[Dev] WSO2 Identity Server 5.9.0 M2 Released!
WSO2 Identity and Access Management team is pleased to announce the release of Identity Server 5.9.0 M2! Download You can download WSO2 Identity Server 5.9.0 M2 from here <https://github.com/wso2/product-is/releases/download/v5.9.0-m2/wso2is-5.9.0-m2.zip> . You can download WSO2 Identity Server Analytics 5.9.0 M2 from here <https://github.com/wso2/analytics-is/releases/download/v5.9.0-m2/wso2is-analytics-5.9.0-m2.zip> . How to run 1. Extract the downloaded zip file. 2. Go to the bin directory in the extracted folder. 3. Run the wso2server.sh file if you are on a Linux/Mac OS or run the wso2server.bat file if you are on a Windows OS. 4. Optionally, if you need to start the OSGi console with the server, use the -DosgiConsole property when starting the server. What's new in WSO2 Identity Server 5.9.0 M2 A list of all the new features and bug fixes shipped with this release can be found here <https://github.com/wso2/product-is/milestone/86?closed=1> Known Issues All the open issues pertaining to WSO2 Identity Server are reported at the following location: - IS Runtime <https://github.com/wso2/product-is/issues> - IS Analytics <https://github.com/wso2/analytics-is/issues> Contribute to WSO2 Identity ServerMailing Lists Join our mailing lists and correspond with the developers directly. We also encourage you to take part in discussions related to the product in the architecture mailing list. If you have any questions regarding the product you can use our StackOverflow forum to raise them as well. - Developer List: dev@wso2.org - Architecture List: architect...@wso2.org - User Forum: StackOverflow <http://stackoverflow.com/questions/tagged/wso2is> Reporting Issues We encourage you to report issues, improvements, and feature requests regarding WSO2 Identity Server through our public WSO2 Identity Server GIT Issues <https://github.com/wso2/product-is/issues>. For more information about WSO2 Identity Server, please see https://wso2 .com/identity-and-access-management or visit the WSO2 Oxygen Tank <http://wso2.com/library/> developer portal for additional resources. ~ The WSO2 Identity and Access Management Team ~ -- *Janak Amarasena* | Software Engineer | WSO2 Inc. (m) +9464144 | (w) +94112145345 | (e) ja...@wso2.com <https://wso2.com/signature> ___ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev
[Dev] WSO2 Identity Server 5.9.0 M4 Released!
WSO2 Identity and Access Management team is pleased to announce the release of Identity Server 5.9.0 M4! Download You can download WSO2 Identity Server 5.9.0 M4 from here <https://github.com/wso2/product-is/releases/download/v5.9.0-m4/wso2is-5.9.0-m4.zip> . You can download WSO2 Identity Server Analytics 5.9.0 M4 from here <https://github.com/wso2/analytics-is/releases/download/v5.9.0-m4/wso2is-analytics-5.9.0-m4.zip> . How to run 1. Extract the downloaded zip file. 2. Go to the bin directory in the extracted folder. 3. Run the wso2server.sh file if you are on a Linux/Mac OS or run the wso2server.bat file if you are on a Windows OS. 4. Optionally, if you need to start the OSGi console with the server, use the -DosgiConsole property when starting the server. What's new in WSO2 Identity Server 5.9.0 M4 A list of all the new features and bug fixes shipped with this release can be found here <https://github.com/wso2/product-is/milestone/88?closed=1> Known Issues All the open issues pertaining to WSO2 Identity Server are reported at the following location: - IS Runtime <https://github.com/wso2/product-is/issues> - IS Analytics <https://github.com/wso2/analytics-is/issues> Contribute to WSO2 Identity ServerMailing Lists Join our mailing lists and correspond with the developers directly. We also encourage you to take part in discussions related to the product in the architecture mailing list. If you have any questions regarding the product you can use our StackOverflow forum to raise them as well. - Developer List: dev@wso2.org - Architecture List: architect...@wso2.org - User Forum: StackOverflow <http://stackoverflow.com/questions/tagged/wso2is> Reporting Issues We encourage you to report issues, improvements, and feature requests regarding WSO2 Identity Server through our public WSO2 Identity Server GIT Issues <https://github.com/wso2/product-is/issues>. For more information about WSO2 Identity Server, please see https://wso2 .com/identity-and-access-management or visit the WSO2 Oxygen Tank <http://wso2.com/library/> developer portal for additional resources. ~ The WSO2 Identity and Access Management Team ~ -- *Janak Amarasena* | Software Engineer | WSO2 Inc. (m) +9464144 | (w) +94112145345 | (e) ja...@wso2.com <https://wso2.com/signature> ___ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev
Re: [Dev] WSO2 Identity server,multiple token requests issue
Hi Prayag, Are you using jwt access tokens? Best Regards, Janak On Wed, Jul 31, 2019 at 6:28 PM prayag pavithran < prayagpavith...@hotmail.com> wrote: > Hi All, > > We've integrated WSO2 Identity Server 5.7.0 with an Angular application > using OIDC client JS. > > When ever multiple requests for token are sent from the same client , > identity server is returning every time a new token and setting previous > token state as "EXPIRED" in idn_oauth2_access_token_audit table. > > Can you please let me know how to configure WSO2 IS to return the same > access token if already exists and not expired , if multiple requests for > token are sent from the same client. > > > Thanks & Regards, > Prayag Pavithran > ___ > Dev mailing list > Dev@wso2.org > http://wso2.org/cgi-bin/mailman/listinfo/dev > -- *Janak Amarasena* | Software Engineer | WSO2 Inc. (m) +9464144 | (w) +94112145345 | (e) ja...@wso2.com <https://wso2.com/signature> ___ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev
[Dev] [IS] Local dialect in Claim Management REST API
Hi all,
When listing all the claim dialects using the Claim Management REST API the
local claim dialect is also listed.
[
{
"id": "aHR0cDovL3dzbzIub3JnL2NsYWltcw",
"dialectURI": "http://wso2.org/claims";,
"link": {
"href": "
https://localhost:9443/t/carbon.super/api/server/v1/claim-dialects/aHR0cDovL3dzbzIub3JnL2NsYWltcw/claims
",
"rel": "claims"
}
},
{
"id":
"aHR0cDovL3NjaGVtYXMueG1sc29hcC5vcmcvd3MvMjAwNS8wNS9pZGVudGl0eQ",
"dialectURI": "http://schemas.xmlsoap.org/ws/2005/05/identity";,
"link": {
"href": "
https://localhost:9443/t/carbon.super/api/server/v1/claim-dialects/aHR0cDovL3NjaGVtYXMueG1sc29hcC5vcmcvd3MvMjAwNS8wNS9pZGVudGl0eQ/claims
",
"rel": "claims"
}
},
...
Using the provided link in *href *it is possible to retrieve the set of
claims for each dialect except for the *href *for the local claim dialect.
A separate endpoint is defined in the swagger[1] for getting claims from
the local dialect as the schema returned is significantly different than
when calling using another claim dialect.
Response when using the local claim dialect when getting claims;
[
{
"id": "aHR0cDovL3dzbzIub3JnL2NsYWltcy9sb2NhbA",
"claimURI": "http://wso2.org/claims/local";,
"dialectURI": "http://wso2.org/claims";,
"description": "Local",
"displayOrder": 0,
"displayName": "Local",
"readOnly": false,
"regEx": null,
"required": false,
"supportedByDefault": false,
"attributeMapping": [
{
"mappedAttribute": "local",
"userstore": "PRIMARY"
}
],
"properties": []
},
...
Response when using any other dialect when getting claims;
[
{
"id":
"dXJuOnNjaW06c2NoZW1hczpjb3JlOjEuMDphZGRyZXNzZXMuZm9ybWF0dGVk",
"claimURI": "urn:scim:schemas:core:1.0:addresses.formatted",
"claimDialectURI": "urn:scim:schemas:core:1.0",
"mappedLocalClaimURI": "http://wso2.org/claims/addresses.formatted";
},
...
Currently, if the *href* shown for the local claim dialect is used to
retrieve the local claims a bad request response is thrown as retrieving
local claims has a separate endpoint defined.
There are three possible approaches;
1. Remove the local claim dialect from listing - There can be drawbacks
when implementing UIs as the local claim dialect will have to be separately
listed.
2. Change the *id* and the *href *to match the endpoint defined in the
swagger - The schema returned for the local cliam dialect will still be
significantly different from other dialects but a developer will see a
difference in the *href* and the *id. *The *id* = "local" *href *= "
https://localhost:9443/t/carbon.super/api/server/v1/claim-dialects/local/claims
".
3. Internally wire the endpoint to be directed to the endpoint defined
in the swagger to get local claims - At development time the developer will
not see a difference and might use the endpoint incorrectly.
[1] - https://app.swaggerhub.com/apis/janakamarasena/IS-ADMIN-CLAIMS/1.0.0
Your thoughts are much appreciated in this regards,
Thank you,
Janak
--
*Janak Amarasena* | Software Engineer | WSO2 Inc.
(m) +9464144 | (w) +94112145345 | (e) ja...@wso2.com
<https://wso2.com/signature>
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev
Re: [Dev] WSO2 Identity server,multiple token requests issue
Hi Prayag, By design when using self-contained(jwt) access tokens WSO2 IS issues a new access token[1]. The reason for this is the IS does not store self-contained access tokens. If you are using the self-contained access tokens to retrieve any claims you can use the default token issuer(get an opaque string access token) and achieve this using the id_token. However, if you want to use jwt access tokens you can still achieve this by writing a custom OAuth Token Generator[2] by referring to the JWTTokenIssuer class[3]. [1] - https://github.com/wso2-extensions/identity-inbound-auth-oauth/blob/v6.0.53/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/token/JWTTokenIssuer.java#L152 [2] - https://docs.wso2.com/display/IS570/Extension+Points+for+OAuth#ExtensionPointsforOAuth-OAuthTokenGenerator [3] - https://github.com/wso2-extensions/identity-inbound-auth-oauth/blob/v6.0.53/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/token/JWTTokenIssuer.java Best Regards, Janak On Mon, Aug 5, 2019 at 11:27 AM prayag pavithran < prayagpavith...@hotmail.com> wrote: > Thanks Piraveena for the suggestion, RenewTokenPerRequest functionality > is not enabled and also access token expiry time is set to 3600 seconds. > > > Thanks & Regards, > Prayag Pavithran > -- > *From:* Piraveena Paralogarajah > *Sent:* Friday, August 2, 2019 7:43 PM > *To:* prayag pavithran > *Cc:* dev@wso2.org; Janak Amarasena > *Subject:* Re: [Dev] WSO2 Identity server,multiple token requests issue > > Hi Prayag, > > We have a feature called Issuing New Tokens Per Request IS 5.7.0 > (WumUpdate ) onwards. In this feature, the access token and the refresh > token will be renewed per each token request. For that, you have to enable > the configuration . Please check whether it is > enabled or not. You can use this documentation > <https://docs.wso2.com/display/IS570/Issuing+New+Tokens+Per+Request>. But > if this feature is enabled, then in idn_oauth2_access_token_audit table, > the state will be set as "REVOKED". > > If this is not enabled, you can check the expiration time of access > tokens. Sometimes, you may have configured a small value as the expiration > time. You can check the expiration time in the management console under > Main>Service Providers>Inbound Authentication Configuration> OAuth2/OpenID > Connect Configuration. > > Thanks, > Piraveena > > *Piraveena Paralogarajah* > Software Engineer | WSO2 Inc. > *(m)* +94776099594 | *(e)* pirave...@wso2.com > > > > On Fri, Aug 2, 2019 at 10:24 AM Janak Amarasena wrote: > > Hi Prayag, > > Are you using jwt access tokens? > > Best Regards, > Janak > > On Wed, Jul 31, 2019 at 6:28 PM prayag pavithran < > prayagpavith...@hotmail.com> wrote: > > Hi All, > > We've integrated WSO2 Identity Server 5.7.0 with an Angular application > using OIDC client JS. > > When ever multiple requests for token are sent from the same client , > identity server is returning every time a new token and setting previous > token state as "EXPIRED" in idn_oauth2_access_token_audit table. > > Can you please let me know how to configure WSO2 IS to return the same > access token if already exists and not expired , if multiple requests for > token are sent from the same client. > > > Thanks & Regards, > Prayag Pavithran > ___ > Dev mailing list > Dev@wso2.org > http://wso2.org/cgi-bin/mailman/listinfo/dev > > > > -- > *Janak Amarasena* | Software Engineer | WSO2 Inc. > (m) +9464144 | (w) +94112145345 | (e) ja...@wso2.com > > > <https://wso2.com/signature> > ___ > Dev mailing list > Dev@wso2.org > http://wso2.org/cgi-bin/mailman/listinfo/dev > > -- *Janak Amarasena* | Software Engineer | WSO2 Inc. (m) +9464144 | (w) +94112145345 | (e) ja...@wso2.com <https://wso2.com/signature> ___ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev
[Dev] [IAM] Input validation for REST APIs
Hi all,
For new REST APIs written for product IS that is being dispatched from
identity-rest-dispatcher[1] it is now possible to do input validations[2]
such as; request body property null check, input validation against regx
patterns, etc. You can define the required validations in the DTOs,
methods, etc and add the @Valid annotation to mark that validation is
required[3].
Any input validation errors will be caught by the
InputValidationExceptionMapper[4]. The error response will be as follows;
Status code 400
{
"code": "UE-1",
"message": "Invalid Request",
"description": "",
"traceId": ""
}
Example
{
"code": "UE-1",
"message": "Invalid Request",
"description": "Property displayName cannot be null. Property
description does not conform to ^([a-z]{7})$ pattern.",
"traceId": "d9bb6c40-980b-4a47-a6e9-2849ecb0acf6"
}
The error descriptoin is taken from the message property of the validation
annotation.
Ex: @NotNull(message = "Property displayName cannot be null.")
If you are using the [5] for swagger code generation then you can mark the
required fields in the swagger and also the relevant regx patterns[6] and
the gen tool will add the relevant annotations to the code for validation.
Currently, the gen tool supports adding @NotNull for required fields
and @Pattern for regex patterns defined in the swagger.
For @NotNull the message will be generated in the following format; "
Property cannot be null."
For @Pattern the message will be generated in the following format; "
Property does not conform to pattern."
[1] - https://github.com/wso2/identity-rest-dispatcher
[2] - https://github.com/wso2/identity-rest-dispatcher/pull/39
[3] -
http://cxf.apache.org/docs/validationfeature.html#ValidationFeature-CommonBeanValidation1.1Interceptors
[4] -
https://github.com/wso2/identity-rest-dispatcher/blob/master/components/org.wso2.carbon.identity.api.dispatcher/src/main/java/org/wso2/carbon/identity/api/dispatcher/InputValidationExceptionMapper.java
[5] - https://github.com/IsuraD/swagger2cxf-maven-plugin/tree/swagger_to_jar
[6] - https://swagger.io/docs/specification/data-models/data-types/#pattern
Best Regards,
--
*Janak Amarasena* | Software Engineer | WSO2 Inc.
(m) +9464144 | (w) +94112145345 | (e) ja...@wso2.com
<https://wso2.com/signature>
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev
[Dev] [IS][Templating] Default values TOTP Authenticator Config
Hi All, All the current values for the TOTP Authenticator in application-authentication.xml[1] has been added to the default.json[2] file except for the below two; WSO2 true These two have to be added through the deployment.toml. Do we need to add them as default values as well? [1] - https://github.com/wso2/carbon-identity-framework/blob/master/features/authentication-framework/org.wso2.carbon.identity.application.authentication.framework.server.feature/resources/application-authentication.xml#L180-L194 [2] - https://github.com/wso2/carbon-identity-framework/blob/master/features/authentication-framework/org.wso2.carbon.identity.application.authentication.framework.server.feature/resources/org.wso2.carbon.identity.application.authentication.framework.server.feature.default.json#L154-L167 Thank you, Best Regards, Janak -- *Janak Amarasena* | Software Engineer | WSO2 Inc. (m) +9464144 | (w) +94112145345 | (e) ja...@wso2.com <https://wso2.com/signature> ___ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev
Re: [Dev] [IS][Templating] Default values TOTP Authenticator Config
+ @Sherene Mahanama On Thu, Sep 19, 2019 at 10:14 AM Pulasthi Mahawithana wrote: > Hi Janak, > > Both these won't be required at the deployment.toml by default. The Issuer > can be defaulted to hostname of the server, and the UseCommonIssuer could > be set to true by default. In the documentation, we can mention when/how to > change these values. > > On Mon, Sep 16, 2019 at 11:14 PM Janak Amarasena wrote: > >> Hi All, >> >> All the current values for the TOTP Authenticator >> in application-authentication.xml[1] has been added to the default.json[2] >> file except for the below two; >> >> WSO2 >> true >> >> These two have to be added through the deployment.toml. Do we need to add >> them as default values as well? >> >> [1] - >> https://github.com/wso2/carbon-identity-framework/blob/master/features/authentication-framework/org.wso2.carbon.identity.application.authentication.framework.server.feature/resources/application-authentication.xml#L180-L194 >> [2] - >> https://github.com/wso2/carbon-identity-framework/blob/master/features/authentication-framework/org.wso2.carbon.identity.application.authentication.framework.server.feature/resources/org.wso2.carbon.identity.application.authentication.framework.server.feature.default.json#L154-L167 >> >> Thank you, >> Best Regards, >> >> Janak >> -- >> *Janak Amarasena* | Software Engineer | WSO2 Inc. >> (m) +9464144 | (w) +94112145345 | (e) ja...@wso2.com >> >> >> <https://wso2.com/signature> >> > > > -- > *Pulasthi Mahawithana* | Associate Technical Lead | WSO2 Inc. > (m) +94-71-5179022 | (w) +94-11-2145345 | (e) pulast...@wso2.com > > Blog: https://medium.com/@pulasthi7/ > > <https://wso2.com/signature> > -- *Janak Amarasena* | Software Engineer | WSO2 Inc. (m) +9464144 | (w) +94112145345 | (e) ja...@wso2.com <https://wso2.com/signature> ___ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev
[Dev] [IS] Removing IDN_ARTIFACT_STORE table from SQL scripts
Hi All, The IDN_ARTIFACT_STORE is a new table and was used to store the user store configurations in the database. Since the feature for storing user store configurations in the database will not be sent in IS590 we have decided to remove the IDN_ARTIFACT_STORE table creation from the SQL scripts. The scripts[1] will be available in the "feature-idn-artifact-store" branch of the carbon-identity-framework repo. [1] - https://github.com/wso2/carbon-identity-framework/tree/feature-idn-artifact-store/features/identity-core/org.wso2.carbon.identity.core.server.feature/resources/dbscripts Best Regards, Janak -- *Janak Amarasena* | Software Engineer | WSO2 Inc. (m) +9464144 | (w) +94112145345 | (e) ja...@wso2.com <https://wso2.com/signature> ___ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev
Re: [Dev] [VOTE] Release WSO2 Identity Server 5.9.0 RC2
;>>>Cross-protocol single logout capability >>>>>>>- >>>>>>> >>>>>>>Inbuilt support to view and revoke user sessions >>>>>>>- >>>>>>> >>>>>>>Azure AD/Office365 multi-domain federation support >>>>>>> >>>>>>> >>>>>>> >>>>>>> Fixes >>>>>>> >>>>>>> This release includes the following issue fixes and improvements: >>>>>>> >>>>>>>- >>>>>>> >>>>>>>5.9.0-m1 >>>>>>><https://github.com/wso2/product-is/milestone/85?closed=1> >>>>>>>- >>>>>>> >>>>>>>5.9.0-m2 >>>>>>><https://github.com/wso2/product-is/milestone/86?closed=1> >>>>>>>- >>>>>>> >>>>>>>5.9.0-m3 >>>>>>><https://github.com/wso2/product-is/milestone/87?closed=1> >>>>>>>- >>>>>>> >>>>>>>5.9.0-m4 >>>>>>><https://github.com/wso2/product-is/milestone/88?closed=1> >>>>>>>- >>>>>>> >>>>>>>5.9.0-m5 >>>>>>><https://github.com/wso2/product-is/milestone/90?closed=1> >>>>>>>- >>>>>>> >>>>>>>5.9.0-m6 >>>>>>><https://github.com/wso2/product-is/milestone/91?closed=1> >>>>>>>- >>>>>>> >>>>>>>5.9.0-alpha >>>>>>><https://github.com/wso2/product-is/milestone/89?closed=1> >>>>>>>- >>>>>>> >>>>>>>5.9.0-beta >>>>>>><https://github.com/wso2/product-is/milestone/93?closed=1> >>>>>>>- >>>>>>> >>>>>>>5.9.0-GA >>>>>>><https://github.com/wso2/product-is/milestone/83?closed=1> >>>>>>> >>>>>>> >>>>>>> >>>>>>> Source and Distribution >>>>>>> >>>>>>> The source and distribution >>>>>>> <https://github.com/wso2/product-is/releases/download/v5.9.0-rc2/wso2is-5.9.0-rc2.zip> >>>>>>> are available at >>>>>>> https://github.com/wso2/product-is/releases/tag/v5.9.0-rc2 >>>>>>> >>>>>>> >>>>>>> Please download the product, test it, and vote using the following >>>>>>> convention. >>>>>>> >>>>>>> [+] Stable - go ahead and release >>>>>>> >>>>>>> [-] Broken - do not release (explain why) >>>>>>> >>>>>>> Thanks, >>>>>>> >>>>>>> WSO2 Identity and Access Management Team >>>>>>> >>>>>>> *Piraveena Paralogarajah* >>>>>>> Software Engineer | WSO2 Inc. >>>>>>> *(m)* +94776099594 | *(e)* pirave...@wso2.com >>>>>>> >>>>>>> ___ >>>>>> Dev mailing list >>>>>> Dev@wso2.org >>>>>> http://wso2.org/cgi-bin/mailman/listinfo/dev >>>>>> >>>>> >>>>> >>>>> -- >>>>> Niluka Sripali Monnankulama >>>>> Software Engineer - WSO2 Sri Lanka >>>>> >>>>> Mobile : +94 76 76 52843 >>>>> >>>>> ___ >>>>> Dev mailing list >>>>> Dev@wso2.org >>>>> http://wso2.org/cgi-bin/mailman/listinfo/dev >>>>> >>>> >>>> >>>> -- >>>> >>>> *Mathuriga Thavarajah* >>>> Software Engineer >>>> WSO2 Inc. - http ://wso2.com >>>> >>>> Email : mathur...@wso2.com >>>> Mobile : +94778191300 >>>> >>>> >>>> >>>> *[image: http://wso2.com/signature] <http://wso2.com/signature>* >>>> ___ >>>> Dev mailing list >>>> Dev@wso2.org >>>> http://wso2.org/cgi-bin/mailman/listinfo/dev >>>> >>> >> >> -- >> Wijith Bandara >> Software Engineer | WSO2 >> >> Email : wij...@wso2.com >> Mobile : +94718970370 >> Web : http://wso2.com >> >> <http://wso2.com/signature> >> ___ >> Dev mailing list >> Dev@wso2.org >> http://wso2.org/cgi-bin/mailman/listinfo/dev >> > > > -- > > Hasanthi Dissanayake | Associate Technical Lead | WSO2 Inc. > (m) +94718407133 | (w) +94112145345 | Email: hasan...@wso2.com | Blog: > https://medium.com/@hasanthipurnimadissanayake > > ___ > Dev mailing list > Dev@wso2.org > http://wso2.org/cgi-bin/mailman/listinfo/dev > -- *Janak Amarasena* | Software Engineer | WSO2 Inc. (m) +9464144 | (w) +94112145345 | (e) ja...@wso2.com <https://wso2.com/signature> ___ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev
[Dev] WSO2 Identity Server 5.9.0 Released!
lt;https://github.com/wso2/product-is/issues>. How You Can ContributeMailing Lists Join our mailing list and correspond with the developers directly. We also encourage you to take part in discussions related to the product in the architecture mailing list. If you have any questions regarding the product, you can use our StackOverflow forum to raise them as well. - Developer list: dev@wso2.org | Subscribe | Mail Archive <http://mail.wso2.org/mailarchive/dev/> - Architecture list: architect...@wso2.org | Subscribe | Mail Archive <https://mail.wso2.org/mailarchive/architecture/> - User forum: StackOverflow <http://stackoverflow.com/questions/tagged/wso2is> Reporting Issues We encourage you to report issues, documentation faults, and feature requests regarding WSO2 Identity Server or in the Carbon base framework through the public WSO2 Identity Server Git Issues <https://github.com/wso2/product-is/issues>. Important: Please be advised that security issues must be reported to secur...@wso2.com, not as GitHub issues, in order to reach the proper audience. We strongly advise you to follow the WSO2 Security Vulnerability Reporting Guidelines <https://docs.wso2.com/display/Security/WSO2+Security+Vulnerability+Reporting+Guidelines> when reporting the security issues. Support We are committed to ensuring your enterprise middleware deployment is completely supported from evaluation to production through a WSO2 Subscription. Our unique approach ensures that all support leverages our open development methodology and is provided by the very same engineers who build the technology. For more details and to take advantage of this unique opportunity, visit https://wso2.com/subscription For more information about WSO2 Identity Server, please see our website <https://wso2.com/identity-and-access-management> and visit the library <https://wso2.com/library/identity-and-access-management> for additional resources. Thank you for your interest in WSO2 Identity Server. - The WSO2 Identity and Access Management Team - -- *Janak Amarasena* | Software Engineer | WSO2 Inc. (m) +9464144 | (w) +94112145345 | (e) ja...@wso2.com <https://wso2.com/signature> ___ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev
Re: [Dev] [Architecture] Binding access token to the browser for new IAM Portal Applications
Hi All, Currently, there is an OAuth2 Spec[1] under development with the key intention of sender-constraining OAuth 2.0 tokens via a proof-of-possession mechanism. Few takeaways from that which we could also use. We could introduce a new *token_type*[2] (like token_type=bound+cookie) for the cookie bound access token instead of the current bearer token as these tokens should be processed in a different way than the normal bearer tokens. Also if the service provider supports multiple token types we can let the application request a token type it wants by indicating it in some parameter when the application initiates a token requesting flow. [1] - https://tools.ietf.org/html/draft-fett-oauth-dpop [2] - https://tools.ietf.org/html/rfc6749#section-7.1 Best Regards, Janak On Thu, Oct 31, 2019 at 9:42 AM Johann Nallathamby wrote: > Hi Darshana, > > On Sat, Sep 28, 2019 at 8:29 PM Darshana Gunawardana > wrote: > >> Hi Johann, >> >> On Sat, Sep 21, 2019 at 10:43 AM Johann Nallathamby >> wrote: >> >>> Hi Thanuja, >>> >>> Did we consider sending the access token itself as a secure, http-only >>> cookie to the browser instead of binding it to a separate cookie? This will >>> also simplify the development on the client side, in case someone wants to >>> build their own SPA. >>> >> >> Here which domain you assumed that the cookie will be set to? >> > > I meant to the IS server domain which is the domain where the APIs are > hosted. > > >> >> Assuming it the client's domain, there are two limitations. >> >>1. Setting the token as a cookie is an additional task that client >>had to do since OP (in this case IS) cannot set cookies for some external >>client domain. >>2. Having the token stored in http-only cookie block accessing it's >>from client-side scripts, which is a main blocker for SPAs. >> >> > Not client domain. > > >> >> Assuming it the server-side domain and assuming you want to automatically >> handle authorization for the API based on the access token that already >> present in the cookie, there are two concerns, >> >>1. This will open up CSRF vulnerability as any malicious client >>running on the same browser can also access APIs successfully. >> >> Yes, your approach will prevent CSRF as well. +1. > >> >>1. If the API gateway handling authorization in back-channel mode, >> 1. The cookie has to set to the API gateway's domain >> 2. API gateway has to do an additional non-standard way of handing >> this cookie and attach it to the authorization header. >> >> Yes, this is a possibility. But I wasn't proposing it in this case. > > Thanks for the clarification. > > Regards, > Johann. > > >> >> Thanks, >> >>> >>> Regards, >>> Johann. >>> >>> On Mon, Sep 2, 2019 at 12:26 PM Thanuja Jayasinghe >>> wrote: >>> >>>> Hi All, >>>> >>>> With the introduction of new IAM portal applications, there is a >>>> requirement to provide additional security measures to secure these SPAs. >>>> We have already implemented the OAuth2 authorization code flow(public >>>> client) with PKCE for these applications and with this feature, it will be >>>> possible to bind the access token to the browser instance. So, an >>>> additional security measure will be enforced as the combination of the >>>> access token and browser token(cookie) validated while accessing the IS >>>> APIs. >>>> Support for configuring this option using OAuth2 application >>>> configuration and browser token persistence will be added as well. >>>> >>>> Updated request/response flow is as follows, >>>> [image: Blank Diagram (1).png] >>>> >>>> Thanks, >>>> Thanuja >>>> >>>> -- >>>> *Thanuja Lakmal* >>>> Technical Lead >>>> WSO2 Inc. http://wso2.com/ >>>> *lean.enterprise.middleware* >>>> Mobile: +94715979891 >>>> >>> >>> >>> -- >>> *Johann Dilantha Nallathamby* | Associate Director/Solutions Architect >>> | WSO2 Inc. >>> (m) +94 (77) 7776950 | (w) +94 (11) 2145345 | (e) joh...@wso2.com >>> [image: Signature.jpg] >>> ___ >>> Dev mailing list >>> Dev@wso2.org >>> http://wso2.org/cgi-bin/mailman/listinfo/dev >>> >> >> >> -- >> Regards, >> >> >> *Darshana Gunawardana*Technical Lead >> WSO2 Inc.; http://wso2.com >> >> *E-mail: darsh...@wso2.com * >> *Mobile: +94718566859*Lean . Enterprise . Middleware >> > > > -- > *Johann Dilantha Nallathamby* | Associate Director/Solutions Architect | > WSO2 Inc. > (m) +94 (77) 7776950 | (w) +94 (11) 2145345 | (e) joh...@wso2.com > [image: Signature.jpg] > ___ > Architecture mailing list > architect...@wso2.org > https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture > -- *Janak Amarasena* | Senior Software Engineer | WSO2 Inc. (m) +9464144 | (w) +94112145345 | (e) ja...@wso2.com <https://wso2.com/signature> ___ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev
[Dev] [VOTE] Release WSO2 Carbon Kernel 4.6.0 RC1
Hi Devs, WSO2 Carbon Kernel 4.6.0 RC1 Release Vote. Please download and test your products with kernel 4.6.0 RC1 and vote. The vote will be open for 72 hours or longer as needed. *Maven staging repository:* https://maven.wso2.org/nexus/content/repositories/orgwso2carbon-3878 *The tag to be voted upon:* https://github.com/wso2/carbon-kernel/releases/tag/v4.6.0-rc1 [- ] Broken - do not release (explain why) [+] Stable - go ahead and release Thank you WSO2 Engineering Team -- *Janak Amarasena* | Senior Software Engineer | WSO2 Inc. (m) +9464144 | (w) +94112145345 | (e) ja...@wso2.com <https://wso2.com/signature> ___ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev
Re: [Dev] [VOTE] Release WSO2 Carbon Kernel 4.6.0 RC1
Hi all, We have identified an issue with RC1. So we are dropping the vote. We will release RC2 as soon as possible. Best Regards, Janak On Thu, Feb 27, 2020 at 10:29 PM Janak Amarasena wrote: > Hi Devs, > > WSO2 Carbon Kernel 4.6.0 RC1 Release Vote. > > Please download and test your products with kernel 4.6.0 RC1 and vote. > The vote will be open for 72 hours or longer as needed. > > *Maven staging repository:* > https://maven.wso2.org/nexus/content/repositories/orgwso2carbon-3878 > > *The tag to be voted upon:* > https://github.com/wso2/carbon-kernel/releases/tag/v4.6.0-rc1 > > [- ] Broken - do not release (explain why) > [+] Stable - go ahead and release > > > Thank you > WSO2 Engineering Team > > -- > *Janak Amarasena* | Senior Software Engineer | WSO2 Inc. > (m) +9464144 | (w) +94112145345 | (e) ja...@wso2.com > > > <https://wso2.com/signature> > -- *Janak Amarasena* | Senior Software Engineer | WSO2 Inc. (m) +9464144 | (w) +94112145345 | (e) ja...@wso2.com <https://wso2.com/signature> ___ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev
[Dev] [VOTE] Release WSO2 Carbon Kernel 4.6.0 RC2
Hi Devs, WSO2 Carbon Kernel 4.6.0 RC2 Release Vote. Please download and test your products with kernel 4.6.0 RC2 and vote. The vote will be open for 72 hours or longer as needed. *Maven staging repository:* https://maven.wso2.org/nexus/content/repositories/orgwso2carbon-3908 *The tag to be voted upon:* https://github.com/wso2/carbon-kernel/releases/tag/v4.6.0-rc2 [- ] Broken - do not release (explain why) [+] Stable - go ahead and release Thank you WSO2 Engineering Team -- *Janak Amarasena* | Senior Software Engineer | WSO2 Inc. (m) +9464144 | (w) +94112145345 | (e) ja...@wso2.com <https://wso2.com/signature> ___ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev
Re: [Dev] [VOTE] Release WSO2 Carbon Kernel 4.6.0 RC2
Hi All, Since both of the products that are using the above kernel version have tested and voted, we will be closing this vote in the next 24 hours period. Best Regards, On Sun, Mar 1, 2020 at 9:12 AM Maduranga Siriwardena wrote: > Hi All, > > We have tested Identity Server distribution with the staging repository. > No issues found. > > +1 to proceed. > > Regards, > > On Sat, Feb 29, 2020 at 5:58 PM Krishan Wijesena > wrote: > >> Hi All, >> >> We have tested with API Manager distribution.No blocker issues found. +1 >> to proceed. >> >> Thanks, >> Krishan. >> >> On Fri, Feb 28, 2020 at 8:25 PM Janak Amarasena wrote: >> >>> Hi Devs, >>> >>> WSO2 Carbon Kernel 4.6.0 RC2 Release Vote. >>> >>> Please download and test your products with kernel 4.6.0 RC2 and vote. >>> The vote will be open for 72 hours or longer as needed. >>> >>> *Maven staging repository:* >>> https://maven.wso2.org/nexus/content/repositories/orgwso2carbon-3908 >>> >>> *The tag to be voted upon:* >>> https://github.com/wso2/carbon-kernel/releases/tag/v4.6.0-rc2 >>> >>> [- ] Broken - do not release (explain why) >>> [+] Stable - go ahead and release >>> >>> >>> Thank you >>> WSO2 Engineering Team >>> -- >>> *Janak Amarasena* | Senior Software Engineer | WSO2 Inc. >>> (m) +9464144 | (w) +94112145345 | (e) ja...@wso2.com >>> >>> >>> <https://wso2.com/signature> >>> ___ >>> Dev mailing list >>> Dev@wso2.org >>> http://wso2.org/cgi-bin/mailman/listinfo/dev >>> >> >> >> -- >> >> *Krishan Wijesena* >> Senior Software Engineer | WSO2 >> >> Email : krish...@wso2.com >> Mobile : +94776219923 >> WSO2 Inc : http://wso2.com >> [image: http://wso2.com/signature] <http://wso2.com/signature> >> ___ >> Dev mailing list >> Dev@wso2.org >> http://wso2.org/cgi-bin/mailman/listinfo/dev >> > > > -- > *Maduranga Siriwardena* | Technical Lead | WSO2 Inc. > (m) +94718990591 | madura...@wso2.com > > <http://wso2.com/signature> > -- *Janak Amarasena* | Senior Software Engineer | WSO2 Inc. (m) +9464144 | (w) +94112145345 | (e) ja...@wso2.com <https://wso2.com/signature> ___ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev
Re: [Dev] [VOTE] Release WSO2 Carbon Kernel 4.6.0 RC2
Hi All, Thanks for testing WSO2 Carbon Kernel 4.6.0 RC2. Since this vote passed with 3 [+1]s and 0 [-1], we’re hereby closing this vote and proceeding with the WSO2 Carbon Kernel 4.6.0 GA release. Best Regards, On Sun, Mar 1, 2020 at 6:08 PM Nadeeshani Pathirennehelage < nadeesha...@wso2.com> wrote: > Hi All, > > Since analysis of the security scan reports are completed, +1 from > platform security team to proceed. > > Best Regards, > Nadeeshani. > > On Sun, Mar 1, 2020 at 9:58 AM Janak Amarasena wrote: > >> Hi All, >> >> Since both of the products that are using the above kernel version have >> tested and voted, we will be closing this vote in the next 24 hours period. >> >> >> Best Regards, >> >> On Sun, Mar 1, 2020 at 9:12 AM Maduranga Siriwardena >> wrote: >> >>> Hi All, >>> >>> We have tested Identity Server distribution with the staging repository. >>> No issues found. >>> >>> +1 to proceed. >>> >>> Regards, >>> >>> On Sat, Feb 29, 2020 at 5:58 PM Krishan Wijesena >>> wrote: >>> >>>> Hi All, >>>> >>>> We have tested with API Manager distribution.No blocker issues found. >>>> +1 to proceed. >>>> >>>> Thanks, >>>> Krishan. >>>> >>>> On Fri, Feb 28, 2020 at 8:25 PM Janak Amarasena wrote: >>>> >>>>> Hi Devs, >>>>> >>>>> WSO2 Carbon Kernel 4.6.0 RC2 Release Vote. >>>>> >>>>> Please download and test your products with kernel 4.6.0 RC2 and vote. >>>>> The vote will be open for 72 hours or longer as needed. >>>>> >>>>> *Maven staging repository:* >>>>> https://maven.wso2.org/nexus/content/repositories/orgwso2carbon-3908 >>>>> >>>>> *The tag to be voted upon:* >>>>> https://github.com/wso2/carbon-kernel/releases/tag/v4.6.0-rc2 >>>>> >>>>> [- ] Broken - do not release (explain why) >>>>> [+] Stable - go ahead and release >>>>> >>>>> >>>>> Thank you >>>>> WSO2 Engineering Team >>>>> -- >>>>> *Janak Amarasena* | Senior Software Engineer | WSO2 Inc. >>>>> (m) +9464144 | (w) +94112145345 | (e) ja...@wso2.com >>>>> >>>>> >>>>> <https://wso2.com/signature> >>>>> ___ >>>>> Dev mailing list >>>>> Dev@wso2.org >>>>> http://wso2.org/cgi-bin/mailman/listinfo/dev >>>>> >>>> >>>> >>>> -- >>>> >>>> *Krishan Wijesena* >>>> Senior Software Engineer | WSO2 >>>> >>>> Email : krish...@wso2.com >>>> Mobile : +94776219923 >>>> WSO2 Inc : http://wso2.com >>>> [image: http://wso2.com/signature] <http://wso2.com/signature> >>>> ___ >>>> Dev mailing list >>>> Dev@wso2.org >>>> http://wso2.org/cgi-bin/mailman/listinfo/dev >>>> >>> >>> >>> -- >>> *Maduranga Siriwardena* | Technical Lead | WSO2 Inc. >>> (m) +94718990591 | madura...@wso2.com >>> >>> <http://wso2.com/signature> >>> >> >> >> -- >> *Janak Amarasena* | Senior Software Engineer | WSO2 Inc. >> (m) +9464144 | (w) +94112145345 | (e) ja...@wso2.com >> >> >> <https://wso2.com/signature> >> ___ >> Dev mailing list >> Dev@wso2.org >> http://wso2.org/cgi-bin/mailman/listinfo/dev >> > > > -- > Pathirennehelage Nadeeshani > Senior Software Engineer | WSO2 Inc. > Platform Security Team > mobile : +94 716545223 > > -- *Janak Amarasena* | Senior Software Engineer | WSO2 Inc. (m) +9464144 | (w) +94112145345 | (e) ja...@wso2.com <https://wso2.com/signature> ___ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev
[Dev] [Announce] WSO2 Carbon Kernel 4.6.0 Released!
Hi all, The WSO2 Engineering Team is pleased to announce the release of WSO2 Carbon Kernel version 4.6.0 <https://github.com/wso2/carbon-kernel/releases/tag/v4.6.0>. WSO2 Carbon is the award-winning, component-based, service-oriented platform for the enterprise-grade WSO2 middleware products stack. It is 100% open source and delivered under Apache License 2.0. The WSO2 Carbon platform is lean, high-performant and consists of a collection of OSGi bundles. *What is new in this Release* - *Introduce a unique user identifier across the system *- Previously, the username of the user was considered as an immutable attribute across the system which had multiple limitations. Therefore a new unique user identifier has been introduced along with a new set of user core APIs. New user store managers have been introduced for all the types such as JDBC, Read-Only LDAP, Read-Write LDAP, and Active directory which can be compatible with the new unique user identifier implementation. - Other bug fixes <https://github.com/wso2/carbon-kernel/milestone/30?closed=1> How You Can ContributeMailing Lists Join our mailing list and correspond with the developers directly. - Developer list: dev@wso2.org | Subscribe | Mail Archive <https://wso2.markmail.org/search/list:org.wso2.dev> - User forum: StackOverflow <http://stackoverflow.com/questions/tagged/wso2carbon> Reporting Issues We encourage you to report issues, improvements, documentation faults and feature requests regarding WSO2 Carbon Kernel through our public WSO2 Carbon Kernel GIT Issues <https://github.com/wso2/carbon-kernel/issues>. Support We are committed to ensuring your enterprise middleware deployment is completely supported from evaluation to production. Our unique approach ensures that all support leverages our open development methodology and is provided by the very same engineers who build the technology. For more details and to take advantage of this unique opportunity http://wso2.com/support/ - The WSO2 Engineering Team - -- *Janak Amarasena* | Senior Software Engineer | WSO2 Inc. (m) +9464144 | (w) +94112145345 | (e) ja...@wso2.com <https://wso2.com/signature> ___ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev
[Dev] [VOTE] Release WSO2 Identity Server 5.10.0 RC1
Hi all, We are pleased to announce the first release candidate of WSO2 Identity Server 5.10.0. *New Features:* 1. Passwordless authentication support 2. An improved User Portal 3. New RESTful APIs for user self-services and server management 4. Scope based authorization for internal REST APIs 5. Unique User ID support 6. Tenant wise email-sender configuration *Fixes:* This release includes the following issue fixes and improvements: - 5.10.0-M1 <https://github.com/wso2/product-is/milestone/95?closed=1> - 5.10.0-M2 <https://github.com/wso2/product-is/milestone/96?closed=1> - 5.10.0-M3 <https://github.com/wso2/product-is/milestone/97?closed=1> - 5.10.0-M4 <https://github.com/wso2/product-is/milestone/98?closed=1> - 5.10.0-M5 <https://github.com/wso2/product-is/milestone/99?closed=1> - 5.10.0-M6 <https://github.com/wso2/product-is/milestone/100?closed=1> - 5.10.0-M7 <https://github.com/wso2/product-is/milestone/101?closed=1> - 5.10.0-M8 <https://github.com/wso2/product-is/milestone/102?closed=1> - 5.10.0-M9 <https://github.com/wso2/product-is/milestone/103?closed=1> - 5.10.0-Alpha <https://github.com/wso2/product-is/milestone/104?closed=1> - 5.10.0-Alpha2 <https://github.com/wso2/product-is/milestone/105?closed=1> - 5.10.0-Alpha3 <https://github.com/wso2/product-is/milestone/106?closed=1> - 5.10.0-Beta <https://github.com/wso2/product-is/milestone/107?closed=1> - 5.10.0-Beta2 <https://github.com/wso2/product-is/milestone/108?closed=1> - 5.10.0-Beta3 <https://github.com/wso2/product-is/milestone/109?closed=1> - 5.10.0-GA <https://github.com/wso2/product-is/milestone/92?closed=1> *Source and Distribution* The source and distribution <https://github.com/wso2/product-is/releases/download/v5.10.0-rc1/wso2is-5.10.0-rc1.zip> are available at https://github.com/wso2/product-is/releases/tag/v5.10.0-rc1 Please download the product, test it, and vote using the following convention. [+] Stable - go ahead and release [-] Broken - do not release (explain why) Thank you, WSO2 Identity and Access Management Team -- *Janak Amarasena* | Senior Software Engineer | WSO2 Inc. (m) +9464144 | (w) +94112145345 | (e) ja...@wso2.com <https://wso2.com/signature> ___ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev
Re: [Dev] [VOTE] Release WSO2 Identity Server 5.10.0 RC1
Hi Gayan, You can find the documentation for the new features from [1]. [1] - https://is.docs.wso2.com/en/next Best Regards, Janak On Thu, Mar 5, 2020 at 11:18 AM gayan gunawardana wrote: > Hi Janak, > > Could you be able to provide documentation links against each new feature ? > > Thanks, > Gayan > > On Thu, Mar 5, 2020 at 5:06 AM Janak Amarasena wrote: > >> Hi all, >> >> We are pleased to announce the first release candidate of WSO2 Identity >> Server 5.10.0. >> >> >> *New Features:* >> >>1. Passwordless authentication support >>2. An improved User Portal >>3. New RESTful APIs for user self-services and server management >>4. Scope based authorization for internal REST APIs >>5. Unique User ID support >>6. Tenant wise email-sender configuration >> >> >> >> *Fixes:* >> This release includes the following issue fixes and improvements: >> >>- 5.10.0-M1 <https://github.com/wso2/product-is/milestone/95?closed=1> >>- 5.10.0-M2 <https://github.com/wso2/product-is/milestone/96?closed=1> >>- 5.10.0-M3 <https://github.com/wso2/product-is/milestone/97?closed=1> >>- 5.10.0-M4 <https://github.com/wso2/product-is/milestone/98?closed=1> >>- 5.10.0-M5 <https://github.com/wso2/product-is/milestone/99?closed=1> >>- 5.10.0-M6 >><https://github.com/wso2/product-is/milestone/100?closed=1> >>- 5.10.0-M7 >><https://github.com/wso2/product-is/milestone/101?closed=1> >>- 5.10.0-M8 >><https://github.com/wso2/product-is/milestone/102?closed=1> >>- 5.10.0-M9 >><https://github.com/wso2/product-is/milestone/103?closed=1> >>- 5.10.0-Alpha >><https://github.com/wso2/product-is/milestone/104?closed=1> >>- 5.10.0-Alpha2 >><https://github.com/wso2/product-is/milestone/105?closed=1> >>- 5.10.0-Alpha3 >><https://github.com/wso2/product-is/milestone/106?closed=1> >>- 5.10.0-Beta >><https://github.com/wso2/product-is/milestone/107?closed=1> >>- 5.10.0-Beta2 >><https://github.com/wso2/product-is/milestone/108?closed=1> >>- 5.10.0-Beta3 >><https://github.com/wso2/product-is/milestone/109?closed=1> >>- 5.10.0-GA <https://github.com/wso2/product-is/milestone/92?closed=1> >> >> >> *Source and Distribution* >> The source and distribution >> <https://github.com/wso2/product-is/releases/download/v5.10.0-rc1/wso2is-5.10.0-rc1.zip> >> are available at >> https://github.com/wso2/product-is/releases/tag/v5.10.0-rc1 >> >> >> Please download the product, test it, and vote using the following >> convention. >> [+] Stable - go ahead and release >> [-] Broken - do not release (explain why) >> >> Thank you, >> WSO2 Identity and Access Management Team >> >> -- >> *Janak Amarasena* | Senior Software Engineer | WSO2 Inc. >> (m) +9464144 | (w) +94112145345 | (e) ja...@wso2.com >> >> >> <https://wso2.com/signature> >> ___ >> Dev mailing list >> Dev@wso2.org >> http://wso2.org/cgi-bin/mailman/listinfo/dev >> > > > -- > Gayan > -- *Janak Amarasena* | Senior Software Engineer | WSO2 Inc. (m) +9464144 | (w) +94112145345 | (e) ja...@wso2.com <https://wso2.com/signature> ___ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev
Re: [Dev] [VOTE] Release WSO2 Identity Server 5.10.0 RC1
Hi all, We are closing this vote as we need to update the product distribution license agreement and have to update our in-place updater components. Best Regards, WSO2 Identity and Access Management Team On Thu, Mar 5, 2020 at 8:32 PM Janak Amarasena wrote: > Hi Gayan, > > You can find the documentation for the new features from [1]. > > [1] - https://is.docs.wso2.com/en/next > > Best Regards, > Janak > > On Thu, Mar 5, 2020 at 11:18 AM gayan gunawardana > wrote: > >> Hi Janak, >> >> Could you be able to provide documentation links against each new feature >> ? >> >> Thanks, >> Gayan >> >> On Thu, Mar 5, 2020 at 5:06 AM Janak Amarasena wrote: >> >>> Hi all, >>> >>> We are pleased to announce the first release candidate of WSO2 Identity >>> Server 5.10.0. >>> >>> >>> *New Features:* >>> >>>1. Passwordless authentication support >>>2. An improved User Portal >>>3. New RESTful APIs for user self-services and server management >>>4. Scope based authorization for internal REST APIs >>>5. Unique User ID support >>>6. Tenant wise email-sender configuration >>> >>> >>> >>> *Fixes:* >>> This release includes the following issue fixes and improvements: >>> >>>- 5.10.0-M1 >>><https://github.com/wso2/product-is/milestone/95?closed=1> >>>- 5.10.0-M2 >>><https://github.com/wso2/product-is/milestone/96?closed=1> >>>- 5.10.0-M3 >>><https://github.com/wso2/product-is/milestone/97?closed=1> >>>- 5.10.0-M4 >>><https://github.com/wso2/product-is/milestone/98?closed=1> >>>- 5.10.0-M5 >>><https://github.com/wso2/product-is/milestone/99?closed=1> >>>- 5.10.0-M6 >>><https://github.com/wso2/product-is/milestone/100?closed=1> >>>- 5.10.0-M7 >>><https://github.com/wso2/product-is/milestone/101?closed=1> >>>- 5.10.0-M8 >>><https://github.com/wso2/product-is/milestone/102?closed=1> >>>- 5.10.0-M9 >>><https://github.com/wso2/product-is/milestone/103?closed=1> >>>- 5.10.0-Alpha >>><https://github.com/wso2/product-is/milestone/104?closed=1> >>>- 5.10.0-Alpha2 >>><https://github.com/wso2/product-is/milestone/105?closed=1> >>>- 5.10.0-Alpha3 >>><https://github.com/wso2/product-is/milestone/106?closed=1> >>>- 5.10.0-Beta >>><https://github.com/wso2/product-is/milestone/107?closed=1> >>>- 5.10.0-Beta2 >>><https://github.com/wso2/product-is/milestone/108?closed=1> >>>- 5.10.0-Beta3 >>><https://github.com/wso2/product-is/milestone/109?closed=1> >>>- 5.10.0-GA >>><https://github.com/wso2/product-is/milestone/92?closed=1> >>> >>> >>> *Source and Distribution* >>> The source and distribution >>> <https://github.com/wso2/product-is/releases/download/v5.10.0-rc1/wso2is-5.10.0-rc1.zip> >>> are available at >>> https://github.com/wso2/product-is/releases/tag/v5.10.0-rc1 >>> >>> >>> Please download the product, test it, and vote using the following >>> convention. >>> [+] Stable - go ahead and release >>> [-] Broken - do not release (explain why) >>> >>> Thank you, >>> WSO2 Identity and Access Management Team >>> >>> -- >>> *Janak Amarasena* | Senior Software Engineer | WSO2 Inc. >>> (m) +9464144 | (w) +94112145345 | (e) ja...@wso2.com >>> >>> >>> <https://wso2.com/signature> >>> ___ >>> Dev mailing list >>> Dev@wso2.org >>> http://wso2.org/cgi-bin/mailman/listinfo/dev >>> >> >> >> -- >> Gayan >> > > > -- > *Janak Amarasena* | Senior Software Engineer | WSO2 Inc. > (m) +9464144 | (w) +94112145345 | (e) ja...@wso2.com > > > <https://wso2.com/signature> > -- *Janak Amarasena* | Senior Software Engineer | WSO2 Inc. (m) +9464144 | (w) +94112145345 | (e) ja...@wso2.com <https://wso2.com/signature> ___ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev
[Dev] [VOTE] Release WSO2 Identity Server 5.10.0 RC2
Hi all, We are pleased to announce the second release candidate of WSO2 Identity Server 5.10.0. *New Features:* 1. Passwordless authentication support 2. An improved User Portal 3. New RESTful APIs for user self-services and server management 4. Scope based authorization for internal REST APIs 5. Unique User ID support 6. Tenant wise email-sender configuration *Fixes:* This release includes the following issue fixes and improvements: - 5.10.0-M1 <https://github.com/wso2/product-is/milestone/95?closed=1> - 5.10.0-M2 <https://github.com/wso2/product-is/milestone/96?closed=1> - 5.10.0-M3 <https://github.com/wso2/product-is/milestone/97?closed=1> - 5.10.0-M4 <https://github.com/wso2/product-is/milestone/98?closed=1> - 5.10.0-M5 <https://github.com/wso2/product-is/milestone/99?closed=1> - 5.10.0-M6 <https://github.com/wso2/product-is/milestone/100?closed=1> - 5.10.0-M7 <https://github.com/wso2/product-is/milestone/101?closed=1> - 5.10.0-M8 <https://github.com/wso2/product-is/milestone/102?closed=1> - 5.10.0-M9 <https://github.com/wso2/product-is/milestone/103?closed=1> - 5.10.0-Alpha <https://github.com/wso2/product-is/milestone/104?closed=1> - 5.10.0-Alpha2 <https://github.com/wso2/product-is/milestone/105?closed=1> - 5.10.0-Alpha3 <https://github.com/wso2/product-is/milestone/106?closed=1> - 5.10.0-Beta <https://github.com/wso2/product-is/milestone/107?closed=1> - 5.10.0-Beta2 <https://github.com/wso2/product-is/milestone/108?closed=1> - 5.10.0-Beta3 <https://github.com/wso2/product-is/milestone/109?closed=1> - 5.10.0-GA <https://github.com/wso2/product-is/milestone/92?closed=1> *Source and Distribution* The source and distribution <https://github.com/wso2/product-is/releases/download/v5.10.0-rc2/wso2is-5.10.0-rc2.zip> are available at https://github.com/wso2/product-is/releases/tag/v5.10.0-rc2 Please download the product, test it, and vote using the following convention. [+] Stable - go ahead and release [-] Broken - do not release (explain why) Thank you, WSO2 Identity and Access Management Team -- *Janak Amarasena* | Senior Software Engineer | WSO2 Inc. (m) +9464144 | (w) +94112145345 | (e) ja...@wso2.com <https://wso2.com/signature> ___ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev
Re: [Dev] [Architecture] [Iam-dev] [VOTE] Release WSO2 Identity Server 5.10.0 RC2
n application >>>>>>>>where policy applied for 'allow access' for user's role admin and by >>>>>>>>validating the time of the day >>>>>>>>- Login by a user with a nonadmin role to an application where >>>>>>>>a policy applied for 'allow access' for user's role admin Using the >>>>>>>> sample >>>>>>>>XACML template - authn_role_based_policy_template.(N) >>>>>>>>- Log in with a user on a different user store to an >>>>>>>>application where policy applied for 'allow access' for user store >>>>>>>>primary. using the template authn_user_store_based_policy_template >>>>>>>> >>>>>>>> The features were functioning as expected. Hence, >>>>>>>> >>>>>>>> [+] Stable - go ahead and release >>>>>>>> >>>>>>>> Best Regards. >>>>>>>> *Buddhima Udaranga*|Software Engineer| WSO2 Inc. <http://wso2.com/> >>>>>>>> (M)+94 714742094 | (E) buddhi...@wso2.com >>>>>>>> <https://wso2.com/signature> >>>>>>>> >>>>>>>> >>>>>>>> On Wed, Mar 11, 2020 at 2:21 PM Brion Silva wrote: >>>>>>>> >>>>>>>>> Hi All, >>>>>>>>> >>>>>>>>> Tested the following features in the new User Portal. >>>>>>>>> >>>>>>>>> >>>>>>>>>- Profile information update. >>>>>>>>>- Linking an account. >>>>>>>>>- Switching between linked accounts (from both profile info >>>>>>>>>page and user dropdown) >>>>>>>>>- IDP session listing and termination. >>>>>>>>>- Consent management. >>>>>>>>> >>>>>>>>> The features were functioning as expected. Hence, >>>>>>>>> >>>>>>>>> [+] Stable - go ahead and release >>>>>>>>> >>>>>>>>> Best Regards. >>>>>>>>> Brion Silva. >>>>>>>>> >>>>>>>>> On Wed, Mar 11, 2020 at 1:02 PM Theviyanthan Krishnamohan < >>>>>>>>> theviyant...@wso2.com> wrote: >>>>>>>>> >>>>>>>>>> Hi, >>>>>>>>>> >>>>>>>>>> The following flows were tested on the user portal: >>>>>>>>>> >>>>>>>>>> 1. Scanning and regenerating TOTP QR code >>>>>>>>>> 2. Adding, editing and deleting a FIDO key >>>>>>>>>> 3. Adding and editing security questions >>>>>>>>>> 4. Updating the user profile >>>>>>>>>> 5. Adding and editing recovery email >>>>>>>>>> 6. Adding and editing user profile picture >>>>>>>>>> >>>>>>>>>> [+] Stable - go ahead and release >>>>>>>>>> >>>>>>>>>> On Sun, Mar 8, 2020 at 11:26 PM Janak Amarasena >>>>>>>>>> wrote: >>>>>>>>>> >>>>>>>>>>> Hi all, >>>>>>>>>>> >>>>>>>>>>> We are pleased to announce the second release candidate of WSO2 >>>>>>>>>>> Identity Server 5.10.0. >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> *New Features:* >>>>>>>>>>> >>>>>>>>>>>1. Passwordless authentication support >>>>>>>>>>>2. An improved User Portal >>>>>>>>>>>3. New RESTful APIs for user self-services and server >>>>>>>>>>>management >>>>>>>>>>>4. Scope based authorization for internal REST APIs >>>>>>>>>>>5. Unique User ID support >>>>>>>>>>>6. Tenant wise email-sender configuration >>>>>
[Dev] WSO2 Identity Server 5.10.0 Released!
.0-M3 <https://github.com/wso2/product-is/milestone/97?closed=1> - 5.10.0-M2 <https://github.com/wso2/product-is/milestone/96?closed=1> - 5.10.0-M1 <https://github.com/wso2/product-is/milestone/95?closed=1> Known Issues All the open issues pertaining to WSO2 Identity Server are reported here <https://github.com/wso2/product-is/issues>. How You Can ContributeMailing Lists Join our mailing list and correspond with the developers directly. We also encourage you to take part in discussions related to the product in the architecture mailing list. If you have any questions regarding the product, you can use our StackOverflow forum or Slack to raise them as well. - Developer list: dev@wso2.org, iam-...@wso2.org - Architecture list: architect...@wso2.org - User forum: StackOverflow <http://stackoverflow.com/questions/tagged/wso2is>, wso2is.slack.com <https://join.slack.com/t/wso2is/shared_invite/enQtNzk0MTI1OTg5NjM1LTllODZiMTYzMmY0YzljYjdhZGExZWVkZDUxOWVjZDJkZGIzNTE1NDllYWFhM2MyOGFjMDlkYzJjODJhOWQ4YjE> Reporting Issues We encourage you to report issues, documentation faults, and feature requests regarding WSO2 Identity Server or in the Carbon base framework through the public WSO2 Identity Server Git Issues <https://github.com/wso2/product-is/issues>. Important: Please be advised that security issues must be reported to secur...@wso2.com, not as GitHub issues, in order to reach the proper audience. We strongly advise you to follow the WSO2 Security Vulnerability Reporting Guidelines <https://docs.wso2.com/display/Security/WSO2+Security+Vulnerability+Reporting+Guidelines> when reporting the security issues. Support We are committed to ensuring your enterprise middleware deployment is completely supported from evaluation to production through a WSO2 Subscription. Our unique approach ensures that all support leverages our open development methodology and is provided by the very same engineers who build the technology. For more details and to take advantage of this unique opportunity, visit https://wso2.com/subscription For more information about WSO2 Identity Server, please see our website <https://wso2.com/identity-and-access-management> and visit the library <https://wso2.com/library/identity-and-access-management> for additional resources. Thank you for your interest in WSO2 Identity Server. - The WSO2 Identity and Access Management Team - -- *Janak Amarasena* | Senior Software Engineer | WSO2 Inc. (m) +9464144 | (w) +94112145345 | (e) ja...@wso2.com <https://wso2.com/signature> ___ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev
Re: [Dev] [Iam-dev] Cross Protocol SLO
Hi Gayan, There is no specific configuration needed. Best Regards, Janak On Wed, May 13, 2020 at 9:18 AM gayan gunawardana wrote: > Hi IAM team, > Referring to cross protocol single logout [1], what are the configurations > need to be changed in order to enable cross protocol single logout (version > 5.10.0) ? > Use case like I have SAML based web application and user portal > (oauth/oidc) and need to enable SLO among two applications. > > [1] > https://is.docs.wso2.com/en/latest/get-started/cross-protocol-single-logout/#cross-protocol-single-logout > -- > Gayan > ___ > Iam-dev mailing list > iam-...@wso2.org > http://wso2.org/cgi-bin/mailman/listinfo/iam-dev > -- *Janak Amarasena* | Senior Software Engineer | WSO2 Inc. (m) +9464144 | (w) +94112145345 | (e) ja...@wso2.com <https://wso2.com/signature> ___ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev
Re: [Dev] Adding auth_time claim to the ID token by default
Hi Yasas, Can you mention which test is requiring it by default? And can we check why the test is looking for it by default as the current implementation is conforming to the OIDC spec. Time when the End-User authentication occurred. Its value is a JSON number > representing the number of seconds from 1970-01-01T0:0:0Z as measured in > UTC until the date/time. When a max_age request is made or when auth_time > is requested as an Essential Claim, then this Claim is REQUIRED; otherwise, > its inclusion is OPTIONAL. > Best Regards, Janak On Mon, Nov 16, 2020 at 12:57 PM Farasath Ahamed wrote: > > On Mon, Nov 16, 2020, 12:56 PM Yasas Ramanayake (Intern) > wrote: > >> Hi all, >> >> I'm in the process of fixing issue [1] >> In our current implementation auth_time claim is sent in the ID token >> only if it's requested by the client as an essential claim or when a >> max_age request is made. However in one of the OIDC conformance suite test >> cases they expect the ID token to have auth_time even without explicitly >> requesting for it. Sending auth_time is optional according to specification >> [2]. >> >> We can consider this as an improvement to our implementation and add the >> auth_time by default to the id_token . Please share if you have any >> concerns/suggestions regarding this. >> >> [1] https://github.com/wso2/product-is/issues/10391 >> [2] https://openid.net/specs/openid-connect-core-1_0.html#IDToken >> >> >> Regards, >> -- >> Yasas Ramanayake | Intern - Engineering | WSO2 Inc. >> (m) +94717380767 | (w) +94115712082 | (e) yas...@wso2.com >> [image: https://wso2.com/signature] <https://wso2.com/signature> >> >> -- *Janak Amarasena* | Senior Software Engineer | WSO2 Inc. (m) +9464144 | (w) +94112145345 | (e) ja...@wso2.com <https://wso2.com/signature> ___ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev
[Dev] MSF4J Handling CORS
Hi,
I created a microservice using MSF4J and tested the resources with postman
all works fine but when I use it with a AngularJS client app; the browser
sends an additional http OPTIONS request to check CORS I get a "405 Method
Not Allowed" Response.
I created a resource with @OPTIONS (javax.ws.rs) annotation to the same
path still the same result, 405 response, the method doesn't even get
triggered.
@OPTIONS
@Path("/")
public Response options() {
return Response.ok()
.header("Access-Control-Allow-Origin", "*")
.header("Access-Control-Allow-Credentials", "true")
.header("Access-Control-Allow-Methods", "POST, GET, PUT,
UPDATE, DELETE, OPTIONS, HEAD")
.header("Access-Control-Allow-Headers", "Content-Type,
Accept, X-Requested-With")
.build();
}
I think the http OPTIONS request is not recognized.
For your advise please.
Thank You,
Best Regards,
--
Janak Amarasena
*Intern*
*WSO2, Inc. *
*lean . enterprise . middleware *
*Mobile: +9464144 <%2B9464144>*
*Email: *ja...@wso2.com
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev
Re: [Dev] MSF4J Handling CORS
> Can you implement it and send us a PR?
Not sure about implementing at the moment.
Please also create an issue for this at https://github.com/wso2/
> msf4j/issues
Will do.
Thank You
On Fri, Sep 9, 2016 at 7:19 PM, Afkham Azeez wrote:
> Please also create an issue for this at https://github.com/wso2/
> msf4j/issues
>
> On Fri, Sep 9, 2016 at 7:15 PM, Afkham Azeez wrote:
>
>> We don't support Options at the moment. Can you implement it and send us
>> a PR?
>>
>> On Fri, Sep 9, 2016 at 6:14 PM, Janak Amarasena wrote:
>>
>>> Hi,
>>>
>>> I created a microservice using MSF4J and tested the resources with
>>> postman all works fine but when I use it with a AngularJS client app; the
>>> browser sends an additional http OPTIONS request to check CORS I get a "405
>>> Method Not Allowed" Response.
>>>
>>> I created a resource with @OPTIONS (javax.ws.rs) annotation to the same
>>> path still the same result, 405 response, the method doesn't even get
>>> triggered.
>>>
>>> @OPTIONS
>>> @Path("/")
>>> public Response options() {
>>>
>>> return Response.ok()
>>> .header("Access-Control-Allow-Origin", "*")
>>> .header("Access-Control-Allow-Credentials", "true")
>>> .header("Access-Control-Allow-Methods", "POST, GET, PUT,
>>> UPDATE, DELETE, OPTIONS, HEAD")
>>> .header("Access-Control-Allow-Headers", "Content-Type, Accept,
>>> X-Requested-With")
>>> .build();
>>> }
>>>
>>>
>>> I think the http OPTIONS request is not recognized.
>>>
>>>
>>> For your advise please.
>>>
>>>
>>> Thank You,
>>> Best Regards,
>>>
>>>
>>> --
>>> Janak Amarasena
>>>
>>> *Intern*
>>>
>>> *WSO2, Inc. *
>>>
>>> *lean . enterprise . middleware *
>>>
>>> *Mobile: +9464144 <%2B9464144>*
>>>
>>> *Email: *ja...@wso2.com
>>>
>>
>>
>>
>> --
>> *Afkham Azeez*
>> Director of Architecture; WSO2, Inc.; http://wso2.com
>> Member; Apache Software Foundation; http://www.apache.org/
>> * <http://www.apache.org/>*
>> *email: **az...@wso2.com*
>> * cell: +94 77 3320919 <%2B94%2077%203320919>blog: *
>> *http://blog.afkham.org* <http://blog.afkham.org>
>> *twitter: **http://twitter.com/afkham_azeez*
>> <http://twitter.com/afkham_azeez>
>> *linked-in: **http://lk.linkedin.com/in/afkhamazeez
>> <http://lk.linkedin.com/in/afkhamazeez>*
>>
>> *Lean . Enterprise . Middleware*
>>
>
>
>
> --
> *Afkham Azeez*
> Director of Architecture; WSO2, Inc.; http://wso2.com
> Member; Apache Software Foundation; http://www.apache.org/
> * <http://www.apache.org/>*
> *email: **az...@wso2.com*
> * cell: +94 77 3320919 <%2B94%2077%203320919>blog: *
> *http://blog.afkham.org* <http://blog.afkham.org>
> *twitter: **http://twitter.com/afkham_azeez*
> <http://twitter.com/afkham_azeez>
> *linked-in: **http://lk.linkedin.com/in/afkhamazeez
> <http://lk.linkedin.com/in/afkhamazeez>*
>
> *Lean . Enterprise . Middleware*
>
--
Janak Amarasena
*Intern*
*WSO2, Inc. *
*lean . enterprise . middleware *
*Mobile: +9464144 <%2B9464144>*
*Email: *ja...@wso2.com
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev
Re: [Dev] MSF4J Handling CORS
Implemented it :) will send a PR
On Fri, Sep 9, 2016 at 8:17 PM, Afkham Azeez wrote:
>
>
> On Fri, Sep 9, 2016 at 7:25 PM, Janak Amarasena wrote:
>
>>
>> Can you implement it and send us a PR?
>>
>>
>> Not sure about implementing at the moment.
>>
>
> Why is that? Implementing it should be pretty straighforward & an
> interesting weekend coding project. :)
>
>>
>> Please also create an issue for this at https://github.com/wso2/msf
>>> 4j/issues
>>
>>
>> Will do.
>>
>> Thank You
>>
>> On Fri, Sep 9, 2016 at 7:19 PM, Afkham Azeez wrote:
>>
>>> Please also create an issue for this at https://github.com/wso2/msf
>>> 4j/issues
>>>
>>> On Fri, Sep 9, 2016 at 7:15 PM, Afkham Azeez wrote:
>>>
>>>> We don't support Options at the moment. Can you implement it and send
>>>> us a PR?
>>>>
>>>> On Fri, Sep 9, 2016 at 6:14 PM, Janak Amarasena wrote:
>>>>
>>>>> Hi,
>>>>>
>>>>> I created a microservice using MSF4J and tested the resources with
>>>>> postman all works fine but when I use it with a AngularJS client app; the
>>>>> browser sends an additional http OPTIONS request to check CORS I get a
>>>>> "405
>>>>> Method Not Allowed" Response.
>>>>>
>>>>> I created a resource with @OPTIONS (javax.ws.rs) annotation to the
>>>>> same path still the same result, 405 response, the method doesn't even get
>>>>> triggered.
>>>>>
>>>>> @OPTIONS
>>>>> @Path("/")
>>>>> public Response options() {
>>>>>
>>>>> return Response.ok()
>>>>> .header("Access-Control-Allow-Origin", "*")
>>>>> .header("Access-Control-Allow-Credentials", "true")
>>>>> .header("Access-Control-Allow-Methods", "POST, GET, PUT,
>>>>> UPDATE, DELETE, OPTIONS, HEAD")
>>>>> .header("Access-Control-Allow-Headers", "Content-Type,
>>>>> Accept, X-Requested-With")
>>>>> .build();
>>>>> }
>>>>>
>>>>>
>>>>> I think the http OPTIONS request is not recognized.
>>>>>
>>>>>
>>>>> For your advise please.
>>>>>
>>>>>
>>>>> Thank You,
>>>>> Best Regards,
>>>>>
>>>>>
>>>>> --
>>>>> Janak Amarasena
>>>>>
>>>>> *Intern*
>>>>>
>>>>> *WSO2, Inc. *
>>>>>
>>>>> *lean . enterprise . middleware *
>>>>>
>>>>> *Mobile: +9464144 <%2B9464144>*
>>>>>
>>>>> *Email: *ja...@wso2.com
>>>>>
>>>>
>>>>
>>>>
>>>> --
>>>> *Afkham Azeez*
>>>> Director of Architecture; WSO2, Inc.; http://wso2.com
>>>> Member; Apache Software Foundation; http://www.apache.org/
>>>> * <http://www.apache.org/>*
>>>> *email: **az...@wso2.com*
>>>> * cell: +94 77 3320919 <%2B94%2077%203320919>blog: *
>>>> *http://blog.afkham.org* <http://blog.afkham.org>
>>>> *twitter: **http://twitter.com/afkham_azeez*
>>>> <http://twitter.com/afkham_azeez>
>>>> *linked-in: **http://lk.linkedin.com/in/afkhamazeez
>>>> <http://lk.linkedin.com/in/afkhamazeez>*
>>>>
>>>> *Lean . Enterprise . Middleware*
>>>>
>>>
>>>
>>>
>>> --
>>> *Afkham Azeez*
>>> Director of Architecture; WSO2, Inc.; http://wso2.com
>>> Member; Apache Software Foundation; http://www.apache.org/
>>> * <http://www.apache.org/>*
>>> *email: **az...@wso2.com*
>>> * cell: +94 77 3320919 <%2B94%2077%203320919>blog: *
>>> *http://blog.afkham.org* <http://blog.afkham.org>
>>> *twitter: **http://twitter.com/afkham_azeez*
>>> <http://twitter.com/afkham_azeez>
>>> *linked-in: **http://lk.linkedin.com/in/afkhamazeez
>>> <http://lk.linkedin.com/in/afkhamazeez>*
>>>
>>> *Lean . Enterprise . Middleware*
>>>
>>
>>
>>
>> --
>> Janak Amarasena
>>
>> *Intern*
>>
>> *WSO2, Inc. *
>>
>> *lean . enterprise . middleware *
>>
>> *Mobile: +9464144 <%2B9464144>*
>>
>> *Email: *ja...@wso2.com
>>
>
>
>
> --
> *Afkham Azeez*
> Director of Architecture; WSO2, Inc.; http://wso2.com
> Member; Apache Software Foundation; http://www.apache.org/
> * <http://www.apache.org/>*
> *email: **az...@wso2.com*
> * cell: +94 77 3320919 <%2B94%2077%203320919>blog: *
> *http://blog.afkham.org* <http://blog.afkham.org>
> *twitter: **http://twitter.com/afkham_azeez*
> <http://twitter.com/afkham_azeez>
> *linked-in: **http://lk.linkedin.com/in/afkhamazeez
> <http://lk.linkedin.com/in/afkhamazeez>*
>
> *Lean . Enterprise . Middleware*
>
--
Janak Amarasena
*Intern*
*WSO2, Inc. *
*lean . enterprise . middleware *
*Mobile: +9464144 <%2B9464144>*
*Email: *ja...@wso2.com
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev
Re: [Dev] WSO2 and OAuth 2.0
Hi Shib, As I can see the way you're sending the consumer_key and consumer_secret is wrong. It should be in the *Authorization* header in the following form. *key* = Base64 encoded consumer_key:consumer_secret and the *Authorization *header value should look like this. *Authorization: Basic key* ** Best Regards, On Sun, Jun 10, 2018 at 12:33 PM, shibsankar wrote: > Yes. I see consumer key and consumer secret now when I click generate key > (*screenshot > key-value attached*) > > However, when I call token API with these key and secrets from Postman, I > don't receive any OAuth 2 token. (*screenshot access-token attached*) > > What is going wrong ? > > Regards > Shib > > > > On Sun, Jun 10, 2018 at 11:53 AM, Harsha Kumara wrote: > >> >> >> On Sun, Jun 10, 2018 at 11:16 AM shibsankar wrote: >> >>> I checked [1] https://docs.wso2.com/display/AM210/Subscribe+to+an+API >>> , yes, It gives a token for sure when you subscribe API. >>> >>> But is it an Oauth2 token? Or just a normal access token? >>> >> API Manager is compliant with OAuth2 specification. Hence the tokens you >>> obtained will use OAuth2. When you click generate keys button, you will >>> receive a consumer key and secret. >>> *Please see the screenshot attached.* >>> >>> Regards >>> Shib >>> >>> >>> >>> On Sun, Jun 10, 2018 at 9:47 AM, Pubudu Gunatilaka >>> wrote: >>> >>>> Hi Shib, >>>> >>>> You can refer [1] for getting the token. This explains how to get the >>>> Oauth2 token. >>>> >>>> You do not need to have WSO2 Identity Server for getting an Oauth2 >>>> token. It is coming with API Manager. >>>> >>>> Using the token API [2], you can get a token. >>>> >>>> [1] - https://docs.wso2.com/display/AM210/Subscribe+to+an+API >>>> [2] - https://docs.wso2.com/display/AM210/Token+API >>>> >>>> Thank you! >>>> >>>> On Sat, Jun 9, 2018 at 9:07 PM shibsankar wrote: >>>> >>>>> Hi, >>>>> I would like to do the following : >>>>> >>>>> >>>>> *My Objective *: >>>>> >>>>> I have published my API in WSO2 API Gateway. API is working fine. >>>>> >>>>> Now I would like to secure my API with OAuth 2.0. I plan to invoke the >>>>> published API with OAuth 2.0 token from my Angular front-end application. >>>>> >>>>> >>>>> *My Query *: >>>>> How do I get the OAuth 2.0 token? >>>>> >>>>> *Q1*: Do I need to install WSO2 Identity server to get OAuth 2.0 >>>>> token? *Or *I can get OAuth token from WSO2 API Manager itself? >>>>> >>>>> *Q2*: Is there any WSO2 OAuth 2.0 API which provides OAuth token when >>>>> invoked? whats the URL? >>>>> >>>>> Regards >>>>> Shib >>>>> ___ >>>>> Dev mailing list >>>>> Dev@wso2.org >>>>> http://wso2.org/cgi-bin/mailman/listinfo/dev >>>>> >>>> >>>> >>>> -- >>>> *Pubudu Gunatilaka* >>>> Committer and PMC Member - Apache Stratos >>>> Senior Software Engineer >>>> WSO2, Inc.: http://wso2.com >>>> mobile : +94774078049 >>>> >>>> >>> >> >> -- >> Harsha Kumara >> Associate Technical Lead, WSO2 Inc. >> Mobile: +94775505618 >> Blog:harshcreationz.blogspot.com >> > > > ___ > Dev mailing list > Dev@wso2.org > http://wso2.org/cgi-bin/mailman/listinfo/dev > > -- *Janak Amarasena* Software Engineer Email: ja...@wso2.com Mobile: +9464144 Web: https://wso2.com <http://wso2.com/signature> ___ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev
Re: [Dev] WSO2 and OAuth 2.0
Have you specified a grant type? You need to specify a grant type like bellow (the following is for client credentials grant type); You can directly import curl commands into Postman as well. Best Regards, On Sun, Jun 10, 2018 at 1:30 PM, shibsankar wrote: > Yes. I tested with correct header and base 64 encoded consumer key value > in POSTMAN now (*postman-testing screenshot attached*) > > Verified that I'm testing with the same parameters and values as shown by > generated curl also. (*curl-OAuth screenshot attached*) > > Still, No OAuth2 token received. > > What is going wrong? > > Regards > Shib > > > On Sun, Jun 10, 2018 at 12:56 PM, Janak Amarasena wrote: > >> Hi Shib, >> >> As I can see the way you're sending the consumer_key and consumer_secret >> is wrong. >> >> It should be in the *Authorization* header in the following form. >> >> *key* = Base64 encoded consumer_key:consumer_secret >> >> and the *Authorization *header value should look like this. >> >> *Authorization: Basic key* >> >> >> >> ** >> Best Regards, >> >> On Sun, Jun 10, 2018 at 12:33 PM, shibsankar wrote: >> >>> Yes. I see consumer key and consumer secret now when I click generate >>> key (*screenshot key-value attached*) >>> >>> However, when I call token API with these key and secrets from Postman, >>> I don't receive any OAuth 2 token. (*screenshot access-token attached*) >>> >>> What is going wrong ? >>> >>> Regards >>> Shib >>> >>> >>> >>> On Sun, Jun 10, 2018 at 11:53 AM, Harsha Kumara >>> wrote: >>> >>>> >>>> >>>> On Sun, Jun 10, 2018 at 11:16 AM shibsankar wrote: >>>> >>>>> I checked [1] https://docs.wso2.com/display/AM210/Subscribe+to+an+API >>>>> , yes, It gives a token for sure when you subscribe API. >>>>> >>>>> But is it an Oauth2 token? Or just a normal access token? >>>>> >>>> API Manager is compliant with OAuth2 specification. Hence the tokens >>>>> you obtained will use OAuth2. When you click generate keys button, you >>>>> will receive a consumer key and secret. >>>>> *Please see the screenshot attached.* >>>>> >>>>> Regards >>>>> Shib >>>>> >>>>> >>>>> >>>>> On Sun, Jun 10, 2018 at 9:47 AM, Pubudu Gunatilaka >>>>> wrote: >>>>> >>>>>> Hi Shib, >>>>>> >>>>>> You can refer [1] for getting the token. This explains how to get the >>>>>> Oauth2 token. >>>>>> >>>>>> You do not need to have WSO2 Identity Server for getting an Oauth2 >>>>>> token. It is coming with API Manager. >>>>>> >>>>>> Using the token API [2], you can get a token. >>>>>> >>>>>> [1] - https://docs.wso2.com/display/AM210/Subscribe+to+an+API >>>>>> [2] - https://docs.wso2.com/display/AM210/Token+API >>>>>> >>>>>> Thank you! >>>>>> >>>>>> On Sat, Jun 9, 2018 at 9:07 PM shibsankar wrote: >>>>>> >>>>>>> Hi, >>>>>>> I would like to do the following : >>>>>>> >>>>>>> >>>>>>> *My Objective *: >>>>>>> >>>>>>> I have published my API in WSO2 API Gateway. API is working fine. >>>>>>> >>>>>>> Now I would like to secure my API with OAuth 2.0. I plan to invoke >>>>>>> the published API with OAuth 2.0 token from my Angular front-end >>>>>>> application. >>>>>>> >>>>>>> >>>>>>> *My Query *: >>>>>>> How do I get the OAuth 2.0 token? >>>>>>> >>>>>>> *Q1*: Do I need to install WSO2 Identity server to get OAuth 2.0 >>>>>>> token? *Or *I can get OAuth token from WSO2 API Manager itself? >>>>>>> >>>>>>> *Q2*: Is there any WSO2 OAuth 2.0 API which provides OAuth token >>>>>>> when invoked? whats the URL? >>>>>>> >>>>>>> Regards >>>>>>> Shib >>>>>>> ___ >>>>>>> Dev mailing list >>>>>>> Dev@wso2.org >>>>>>> http://wso2.org/cgi-bin/mailman/listinfo/dev >>>>>>> >>>>>> >>>>>> >>>>>> -- >>>>>> *Pubudu Gunatilaka* >>>>>> Committer and PMC Member - Apache Stratos >>>>>> Senior Software Engineer >>>>>> WSO2, Inc.: http://wso2.com >>>>>> mobile : +94774078049 >>>>>> >>>>>> >>>>> >>>> >>>> -- >>>> Harsha Kumara >>>> Associate Technical Lead, WSO2 Inc. >>>> Mobile: +94775505618 >>>> Blog:harshcreationz.blogspot.com >>>> >>> >>> >>> ___ >>> Dev mailing list >>> Dev@wso2.org >>> http://wso2.org/cgi-bin/mailman/listinfo/dev >>> >>> >> >> >> -- >> *Janak Amarasena* >> >> Software Engineer >> >> Email: ja...@wso2.com >> >> Mobile: +9464144 >> >> Web: https://wso2.com >> >> >> <http://wso2.com/signature> >> > > -- *Janak Amarasena* Software Engineer Email: ja...@wso2.com Mobile: +9464144 Web: https://wso2.com <http://wso2.com/signature> ___ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev
Re: [Dev] WSO2 and OAuth 2.0
> > (1) Does consumer_key and consumer_password has any expiry time? No, it doesn't expire. > (2) I see Token API has responded with Oauth2 token with a field *expires_in > = 13940*. Does it mean this token would expire *after 13940 seconds once > I receive it*? > Yes, it is normally set to expire after a certain amount of time(it is possible to adjust the time[1]). [1] - https://docs.wso2.com/display/AM210/Client+Credentials+Grant On Sun, Jun 10, 2018 at 2:31 PM, shibsankar wrote: > Yup. Its working fine now. > > I get Oauth2 token now. Please see screenshot (*oauth-token-received > screenshot attached*) > > Also, I can use this token to invoke my published API and I get API > response ! ! (*api response screenshot attached*) > > This is very good. > > > Two question here, > > (1) Does consumer_key and consumer_password has any expiry time? > (2) I see Token API has responded with Oauth2 token with a field *expires_in > = 13940*. Does it mean this token would expire *after 13940 seconds once > I receive it*? > > Regards > Shib > > > > > > > > On Sun, Jun 10, 2018 at 1:54 PM, Janak Amarasena wrote: > >> Have you specified a grant type? You need to specify a grant type like >> bellow (the following is for client credentials grant type); >> >> >> >> >> You can directly import curl commands into Postman as well. >> >> Best Regards, >> >> On Sun, Jun 10, 2018 at 1:30 PM, shibsankar wrote: >> >>> Yes. I tested with correct header and base 64 encoded consumer key >>> value in POSTMAN now (*postman-testing screenshot attached*) >>> >>> Verified that I'm testing with the same parameters and values as shown >>> by generated curl also. (*curl-OAuth screenshot attached*) >>> >>> Still, No OAuth2 token received. >>> >>> What is going wrong? >>> >>> Regards >>> Shib >>> >>> >>> On Sun, Jun 10, 2018 at 12:56 PM, Janak Amarasena >>> wrote: >>> >>>> Hi Shib, >>>> >>>> As I can see the way you're sending the consumer_key and >>>> consumer_secret is wrong. >>>> >>>> It should be in the *Authorization* header in the following form. >>>> >>>> *key* = Base64 encoded consumer_key:consumer_secret >>>> >>>> and the *Authorization *header value should look like this. >>>> >>>> *Authorization: Basic key* >>>> >>>> >>>> >>>> ** >>>> Best Regards, >>>> >>>> On Sun, Jun 10, 2018 at 12:33 PM, shibsankar wrote: >>>> >>>>> Yes. I see consumer key and consumer secret now when I click generate >>>>> key (*screenshot key-value attached*) >>>>> >>>>> However, when I call token API with these key and secrets from >>>>> Postman, I don't receive any OAuth 2 token. (*screenshot >>>>> access-token attached*) >>>>> >>>>> What is going wrong ? >>>>> >>>>> Regards >>>>> Shib >>>>> >>>>> >>>>> >>>>> On Sun, Jun 10, 2018 at 11:53 AM, Harsha Kumara >>>>> wrote: >>>>> >>>>>> >>>>>> >>>>>> On Sun, Jun 10, 2018 at 11:16 AM shibsankar wrote: >>>>>> >>>>>>> I checked [1] https://docs.wso2.com/disp >>>>>>> lay/AM210/Subscribe+to+an+API , yes, It gives a token for sure >>>>>>> when you subscribe API. >>>>>>> >>>>>>> But is it an Oauth2 token? Or just a normal access token? >>>>>>> >>>>>> API Manager is compliant with OAuth2 specification. Hence the tokens >>>>>>> you obtained will use OAuth2. When you click generate keys button, you >>>>>>> will receive a consumer key and secret. >>>>>>> *Please see the screenshot attached.* >>>>>>> >>>>>>> Regards >>>>>>> Shib >>>>>>> >>>>>>> >>>>>>> >>>>>>> On Sun, Jun 10, 2018 at 9:47 AM, Pubudu Gunatilaka >>>>>> > wrote: >>>>>>> >>>>>>>> Hi Shib, >>>>>>>> >>>>>>>> You can refer [1] for getting the token. This expl
Re: [Dev] [WSO2 EI 6.1.1] DSS Error
t;> at org.apache.axiom.om.impl.llom.OMNodeImpl.setParent( >>>>>> OMNodeImpl.java:105) >>>>>> at org.apache.axiom.om.impl.llom.OMElementImpl.addChild( >>>>>> OMElementImpl.java:296) >>>>>> at org.apache.axiom.om.impl.llom.OMElementImpl.addChild( >>>>>> OMElementImpl.java:212) >>>>>> at org.apache.axiom.soap.impl.llom.SOAPBodyImpl.addChild( >>>>>> SOAPBodyImpl.java:231) >>>>>> at org.apache.axis2.json.gson.JSONMessageHandler.invoke( >>>>>> JSONMessageHandler.java:84) >>>>>> at org.apache.axis2.engine.Phase.invokeHandler(Phase.java:340) >>>>>> at org.apache.axis2.engine.Phase.invoke(Phase.java:313) >>>>>> at org.apache.axis2.engine.AxisEngine.invoke(AxisEngine.java:261) >>>>>> at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:167) >>>>>> at org.apache.synapse.transport.passthru.ServerWorker. >>>>>> processNonEntityEnclosingRESTHandler(ServerWorker.java:326) >>>>>> at org.apache.synapse.transport.passthru.ServerWorker. >>>>>> processEntityEnclosingRequest(ServerWorker.java:372) >>>>>> at org.apache.synapse.transport.passthru.ServerWorker.run( >>>>>> ServerWorker.java:151) >>>>>> at org.apache.axis2.transport.base.threads.NativeWorkerPool$ >>>>>> 1.run(NativeWorkerPool.java:172) >>>>>> at java.util.concurrent.ThreadPoolExecutor.runWorker( >>>>>> ThreadPoolExecutor.java:1149) >>>>>> at java.util.concurrent.ThreadPoolExecut >>>>>> >>>>>> any idea for this ? >>>>>> >>>>>> >>>>>> >>>>>> -- >>>>>> Thank You, >>>>>> Best Regards, >>>>>> >>>>>> Sidath Weerasinghe >>>>>> Senior Software Engineer >>>>>> M: +94719802550 | E: sid...@wso2telco.com >>>>>> Blog: https://medium.com/@sidath >>>>>> Linkedin: https://lk.linkedin.com/in/sidathweerasinghe >>>>>> >>>>>> >>>>>> ___ >>>>>> Dev mailing list >>>>>> Dev@wso2.org >>>>>> http://wso2.org/cgi-bin/mailman/listinfo/dev >>>>>> >>>>>> >>>>> >>>>> >>>>> -- >>>>> Best Regards.. >>>>> >>>>> Chanika Geeganage >>>>> +94773522586 >>>>> WSO2, Inc.; http://wso2.com >>>>> >>>>> >>>> >>>> -- >>>> Thank You, >>>> Best Regards, >>>> >>>> Sidath Weerasinghe >>>> Senior Software Engineer >>>> M: +94719802550 | E: sid...@wso2telco.com >>>> Blog: https://medium.com/@sidath >>>> Linkedin: https://lk.linkedin.com/in/sidathweerasinghe >>>> >>>> >>> >>> -- >>> Thank You, >>> Best Regards, >>> >>> Sidath Weerasinghe >>> Senior Software Engineer >>> M: +94719802550 | E: sid...@wso2telco.com >>> Blog: https://medium.com/@sidath >>> Linkedin: https://lk.linkedin.com/in/sidathweerasinghe >>> >>> >>> ___ >>> Dev mailing list >>> Dev@wso2.org >>> http://wso2.org/cgi-bin/mailman/listinfo/dev >>> >>> >> >> >> -- >> *Madhawa Gunasekara* >> Senior Software Engineer >> WSO2 Inc.; http://wso2.com >> lean.enterprise.middleware >> >> mobile: +94 719411002 <+94+719411002> >> blog: *http://madhawa-gunasekara.blogspot.com >> <http://madhawa-gunasekara.blogspot.com>* >> linkedin: *http://lk.linkedin.com/in/mgunasekara >> <http://lk.linkedin.com/in/mgunasekara>* >> > > > -- > Thank You, > Best Regards, > > Sidath Weerasinghe > Senior Software Engineer > M: +94719802550 | E: sid...@wso2telco.com > Blog: https://medium.com/@sidath > Linkedin: https://lk.linkedin.com/in/sidathweerasinghe > > > ___ > Dev mailing list > Dev@wso2.org > http://wso2.org/cgi-bin/mailman/listinfo/dev > > -- *Janak Amarasena* Software Engineer Email: ja...@wso2.com Mobile: +9464144 Web: https://wso2.com <http://wso2.com/signature> ___ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev
[Dev] [SP][UX]Dashboard widget drill down views
Hi, What is the best practice when creating a drilled down view in a widget? Is it to completely replace the existing view with the new one or to give a popped up view of the details(which may be overlayed over other widgets). It is also required to move back and forth between the main view and the drilled down view. Thank you, Best Regards, -- *Janak Amarasena* Software Engineer Email: ja...@wso2.com Mobile: +9464144 Web: https://wso2.com <http://wso2.com/signature> ___ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev
Re: [Dev] [SP][UX]Dashboard widget drill down views
Thank you @Imesh and @Eranga Best Regards, Janak On Fri, Jul 20, 2018 at 10:30 AM, Eranga Liyanage wrote: > + Analytics > > Hi Janak, > > Providing a popup view is not a good practice. If you have consistent > views its good to show on the same widget. If you have a totally different > view or too much data to show, it's better to direct to a different page. > > Best regards > Eranga > > On Fri, Jul 20, 2018 at 10:18 AM Imesh Chandrasiri > wrote: > >> Hi Janak, >> >> When it comes to a drilled down chat, the user clearly should know that >> the chart is showing more detailed data in it, while interacting with it. >> Furthermore I found an article[1] which discuss how an intuitive drilled >> down chart should be designed and the points we should consider when >> designing one. >> >> [1] - https://www.fusioncharts.com/charting-best-practices/ >> drill-down-interface/ >> >> *Thanks and Best Regards,* >> Imesh Ashandimal Chandrasiri >> *Software Engineer* >> WSO2, Inc. >> lean . enterprise . middleware >> *E:* ime...@wso2.com | *P:* 0716519187 >> >> >> Disclaimer: This communication may contain privileged or other >> confidential information and is intended exclusively for the addressee/s. >> If you are not the intended recipient/s, or believe that you may have >> received this communication in error, please reply to the sender indicating >> that fact and delete the copy you received and in addition, you should not >> print, copy, retransmit, disseminate, or otherwise use the information >> contained in this communication. Internet communications cannot be >> guaranteed to be timely, secure, error or virus-free. The sender does not >> accept liability for any errors or omissions. >> >> >> On Thu, Jul 19, 2018 at 8:27 PM Janak Amarasena wrote: >> >>> Hi, >>> >>> What is the best practice when creating a drilled down view in a widget? >>> Is it to completely replace the existing view with the new one or to give a >>> popped up view of the details(which may be overlayed over other widgets). >>> It is also required to move back and forth between the main view and the >>> drilled down view. >>> >>> Thank you, >>> Best Regards, >>> >>> -- >>> *Janak Amarasena* >>> >>> Software Engineer >>> >>> Email: ja...@wso2.com >>> >>> Mobile: +9464144 >>> >>> Web: https://wso2.com >>> >>> >>> <http://wso2.com/signature> >>> ___ >>> Dev mailing list >>> Dev@wso2.org >>> http://wso2.org/cgi-bin/mailman/listinfo/dev >>> >> ___ >> Dev mailing list >> Dev@wso2.org >> http://wso2.org/cgi-bin/mailman/listinfo/dev >> > > > -- > *Eranga Liyanage* > Senior UX Engineer | WSO2 > Mob : +94 77 395 > Blog : https://medium.com/@erangatl > Linkedin : https://www.linkedin.com/in/erangaliyanage > > -- *Janak Amarasena* Software Engineer Email: ja...@wso2.com Mobile: +9464144 Web: https://wso2.com <http://wso2.com/signature> ___ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev
Re: [Dev] [VOTE] Release WSO2 Identity Server 5.7.0 RC2
;>>>>><https://github.com/wso2/product-is/milestone/52?closed=1> >>>>>>- >>>>>> >>>>>>5.7.0-Beta2 fixes >>>>>><https://github.com/wso2/product-is/milestone/57?closed=1> >>>>>>- >>>>>> >>>>>>5.7.0-Beta fixes >>>>>><https://github.com/wso2/product-is/milestone/54?closed=1> >>>>>>- >>>>>> >>>>>>5.7.0-Alpha3 fixes >>>>>><https://github.com/wso2/product-is/milestone/53?closed=1> >>>>>>- >>>>>> >>>>>>5.7.0-Alpha2 fixes >>>>>><https://github.com/wso2/product-is/milestone/51?closed=1> >>>>>>- >>>>>> >>>>>>5.7.0-Alpha fixes >>>>>><https://github.com/wso2/product-is/milestone/50?closed=1> >>>>>>- >>>>>> >>>>>>5.7.0-M5 fixes >>>>>><https://github.com/wso2/product-is/milestone/49?closed=1> >>>>>>- >>>>>> >>>>>>5.7.0-M4 fixes >>>>>><https://github.com/wso2/product-is/milestone/48?closed=1> >>>>>>- >>>>>> >>>>>>5.7.0-M3 fixes >>>>>><https://github.com/wso2/product-is/milestone/47?closed=1> >>>>>>- >>>>>> >>>>>>5.7.0-M2 fixes >>>>>><https://github.com/wso2/product-is/milestone/46?closed=1> >>>>>>- >>>>>> >>>>>>5.7.0-M1 fixes >>>>>><https://github.com/wso2/product-is/milestone/45?closed=1> >>>>>> >>>>>> >>>>>> Source and distribution, >>>>>> >>>>>> >>>>>>Runtime - https://github.com/wso2/product-is/releases/v5.7.0-rc2 >>>>>> >>>>>> >>>>>> >>>>>> Please download, test the product and vote. >>>>>> >>>>>> >>>>>>[+] Stable - go ahead and release >>>>>> >>>>>>[-] Broken - do not release (explain why) >>>>>> >>>>>> >>>>>> >>>>>> Thanks, >>>>>> >>>>>> - WSO2 Identity and Access Management Team - >>>>>> -- >>>>>> >>>>>> *Senthalan Kanagalingam* >>>>>> *Software Engineer - WSO2 Inc.* >>>>>> *Mobile : +94 (0) 77 18 77 466* >>>>>> <http://wso2.com/signature> >>>>>> >>>>> >>>>> >>>>> -- >>>>> Maduranga Siriwardena >>>>> Associated Technical Lead >>>>> WSO2 Inc; http://wso2.com/ >>>>> >>>>> Email: madura...@wso2.com >>>>> Mobile: +94718990591 >>>>> Blog: *https://madurangasiriwardena.wordpress.com/ >>>>> <https://madurangasiriwardena.wordpress.com/>* >>>>> <http://wso2.com/signature> >>>>> ___ >>>>> Dev mailing list >>>>> Dev@wso2.org >>>>> http://wso2.org/cgi-bin/mailman/listinfo/dev >>>>> >>>> >>>> >>>> -- >>>> *Dinali Rosemin Dabarera* >>>> Software Engineer >>>> WSO2 Lanka (pvt) Ltd. >>>> Web: http://wso2.com/ >>>> Email : gdrdabar...@gmail.com >>>> LinkedIn <https://lk.linkedin.com/in/dinalidabarera> >>>> Mobile: +94770198933 >>>> >>>> >>>> >>>> >>>> <https://lk.linkedin.com/in/dinalidabarera> >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>>> ___ >>>> Dev mailing list >>>> Dev@wso2.org >>>> http://wso2.org/cgi-bin/mailman/listinfo/dev >>>> >>>> >>> >>> >>> -- >>> *Dinika Senarath* >>> *Intern Software Engineer* >>> *WSO2* >>> >>> ___ >>> Dev mailing list >>> Dev@wso2.org >>> http://wso2.org/cgi-bin/mailman/listinfo/dev >>> >>> >> >> >> -- >> >> *Winma Heenatigala* >> *Trainee Software Engineer | WSO2* >> >> *Mobile : +94719132444* >> >> >> >> ___ >> Dev mailing list >> Dev@wso2.org >> http://wso2.org/cgi-bin/mailman/listinfo/dev >> > > ___ > Dev mailing list > Dev@wso2.org > http://wso2.org/cgi-bin/mailman/listinfo/dev > > -- *Janak Amarasena* Software Engineer Email: ja...@wso2.com Mobile: +9464144 Web: https://wso2.com <http://wso2.com/signature> ___ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev
Re: [Dev] [Architecture] [VOTE] Release WSO2 Identity Server 5.7.0 RC3
gt;- >>>>> >>>>>5.7.0-Alpha3 fixes >>>>><https://github.com/wso2/product-is/milestone/53?closed=1> >>>>>- >>>>> >>>>>5.7.0-Alpha2 fixes >>>>><https://github.com/wso2/product-is/milestone/51?closed=1> >>>>>- >>>>> >>>>>5.7.0-Alpha fixes >>>>><https://github.com/wso2/product-is/milestone/50?closed=1> >>>>>- >>>>> >>>>>5.7.0-M5 fixes >>>>><https://github.com/wso2/product-is/milestone/49?closed=1> >>>>>- >>>>> >>>>>5.7.0-M4 fixes >>>>><https://github.com/wso2/product-is/milestone/48?closed=1> >>>>>- >>>>> >>>>>5.7.0-M3 fixes >>>>><https://github.com/wso2/product-is/milestone/47?closed=1> >>>>>- >>>>> >>>>>5.7.0-M2 fixes >>>>><https://github.com/wso2/product-is/milestone/46?closed=1> >>>>>- >>>>> >>>>>5.7.0-M1 fixes >>>>><https://github.com/wso2/product-is/milestone/45?closed=1> >>>>> >>>>> >>>>> Source and distribution, >>>>> >>>>> >>>>>Runtime - https://github.com/wso2/product-is/releases/v5.7.0-rc3 >>>>> >>>>> >>>>> >>>>> Please download, test the product and vote. >>>>> >>>>> >>>>>[+] Stable - go ahead and release >>>>> >>>>>[-] Broken - do not release (explain why) >>>>> >>>>> >>>>> >>>>> Thanks, >>>>> >>>>> - WSO2 Identity and Access Management Team - >>>>> -- >>>>> >>>>> *Senthalan Kanagalingam* >>>>> *Software Engineer - WSO2 Inc.* >>>>> *Mobile : +94 (0) 77 18 77 466* >>>>> <http://wso2.com/signature> >>>>> >>>> ___ >>>> Dev mailing list >>>> Dev@wso2.org >>>> http://wso2.org/cgi-bin/mailman/listinfo/dev >>>> >>> >>> >>> -- >>> Minoli Perera, >>> Software Engineer, WSO2, Inc. >>> E-mail : mino...@wso2.com >>> Mobile : +94771567527 >>> <http://wso2.com/signature> >>> >>> ___ >>> Dev mailing list >>> Dev@wso2.org >>> http://wso2.org/cgi-bin/mailman/listinfo/dev >>> >>> >> >> >> -- >> >> *Winma Heenatigala* >> *Trainee Software Engineer | WSO2* >> >> *Mobile : +94719132444* >> >> >> >> ___ >> Architecture mailing list >> architect...@wso2.org >> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture >> > > > -- > *Tharindu Bandara* > Software Engineer | WSO2 > > Email : tharin...@wso2.com > Mobile : +94 714221776 > web : http://wso2.com > <https://www.google.com/url?q=http://wso2.com&sa=D&ust=151765338399&usg=AFQjCNFggB4bSJTKmdqKcBV0VY9xx1ABKg> > > https://wso2.com/signature > > ___ > Dev mailing list > Dev@wso2.org > http://wso2.org/cgi-bin/mailman/listinfo/dev > > -- *Janak Amarasena* Software Engineer Email: ja...@wso2.com Mobile: +9464144 Web: https://wso2.com <http://wso2.com/signature> ___ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev
Re: [Dev] [Architecture] [VOTE] Release of WSO2 Identity Server Analytics 5.7.0 RC3
Hi All, I have tested the following and no issues were found. - Successful local login attempt - Failed local login attempt - Suspicious login attempt [+] Stable - go ahead and release. Best Regards, Janak On Tue, Sep 18, 2018 at 5:21 PM, Tharindu Bandara wrote: > Hi all, > > I have tested the followings on WSO2 Identity Server Analytics 5.7.0 RC3. > >- Risk based adaptive authentication. >- Successful local login attempt. >- Failed local login attempt. >- Suspicious login attempt. > > No blocking issues were found. > > *[+] Stable - go ahead and release* > > Thanks, > Tharindu > > On Tue, Sep 18, 2018 at 5:07 PM Chamath Samarawickrama > wrote: > >> Hi, >> >> I have tested the following on WSO2 Identity Server Analytics 5.7.0 RC3. >> >>- Overall login attempts dashboard >>- Suspicious login attempts dashboard >>- Login sessions dashboard >>- Configuring risk-based Adaptive Authentication >> >> No blocking issues were found. >> >> *[+] Stable - go ahead and release* >> >> Thanks, >> Chamath >> >> On Tue, Sep 18, 2018 at 3:42 PM Nuwandi Wickramasinghe >> wrote: >> >>> Hi All, >>> >>> >>> We are pleased to announce the third release candidate of WSO2 Identity >>> Server Analytics 5.7.0. >>> >>> >>> This release fixes the following issues, >>> >>> >>> >>>- 5.7.0-RC3 Fixes >>><https://github.com/wso2/analytics-is/milestone/4?closed=1> >>>- 5.7.0-RC2 Fixes >>><https://github.com/wso2/analytics-is/milestone/3?closed=1> >>>- 5.7.0-RC1 Fixes >>><https://github.com/wso2/analytics-is/milestone/2?closed=1> >>> >>> >>> >>> Source and distribution, >>> >>> >>>- https://github.com/wso2/analytics-is/releases/v5.7.0-rc3 >>> >>> >>> >>> Please download, test the product and vote. >>> >>> >>>[+] Stable - go ahead and release >>> >>>[-] Broken - do not release (explain why) >>> >>> >>> >>> Thanks, >>> >>> - WSO2 Identity and Access Management Team - >>> >>> -- >>> >>> Best Regards, >>> >>> Nuwandi Wickramasinghe >>> >>> Senior Software Engineer >>> >>> WSO2 Inc. >>> >>> Web : http://wso2.com >>> >>> Mobile : 0719214873 >>> >> >> >> -- >> *C**h**amath Samarawickrama* >> Intern | WSO2, Inc. >> Mobile : +94772598944 >> Twitter <https://twitter.com/htamahc> LinkedIn >> <https://www.linkedin.com/in/htamahc/> GitHub >> <https://github.com/htamahc> >> ___ >> Dev mailing list >> Dev@wso2.org >> http://wso2.org/cgi-bin/mailman/listinfo/dev >> > > > -- > *Tharindu Bandara* > Software Engineer | WSO2 > > Email : tharin...@wso2.com > Mobile : +94 714221776 > web : http://wso2.com > <https://www.google.com/url?q=http://wso2.com&sa=D&ust=151765338399&usg=AFQjCNFggB4bSJTKmdqKcBV0VY9xx1ABKg> > > https://wso2.com/signature > > ___ > Architecture mailing list > architect...@wso2.org > https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture > > -- *Janak Amarasena* Software Engineer Email: ja...@wso2.com Mobile: +9464144 Web: https://wso2.com <http://wso2.com/signature> ___ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev
Re: [Dev] getting error while building wso2/product-iots
Hi Syed, You need to build product-iots in the following order. 1. carbon-device-mgt 2. carbon-device-mgt-plugins 3. product-iots Also when building *product-**iots* check the dependency versions for *carbon-device-mgt *and* carbon-device-mgt-plugins *from the main pom in product-iots. For the current master branch of product-iots you will need the following versions of the other 2 repos. 1. carbon-device-mgt - https://github.com/wso2/carbon-device-mgt/tree/v3.1.51 2. carbon-device-mgt-plugins - https://github.com/wso2/carbon-device-mgt-plugins/tree/v4.1.20 With those, I was able to successfully build product-iots. Hope this helps. Best Regards, Janak On Sun, Apr 7, 2019 at 9:13 AM Syed Hasan wrote: > [INFO] > [INFO] --- replacer:1.5.2:replace (replace-for-thrift) @ wso2iot --- > [ERROR] File > 'C:\wso2\product-iots\modules\distribution\..\p2-profile\iot-core-profile\target\wso2carbon-core-4.4.26\wso2\conf\identity\thrift-authentication.xml' > does not exist > [INFO] Replacement run on 0 file. > [INFO] > > [INFO] Reactor Summary: > ___ > Dev mailing list > Dev@wso2.org > http://wso2.org/cgi-bin/mailman/listinfo/dev > -- *Janak Amarasena* Software Engineer Email: ja...@wso2.com Mobile: +9464144 Web: https://wso2.com <http://wso2.com/signature> ___ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev
Re: [Dev] getting error while building wso2/product-iots
Hi Syed, You can find the documentation related to the WSO2 IoT server from here[1]. It has all the related information you will need to setup the server. [1] - https://docs.wso2.com/display/IoTS320/WSO2+IoT+Server+Documentation Also if you are interested you can find the agent apps used by the IoT server for Andriod and iOS from the below repos. Android - https://github.com/wso2/cdmf-agent-android iOS - https://github.com/wso2/cdmf-agent-ios Not sure what you are trying to archive using the dashboard server with the IoT server. You can find the instructions to set up the dashboard server here[2] [2] - https://github.com/wso2/carbon-dashboards/blob/master/README.md Hope this helps, Best Regards, Janak On Mon, Apr 8, 2019 at 11:47 PM Syed Hasan wrote: > Hi Janak, > Thanks a lot for your reply. I truly appreciate your cooperation. I'll > check that. > Meanwhile, can you please guide me how to setup my dev environment for > product-iots with dashboard? ie. where can I get DB script for MDM and > what are the projects will I need? There're 282 repos in > https://github.com/wso2 and I checked > https://wso2.github.io/github-repositories.html > > WSO2 IoT Server > > github.com/wso2/carbon-device-mgt > <https://github.com/wso2/carbon-device-mgt.git> > > github.com/wso2/carbon-device-mgt-plugins > <https://github.com/wso2/carbon-device-mgt-plugins.git> > > github.com/wso2/product-iots <https://github.com/wso2/product-iots.git> > > WSO2 Dashboard Server > > github.com/wso2/carbon-dashboards > <https://github.com/wso2/carbon-dashboards.git> > > github.com/wso2/product-ds <https://github.com/wso2/product-ds.git> > > But unfortunately I couldn't find any clear instructions or documentation > how to setup the MDM for your dev environment. > > I've posted my query in Dev@wso2.org but sadly I've not gotten any replay > yet. > > Awaiting for your reply. > Kindest regards, > Hasan > > On Mon, Apr 8, 2019 at 12:56 AM Janak Amarasena wrote: > >> Hi Syed, >> >> You need to build product-iots in the following order. >> >>1. carbon-device-mgt >>2. carbon-device-mgt-plugins >>3. product-iots >> >> Also when building *product-**iots* check the dependency versions for >> *carbon-device-mgt >> *and* carbon-device-mgt-plugins *from the main pom in product-iots. >> For the current master branch of product-iots you will need the >> following versions of the other 2 repos. >> >>1. carbon-device-mgt - >>https://github.com/wso2/carbon-device-mgt/tree/v3.1.51 >>2. carbon-device-mgt-plugins - >>https://github.com/wso2/carbon-device-mgt-plugins/tree/v4.1.20 >> >> With those, I was able to successfully build product-iots. >> >> Hope this helps. >> >> Best Regards, >> Janak >> >> On Sun, Apr 7, 2019 at 9:13 AM Syed Hasan wrote: >> >>> [INFO] >>> [INFO] --- replacer:1.5.2:replace (replace-for-thrift) @ wso2iot --- >>> [ERROR] File >>> 'C:\wso2\product-iots\modules\distribution\..\p2-profile\iot-core-profile\target\wso2carbon-core-4.4.26\wso2\conf\identity\thrift-authentication.xml' >>> does not exist >>> [INFO] Replacement run on 0 file. >>> [INFO] >>> ---- >>> [INFO] Reactor Summary: >>> ___ >>> Dev mailing list >>> Dev@wso2.org >>> http://wso2.org/cgi-bin/mailman/listinfo/dev >>> >> >> >> -- >> *Janak Amarasena* >> >> Software Engineer >> >> Email: ja...@wso2.com >> >> Mobile: +9464144 >> >> Web: https://wso2.com >> >> >> <http://wso2.com/signature> >> > -- *Janak Amarasena* Software Engineer Email: ja...@wso2.com Mobile: +9464144 Web: https://wso2.com <http://wso2.com/signature> ___ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev
Re: [Dev] getting error while building wso2/product-iots
Hi Syed, The IoT server comes with its own UI, therefore you will not need the dashboard server. You will be getting the same IoT server distribution from the download in here[1] as you build from the source code. Therefore after building the source code and getting the distribution, you can run it as instructed in the docs. [1] https://docs.wso2.com/display/IOTS330/Downloading+the+Product So, basically, you can follow this guide[2] to setup the IoT server. [2] - https://docs.wso2.com/display/IOTS330/Installation+Guide Since you already have the IoT Server distribution from building the source code, you can skip "Downloading the Product" part and start with "Installing the Product". On a separate note, I have CCied @WSO2 Developers' List so others will also be able to help out with your queries. Therefore please CC @WSO2 Developers' List in the future :) Best Regards, Janak On Wed, Apr 10, 2019 at 7:40 AM Syed Hasan wrote: > Hi Janak, > Thanks again for your reply. I'm looking for info how to run the IoT > server from source code. I checked the link > https://docs.wso2.com/display/IOTS330/Working+with+the+Source+Code > And WSO2 GitHub Repositories > <https://wso2.github.io/github-repositories.html> shows me all the > related github repos. > But I'm looking for some concrete instructions how to run that IoT project > from source code... which repos are required and where can I get the DB > scripts etc. > BTW, I thought that the dashboard is for IoT server's frontend. ie. UI for > IoT server. isn't it? > > Please let me know your comments. > Thanks a lot again for your cooperation. > > Kindest regards, > Hasan > > > On Tue, Apr 9, 2019 at 3:12 PM Janak Amarasena wrote: > >> Hi Syed, >> >> You can find the documentation related to the WSO2 IoT server from >> here[1]. It has all the related information you will need to setup the >> server. >> [1] - https://docs.wso2.com/display/IoTS320/WSO2+IoT+Server+Documentation >> >> Also if you are interested you can find the agent apps used by the IoT >> server for Andriod and iOS from the below repos. >> Android - https://github.com/wso2/cdmf-agent-android >> iOS - https://github.com/wso2/cdmf-agent-ios >> >> Not sure what you are trying to archive using the dashboard server with >> the IoT server. >> You can find the instructions to set up the dashboard server here[2] >> [2] - https://github.com/wso2/carbon-dashboards/blob/master/README.md >> >> Hope this helps, >> >> Best Regards, >> Janak >> >> >> On Mon, Apr 8, 2019 at 11:47 PM Syed Hasan wrote: >> >>> Hi Janak, >>> Thanks a lot for your reply. I truly appreciate your cooperation. I'll >>> check that. >>> Meanwhile, can you please guide me how to setup my dev environment for >>> product-iots with dashboard? ie. where can I get DB script for MDM and >>> what are the projects will I need? There're 282 repos in >>> https://github.com/wso2 and I checked >>> https://wso2.github.io/github-repositories.html >>> >>> WSO2 IoT Server >>> >>> github.com/wso2/carbon-device-mgt >>> <https://github.com/wso2/carbon-device-mgt.git> >>> >>> github.com/wso2/carbon-device-mgt-plugins >>> <https://github.com/wso2/carbon-device-mgt-plugins.git> >>> >>> github.com/wso2/product-iots <https://github.com/wso2/product-iots.git> >>> >>> WSO2 Dashboard Server >>> >>> github.com/wso2/carbon-dashboards >>> <https://github.com/wso2/carbon-dashboards.git> >>> >>> github.com/wso2/product-ds <https://github.com/wso2/product-ds.git> >>> >>> But unfortunately I couldn't find any clear instructions or >>> documentation how to setup the MDM for your dev environment. >>> >>> I've posted my query in Dev@wso2.org but sadly I've not gotten any >>> replay yet. >>> >>> Awaiting for your reply. >>> Kindest regards, >>> Hasan >>> >>> On Mon, Apr 8, 2019 at 12:56 AM Janak Amarasena wrote: >>> >>>> Hi Syed, >>>> >>>> You need to build product-iots in the following order. >>>> >>>>1. carbon-device-mgt >>>>2. carbon-device-mgt-plugins >>>>3. product-iots >>>> >>>> Also when building *product-**iots* check the dependency versions for >>>> *carbon-device-mgt >>>> *and* carbon-device-mgt-plugins *from the main pom in product-iots. >>>&g
Re: [Dev] [VOTE] Release WSO2 Identity Server 5.8.0 RC2
Hi All, Tested the following using MySQL 5.7 as the DB in tenant mode. Also used a JDBC(MySQL) secondary user store. - Implicit Grant type - Authorization Code Grant type - Password Grant type - Client Credential Grant type - Refresh Token Grant type - Token Revoke - Rest - Token Validation/Introspection - SP revoke client secret - SP regenerates client secret +1 go ahead and release. Best Regards, Janak On Tue, May 14, 2019 at 4:29 PM Sominda Gamage wrote: > Hi all, > > Tested SCIM2 user provisioning flow. > +1 go ahead and release. > > Regards, > Sominda. > > On Tue, May 14, 2019 at 12:22 AM Hasanthi Purnima Dissanayake < > hasan...@wso2.com> wrote: > >> Hi All, >> >> Please find the source and distribution , >> >> Runtime - https://github.com/wso2/product-is/releases/tag/v >> <https://github.com/wso2/product-is/releases/tag/v5.8.0-rc2>5.8.0-rc2 >> <https://github.com/wso2/product-is/releases/download/v5.8.0-rc2/wso2is-5.8.0.zip> >> Analytics - https://github.com/wso2/analytics-is/releases/tag/v5.8.0-rc2 >> >> Thanks, >> Hasanthi >> >> On Mon, May 13, 2019 at 11:56 PM Hasanthi Purnima Dissanayake < >> hasan...@wso2.com> wrote: >> >>> Hi all, >>> >>> We are pleased to announce the second release candidate of WSO2 Identity >>> Server 5.8.0. >>> >>> This release fixes the following issues, >>> >>>- 5.8.0-RC2 fixes >>><https://github.com/wso2/product-is/milestone/82?closed=1> >>>- 5.8.0-RC1 fixes >>><https://github.com/wso2/product-is/milestone/78?closed=1> >>>- 5.8.0-Beta5 fixes >>><https://github.com/wso2/product-is/milestone/80?closed=1> >>>- 5.8.0-Beta4 fixes >>><https://github.com/wso2/product-is/milestone/79?closed=1> >>>- 5.8.0-Beta3 fixes >>><https://github.com/wso2/product-is/milestone/77?closed=1> >>>- 5.8.0-Beta fixes >>><https://github.com/wso2/product-is/milestone/75?closed=1> >>>- 5.8.0-Alpha5 fixes >>><https://github.com/wso2/product-is/milestone/74?closed=1> >>>- 5.8.0-Alpha4 fixes >>><https://github.com/wso2/product-is/milestone/73?closed=1> >>>- 5.8.0-Alpha3 fixes >>><https://github.com/wso2/product-is/milestone/72?closed=1> >>>- 5.8.0-Alpha2 fixes >>><https://github.com/wso2/product-is/milestone/71?closed=1> >>>- 5.8.0-Alpha fixes >>><https://github.com/wso2/product-is/milestone/70?closed=1> >>>- 5.8.0-M26 fixes >>><https://github.com/wso2/product-is/milestone/69?closed=1> >>>- 5.8.0-M25 fixes >>><https://github.com/wso2/product-is/milestone/68?closed=1> >>>- 5.8.0-M24 fixes >>><https://github.com/wso2/product-is/milestone/67?closed=1> >>>- 5.8.0-M6 fixes >>><https://github.com/wso2/product-is/milestone/64?closed=1> >>>- 5.8.0-M5 fixes >>><https://github.com/wso2/product-is/milestone/63?closed=1> >>>- 5.8.0-M4 fixes >>><https://github.com/wso2/product-is/milestone/62?closed=1> >>>- 5.8.0-M3 fixes >>><https://github.com/wso2/product-is/milestone/61?closed=1> >>>- 5.8.0-M2 fixes >>><https://github.com/wso2/product-is/milestone/60?closed=1> >>>- 5.8.0-M1 fixes >>><https://github.com/wso2/product-is/milestone/59?closed=1> >>> >>> >>> Source and distribution >>> >>> Runtime - https://github.com/wso2/product-is/releases/tag/v >>> <https://github.com/wso2/product-is/releases/download/v5.8.0-rc2/wso2is-5.8.0-rc2.zip> >>> 5.8.0-rc2 >>> <https://github.com/wso2/product-is/releases/download/v5.8.0-rc2/wso2is-5.8.0.zip> >>> Analytics - >>> https://github.com/wso2/analytics-is/releases/tag/v5.8.0-rc2 >>> <https://github.com/wso2/analytics-is/releases/download/v5.8.0-rc2/wso2is-analytics-5.8.0-rc2.zip> >>> >>> >>> Please download, test the product and vote. >>> >>> [+] Stable - go ahead and release >>> [-] Broken - do not release (explain why) >>> >>> >>> Thanks, >>> - WSO2 Identity and Access Management Team - >>> >>> -- >>> >>> Hasanthi Dissanayake >>> >>> Senior Software Engineer | WSO2 >>> >>> E: hasan...@wso2.com >>> M :0718407133| http://wso2.com <http://wso2.com/> >>> >> >> >> -- >> >> Hasanthi Dissanayake >> >> Senior Software Engineer | WSO2 >> >> E: hasan...@wso2.com >> M :0718407133| http://wso2.com <http://wso2.com/> >> ___ >> Dev mailing list >> Dev@wso2.org >> http://wso2.org/cgi-bin/mailman/listinfo/dev >> > > > -- > *Sominda Gamage* | Software Engineer| WSO2 Inc. <http://wso2.com/> > (M)+94 719873902 | (E) somi...@wso2.com > <https://wso2.com/signature> > ___ > Dev mailing list > Dev@wso2.org > http://wso2.org/cgi-bin/mailman/listinfo/dev > -- *Janak Amarasena* Software Engineer Email: ja...@wso2.com Mobile: +9464144 Web: https://wso2.com <http://wso2.com/signature> ___ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev
Re: [Dev] [Architecture] [VOTE] Release WSO2 Identity Server 5.8.0 RC3
3 fixes >>>>><https://github.com/wso2/product-is/milestone/72?closed=1> >>>>>- 5.8.0-Alpha2 fixes >>>>><https://github.com/wso2/product-is/milestone/71?closed=1> >>>>>- 5.8.0-Alpha fixes >>>>><https://github.com/wso2/product-is/milestone/70?closed=1> >>>>>- 5.8.0-M26 fixes >>>>><https://github.com/wso2/product-is/milestone/69?closed=1> >>>>>- 5.8.0-M25 fixes >>>>><https://github.com/wso2/product-is/milestone/68?closed=1> >>>>>- 5.8.0-M24 fixes >>>>><https://github.com/wso2/product-is/milestone/67?closed=1> >>>>>- 5.8.0-M6 fixes >>>>><https://github.com/wso2/product-is/milestone/64?closed=1> >>>>>- 5.8.0-M5 fixes >>>>><https://github.com/wso2/product-is/milestone/63?closed=1> >>>>>- 5.8.0-M4 fixes >>>>><https://github.com/wso2/product-is/milestone/62?closed=1> >>>>>- 5.8.0-M3 fixes >>>>><https://github.com/wso2/product-is/milestone/61?closed=1> >>>>>- 5.8.0-M2 fixes >>>>><https://github.com/wso2/product-is/milestone/60?closed=1> >>>>>- 5.8.0-M1 fixes >>>>><https://github.com/wso2/product-is/milestone/59?closed=1> >>>>> >>>>> >>>>> Source and distribution >>>>> >>>>> Runtime - https://github.com/wso2/product-is/releases/tag/v >>>>> <https://github.com/wso2/product-is/releases/download/v5.8.0-rc3/wso2is-5.8.0-rc3.zip> >>>>> 5.8.0-rc3 >>>>> <https://github.com/wso2/product-is/releases/download/v5.8.0-rc3/wso2is-5.8.0-rc3.zip> >>>>> Analytics - >>>>> https://github.com/wso2/analytics-is/releases/tag/v5.8.0-rc3 >>>>> <https://github.com/wso2/analytics-is/releases/download/v5.8.0-rc3/wso2is-analytics-5.8.0-rc3.zip> >>>>> >>>>> >>>>> Please download, test the product and vote. >>>>> >>>>> [+] Stable - go ahead and release >>>>> [-] Broken - do not release (explain why) >>>>> >>>>> >>>>> Thanks, >>>>> - WSO2 Identity and Access Management Team - >>>>> >>>>> -- >>>>> >>>>> Hasanthi Dissanayake >>>>> >>>>> Senior Software Engineer | WSO2 >>>>> >>>>> E: hasan...@wso2.com >>>>> M :0718407133| http://wso2.com <http://wso2.com/> >>>>> >>>> >>>> >>>> -- >>>> >>>> Hasanthi Dissanayake >>>> >>>> Senior Software Engineer | WSO2 >>>> >>>> E: hasan...@wso2.com >>>> M :0718407133| http://wso2.com <http://wso2.com/> >>>> >>> >>> >>> -- >>> >>> *Dilin Dampahalage* >>> Software Engineer | WSO2 >>> >>> Email : di...@wso2.com >>> Mobile : +94 771 462939 >>> web : http://wso2.com >>> >>> <http://wso2.com/signature> >>> ___ >>> Dev mailing list >>> Dev@wso2.org >>> http://wso2.org/cgi-bin/mailman/listinfo/dev >>> >> >> >> -- >> *Ayesha Dissanayaka* >> Associate Technical Lead >> WSO2, Inc : http://wso2.com >> <http://www.google.com/url?q=http%3A%2F%2Fwso2.com&sa=D&sntz=1&usg=AFQjCNEZvyc0uMD1HhBaEGCBxs6e9fBObg> >> 20, Palm grove Avenue, Colombo 3 >> E-Mail: aye...@wso2.com >> Mobile: +94713580922 >> ___ >> Architecture mailing list >> architect...@wso2.org >> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture >> > > > -- > *Tharindu Bandara* > Software Engineer | WSO2 > > Email : tharin...@wso2.com > Mobile : +94 714221776 > web : http://wso2.com > <https://www.google.com/url?q=http://wso2.com&sa=D&ust=151765338399&usg=AFQjCNFggB4bSJTKmdqKcBV0VY9xx1ABKg> > > https://wso2.com/signature > ___ > Dev mailing list > Dev@wso2.org > http://wso2.org/cgi-bin/mailman/listinfo/dev > -- *Janak Amarasena* Software Engineer Email: ja...@wso2.com Mobile: +9464144 Web: https://wso2.com <http://wso2.com/signature> ___ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev
[Dev] [IS] Rest API for scopes
Hi All, We have two implementations related to scopes in the IS, one for OAuth2 scopes (for oauth2 scopes and scope bindings(role, permission etc)) and the other for OIDC scopes (for scope claim mappings). The data is also stored separately. For the OAuth2 scope management, we already have a REST API[1] and with the OAuthAdminService Soap API, we manage the OIDC scopes. When designing the REST API to include OIDC scopes management there are two ways this can be done. 1. Have a seperate API for OIDC scope managment. 2. Include the OIDC scope management and OAuth scope management in the same REST API and treat them both as a single resource when exposing it to the outside and manage them separately internally. [1] - https://docs.wso2.com/display/IS580/apidocs/OAuth2-scope-endpoint/index.html Your thoughts on this are much appreciated. Thank you, Best Regards, Janak -- *Janak Amarasena* | Software Engineer | WSO2 Inc. (m) +9464144 | (w) +94112145345 | (e) ja...@wso2.com <https://wso2.com/signature> ___ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev
