Re: [Dev] [APIM] how to route all the traffic from a gateway to another gateway ?

2018-09-27 Thread Rukshan Premathunga 
Hi Youcef,



On Fri, Sep 28, 2018 at 2:49 AM Youcef HILEM 
wrote:

> Hi,
> Can you help me please, I can't found how to route all the traffic from a
> (DMZ, région one, ...) gateway to (internal, region two, ...) gateway.
>
> Issue : https://github.com/wso2/product-apim/issues/3486
>
> Sample 1 : WSO2 API Manager Internal/External Deployment
> (
> https://dzone.com/articles/understanding-wso2-api-manager-deployment-patterns
> )
>
> My use case is to route all traffic from Datacenter 1 Gateway to a
> Datacenter two Gateway when the token generated from the Datacenter One is
> not already replicated (synchronous).
> Tokens are extended with the Datacenter ID like described here :
>
> https://medium.com/@nuwandias/regional-api-gateways-with-wso2-api-manager-309d6d93761d

I think you have to sync database before you move DC1 traffic to DC2. If
not you have to change the DC1 KM. But i think that is not a valid solution
and better to sync database.

Thanks and Regards

>
>
> Thanks
> Youcef HILEM
>
>
>
>
>
> --
> Sent from:
> http://wso2-oxygen-tank.10903.n7.nabble.com/WSO2-Development-f3.html
> ___
> Dev mailing list
> Dev@wso2.org
> http://wso2.org/cgi-bin/mailman/listinfo/dev
>


-- 
Rukshan Chathuranga.
Software Engineer.
WSO2, Inc.
+94711822074
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] XACML regex function usage.

2018-09-27 Thread Rajith Siriwardena 
+ Dev

On Fri, Sep 28, 2018 at 9:41 AM Rajith Siriwardena  wrote:

> Hi
>
> I'm getting the following error when I try to apply a regex function to an
> XACML policy.
>
> Policy
>
> -
> * PolicyId="authn_bank_admin_role_based_policy_template"
> RuleCombiningAlgId="urn:oasis:names:tc:xacml:1.0:rule-combining-algorithm:first-applicable"
> Version="1.0">*
> *   This policy is for role based authentication for
> managers*
> *   *
> *  *
> * *
> * MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal">*
> *DataType="http://www.w3.org/2001/XMLSchema#string
> ">saml2-web-app-dispatch.com
> *
> *AttributeId="http://wso2.org/identity/sp/sp-name
> "
> Category="http://wso2.org/identity/sp "
> DataType="http://www.w3.org/2001/XMLSchema#string
> "
> MustBePresent="false">*
> **
> * MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal">*
> *DataType="http://www.w3.org/2001/XMLSchema#string
> ">authenticate*
> *AttributeId="http://wso2.org/identity/identity-action/action-name
> "
> Category="http://wso2.org/identity/identity-action
> "
> DataType="http://www.w3.org/2001/XMLSchema#string
> "
> MustBePresent="false">*
> **
> * *
> *  *
> *   *
> *   *
> *  *
> *  FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-regexp-match">*
> * DataType="http://www.w3.org/2001/XMLSchema#string
> ">{ ^manager_.*$
> }*
> *http://wso2.org/claims/role
> "
> Category="urn:oasis:names:tc:xacml:1.0:subject-category:access-subject"
> DataType="http://www.w3.org/2001/XMLSchema#string
> "
> MustBePresent="true">*
> * *
> *  *
> *   *
> *   *
> * *
>
> --
>
> Error log
>
> [2018-09-28 09:32:20,260] ERROR
> {org.wso2.carbon.identity.entitlement.pap.PAPPolicyReader} -  Error while
> parsing the policy
> java.lang.IllegalArgumentException: illegal parameter
> at org.wso2.balana.cond.FunctionBase.checkInputs(FunctionBase.java:380)
> at org.wso2.balana.cond.Apply.(Apply.java:89)
> at org.wso2.balana.cond.Apply.getInstance(Apply.java:227)
> at org.wso2.balana.cond.Apply.getInstance(Apply.java:188)
> at
> org.wso2.balana.cond.ExpressionHandler.parseExpression(ExpressionHandler.java:53)
> at org.wso2.balana.cond.Condition.getInstance(Condition.java:177)
> at org.wso2.balana.Rule.getInstance(Rule.java:237)
> at org.wso2.balana.Policy.(Policy.java:303)
> at org.wso2.balana.Policy.getInstance(Policy.java:382)
> at
> org.wso2.carbon.identity.entitlement.pap.PAPPolicyReader.handleDocument(PAPPolicyReader.java:158)
> at
> org.wso2.carbon.identity.entitlement.pap.PAPPolicyReader.getPolicy(PAPPolicyReader.java:119)
> at
> org.wso2.carbon.identity.entitlement.EntitlementPolicyAdminService.addOrUpdatePolicy(EntitlementPolicyAdminService.java:741)
> at
> org.wso2.carbon.identity.entitlement.EntitlementPolicyAdminService.updatePolicy(EntitlementPolicyAdminService.java:170)
> at sun.reflect.GeneratedMethodAccessor254.invoke(Unknown Source)
> at
> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
> at java.lang.reflect.Method.invoke(Method.java:498)
> at
> org.apache.axis2.rpc.receivers.RPCUtil.invokeServiceClass(RPCUtil.java:212)
> at
> org.apache.axis2.rpc.receivers.RPCMessageReceiver.invokeBusinessLogic(RPCMessageReceiver.java:117)
> at
> org.apache.axis2.receivers.AbstractInOutMessageReceiver.invokeBusinessLogic(AbstractInOutMessageReceiver.java:40)
> at
> org.apache.axis2.receivers.AbstractMessageReceiver.receive(AbstractMessageReceiver.java:110)
> at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:180)
> at
> org.apache.axis2.transport.local.LocalTransportReceiver.processMessage(LocalTransportReceiver.java:170)
> at
> org.apache.axis2.transport.local.LocalTransportReceiver.processMessage(LocalTransportReceiver.java:82)
> at
> org.wso2.carbon.core.transports.local.CarbonLocalTransportSender.finalizeSendWithToAddress(CarbonLocalTransportSender.java:45)
> at
> org.apache.axis2.transport.local.LocalTransportSender.invoke(LocalTransportSender.java:77)
> at org.apache.axis2.engine.AxisEngine.send(AxisEngine.java:442)
> at
> org.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisOperation.java:441)
> at
> org.apache.axis2.description.OutInAxisOperationClient.executeImpl(OutInAxisOperation.java:227)
> at
> org.apache.axis2.client.OperationClient.execute(OperationClient.java:149)
> at
>

[Dev] [APIM] how to route all the traffic from a gateway to another gateway ?

2018-09-27 Thread Youcef HILEM 
Hi,
Can you help me please, I can't found how to route all the traffic from a
(DMZ, région one, ...) gateway to (internal, region two, ...) gateway.

Issue : https://github.com/wso2/product-apim/issues/3486

Sample 1 : WSO2 API Manager Internal/External Deployment
(https://dzone.com/articles/understanding-wso2-api-manager-deployment-patterns)

My use case is to route all traffic from Datacenter 1 Gateway to a
Datacenter two Gateway when the token generated from the Datacenter One is
not already replicated (synchronous).
Tokens are extended with the Datacenter ID like described here :
https://medium.com/@nuwandias/regional-api-gateways-with-wso2-api-manager-309d6d93761d

Thanks
Youcef HILEM





--
Sent from: http://wso2-oxygen-tank.10903.n7.nabble.com/WSO2-Development-f3.html
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

[Dev] WSO2 Product Installation Resources Released!!!

2018-09-27 Thread Vimukthi Perera 
WSO2 Installation Experience team is pleased to announce the release of
Kubernetes, Ansible and Puppet resources for WSO2 products.

*Kubernetes*
Related artifacts:

   - WSO2 API Management v2.2.0.2 -
   https://github.com/wso2/kubernetes-apim/releases/tag/v2.2.0.2

Issues:

   - WSO2 API Management - https://github.com/wso2/kubernetes-apim/issues

*Ansible*
Related artifacts:

   - WSO2 API Management v2.5.0.1 -
   https://github.com/wso2/ansible-apim/releases/tag/v2.5.0.1
   - WSO2 Identity Server v5.6.0.1 -
   https://github.com/wso2/ansible-is/releases/tag/v5.6.0.1
   - WSO2 Stream processor v4.2.0.1 -
   https://github.com/wso2/ansible-sp/releases/tag/v4.2.0.1

Issues:

   - WSO2 API Management - https://github.com/wso2/ansible-apim/issues
   - WSO2 Identity Server - https://github.com/wso2/ansible-is/issues
   - WSO2 Stream processor - https://github.com/wso2/ansible-sp/issues


*Puppet 5*
Related artifacts:

   - WSO2 API Management v2.5.0.1 -
   https://github.com/wso2/puppet-apim/releases/tag/v2.5.0.1
   - WSO2 Identity Server v5.6.0.1 -
   https://github.com/wso2/puppet-is/releases/tag/v5.6.0.1
   - WSO2 Stream processor v4.2.0.1 -
   https://github.com/wso2/puppet-sp/releases/tag/v4.2.0.1
   - WSO2 Enterprise Integrator v6.3.0.1 -
   https://github.com/wso2/puppet-ei/releases/tag/v6.3.0.1

Issues:

   - WSO2 API Management - https://github.com/wso2/puppet-apim/issues
   - WSO2 Identity Server - https://github.com/wso2/puppet-is/issues
   - WSO2 Stream processor - https://github.com/wso2/puppet-sp/issues
   - WSO2 Enterprise Integrator - https://github.com/wso2/puppet-ei/issues


*How You Can Contribute*
Join our mailing list and correspond with the developers directly.

Developer List: dev@wso2.org
User List: u...@wso2.org

*Reporting Issues*

We encourage you to report issues and documentation faults regarding WSO2
Kubernetes, Ansible and Puppet resource through respective repositories by
creating issues.

Thank you!
*WSO2 Installation Experience Team*

Vimukthi Perera
Software Engineer
WSO2 Inc.

Mobile: +94771153999
Blog: https://medium.com/@vimukthiperera
Web: http://wso2.com

[image: http://wso2.com/signature] 
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] Upgrading C4 OSGi to support Java 10

2018-09-27 Thread Tharindu Wijewardane 
Hi all,

The logs were not getting printed because following exception is thrown
through CarbonConsoleAppender.

"NoClassDefFoundError: Could not initialize class CarbonContextDataHolder"

CarbonContextDataHolder has a set of javax.naming* imports and since java
10 has deprecated using them I added jndi jar which contains those classes
in to a folder inside the pack and modifies the wso2server.sh to add those
to the classpath. Also I added the jars in endorsed dir to the classpath
since extension class loader is not present in jdk 10 and classes in
endorsed dir location is not automatically loaded.
Still I could not solve the above issue and decided to use the default
log4j ConsoleAppender instead of CarbonConsoleAppender for now.

When I compare the carbon kernel bundles in Active state in java 8 and java
10 environments I noticed following bundles are not activated in java 10
env.

org.wso2.carbon.base
org.wso2.carbon.core
org.wso2.carbon.logging
org.wso2.carbon.user.core

When diagnosed following issue is printed for all of them.

IllegalStateException: Missing service:
org.eclipse.osgi.service.resolver.PlatformAdmin

Currently I am trying to fix that issue. Not much information is available
in the community on that and I have posted it in eclipse forums.

Thanks

On Fri, Sep 21, 2018 at 5:35 PM Tharindu Wijewardane 
wrote:

> Hi all,
>
> I was able to fix the previous issue (some osgi services were not found)
> by changing tycho/sisu p2 dependency versions of carbon p2 plugin to the
> versions used in carbon feature plugin.
> Then there were issues installing features which includes bundles from
> identity server related dependencies
> (carbon-identity, carbon-identity-framework, ...). I have to upgrade the
> osgi platform of those as well but I commented out those features for now
> (only 3 feature groups) and went ahead trying to get the APIM server
> started first.
>
> I could start the APIM framework on java 10 without those features but the
> mgt console URL was not accessible possibly due to incompatibilities of
> tomcat7 with java 10. Also there wasn't any error logs printed. As Ruwan
> has previously mentioned in another mail thread, existing logging mechanism
> in C4 is not compatible with java 10. As his instructions I will try to get
> the logger working first.
>
> Thanks
>
> On Wed, Sep 12, 2018 at 12:44 PM Tharindu Wijewardane 
> wrote:
>
>> Hi all,
>>
>> I am trying to build APIM 2.x branch with modified versions of following
>> dependencies (with upgraded osgi and some plugins)
>>
>>
>> carbon-apimgt  version 6.4.27 (6.x branch)
>>
>> carbon-kernel version 4.4.35 (4.4.x branch)
>>
>> carbon-metrics version 1.2.4 (1.x.x branch)
>> carbon p2 plugin version 1.6.1
>>
>> Originally APIM 2.x branch depended on carbon-apimgt 6.4.17 and 
>> carbon-metrics
>> 1.2.3 and carbon p2 plugin 1.5.4.
>> I chose the above branches because they had artifact versions closer to
>> the existing versions and for avoiding build errors I got when trying out
>> different branches.
>> Please let me know if there is a better way to select the branches.
>>
>> Currently I am having issues building P2 profile generation module of
>> APIM. Please see the following error.
>>
>>
>> *Cannot complete the install because one or more required items could not
>> be found. Software being installed: WSO2 Carbon - API Publisher Feature
>> 6.4.27.1 (org.wso2.carbon.apimgt.publisher.feature.group 6.4.27.1) Missing
>> requirement: org.wso2.carbon.apimgt.hostobjects 6.4.27.1
>> (org.wso2.carbon.apimgt.hostobjects 6.4.27.1) requires 'osgi.service;
>> (objectClass=org.wso2.carbon.user.core.service.RealmService)' but it could
>> not be found Cannot satisfy dependency:  From: WSO2 Carbon - API Publisher
>> Feature 6.4.27.1 (org.wso2.carbon.apimgt.publisher.feature.group 6.4.27.1)
>> To: org.eclipse.equinox.p2.iu; org.wso2.carbon.apimgt.hostobjects
>> [6.4.27.1,6.4.27.1]*
>>
>>
>> Some features cannot be installed due to missing osgi services according
>> to the error. But those are available in the relevant dependent libraries
>> and also references can be found in osgi meta data.
>>
>> Any help is appreciated.
>>
>> Thanks
>>
>> On Mon, Sep 10, 2018 at 2:15 PM, Tharindu Wijewardane > > wrote:
>>
>>> clarification:
>>> I am trying to build APIM using java 8 (with the other upgraded
>>> dependencies built with java 8) and run on java 10 as Shankar instructed.
>>>
>>> On Mon, Sep 10, 2018 at 1:45 PM, Tharindu Wijewardane <
>>> tharin...@wso2.com> wrote:
>>>
 Hi,

 Finally I got the carbon kernel to build using java 10. It can be
 started on java 10 too. However,
 The last fix I did was to add "--add-modules=java.activation" jvm
 argument to maven ant run plugin for generating stub classes from wsdl
 files.
 Since Java 9, access to some javax* modules has been disabled.
 Therefore in order to use javax.activation* classes we have to manually add
 them.
 But with that change it will not compile