Re: [Dev] [VOTE] Release WSO2 Identity Server 5.9.0 RC2

[Piraveena Paralogarajah]

Hi All,

Thanks for testing WSO2 Identity Server 5.9.0-RC2.

Since this vote has passed with 22 [+1]s and 0 [-1]s, we’re hereby closing
this vote and proceeding with the WSO2 Identity Server 5.9.0 GA release.

Best Regards,
- WSO2 Identity Server Team -

*Piraveena Paralogarajah*
Software Engineer | WSO2 Inc.
*(m)* +94776099594 | *(e)* pirave...@wso2.com



On Fri, Oct 4, 2019 at 6:01 AM Kanapriya Kuleswararajan 
wrote:

> Hi All,
> I have tested the following scenarios and it works as expected, +1 to go
> ahead and release.
>
> - Basic functionality with EmailOTP (Basic authenticator/Federated
> Authenticator as first step and EmailOTP as the second step) with secondary
> user stores.
> - EmailOTP with Email Templates
> - X509 with basic functionality
> - Account locking by failed login attempts
> - User Self Registration
>
> Thanks
> Kanapriya Kuleswararajan
> Senior Software Engineer
> Mobile : - 0774894438
> Mail : - kanapr...@wso2.com
> LinkedIn : - https://www.linkedin.com/in/kanapriya-kules-94712685/
> WSO2, Inc.
> lean . enterprise . middleware
>
>
>
> On Fri, Oct 4, 2019 at 1:21 AM Pamoda Wimalasiri  wrote:
>
>> Hi all,
>>
>> I tested the following scenarios on IS-5.9.0-RC2 with MySQL database.
>>
>>- Viewing, terminating sessions from the user portal
>>- Create a service provider, configure SAML SSO, authenticate with
>>Basic Authenticator for travelocity app
>>- Create, retrieve and delete Oauth2 app using dcr endpoint
>>- Configure a federated Identity provider with facebook configuration
>>- Federated Authentication with facebook
>>- JIT provisioning with facebook as federated IdP
>>- Multi option login with basic authenticator and facebook IdP
>>- Multi-step login with basic authenticator and facebook IdP
>>- Role-based adaptive authentication
>>
>> No blocking issues found.
>>
>> [+] Stable - Go ahead and release
>>
>> Thanks,
>> Pamoda
>>
>> On Fri, Oct 4, 2019 at 12:24 AM Ayesha Dissanayaka 
>> wrote:
>>
>>> Hi,
>>>
>>> As I was able to perform the following tests successfully on
>>> IS-5.9.0-RC2, +1 to go ahead and release.
>>>
>>> User self-registration with email confirmation
>>>
>>> Username Recovery
>>>
>>> Password Recovery
>>>
>>> Email OTP
>>>
>>> OIDC - auth code flow
>>> User challenges - self-care REST API
>>> Browsing management console
>>>
>>> [+] Stable - Go ahead and release
>>>
>>> Thanks!
>>> -Ayesha
>>>
>>>
>>> On Thu, Oct 3, 2019 at 10:51 PM Gayashan Bombuwala 
>>> wrote:
>>>
 Hi all,

 Tested below scenarios on IS 5.9.0-RC2 pack.

- SAML2 Bearer Assertion Profile for OAuth 2.0
- Federated authentication with a second instance of IS as the
Identity Provider.
- JIT provisioning with a second instance of IS as the Identity
Provider.

 No blocking issues found.

 [+] Stable - Go ahead and release

 Best regards,
 Gayashan.

 On Thu, Oct 3, 2019 at 9:16 PM Vihanga Liyanage 
 wrote:

> Hi all,
>
> Tested below scenarios on IS 5.9.0-RC2 pack using the Postgresql
> database.
>
>- Add service provider, configured SAML SSO, authenticate with *the
>dispatch *sample web app.
>- Add new SP with Open ID OAuth/OpenID Connect Configuration and
>authenticate with *the playground *sample web app.
>- Tested all OAuth/OIDC grant types.
>- Manipulated email templates with I18nEmailMgtConfigService admin
>service.
>
> No blocking issues found.
>
> [+] Stable - Go ahead and release
>
> Best regards,
> Vihanga.
>
> On Thu, Oct 3, 2019 at 3:45 PM Ashen Weerathunga 
> wrote:
>
>> Hi All,
>>
>> I have tested the following scenarios and no blocking issues found.
>>
>>- SSO with SAML
>>- Federated authentication with Google
>>- Federated authentication with Facebook
>>- SSO with multi-option and multi-step authentication
>>- Role-based Adaptive authentication
>>
>> [+] Stable - go ahead and release
>>
>> Thanks,
>> Ashen
>>
>>
>> On Thu, Oct 3, 2019 at 2:34 PM Shanika Wickramasinghe <
>> shani...@wso2.com> wrote:
>>
>>> Hi All,
>>>
>>> I have tested the following features and no issues found
>>>
>>> Ubuntu 16.04 | MSSQL | Embedded Ldap Primary User Store | Super
>>> Tenant
>>>
>>>
>>>-
>>>
>>>Manage roles with SCIM 2.0 Create Group, Delete Group, Filter
>>>Groups, Search Groups, Update Group - PATCH, Update Group - PUT
>>>-
>>>
>>>Manage users with SCIM 2.0 Create User Delete User by ID Filter
>>>Users Search Users Update User - PATCH Update User - PUT
>>>-
>>>
>>>Recover Username with dashboard
>>>-
>>>
>>>Recover Password with dashboard
>>>
>>>
>>> Ubuntu 16.04 |  MSSQL | SecondaryUser Store | Super Tenant

Re: [Dev] [VOTE] Release WSO2 Identity Server 5.9.0 RC2

[Kanapriya Kuleswararajan]

Hi All,
I have tested the following scenarios and it works as expected, +1 to go
ahead and release.

- Basic functionality with EmailOTP (Basic authenticator/Federated
Authenticator as first step and EmailOTP as the second step) with secondary
user stores.
- EmailOTP with Email Templates
- X509 with basic functionality
- Account locking by failed login attempts
- User Self Registration

Thanks
Kanapriya Kuleswararajan
Senior Software Engineer
Mobile : - 0774894438
Mail : - kanapr...@wso2.com
LinkedIn : - https://www.linkedin.com/in/kanapriya-kules-94712685/
WSO2, Inc.
lean . enterprise . middleware



On Fri, Oct 4, 2019 at 1:21 AM Pamoda Wimalasiri  wrote:

> Hi all,
>
> I tested the following scenarios on IS-5.9.0-RC2 with MySQL database.
>
>- Viewing, terminating sessions from the user portal
>- Create a service provider, configure SAML SSO, authenticate with
>Basic Authenticator for travelocity app
>- Create, retrieve and delete Oauth2 app using dcr endpoint
>- Configure a federated Identity provider with facebook configuration
>- Federated Authentication with facebook
>- JIT provisioning with facebook as federated IdP
>- Multi option login with basic authenticator and facebook IdP
>- Multi-step login with basic authenticator and facebook IdP
>- Role-based adaptive authentication
>
> No blocking issues found.
>
> [+] Stable - Go ahead and release
>
> Thanks,
> Pamoda
>
> On Fri, Oct 4, 2019 at 12:24 AM Ayesha Dissanayaka 
> wrote:
>
>> Hi,
>>
>> As I was able to perform the following tests successfully on
>> IS-5.9.0-RC2, +1 to go ahead and release.
>>
>> User self-registration with email confirmation
>>
>> Username Recovery
>>
>> Password Recovery
>>
>> Email OTP
>>
>> OIDC - auth code flow
>> User challenges - self-care REST API
>> Browsing management console
>>
>> [+] Stable - Go ahead and release
>>
>> Thanks!
>> -Ayesha
>>
>>
>> On Thu, Oct 3, 2019 at 10:51 PM Gayashan Bombuwala 
>> wrote:
>>
>>> Hi all,
>>>
>>> Tested below scenarios on IS 5.9.0-RC2 pack.
>>>
>>>- SAML2 Bearer Assertion Profile for OAuth 2.0
>>>- Federated authentication with a second instance of IS as the
>>>Identity Provider.
>>>- JIT provisioning with a second instance of IS as the Identity
>>>Provider.
>>>
>>> No blocking issues found.
>>>
>>> [+] Stable - Go ahead and release
>>>
>>> Best regards,
>>> Gayashan.
>>>
>>> On Thu, Oct 3, 2019 at 9:16 PM Vihanga Liyanage 
>>> wrote:
>>>
 Hi all,

 Tested below scenarios on IS 5.9.0-RC2 pack using the Postgresql
 database.

- Add service provider, configured SAML SSO, authenticate with *the
dispatch *sample web app.
- Add new SP with Open ID OAuth/OpenID Connect Configuration and
authenticate with *the playground *sample web app.
- Tested all OAuth/OIDC grant types.
- Manipulated email templates with I18nEmailMgtConfigService admin
service.

 No blocking issues found.

 [+] Stable - Go ahead and release

 Best regards,
 Vihanga.

 On Thu, Oct 3, 2019 at 3:45 PM Ashen Weerathunga 
 wrote:

> Hi All,
>
> I have tested the following scenarios and no blocking issues found.
>
>- SSO with SAML
>- Federated authentication with Google
>- Federated authentication with Facebook
>- SSO with multi-option and multi-step authentication
>- Role-based Adaptive authentication
>
> [+] Stable - go ahead and release
>
> Thanks,
> Ashen
>
>
> On Thu, Oct 3, 2019 at 2:34 PM Shanika Wickramasinghe <
> shani...@wso2.com> wrote:
>
>> Hi All,
>>
>> I have tested the following features and no issues found
>>
>> Ubuntu 16.04 | MSSQL | Embedded Ldap Primary User Store | Super Tenant
>>
>>
>>-
>>
>>Manage roles with SCIM 2.0 Create Group, Delete Group, Filter
>>Groups, Search Groups, Update Group - PATCH, Update Group - PUT
>>-
>>
>>Manage users with SCIM 2.0 Create User Delete User by ID Filter
>>Users Search Users Update User - PATCH Update User - PUT
>>-
>>
>>Recover Username with dashboard
>>-
>>
>>Recover Password with dashboard
>>
>>
>> Ubuntu 16.04 |  MSSQL | SecondaryUser Store | Super Tenant
>>
>>
>>-
>>
>>SP pagination with UI
>>-
>>
>>SP pagination with Admin Services
>>-
>>
>>Account Lock
>>-
>>
>>Recaptcha with Single Sign On
>>
>>
>> Ubuntu 16.04 | H2/MSSQL | Embedded Ldap Primary User Store | Super
>> Tenant
>>
>>
>>-
>>
>>Manage Workflows
>>
>>
>> Ubuntu 16.04 | H2 | Embedded Ldap Primary User Store | Super Tenant
>>
>>
>>-
>>
>>Manage Workflows with QSG sample
>>-
>>
>>User self-registration via REST 

Re: [Dev] [VOTE] Release WSO2 Identity Server 5.9.0 RC2

[Pamoda Wimalasiri]

Hi all,

I tested the following scenarios on IS-5.9.0-RC2 with MySQL database.

   - Viewing, terminating sessions from the user portal
   - Create a service provider, configure SAML SSO, authenticate with Basic
   Authenticator for travelocity app
   - Create, retrieve and delete Oauth2 app using dcr endpoint
   - Configure a federated Identity provider with facebook configuration
   - Federated Authentication with facebook
   - JIT provisioning with facebook as federated IdP
   - Multi option login with basic authenticator and facebook IdP
   - Multi-step login with basic authenticator and facebook IdP
   - Role-based adaptive authentication

No blocking issues found.

[+] Stable - Go ahead and release

Thanks,
Pamoda

On Fri, Oct 4, 2019 at 12:24 AM Ayesha Dissanayaka  wrote:

> Hi,
>
> As I was able to perform the following tests successfully on
> IS-5.9.0-RC2, +1 to go ahead and release.
>
> User self-registration with email confirmation
>
> Username Recovery
>
> Password Recovery
>
> Email OTP
>
> OIDC - auth code flow
> User challenges - self-care REST API
> Browsing management console
>
> [+] Stable - Go ahead and release
>
> Thanks!
> -Ayesha
>
>
> On Thu, Oct 3, 2019 at 10:51 PM Gayashan Bombuwala 
> wrote:
>
>> Hi all,
>>
>> Tested below scenarios on IS 5.9.0-RC2 pack.
>>
>>- SAML2 Bearer Assertion Profile for OAuth 2.0
>>- Federated authentication with a second instance of IS as the
>>Identity Provider.
>>- JIT provisioning with a second instance of IS as the Identity
>>Provider.
>>
>> No blocking issues found.
>>
>> [+] Stable - Go ahead and release
>>
>> Best regards,
>> Gayashan.
>>
>> On Thu, Oct 3, 2019 at 9:16 PM Vihanga Liyanage  wrote:
>>
>>> Hi all,
>>>
>>> Tested below scenarios on IS 5.9.0-RC2 pack using the Postgresql
>>> database.
>>>
>>>- Add service provider, configured SAML SSO, authenticate with *the
>>>dispatch *sample web app.
>>>- Add new SP with Open ID OAuth/OpenID Connect Configuration and
>>>authenticate with *the playground *sample web app.
>>>- Tested all OAuth/OIDC grant types.
>>>- Manipulated email templates with I18nEmailMgtConfigService admin
>>>service.
>>>
>>> No blocking issues found.
>>>
>>> [+] Stable - Go ahead and release
>>>
>>> Best regards,
>>> Vihanga.
>>>
>>> On Thu, Oct 3, 2019 at 3:45 PM Ashen Weerathunga  wrote:
>>>
 Hi All,

 I have tested the following scenarios and no blocking issues found.

- SSO with SAML
- Federated authentication with Google
- Federated authentication with Facebook
- SSO with multi-option and multi-step authentication
- Role-based Adaptive authentication

 [+] Stable - go ahead and release

 Thanks,
 Ashen


 On Thu, Oct 3, 2019 at 2:34 PM Shanika Wickramasinghe <
 shani...@wso2.com> wrote:

> Hi All,
>
> I have tested the following features and no issues found
>
> Ubuntu 16.04 | MSSQL | Embedded Ldap Primary User Store | Super Tenant
>
>
>-
>
>Manage roles with SCIM 2.0 Create Group, Delete Group, Filter
>Groups, Search Groups, Update Group - PATCH, Update Group - PUT
>-
>
>Manage users with SCIM 2.0 Create User Delete User by ID Filter
>Users Search Users Update User - PATCH Update User - PUT
>-
>
>Recover Username with dashboard
>-
>
>Recover Password with dashboard
>
>
> Ubuntu 16.04 |  MSSQL | SecondaryUser Store | Super Tenant
>
>
>-
>
>SP pagination with UI
>-
>
>SP pagination with Admin Services
>-
>
>Account Lock
>-
>
>Recaptcha with Single Sign On
>
>
> Ubuntu 16.04 | H2/MSSQL | Embedded Ldap Primary User Store | Super
> Tenant
>
>
>-
>
>Manage Workflows
>
>
> Ubuntu 16.04 | H2 | Embedded Ldap Primary User Store | Super Tenant
>
>
>-
>
>Manage Workflows with QSG sample
>-
>
>User self-registration via REST APIs
>-
>
>User self-registration via user portal
>-
>
>User manage his own user account, Update user profile
>-
>
>OAuth 1.0 SP Creation/ Update
>
>
> +1 Go ahead and release.
>
>
> Thanks,
>
> Shanika
>
> On Thu, Oct 3, 2019 at 9:16 AM Achini Jayasena 
> wrote:
>
>> Hi All,
>>
>> Tested and verified with performance test and long running test. Test
>> result match with the expectations.
>>
>> *Performance test*
>>
>> Summary*:  *Performance has been improved comparing to the product
>> version 5.8
>>
>> Deployment
>>
>>- OS: Ubuntu
>>- DB: Mysql
>>- Heap: 4G/2G
>>- CPU cores: 4
>>- Concurrent users: 50, 100, 150, 300, 500
>>
>> Scenarios:
>>

Re: [Dev] [VOTE] Release WSO2 Identity Server 5.9.0 RC2

[Ayesha Dissanayaka]

Hi,

As I was able to perform the following tests successfully on
IS-5.9.0-RC2, +1 to go ahead and release.

User self-registration with email confirmation

Username Recovery

Password Recovery

Email OTP

OIDC - auth code flow
User challenges - self-care REST API
Browsing management console

[+] Stable - Go ahead and release

Thanks!
-Ayesha


On Thu, Oct 3, 2019 at 10:51 PM Gayashan Bombuwala 
wrote:

> Hi all,
>
> Tested below scenarios on IS 5.9.0-RC2 pack.
>
>- SAML2 Bearer Assertion Profile for OAuth 2.0
>- Federated authentication with a second instance of IS as the
>Identity Provider.
>- JIT provisioning with a second instance of IS as the Identity
>Provider.
>
> No blocking issues found.
>
> [+] Stable - Go ahead and release
>
> Best regards,
> Gayashan.
>
> On Thu, Oct 3, 2019 at 9:16 PM Vihanga Liyanage  wrote:
>
>> Hi all,
>>
>> Tested below scenarios on IS 5.9.0-RC2 pack using the Postgresql
>> database.
>>
>>- Add service provider, configured SAML SSO, authenticate with *the
>>dispatch *sample web app.
>>- Add new SP with Open ID OAuth/OpenID Connect Configuration and
>>authenticate with *the playground *sample web app.
>>- Tested all OAuth/OIDC grant types.
>>- Manipulated email templates with I18nEmailMgtConfigService admin
>>service.
>>
>> No blocking issues found.
>>
>> [+] Stable - Go ahead and release
>>
>> Best regards,
>> Vihanga.
>>
>> On Thu, Oct 3, 2019 at 3:45 PM Ashen Weerathunga  wrote:
>>
>>> Hi All,
>>>
>>> I have tested the following scenarios and no blocking issues found.
>>>
>>>- SSO with SAML
>>>- Federated authentication with Google
>>>- Federated authentication with Facebook
>>>- SSO with multi-option and multi-step authentication
>>>- Role-based Adaptive authentication
>>>
>>> [+] Stable - go ahead and release
>>>
>>> Thanks,
>>> Ashen
>>>
>>>
>>> On Thu, Oct 3, 2019 at 2:34 PM Shanika Wickramasinghe 
>>> wrote:
>>>
 Hi All,

 I have tested the following features and no issues found

 Ubuntu 16.04 | MSSQL | Embedded Ldap Primary User Store | Super Tenant


-

Manage roles with SCIM 2.0 Create Group, Delete Group, Filter
Groups, Search Groups, Update Group - PATCH, Update Group - PUT
-

Manage users with SCIM 2.0 Create User Delete User by ID Filter
Users Search Users Update User - PATCH Update User - PUT
-

Recover Username with dashboard
-

Recover Password with dashboard


 Ubuntu 16.04 |  MSSQL | SecondaryUser Store | Super Tenant


-

SP pagination with UI
-

SP pagination with Admin Services
-

Account Lock
-

Recaptcha with Single Sign On


 Ubuntu 16.04 | H2/MSSQL | Embedded Ldap Primary User Store | Super
 Tenant


-

Manage Workflows


 Ubuntu 16.04 | H2 | Embedded Ldap Primary User Store | Super Tenant


-

Manage Workflows with QSG sample
-

User self-registration via REST APIs
-

User self-registration via user portal
-

User manage his own user account, Update user profile
-

OAuth 1.0 SP Creation/ Update


 +1 Go ahead and release.


 Thanks,

 Shanika

 On Thu, Oct 3, 2019 at 9:16 AM Achini Jayasena 
 wrote:

> Hi All,
>
> Tested and verified with performance test and long running test. Test
> result match with the expectations.
>
> *Performance test*
>
> Summary*:  *Performance has been improved comparing to the product
> version 5.8
>
> Deployment
>
>- OS: Ubuntu
>- DB: Mysql
>- Heap: 4G/2G
>- CPU cores: 4
>- Concurrent users: 50, 100, 150, 300, 500
>
> Scenarios:
>
>- Authenticate_Super_Tenant_User
>- OAuth_AuthCode_Redirect_WithConsent
>- OAuth_Client_Credentials_Grant
>- OAuth_Implicit_Redirect_WithConsent
>- OAuth_Password_Grant
>- OIDC_AuthCode_Redirect_WithConsent
>- OIDC_AuthCode_Request_Path_Authenticator_WithConsent
>- OIDC_Implicit_Redirect_WithConsent
>- OIDC_Password_Grant
>- SAML2_SSO_Redirect_Binding
>- Challenge questions by super tenant users
>- Refresh token refresh grant - Renewal false
>
> *Long running test*
>
> Summery*: *No issue reported.
>
> Deployment :
>
>- IS node
>- Instance type: c5.xlarge
>   - vCPU:4
>   - RAM: 8GB
>   - Heap: 2G allocated for IS
>
>
>- RDS as the MySQL DB
>- Mysql engine version : 5.7.22
>   - vCPU: 4
>   - Instance class : db.m4.xlarge
>   - RAM: 16 GB
>   - Storage: 100 GiB
>- Executing 

Re: [Dev] [VOTE] Release WSO2 Identity Server 5.9.0 RC2

[Gayashan Bombuwala]

Hi all,

Tested below scenarios on IS 5.9.0-RC2 pack.

   - SAML2 Bearer Assertion Profile for OAuth 2.0
   - Federated authentication with a second instance of IS as the Identity
   Provider.
   - JIT provisioning with a second instance of IS as the Identity Provider.

No blocking issues found.

[+] Stable - Go ahead and release

Best regards,
Gayashan.

On Thu, Oct 3, 2019 at 9:16 PM Vihanga Liyanage  wrote:

> Hi all,
>
> Tested below scenarios on IS 5.9.0-RC2 pack using the Postgresql database.
>
>- Add service provider, configured SAML SSO, authenticate with *the
>dispatch *sample web app.
>- Add new SP with Open ID OAuth/OpenID Connect Configuration and
>authenticate with *the playground *sample web app.
>- Tested all OAuth/OIDC grant types.
>- Manipulated email templates with I18nEmailMgtConfigService admin
>service.
>
> No blocking issues found.
>
> [+] Stable - Go ahead and release
>
> Best regards,
> Vihanga.
>
> On Thu, Oct 3, 2019 at 3:45 PM Ashen Weerathunga  wrote:
>
>> Hi All,
>>
>> I have tested the following scenarios and no blocking issues found.
>>
>>- SSO with SAML
>>- Federated authentication with Google
>>- Federated authentication with Facebook
>>- SSO with multi-option and multi-step authentication
>>- Role-based Adaptive authentication
>>
>> [+] Stable - go ahead and release
>>
>> Thanks,
>> Ashen
>>
>>
>> On Thu, Oct 3, 2019 at 2:34 PM Shanika Wickramasinghe 
>> wrote:
>>
>>> Hi All,
>>>
>>> I have tested the following features and no issues found
>>>
>>> Ubuntu 16.04 | MSSQL | Embedded Ldap Primary User Store | Super Tenant
>>>
>>>
>>>-
>>>
>>>Manage roles with SCIM 2.0 Create Group, Delete Group, Filter
>>>Groups, Search Groups, Update Group - PATCH, Update Group - PUT
>>>-
>>>
>>>Manage users with SCIM 2.0 Create User Delete User by ID Filter
>>>Users Search Users Update User - PATCH Update User - PUT
>>>-
>>>
>>>Recover Username with dashboard
>>>-
>>>
>>>Recover Password with dashboard
>>>
>>>
>>> Ubuntu 16.04 |  MSSQL | SecondaryUser Store | Super Tenant
>>>
>>>
>>>-
>>>
>>>SP pagination with UI
>>>-
>>>
>>>SP pagination with Admin Services
>>>-
>>>
>>>Account Lock
>>>-
>>>
>>>Recaptcha with Single Sign On
>>>
>>>
>>> Ubuntu 16.04 | H2/MSSQL | Embedded Ldap Primary User Store | Super Tenant
>>>
>>>
>>>-
>>>
>>>Manage Workflows
>>>
>>>
>>> Ubuntu 16.04 | H2 | Embedded Ldap Primary User Store | Super Tenant
>>>
>>>
>>>-
>>>
>>>Manage Workflows with QSG sample
>>>-
>>>
>>>User self-registration via REST APIs
>>>-
>>>
>>>User self-registration via user portal
>>>-
>>>
>>>User manage his own user account, Update user profile
>>>-
>>>
>>>OAuth 1.0 SP Creation/ Update
>>>
>>>
>>> +1 Go ahead and release.
>>>
>>>
>>> Thanks,
>>>
>>> Shanika
>>>
>>> On Thu, Oct 3, 2019 at 9:16 AM Achini Jayasena  wrote:
>>>
 Hi All,

 Tested and verified with performance test and long running test. Test
 result match with the expectations.

 *Performance test*

 Summary*:  *Performance has been improved comparing to the product
 version 5.8

 Deployment

- OS: Ubuntu
- DB: Mysql
- Heap: 4G/2G
- CPU cores: 4
- Concurrent users: 50, 100, 150, 300, 500

 Scenarios:

- Authenticate_Super_Tenant_User
- OAuth_AuthCode_Redirect_WithConsent
- OAuth_Client_Credentials_Grant
- OAuth_Implicit_Redirect_WithConsent
- OAuth_Password_Grant
- OIDC_AuthCode_Redirect_WithConsent
- OIDC_AuthCode_Request_Path_Authenticator_WithConsent
- OIDC_Implicit_Redirect_WithConsent
- OIDC_Password_Grant
- SAML2_SSO_Redirect_Binding
- Challenge questions by super tenant users
- Refresh token refresh grant - Renewal false

 *Long running test*

 Summery*: *No issue reported.

 Deployment :

- IS node
- Instance type: c5.xlarge
   - vCPU:4
   - RAM: 8GB
   - Heap: 2G allocated for IS


- RDS as the MySQL DB
- Mysql engine version : 5.7.22
   - vCPU: 4
   - Instance class : db.m4.xlarge
   - RAM: 16 GB
   - Storage: 100 GiB
- Executing test scenarios:
- Authenticate_Super_Tenant_User
   - OAuth_AuthCode_Redirect_WithConsent
   - OAuth_Password_Grant
   - OIDC_AuthCode_Redirect_WithConsent
   - OIDC_Implicit_Redirect_WithConsent
   - OIDC_Password_Grant
   - OIDC_AuthCode_Request_Path_Authenticator_WithConsent
   - SAML2_SSO_Redirect_Binding
- Concurrency : 20
- TPS: 240 per minute

 No blocking issue reported. +1 for proceed. :)


 *Thanks & Best Regards!*

 *Achini Jayasena*
 *Software Engineer - QA | WSO2*

 Email: 

Re: [Dev] [VOTE] Release WSO2 Identity Server 5.9.0 RC2

[Vihanga Liyanage]

Hi all,

Tested below scenarios on IS 5.9.0-RC2 pack using the Postgresql database.

   - Add service provider, configured SAML SSO, authenticate with *the
   dispatch *sample web app.
   - Add new SP with Open ID OAuth/OpenID Connect Configuration and
   authenticate with *the playground *sample web app.
   - Tested all OAuth/OIDC grant types.
   - Manipulated email templates with I18nEmailMgtConfigService admin
   service.

No blocking issues found.

[+] Stable - Go ahead and release

Best regards,
Vihanga.

On Thu, Oct 3, 2019 at 3:45 PM Ashen Weerathunga  wrote:

> Hi All,
>
> I have tested the following scenarios and no blocking issues found.
>
>- SSO with SAML
>- Federated authentication with Google
>- Federated authentication with Facebook
>- SSO with multi-option and multi-step authentication
>- Role-based Adaptive authentication
>
> [+] Stable - go ahead and release
>
> Thanks,
> Ashen
>
>
> On Thu, Oct 3, 2019 at 2:34 PM Shanika Wickramasinghe 
> wrote:
>
>> Hi All,
>>
>> I have tested the following features and no issues found
>>
>> Ubuntu 16.04 | MSSQL | Embedded Ldap Primary User Store | Super Tenant
>>
>>
>>-
>>
>>Manage roles with SCIM 2.0 Create Group, Delete Group, Filter Groups,
>>Search Groups, Update Group - PATCH, Update Group - PUT
>>-
>>
>>Manage users with SCIM 2.0 Create User Delete User by ID Filter Users
>>Search Users Update User - PATCH Update User - PUT
>>-
>>
>>Recover Username with dashboard
>>-
>>
>>Recover Password with dashboard
>>
>>
>> Ubuntu 16.04 |  MSSQL | SecondaryUser Store | Super Tenant
>>
>>
>>-
>>
>>SP pagination with UI
>>-
>>
>>SP pagination with Admin Services
>>-
>>
>>Account Lock
>>-
>>
>>Recaptcha with Single Sign On
>>
>>
>> Ubuntu 16.04 | H2/MSSQL | Embedded Ldap Primary User Store | Super Tenant
>>
>>
>>-
>>
>>Manage Workflows
>>
>>
>> Ubuntu 16.04 | H2 | Embedded Ldap Primary User Store | Super Tenant
>>
>>
>>-
>>
>>Manage Workflows with QSG sample
>>-
>>
>>User self-registration via REST APIs
>>-
>>
>>User self-registration via user portal
>>-
>>
>>User manage his own user account, Update user profile
>>-
>>
>>OAuth 1.0 SP Creation/ Update
>>
>>
>> +1 Go ahead and release.
>>
>>
>> Thanks,
>>
>> Shanika
>>
>> On Thu, Oct 3, 2019 at 9:16 AM Achini Jayasena  wrote:
>>
>>> Hi All,
>>>
>>> Tested and verified with performance test and long running test. Test
>>> result match with the expectations.
>>>
>>> *Performance test*
>>>
>>> Summary*:  *Performance has been improved comparing to the product
>>> version 5.8
>>>
>>> Deployment
>>>
>>>- OS: Ubuntu
>>>- DB: Mysql
>>>- Heap: 4G/2G
>>>- CPU cores: 4
>>>- Concurrent users: 50, 100, 150, 300, 500
>>>
>>> Scenarios:
>>>
>>>- Authenticate_Super_Tenant_User
>>>- OAuth_AuthCode_Redirect_WithConsent
>>>- OAuth_Client_Credentials_Grant
>>>- OAuth_Implicit_Redirect_WithConsent
>>>- OAuth_Password_Grant
>>>- OIDC_AuthCode_Redirect_WithConsent
>>>- OIDC_AuthCode_Request_Path_Authenticator_WithConsent
>>>- OIDC_Implicit_Redirect_WithConsent
>>>- OIDC_Password_Grant
>>>- SAML2_SSO_Redirect_Binding
>>>- Challenge questions by super tenant users
>>>- Refresh token refresh grant - Renewal false
>>>
>>> *Long running test*
>>>
>>> Summery*: *No issue reported.
>>>
>>> Deployment :
>>>
>>>- IS node
>>>- Instance type: c5.xlarge
>>>   - vCPU:4
>>>   - RAM: 8GB
>>>   - Heap: 2G allocated for IS
>>>
>>>
>>>- RDS as the MySQL DB
>>>- Mysql engine version : 5.7.22
>>>   - vCPU: 4
>>>   - Instance class : db.m4.xlarge
>>>   - RAM: 16 GB
>>>   - Storage: 100 GiB
>>>- Executing test scenarios:
>>>- Authenticate_Super_Tenant_User
>>>   - OAuth_AuthCode_Redirect_WithConsent
>>>   - OAuth_Password_Grant
>>>   - OIDC_AuthCode_Redirect_WithConsent
>>>   - OIDC_Implicit_Redirect_WithConsent
>>>   - OIDC_Password_Grant
>>>   - OIDC_AuthCode_Request_Path_Authenticator_WithConsent
>>>   - SAML2_SSO_Redirect_Binding
>>>- Concurrency : 20
>>>- TPS: 240 per minute
>>>
>>> No blocking issue reported. +1 for proceed. :)
>>>
>>>
>>> *Thanks & Best Regards!*
>>>
>>> *Achini Jayasena*
>>> *Software Engineer - QA | WSO2*
>>>
>>> Email: achi...@wso2.com
>>> Mobile: +94 713 882 897
>>>
>>> [image: http://wso2.com/signature] 
>>>
>>>
>>> On Wed, Oct 2, 2019 at 10:31 PM Mathuriga Thavarajah 
>>> wrote:
>>>
 Hi All,

 Security Scanning reports (Static and Dynamic) were analyzed and
 reviewed. Hence +1 from the Platform Security Team for proceeding with
 the release.

 Thanks.

 Regards,
 Mathuriga.

 On Wed, Oct 2, 2019 at 10:08 PM Niluka Sripali Monnankulama <
 nil...@wso2.com> wrote:

> Hi all,
>
>
> Verified and validated below listed features are working as 

Re: [Dev] [VOTE] Release WSO2 Identity Server 5.9.0 RC2

[Inthirakumaaran Tharmakulasingham]

Hi all,

I have tested the following scenarios

   - Authorization Code Grant
   - Client Credentials Grant
   - Implicit Grant
   - Password Grant
   - OIDC Request Path Authenticator
   - OIDC Implicit Redirect
   - OIDC Password Grant
   - SAML SSO with Redirect Binding
   - SAML SSO with Post Binding
   - Role-based adaptive authentication
   - Userstore based adaptive authentication

No blocker issues found

[+] Stable - go ahead and release

On Thu, Oct 3, 2019 at 7:10 PM Isuranga Perera  wrote:

> :All
>
> I have tested the following scenarios and no blocking issues found:
>
>- Outbound provisioning with SCIM and Salesforce
>
>
>- Federated authentication using Facebook
>
> [+] Stable - go ahead and release
>
> Thanks
> Isuranga
>
> On Thu, Oct 3, 2019 at 6:16 PM Piraveena Paralogarajah 
> wrote:
>
>> Hi all.
>>
>> I have tested the following scenarios:
>>
>>
>>
>>- Scope Management REST API
>>- XACML based scope validation for token issuing phase in the
>>following OAuth grant types
>>
>>
>>- Authorization code flow
>>   - password grant
>>   - client_credentials
>>   - Implicit flow
>>- XACML based authorization
>>
>> No blocker issues found
>> [+] Stable - go ahead and release
>>
>> Thanks,
>> Piraveena
>>
>> *Piraveena Paralogarajah*
>> Software Engineer | WSO2 Inc.
>> *(m)* +94776099594 | *(e)* pirave...@wso2.com
>>
>>
>>
>> On Thu, Oct 3, 2019 at 3:45 PM Ashen Weerathunga  wrote:
>>
>>> Hi All,
>>>
>>> I have tested the following scenarios and no blocking issues found.
>>>
>>>- SSO with SAML
>>>- Federated authentication with Google
>>>- Federated authentication with Facebook
>>>- SSO with multi-option and multi-step authentication
>>>- Role-based Adaptive authentication
>>>
>>> [+] Stable - go ahead and release
>>>
>>> Thanks,
>>> Ashen
>>>
>>>
>>> On Thu, Oct 3, 2019 at 2:34 PM Shanika Wickramasinghe 
>>> wrote:
>>>
 Hi All,

 I have tested the following features and no issues found

 Ubuntu 16.04 | MSSQL | Embedded Ldap Primary User Store | Super Tenant


-

Manage roles with SCIM 2.0 Create Group, Delete Group, Filter
Groups, Search Groups, Update Group - PATCH, Update Group - PUT
-

Manage users with SCIM 2.0 Create User Delete User by ID Filter
Users Search Users Update User - PATCH Update User - PUT
-

Recover Username with dashboard
-

Recover Password with dashboard


 Ubuntu 16.04 |  MSSQL | SecondaryUser Store | Super Tenant


-

SP pagination with UI
-

SP pagination with Admin Services
-

Account Lock
-

Recaptcha with Single Sign On


 Ubuntu 16.04 | H2/MSSQL | Embedded Ldap Primary User Store | Super
 Tenant


-

Manage Workflows


 Ubuntu 16.04 | H2 | Embedded Ldap Primary User Store | Super Tenant


-

Manage Workflows with QSG sample
-

User self-registration via REST APIs
-

User self-registration via user portal
-

User manage his own user account, Update user profile
-

OAuth 1.0 SP Creation/ Update


 +1 Go ahead and release.


 Thanks,

 Shanika

 On Thu, Oct 3, 2019 at 9:16 AM Achini Jayasena 
 wrote:

> Hi All,
>
> Tested and verified with performance test and long running test. Test
> result match with the expectations.
>
> *Performance test*
>
> Summary*:  *Performance has been improved comparing to the product
> version 5.8
>
> Deployment
>
>- OS: Ubuntu
>- DB: Mysql
>- Heap: 4G/2G
>- CPU cores: 4
>- Concurrent users: 50, 100, 150, 300, 500
>
> Scenarios:
>
>- Authenticate_Super_Tenant_User
>- OAuth_AuthCode_Redirect_WithConsent
>- OAuth_Client_Credentials_Grant
>- OAuth_Implicit_Redirect_WithConsent
>- OAuth_Password_Grant
>- OIDC_AuthCode_Redirect_WithConsent
>- OIDC_AuthCode_Request_Path_Authenticator_WithConsent
>- OIDC_Implicit_Redirect_WithConsent
>- OIDC_Password_Grant
>- SAML2_SSO_Redirect_Binding
>- Challenge questions by super tenant users
>- Refresh token refresh grant - Renewal false
>
> *Long running test*
>
> Summery*: *No issue reported.
>
> Deployment :
>
>- IS node
>- Instance type: c5.xlarge
>   - vCPU:4
>   - RAM: 8GB
>   - Heap: 2G allocated for IS
>
>
>- RDS as the MySQL DB
>- Mysql engine version : 5.7.22
>   - vCPU: 4
>   - Instance class : db.m4.xlarge
>   - RAM: 16 GB
>   - Storage: 100 GiB
>- Executing test scenarios:
>- 

Re: [Dev] [VOTE] Release WSO2 Identity Server 5.9.0 RC2

[Dewni Weeraman]

Hi,

I've tested following scenarios with default database setup.

Using REST APIs via XACML to manage entitlement.

UMA 2.0 flow

- Obtain PAT using password grant.

- Create, delete, update, list resources and read resource description of a
resource by invoking UMA resource registration endpoint.
- Entitlement policy creation using write policy in xacml and publishing.
- Obtain permission ticket by invoking UMA permission endpoint.
- Configure a service provider with OpenID Connect and obtain RPT using UMA
 grant.
- Introspect RPT with additional UMA related details by invoking OAuth
Introspection Endpoint.


Password History Validation
Password Patterns Validation

No blocking issues are found.

[+] Stable - go ahead and release.

Thanks,
Dewni Weeraman

On Thu, Oct 3, 2019 at 7:19 PM Thanuja Jayasinghe  wrote:

> Hi All,
>
> I have tested the following API implementations and no blocking issues
> found.
>
> - Session management API
> - User Account Association API
> - Export User profile
> - Consent Management API
>
> [+] Stable - go ahead and release
>
> Thanks,
> Thanuja
>
>
> On Thu, Oct 3, 2019 at 6:16 PM Piraveena Paralogarajah
>  wrote:
> >
> > Hi all.
> >
> > I have tested the following scenarios:
> >
> >
> > Scope Management REST API
> > XACML based scope validation for token issuing phase in the following
> OAuth grant types
> >
> > Authorization code flow
> > password grant
> > client_credentials
> > Implicit flow
> >
> > XACML based authorization
> >
> > No blocker issues found
> > [+] Stable - go ahead and release
> >
> > Thanks,
> > Piraveena
> >
> > Piraveena Paralogarajah
> > Software Engineer | WSO2 Inc.
> > (m) +94776099594 | (e) pirave...@wso2.com
> >
> >
> >
> > On Thu, Oct 3, 2019 at 3:45 PM Ashen Weerathunga  wrote:
> >>
> >> Hi All,
> >>
> >> I have tested the following scenarios and no blocking issues found.
> >>
> >> SSO with SAML
> >> Federated authentication with Google
> >> Federated authentication with Facebook
> >> SSO with multi-option and multi-step authentication
> >> Role-based Adaptive authentication
> >>
> >> [+] Stable - go ahead and release
> >>
> >> Thanks,
> >> Ashen
> >>
> >>
> >> On Thu, Oct 3, 2019 at 2:34 PM Shanika Wickramasinghe <
> shani...@wso2.com> wrote:
> >>>
> >>> Hi All,
> >>>
> >>>
> >>> I have tested the following features and no issues found
> >>>
> >>>
> >>> Ubuntu 16.04 | MSSQL | Embedded Ldap Primary User Store | Super Tenant
> >>>
> >>>
> >>> Manage roles with SCIM 2.0 Create Group, Delete Group, Filter Groups,
> Search Groups, Update Group - PATCH, Update Group - PUT
> >>>
> >>> Manage users with SCIM 2.0 Create User Delete User by ID Filter Users
> Search Users Update User - PATCH Update User - PUT
> >>>
> >>> Recover Username with dashboard
> >>>
> >>> Recover Password with dashboard
> >>>
> >>>
> >>> Ubuntu 16.04 |  MSSQL | SecondaryUser Store | Super Tenant
> >>>
> >>>
> >>> SP pagination with UI
> >>>
> >>> SP pagination with Admin Services
> >>>
> >>> Account Lock
> >>>
> >>> Recaptcha with Single Sign On
> >>>
> >>>
> >>> Ubuntu 16.04 | H2/MSSQL | Embedded Ldap Primary User Store | Super
> Tenant
> >>>
> >>>
> >>> Manage Workflows
> >>>
> >>>
> >>> Ubuntu 16.04 | H2 | Embedded Ldap Primary User Store | Super Tenant
> >>>
> >>>
> >>> Manage Workflows with QSG sample
> >>>
> >>> User self-registration via REST APIs
> >>>
> >>> User self-registration via user portal
> >>>
> >>> User manage his own user account, Update user profile
> >>>
> >>> OAuth 1.0 SP Creation/ Update
> >>>
> >>>
> >>> +1 Go ahead and release.
> >>>
> >>>
> >>> Thanks,
> >>>
> >>> Shanika
> >>>
> >>>
> >>> On Thu, Oct 3, 2019 at 9:16 AM Achini Jayasena 
> wrote:
> 
>  Hi All,
> 
>  Tested and verified with performance test and long running test. Test
> result match with the expectations.
> 
>  Performance test
> 
>  Summary:  Performance has been improved comparing to the product
> version 5.8
> 
>  Deployment
> 
>  OS: Ubuntu
>  DB: Mysql
>  Heap: 4G/2G
>  CPU cores: 4
>  Concurrent users: 50, 100, 150, 300, 500
> 
>  Scenarios:
> 
>  Authenticate_Super_Tenant_User
>  OAuth_AuthCode_Redirect_WithConsent
>  OAuth_Client_Credentials_Grant
>  OAuth_Implicit_Redirect_WithConsent
>  OAuth_Password_Grant
>  OIDC_AuthCode_Redirect_WithConsent
>  OIDC_AuthCode_Request_Path_Authenticator_WithConsent
>  OIDC_Implicit_Redirect_WithConsent
>  OIDC_Password_Grant
>  SAML2_SSO_Redirect_Binding
>  Challenge questions by super tenant users
>  Refresh token refresh grant - Renewal false
> 
>  Long running test
> 
>  Summery: No issue reported.
> 
>  Deployment :
> 
>  IS node
> 
>  Instance type: c5.xlarge
>  vCPU:4
>  RAM: 8GB
>  Heap: 2G allocated for IS
> 
>  RDS as the MySQL DB
> 
>  Mysql engine version : 5.7.22
>  vCPU: 4
>  Instance class : db.m4.xlarge
>  RAM: 16 GB
>  

Re: [Dev] [VOTE] Release WSO2 Identity Server 5.9.0 RC2

[Thanuja Jayasinghe]

Hi All,

I have tested the following API implementations and no blocking issues found.

- Session management API
- User Account Association API
- Export User profile
- Consent Management API

[+] Stable - go ahead and release

Thanks,
Thanuja


On Thu, Oct 3, 2019 at 6:16 PM Piraveena Paralogarajah
 wrote:
>
> Hi all.
>
> I have tested the following scenarios:
>
>
> Scope Management REST API
> XACML based scope validation for token issuing phase in the following OAuth 
> grant types
>
> Authorization code flow
> password grant
> client_credentials
> Implicit flow
>
> XACML based authorization
>
> No blocker issues found
> [+] Stable - go ahead and release
>
> Thanks,
> Piraveena
>
> Piraveena Paralogarajah
> Software Engineer | WSO2 Inc.
> (m) +94776099594 | (e) pirave...@wso2.com
>
>
>
> On Thu, Oct 3, 2019 at 3:45 PM Ashen Weerathunga  wrote:
>>
>> Hi All,
>>
>> I have tested the following scenarios and no blocking issues found.
>>
>> SSO with SAML
>> Federated authentication with Google
>> Federated authentication with Facebook
>> SSO with multi-option and multi-step authentication
>> Role-based Adaptive authentication
>>
>> [+] Stable - go ahead and release
>>
>> Thanks,
>> Ashen
>>
>>
>> On Thu, Oct 3, 2019 at 2:34 PM Shanika Wickramasinghe  
>> wrote:
>>>
>>> Hi All,
>>>
>>>
>>> I have tested the following features and no issues found
>>>
>>>
>>> Ubuntu 16.04 | MSSQL | Embedded Ldap Primary User Store | Super Tenant
>>>
>>>
>>> Manage roles with SCIM 2.0 Create Group, Delete Group, Filter Groups, 
>>> Search Groups, Update Group - PATCH, Update Group - PUT
>>>
>>> Manage users with SCIM 2.0 Create User Delete User by ID Filter Users 
>>> Search Users Update User - PATCH Update User - PUT
>>>
>>> Recover Username with dashboard
>>>
>>> Recover Password with dashboard
>>>
>>>
>>> Ubuntu 16.04 |  MSSQL | SecondaryUser Store | Super Tenant
>>>
>>>
>>> SP pagination with UI
>>>
>>> SP pagination with Admin Services
>>>
>>> Account Lock
>>>
>>> Recaptcha with Single Sign On
>>>
>>>
>>> Ubuntu 16.04 | H2/MSSQL | Embedded Ldap Primary User Store | Super Tenant
>>>
>>>
>>> Manage Workflows
>>>
>>>
>>> Ubuntu 16.04 | H2 | Embedded Ldap Primary User Store | Super Tenant
>>>
>>>
>>> Manage Workflows with QSG sample
>>>
>>> User self-registration via REST APIs
>>>
>>> User self-registration via user portal
>>>
>>> User manage his own user account, Update user profile
>>>
>>> OAuth 1.0 SP Creation/ Update
>>>
>>>
>>> +1 Go ahead and release.
>>>
>>>
>>> Thanks,
>>>
>>> Shanika
>>>
>>>
>>> On Thu, Oct 3, 2019 at 9:16 AM Achini Jayasena  wrote:

 Hi All,

 Tested and verified with performance test and long running test. Test 
 result match with the expectations.

 Performance test

 Summary:  Performance has been improved comparing to the product version 
 5.8

 Deployment

 OS: Ubuntu
 DB: Mysql
 Heap: 4G/2G
 CPU cores: 4
 Concurrent users: 50, 100, 150, 300, 500

 Scenarios:

 Authenticate_Super_Tenant_User
 OAuth_AuthCode_Redirect_WithConsent
 OAuth_Client_Credentials_Grant
 OAuth_Implicit_Redirect_WithConsent
 OAuth_Password_Grant
 OIDC_AuthCode_Redirect_WithConsent
 OIDC_AuthCode_Request_Path_Authenticator_WithConsent
 OIDC_Implicit_Redirect_WithConsent
 OIDC_Password_Grant
 SAML2_SSO_Redirect_Binding
 Challenge questions by super tenant users
 Refresh token refresh grant - Renewal false

 Long running test

 Summery: No issue reported.

 Deployment :

 IS node

 Instance type: c5.xlarge
 vCPU:4
 RAM: 8GB
 Heap: 2G allocated for IS

 RDS as the MySQL DB

 Mysql engine version : 5.7.22
 vCPU: 4
 Instance class : db.m4.xlarge
 RAM: 16 GB
 Storage: 100 GiB

 Executing test scenarios:

 Authenticate_Super_Tenant_User
 OAuth_AuthCode_Redirect_WithConsent
 OAuth_Password_Grant
 OIDC_AuthCode_Redirect_WithConsent
 OIDC_Implicit_Redirect_WithConsent
 OIDC_Password_Grant
 OIDC_AuthCode_Request_Path_Authenticator_WithConsent
 SAML2_SSO_Redirect_Binding

 Concurrency : 20
 TPS: 240 per minute

 No blocking issue reported. +1 for proceed. :)

 Thanks & Best Regards!
 Achini Jayasena
 Software Engineer - QA | WSO2

 Email: achi...@wso2.com
 Mobile: +94 713 882 897




 On Wed, Oct 2, 2019 at 10:31 PM Mathuriga Thavarajah  
 wrote:
>
> Hi All,
>
> Security Scanning reports (Static and Dynamic) were analyzed and 
> reviewed. Hence +1 from the Platform Security Team for proceeding with 
> the release.
>
> Thanks.
>
> Regards,
> Mathuriga.
>
> On Wed, Oct 2, 2019 at 10:08 PM Niluka Sripali Monnankulama 
>  wrote:
>>
>> Hi all,
>>
>>
>> Verified and validated below listed features are working as expected.
>>
>>
>> 

Re: [Dev] [VOTE] Release WSO2 Identity Server 5.9.0 RC2

[Isuranga Perera]

:All

I have tested the following scenarios and no blocking issues found:

   - Outbound provisioning with SCIM and Salesforce


   - Federated authentication using Facebook

[+] Stable - go ahead and release

Thanks
Isuranga

On Thu, Oct 3, 2019 at 6:16 PM Piraveena Paralogarajah 
wrote:

> Hi all.
>
> I have tested the following scenarios:
>
>
>
>- Scope Management REST API
>- XACML based scope validation for token issuing phase in the
>following OAuth grant types
>
>
>- Authorization code flow
>   - password grant
>   - client_credentials
>   - Implicit flow
>- XACML based authorization
>
> No blocker issues found
> [+] Stable - go ahead and release
>
> Thanks,
> Piraveena
>
> *Piraveena Paralogarajah*
> Software Engineer | WSO2 Inc.
> *(m)* +94776099594 | *(e)* pirave...@wso2.com
>
>
>
> On Thu, Oct 3, 2019 at 3:45 PM Ashen Weerathunga  wrote:
>
>> Hi All,
>>
>> I have tested the following scenarios and no blocking issues found.
>>
>>- SSO with SAML
>>- Federated authentication with Google
>>- Federated authentication with Facebook
>>- SSO with multi-option and multi-step authentication
>>- Role-based Adaptive authentication
>>
>> [+] Stable - go ahead and release
>>
>> Thanks,
>> Ashen
>>
>>
>> On Thu, Oct 3, 2019 at 2:34 PM Shanika Wickramasinghe 
>> wrote:
>>
>>> Hi All,
>>>
>>> I have tested the following features and no issues found
>>>
>>> Ubuntu 16.04 | MSSQL | Embedded Ldap Primary User Store | Super Tenant
>>>
>>>
>>>-
>>>
>>>Manage roles with SCIM 2.0 Create Group, Delete Group, Filter
>>>Groups, Search Groups, Update Group - PATCH, Update Group - PUT
>>>-
>>>
>>>Manage users with SCIM 2.0 Create User Delete User by ID Filter
>>>Users Search Users Update User - PATCH Update User - PUT
>>>-
>>>
>>>Recover Username with dashboard
>>>-
>>>
>>>Recover Password with dashboard
>>>
>>>
>>> Ubuntu 16.04 |  MSSQL | SecondaryUser Store | Super Tenant
>>>
>>>
>>>-
>>>
>>>SP pagination with UI
>>>-
>>>
>>>SP pagination with Admin Services
>>>-
>>>
>>>Account Lock
>>>-
>>>
>>>Recaptcha with Single Sign On
>>>
>>>
>>> Ubuntu 16.04 | H2/MSSQL | Embedded Ldap Primary User Store | Super Tenant
>>>
>>>
>>>-
>>>
>>>Manage Workflows
>>>
>>>
>>> Ubuntu 16.04 | H2 | Embedded Ldap Primary User Store | Super Tenant
>>>
>>>
>>>-
>>>
>>>Manage Workflows with QSG sample
>>>-
>>>
>>>User self-registration via REST APIs
>>>-
>>>
>>>User self-registration via user portal
>>>-
>>>
>>>User manage his own user account, Update user profile
>>>-
>>>
>>>OAuth 1.0 SP Creation/ Update
>>>
>>>
>>> +1 Go ahead and release.
>>>
>>>
>>> Thanks,
>>>
>>> Shanika
>>>
>>> On Thu, Oct 3, 2019 at 9:16 AM Achini Jayasena  wrote:
>>>
 Hi All,

 Tested and verified with performance test and long running test. Test
 result match with the expectations.

 *Performance test*

 Summary*:  *Performance has been improved comparing to the product
 version 5.8

 Deployment

- OS: Ubuntu
- DB: Mysql
- Heap: 4G/2G
- CPU cores: 4
- Concurrent users: 50, 100, 150, 300, 500

 Scenarios:

- Authenticate_Super_Tenant_User
- OAuth_AuthCode_Redirect_WithConsent
- OAuth_Client_Credentials_Grant
- OAuth_Implicit_Redirect_WithConsent
- OAuth_Password_Grant
- OIDC_AuthCode_Redirect_WithConsent
- OIDC_AuthCode_Request_Path_Authenticator_WithConsent
- OIDC_Implicit_Redirect_WithConsent
- OIDC_Password_Grant
- SAML2_SSO_Redirect_Binding
- Challenge questions by super tenant users
- Refresh token refresh grant - Renewal false

 *Long running test*

 Summery*: *No issue reported.

 Deployment :

- IS node
- Instance type: c5.xlarge
   - vCPU:4
   - RAM: 8GB
   - Heap: 2G allocated for IS


- RDS as the MySQL DB
- Mysql engine version : 5.7.22
   - vCPU: 4
   - Instance class : db.m4.xlarge
   - RAM: 16 GB
   - Storage: 100 GiB
- Executing test scenarios:
- Authenticate_Super_Tenant_User
   - OAuth_AuthCode_Redirect_WithConsent
   - OAuth_Password_Grant
   - OIDC_AuthCode_Redirect_WithConsent
   - OIDC_Implicit_Redirect_WithConsent
   - OIDC_Password_Grant
   - OIDC_AuthCode_Request_Path_Authenticator_WithConsent
   - SAML2_SSO_Redirect_Binding
- Concurrency : 20
- TPS: 240 per minute

 No blocking issue reported. +1 for proceed. :)


 *Thanks & Best Regards!*

 *Achini Jayasena*
 *Software Engineer - QA | WSO2*

 Email: achi...@wso2.com
 Mobile: +94 713 882 897

 [image: http://wso2.com/signature] 


 On Wed, 

Re: [Dev] [VOTE] Release WSO2 Identity Server 5.9.0 RC2

[Piraveena Paralogarajah]

Hi all.

I have tested the following scenarios:



   - Scope Management REST API
   - XACML based scope validation for token issuing phase in the following
   OAuth grant types


   - Authorization code flow
  - password grant
  - client_credentials
  - Implicit flow
   - XACML based authorization

No blocker issues found
[+] Stable - go ahead and release

Thanks,
Piraveena

*Piraveena Paralogarajah*
Software Engineer | WSO2 Inc.
*(m)* +94776099594 | *(e)* pirave...@wso2.com



On Thu, Oct 3, 2019 at 3:45 PM Ashen Weerathunga  wrote:

> Hi All,
>
> I have tested the following scenarios and no blocking issues found.
>
>- SSO with SAML
>- Federated authentication with Google
>- Federated authentication with Facebook
>- SSO with multi-option and multi-step authentication
>- Role-based Adaptive authentication
>
> [+] Stable - go ahead and release
>
> Thanks,
> Ashen
>
>
> On Thu, Oct 3, 2019 at 2:34 PM Shanika Wickramasinghe 
> wrote:
>
>> Hi All,
>>
>> I have tested the following features and no issues found
>>
>> Ubuntu 16.04 | MSSQL | Embedded Ldap Primary User Store | Super Tenant
>>
>>
>>-
>>
>>Manage roles with SCIM 2.0 Create Group, Delete Group, Filter Groups,
>>Search Groups, Update Group - PATCH, Update Group - PUT
>>-
>>
>>Manage users with SCIM 2.0 Create User Delete User by ID Filter Users
>>Search Users Update User - PATCH Update User - PUT
>>-
>>
>>Recover Username with dashboard
>>-
>>
>>Recover Password with dashboard
>>
>>
>> Ubuntu 16.04 |  MSSQL | SecondaryUser Store | Super Tenant
>>
>>
>>-
>>
>>SP pagination with UI
>>-
>>
>>SP pagination with Admin Services
>>-
>>
>>Account Lock
>>-
>>
>>Recaptcha with Single Sign On
>>
>>
>> Ubuntu 16.04 | H2/MSSQL | Embedded Ldap Primary User Store | Super Tenant
>>
>>
>>-
>>
>>Manage Workflows
>>
>>
>> Ubuntu 16.04 | H2 | Embedded Ldap Primary User Store | Super Tenant
>>
>>
>>-
>>
>>Manage Workflows with QSG sample
>>-
>>
>>User self-registration via REST APIs
>>-
>>
>>User self-registration via user portal
>>-
>>
>>User manage his own user account, Update user profile
>>-
>>
>>OAuth 1.0 SP Creation/ Update
>>
>>
>> +1 Go ahead and release.
>>
>>
>> Thanks,
>>
>> Shanika
>>
>> On Thu, Oct 3, 2019 at 9:16 AM Achini Jayasena  wrote:
>>
>>> Hi All,
>>>
>>> Tested and verified with performance test and long running test. Test
>>> result match with the expectations.
>>>
>>> *Performance test*
>>>
>>> Summary*:  *Performance has been improved comparing to the product
>>> version 5.8
>>>
>>> Deployment
>>>
>>>- OS: Ubuntu
>>>- DB: Mysql
>>>- Heap: 4G/2G
>>>- CPU cores: 4
>>>- Concurrent users: 50, 100, 150, 300, 500
>>>
>>> Scenarios:
>>>
>>>- Authenticate_Super_Tenant_User
>>>- OAuth_AuthCode_Redirect_WithConsent
>>>- OAuth_Client_Credentials_Grant
>>>- OAuth_Implicit_Redirect_WithConsent
>>>- OAuth_Password_Grant
>>>- OIDC_AuthCode_Redirect_WithConsent
>>>- OIDC_AuthCode_Request_Path_Authenticator_WithConsent
>>>- OIDC_Implicit_Redirect_WithConsent
>>>- OIDC_Password_Grant
>>>- SAML2_SSO_Redirect_Binding
>>>- Challenge questions by super tenant users
>>>- Refresh token refresh grant - Renewal false
>>>
>>> *Long running test*
>>>
>>> Summery*: *No issue reported.
>>>
>>> Deployment :
>>>
>>>- IS node
>>>- Instance type: c5.xlarge
>>>   - vCPU:4
>>>   - RAM: 8GB
>>>   - Heap: 2G allocated for IS
>>>
>>>
>>>- RDS as the MySQL DB
>>>- Mysql engine version : 5.7.22
>>>   - vCPU: 4
>>>   - Instance class : db.m4.xlarge
>>>   - RAM: 16 GB
>>>   - Storage: 100 GiB
>>>- Executing test scenarios:
>>>- Authenticate_Super_Tenant_User
>>>   - OAuth_AuthCode_Redirect_WithConsent
>>>   - OAuth_Password_Grant
>>>   - OIDC_AuthCode_Redirect_WithConsent
>>>   - OIDC_Implicit_Redirect_WithConsent
>>>   - OIDC_Password_Grant
>>>   - OIDC_AuthCode_Request_Path_Authenticator_WithConsent
>>>   - SAML2_SSO_Redirect_Binding
>>>- Concurrency : 20
>>>- TPS: 240 per minute
>>>
>>> No blocking issue reported. +1 for proceed. :)
>>>
>>>
>>> *Thanks & Best Regards!*
>>>
>>> *Achini Jayasena*
>>> *Software Engineer - QA | WSO2*
>>>
>>> Email: achi...@wso2.com
>>> Mobile: +94 713 882 897
>>>
>>> [image: http://wso2.com/signature] 
>>>
>>>
>>> On Wed, Oct 2, 2019 at 10:31 PM Mathuriga Thavarajah 
>>> wrote:
>>>
 Hi All,

 Security Scanning reports (Static and Dynamic) were analyzed and
 reviewed. Hence +1 from the Platform Security Team for proceeding with
 the release.

 Thanks.

 Regards,
 Mathuriga.

 On Wed, Oct 2, 2019 at 10:08 PM Niluka Sripali Monnankulama <
 nil...@wso2.com> wrote:

> Hi all,
>
>
> Verified and validated below listed features are working as expected.
>
>

Re: [Dev] [VOTE] Release WSO2 Identity Server 5.9.0 RC2

[Ashen Weerathunga]

Hi All,

I have tested the following scenarios and no blocking issues found.

   - SSO with SAML
   - Federated authentication with Google
   - Federated authentication with Facebook
   - SSO with multi-option and multi-step authentication
   - Role-based Adaptive authentication

[+] Stable - go ahead and release

Thanks,
Ashen


On Thu, Oct 3, 2019 at 2:34 PM Shanika Wickramasinghe 
wrote:

> Hi All,
>
> I have tested the following features and no issues found
>
> Ubuntu 16.04 | MSSQL | Embedded Ldap Primary User Store | Super Tenant
>
>
>-
>
>Manage roles with SCIM 2.0 Create Group, Delete Group, Filter Groups,
>Search Groups, Update Group - PATCH, Update Group - PUT
>-
>
>Manage users with SCIM 2.0 Create User Delete User by ID Filter Users
>Search Users Update User - PATCH Update User - PUT
>-
>
>Recover Username with dashboard
>-
>
>Recover Password with dashboard
>
>
> Ubuntu 16.04 |  MSSQL | SecondaryUser Store | Super Tenant
>
>
>-
>
>SP pagination with UI
>-
>
>SP pagination with Admin Services
>-
>
>Account Lock
>-
>
>Recaptcha with Single Sign On
>
>
> Ubuntu 16.04 | H2/MSSQL | Embedded Ldap Primary User Store | Super Tenant
>
>
>-
>
>Manage Workflows
>
>
> Ubuntu 16.04 | H2 | Embedded Ldap Primary User Store | Super Tenant
>
>
>-
>
>Manage Workflows with QSG sample
>-
>
>User self-registration via REST APIs
>-
>
>User self-registration via user portal
>-
>
>User manage his own user account, Update user profile
>-
>
>OAuth 1.0 SP Creation/ Update
>
>
> +1 Go ahead and release.
>
>
> Thanks,
>
> Shanika
>
> On Thu, Oct 3, 2019 at 9:16 AM Achini Jayasena  wrote:
>
>> Hi All,
>>
>> Tested and verified with performance test and long running test. Test
>> result match with the expectations.
>>
>> *Performance test*
>>
>> Summary*:  *Performance has been improved comparing to the product
>> version 5.8
>>
>> Deployment
>>
>>- OS: Ubuntu
>>- DB: Mysql
>>- Heap: 4G/2G
>>- CPU cores: 4
>>- Concurrent users: 50, 100, 150, 300, 500
>>
>> Scenarios:
>>
>>- Authenticate_Super_Tenant_User
>>- OAuth_AuthCode_Redirect_WithConsent
>>- OAuth_Client_Credentials_Grant
>>- OAuth_Implicit_Redirect_WithConsent
>>- OAuth_Password_Grant
>>- OIDC_AuthCode_Redirect_WithConsent
>>- OIDC_AuthCode_Request_Path_Authenticator_WithConsent
>>- OIDC_Implicit_Redirect_WithConsent
>>- OIDC_Password_Grant
>>- SAML2_SSO_Redirect_Binding
>>- Challenge questions by super tenant users
>>- Refresh token refresh grant - Renewal false
>>
>> *Long running test*
>>
>> Summery*: *No issue reported.
>>
>> Deployment :
>>
>>- IS node
>>- Instance type: c5.xlarge
>>   - vCPU:4
>>   - RAM: 8GB
>>   - Heap: 2G allocated for IS
>>
>>
>>- RDS as the MySQL DB
>>- Mysql engine version : 5.7.22
>>   - vCPU: 4
>>   - Instance class : db.m4.xlarge
>>   - RAM: 16 GB
>>   - Storage: 100 GiB
>>- Executing test scenarios:
>>- Authenticate_Super_Tenant_User
>>   - OAuth_AuthCode_Redirect_WithConsent
>>   - OAuth_Password_Grant
>>   - OIDC_AuthCode_Redirect_WithConsent
>>   - OIDC_Implicit_Redirect_WithConsent
>>   - OIDC_Password_Grant
>>   - OIDC_AuthCode_Request_Path_Authenticator_WithConsent
>>   - SAML2_SSO_Redirect_Binding
>>- Concurrency : 20
>>- TPS: 240 per minute
>>
>> No blocking issue reported. +1 for proceed. :)
>>
>>
>> *Thanks & Best Regards!*
>>
>> *Achini Jayasena*
>> *Software Engineer - QA | WSO2*
>>
>> Email: achi...@wso2.com
>> Mobile: +94 713 882 897
>>
>> [image: http://wso2.com/signature] 
>>
>>
>> On Wed, Oct 2, 2019 at 10:31 PM Mathuriga Thavarajah 
>> wrote:
>>
>>> Hi All,
>>>
>>> Security Scanning reports (Static and Dynamic) were analyzed and
>>> reviewed. Hence +1 from the Platform Security Team for proceeding with
>>> the release.
>>>
>>> Thanks.
>>>
>>> Regards,
>>> Mathuriga.
>>>
>>> On Wed, Oct 2, 2019 at 10:08 PM Niluka Sripali Monnankulama <
>>> nil...@wso2.com> wrote:
>>>
 Hi all,


 Verified and validated below listed features are working as expected.


 Test Environment OS- MAC O/S, Windows-Server-2016-standard-64bit

Java version- 1.8.0_171, 11.0.4

   Database - H2, Oracle 12c

   User type, Primary, Secondary, Super user and Tenant user



- User management with multilayer approval
- Manage user stores(Create,update,delete,disable)
- Configuring Claims for a Service Provider
- Consent Management for Self Sign Up
- Single Sign-On / Federated authentication for a web application
with SAML - SP-Init, IDP-Init
- SAML2 IdP Initiated Single Logout

 Front channel post binding
 Front channel redirect binding

Re: [Dev] [VOTE] Release WSO2 Identity Server 5.9.0 RC2

[Farasath Ahamed]

Hi All,

Tested the below scenarios on MySQL.

   - Create an OAuth app using DCR
   - Get OAuth App information using DCR
   - Revoke the app
   - Regenerate the client_secret
   - Authorization Code flow without client secret (public client)
   - OIDC custom claims
   - OIDC role claim with role mappings
   - User Info calls
   - Token Revocations


The flows work as expected and no blocking issues found.

[+] Stable - go ahead and release

On Thu, Oct 3, 2019 at 11:56 AM Nilasini Thirunavukkarasu 
wrote:

> Hi All,
>
> Tested the following flows and working as expected.
> *DB type:- db2*
>
>- Obtained access tokens using
>   - authorization code grant type
>   - password grant type
>   - refresh token grant type
>   - implicit grant type
>   - client-credential grant type
>
>
>- Access token revocation
>- Userinfo invocation
>- SCIM2 operation
>- User creation
>- Patch
>- PUT
>-Search
>-Get
>-Delete
>
> No blocker issue found +1  Stable - go ahead and release
>
> Thanks,
> Nila.
>
> On Thu, Oct 3, 2019 at 11:15 AM Sathya Bandara  wrote:
>
>> Hi All,
>>
>> Tested following flows and working as expected.
>>
>> IDP Management
>> - add/update/delete/disable IDPs
>> - configure multiple certificates per IDP
>>
>> SSO with SAML
>> SAML to SAML federation
>> Export and import SAML metadata
>> JIT Provisioning
>>
>> Workflow management
>> - add/delete/update workflow definitions
>> - add/delete/disable workflow engagements
>> - user approval tasks with workflows
>>
>> Mutual TLS for Oauth client authentication
>>
>> [+] Stable - go ahead and release
>>
>> Thanks,
>> Sathya
>>
>> On Thu, Oct 3, 2019 at 10:19 AM Hasanthi Purnima Dissanayake <
>> hasan...@wso2.com> wrote:
>>
>>> Hi All,
>>>
>>> Tested following flows and working as expected.
>>>
>>> - Obtained access tokens using the following grant types.
>>>
>>>- authorization code grant type
>>>- password grant type
>>>- implicit grant type
>>>- client-credential grant type
>>>
>>> - Access token revocation
>>> - JWKS endpoint
>>>
>>> [+] Stable - go ahead and release
>>>
>>> Thanks,
>>> Hasanthi
>>>
>>> On Thu, Oct 3, 2019 at 9:44 AM Wijith Bandara  wrote:
>>>
 Hi all

 Verified and validated below listed features are working as expected.

 QSG
 - Single-Sign-On with SAML2
 - Single-Sign-On with OIDC
 - Multi-Factor Authentication
 - Google as a Federated Authenticator
 - Self-Signup
 - Creating a workflow

 Multi Options Authentication with local authenticators (basic,
 X509Certificate)
 Multi Options Authentication with federated authenticators (SAML2 Web
 SSO, Google, Yahoo)
 Multi Options Authentication with federated authenticators
 (OAuth2/OpenID Connect, Facebook, Twitter)
 Multi-Factor Authentication with federated authenticators(SAML2 Web
 SSO, Google, Yahoo, basic)

 No blocker issue found +1 to proceed

 Thanks,
 wijith

 On Thu, Oct 3, 2019 at 9:16 AM Achini Jayasena 
 wrote:

> Hi All,
>
> Tested and verified with performance test and long running test. Test
> result match with the expectations.
>
> *Performance test*
>
> Summary*:  *Performance has been improved comparing to the product
> version 5.8
>
> Deployment
>
>- OS: Ubuntu
>- DB: Mysql
>- Heap: 4G/2G
>- CPU cores: 4
>- Concurrent users: 50, 100, 150, 300, 500
>
> Scenarios:
>
>- Authenticate_Super_Tenant_User
>- OAuth_AuthCode_Redirect_WithConsent
>- OAuth_Client_Credentials_Grant
>- OAuth_Implicit_Redirect_WithConsent
>- OAuth_Password_Grant
>- OIDC_AuthCode_Redirect_WithConsent
>- OIDC_AuthCode_Request_Path_Authenticator_WithConsent
>- OIDC_Implicit_Redirect_WithConsent
>- OIDC_Password_Grant
>- SAML2_SSO_Redirect_Binding
>- Challenge questions by super tenant users
>- Refresh token refresh grant - Renewal false
>
> *Long running test*
>
> Summery*: *No issue reported.
>
> Deployment :
>
>- IS node
>- Instance type: c5.xlarge
>   - vCPU:4
>   - RAM: 8GB
>   - Heap: 2G allocated for IS
>
>
>- RDS as the MySQL DB
>- Mysql engine version : 5.7.22
>   - vCPU: 4
>   - Instance class : db.m4.xlarge
>   - RAM: 16 GB
>   - Storage: 100 GiB
>- Executing test scenarios:
>- Authenticate_Super_Tenant_User
>   - OAuth_AuthCode_Redirect_WithConsent
>   - OAuth_Password_Grant
>   - OIDC_AuthCode_Redirect_WithConsent
>   - OIDC_Implicit_Redirect_WithConsent
>   - OIDC_Password_Grant
>   - OIDC_AuthCode_Request_Path_Authenticator_WithConsent
>   - SAML2_SSO_Redirect_Binding
>- Concurrency : 20
>- TPS: 240 per 

Re: [Dev] [VOTE] Release WSO2 Identity Server 5.9.0 RC2

[Nilasini Thirunavukkarasu]

Hi All,

Tested the following flows and working as expected.
*DB type:- db2*

   - Obtained access tokens using
  - authorization code grant type
  - password grant type
  - refresh token grant type
  - implicit grant type
  - client-credential grant type


   - Access token revocation
   - Userinfo invocation
   - SCIM2 operation
   - User creation
   - Patch
   - PUT
   -Search
   -Get
   -Delete

No blocker issue found +1  Stable - go ahead and release

Thanks,
Nila.

On Thu, Oct 3, 2019 at 11:15 AM Sathya Bandara  wrote:

> Hi All,
>
> Tested following flows and working as expected.
>
> IDP Management
> - add/update/delete/disable IDPs
> - configure multiple certificates per IDP
>
> SSO with SAML
> SAML to SAML federation
> Export and import SAML metadata
> JIT Provisioning
>
> Workflow management
> - add/delete/update workflow definitions
> - add/delete/disable workflow engagements
> - user approval tasks with workflows
>
> Mutual TLS for Oauth client authentication
>
> [+] Stable - go ahead and release
>
> Thanks,
> Sathya
>
> On Thu, Oct 3, 2019 at 10:19 AM Hasanthi Purnima Dissanayake <
> hasan...@wso2.com> wrote:
>
>> Hi All,
>>
>> Tested following flows and working as expected.
>>
>> - Obtained access tokens using the following grant types.
>>
>>- authorization code grant type
>>- password grant type
>>- implicit grant type
>>- client-credential grant type
>>
>> - Access token revocation
>> - JWKS endpoint
>>
>> [+] Stable - go ahead and release
>>
>> Thanks,
>> Hasanthi
>>
>> On Thu, Oct 3, 2019 at 9:44 AM Wijith Bandara  wrote:
>>
>>> Hi all
>>>
>>> Verified and validated below listed features are working as expected.
>>>
>>> QSG
>>> - Single-Sign-On with SAML2
>>> - Single-Sign-On with OIDC
>>> - Multi-Factor Authentication
>>> - Google as a Federated Authenticator
>>> - Self-Signup
>>> - Creating a workflow
>>>
>>> Multi Options Authentication with local authenticators (basic,
>>> X509Certificate)
>>> Multi Options Authentication with federated authenticators (SAML2 Web
>>> SSO, Google, Yahoo)
>>> Multi Options Authentication with federated authenticators
>>> (OAuth2/OpenID Connect, Facebook, Twitter)
>>> Multi-Factor Authentication with federated authenticators(SAML2 Web SSO,
>>> Google, Yahoo, basic)
>>>
>>> No blocker issue found +1 to proceed
>>>
>>> Thanks,
>>> wijith
>>>
>>> On Thu, Oct 3, 2019 at 9:16 AM Achini Jayasena  wrote:
>>>
 Hi All,

 Tested and verified with performance test and long running test. Test
 result match with the expectations.

 *Performance test*

 Summary*:  *Performance has been improved comparing to the product
 version 5.8

 Deployment

- OS: Ubuntu
- DB: Mysql
- Heap: 4G/2G
- CPU cores: 4
- Concurrent users: 50, 100, 150, 300, 500

 Scenarios:

- Authenticate_Super_Tenant_User
- OAuth_AuthCode_Redirect_WithConsent
- OAuth_Client_Credentials_Grant
- OAuth_Implicit_Redirect_WithConsent
- OAuth_Password_Grant
- OIDC_AuthCode_Redirect_WithConsent
- OIDC_AuthCode_Request_Path_Authenticator_WithConsent
- OIDC_Implicit_Redirect_WithConsent
- OIDC_Password_Grant
- SAML2_SSO_Redirect_Binding
- Challenge questions by super tenant users
- Refresh token refresh grant - Renewal false

 *Long running test*

 Summery*: *No issue reported.

 Deployment :

- IS node
- Instance type: c5.xlarge
   - vCPU:4
   - RAM: 8GB
   - Heap: 2G allocated for IS


- RDS as the MySQL DB
- Mysql engine version : 5.7.22
   - vCPU: 4
   - Instance class : db.m4.xlarge
   - RAM: 16 GB
   - Storage: 100 GiB
- Executing test scenarios:
- Authenticate_Super_Tenant_User
   - OAuth_AuthCode_Redirect_WithConsent
   - OAuth_Password_Grant
   - OIDC_AuthCode_Redirect_WithConsent
   - OIDC_Implicit_Redirect_WithConsent
   - OIDC_Password_Grant
   - OIDC_AuthCode_Request_Path_Authenticator_WithConsent
   - SAML2_SSO_Redirect_Binding
- Concurrency : 20
- TPS: 240 per minute

 No blocking issue reported. +1 for proceed. :)


 *Thanks & Best Regards!*

 *Achini Jayasena*
 *Software Engineer - QA | WSO2*

 Email: achi...@wso2.com
 Mobile: +94 713 882 897

 [image: http://wso2.com/signature] 


 On Wed, Oct 2, 2019 at 10:31 PM Mathuriga Thavarajah <
 mathur...@wso2.com> wrote:

> Hi All,
>
> Security Scanning reports (Static and Dynamic) were analyzed and
> reviewed. Hence +1 from the Platform Security Team for proceeding with
> the release.
>
> Thanks.
>
> Regards,
> Mathuriga.
>
> On Wed, Oct 2, 2019 at 10:08 PM Niluka Sripali 

Re: [Dev] [VOTE] Release WSO2 Identity Server 5.9.0 RC2

[Sathya Bandara]

Hi All,

Tested following flows and working as expected.

IDP Management
- add/update/delete/disable IDPs
- configure multiple certificates per IDP

SSO with SAML
SAML to SAML federation
Export and import SAML metadata
JIT Provisioning

Workflow management
- add/delete/update workflow definitions
- add/delete/disable workflow engagements
- user approval tasks with workflows

Mutual TLS for Oauth client authentication

[+] Stable - go ahead and release

Thanks,
Sathya

On Thu, Oct 3, 2019 at 10:19 AM Hasanthi Purnima Dissanayake <
hasan...@wso2.com> wrote:

> Hi All,
>
> Tested following flows and working as expected.
>
> - Obtained access tokens using the following grant types.
>
>- authorization code grant type
>- password grant type
>- implicit grant type
>- client-credential grant type
>
> - Access token revocation
> - JWKS endpoint
>
> [+] Stable - go ahead and release
>
> Thanks,
> Hasanthi
>
> On Thu, Oct 3, 2019 at 9:44 AM Wijith Bandara  wrote:
>
>> Hi all
>>
>> Verified and validated below listed features are working as expected.
>>
>> QSG
>> - Single-Sign-On with SAML2
>> - Single-Sign-On with OIDC
>> - Multi-Factor Authentication
>> - Google as a Federated Authenticator
>> - Self-Signup
>> - Creating a workflow
>>
>> Multi Options Authentication with local authenticators (basic,
>> X509Certificate)
>> Multi Options Authentication with federated authenticators (SAML2 Web
>> SSO, Google, Yahoo)
>> Multi Options Authentication with federated authenticators (OAuth2/OpenID
>> Connect, Facebook, Twitter)
>> Multi-Factor Authentication with federated authenticators(SAML2 Web SSO,
>> Google, Yahoo, basic)
>>
>> No blocker issue found +1 to proceed
>>
>> Thanks,
>> wijith
>>
>> On Thu, Oct 3, 2019 at 9:16 AM Achini Jayasena  wrote:
>>
>>> Hi All,
>>>
>>> Tested and verified with performance test and long running test. Test
>>> result match with the expectations.
>>>
>>> *Performance test*
>>>
>>> Summary*:  *Performance has been improved comparing to the product
>>> version 5.8
>>>
>>> Deployment
>>>
>>>- OS: Ubuntu
>>>- DB: Mysql
>>>- Heap: 4G/2G
>>>- CPU cores: 4
>>>- Concurrent users: 50, 100, 150, 300, 500
>>>
>>> Scenarios:
>>>
>>>- Authenticate_Super_Tenant_User
>>>- OAuth_AuthCode_Redirect_WithConsent
>>>- OAuth_Client_Credentials_Grant
>>>- OAuth_Implicit_Redirect_WithConsent
>>>- OAuth_Password_Grant
>>>- OIDC_AuthCode_Redirect_WithConsent
>>>- OIDC_AuthCode_Request_Path_Authenticator_WithConsent
>>>- OIDC_Implicit_Redirect_WithConsent
>>>- OIDC_Password_Grant
>>>- SAML2_SSO_Redirect_Binding
>>>- Challenge questions by super tenant users
>>>- Refresh token refresh grant - Renewal false
>>>
>>> *Long running test*
>>>
>>> Summery*: *No issue reported.
>>>
>>> Deployment :
>>>
>>>- IS node
>>>- Instance type: c5.xlarge
>>>   - vCPU:4
>>>   - RAM: 8GB
>>>   - Heap: 2G allocated for IS
>>>
>>>
>>>- RDS as the MySQL DB
>>>- Mysql engine version : 5.7.22
>>>   - vCPU: 4
>>>   - Instance class : db.m4.xlarge
>>>   - RAM: 16 GB
>>>   - Storage: 100 GiB
>>>- Executing test scenarios:
>>>- Authenticate_Super_Tenant_User
>>>   - OAuth_AuthCode_Redirect_WithConsent
>>>   - OAuth_Password_Grant
>>>   - OIDC_AuthCode_Redirect_WithConsent
>>>   - OIDC_Implicit_Redirect_WithConsent
>>>   - OIDC_Password_Grant
>>>   - OIDC_AuthCode_Request_Path_Authenticator_WithConsent
>>>   - SAML2_SSO_Redirect_Binding
>>>- Concurrency : 20
>>>- TPS: 240 per minute
>>>
>>> No blocking issue reported. +1 for proceed. :)
>>>
>>>
>>> *Thanks & Best Regards!*
>>>
>>> *Achini Jayasena*
>>> *Software Engineer - QA | WSO2*
>>>
>>> Email: achi...@wso2.com
>>> Mobile: +94 713 882 897
>>>
>>> [image: http://wso2.com/signature] 
>>>
>>>
>>> On Wed, Oct 2, 2019 at 10:31 PM Mathuriga Thavarajah 
>>> wrote:
>>>
 Hi All,

 Security Scanning reports (Static and Dynamic) were analyzed and
 reviewed. Hence +1 from the Platform Security Team for proceeding with
 the release.

 Thanks.

 Regards,
 Mathuriga.

 On Wed, Oct 2, 2019 at 10:08 PM Niluka Sripali Monnankulama <
 nil...@wso2.com> wrote:

> Hi all,
>
>
> Verified and validated below listed features are working as expected.
>
>
> Test Environment OS- MAC O/S, Windows-Server-2016-standard-64bit
>
>Java version- 1.8.0_171, 11.0.4
>
>   Database - H2, Oracle 12c
>
>   User type, Primary, Secondary, Super user and Tenant user
>
>
>
>- User management with multilayer approval
>- Manage user stores(Create,update,delete,disable)
>- Configuring Claims for a Service Provider
>- Consent Management for Self Sign Up
>- Single Sign-On / Federated authentication for a web application
>with SAML - 

Re: [Dev] [VOTE] Release WSO2 Identity Server 5.9.0 RC2

[Janak Amarasena]

Hi All,

Tested the following flows and works as expected.


   - Obtained access tokens using
  - authorization code grant type
  - authorization code grant type with PKCE
  - password grant type
  - refresh token grant type
  - implicit grant type
  - client-credential grant type


   - Token revocation


   - Revocation using access token
  - Revocation using refresh token


   - Access token introspection
   - Refresh token introspection

DB: MySQL

[+] Stable - go ahead and release

Best Regards,
Janak

On Thu, Oct 3, 2019 at 10:19 AM Hasanthi Purnima Dissanayake <
hasan...@wso2.com> wrote:

> Hi All,
>
> Tested following flows and working as expected.
>
> - Obtained access tokens using the following grant types.
>
>- authorization code grant type
>- password grant type
>- implicit grant type
>- client-credential grant type
>
> - Access token revocation
> - JWKS endpoint
>
> [+] Stable - go ahead and release
>
> Thanks,
> Hasanthi
>
> On Thu, Oct 3, 2019 at 9:44 AM Wijith Bandara  wrote:
>
>> Hi all
>>
>> Verified and validated below listed features are working as expected.
>>
>> QSG
>> - Single-Sign-On with SAML2
>> - Single-Sign-On with OIDC
>> - Multi-Factor Authentication
>> - Google as a Federated Authenticator
>> - Self-Signup
>> - Creating a workflow
>>
>> Multi Options Authentication with local authenticators (basic,
>> X509Certificate)
>> Multi Options Authentication with federated authenticators (SAML2 Web
>> SSO, Google, Yahoo)
>> Multi Options Authentication with federated authenticators (OAuth2/OpenID
>> Connect, Facebook, Twitter)
>> Multi-Factor Authentication with federated authenticators(SAML2 Web SSO,
>> Google, Yahoo, basic)
>>
>> No blocker issue found +1 to proceed
>>
>> Thanks,
>> wijith
>>
>> On Thu, Oct 3, 2019 at 9:16 AM Achini Jayasena  wrote:
>>
>>> Hi All,
>>>
>>> Tested and verified with performance test and long running test. Test
>>> result match with the expectations.
>>>
>>> *Performance test*
>>>
>>> Summary*:  *Performance has been improved comparing to the product
>>> version 5.8
>>>
>>> Deployment
>>>
>>>- OS: Ubuntu
>>>- DB: Mysql
>>>- Heap: 4G/2G
>>>- CPU cores: 4
>>>- Concurrent users: 50, 100, 150, 300, 500
>>>
>>> Scenarios:
>>>
>>>- Authenticate_Super_Tenant_User
>>>- OAuth_AuthCode_Redirect_WithConsent
>>>- OAuth_Client_Credentials_Grant
>>>- OAuth_Implicit_Redirect_WithConsent
>>>- OAuth_Password_Grant
>>>- OIDC_AuthCode_Redirect_WithConsent
>>>- OIDC_AuthCode_Request_Path_Authenticator_WithConsent
>>>- OIDC_Implicit_Redirect_WithConsent
>>>- OIDC_Password_Grant
>>>- SAML2_SSO_Redirect_Binding
>>>- Challenge questions by super tenant users
>>>- Refresh token refresh grant - Renewal false
>>>
>>> *Long running test*
>>>
>>> Summery*: *No issue reported.
>>>
>>> Deployment :
>>>
>>>- IS node
>>>- Instance type: c5.xlarge
>>>   - vCPU:4
>>>   - RAM: 8GB
>>>   - Heap: 2G allocated for IS
>>>
>>>
>>>- RDS as the MySQL DB
>>>- Mysql engine version : 5.7.22
>>>   - vCPU: 4
>>>   - Instance class : db.m4.xlarge
>>>   - RAM: 16 GB
>>>   - Storage: 100 GiB
>>>- Executing test scenarios:
>>>- Authenticate_Super_Tenant_User
>>>   - OAuth_AuthCode_Redirect_WithConsent
>>>   - OAuth_Password_Grant
>>>   - OIDC_AuthCode_Redirect_WithConsent
>>>   - OIDC_Implicit_Redirect_WithConsent
>>>   - OIDC_Password_Grant
>>>   - OIDC_AuthCode_Request_Path_Authenticator_WithConsent
>>>   - SAML2_SSO_Redirect_Binding
>>>- Concurrency : 20
>>>- TPS: 240 per minute
>>>
>>> No blocking issue reported. +1 for proceed. :)
>>>
>>>
>>> *Thanks & Best Regards!*
>>>
>>> *Achini Jayasena*
>>> *Software Engineer - QA | WSO2*
>>>
>>> Email: achi...@wso2.com
>>> Mobile: +94 713 882 897
>>>
>>> [image: http://wso2.com/signature] 
>>>
>>>
>>> On Wed, Oct 2, 2019 at 10:31 PM Mathuriga Thavarajah 
>>> wrote:
>>>
 Hi All,

 Security Scanning reports (Static and Dynamic) were analyzed and
 reviewed. Hence +1 from the Platform Security Team for proceeding with
 the release.

 Thanks.

 Regards,
 Mathuriga.

 On Wed, Oct 2, 2019 at 10:08 PM Niluka Sripali Monnankulama <
 nil...@wso2.com> wrote:

> Hi all,
>
>
> Verified and validated below listed features are working as expected.
>
>
> Test Environment OS- MAC O/S, Windows-Server-2016-standard-64bit
>
>Java version- 1.8.0_171, 11.0.4
>
>   Database - H2, Oracle 12c
>
>   User type, Primary, Secondary, Super user and Tenant user
>
>
>
>- User management with multilayer approval
>- Manage user stores(Create,update,delete,disable)
>- Configuring Claims for a Service Provider
>- Consent Management for Self Sign Up
>- Single Sign-On / 

Re: [Dev] [VOTE] Release WSO2 Identity Server 5.9.0 RC2

[Hasanthi Purnima Dissanayake]

Hi All,

Tested following flows and working as expected.

- Obtained access tokens using the following grant types.

   - authorization code grant type
   - password grant type
   - implicit grant type
   - client-credential grant type

- Access token revocation
- JWKS endpoint

[+] Stable - go ahead and release

Thanks,
Hasanthi

On Thu, Oct 3, 2019 at 9:44 AM Wijith Bandara  wrote:

> Hi all
>
> Verified and validated below listed features are working as expected.
>
> QSG
> - Single-Sign-On with SAML2
> - Single-Sign-On with OIDC
> - Multi-Factor Authentication
> - Google as a Federated Authenticator
> - Self-Signup
> - Creating a workflow
>
> Multi Options Authentication with local authenticators (basic,
> X509Certificate)
> Multi Options Authentication with federated authenticators (SAML2 Web SSO,
> Google, Yahoo)
> Multi Options Authentication with federated authenticators (OAuth2/OpenID
> Connect, Facebook, Twitter)
> Multi-Factor Authentication with federated authenticators(SAML2 Web SSO,
> Google, Yahoo, basic)
>
> No blocker issue found +1 to proceed
>
> Thanks,
> wijith
>
> On Thu, Oct 3, 2019 at 9:16 AM Achini Jayasena  wrote:
>
>> Hi All,
>>
>> Tested and verified with performance test and long running test. Test
>> result match with the expectations.
>>
>> *Performance test*
>>
>> Summary*:  *Performance has been improved comparing to the product
>> version 5.8
>>
>> Deployment
>>
>>- OS: Ubuntu
>>- DB: Mysql
>>- Heap: 4G/2G
>>- CPU cores: 4
>>- Concurrent users: 50, 100, 150, 300, 500
>>
>> Scenarios:
>>
>>- Authenticate_Super_Tenant_User
>>- OAuth_AuthCode_Redirect_WithConsent
>>- OAuth_Client_Credentials_Grant
>>- OAuth_Implicit_Redirect_WithConsent
>>- OAuth_Password_Grant
>>- OIDC_AuthCode_Redirect_WithConsent
>>- OIDC_AuthCode_Request_Path_Authenticator_WithConsent
>>- OIDC_Implicit_Redirect_WithConsent
>>- OIDC_Password_Grant
>>- SAML2_SSO_Redirect_Binding
>>- Challenge questions by super tenant users
>>- Refresh token refresh grant - Renewal false
>>
>> *Long running test*
>>
>> Summery*: *No issue reported.
>>
>> Deployment :
>>
>>- IS node
>>- Instance type: c5.xlarge
>>   - vCPU:4
>>   - RAM: 8GB
>>   - Heap: 2G allocated for IS
>>
>>
>>- RDS as the MySQL DB
>>- Mysql engine version : 5.7.22
>>   - vCPU: 4
>>   - Instance class : db.m4.xlarge
>>   - RAM: 16 GB
>>   - Storage: 100 GiB
>>- Executing test scenarios:
>>- Authenticate_Super_Tenant_User
>>   - OAuth_AuthCode_Redirect_WithConsent
>>   - OAuth_Password_Grant
>>   - OIDC_AuthCode_Redirect_WithConsent
>>   - OIDC_Implicit_Redirect_WithConsent
>>   - OIDC_Password_Grant
>>   - OIDC_AuthCode_Request_Path_Authenticator_WithConsent
>>   - SAML2_SSO_Redirect_Binding
>>- Concurrency : 20
>>- TPS: 240 per minute
>>
>> No blocking issue reported. +1 for proceed. :)
>>
>>
>> *Thanks & Best Regards!*
>>
>> *Achini Jayasena*
>> *Software Engineer - QA | WSO2*
>>
>> Email: achi...@wso2.com
>> Mobile: +94 713 882 897
>>
>> [image: http://wso2.com/signature] 
>>
>>
>> On Wed, Oct 2, 2019 at 10:31 PM Mathuriga Thavarajah 
>> wrote:
>>
>>> Hi All,
>>>
>>> Security Scanning reports (Static and Dynamic) were analyzed and
>>> reviewed. Hence +1 from the Platform Security Team for proceeding with
>>> the release.
>>>
>>> Thanks.
>>>
>>> Regards,
>>> Mathuriga.
>>>
>>> On Wed, Oct 2, 2019 at 10:08 PM Niluka Sripali Monnankulama <
>>> nil...@wso2.com> wrote:
>>>
 Hi all,


 Verified and validated below listed features are working as expected.


 Test Environment OS- MAC O/S, Windows-Server-2016-standard-64bit

Java version- 1.8.0_171, 11.0.4

   Database - H2, Oracle 12c

   User type, Primary, Secondary, Super user and Tenant user



- User management with multilayer approval
- Manage user stores(Create,update,delete,disable)
- Configuring Claims for a Service Provider
- Consent Management for Self Sign Up
- Single Sign-On / Federated authentication for a web application
with SAML - SP-Init, IDP-Init
- SAML2 IdP Initiated Single Logout

 Front channel post binding
 Front channel redirect binding
 Backchannel

- SAML SSO with end-user consent and claim mapping
-  Add a custom claim to OIDC
- Adding Multiple Federated authenticators
- By-parsing the IS authenticator selection page
- Identity Analytics-SSO analyzed via WSO2 IS Analytics.
- QSG- Self signup, workflow management
- JIT provision
- Ask Password
- Add Email template
- Connectors- GITHUB, LinkedIn, Google
- Installing as a Windows Service (Java version- 1.8.0_171)
- REST APIs 

Re: [Dev] [VOTE] Release WSO2 Identity Server 5.9.0 RC2

[Wijith Bandara]

Hi all

Verified and validated below listed features are working as expected.

QSG
- Single-Sign-On with SAML2
- Single-Sign-On with OIDC
- Multi-Factor Authentication
- Google as a Federated Authenticator
- Self-Signup
- Creating a workflow

Multi Options Authentication with local authenticators (basic,
X509Certificate)
Multi Options Authentication with federated authenticators (SAML2 Web SSO,
Google, Yahoo)
Multi Options Authentication with federated authenticators (OAuth2/OpenID
Connect, Facebook, Twitter)
Multi-Factor Authentication with federated authenticators(SAML2 Web SSO,
Google, Yahoo, basic)

No blocker issue found +1 to proceed

Thanks,
wijith

On Thu, Oct 3, 2019 at 9:16 AM Achini Jayasena  wrote:

> Hi All,
>
> Tested and verified with performance test and long running test. Test
> result match with the expectations.
>
> *Performance test*
>
> Summary*:  *Performance has been improved comparing to the product
> version 5.8
>
> Deployment
>
>- OS: Ubuntu
>- DB: Mysql
>- Heap: 4G/2G
>- CPU cores: 4
>- Concurrent users: 50, 100, 150, 300, 500
>
> Scenarios:
>
>- Authenticate_Super_Tenant_User
>- OAuth_AuthCode_Redirect_WithConsent
>- OAuth_Client_Credentials_Grant
>- OAuth_Implicit_Redirect_WithConsent
>- OAuth_Password_Grant
>- OIDC_AuthCode_Redirect_WithConsent
>- OIDC_AuthCode_Request_Path_Authenticator_WithConsent
>- OIDC_Implicit_Redirect_WithConsent
>- OIDC_Password_Grant
>- SAML2_SSO_Redirect_Binding
>- Challenge questions by super tenant users
>- Refresh token refresh grant - Renewal false
>
> *Long running test*
>
> Summery*: *No issue reported.
>
> Deployment :
>
>- IS node
>- Instance type: c5.xlarge
>   - vCPU:4
>   - RAM: 8GB
>   - Heap: 2G allocated for IS
>
>
>- RDS as the MySQL DB
>- Mysql engine version : 5.7.22
>   - vCPU: 4
>   - Instance class : db.m4.xlarge
>   - RAM: 16 GB
>   - Storage: 100 GiB
>- Executing test scenarios:
>- Authenticate_Super_Tenant_User
>   - OAuth_AuthCode_Redirect_WithConsent
>   - OAuth_Password_Grant
>   - OIDC_AuthCode_Redirect_WithConsent
>   - OIDC_Implicit_Redirect_WithConsent
>   - OIDC_Password_Grant
>   - OIDC_AuthCode_Request_Path_Authenticator_WithConsent
>   - SAML2_SSO_Redirect_Binding
>- Concurrency : 20
>- TPS: 240 per minute
>
> No blocking issue reported. +1 for proceed. :)
>
>
> *Thanks & Best Regards!*
>
> *Achini Jayasena*
> *Software Engineer - QA | WSO2*
>
> Email: achi...@wso2.com
> Mobile: +94 713 882 897
>
> [image: http://wso2.com/signature] 
>
>
> On Wed, Oct 2, 2019 at 10:31 PM Mathuriga Thavarajah 
> wrote:
>
>> Hi All,
>>
>> Security Scanning reports (Static and Dynamic) were analyzed and
>> reviewed. Hence +1 from the Platform Security Team for proceeding with
>> the release.
>>
>> Thanks.
>>
>> Regards,
>> Mathuriga.
>>
>> On Wed, Oct 2, 2019 at 10:08 PM Niluka Sripali Monnankulama <
>> nil...@wso2.com> wrote:
>>
>>> Hi all,
>>>
>>>
>>> Verified and validated below listed features are working as expected.
>>>
>>>
>>> Test Environment OS- MAC O/S, Windows-Server-2016-standard-64bit
>>>
>>>Java version- 1.8.0_171, 11.0.4
>>>
>>>   Database - H2, Oracle 12c
>>>
>>>   User type, Primary, Secondary, Super user and Tenant user
>>>
>>>
>>>
>>>- User management with multilayer approval
>>>- Manage user stores(Create,update,delete,disable)
>>>- Configuring Claims for a Service Provider
>>>- Consent Management for Self Sign Up
>>>- Single Sign-On / Federated authentication for a web application
>>>with SAML - SP-Init, IDP-Init
>>>- SAML2 IdP Initiated Single Logout
>>>
>>> Front channel post binding
>>> Front channel redirect binding
>>> Backchannel
>>>
>>>- SAML SSO with end-user consent and claim mapping
>>>-  Add a custom claim to OIDC
>>>- Adding Multiple Federated authenticators
>>>- By-parsing the IS authenticator selection page
>>>- Identity Analytics-SSO analyzed via WSO2 IS Analytics.
>>>- QSG- Self signup, workflow management
>>>- JIT provision
>>>- Ask Password
>>>- Add Email template
>>>- Connectors- GITHUB, LinkedIn, Google
>>>- Installing as a Windows Service (Java version- 1.8.0_171)
>>>- REST APIs for the user portal
>>>
>>>Account Recovery - Update challenge questions answers
>>>
>>>Authorized OAuth Apps - List and revoke
>>>
>>>User session management
>>>
>>>Pending Approvals
>>>
>>>
>>> +1 to proceed.
>>>
>>> On Wed, Oct 2, 2019 at 4:26 PM Buddhima Udaranga 
>>> wrote:
>>>
 Hi,

 We have tested the Configuration Management REST API with the WSO2 IS
 5.9.0-RC2 with the MySQL database. No blocker issues found. +1 to proceed.

 Thanks,
 *Buddhima Udaranga*|Software 

Re: [Dev] [VOTE] Release WSO2 Identity Server 5.9.0 RC2

[Achini Jayasena]

Hi All,

Tested and verified with performance test and long running test. Test
result match with the expectations.

*Performance test*

Summary*:  *Performance has been improved comparing to the product version
5.8

Deployment

   - OS: Ubuntu
   - DB: Mysql
   - Heap: 4G/2G
   - CPU cores: 4
   - Concurrent users: 50, 100, 150, 300, 500

Scenarios:

   - Authenticate_Super_Tenant_User
   - OAuth_AuthCode_Redirect_WithConsent
   - OAuth_Client_Credentials_Grant
   - OAuth_Implicit_Redirect_WithConsent
   - OAuth_Password_Grant
   - OIDC_AuthCode_Redirect_WithConsent
   - OIDC_AuthCode_Request_Path_Authenticator_WithConsent
   - OIDC_Implicit_Redirect_WithConsent
   - OIDC_Password_Grant
   - SAML2_SSO_Redirect_Binding
   - Challenge questions by super tenant users
   - Refresh token refresh grant - Renewal false

*Long running test*

Summery*: *No issue reported.

Deployment :

   - IS node
   - Instance type: c5.xlarge
  - vCPU:4
  - RAM: 8GB
  - Heap: 2G allocated for IS


   - RDS as the MySQL DB
   - Mysql engine version : 5.7.22
  - vCPU: 4
  - Instance class : db.m4.xlarge
  - RAM: 16 GB
  - Storage: 100 GiB
   - Executing test scenarios:
   - Authenticate_Super_Tenant_User
  - OAuth_AuthCode_Redirect_WithConsent
  - OAuth_Password_Grant
  - OIDC_AuthCode_Redirect_WithConsent
  - OIDC_Implicit_Redirect_WithConsent
  - OIDC_Password_Grant
  - OIDC_AuthCode_Request_Path_Authenticator_WithConsent
  - SAML2_SSO_Redirect_Binding
   - Concurrency : 20
   - TPS: 240 per minute

No blocking issue reported. +1 for proceed. :)


*Thanks & Best Regards!*

*Achini Jayasena*
*Software Engineer - QA | WSO2*

Email: achi...@wso2.com
Mobile: +94 713 882 897

[image: http://wso2.com/signature] 


On Wed, Oct 2, 2019 at 10:31 PM Mathuriga Thavarajah 
wrote:

> Hi All,
>
> Security Scanning reports (Static and Dynamic) were analyzed and reviewed.
> Hence +1 from the Platform Security Team for proceeding with the release.
>
> Thanks.
>
> Regards,
> Mathuriga.
>
> On Wed, Oct 2, 2019 at 10:08 PM Niluka Sripali Monnankulama <
> nil...@wso2.com> wrote:
>
>> Hi all,
>>
>>
>> Verified and validated below listed features are working as expected.
>>
>>
>> Test Environment OS- MAC O/S, Windows-Server-2016-standard-64bit
>>
>>Java version- 1.8.0_171, 11.0.4
>>
>>   Database - H2, Oracle 12c
>>
>>   User type, Primary, Secondary, Super user and Tenant user
>>
>>
>>
>>- User management with multilayer approval
>>- Manage user stores(Create,update,delete,disable)
>>- Configuring Claims for a Service Provider
>>- Consent Management for Self Sign Up
>>- Single Sign-On / Federated authentication for a web application
>>with SAML - SP-Init, IDP-Init
>>- SAML2 IdP Initiated Single Logout
>>
>> Front channel post binding
>> Front channel redirect binding
>> Backchannel
>>
>>- SAML SSO with end-user consent and claim mapping
>>-  Add a custom claim to OIDC
>>- Adding Multiple Federated authenticators
>>- By-parsing the IS authenticator selection page
>>- Identity Analytics-SSO analyzed via WSO2 IS Analytics.
>>- QSG- Self signup, workflow management
>>- JIT provision
>>- Ask Password
>>- Add Email template
>>- Connectors- GITHUB, LinkedIn, Google
>>- Installing as a Windows Service (Java version- 1.8.0_171)
>>- REST APIs for the user portal
>>
>>Account Recovery - Update challenge questions answers
>>
>>Authorized OAuth Apps - List and revoke
>>
>>User session management
>>
>>Pending Approvals
>>
>>
>> +1 to proceed.
>>
>> On Wed, Oct 2, 2019 at 4:26 PM Buddhima Udaranga 
>> wrote:
>>
>>> Hi,
>>>
>>> We have tested the Configuration Management REST API with the WSO2 IS
>>> 5.9.0-RC2 with the MySQL database. No blocker issues found. +1 to proceed.
>>>
>>> Thanks,
>>> *Buddhima Udaranga*|Software Engineer| WSO2 Inc. 
>>> (M)+94 714742094 | (E) buddhi...@wso2.com
>>> 
>>>
>>>
>>> On Wed, Oct 2, 2019 at 10:59 AM Piraveena Paralogarajah <
>>> pirave...@wso2.com> wrote:
>>>
 Hi all,


 We are pleased to announce the second release candidate of WSO2
 Identity Server 5.9.0.



 New Features

-

An improved, simpler configuration model
-

RESTful APIs for user self-services
-

Passwordless authentication with WebAuthn
-

Reusable script library for adaptive authentication
-

Cross-protocol single logout capability
-

Inbuilt support to view and revoke user sessions
-

Azure AD/Office365 multi-domain federation support



 Fixes

 This release includes the following issue fixes and 

Re: [Dev] [VOTE] Release WSO2 Identity Server 5.9.0 RC2

[Mathuriga Thavarajah]

Hi All,

Security Scanning reports (Static and Dynamic) were analyzed and reviewed.
Hence +1 from the Platform Security Team for proceeding with the release.

Thanks.

Regards,
Mathuriga.

On Wed, Oct 2, 2019 at 10:08 PM Niluka Sripali Monnankulama 
wrote:

> Hi all,
>
>
> Verified and validated below listed features are working as expected.
>
>
> Test Environment OS- MAC O/S, Windows-Server-2016-standard-64bit
>
>Java version- 1.8.0_171, 11.0.4
>
>   Database - H2, Oracle 12c
>
>   User type, Primary, Secondary, Super user and Tenant user
>
>
>
>- User management with multilayer approval
>- Manage user stores(Create,update,delete,disable)
>- Configuring Claims for a Service Provider
>- Consent Management for Self Sign Up
>- Single Sign-On / Federated authentication for a web application with
>SAML - SP-Init, IDP-Init
>- SAML2 IdP Initiated Single Logout
>
> Front channel post binding
> Front channel redirect binding
> Backchannel
>
>- SAML SSO with end-user consent and claim mapping
>-  Add a custom claim to OIDC
>- Adding Multiple Federated authenticators
>- By-parsing the IS authenticator selection page
>- Identity Analytics-SSO analyzed via WSO2 IS Analytics.
>- QSG- Self signup, workflow management
>- JIT provision
>- Ask Password
>- Add Email template
>- Connectors- GITHUB, LinkedIn, Google
>- Installing as a Windows Service (Java version- 1.8.0_171)
>- REST APIs for the user portal
>
>Account Recovery - Update challenge questions answers
>
>Authorized OAuth Apps - List and revoke
>
>User session management
>
>Pending Approvals
>
>
> +1 to proceed.
>
> On Wed, Oct 2, 2019 at 4:26 PM Buddhima Udaranga 
> wrote:
>
>> Hi,
>>
>> We have tested the Configuration Management REST API with the WSO2 IS
>> 5.9.0-RC2 with the MySQL database. No blocker issues found. +1 to proceed.
>>
>> Thanks,
>> *Buddhima Udaranga*|Software Engineer| WSO2 Inc. 
>> (M)+94 714742094 | (E) buddhi...@wso2.com
>> 
>>
>>
>> On Wed, Oct 2, 2019 at 10:59 AM Piraveena Paralogarajah <
>> pirave...@wso2.com> wrote:
>>
>>> Hi all,
>>>
>>>
>>> We are pleased to announce the second release candidate of WSO2 Identity
>>> Server 5.9.0.
>>>
>>>
>>>
>>> New Features
>>>
>>>-
>>>
>>>An improved, simpler configuration model
>>>-
>>>
>>>RESTful APIs for user self-services
>>>-
>>>
>>>Passwordless authentication with WebAuthn
>>>-
>>>
>>>Reusable script library for adaptive authentication
>>>-
>>>
>>>Cross-protocol single logout capability
>>>-
>>>
>>>Inbuilt support to view and revoke user sessions
>>>-
>>>
>>>Azure AD/Office365 multi-domain federation support
>>>
>>>
>>>
>>> Fixes
>>>
>>> This release includes the following issue fixes and improvements:
>>>
>>>-
>>>
>>>5.9.0-m1 
>>>-
>>>
>>>5.9.0-m2 
>>>-
>>>
>>>5.9.0-m3 
>>>-
>>>
>>>5.9.0-m4 
>>>-
>>>
>>>5.9.0-m5 
>>>-
>>>
>>>5.9.0-m6 
>>>-
>>>
>>>5.9.0-alpha
>>>
>>>-
>>>
>>>5.9.0-beta 
>>>
>>>-
>>>
>>>5.9.0-GA 
>>>
>>>
>>>
>>> Source and Distribution
>>>
>>> The source and distribution
>>> 
>>> are available at
>>> https://github.com/wso2/product-is/releases/tag/v5.9.0-rc2
>>>
>>>
>>> Please download the product, test it, and vote using the following
>>> convention.
>>>
>>> [+] Stable - go ahead and release
>>>
>>> [-] Broken - do not release (explain why)
>>>
>>> Thanks,
>>>
>>> WSO2 Identity and Access Management Team
>>>
>>> *Piraveena Paralogarajah*
>>> Software Engineer | WSO2 Inc.
>>> *(m)* +94776099594 | *(e)* pirave...@wso2.com
>>>
>>> ___
>> Dev mailing list
>> Dev@wso2.org
>> http://wso2.org/cgi-bin/mailman/listinfo/dev
>>
>
>
> --
> Niluka Sripali Monnankulama
> Software Engineer - WSO2 Sri Lanka
>
> Mobile : +94 76 76 52843
>
> ___
> Dev mailing list
> Dev@wso2.org
> http://wso2.org/cgi-bin/mailman/listinfo/dev
>


-- 

*Mathuriga Thavarajah*
Software Engineer
WSO2 Inc. - http ://wso2.com

Email : mathur...@wso2.com
Mobile  : +94778191300



*[image: http://wso2.com/signature] 

Re: [Dev] [VOTE] Release WSO2 Identity Server 5.9.0 RC2

[Niluka Sripali Monnankulama]

Hi all,


Verified and validated below listed features are working as expected.


Test Environment OS- MAC O/S, Windows-Server-2016-standard-64bit

   Java version- 1.8.0_171, 11.0.4

  Database - H2, Oracle 12c

  User type, Primary, Secondary, Super user and Tenant user



   - User management with multilayer approval
   - Manage user stores(Create,update,delete,disable)
   - Configuring Claims for a Service Provider
   - Consent Management for Self Sign Up
   - Single Sign-On / Federated authentication for a web application with
   SAML - SP-Init, IDP-Init
   - SAML2 IdP Initiated Single Logout

Front channel post binding
Front channel redirect binding
Backchannel

   - SAML SSO with end-user consent and claim mapping
   -  Add a custom claim to OIDC
   - Adding Multiple Federated authenticators
   - By-parsing the IS authenticator selection page
   - Identity Analytics-SSO analyzed via WSO2 IS Analytics.
   - QSG- Self signup, workflow management
   - JIT provision
   - Ask Password
   - Add Email template
   - Connectors- GITHUB, LinkedIn, Google
   - Installing as a Windows Service (Java version- 1.8.0_171)
   - REST APIs for the user portal

   Account Recovery - Update challenge questions answers

   Authorized OAuth Apps - List and revoke

   User session management

   Pending Approvals


+1 to proceed.

On Wed, Oct 2, 2019 at 4:26 PM Buddhima Udaranga  wrote:

> Hi,
>
> We have tested the Configuration Management REST API with the WSO2 IS
> 5.9.0-RC2 with the MySQL database. No blocker issues found. +1 to proceed.
>
> Thanks,
> *Buddhima Udaranga*|Software Engineer| WSO2 Inc. 
> (M)+94 714742094 | (E) buddhi...@wso2.com
> 
>
>
> On Wed, Oct 2, 2019 at 10:59 AM Piraveena Paralogarajah <
> pirave...@wso2.com> wrote:
>
>> Hi all,
>>
>>
>> We are pleased to announce the second release candidate of WSO2 Identity
>> Server 5.9.0.
>>
>>
>>
>> New Features
>>
>>-
>>
>>An improved, simpler configuration model
>>-
>>
>>RESTful APIs for user self-services
>>-
>>
>>Passwordless authentication with WebAuthn
>>-
>>
>>Reusable script library for adaptive authentication
>>-
>>
>>Cross-protocol single logout capability
>>-
>>
>>Inbuilt support to view and revoke user sessions
>>-
>>
>>Azure AD/Office365 multi-domain federation support
>>
>>
>>
>> Fixes
>>
>> This release includes the following issue fixes and improvements:
>>
>>-
>>
>>5.9.0-m1 
>>-
>>
>>5.9.0-m2 
>>-
>>
>>5.9.0-m3 
>>-
>>
>>5.9.0-m4 
>>-
>>
>>5.9.0-m5 
>>-
>>
>>5.9.0-m6 
>>-
>>
>>5.9.0-alpha 
>>
>>-
>>
>>5.9.0-beta 
>>-
>>
>>5.9.0-GA 
>>
>>
>>
>> Source and Distribution
>>
>> The source and distribution
>> 
>> are available at
>> https://github.com/wso2/product-is/releases/tag/v5.9.0-rc2
>>
>>
>> Please download the product, test it, and vote using the following
>> convention.
>>
>> [+] Stable - go ahead and release
>>
>> [-] Broken - do not release (explain why)
>>
>> Thanks,
>>
>> WSO2 Identity and Access Management Team
>>
>> *Piraveena Paralogarajah*
>> Software Engineer | WSO2 Inc.
>> *(m)* +94776099594 | *(e)* pirave...@wso2.com
>>
>> ___
> Dev mailing list
> Dev@wso2.org
> http://wso2.org/cgi-bin/mailman/listinfo/dev
>


-- 
Niluka Sripali Monnankulama
Software Engineer - WSO2 Sri Lanka

Mobile : +94 76 76 52843
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] [VOTE] Release WSO2 Identity Server 5.9.0 RC2

[Buddhima Udaranga]

Hi,

We have tested the Configuration Management REST API with the WSO2 IS
5.9.0-RC2 with the MySQL database. No blocker issues found. +1 to proceed.

Thanks,
*Buddhima Udaranga*|Software Engineer| WSO2 Inc. 
(M)+94 714742094 | (E) buddhi...@wso2.com



On Wed, Oct 2, 2019 at 10:59 AM Piraveena Paralogarajah 
wrote:

> Hi all,
>
>
> We are pleased to announce the second release candidate of WSO2 Identity
> Server 5.9.0.
>
>
>
> New Features
>
>-
>
>An improved, simpler configuration model
>-
>
>RESTful APIs for user self-services
>-
>
>Passwordless authentication with WebAuthn
>-
>
>Reusable script library for adaptive authentication
>-
>
>Cross-protocol single logout capability
>-
>
>Inbuilt support to view and revoke user sessions
>-
>
>Azure AD/Office365 multi-domain federation support
>
>
>
> Fixes
>
> This release includes the following issue fixes and improvements:
>
>-
>
>5.9.0-m1 
>-
>
>5.9.0-m2 
>-
>
>5.9.0-m3 
>-
>
>5.9.0-m4 
>-
>
>5.9.0-m5 
>-
>
>5.9.0-m6 
>-
>
>5.9.0-alpha 
>-
>
>5.9.0-beta 
>-
>
>5.9.0-GA 
>
>
>
> Source and Distribution
>
> The source and distribution
> 
> are available at
> https://github.com/wso2/product-is/releases/tag/v5.9.0-rc2
>
>
> Please download the product, test it, and vote using the following
> convention.
>
> [+] Stable - go ahead and release
>
> [-] Broken - do not release (explain why)
>
> Thanks,
>
> WSO2 Identity and Access Management Team
>
> *Piraveena Paralogarajah*
> Software Engineer | WSO2 Inc.
> *(m)* +94776099594 | *(e)* pirave...@wso2.com
>
>
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev