Re: [Dev] Carbon JNDI cannot find com.sun.jndi.ldap.LdapCtxFactory

[Thusitha Thilina Dayaratne]

Hi Rukshan,

Does your environment contains anything or is it a just empty map?

Thanks
Thusitha

On Sun, Jan 21, 2018 at 3:35 AM, Rukshan Premathunga 
wrote:

> Hi All,
>
> Recently we started to write a LDAP client and observed following
> exception when i create context instance.
> context = new InitialDirContext(environment);
>
> Error obtaining connection. Cannot find the InitialContextFactory
> com.sun.jndi.ldap.LdapCtxFactory. javax.naming.NoInitialContextException:
> Cannot find the InitialContextFactory com.sun.jndi.ldap.LdapCtxFactory.
> at org.wso2.carbon.jndi.internal.osgi.JNDIContextManagerImpl.lambda$
> getInitialContextInternal$20(JNDIContextManagerImpl.java:118)
> at java.util.Optional.orElseThrow(Optional.java:290)
> at org.wso2.carbon.jndi.internal.osgi.JNDIContextManagerImpl.
> getInitialContextInternal(JNDIContextManagerImpl.java:118)
> at org.wso2.carbon.jndi.internal.osgi.JNDIContextManagerImpl.
> newInitialContext(JNDIContextManagerImpl.java:68)
> at org.wso2.carbon.jndi.internal.osgi.factory.
> DefaultContextFactory.lambda$getInitialContext$23(
> DefaultContextFactory.java:68)
> at org.wso2.carbon.jndi.internal.util.LambdaExceptionUtils.
> lambda$rethrowFunction$4(LambdaExceptionUtils.java:120)
> at java.util.Optional.map(Optional.java:215)
> at org.wso2.carbon.jndi.internal.osgi.factory.DefaultContextFactory.
> getInitialContext(DefaultContextFactory.java:68)
> at javax.naming.spi.NamingManager.getInitialContext(
> NamingManager.java:684)
>
>
> I was able to get the context successfully using following workaround. But
> since it is not the proper way can we have a way to solve this issue? It
> seems carbon jndi cannot find the LdapCtxFactory.
>
> LdapCtxFactory.getLdapCtxInstance(environment.get(Context.PROVIDER_URL),
> environment);
>
>
> Thanks and Regards
>
> --
> Rukshan Chathuranga.
> Software Engineer.
> WSO2, Inc.
> +94711822074 <071%20182%202074>
>
> ___
> Dev mailing list
> Dev@wso2.org
> http://wso2.org/cgi-bin/mailman/listinfo/dev
>
>


--
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] Commenting out addressing module of axis2.xml for email OTP

[Shakila Sasikaran]

On Sat, Jan 20, 2018 at 3:25 PM, Omindu Rathnaweera  wrote:

> Thanks for the explanation Shakila and Kanapriya. I wanted to try this
> out before replying to the mail. As you both have explained, without
> commenting out the addressing module we infact get an error during
> authentication
>
> As per the code, [1] is the place where the error is generated. From what
> I understood, this line is used to check whether the mailto transport is
> configured, correct ? because the ConfigurationContext is not used in
> another place after the check. Other than that, having the addressing
> module does not have any effect on the email sending flow. I verified this
> by removing the below code block at [1].
>

Yes, it's used to check whether the mailto transport is configured. If it's
not configured in axis2, we can't proceed to send the OTP. Is there any
other way to check the configuration from the axis2.xml without creating
the configuration context from the file system?

>
> ConfigurationContext configurationContext = ConfigurationContextFactory.
> createConfigurationContextFromFileSystem((String) null, (String) null);
>
> if (configurationContext.getAxisConfiguration().getTransportsOut().
> containsKey(EmailOTPAuthenticatorConstants.TRANSPORT_MAILTO)) {
>
> However, without this check, the user will be always redirected to the OTP
> page even when the mailto transport is not configured. My question is, can
> we do this check without creating a new 'ConfigurationContext' ? If that
> can be done, having the addressing module uncommented will not have any
> impact on the authenticator.
>
>
> [1] - https://github.com/wso2-extensions/identity-outbound-
> auth-email-otp/blob/master/component/authenticator/src/
> main/java/org/wso2/carbon/identity/authenticator/emailotp/
> EmailOTPAuthenticator.java#L1419-L1420
>
> Thanks,
> Omindu.
>
> On Wed, Jan 17, 2018 at 9:09 AM, Shavindri Dissanayake  > wrote:
>
>> Hi Team,
>>
>> Verifying details: Do we need to change the explanation given in docs?If
>> yes, what should the messaging be?
>>
>> Thanks & Regards
>> Shavindri Dissanayake
>> Senior Technical Writer
>>
>> WSO2 Inc.
>> lean.enterprise.middleware
>>
>> On Mon, Jan 15, 2018 at 11:00 AM, Shakila Sasikaran 
>> wrote:
>>
>>> Hi,
>>>
>>> As I remember when we create the axis configuration from the given
>>> axis2.xml, we get an error. Because of the emptiness of this module. Please
>>> note that this module is not defined in the axis2_default.xml.
>>>
>>> Thanks
>>>
>>> On Mon, Jan 15, 2018 at 10:43 AM, Omindu Rathnaweera 
>>> wrote:
>>>
 Hi Team,

 Is anyone aware of the reason why we have to do the following
 configuration for Email OTP [1] in axis2.xml (See instruction No.3 in
 'Enabling email configuration on WSO2 IS' section) ?

 '*Comment out the  property to avoid syntax
 errors*.'

 IMO saying '*to avoid syntax errors*' doesn't make much sense.

 [1] - https://docs.wso2.com/display/IS540/Configuring+Email+OTP

 Thanks,
 Omindu.

 --
 Omindu Rathnaweera
 Senior Software Engineer, WSO2 Inc.
 Mobile: +94 771 197 211 <+94%2077%20119%207211>

>>>
>>>
>>>
>>> --
>>> Shakila Sasikaran
>>> Software Engineer
>>> Mobile :+94 (0) 77 526 6848 <+94%2077%20526%206848>
>>> shak...@wso2.com
>>> WSO2, Inc.
>>> lean . enterprise . middleware
>>> http://www.wso2.com/
>>>
>>
>>
>
>
> --
> Omindu Rathnaweera
> Senior Software Engineer, WSO2 Inc.
> Mobile: +94 771 197 211 <+94%2077%20119%207211>
>



-- 
Shakila Sasikaran
Software Engineer
Mobile :+94 (0) 77 526 6848
shak...@wso2.com
WSO2, Inc.
lean . enterprise . middleware
http://www.wso2.com/
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

[Dev] Carbon JNDI cannot find com.sun.jndi.ldap.LdapCtxFactory

[Rukshan Premathunga]

Hi All,

Recently we started to write a LDAP client and observed following exception
when i create context instance.
context = new InitialDirContext(environment);

Error obtaining connection. Cannot find the InitialContextFactory
com.sun.jndi.ldap.LdapCtxFactory. javax.naming.NoInitialContextException:
Cannot find the InitialContextFactory com.sun.jndi.ldap.LdapCtxFactory.
at
org.wso2.carbon.jndi.internal.osgi.JNDIContextManagerImpl.lambda$getInitialContextInternal$20(JNDIContextManagerImpl.java:118)
at java.util.Optional.orElseThrow(Optional.java:290)
at
org.wso2.carbon.jndi.internal.osgi.JNDIContextManagerImpl.getInitialContextInternal(JNDIContextManagerImpl.java:118)
at
org.wso2.carbon.jndi.internal.osgi.JNDIContextManagerImpl.newInitialContext(JNDIContextManagerImpl.java:68)
at
org.wso2.carbon.jndi.internal.osgi.factory.DefaultContextFactory.lambda$getInitialContext$23(DefaultContextFactory.java:68)
at
org.wso2.carbon.jndi.internal.util.LambdaExceptionUtils.lambda$rethrowFunction$4(LambdaExceptionUtils.java:120)
at java.util.Optional.map(Optional.java:215)
at
org.wso2.carbon.jndi.internal.osgi.factory.DefaultContextFactory.getInitialContext(DefaultContextFactory.java:68)
at javax.naming.spi.NamingManager.getInitialContext(NamingManager.java:684)


I was able to get the context successfully using following workaround. But
since it is not the proper way can we have a way to solve this issue? It
seems carbon jndi cannot find the LdapCtxFactory.

LdapCtxFactory.getLdapCtxInstance(environment.get(Context.PROVIDER_URL),
environment);


Thanks and Regards

-- 
Rukshan Chathuranga.
Software Engineer.
WSO2, Inc.
+94711822074
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] User with an authenticated session is not prompted for login after SP configuration change

[Sathya Bandara]

Hi,

Thanks Tharindu and Farasath for the clarifications.

On Sat, Jan 20, 2018 at 9:12 AM, Farasath Ahamed  wrote:

>
>
> On Friday, January 19, 2018, Sathya Bandara  wrote:
>
>> Hi all,
>>
>> When there is an already authenticated session for an application user
>> with Identity Server, there is no necessity to prompt for another login to
>> the IS if the user logs into the application from another tab in the same
>> browser.
>> However we can change the service providers authentication scheme
>> (authentication steps and authenticators in each step) while the user has
>> this session.
>> In this case, if the user tries to log into the application he is not
>> prompted for re-authentication. This is the default behavior of IS.
>> Shouldn't we prompt the user to authenticate if the service provider's
>> authentication scheme is modified or is this an intended behavior?
>>
>> Appreciate your thoughts on this.
>>
>
> The reason for this behaviour is that we cache the service provider
> configuration in the users session context(context created for successful
> authentication ). This session context is stored against the cookie
> (commonauth) used to identify whether the user already has a session in IS.
>
> So whenever a user reauthenticates user's authenticated steps/idps are
> compared with cached service proivder configs.
>
> When you change the service provider configs it does not get reflected in
> the cached service provider configs in the user's authenticated session.
>
> With the current implementation this is the expected behaviour.
>
> But IMO we should improve this to always fetch the latest service provider
> configs and compare user's authentication steps/IDPs against it. (ie. We
> should avoid caching configurations)
>
> Shall we create a github issue to track this improvement?
>
+1. created a github issue [1] to track this.

>
> Thanks,
>> Sathya
>> --
>> Sathya Bandara
>> Software Engineer
>> WSO2 Inc. http://wso2.com
>> Mobile: (+94) 715 360 421 <+94%2071%20411%205032>
>>
>> <+94%2071%20411%205032>
>>
>
>
> --
> Farasath Ahamed
> Senior Software Engineer, WSO2 Inc.; http://wso2.com
> Mobile: +94777603866
> Blog: blog.farazath.com
> Twitter: @farazath619 
> 
>
>
>
>
>
[1] https://github.com/wso2/product-is/issues/2137

-- 
Sathya Bandara
Software Engineer
WSO2 Inc. http://wso2.com
Mobile: (+94) 715 360 421 <+94%2071%20411%205032>

<+94%2071%20411%205032>
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] Commenting out addressing module of axis2.xml for email OTP

[Omindu Rathnaweera]

Thanks for the explanation Shakila and Kanapriya. I wanted to try this out
before replying to the mail. As you both have explained, without commenting
out the addressing module we infact get an error during authentication

As per the code, [1] is the place where the error is generated. From what I
understood, this line is used to check whether the mailto transport is
configured, correct ? because the ConfigurationContext is not used in
another place after the check. Other than that, having the addressing
module does not have any effect on the email sending flow. I verified this
by removing the below code block at [1].

ConfigurationContext configurationContext =
ConfigurationContextFactory.createConfigurationContextFromFileSystem((String)
null, (String) null);

if 
(configurationContext.getAxisConfiguration().getTransportsOut().containsKey(EmailOTPAuthenticatorConstants.TRANSPORT_MAILTO))
{

However, without this check, the user will be always redirected to the OTP
page even when the mailto transport is not configured. My question is, can
we do this check without creating a new 'ConfigurationContext' ? If that
can be done, having the addressing module uncommented will not have any
impact on the authenticator.


[1] -
https://github.com/wso2-extensions/identity-outbound-auth-email-otp/blob/master/component/authenticator/src/main/java/org/wso2/carbon/identity/authenticator/emailotp/EmailOTPAuthenticator.java#L1419-L1420

Thanks,
Omindu.

On Wed, Jan 17, 2018 at 9:09 AM, Shavindri Dissanayake 
wrote:

> Hi Team,
>
> Verifying details: Do we need to change the explanation given in docs?If
> yes, what should the messaging be?
>
> Thanks & Regards
> Shavindri Dissanayake
> Senior Technical Writer
>
> WSO2 Inc.
> lean.enterprise.middleware
>
> On Mon, Jan 15, 2018 at 11:00 AM, Shakila Sasikaran 
> wrote:
>
>> Hi,
>>
>> As I remember when we create the axis configuration from the given
>> axis2.xml, we get an error. Because of the emptiness of this module. Please
>> note that this module is not defined in the axis2_default.xml.
>>
>> Thanks
>>
>> On Mon, Jan 15, 2018 at 10:43 AM, Omindu Rathnaweera 
>> wrote:
>>
>>> Hi Team,
>>>
>>> Is anyone aware of the reason why we have to do the following
>>> configuration for Email OTP [1] in axis2.xml (See instruction No.3 in
>>> 'Enabling email configuration on WSO2 IS' section) ?
>>>
>>> '*Comment out the  property to avoid syntax
>>> errors*.'
>>>
>>> IMO saying '*to avoid syntax errors*' doesn't make much sense.
>>>
>>> [1] - https://docs.wso2.com/display/IS540/Configuring+Email+OTP
>>>
>>> Thanks,
>>> Omindu.
>>>
>>> --
>>> Omindu Rathnaweera
>>> Senior Software Engineer, WSO2 Inc.
>>> Mobile: +94 771 197 211 <+94%2077%20119%207211>
>>>
>>
>>
>>
>> --
>> Shakila Sasikaran
>> Software Engineer
>> Mobile :+94 (0) 77 526 6848 <+94%2077%20526%206848>
>> shak...@wso2.com
>> WSO2, Inc.
>> lean . enterprise . middleware
>> http://www.wso2.com/
>>
>
>


-- 
Omindu Rathnaweera
Senior Software Engineer, WSO2 Inc.
Mobile: +94 771 197 211
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev