Re: [Dev] [IAM] Deprecating data publishing implementations of identity-data-publisher-authentication

[Farasath Ahamed]

Hi,

We could have many extensions written extending the deprecated classes. So
let's make sure this change is captured in migration docs so that any
extension written using the deprecated classes are refactored to use the
newly introduced classes.


Thanks,
Farasath

On Mon, Oct 8, 2018 at 9:46 AM Sachini Wettasinghe 
wrote:

> Hi,
>
> Currently, I am working on a feature to support cross-protocol logout for
> IS. According to the design approach of this project, the data publishing
> implementations are now changed to act as event handlers. For this reason,
> the following classes of identity-data-publisher-authentication component
> are *deprecated* so that they can be removed in a later release.
>
>-
>
> org.wso2.carbon.identity.data.publisher.application.authentication.AbstractAuthenticationDataPublisher
>-
>
> org.wso2.carbon.identity.data.publisher.application.authentication.impl.DASSessionDataPublisherImpl
>-
>
> org.wso2.carbon.identity.data.publisher.application.authentication.impl.AuthenticationAuditLogger
>-
>
> org.wso2.carbon.identity.data.publisher.application.authentication.impl.DASLoginDataPublisherImpl
>
> Regards,
> --
> *Sachini Wettasinghe*
> Software Engineer | WSO2
>
> 
>


-- 
Farasath Ahamed
Senior Software Engineer, WSO2 Inc.; http://wso2.com
Mobile: +94777603866
Blog: blog.farazath.com
Twitter: @farazath619 

___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] [IS] InCommon Federation Compliance for WSO2IS - UI Component

[Sahan Gunathilaka]

Hi Omindu,

1. Yes to refresh interval. As InCommon mentioned, metadata should be
refreshed at least daily. However, they encourage participants to refresh
them as frequently as possible. Their best suggestion is to refresh hourly.
Therefore, I am currently engaging to go with an hourly refreshment process.

2. Yes for server timezone. Surely, will include them and thanks for the
suggestion.

3. I am currently creating the document with entire details and will let
you know soon after doing so.

Thank You!
Best Regards!!

On Sat, Oct 6, 2018 at 11:40 PM Omindu Rathnaweera  wrote:

> Hi Sahan,
>
> Not sure whether this is a valid concern as I don't have much context on
> updating SP and IdP metadata. Is there a basis on deciding the auto refresh
> interval? A requirement like refreshing every 2 days or every week isn't
> valid ?
>
> I believe the time set for refreshing is in server timezone, correct ? If
> so better to mention that information as well and the last update column
> should reflect the time information as well.
>
> On a side note, is there a reference I can use to get more on what exactly
> updating SP and IdP metadata does ?
>
> Regards,
> Omindu.
>
>
> On Wed, Sep 26, 2018 at 12:56 PM Sahan Gunathilaka 
> wrote:
>
>> Hi All,
>> One of the major requirements to comply WSO2 IS with InCommon Federation
>> is to support *auto refreshment* of metadata of participating Service
>> Providers and Identity Providers at IS. Following is the designed UI to
>> provide this requirement.
>>
>> [image: Screenshot_2018-09-26 WSO2 Management Console.png]
>>
>> *"Enable Auto Refresh*" check box and "*Refresh Time*" drop box can be
>> set to automate the refreshing cycle. All service providers' and identity
>> providers' configurations will be updated according to them after clicking
>> on "*Save*" button.
>>
>> "*Force Refresh*" button lets users to refresh metadata instantly based
>> on the latest update of metadata file at the InCommon Federation.
>>
>> "*Clear All*" button will remove all the configured data and result "0"
>> for both "Total Service Providers" and "Total Identity Providers" in the
>> table.
>>
>> If you have any suggestion on this, please let me know.
>>
>> Thank you!
>> Best Regards!
>>
>> --
>> *Sahan Gunathilaka*
>> Intern - Software Engineering
>> *WSO2*
>> mobile:  +94776343266
>>
>> [image: http://wso2.com/signature]
>>
>> ___
>> Dev mailing list
>> Dev@wso2.org
>> http://wso2.org/cgi-bin/mailman/listinfo/dev
>>
>
>
> --
> Omindu Rathnaweera
> Senior Software Engineer, WSO2 Inc.
>


-- 
*Sahan Gunathilaka*
Intern - Software Engineering
*WSO2*
mobile:  +94776343266

[image: http://wso2.com/signature]
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] Upgrading C4 OSGi to support Java 10

[Tharindu Wijewardane]

Hi all,

Carbon kernel can be now started on java 10 without any exceptions. The
management console is accessible through a web browser. Also all the tests
in maven build are passing (java 8).

Moving onto the APIM,
As I mentioned in a previous email, I temporally commented out following 3
feature groups in order to build the APIM.

org.wso2.carbon.apimgt.keymanager.feature.group
org.wso2.carbon.apimgt.feature.group
org.wso2.carbon.apimgt.store.feature.group

Those feature groups require upgrading OSGi in IS related libraries and
there are several of them.

Moving forward without those for now, when the APIM product is started
there are some exceptions and errors. (Now that the logs are working those
errors are visible.)


*[2018-10-07 21:17:53,314] FATAL - ServiceBusInitializer Failed to
initialize ESB due to a fatal error*
*java.lang.NoClassDefFoundError: sun/misc/Service*
* at
org.apache.synapse.config.xml.ConfigurationFactoryAndSerializerFinder.registerExtensions(ConfigurationFactoryAndSerializerFinder.java:117)*
* at
org.apache.synapse.config.xml.ConfigurationFactoryAndSerializerFinder.loadConfigurationFatoriesAndSerializers(ConfigurationFactoryAndSerializerFinder.java:105)*
* at
org.apache.synapse.config.xml.ConfigurationFactoryAndSerializerFinder.getInstance(ConfigurationFactoryAndSerializerFinder.java:70)*
*...*
*Caused by: java.lang.ClassNotFoundException: sun.misc.Service cannot be
found by synapse-core_2.1.7.wso2v78*
* at
org.eclipse.osgi.internal.loader.BundleLoader.findClassInternal(BundleLoader.java:448)*

*[2018-10-07 21:17:53,881] ERROR - ApplicationRegistry
java.lang.ExceptionInInitializerError*
*[2018-10-07 21:17:53,882] ERROR - Main Exception during startup.
Triggering shutdown *
*org.wso2.andes.kernel.AndesException: Unable to initialise application
registry*
* at org.wso2.andes.server.Broker.startupImpl(Broker.java:307)*
* at org.wso2.andes.server.Broker.startup(Broker.java:110)*
*...*
*Caused by: java.lang.IllegalStateException: Metric Service is not
available!*
* at
org.wso2.carbon.metrics.manager.ServiceReferenceHolder.getMetricService(ServiceReferenceHolder.java:40)*

Those seems to be related to Synapse and Andes.

Thanks

On Wed, Oct 3, 2018 at 6:29 PM Selvaratnam Uthaiyashankar 
wrote:

> Great!. Thanks for the update.
>
> On Wed, Oct 3, 2018 at 11:22 AM Tharindu Wijewardane 
> wrote:
>
>> Hi all,
>>
>> With the help of eclipse community I got to know that they have removed
>> org.eclipse.osgi.service.resolver.PlatformAdmin service from the osgi
>> framework in Luna version and adding the
>> bundle: org.eclipse.osgi.compatibility.state to Carbon runtime feature
>> fixed the missing service issue. Now All the bundles which are in active
>> state with java 8 are in Active state with java 10 too.
>>
>> Also the issue with CarbonConsoleAppender (NoClassDefFoundError: Could
>> not initialize class CarbonContextDataHolder) could be fixed by adding
>> deprecated javax classes back to the classpath. It fixed some other similar
>> issues which ware due to the missing javax.activation and javax.xml classes.
>> Now the logs are printed on the osgi terminal using the
>> CarbonConsoleAppender itself.
>>
>> Now the only remaining issue with Carbon kernel (as it seems) is a set of
>> tomcat exceptions. I am currently working on it.
>>
>> Thanks
>>
>> On Thu, Sep 27, 2018 at 3:01 PM Tharindu Wijewardane 
>> wrote:
>>
>>> Hi all,
>>>
>>> The logs were not getting printed because following exception is thrown
>>> through CarbonConsoleAppender.
>>>
>>> "NoClassDefFoundError: Could not initialize class
>>> CarbonContextDataHolder"
>>>
>>> CarbonContextDataHolder has a set of javax.naming* imports and since
>>> java 10 has deprecated using them I added jndi jar which contains those
>>> classes in to a folder inside the pack and modifies the wso2server.sh to
>>> add those to the classpath. Also I added the jars in endorsed dir to the
>>> classpath since extension class loader is not present in jdk 10 and classes
>>> in endorsed dir location is not automatically loaded.
>>> Still I could not solve the above issue and decided to use the default
>>> log4j ConsoleAppender instead of CarbonConsoleAppender for now.
>>>
>>> When I compare the carbon kernel bundles in Active state in java 8 and
>>> java 10 environments I noticed following bundles are not activated in java
>>> 10 env.
>>>
>>> org.wso2.carbon.base
>>> org.wso2.carbon.core
>>> org.wso2.carbon.logging
>>> org.wso2.carbon.user.core
>>>
>>> When diagnosed following issue is printed for all of them.
>>>
>>> IllegalStateException: Missing service:
>>> org.eclipse.osgi.service.resolver.PlatformAdmin
>>>
>>> Currently I am trying to fix that issue. Not much information is
>>> available in the community on that and I have posted it in eclipse forums.
>>>
>>> Thanks
>>>
>>> On Fri, Sep 21, 2018 at 5:35 PM Tharindu Wijewardane 
>>> wrote:
>>>
 Hi all,

 I was able to fix the previous issue (some osgi services were not
 found) by 

[Dev] [IAM] Deprecating data publishing implementations of identity-data-publisher-authentication

[Sachini Wettasinghe]

Hi,

Currently, I am working on a feature to support cross-protocol logout for
IS. According to the design approach of this project, the data publishing
implementations are now changed to act as event handlers. For this reason,
the following classes of identity-data-publisher-authentication component
are *deprecated* so that they can be removed in a later release.

   -
   
org.wso2.carbon.identity.data.publisher.application.authentication.AbstractAuthenticationDataPublisher
   -
   
org.wso2.carbon.identity.data.publisher.application.authentication.impl.DASSessionDataPublisherImpl
   -
   
org.wso2.carbon.identity.data.publisher.application.authentication.impl.AuthenticationAuditLogger
   -
   
org.wso2.carbon.identity.data.publisher.application.authentication.impl.DASLoginDataPublisherImpl

Regards,
-- 
*Sachini Wettasinghe*
Software Engineer | WSO2


___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

[Dev] Retry an Endpoint

[Júnior]

Hi,

I would like to know if there is a way of retrying an endpoint
automatically in WSO2 ESB.

As I could see one way of doing that is using the failover mediator with
some leaf endpoints.

I would like to a scenario like this:

Try the endpoint and in case of a timeout, try it another two times and
after a third try it would lead to a fault sequence. Using the failover
mediator, it will work only if we enable the suspension of the endpoint.
I would like to have it without adding suspension settings. As I could see,
without the suspension settings, the failover endpoint will try the request
forever until the endpoints respond correctly.

Is there any way to achieve this scenario?

My first idea, in case there is no OOTB solution, would be:

1. create a sequence that would have the call/send mediator. This sequence,
would have a onError sequence, so in case of a timeout, we would have a
condition for a retry;
2. In case of timeout, the onError would be called, and we would have a
counter, in case the counter is less than 3, we would call the previous
sequence, else, it would fault.

Would this be a correct approach for this scenario?

Thanks,
-- 
Francisco Ribeiro
*SCEA|SCJP|SCWCD|IBM Certified SOA Associate*
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

[Dev] WSO2 Identity Server 5.8.0-M3 Released!

[Thanuja Jayasinghe]

WSO2 Identity and Access Management team is pleased to announce the release
of Identity Server 5.8.0 M3!
Download

You can download WSO2 Identity Server 5.8.0 M3 from here

.

You can download WSO2 Identity Server Analytics 5.8.0 M3 from here

.
How to run

   1.

   Extract the downloaded zip file.
   2.

   Go to the bin directory in the extracted folder.
   3.

   Run the wso2server.sh file if you are on a Linux/Mac OS or run the
   wso2server.bat file if you are on a Windows OS.
   4.

   Optionally, if you need to start the OSGi console with the server, use
   the -DosgiConsole property when starting the server.

What's new in WSO2 Identity Server 5.8.0 M3

A list of all the new features and bug fixes shipped with this release can
be found here 

Known Issues

All the open issues pertaining to WSO2 Identity Server are reported at the
following location:

   -

   IS Runtime 
   -

   IS Analytics 

Contribute to WSO2 Identity ServerMailing Lists

Join our mailing lists and correspond with the developers directly. We also
encourage you to take part in discussions related to the product in the
architecture mailing list. If you have any questions regarding the product
you can use our StackOverflow forum to raise them as well.

   -

   Developer List: dev@wso2.org
   -

   Architecture List: architect...@wso2.org
   -

   User Forum: StackOverflow
   

Reporting Issues

We encourage you to report issues, improvements, and feature requests
regarding WSO2 Identity Server through our public WSO2 Identity Server GIT
Issues .

For more information about WSO2 Identity Server, please see https://wso2
.com/identity-and-access-management or visit the WSO2 Oxygen Tank
 developer portal for additional resources.

~ The WSO2 Identity and Access Management Team ~

-- 
*Thanuja Lakmal*
Associate Technical Lead
WSO2 Inc. http://wso2.com/
*lean.enterprise.middleware*
Mobile: +94715979891
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] Logging into WSO2 console configured behind apache httpd server

[Pubudu Gunatilaka]

Hi,

Do you have multiple IS nodes behind the server? I have seen this happens
when the sticky session is not enabled.  Shall we try enabling
stickiness as in [1]?

[1] -
https://docs.wso2.com/display/IS410/Load+Balancing+WSO2+Identity+Server+(PDP+cluster)+using+Apache+HTTP+Server

Thank you!

On Sat, Oct 6, 2018 at 8:07 PM Shiva Kumar 
wrote:

> Hi All,
>
> I have configured apache httpd server as a reverse proxy for WSO2 IS
> 5.5.0 and I am able to view successfully redirect to login page, but I
> am not able to login to console. Every time I sign in it is redirected
> to login page again. Please suggest a solution.
>
> Below is my complete configuration.
>
> 
>ServerAdmin ad...@.com
>DocumentRoot /var/www/
>ErrorLog ${APACHE_LOG_DIR}/error.log
>CustomLog ${APACHE_LOG_DIR}/access.log combined
>ProxyRequests Off
>ProxyPreserveHost On
>ProxyPassReverseCookiePath /carbon/ /
>
>OIDCOAuthSSLValidateServer Off
>OIDCOAuthIntrospectionEndpoint ${WSO2_BASE_URL}/oauth2/introspect
>OIDCOAuthClientID admin
>OIDCOAuthClientSecret ${ADMIN_PASS}
>OIDCOAuthIntrospectionTokenParamName token
>OIDCOAuthRemoteUserClaim username
>OIDCAuthNHeader Authorization
>OIDCOAuthIntrospectionEndpointMethod POST
>
>SSLProxyEngine on
>SSLProxyVerify off
>
>
>  AuthType oauth20
>  Require claim active:true
>
>
> 
>  AuthType None
>  Satisfy Any
>  ProxyPass  https://wso2is-authz:9443/carbon
>  ProxyPassReverse https://wso2is-authz:9443/carbon
>  Header edit Location ^https: http:
>
> 
>
>
> Thanks,
>
> Shiva
>
> ___
> Dev mailing list
> Dev@wso2.org
> http://wso2.org/cgi-bin/mailman/listinfo/dev
>


-- 
*Pubudu Gunatilaka*
Committer and PMC Member - Apache Stratos
Senior Software Engineer
WSO2, Inc.: http://wso2.com
mobile : +94774078049 <%2B94772207163>
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev