpath setting command, I got the error.(when adding all the names of
>> jars inside the lib the 250 limit is exceeded.) I have tried few methods to
>> overcome this issue, but failed.  I have attached the *siddhi.bat* file
>> here with.
>>
>> It will be great if any of you can suggest a solution for this.
>>
>> Thank you.
>> --
>> Raveen Savinda Rathnayake,
>> Software Engineering Intern,
>> WSO2 Inc.
>>
>> *lean. enterprise. middleware  *
>> Web: www.WSO2.com Mobile : +94771144549  Blog : https://blog.raveen.me
>>
>> 
>>
>> 
>>
>> ___
>> Dev mailing list
>> Dev@wso2.org
>> http://wso2.org/cgi-bin/mailman/listinfo/dev
>>
>>
>
>
> --
> With Regards,
>
> *Rasika Perera*
> Senior Software Engineer
> LinkedIn: http://lk.linkedin.com/in/rasika90
>
> 
>
> WSO2 Inc. www.wso2.com
> lean.enterprise.middleware
>



-- 
Raveen Savinda Rathnayake,
Software Engineering Intern,
WSO2 Inc.

*lean. enterprise. middleware  *
Web: www.WSO2.com Mobile : +94771144549  Blog : https://blog.raveen.me




___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] Not able to access xslt from inside wso2 xslt mediator. Please guide.

2017-11-15 Thread Saneth Dharmakeerthi 
Hi Aditya,

It seems you have put the XSLT in API folder and try to access it in
incorrect way.

You can do this by either one of following ways and the first one is the
recommended.


   1.  Put the XSLT to the registry. you can find more information
   in[1][3]. If you change the xslt in registry it will effect imidiatly.
   2. Put it as local entry[1][2], XSLT change exffect only after next API
   or peoxy deployment.
  - 




[1]
https://docs.wso2.com/display/ESB500/Sample+8%3A+Introduction+to+Static+and+Dynamic+Registry+Resources+and+Using+XSLT+Transformations
[2]
http://mytecheye.blogspot.com/2013/12/wso2-esb-xslt-mediator-xslt-imports.html
[3]
https://www.linkedin.com/pulse/wso2-esb-message-transformation-mapping-using-xslt-isuru-jayakantha



Thanks and Best Regards,

Saneth Dharmakeerthi
*Associate Technical Lead*
WSO2, Inc.
Mobile: +94772325511



On Wed, Nov 15, 2017 at 6:40 PM, aditya shivankar <
shivankar.adit...@gmail.com> wrote:

> Respected Sir,
>
> I have one xslt .
> I have saved it inside api(src/main/synapse-config/api) folder in my
> project.
> I am trying to access it using xslt mediator like below.
>
> 
>
> But getting below error.Full logs can be found in attachment .
>
> [2017-11-15 18:11:39,128] [EI-Core]  INFO - DependencyTracker Local entry
> : api/test.xsl was added to the Synapse configuration successfully
> [2017-11-15 18:11:39,129] [EI-Core]  WARN - SynapseConfigUtils Cannot
> convert null to a StreamSource
> [2017-11-15 18:11:39,131] [EI-Core] ERROR - XSLTMediator Error creating
> XSLT transformer using : Value {name ='null', keyValue ='api/test.xsl'}
> org.apache.synapse.SynapseException: Cannot convert null to a StreamSource
> at org.apache.synapse.config.SynapseConfigUtils.handleException(
> SynapseConfigUtils.java:580)
> at org.apache.synapse.config.SynapseConfigUtils.getStreamSource(
> SynapseConfigUtils.java:81)
> at org.apache.synapse.mediators.transform.XSLTMediator.
> createTemplate(XSLTMediator.java:420)
> at org.apache.synapse.mediators.transform.XSLTMediator.
> performXSLT(XSLTMediator.java:268)
> at org.apache.synapse.mediators.transform.XSLTMediator.
> mediate(XSLTMediator.java:227)
> ---
> I tried printing body/jsonObject just one line before call to xslt. And it
> printed full payload, somewhat like below. So the payload is not empty.
>
> .
>
> 
> 
> 
>
> Please Guide.
>
> With Regards,
> Aditya
>
>
> ___
> Dev mailing list
> Dev@wso2.org
> http://wso2.org/cgi-bin/mailman/listinfo/dev
>
>
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] (no subject)

2017-11-15 Thread Mushthaq Rumy 
Hi Dilusha,

AFAIK, since this is scope based permission for resources, this should work
for both POST and DELETE resources even with the same user with the
Administrator role.

For example, if you create a scope with Administrator role and add this
scope to all 3 resources, you should be able to generate an access token
with the curl command.

Have you given the correct scope while generating the access token? If so
could please you provide the response of the access token generation curl?

Thanks & Regards,
Mushthaq

On Wed, Nov 15, 2017 at 4:54 PM, Dilusha Alphonso  wrote:

> Hi All,
>
> The Administrator(role) has resource permission for DELETE and POST.
>
> First  I have assigned the same user to both resources. so that
> doesn't work for POST. But works for DELETE.
>
> After that, I created a new user (Admin_user) and assigned the same role
> (Administrator). I used that username and password to get the access token.
> I tested the POST resource with that access token. Now POST resource is
> working fine.
> Is this correct method?
>
> Thanks
> Dilusha.
>
>
>
> On Wed, Nov 15, 2017 at 3:51 PM, Pubudu Gunatilaka 
> wrote:
>
>> Hi Dilusha,
>>
>> Please make sure you have the correct scope in the response of the token
>> generation.
>>
>> Thank you!
>>
>> On Wed, Nov 15, 2017 at 5:52 PM, Dilusha Alphonso 
>> wrote:
>>
>>> Hi All,
>>>
>>> I am trying to add SCOPE to API manager 2.1.0. I have the user role. We
>>> have to give the resource permission for the particular role.I follow this
>>> link [1]
>>>
>>> 1. I created a new user in APIM management console using super tenant. (
>>> user is User_Administrator) I didn't give any permission to that user.
>>> 2. I assigned the roles to that user. ( user role is administrator).
>>> 3. After I added the scope of the resource  API in the publisher for
>>> roles.
>>> 4.I used the curl command to get the access token for that particular
>>> user.
>>> 5.After I got access token I used it in the curl command to access the
>>> resource.  The GET and DELETE are working fine. but POST is giving the
>>> following error response.
>>>
>>> {"fault":{"code":900910,"message":"The access token does not allow you
>>> to access the requested resource","description":"Access failure for
>>> API: /test/1.0.0, version: 1.0.0 status: (900910) - The access token does
>>> not allow you to access the requested resource"}}
>>>
>>> It will be great if any of you can suggest a solution for this.
>>>
>>>
>>> [1].https://wso2.com/library/articles/2017/01/article-an-ove
>>> rview-of-scope-management-with-wso2-api-manager/
>>>
>>>
>>> Thanks
>>> Dilusha
>>> --
>>>
>>>
>>> *Best Regards,Dilusha Alphonso*
>>>
>>> *Software Engineer - Support Team*
>>>
>>>
>>> *WSO2*
>>> *Mobile : *
>>>
>>> *+94766837098 <+94%2076%20683%207098>[image: http://wso2.com/signature]
>>> *
>>>
>>> ___
>>> Dev mailing list
>>> Dev@wso2.org
>>> http://wso2.org/cgi-bin/mailman/listinfo/dev
>>>
>>>
>>
>>
>> --
>> *Pubudu Gunatilaka*
>> Committer and PMC Member - Apache Stratos
>> Senior Software Engineer
>> WSO2, Inc.: http://wso2.com
>> mobile : +94774078049 <%2B94772207163>
>>
>>
>
>
> --
>
>
> *Best Regards,Dilusha Alphonso*
>
> *Software Engineer - Support Team*
>
>
> *WSO2*
> *Mobile : *
>
> *+94766837098 <+94%2076%20683%207098>[image: http://wso2.com/signature]
> *
>
> ___
> Dev mailing list
> Dev@wso2.org
> http://wso2.org/cgi-bin/mailman/listinfo/dev
>
>


-- 
Mushthaq Rumy
*Software Engineer*
Mobile : +94 (0) 779 492140 <%2B94%20%280%29%20773%20451194>
Email : musht...@wso2.com
WSO2, Inc.; http://wso2.com/
lean . enterprise . middleware.


___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

[Dev] Not able to access xslt from inside wso2 xslt mediator. Please guide.

2017-11-15 Thread aditya shivankar 
Respected Sir,

I have one xslt .
I have saved it inside api(src/main/synapse-config/api) folder in my
project.
I am trying to access it using xslt mediator like below.



But getting below error.Full logs can be found in attachment .

[2017-11-15 18:11:39,128] [EI-Core]  INFO - DependencyTracker Local entry :
api/test.xsl was added to the Synapse configuration successfully
[2017-11-15 18:11:39,129] [EI-Core]  WARN - SynapseConfigUtils Cannot
convert null to a StreamSource
[2017-11-15 18:11:39,131] [EI-Core] ERROR - XSLTMediator Error creating
XSLT transformer using : Value {name ='null', keyValue ='api/test.xsl'}
org.apache.synapse.SynapseException: Cannot convert null to a StreamSource
at
org.apache.synapse.config.SynapseConfigUtils.handleException(SynapseConfigUtils.java:580)
at
org.apache.synapse.config.SynapseConfigUtils.getStreamSource(SynapseConfigUtils.java:81)
at
org.apache.synapse.mediators.transform.XSLTMediator.createTemplate(XSLTMediator.java:420)
at
org.apache.synapse.mediators.transform.XSLTMediator.performXSLT(XSLTMediator.java:268)
at
org.apache.synapse.mediators.transform.XSLTMediator.mediate(XSLTMediator.java:227)
---
I tried printing body/jsonObject just one line before call to xslt. And it
printed full payload, somewhat like below. So the payload is not empty.

.





Please Guide.

With Regards,
Aditya
[2017-11-15 18:11:39,128] [EI-Core]  INFO - DependencyTracker Local entry : 
api/test.xsl was added to the Synapse configuration successfully
[2017-11-15 18:11:39,129] [EI-Core]  WARN - SynapseConfigUtils Cannot convert 
null to a StreamSource
[2017-11-15 18:11:39,131] [EI-Core] ERROR - XSLTMediator Error creating XSLT 
transformer using : Value {name ='null', keyValue ='api/test.xsl'}
org.apache.synapse.SynapseException: Cannot convert null to a StreamSource
at 
org.apache.synapse.config.SynapseConfigUtils.handleException(SynapseConfigUtils.java:580)
at 
org.apache.synapse.config.SynapseConfigUtils.getStreamSource(SynapseConfigUtils.java:81)
at 
org.apache.synapse.mediators.transform.XSLTMediator.createTemplate(XSLTMediator.java:420)
at 
org.apache.synapse.mediators.transform.XSLTMediator.performXSLT(XSLTMediator.java:268)
at 
org.apache.synapse.mediators.transform.XSLTMediator.mediate(XSLTMediator.java:227)
at 
org.apache.synapse.mediators.AbstractListMediator.mediate(AbstractListMediator.java:100)
at 
org.apache.synapse.mediators.AbstractListMediator.mediate(AbstractListMediator.java:62)
at 
org.apache.synapse.mediators.base.SequenceMediator.mediate(SequenceMediator.java:158)
at 
org.apache.synapse.mediators.eip.aggregator.AggregateMediator.completeAggregate(AggregateMediator.java:487)
at 
org.apache.synapse.mediators.eip.aggregator.AggregateMediator.mediate(AggregateMediator.java:337)
at 
org.apache.synapse.mediators.AbstractListMediator.mediate(AbstractListMediator.java:100)
at 
org.apache.synapse.mediators.AbstractListMediator.mediate(AbstractListMediator.java:62)
at 
org.apache.synapse.mediators.base.SequenceMediator.mediate(SequenceMediator.java:158)
at org.apache.synapse.rest.Resource.process(Resource.java:343)
at org.apache.synapse.rest.API.process(API.java:338)
at 
org.apache.synapse.rest.RESTRequestHandler.apiProcess(RESTRequestHandler.java:123)
at 
org.apache.synapse.rest.RESTRequestHandler.dispatchToAPI(RESTRequestHandler.java:101)
at 
org.apache.synapse.rest.RESTRequestHandler.process(RESTRequestHandler.java:56)
at 
org.apache.synapse.core.axis2.Axis2SynapseEnvironment.injectMessage(Axis2SynapseEnvironment.java:304)
at 
org.apache.synapse.core.axis2.SynapseCallbackReceiver.handleMessage(SynapseCallbackReceiver.java:574)
at 
org.apache.synapse.core.axis2.SynapseCallbackReceiver.receive(SynapseCallbackReceiver.java:197)
at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:180)
at 
org.apache.synapse.transport.passthru.ClientWorker.run(ClientWorker.java:263)
at 
org.apache.axis2.transport.base.threads.NativeWorkerPool$1.run(NativeWorkerPool.java:172)
at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
[2017-11-15 18:11:39,134] [EI-Core] ERROR - i2iCalculateTest Error creating 
XSLT transformer using : Value {name ='null', keyValue ='api/test.xsl'}
org.apache.synapse.SynapseException: Cannot convert null to a StreamSource
at 
org.apache.synapse.config.SynapseConfigUtils.handleException(SynapseConfigUtils.java:580)
at 
org.apache.synapse.config.SynapseConfigUtils.getStreamSource(SynapseConfigUtils.java:81)
at 
org.apache.synapse.mediators.transform.XSLTMediator.createTemplate(XSLTMediator.java:420)
at

Re: [Dev] [IS] [OAuth] Validating and renewing an access token with one call.

2017-11-15 Thread Saneth Dharmakeerthi 
Hi all

Two options provided by  Farasath is better than using refresh token all
the time and creating a custom API  to do both validate and refresh task.


   - Using refresh token all the time is not good for performance wise.
   - Creating a custom API  to do both validate and refresh task is not
   suitable because resource server does the access token validation and the
   refresh token call happens in between OAuth client and authorization
   server. So giving the refresh token to resource server seems a spec
   violation and security risk.


Thanks and Best Regards,

Saneth Dharmakeerthi
*Associate Technical Lead*
WSO2, Inc.
Mobile: +94772325511



On Wed, Nov 15, 2017 at 11:24 AM, Farasath Ahamed 
wrote:

>
>
> Farasath Ahamed
> Software Engineer, WSO2 Inc.; http://wso2.com
> Mobile: +94777603866
> Blog: blog.farazath.com
> Twitter: @farazath619 
> 
>
>
>
> On Wed, Nov 15, 2017 at 10:56 AM, Thilina Madumal 
> wrote:
>
>>
>>
>> On Wed, Nov 15, 2017 at 9:42 AM, Farasath Ahamed 
>> wrote:
>>
>>>
>>>
>>>
>>> On Wed, Nov 15, 2017 at 9:03 AM, Thilina Madumal 
>>> wrote:
>>>
 Hi Farazath,

 Thanks for the reply. Please see the inline comments.

 On Tue, Nov 14, 2017 at 11:10 PM, Farasath Ahamed 
 wrote:

>
>
> On Tuesday, November 14, 2017, Thilina Madumal 
> wrote:
>
>> Hi Devs,
>>
>> I'm working implementing an SPA that uses OAuth access-token in
>> securing resource access.
>> In the documentation [1] I found that to validate the access token
>> that I already have obtained, the introspection endpoint can be used.
>>
>> My question is, is there a way where I can send both the accesss
>> token and the refresh token, then IS will validate the access token, and 
>> if
>> the access token is expired IS will issue a new access token for the 
>> given
>> refresh token.
>>
>> I understand that the above use-case can be achieved by 2 requests to
>> the IS. But I'm curious is to know whether there is a way to achieve this
>> by a single request.
>>
>
> Introspection Endpoint is basically an endpoint used to gather
> validate and gather metadata about the access token.
>
> Usually this will be used by a resource server to validate an access
> token presented by an oauth client. Resource server will introspect the
> token to get metadata and authorize access.
>
> Meanwhile, a refresh token flow is between the oauth client and
> authorization server.
>
> So the requirement you have presented does not fit into the
> introspection call/endpoint. ie. Introspection and token refresh in one
> call simply because there are two completely different flows.
>

 In end-user perspective this would be a nice to have feature unless it
 is not a spec violation.
 On the other hand it do not need to be the introspection endpoint, it
 can be some custom endpoint where it takes the access-token and
 refresh-token and has the following behavior;

- if the access-token is still valid return the same accesss-token
and refresh-token.
- if access-token is expired exchange the refresh-token for a new
access-token, and return the new access-token and a new refresh-token.

 Okay in that case we can go for a custom grant type. Grant type will
>>> accept an access token and a refresh token and have the behaviour you have
>>> described. Anyways if the requirement is to make sure we have an active
>>> token all the time why not simply refresh the token :)
>>>
>>
>> Is it a recommended approach? I mean refreshing the access-token
>> frequently. Just asking for the curiosity :)
>>
>
> There are two options,
>
> 1. OAuth client keeps track of the expiry and does a refresh when the
> token is about to expiry.
> 2. OAuth client has a retry mechanism when an the resource server returns
> an error when a expired token is used.
>
>>
>>
>>
>>>
>>>
>>>
 Anyhow need to consider the practicality of the use-case furthermore.


>
> In you use case why does the SPA have to do the introspection call?
> Shouldn't it be the resource server consumed by SPA that needs to do the
> introspection call.
>

 In this particular use-case the IS is the resource server. The SPA is a
 fully browser based application.
 To verify the authenticity of the user the SPA uses the access-token it
 obtained, that's why the SPA needs to call the introspection endpoint.

>>>
>>> From what you have explained. To me IS is the authorization server. SPA
>>> is the OAuth2/OIDC client. Since the SPA will recieve the id_token which is
>>> signed by IS. We should use that to verify the

Re: [Dev] 'Input too long' error occurred while executing Siddhi.bat file

2017-11-15 Thread Rasika Perera 
Hi Raveen,

Yes issue might be because of JAR files list of 279 makes the windows
'java' command hits the O/S limit. In your script, below loop is adding the
fully qualified paths for the each jar file into the "classpath" of the
java command.

FOR %%D in ("%SIDDHI_HOME%\lib\*.jar") DO set
SIDDHI_CLASSPATH=!SIDDHI_CLASSPATH!;
"%SIDDHI_HOME%\lib\%%~nD%%~xD"

As per this SO answer[1]; did you try adding wild card imports instead
of the for-loop? For example;

set SIDDHI_CLASSPATH=!SIDDHI_CLASSPATH!;"SIDDHI_HOME%\lib\*"

[1] https://stackoverflow.com/a/219801/1560536


On Tue, Nov 14, 2017 at 5:00 PM, Raveen Rathnayake  wrote:

> Hi all,
>
> Currently I am in the process of developing a SDK for Siddhi. In this SDK
> I am packing all the Siddhi Extensions with it. All the jars(*all
> together 279*) related to these extensions are located in the*
> {siddhi.home}/lib* folder. Executable files(*siddhi.sh* and *siddhi.bat*)
> are located in the *{siddhi.home}/bin* folder. In the* siddhi.bat* file I
> am adding all the jar files in the *{siddhi.home}/lib* folder to the
> *classpath*. When I tried to execute the* siddhi.bat* file I am getting
> an error  saying "*The input line is too long*." After googling about the
> error, I found that this error was caused because in windows a single command
> has a limit of ~250 characters. Since this 250 limit is exceeded by
> classpath setting command, I got the error.(when adding all the names of
> jars inside the lib the 250 limit is exceeded.) I have tried few methods to
> overcome this issue, but failed.  I have attached the *siddhi.bat* file
> here with.
>
> It will be great if any of you can suggest a solution for this.
>
> Thank you.
> --
> Raveen Savinda Rathnayake,
> Software Engineering Intern,
> WSO2 Inc.
>
> *lean. enterprise. middleware  *
> Web: www.WSO2.com Mobile : +94771144549  Blog : https://blog.raveen.me
>
> 
>
> 
>
> ___
> Dev mailing list
> Dev@wso2.org
> http://wso2.org/cgi-bin/mailman/listinfo/dev
>
>


-- 
With Regards,

*Rasika Perera*
Senior Software Engineer
LinkedIn: http://lk.linkedin.com/in/rasika90



WSO2 Inc. www.wso2.com
lean.enterprise.middleware
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] Passing payloads from API to ESB

2017-11-15 Thread Dushantha Batuwita 
Hi Priya

please find the attached image which I was referring in the above answer.
sorry for the mixup
Regards

On Wed, Nov 15, 2017 at 5:30 PM, Dushantha Batuwita 
wrote:

> Hi Piriya
>
> Above approach, you can implement in the POST and PUT.
> The resource type GET produces a request that does not have a body
> (payload),
> hence we set the required parameter as a query parameter when you set the
> resource GET while creating the API in publisher. (please refer to the
> attached image )
> Then the request parameter is accessed within the payload mediator of the
> proxy service ( within the  element) in ESB as the following example.
>
>
>
> 
> 
> http://service.sample.oasis.com;
> xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/; xmlns:xsd="
> http://dto.service.sample.oasis.com/xsd;>
> 1
> 
> 
> 
> $1
> 
> 
> 
> 
> 
> http://org.apache.synapse/xsd"/>
> 
> 
>
>
> please refer to the following link for better understanding of the REST
> Parameters
> https://www.soapui.org/rest-testing/understanding-rest-parameters.html
>
> many thanks
>
>
> On Wed, Nov 15, 2017 at 5:19 PM, Piriya Sivalingam 
> wrote:
>
>> Hi Dushantha,
>>
>> Since I have GET, POST,PUT, DELETE methods in my proxy, do you say the
>> above-suggested method will work for GET. I have tried it but could not
>> achieve it.
>> And if I am correct, your example is about POST or PUT method.
>> Could you please let me know whether I can use the same way for all four
>> methods or only specific to POST method.
>>
>> Thank you.
>>
>>
>> On Wed, Nov 15, 2017 at 3:10 PM, Dushantha Batuwita 
>> wrote:
>>
>>> please refer to the above answers
>>>
>>> Regards
>>>
>>> On Wed, Nov 15, 2017 at 2:35 PM, Dushantha Batuwita 
>>> wrote:
>>>
 Hi Buddhimala
 Accessing the JSON payload parameters and retrieving those within the
 proxy service can be achieved with the  element of the Payload
 factory mediator according to your scenario.
 Setting already retrieved parameters to the predefined soap structure
 is accomplished within the  element.

 suppose that we need to access the following JSON structure

 {
 "orderLine": {

 "ordername": "Cooking Item",
 "orderid": "123456",
 "product": {

 "productname": "coconutoil",
 "productgrade": "drade1",
 "productcolour": "white"

 }
 }
 }


 and retrieve the values in order to set to the soap structure given
 bellow within the payload factory is as follows refer to document[1] for
 further details
 
 
 >>> xmlns:ser="http://service.sample.oasis.com;
 xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/; xmlns:xsd="
 http://dto.service.sample.oasis.com/xsd;>
 
  
 
 
 
 $1
 $2
 $3>>> ductcolour>
 
 $4
 $5

 
 
 
 
 
 
 >>> *expression="$.orderLine.product.productname"*/>
 
 
 
 
 
 

 NOTE: when you set the $n parameter to be couches to follow the order
 in which the args are defined. i.e. the first line of the arg refer to $1..
 and etc

 Regards

 On Wed, Nov 15, 2017 at 2:32 PM, Buddhimala Ranasinghe <
 buddhim...@wso2.com> wrote:

> Hi All,
>
> I need to pass a json payload from an API to ESB proxy service. In
> ESB, I'm using parameters in the passed JSON payload inside payloadFactory
> mediator in my ESB which will be sent towards a secured SOAP BE. Can you
> please guide me on this? I need to know how could those parameters can be
> addressed inside my proxy service.
>
> Regards,
> Buddhimala
>
> --
>
>
> *Buddhimala Ranasinghe*
> Software Engineer-Support Team | WSO2
> Emil: buddhim...@wso2.com
> Mobile:+94771563138 <+94%2077%20156%203138>
> Web:http://wso2.com
> [image: https://wso2.com/signature] 
>
> ___
> Dev mailing list
> Dev@wso2.org
> http://wso2.org/cgi-bin/mailman/listinfo/dev
>
>


 --
 *Dushantha Nayanajith Chandima Batuwita*
 Software

Re: [Dev] Passing payloads from API to ESB

2017-11-15 Thread Dushantha Batuwita 
Hi Piriya

Above approach, you can implement in the POST and PUT.
The resource type GET produces a request that does not have a body
(payload),
hence we set the required parameter as a query parameter when you set the
resource GET while creating the API in publisher. (please refer to the
attached image )
Then the request parameter is accessed within the payload mediator of the
proxy service ( within the  element) in ESB as the following example.





http://service.sample.oasis.com;
xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/; xmlns:xsd="
http://dto.service.sample.oasis.com/xsd;>
1



$1





http://org.apache.synapse/xsd"/>




please refer to the following link for better understanding of the REST
Parameters
https://www.soapui.org/rest-testing/understanding-rest-parameters.html

many thanks


On Wed, Nov 15, 2017 at 5:19 PM, Piriya Sivalingam  wrote:

> Hi Dushantha,
>
> Since I have GET, POST,PUT, DELETE methods in my proxy, do you say the
> above-suggested method will work for GET. I have tried it but could not
> achieve it.
> And if I am correct, your example is about POST or PUT method.
> Could you please let me know whether I can use the same way for all four
> methods or only specific to POST method.
>
> Thank you.
>
>
> On Wed, Nov 15, 2017 at 3:10 PM, Dushantha Batuwita 
> wrote:
>
>> please refer to the above answers
>>
>> Regards
>>
>> On Wed, Nov 15, 2017 at 2:35 PM, Dushantha Batuwita 
>> wrote:
>>
>>> Hi Buddhimala
>>> Accessing the JSON payload parameters and retrieving those within the
>>> proxy service can be achieved with the  element of the Payload
>>> factory mediator according to your scenario.
>>> Setting already retrieved parameters to the predefined soap structure is
>>> accomplished within the  element.
>>>
>>> suppose that we need to access the following JSON structure
>>>
>>> {
>>> "orderLine": {
>>>
>>> "ordername": "Cooking Item",
>>> "orderid": "123456",
>>> "product": {
>>>
>>> "productname": "coconutoil",
>>> "productgrade": "drade1",
>>> "productcolour": "white"
>>>
>>> }
>>> }
>>> }
>>>
>>>
>>> and retrieve the values in order to set to the soap structure given
>>> bellow within the payload factory is as follows refer to document[1] for
>>> further details
>>> 
>>> 
>>> >> xmlns:ser="http://service.sample.oasis.com;
>>> xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/; xmlns:xsd="
>>> http://dto.service.sample.oasis.com/xsd;>
>>> 
>>>  
>>> 
>>> 
>>> 
>>> $1
>>> $2
>>> $3>> ductcolour>
>>> 
>>> $4
>>> $5
>>>
>>> 
>>> 
>>> 
>>> 
>>> 
>>> 
>>> >> *expression="$.orderLine.product.productname"*/>
>>> 
>>> 
>>> 
>>> 
>>> 
>>> 
>>>
>>> NOTE: when you set the $n parameter to be couches to follow the order in
>>> which the args are defined. i.e. the first line of the arg refer to $1..
>>> and etc
>>>
>>> Regards
>>>
>>> On Wed, Nov 15, 2017 at 2:32 PM, Buddhimala Ranasinghe <
>>> buddhim...@wso2.com> wrote:
>>>
 Hi All,

 I need to pass a json payload from an API to ESB proxy service. In ESB,
 I'm using parameters in the passed JSON payload inside payloadFactory
 mediator in my ESB which will be sent towards a secured SOAP BE. Can you
 please guide me on this? I need to know how could those parameters can be
 addressed inside my proxy service.

 Regards,
 Buddhimala

 --


 *Buddhimala Ranasinghe*
 Software Engineer-Support Team | WSO2
 Emil: buddhim...@wso2.com
 Mobile:+94771563138 <+94%2077%20156%203138>
 Web:http://wso2.com
 [image: https://wso2.com/signature] 

 ___
 Dev mailing list
 Dev@wso2.org
 http://wso2.org/cgi-bin/mailman/listinfo/dev


>>>
>>>
>>> --
>>> *Dushantha Nayanajith Chandima Batuwita*
>>> Software Engineer Support | WSO2
>>> dushan...@wso2.com
>>> mobile : 0094777453010
>>>
>>
>>
>>
>> --
>> *Dushantha Nayanajith Chandima Batuwita*
>> Software Engineer Support | WSO2
>> dushan...@wso2.com
>> mobile : 0094777453010
>>
>> ___
>> Dev mailing list
>> Dev@wso2.org
>> http://wso2.org/cgi-bin/mailman/listinfo/dev
>>
>>
>
>
> --
> Regards,
>
>

Re: [Dev] Passing payloads from API to ESB

2017-11-15 Thread Piriya Sivalingam 
Hi Dushantha,

Since I have GET, POST,PUT, DELETE methods in my proxy, do you say the
above-suggested method will work for GET. I have tried it but could not
achieve it.
And if I am correct, your example is about POST or PUT method.
Could you please let me know whether I can use the same way for all four
methods or only specific to POST method.

Thank you.


On Wed, Nov 15, 2017 at 3:10 PM, Dushantha Batuwita 
wrote:

> please refer to the above answers
>
> Regards
>
> On Wed, Nov 15, 2017 at 2:35 PM, Dushantha Batuwita 
> wrote:
>
>> Hi Buddhimala
>> Accessing the JSON payload parameters and retrieving those within the
>> proxy service can be achieved with the  element of the Payload
>> factory mediator according to your scenario.
>> Setting already retrieved parameters to the predefined soap structure is
>> accomplished within the  element.
>>
>> suppose that we need to access the following JSON structure
>>
>> {
>> "orderLine": {
>>
>> "ordername": "Cooking Item",
>> "orderid": "123456",
>> "product": {
>>
>> "productname": "coconutoil",
>> "productgrade": "drade1",
>> "productcolour": "white"
>>
>> }
>> }
>> }
>>
>>
>> and retrieve the values in order to set to the soap structure given
>> bellow within the payload factory is as follows refer to document[1] for
>> further details
>> 
>> 
>> > xmlns:ser="http://service.sample.oasis.com;
>> xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/; xmlns:xsd="
>> http://dto.service.sample.oasis.com/xsd;>
>> 
>>  
>> 
>> 
>> 
>> $1
>> $2
>> $3
>> 
>> $4
>> $5
>>
>> 
>> 
>> 
>> 
>> 
>> 
>> > *expression="$.orderLine.product.productname"*/>
>> 
>> 
>> 
>> 
>> 
>> 
>>
>> NOTE: when you set the $n parameter to be couches to follow the order in
>> which the args are defined. i.e. the first line of the arg refer to $1..
>> and etc
>>
>> Regards
>>
>> On Wed, Nov 15, 2017 at 2:32 PM, Buddhimala Ranasinghe <
>> buddhim...@wso2.com> wrote:
>>
>>> Hi All,
>>>
>>> I need to pass a json payload from an API to ESB proxy service. In ESB,
>>> I'm using parameters in the passed JSON payload inside payloadFactory
>>> mediator in my ESB which will be sent towards a secured SOAP BE. Can you
>>> please guide me on this? I need to know how could those parameters can be
>>> addressed inside my proxy service.
>>>
>>> Regards,
>>> Buddhimala
>>>
>>> --
>>>
>>>
>>> *Buddhimala Ranasinghe*
>>> Software Engineer-Support Team | WSO2
>>> Emil: buddhim...@wso2.com
>>> Mobile:+94771563138 <+94%2077%20156%203138>
>>> Web:http://wso2.com
>>> [image: https://wso2.com/signature] 
>>>
>>> ___
>>> Dev mailing list
>>> Dev@wso2.org
>>> http://wso2.org/cgi-bin/mailman/listinfo/dev
>>>
>>>
>>
>>
>> --
>> *Dushantha Nayanajith Chandima Batuwita*
>> Software Engineer Support | WSO2
>> dushan...@wso2.com
>> mobile : 0094777453010
>>
>
>
>
> --
> *Dushantha Nayanajith Chandima Batuwita*
> Software Engineer Support | WSO2
> dushan...@wso2.com
> mobile : 0094777453010
>
> ___
> Dev mailing list
> Dev@wso2.org
> http://wso2.org/cgi-bin/mailman/listinfo/dev
>
>


-- 
Regards,

*Piriya Sivalingam*

*Software Engineer - Support Team*

*WSO2*
*Mobile : +94 77 8462039*

[image: http://wso2.com/signature] 
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] (no subject)

2017-11-15 Thread Dilusha Alphonso 
Hi All,

The Administrator(role) has resource permission for DELETE and POST.

First  I have assigned the same user to both resources. so that
doesn't work for POST. But works for DELETE.

After that, I created a new user (Admin_user) and assigned the same role
(Administrator). I used that username and password to get the access token.
I tested the POST resource with that access token. Now POST resource is
working fine.
Is this correct method?

Thanks
Dilusha.



On Wed, Nov 15, 2017 at 3:51 PM, Pubudu Gunatilaka  wrote:

> Hi Dilusha,
>
> Please make sure you have the correct scope in the response of the token
> generation.
>
> Thank you!
>
> On Wed, Nov 15, 2017 at 5:52 PM, Dilusha Alphonso 
> wrote:
>
>> Hi All,
>>
>> I am trying to add SCOPE to API manager 2.1.0. I have the user role. We
>> have to give the resource permission for the particular role.I follow this
>> link [1]
>>
>> 1. I created a new user in APIM management console using super tenant. (
>> user is User_Administrator) I didn't give any permission to that user.
>> 2. I assigned the roles to that user. ( user role is administrator).
>> 3. After I added the scope of the resource  API in the publisher for
>> roles.
>> 4.I used the curl command to get the access token for that particular
>> user.
>> 5.After I got access token I used it in the curl command to access the
>> resource.  The GET and DELETE are working fine. but POST is giving the
>> following error response.
>>
>> {"fault":{"code":900910,"message":"The access token does not allow you
>> to access the requested resource","description":"Access failure for API:
>> /test/1.0.0, version: 1.0.0 status: (900910) - The access token does not
>> allow you to access the requested resource"}}
>>
>> It will be great if any of you can suggest a solution for this.
>>
>>
>> [1].https://wso2.com/library/articles/2017/01/article-an-ove
>> rview-of-scope-management-with-wso2-api-manager/
>>
>>
>> Thanks
>> Dilusha
>> --
>>
>>
>> *Best Regards,Dilusha Alphonso*
>>
>> *Software Engineer - Support Team*
>>
>>
>> *WSO2*
>> *Mobile : *
>>
>> *+94766837098 <+94%2076%20683%207098>[image: http://wso2.com/signature]
>> *
>>
>> ___
>> Dev mailing list
>> Dev@wso2.org
>> http://wso2.org/cgi-bin/mailman/listinfo/dev
>>
>>
>
>
> --
> *Pubudu Gunatilaka*
> Committer and PMC Member - Apache Stratos
> Senior Software Engineer
> WSO2, Inc.: http://wso2.com
> mobile : +94774078049 <%2B94772207163>
>
>


-- 


*Best Regards,Dilusha Alphonso*

*Software Engineer - Support Team*


*WSO2*
*Mobile : *

*+94766837098[image: http://wso2.com/signature] *
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] (no subject)

2017-11-15 Thread Pubudu Gunatilaka 
Hi Dilusha,

Please make sure you have the correct scope in the response of the token
generation.

Thank you!

On Wed, Nov 15, 2017 at 5:52 PM, Dilusha Alphonso  wrote:

> Hi All,
>
> I am trying to add SCOPE to API manager 2.1.0. I have the user role. We
> have to give the resource permission for the particular role.I follow this
> link [1]
>
> 1. I created a new user in APIM management console using super tenant. (
> user is User_Administrator) I didn't give any permission to that user.
> 2. I assigned the roles to that user. ( user role is administrator).
> 3. After I added the scope of the resource  API in the publisher for roles.
> 4.I used the curl command to get the access token for that particular user.
> 5.After I got access token I used it in the curl command to access the
> resource.  The GET and DELETE are working fine. but POST is giving the
> following error response.
>
> {"fault":{"code":900910,"message":"The access token does not allow you to
> access the requested resource","description":"Access failure for API:
> /test/1.0.0, version: 1.0.0 status: (900910) - The access token does not
> allow you to access the requested resource"}}
>
> It will be great if any of you can suggest a solution for this.
>
>
> [1].https://wso2.com/library/articles/2017/01/article-an-ove
> rview-of-scope-management-with-wso2-api-manager/
>
>
> Thanks
> Dilusha
> --
>
>
> *Best Regards,Dilusha Alphonso*
>
> *Software Engineer - Support Team*
>
>
> *WSO2*
> *Mobile : *
>
> *+94766837098 <+94%2076%20683%207098>[image: http://wso2.com/signature]
> *
>
> ___
> Dev mailing list
> Dev@wso2.org
> http://wso2.org/cgi-bin/mailman/listinfo/dev
>
>


-- 
*Pubudu Gunatilaka*
Committer and PMC Member - Apache Stratos
Senior Software Engineer
WSO2, Inc.: http://wso2.com
mobile : +94774078049 <%2B94772207163>
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

[Dev] WSO2 Committers += Dinali Dabarera

2017-11-15 Thread KasunG Gajasinghe 
Hi All,

It's my pleasure to announce Dinali Dabarera as a WSO2 Committer.

She has made a great contribution to IS by developing multiple features,
and in recognition of her contribution, dedication and commitment she has
been voted as a WSO2 committer.

Congratulations Dinali and keep up the good work...!

Thanks,
KasunG

-- 

*Kasun Gajasinghe*Associate Technical Lead, WSO2 Inc.
email: kasung AT spamfree wso2.com
linked-in: http://lk.linkedin.com/in/gajasinghe
blog: http://kasunbg.org
phone: +1 650-745-4499, 77 678 0813
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] (no subject)

2017-11-15 Thread Rukshan Premathunga 
Hi Dilusha,

What roles did you assign to that user? just administrator role assigned?
Can you assign login and subscriber role to that user and check?

Thanks and Regards

On Wed, Nov 15, 2017 at 3:22 PM, Dilusha Alphonso  wrote:

> Hi All,
>
> I am trying to add SCOPE to API manager 2.1.0. I have the user role. We
> have to give the resource permission for the particular role.I follow this
> link [1]
>
> 1. I created a new user in APIM management console using super tenant. (
> user is User_Administrator) I didn't give any permission to that user.
> 2. I assigned the roles to that user. ( user role is administrator).
> 3. After I added the scope of the resource  API in the publisher for roles.
> 4.I used the curl command to get the access token for that particular user.
> 5.After I got access token I used it in the curl command to access the
> resource.  The GET and DELETE are working fine. but POST is giving the
> following error response.
>
> {"fault":{"code":900910,"message":"The access token does not allow you to
> access the requested resource","description":"Access failure for API:
> /test/1.0.0, version: 1.0.0 status: (900910) - The access token does not
> allow you to access the requested resource"}}
>
> It will be great if any of you can suggest a solution for this.
>
>
> [1].https://wso2.com/library/articles/2017/01/article-an-ove
> rview-of-scope-management-with-wso2-api-manager/
>
>
> Thanks
> Dilusha
> --
>
>
> *Best Regards,Dilusha Alphonso*
>
> *Software Engineer - Support Team*
>
>
> *WSO2*
> *Mobile : *
>
> *+94766837098 <+94%2076%20683%207098>[image: http://wso2.com/signature]
> *
>
> ___
> Dev mailing list
> Dev@wso2.org
> http://wso2.org/cgi-bin/mailman/listinfo/dev
>
>


-- 
Rukshan Chathuranga.
Software Engineer.
WSO2, Inc.
+94711822074
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

[Dev] Error response while adding scope to "POST" in APIM 2.1.0

2017-11-15 Thread Dilusha Alphonso 
Hi All,

I am trying to add SCOPE to API manager 2.1.0. I have the user role. We
have to give the resource permission for the particular role.I follow this
link [1]

1. I created a new user in APIM management console using super tenant. (
user is User_Administrator) I didn't give any permission to that user.
2. I assigned the roles to that user. ( user role is administrator).
3. After I added the scope of the resource  API in the publisher for roles.
4.I used the curl command to get the access token for that particular user.
5.After I got access token I used it in the curl command to access the
resource.  The GET and DELETE are working fine. but POST is giving the
following error response.

{"fault":{"code":900910,"message":"The access token does not allow you to
access the requested resource","description":"Access failure for API:
/test/1.0.0, version: 1.0.0 status: (900910) - The access token does not
allow you to access the requested resource"}}

It will be great if any of you can suggest a solution for this.


[1].https://wso2.com/library/articles/2017/01/article-an-ove
rview-of-scope-management-with-wso2-api-manager/

-- 


*Best Regards,Dilusha Alphonso*

*Software Engineer - Support Team*


*WSO2*
*Mobile : *

*+94766837098[image: http://wso2.com/signature] *
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

[Dev] (no subject)

2017-11-15 Thread Dilusha Alphonso 
Hi All,

I am trying to add SCOPE to API manager 2.1.0. I have the user role. We
have to give the resource permission for the particular role.I follow this
link [1]

1. I created a new user in APIM management console using super tenant. (
user is User_Administrator) I didn't give any permission to that user.
2. I assigned the roles to that user. ( user role is administrator).
3. After I added the scope of the resource  API in the publisher for roles.
4.I used the curl command to get the access token for that particular user.
5.After I got access token I used it in the curl command to access the
resource.  The GET and DELETE are working fine. but POST is giving the
following error response.

{"fault":{"code":900910,"message":"The access token does not allow you to
access the requested resource","description":"Access failure for API:
/test/1.0.0, version: 1.0.0 status: (900910) - The access token does not
allow you to access the requested resource"}}

It will be great if any of you can suggest a solution for this.


[1].https://wso2.com/library/articles/2017/01/article-an-
overview-of-scope-management-with-wso2-api-manager/


Thanks
Dilusha
-- 


*Best Regards,Dilusha Alphonso*

*Software Engineer - Support Team*


*WSO2*
*Mobile : *

*+94766837098 <+94%2076%20683%207098>[image: http://wso2.com/signature]
*
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] Passing payloads from API to ESB

2017-11-15 Thread Dushantha Batuwita 
please refer to the above answers

Regards

On Wed, Nov 15, 2017 at 2:35 PM, Dushantha Batuwita 
wrote:

> Hi Buddhimala
> Accessing the JSON payload parameters and retrieving those within the
> proxy service can be achieved with the  element of the Payload
> factory mediator according to your scenario.
> Setting already retrieved parameters to the predefined soap structure is
> accomplished within the  element.
>
> suppose that we need to access the following JSON structure
>
> {
> "orderLine": {
>
> "ordername": "Cooking Item",
> "orderid": "123456",
> "product": {
>
> "productname": "coconutoil",
> "productgrade": "drade1",
> "productcolour": "white"
>
> }
> }
> }
>
>
> and retrieve the values in order to set to the soap structure given bellow
> within the payload factory is as follows refer to document[1] for further
> details
> 
> 
>  xmlns:ser="http://service.sample.oasis.com;
> xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/; xmlns:xsd="
> http://dto.service.sample.oasis.com/xsd;>
> 
>  
> 
> 
> 
> $1
> $2
> $3
> 
> $4
> $5
>
> 
> 
> 
> 
> 
> 
>  *expression="$.orderLine.product.productname"*/>
> 
> 
> 
> 
> 
> 
>
> NOTE: when you set the $n parameter to be couches to follow the order in
> which the args are defined. i.e. the first line of the arg refer to $1..
> and etc
>
> Regards
>
> On Wed, Nov 15, 2017 at 2:32 PM, Buddhimala Ranasinghe <
> buddhim...@wso2.com> wrote:
>
>> Hi All,
>>
>> I need to pass a json payload from an API to ESB proxy service. In ESB,
>> I'm using parameters in the passed JSON payload inside payloadFactory
>> mediator in my ESB which will be sent towards a secured SOAP BE. Can you
>> please guide me on this? I need to know how could those parameters can be
>> addressed inside my proxy service.
>>
>> Regards,
>> Buddhimala
>>
>> --
>>
>>
>> *Buddhimala Ranasinghe*
>> Software Engineer-Support Team | WSO2
>> Emil: buddhim...@wso2.com
>> Mobile:+94771563138 <+94%2077%20156%203138>
>> Web:http://wso2.com
>> [image: https://wso2.com/signature] 
>>
>> ___
>> Dev mailing list
>> Dev@wso2.org
>> http://wso2.org/cgi-bin/mailman/listinfo/dev
>>
>>
>
>
> --
> *Dushantha Nayanajith Chandima Batuwita*
> Software Engineer Support | WSO2
> dushan...@wso2.com
> mobile : 0094777453010
>



-- 
*Dushantha Nayanajith Chandima Batuwita*
Software Engineer Support | WSO2
dushan...@wso2.com
mobile : 0094777453010
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

[Dev] Passing payloads from API to ESB

2017-11-15 Thread Buddhimala Ranasinghe 
Hi All,

I need to pass a json payload from an API to ESB proxy service. In ESB, I'm
using parameters in the passed JSON payload inside payloadFactory mediator
in my ESB which will be sent towards a secured SOAP BE. Can you please
guide me on this? I need to know how could those parameters can be
addressed inside my proxy service.

Regards,
Buddhimala

-- 


*Buddhimala Ranasinghe*
Software Engineer-Support Team | WSO2
Emil: buddhim...@wso2.com
Mobile:+94771563138
Web:http://wso2.com
[image: https://wso2.com/signature] 
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev