[Dev] [IDENTITY-6155] Invoking the user info endpoint without properly setting the 'Bearer' header causes server errors

2017-07-28 Thread Hasini Witharana 
Hi,

I am working on the jira IDENTITY-6155
. When Invoking the user info
endpoint without adding the access token to the 'Bearer' header causes the
server to return an ArrayIndexOutOfBoundsException with the full stacktrace
to the client.

As per the OIDC/oauth2.0 specifications[1][2], this sort of a request can
be treated as an invalid request.
Please refer the PR[3] which fixes this issue.

[1]- http://openid.net/specs/openid-connect-core-1_0.html#UserInfoError
[2]- https://tools.ietf.org/html/rfc6750#section-6.2
[3]- https://github.com/wso2-extensions/identity-inbound-auth-oauth/pull/420

Thank you.

-- 

*Hasini Witharana*
Software Engineering Intern | WSO2


*Email : hasi...@wso2.com *

*Mobile : +94713850143[image: http://wso2.com/signature]
*
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] Please review and merge the pull request

2017-07-28 Thread Farasath Ahamed 
On Fri, Jul 28, 2017 at 6:29 PM, Dewni Weeraman  wrote:

>
> Hi,
>
> Please merge the pull request [1] which contains the fix for [2].
>
> [1] - https://github.com/wso2/carbon-kernel/pull/1456
> 
>

This PR is already merged. Is this the correct one you intended?


> [2] - https://github.com/wso2/carbon-kernel/issues/1455
>
>
> Regards,
> Dewni Weeraman
>
> --
> *Dewni Weeraman*
> Trainee Software Engineer | WSO2
>
> Email: de...@wso2.com
> Mobile: +94772979049 <+94%2077%20297%209049>
> Web: http://wso2.com/
>
>
>
>
> ___
> Dev mailing list
> Dev@wso2.org
> http://wso2.org/cgi-bin/mailman/listinfo/dev
>
>
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] jndi.properties Production Recommended Configuration

2017-07-28 Thread Júnior 
Thank you!

2017-07-28 6:40 GMT-03:00 Sashika Wijesinghe :

> Hi Junior,
>
> The connection details you have used are correct for failover scenarios.
> Refer [1] to get more information about MB failover handling.
>
>
> [1] https://docs.wso2.com/display/MB320/Handling+Failover
>
> On Thu, Jul 27, 2017 at 7:04 PM, Júnior  wrote:
>
>> Hi everyone,
>>
>> Is there any recommended jndi.properties connection setup for WSO2 MB
>> Connection?
>>
>> we have a connection string like this:
>>
>> connectionfactory.TopicConnectionFactory=amqp://admin:admin@
>> carbon/carbon?failover='roundrobin'='2'=
>> 'tcp://server1:5675?retries='5'='50';tcp://server2:5675?
>> retries='5'='50''
>>
>>
>> These MB are clustered, but sometimes I see that when it lost the
>> connection it simply is not able to reconnect.
>>
>> Is there any recommended settings to be used on this connection string
>> for a more reliable Broker connection?
>>
>> Thanks,
>> --
>> Francisco Ribeiro
>> *SCEA|SCJP|SCWCD|IBM Certified SOA Associate*
>>
>> ___
>> Dev mailing list
>> Dev@wso2.org
>> http://wso2.org/cgi-bin/mailman/listinfo/dev
>>
>>
>
>
> --
>
> *Sashika WijesingheSoftware Engineer - QA Team*
> Mobile : +94 (0) 774537487
> sash...@wso2.com
>



-- 
Francisco Ribeiro
*SCEA|SCJP|SCWCD|IBM Certified SOA Associate*
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] Please review and merge the pull request

2017-07-28 Thread Darshana Gunawardana 
Hi Farasath,

It seems like the PR **url** is correct but the hyperlink is wrong. Just
adding the PR link again to avoid the confusion.

https://github.com/wso2/carbon-kernel/pull/1456

Regards,


On Fri, Jul 28, 2017 at 6:58 PM, Farasath Ahamed  wrote:

>
>
>
> On Fri, Jul 28, 2017 at 6:29 PM, Dewni Weeraman  wrote:
>
>>
>> Hi,
>>
>> Please merge the pull request [1] which contains the fix for [2].
>>
>> [1] - https://github.com/wso2/carbon-kernel/pull/1456
>> 
>>
>
> This PR is already merged. Is this the correct one you intended?
>
>
>> [2] - https://github.com/wso2/carbon-kernel/issues/1455
>>
>>
>> Regards,
>> Dewni Weeraman
>>
>> --
>> *Dewni Weeraman*
>> Trainee Software Engineer | WSO2
>>
>> Email: de...@wso2.com
>> Mobile: +94772979049 <+94%2077%20297%209049>
>> Web: http://wso2.com/
>>
>>
>>
>>
>> ___
>> Dev mailing list
>> Dev@wso2.org
>> http://wso2.org/cgi-bin/mailman/listinfo/dev
>>
>>
>
> ___
> Dev mailing list
> Dev@wso2.org
> http://wso2.org/cgi-bin/mailman/listinfo/dev
>
>


-- 
Regards,


*Darshana Gunawardana*Associate Technical Lead
WSO2 Inc.; http://wso2.com

*E-mail: darsh...@wso2.com *
*Mobile: +94718566859*Lean . Enterprise . Middleware
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

[Dev] Please review and merge the pull request

2017-07-28 Thread Dewni Weeraman 
Hi,

Please merge the pull request [1] which contains the fix for [2].

[1] - https://github.com/wso2/carbon-kernel/pull/1456

[2] - https://github.com/wso2/carbon-kernel/issues/1455


Regards,
Dewni Weeraman

-- 
*Dewni Weeraman*
Trainee Software Engineer | WSO2

Email: de...@wso2.com
Mobile: +94772979049
Web: http://wso2.com/
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] [GSoC 2017][IS] SCIM 2.0 Compliance Test Suite

2017-07-28 Thread Vindula Jayawardana 
Hi,

As I demonstrated at the demo held today, I have been able to complete a
milestone of the project as per the timeline. As decided at the meeting, I
sent a PR[1] to the scim2-compliance-test-suite repo. Please review and
merge.

As I explained at the meeting, the current implementation[1] covers
approximately 75% of compliance test suite. A brief overview of the
implemented tests is as follows.

1. All tests for /Users Endpoint
2. All tests for /Groups Endpoint
3. /ServiceproviderConfig Endpoint
4. /ResourceType Endpoint

Following are yet to be developed.

1. /Bulk Endpoint

Since the project can accommodate additional features with the time
remaining, as Darshana pointed out, I will also be working on the following
value adding feature as well.

1. Ability to run custom test cases

Thank you

[1] : https://github.com/wso2-incubator/scim2-compliance-test-suite/pull/1

*Vindula Jayawardana*
Computer Science and Engineering Dept.
University of Moratuwa
mobile : +713462554
Email : vindul...@gmail.com






*“Respect is how to treat everyone, not just those you want to impress. "*


*-Richard Branson-*



On 10 July 2017 at 20:27, Omindu Rathnaweera  wrote:

> Hi VIndula,
>
> You can use https://github.com/wso2-incubator/scim2-compliance-test-suite
> for your development. Please send a PR with the current code.
>
> Regards,
> Omindu.
>
> On Mon, Jun 26, 2017 at 11:52 PM, Omindu Rathnaweera 
> wrote:
>
>> Scheduled the meeting on 28th Wednesday at 3.00 pm. Hope you've got the
>> request.
>>
>>
>> On Mon, Jun 26, 2017 at 11:17 PM, Vindula Jayawardana <
>> vindula...@cse.mrt.ac.lk> wrote:
>>
>>> Hi,
>>>
>>> Yes I can do a demo on the current implementation. How about the June
>>> 28th Wednesday at 3.00 pm ?
>>>
>>> Please find the following details to test the /ServiceProviderConfig
>>> endpoint.
>>>
>>> 1. Start the IS instance locally.
>>> 2. Deploy the scimproxycompliance.war
>>> 3. On the UI, select Compliance Test 2.0 tab
>>> 4. Enter the IS SCIM base url as : https://localhost:9443
>>>
>>> I have tested with mocked IS 5.3.0 instance with SCIM 2.0 support.
>>>
>>> Thank you.
>>>
>>> *Vindula Jayawardana*
>>> Computer Science and Engineering Dept.
>>> University of Moratuwa
>>> mobile : +713462554
>>> Email : vindul...@gmail.com
>>>
>>> 
>>> 
>>> 
>>> 
>>>
>>> *“Respect is how to treat everyone, not just those you want to impress.
>>> "*
>>>
>>>
>>> *-Richard Branson-*
>>>
>>>
>>>
>>> On 26 June 2017 at 10:42, Omindu Rathnaweera  wrote:
>>>
 Hi Vindula,

 Would it possible for you to arrange the demo within the evaluation
 time period (26th - 30th)? Also please share the instructions to try out
 the 'ServiceProviderConfig' test.

 Thanks,
 Omindu.

 On Tue, Jun 20, 2017 at 5:12 PM, Vindula Jayawardana <
 vindula...@cse.mrt.ac.lk> wrote:

> Hi,
>
> I was able to implement /ServiceProviderConfig endpoint compliance
> test as an end to end test [1].
>
> As discussed I used feign JAX-RS client. I did not directly use
> Charon core objects [1][2] in REST client due to json encoding and
> decoding problem as mentioned by Gayan in the previous mail. Hence
> I implemented separate object object models for this purpose.
>
> I am hoping to arrange a demo of the currently implemented test and
> also it will be better if I can get your opinions on verifying the
> architecture of the current implementation. Shall we have a quick demo
> session on Thursday (22nd) ?
>
> [1] https://github.com/Vindulamj/SCIM-2.0-Complience-Test-Suite
> [2] https://github.com/wso2/charon/blob/master/modules/charo
> n-core/src/main/java/org/wso2/charon3/core/objects/User.java
> [3] https://github.com/wso2/charon/blob/master/modules/charo
> n-core/src/main/java/org/wso2/charon3/core/objects/Group.java
>
> Thank you.
>
> *Vindula Jayawardana*
> Computer Science and Engineering Dept.
> University of Moratuwa
> mobile : +713462554
> Email : vindul...@gmail.com
>
> 
> 
> 
> 
>
> *“Respect is how to treat everyone, not just those you want to
> impress. "*
>
>
> *-Richard Branson-*
>
>
>
> On 11 June 2017 at 19:02, Gayan Gunawardana  wrote:
>
>> Hi Vindula,
>>
>> On Mon, Jun 5, 2017

Re: [Dev] Identity Server - Problems implementing a custom JDBC user store

2017-07-28 Thread Thomas LEGRAND 
Hello Nuwandi,

Thank you for your answer. Actually, I found the current implementation
from the org.wso2.carbon.identity.user.store.count_5.7.5.jar located in
/repository/components/plugins from where I found which
dependency to add to my POM and tried to implement one myself but that did
not work. I think some of the OSGi notion are missing on my side, because
even if I register my "UserSotreCountRetriever", that does not work. The
code I wrote was something like:

protected void activate(ComponentContext ctxt) {
> BundleContext bundleContext = ctxt.getBundleContext();
>
> MyUserStoreManager userStoreManager = new MyUserStoreManager();
> bundleContext.registerService(UserStoreManager.class.getName(),
> userStoreManager, null);
>
> bundleContext.registerService(UserStoreCountRetriever.class.getName(),
> userStoreManager, null);
> }
>

Of course, MyUserStoreManager implemented the UserStoreCountRetriever
interface

So, I concluded by just removing the custom "UserStoreCountRetriever" class
property and I can retrieve my usernames without any error message
concerning the counting;

However, if you have a tutorial or a documentation to implement custom
things like that for realzies, that would be cool :)

Regards,

Thomas

2017-07-28 4:17 GMT+02:00 Nuwandi Wickramasinghe :

> Hi Thomas,
>
> User counter is different from "UserStoreManager". Therefore you cannot
> give your custom User store manager class as CountRetrieverClass. [1] is
> the class used for this by default. You should be able to customize the
> count implementation by writing a new count retriever extending
> *AbstractUserStoreCountRetriever *and then providing that class as the
> "UserStoreCountRetriever". In your custom count retriever class override
> "countUsers" method and change the implementation as you wish.
>
> regards
> Nuwandi
>
> On Thu, Jul 27, 2017 at 6:59 PM, Thomas LEGRAND <
> thomas.legr...@versusmind.eu> wrote:
>
>> Hello,
>>
>> For the second problem, I know from where this came from. It is just my
>> String[] contained a null value which triggered a NPE during the
>> verification of the presence of a '|' in the name like it is written at
>> line 180 of this source code [1].
>>
>> However, the other problem remains concerning the UserStoreCountService
>> because I always have:
>>
>> [2017-07-27 15:26:20,293] ERROR {org.wso2.carbon.identity.user
>>> .store.count.UserStoreCountService} -  Error while getting user count
>>> from user store domain : myUserStore
>>> org.wso2.carbon.identity.user.store.count.exception.UserStoreCounterException:
>>> ORA-00942: Table ou vue inexistante
>>>
>>
>> Regards,
>>
>> Thomas
>>
>> [1] https://github.com/wso2-attic/carbon-identity/blob/master/co
>> mponents/user-mgt/org.wso2.carbon.user.mgt/src/main/java/org
>> /wso2/carbon/user/mgt/UserRealmProxy.java#L180
>>
>>
>> 2017-07-27 11:14 GMT+02:00 Thomas LEGRAND :
>>
>>> Hello,
>>>
>>> I am trying to create a custom JDBC user store by extending the
>>> org.wso2.carbon.user.core.jdbc.JDBCUserStoreManager. For the moment, I
>>> just implemented the doListUsers method to display them in the IS. But I
>>> can't even list my users because I have two problems:
>>>
>>> - The first one concerns the method to count the retrieved users. I
>>> noticed the default used class is org.wso2.carbon.identity.us
>>> er.store.count.jdbc.JDBCUserStoreCountRetriever but it seems to use the
>>> SQL request defined in the properties to execute the count. So I configured
>>> my user-store configuration file to use my custom JDBCUserStoreManager as
>>> "UserStoreCountRetriever". But now, the error appearing is it want to
>>> execute the "countUsers" method that I can't even see in the source code in
>>> [1]. Which interface/class should I implement/extend to allow my custom
>>> JDBCUserStoreManager to use itself as "UserStoreCountRetriever". I ask that
>>> because I have not found the source code of this class :(
>>> - The second one is the content of the list of users itself. So the call
>>> of the doListUsers. My SQL request is executed but I have a problem because
>>> a stacktrace appears tellming me that a NPE occured in the class
>>> UserRealmProxy and I don't know what to do:
>>>
>>> [2017-07-27 11:03:45,555] ERROR {org.wso2.carbon.user.mgt.UserRealmProxy}
 -
 java.lang.NullPointerException
 at org.wso2.carbon.user.mgt.UserRealmProxy.listAllUsers(UserRea
 lmProxy.java:180)
 at org.wso2.carbon.user.mgt.UserAdmin.listAllUsers(UserAdmin.ja
 va:82)
 at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
 at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAcce
 ssorImpl.java:62)
 at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMe
 thodAccessorImpl.java:43)
 at java.lang.reflect.Method.invoke(Method.java:498)
 ...
>>>
>>>
>>> In addition, I followed the

[Dev] [IS] Introducing a new attribute in CacheConfig for persistence

2017-07-28 Thread Johann Nallathamby 
Hi,

What do you think about introducing $subject to selectively persist each
and every cache we have? Right now I think all the caches are controlled by
just two attributes "SessionDataPersist.Enabled" and
"SessionDataPersist.Temporary". This classification is too broad I think
with the recent performance issues we faced. So shall we do $subject? I
think the change won't take that much effort. May be about 30mins for
Farasath :)

Thanks & Regards,
Johann.

-- 

*Johann Dilantha Nallathamby*
Senior Lead Solutions Engineer
WSO2, Inc.
lean.enterprise.middleware

Mobile - *+9476950*
Blog - *http://nallaa.wordpress.com *
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] Configuring Subject Claim URI for File based Service Provider didn't work and no proper documentation to get it done

2017-07-28 Thread Isura Karunaratne 
HI Johann,

Created a Jira to track the issue [1]. Will fix this with IS 5.4.0

Thanks
Isura.

[1] https://wso2.org/jira/browse/IDENTITY-6192

On Wed, Jul 19, 2017 at 2:29 PM, Samuel Gnaniah  wrote:

> Ack for docs. Can we get some content for this?
>
> *Samuel Gnaniah*
> Lead Technical Writer
>
> WSO2 (pvt.) Ltd.
> Colombo, Sri Lanka
> (+94) 773131798 <+94%2077%20313%201798>
>
> On Tue, Jul 18, 2017 at 10:51 AM, Johann Nallathamby 
> wrote:
>
>> Hi All,
>>
>> I tried to get "Subject Claim URI" configuration working for a file based
>> SP, pointing it to a different claim other than username, but didn't
>> succeed. Also seems our documentation is still lacking on how to get this
>> done.
>>
>> Thanks & Regards,
>> Johann.
>>
>> --
>>
>> *Johann Dilantha Nallathamby*
>> Senior Lead Solutions Engineer
>> WSO2, Inc.
>> lean.enterprise.middleware
>>
>> Mobile - *+9476950*
>> Blog - *http://nallaa.wordpress.com *
>>
>
>


-- 

*Isura Dilhara Karunaratne*
Senior Software Engineer | WSO2
Email: is...@wso2.com
Mob : +94 772 254 810
Blog : http://isurad.blogspot.com/
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] [IDENTITY-3355] Better if only warning is shown for signature verification failures

2017-07-28 Thread Rushmin Fernando 
+1 for using warning message without the stack trace. But we have to add as
much as context info to the log so that the life will be easier when coming
to support front.

On Fri, Jul 28, 2017 at 1:30 PM, Isura Karunaratne  wrote:

> Hi Sugirjan,
>
> +1 for the warning message without printing the exception trace. We can
> add exception trace as a debug log.
>
> Thanks
> Isura.
>
> On Thu, Jul 20, 2017 at 6:47 PM, Sugirjan Ragunaathan 
> wrote:
>
>> Hi,
>>
>> I'm working on the WSO2 public JIRA issue $subject [1].
>>
>> In the Source code [2], when the SAML2 signature is validated and if
>> validation exception is catched, then the exception is logged as well as
>> debug message.
>>
>> } catch (ValidationException e) {
>> if (log.isDebugEnabled()) {
>> log.debug("SAML Signature validation failed from domain : " + 
>> domainName, e);
>> }
>> }
>>
>>
>> In the Source code [3],  if validation exception is catched, then the
>> exception is logged as a warning message not as a debug message.
>>
>> } catch (IdentitySAML2SSOException e) {
>> log.warn("Signature validation failed for the SAML Message : Failed to 
>> construct the X509CredentialImpl for the alias " +
>> alias, e);
>> return false;
>> }
>>
>> What is the best implementation way for handling this exception?
>>
>> [1]Better if only warning is shown for signature verification failures
>> (not the whole exception) 
>>
>> [2]https://github.com/wso2-extensions/identity-carbon-auth-
>> saml2/blob/v5.2.3/components/org.wso2.carbon.identity.
>> authenticator.saml2.sso/src/main/java/org/wso2/carbon/
>> identity/authenticator/saml2/sso/SAML2SSOAuthenticator.java#L509
>>
>> [3]https://github.com/wso2-extensions/identity-inbound-auth-
>> saml/blob/v5.3.0/components/org.wso2.carbon.identity.sso.
>> saml/src/main/java/org/wso2/carbon/identity/sso/saml/util/
>> SAMLSSOUtil.java#L882
>>
>> Thanks.
>>
>> Regards,
>> *R. Sugirjan*
>> Software Engineering - Intern | WSO2
>>
>> Email:  sugir...@wso2.com
>> Mobile: +94768489892 <+94%2076%20848%209892>
>> 
>>
>
>
>
> --
>
> *Isura Dilhara Karunaratne*
> Senior Software Engineer | WSO2
> Email: is...@wso2.com
> Mob : +94 772 254 810 <+94%2077%20225%204810>
> Blog : http://isurad.blogspot.com/
>
>
>
>


-- 
*Best Regards*

*Rushmin Fernando*
*Technical Lead*

WSO2 Inc.  - Lean . Enterprise . Middleware

mobile : +94775615183
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] IS User Portal is validating audience against Carbon SAML2 SSO authenticator defined in authenticator.xml

2017-07-28 Thread Rushmin Fernando 
Let's consider this as the time permits.

@Johann can you please create a Jira?

On Fri, Jul 28, 2017 at 1:38 PM, Isura Karunaratne  wrote:

> Adding Rushmin
>
> On Tue, Jul 18, 2017 at 10:22 AM, Johann Nallathamby 
> wrote:
>
>> Hi All,
>>
>> We noticed $subject. I don't think this is valid because IS User Portal
>> and Carbon management console should be treated as two SPs. So user portal
>> reading the audience from authenticator.xml is wrong. Also it reads it even
>> if SAML2 SSO authenticator is disabled. So this will create even more
>> problems when both User Portal and Carbon management console is enabled for
>> SSO. Correct way of validating audience should be by defining the audience
>> in auth_config.json in the dashboard webapp.
>>
>> Can we please fix this for IS 5.4.0?
>>
>> Thanks & Regards,
>> Johann.
>>
>> --
>>
>> *Johann Dilantha Nallathamby*
>> Senior Lead Solutions Engineer
>> WSO2, Inc.
>> lean.enterprise.middleware
>>
>> Mobile - *+9476950*
>> Blog - *http://nallaa.wordpress.com *
>>
>
>
>
> --
>
> *Isura Dilhara Karunaratne*
> Senior Software Engineer | WSO2
> Email: is...@wso2.com
> Mob : +94 772 254 810 <+94%2077%20225%204810>
> Blog : http://isurad.blogspot.com/
>
>
>
>


-- 
*Best Regards*

*Rushmin Fernando*
*Technical Lead*

WSO2 Inc.  - Lean . Enterprise . Middleware

mobile : +94775615183
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

[Dev] The input stream for an incoming message is null - EI 6.1.1

2017-07-28 Thread Melodias 
Hi,

I have problem with call mediator. In my scenario I call backend using call
mediator with option blocking=true. From backend I got response and next I
call another proxy using call mediator with option blocking=true. Then I get
error:

org.apache.axis2.AxisFault: The input stream for an incoming message is
null.
at
org.apache.axis2.transport.TransportUtils.createSOAPMessage(TransportUtils.java:93)
at
org.apache.axis2.transport.TransportUtils.createSOAPMessage(TransportUtils.java:68)
at
org.apache.axis2.description.OutInAxisOperationClient.handleResponse(OutInAxisOperation.java:348)
at
org.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisOperation.java:445)
at
org.apache.axis2.description.OutInAxisOperationClient.executeImpl(OutInAxisOperation.java:225)
at
org.apache.axis2.client.OperationClient.execute(OperationClient.java:149)
at
org.apache.synapse.message.senders.blocking.BlockingMsgSender.sendReceive(BlockingMsgSender.java:302)
at
org.apache.synapse.message.senders.blocking.BlockingMsgSender.send(BlockingMsgSender.java:211)
at
org.apache.synapse.mediators.builtin.CallMediator.handleBlockingCall(CallMediator.java:150)
at
org.apache.synapse.mediators.builtin.CallMediator.mediate(CallMediator.java:113)
at
org.apache.synapse.mediators.AbstractListMediator.mediate(AbstractListMediator.java:97)
at
org.apache.synapse.mediators.AbstractListMediator.mediate(AbstractListMediator.java:59)
at
org.apache.synapse.mediators.base.SequenceMediator.mediate(SequenceMediator.java:158)
at
org.apache.synapse.core.axis2.ProxyServiceMessageReceiver.receive(ProxyServiceMessageReceiver.java:213)
at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:180)
at
org.apache.axis2.transport.local.LocalTransportReceiver.processMessage(LocalTransportReceiver.java:169)
at
org.apache.axis2.transport.local.LocalTransportReceiver.processMessage(LocalTransportReceiver.java:82)
at
org.apache.axis2.transport.local.LocalTransportSender.finalizeSendWithToAddress(LocalTransportSender.java:102)
at
org.apache.axis2.transport.local.LocalTransportSender.invoke(LocalTransportSender.java:77)
at org.apache.axis2.engine.AxisEngine.send(AxisEngine.java:442)
at
org.apache.synapse.core.axis2.DynamicAxisOperation$DynamicOperationClient.send(DynamicAxisOperation.java:185)
at
org.apache.synapse.core.axis2.DynamicAxisOperation$DynamicOperationClient.executeImpl(DynamicAxisOperation.java:167)
at
org.apache.axis2.client.OperationClient.execute(OperationClient.java:149)
at
org.apache.synapse.core.axis2.Axis2FlexibleMEPClient.send(Axis2FlexibleMEPClient.java:595)
at org.apache.synapse.core.axis2.Axis2Sender.sendOn(Axis2Sender.java:83)
at
org.apache.synapse.core.axis2.Axis2SynapseEnvironment.send(Axis2SynapseEnvironment.java:548)
at
org.apache.synapse.endpoints.AbstractEndpoint.send(AbstractEndpoint.java:382)
at
org.apache.synapse.endpoints.AddressEndpoint.send(AddressEndpoint.java:65)
at
org.apache.synapse.endpoints.IndirectEndpoint.send(IndirectEndpoint.java:55)
at
org.apache.synapse.mediators.builtin.SendMediator.mediate(SendMediator.java:121)
at
org.apache.synapse.mediators.AbstractListMediator.mediate(AbstractListMediator.java:97)
at
org.apache.synapse.mediators.AbstractListMediator.mediate(AbstractListMediator.java:59)
at
org.apache.synapse.config.xml.AnonymousListMediator.mediate(AnonymousListMediator.java:37)
at org.apache.synapse.config.xml.SwitchCase.mediate(SwitchCase.java:69)
at
org.apache.synapse.mediators.filters.SwitchMediator.mediate(SwitchMediator.java:134)
at
org.apache.synapse.mediators.AbstractListMediator.mediate(AbstractListMediator.java:97)
at
org.apache.synapse.mediators.AbstractListMediator.mediate(AbstractListMediator.java:59)
at
org.apache.synapse.config.xml.AnonymousListMediator.mediate(AnonymousListMediator.java:37)
at org.apache.synapse.config.xml.SwitchCase.mediate(SwitchCase.java:69)
at
org.apache.synapse.mediators.filters.SwitchMediator.mediate(SwitchMediator.java:134)
at
org.apache.synapse.mediators.AbstractListMediator.mediate(AbstractListMediator.java:97)
at
org.apache.synapse.mediators.AbstractListMediator.mediate(AbstractListMediator.java:59)
at
org.apache.synapse.mediators.base.SequenceMediator.mediate(SequenceMediator.java:158)
at
org.apache.synapse.core.axis2.ProxyServiceMessageReceiver.receive(ProxyServiceMessageReceiver.java:213)
at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:180)
at
org.apache.axis2.transport.local.LocalTransportReceiver.processMessage(LocalTransportReceiver.java:169)
at
org.apache.axis2.transport.local.LocalTransportReceiver.processMessage(LocalTransportReceiver.java:82)
at

Re: [Dev] [IDENTITY-3355] Better if only warning is shown for signature verification failures

2017-07-28 Thread Isura Karunaratne 
Hi Sugirjan,

+1 for the warning message without printing the exception trace. We
can add exception
trace as a debug log.

Thanks
Isura.

On Thu, Jul 20, 2017 at 6:47 PM, Sugirjan Ragunaathan 
wrote:

> Hi,
>
> I'm working on the WSO2 public JIRA issue $subject [1].
>
> In the Source code [2], when the SAML2 signature is validated and if
> validation exception is catched, then the exception is logged as well as
> debug message.
>
> } catch (ValidationException e) {
> if (log.isDebugEnabled()) {
> log.debug("SAML Signature validation failed from domain : " + 
> domainName, e);
> }
> }
>
>
> In the Source code [3],  if validation exception is catched, then the
> exception is logged as a warning message not as a debug message.
>
> } catch (IdentitySAML2SSOException e) {
> log.warn("Signature validation failed for the SAML Message : Failed to 
> construct the X509CredentialImpl for the alias " +
> alias, e);
> return false;
> }
>
> What is the best implementation way for handling this exception?
>
> [1]Better if only warning is shown for signature verification failures
> (not the whole exception) 
>
> [2]https://github.com/wso2-extensions/identity-carbon-
> auth-saml2/blob/v5.2.3/components/org.wso2.carbon.
> identity.authenticator.saml2.sso/src/main/java/org/wso2/
> carbon/identity/authenticator/saml2/sso/SAML2SSOAuthenticator.java#L509
>
> [3]https://github.com/wso2-extensions/identity-inbound-
> auth-saml/blob/v5.3.0/components/org.wso2.carbon.
> identity.sso.saml/src/main/java/org/wso2/carbon/identity/
> sso/saml/util/SAMLSSOUtil.java#L882
>
> Thanks.
>
> Regards,
> *R. Sugirjan*
> Software Engineering - Intern | WSO2
>
> Email:  sugir...@wso2.com
> Mobile: +94768489892 <+94%2076%20848%209892>
> 
>



-- 

*Isura Dilhara Karunaratne*
Senior Software Engineer | WSO2
Email: is...@wso2.com
Mob : +94 772 254 810
Blog : http://isurad.blogspot.com/
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] IS User Portal is validating audience against Carbon SAML2 SSO authenticator defined in authenticator.xml

2017-07-28 Thread Isura Karunaratne 
Adding Rushmin

On Tue, Jul 18, 2017 at 10:22 AM, Johann Nallathamby 
wrote:

> Hi All,
>
> We noticed $subject. I don't think this is valid because IS User Portal
> and Carbon management console should be treated as two SPs. So user portal
> reading the audience from authenticator.xml is wrong. Also it reads it even
> if SAML2 SSO authenticator is disabled. So this will create even more
> problems when both User Portal and Carbon management console is enabled for
> SSO. Correct way of validating audience should be by defining the audience
> in auth_config.json in the dashboard webapp.
>
> Can we please fix this for IS 5.4.0?
>
> Thanks & Regards,
> Johann.
>
> --
>
> *Johann Dilantha Nallathamby*
> Senior Lead Solutions Engineer
> WSO2, Inc.
> lean.enterprise.middleware
>
> Mobile - *+9476950*
> Blog - *http://nallaa.wordpress.com *
>



-- 

*Isura Dilhara Karunaratne*
Senior Software Engineer | WSO2
Email: is...@wso2.com
Mob : +94 772 254 810
Blog : http://isurad.blogspot.com/
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] (IDENTITY-6167) Need to honor modifications to email-admin-config.xml file

2017-07-28 Thread Isura Karunaratne 
Can we move configuration files in a minor release?

Thanks
Isura.

On Thu, Jul 27, 2017 at 12:26 PM, KasunG Gajasinghe  wrote:

>
>
> On Thu, Jul 27, 2017 at 10:20 AM, Harsha Thirimanna 
> wrote:
>
>>
>>
>> On Thu, Jul 27, 2017 at 9:41 AM, KasunG Gajasinghe 
>> wrote:
>>
>>>
>>>
>>> On Wed, Jul 26, 2017 at 10:39 PM, Harsha Thirimanna 
>>> wrote:
>>>

 On Wed, Jul 26, 2017 at 9:31 PM, KasunG Gajasinghe 
 wrote:

>
>
> On Wed, Jul 26, 2017 at 9:07 PM, Johann Nallathamby 
> wrote:
>
>>
>>
>> On Wed, Jul 26, 2017 at 8:58 PM, Harsha Thirimanna 
>> wrote:
>>
>>> Hi All,
>>>
>>> I think we feel like both pros and cons because of these data file
>>> are located under the configurations. These are not actually config 
>>> files
>>> and as Kasun said if these are under the config folder then anyone can 
>>> feel
>>> to change and expect the changes in system after restarting. And same as
>>> Johan said, we can explain in the documentation clearly about the
>>> behaviour.
>>>
>>> As an alternative solution, can't we have such files in some
>>> different root folder but not under the config or deployment ,because of
>>> these files are not either deployable artifact or configs. Then users 
>>> will
>>> not misunderstand about these files and there can be its own behaviour 
>>> as
>>> what we have now.
>>>
>>
>>> *Harsha Thirimanna*
>>> *Associate Tech Lead | WSO2*
>>>
>>> Email: hars...@wso2.com
>>> Mob: +94715186770 <+94%2071%20518%206770>
>>> Blog: http://harshathirimanna.blogspot.com/
>>> Twitter: http://twitter.com/harshathirimann
>>> Linked-In: linked-in: http://www.linkedin.com/pub/ha
>>> rsha-thirimanna/10/ab8/122
>>> 
>>>
>>> On Wed, Jul 26, 2017 at 5:21 PM, KasunG Gajasinghe 
>>> wrote:
>>>
 Hi Johann,


 On Wed, Jul 26, 2017 at 3:22 PM, Farasath Ahamed <
 farasa...@wso2.com> wrote:

> Hi,
>
> email-admin-config.xml has the default email templates that are
> used for Email notifications.
> Since we have a UI to add/update new Email templates I don't think
> the user has to go to the registry and do any modifications.
>
>
> Thanks,
> Farasath
>
> Farasath Ahamed
> Software Engineer, WSO2 Inc.; http://wso2.com
> Mobile: +94777603866
> Blog: blog.farazath.com
> Twitter: @farazath619 
> 
>
>
>
> On Wed, Jul 26, 2017 at 1:30 PM, Johann Nallathamby <
> joh...@wso2.com> wrote:
>
>> Hi Kasun,
>>
>> I don't think we need to do this because,
>>
>> 1. This is the model we follow for some other files as well.
>> claim-config.xml
>> identity-event.properties
>>
>>
 Yes, I think Isura mentioned the same. Let me revise my original
 query. The problem I was trying to address is:

 1. There is a config file under repository/conf/ which is only read
 during start-up. Since it is read once, should it really be in the
 repository/conf/?

 2. If a config file is there under repository/conf/, then users
 expect any changes to it will be visible to users. It is not that 
 intuitive
 for a first time user IMO.

>>>
 As the product is quite matured, I think it may be better to look
 into these aspects to make the first time user experience better.  
 Hence,
 the request for $subject.

>>>
>> Agreed. We may be able to improve this.
>>
>>
> Cool.. :) My suggestion is to honor the changes to the file. So, if
> the file hash is changed, we re-upload the changes.
>
> MD5 hash can be stored in registry as a property along with the email
> templates. It is a simple change to [1] as I understand.
>

 ​But after some one change from the UI then it will update the changes
 in registry. But it is not reflected in the file. Again if some one change
 in the file, then registry will override the changes in registry that is
 changed by the UI. Is this expected ?
 ​

>>>
>>> Yes, that happens. User need to stick to one. This is actually a problem
>>> we had in our platform for a while. Some of our configurations are
>>> duplicated in both file system and registry. This leads to much confusion
>>> for a first time user.
>>>
>>
>> ​Agree
>> ​
>>
>>>
>>> What's your suggestion?
>>>
>>
>> ​​I think, main reason is that we consider these

Re: [Dev] The input stream for an incoming message is null - EI 6.1.1

2017-07-28 Thread Nirmal Fernando 
Hi,

Could you please share your ESB config?

On Fri, Jul 28, 2017 at 1:50 PM, Melodias  wrote:

> Hi,
>
> I have problem with call mediator. In my scenario I call backend using call
> mediator with option blocking=true. From backend I got response and next I
> call another proxy using call mediator with option blocking=true. Then I
> get
> error:
>
> org.apache.axis2.AxisFault: The input stream for an incoming message is
> null.
> at
> org.apache.axis2.transport.TransportUtils.createSOAPMessage(
> TransportUtils.java:93)
> at
> org.apache.axis2.transport.TransportUtils.createSOAPMessage(
> TransportUtils.java:68)
> at
> org.apache.axis2.description.OutInAxisOperationClient.handleResponse(
> OutInAxisOperation.java:348)
> at
> org.apache.axis2.description.OutInAxisOperationClient.send(
> OutInAxisOperation.java:445)
> at
> org.apache.axis2.description.OutInAxisOperationClient.executeImpl(
> OutInAxisOperation.java:225)
> at
> org.apache.axis2.client.OperationClient.execute(OperationClient.java:149)
> at
> org.apache.synapse.message.senders.blocking.BlockingMsgSender.sendReceive(
> BlockingMsgSender.java:302)
> at
> org.apache.synapse.message.senders.blocking.BlockingMsgSender.send(
> BlockingMsgSender.java:211)
> at
> org.apache.synapse.mediators.builtin.CallMediator.handleBlockingCall(
> CallMediator.java:150)
> at
> org.apache.synapse.mediators.builtin.CallMediator.mediate(
> CallMediator.java:113)
> at
> org.apache.synapse.mediators.AbstractListMediator.mediate(
> AbstractListMediator.java:97)
> at
> org.apache.synapse.mediators.AbstractListMediator.mediate(
> AbstractListMediator.java:59)
> at
> org.apache.synapse.mediators.base.SequenceMediator.mediate(
> SequenceMediator.java:158)
> at
> org.apache.synapse.core.axis2.ProxyServiceMessageReceiver.receive(
> ProxyServiceMessageReceiver.java:213)
> at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:180)
> at
> org.apache.axis2.transport.local.LocalTransportReceiver.processMessage(
> LocalTransportReceiver.java:169)
> at
> org.apache.axis2.transport.local.LocalTransportReceiver.processMessage(
> LocalTransportReceiver.java:82)
> at
> org.apache.axis2.transport.local.LocalTransportSender.
> finalizeSendWithToAddress(LocalTransportSender.java:102)
> at
> org.apache.axis2.transport.local.LocalTransportSender.
> invoke(LocalTransportSender.java:77)
> at org.apache.axis2.engine.AxisEngine.send(AxisEngine.java:442)
> at
> org.apache.synapse.core.axis2.DynamicAxisOperation$
> DynamicOperationClient.send(DynamicAxisOperation.java:185)
> at
> org.apache.synapse.core.axis2.DynamicAxisOperation$DynamicOperationClient.
> executeImpl(DynamicAxisOperation.java:167)
> at
> org.apache.axis2.client.OperationClient.execute(OperationClient.java:149)
> at
> org.apache.synapse.core.axis2.Axis2FlexibleMEPClient.send(
> Axis2FlexibleMEPClient.java:595)
> at org.apache.synapse.core.axis2.Axis2Sender.sendOn(
> Axis2Sender.java:83)
> at
> org.apache.synapse.core.axis2.Axis2SynapseEnvironment.send(
> Axis2SynapseEnvironment.java:548)
> at
> org.apache.synapse.endpoints.AbstractEndpoint.send(
> AbstractEndpoint.java:382)
> at
> org.apache.synapse.endpoints.AddressEndpoint.send(AddressEndpoint.java:65)
> at
> org.apache.synapse.endpoints.IndirectEndpoint.send(
> IndirectEndpoint.java:55)
> at
> org.apache.synapse.mediators.builtin.SendMediator.mediate(
> SendMediator.java:121)
> at
> org.apache.synapse.mediators.AbstractListMediator.mediate(
> AbstractListMediator.java:97)
> at
> org.apache.synapse.mediators.AbstractListMediator.mediate(
> AbstractListMediator.java:59)
> at
> org.apache.synapse.config.xml.AnonymousListMediator.mediate(
> AnonymousListMediator.java:37)
> at org.apache.synapse.config.xml.SwitchCase.mediate(SwitchCase.
> java:69)
> at
> org.apache.synapse.mediators.filters.SwitchMediator.
> mediate(SwitchMediator.java:134)
> at
> org.apache.synapse.mediators.AbstractListMediator.mediate(
> AbstractListMediator.java:97)
> at
> org.apache.synapse.mediators.AbstractListMediator.mediate(
> AbstractListMediator.java:59)
> at
> org.apache.synapse.config.xml.AnonymousListMediator.mediate(
> AnonymousListMediator.java:37)
> at org.apache.synapse.config.xml.SwitchCase.mediate(SwitchCase.
> java:69)
> at
> org.apache.synapse.mediators.filters.SwitchMediator.
> mediate(SwitchMediator.java:134)
> at
> org.apache.synapse.mediators.AbstractListMediator.mediate(
> AbstractListMediator.java:97)
> at
> org.apache.synapse.mediators.AbstractListMediator.mediate(
> AbstractListMediator.java:59)
> at
> org.apache.synapse.mediators.base.SequenceMediator.mediate(
> SequenceMediator.java:158)
> at
>

Re: [Dev] [IDENTITY-3355] Better if only warning is shown for signature verification failures

2017-07-28 Thread Ruwan Abeykoon 
Hi all,

We log full trace in debug/error levels, but no trace in warn/info levels.

e.g.

 catch (IdentitySAML2SSOException e) {
if (log.isDebugEnabled()) {
log.debug("Signature validation failed for the SAML Message :
Failed to construct the X509CredentialImpl for the alias  : " + alias,
e);
}

log.warn("Signature validation failed for the SAML Message :
Failed to construct the X509CredentialImpl for the alias " +
alias);
return false;

}


On Fri, Jul 28, 2017 at 1:40 PM, Rushmin Fernando  wrote:

> +1 for using warning message without the stack trace. But we have to add
> as much as context info to the log so that the life will be easier when
> coming to support front.
>
> On Fri, Jul 28, 2017 at 1:30 PM, Isura Karunaratne  wrote:
>
>> Hi Sugirjan,
>>
>> +1 for the warning message without printing the exception trace. We can
>> add exception trace as a debug log.
>>
>> Thanks
>> Isura.
>>
>> On Thu, Jul 20, 2017 at 6:47 PM, Sugirjan Ragunaathan 
>> wrote:
>>
>>> Hi,
>>>
>>> I'm working on the WSO2 public JIRA issue $subject [1].
>>>
>>> In the Source code [2], when the SAML2 signature is validated and if
>>> validation exception is catched, then the exception is logged as well as
>>> debug message.
>>>
>>> } catch (ValidationException e) {
>>> if (log.isDebugEnabled()) {
>>> log.debug("SAML Signature validation failed from domain : " + 
>>> domainName, e);
>>> }
>>> }
>>>
>>>
>>> In the Source code [3],  if validation exception is catched, then the
>>> exception is logged as a warning message not as a debug message.
>>>
>>> } catch (IdentitySAML2SSOException e) {
>>> log.warn("Signature validation failed for the SAML Message : Failed to 
>>> construct the X509CredentialImpl for the alias " +
>>> alias, e);
>>> return false;
>>> }
>>>
>>> What is the best implementation way for handling this exception?
>>>
>>> [1]Better if only warning is shown for signature verification failures
>>> (not the whole exception) 
>>>
>>> [2]https://github.com/wso2-extensions/identity-carbon-auth-s
>>> aml2/blob/v5.2.3/components/org.wso2.carbon.identity.authent
>>> icator.saml2.sso/src/main/java/org/wso2/carbon/identity/
>>> authenticator/saml2/sso/SAML2SSOAuthenticator.java#L509
>>>
>>> [3]https://github.com/wso2-extensions/identity-inbound-auth-
>>> saml/blob/v5.3.0/components/org.wso2.carbon.identity.sso.sam
>>> l/src/main/java/org/wso2/carbon/identity/sso/saml/util/SAMLS
>>> SOUtil.java#L882
>>>
>>> Thanks.
>>>
>>> Regards,
>>> *R. Sugirjan*
>>> Software Engineering - Intern | WSO2
>>>
>>> Email:  sugir...@wso2.com
>>> Mobile: +94768489892 <+94%2076%20848%209892>
>>> 
>>>
>>
>>
>>
>> --
>>
>> *Isura Dilhara Karunaratne*
>> Senior Software Engineer | WSO2
>> Email: is...@wso2.com
>> Mob : +94 772 254 810 <+94%2077%20225%204810>
>> Blog : http://isurad.blogspot.com/
>>
>>
>>
>>
>
>
> --
> *Best Regards*
>
> *Rushmin Fernando*
> *Technical Lead*
>
> WSO2 Inc.  - Lean . Enterprise . Middleware
>
> mobile : +94775615183
>
>
>


-- 

*Ruwan Abeykoon*
*Associate Director/Architect**,*
*WSO2, Inc. http://wso2.com  *
*lean.enterprise.middleware.*
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] [IS] Introducing a new attribute in CacheConfig for persistence

2017-07-28 Thread Asela Pathberiya 
On Fri, Jul 28, 2017 at 12:42 PM, Johann Nallathamby 
wrote:

> Hi,
>
> What do you think about introducing $subject to selectively persist each
> and every cache we have? Right now I think all the caches are controlled by
> just two attributes "SessionDataPersist.Enabled" and
> "SessionDataPersist.Temporary". This classification is too broad I think
> with the recent performance issues we faced. So shall we do $subject?
>

IMO;  we have used above two properties when it comes to persist the end
user's SSO session.  There may be few caches which governs by the
"SessionDataPersist.Temporary" property.  Do we really need multiple
properties for each caches ?  What is the actual use of it ? I suspect it
would make configuration more complex.

Thanks,
Asela.


> I think the change won't take that much effort. May be about 30mins for
> Farasath :)
>
> Thanks & Regards,
> Johann.
>
> --
>
> *Johann Dilantha Nallathamby*
> Senior Lead Solutions Engineer
> WSO2, Inc.
> lean.enterprise.middleware
>
> Mobile - *+9476950*
> Blog - *http://nallaa.wordpress.com *
>



-- 
Thanks & Regards,
Asela

ATL
Mobile : +94 777 625 933
 +358 449 228 979

http://soasecurity.org/
http://xacmlinfo.org/
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] The input stream for an incoming message is null - EI 6.1.1

2017-07-28 Thread Melodias 
Thanks for reply
That's my inSequence: 

   
   
   
  
  
   
   
  
 

   http://esp.ws/;>
  CODE_$1
  pl
   


   

 
  
  
 

   http://esp.ws/;>
  SIMPLE_CODE_$1
  pl
   


   

 
  
   
   
  
   
   
  
   
   http://esp.ws/;
xpath="count($body/ns1:getDictionaryResponse/Dictionary/items)  0">
  
 
 


 
 


 
  
  
 
 
 
 
  
   
   
  
 

   http://esp.dictionary; xmlns:obj1="http://esp.object;>
  
 

   CONFIG

 
 
$1
 
  
   


   

 
  
  
 

   http://esp.dictionary; xmlns:obj1="http://esp.object;>
  
 

   CONFIG_OLD

 
 
$1
 
  
   


   

 
  
   
   
  
   
   http://schemas.xmlsoap.org/soap/envelope/;
xpath="$body/soapenv:Fault">
  
 
 
 
 
  
  
 
 


 
 


 
  
   
   



After
   
  
   
I get error.

Nirmal Fernando-3 wrote
> Hi,
> 
> Could you please share your ESB config?
> 
> On Fri, Jul 28, 2017 at 1:50 PM, Melodias 

> osbtestmail1.2@

>  wrote:
> 
>> Hi,
>>
>> I have problem with call mediator. In my scenario I call backend using
>> call
>> mediator with option blocking=true. From backend I got response and next
>> I
>> call another proxy using call mediator with option blocking=true. Then I
>> get
>> error:
>>
>> org.apache.axis2.AxisFault: The input stream for an incoming message is
>> null.
>> at
>> org.apache.axis2.transport.TransportUtils.createSOAPMessage(
>> TransportUtils.java:93)
>> at
>> org.apache.axis2.transport.TransportUtils.createSOAPMessage(
>> TransportUtils.java:68)
>> at
>> org.apache.axis2.description.OutInAxisOperationClient.handleResponse(
>> OutInAxisOperation.java:348)
>> at
>> org.apache.axis2.description.OutInAxisOperationClient.send(
>> OutInAxisOperation.java:445)
>> at
>> org.apache.axis2.description.OutInAxisOperationClient.executeImpl(
>> OutInAxisOperation.java:225)
>> at
>> org.apache.axis2.client.OperationClient.execute(OperationClient.java:149)
>> at
>> org.apache.synapse.message.senders.blocking.BlockingMsgSender.sendReceive(
>> BlockingMsgSender.java:302)
>> at
>> org.apache.synapse.message.senders.blocking.BlockingMsgSender.send(
>> BlockingMsgSender.java:211)
>> at
>> org.apache.synapse.mediators.builtin.CallMediator.handleBlockingCall(
>> CallMediator.java:150)
>> at
>> org.apache.synapse.mediators.builtin.CallMediator.mediate(
>> CallMediator.java:113)
>> at
>> org.apache.synapse.mediators.AbstractListMediator.mediate(
>> AbstractListMediator.java:97)
>> at
>> org.apache.synapse.mediators.AbstractListMediator.mediate(
>> AbstractListMediator.java:59)
>> at
>> org.apache.synapse.mediators.base.SequenceMediator.mediate(
>> SequenceMediator.java:158)
>> at
>> org.apache.synapse.core.axis2.ProxyServiceMessageReceiver.receive(
>> ProxyServiceMessageReceiver.java:213)
>> at
>> org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:180)
>> at
>> org.apache.axis2.transport.local.LocalTransportReceiver.processMessage(
>> LocalTransportReceiver.java:169)
>> at
>> org.apache.axis2.transport.local.LocalTransportReceiver.processMessage(
>> LocalTransportReceiver.java:82)
>> at
>> org.apache.axis2.transport.local.LocalTransportSender.
>> finalizeSendWithToAddress(LocalTransportSender.java:102)
>> at
>> org.apache.axis2.transport.local.LocalTransportSender.
>> invoke(LocalTransportSender.java:77)
>> at org.apache.axis2.engine.AxisEngine.send(AxisEngine.java:442)
>> at
>> org.apache.synapse.core.axis2.DynamicAxisOperation$
>> DynamicOperationClient.send(DynamicAxisOperation.java:185)
>> at
>> org.apache.synapse.core.axis2.DynamicAxisOperation$DynamicOperationClient.
>> executeImpl(DynamicAxisOperation.java:167)
>> at
>>

Re: [Dev] [IS] Introducing a new attribute in CacheConfig for persistence

2017-07-28 Thread Johann Nallathamby 
Do you think we can live with these two kind of caches only? I am not sure.
May be others from IAM team can chip in. My objective is to use sticky
sessions as much as possible and persist as less as possible, make the
flows optimized. If there are no limitations in this I am fine.

E.g. SAML2 SSO and OAuth2 should work in a single setup without any issue
and I want be able to disable all kind of temporary caches for SAML2 SSO
because it can take advantage of sticky sessions, only having the user SSO
session cache and SAML2 participant cache persisted, while for OAuth2 we
need to persist some additional caches such AuthorizationGrantCache because
it is used from Token endpoint which can't use sticky sessions. Is this
possible now? If it's possible then it's fine and my thinking may be wrong.

Regards,
Johann.

On Fri, Jul 28, 2017 at 2:13 PM, Asela Pathberiya  wrote:

>
>
> On Fri, Jul 28, 2017 at 12:42 PM, Johann Nallathamby 
> wrote:
>
>> Hi,
>>
>> What do you think about introducing $subject to selectively persist each
>> and every cache we have? Right now I think all the caches are controlled by
>> just two attributes "SessionDataPersist.Enabled" and
>> "SessionDataPersist.Temporary". This classification is too broad I think
>> with the recent performance issues we faced. So shall we do $subject?
>>
>
> IMO;  we have used above two properties when it comes to persist the end
> user's SSO session.  There may be few caches which governs by the
> "SessionDataPersist.Temporary" property.  Do we really need multiple
> properties for each caches ?  What is the actual use of it ? I suspect it
> would make configuration more complex.
>
> Thanks,
> Asela.
>
>
>> I think the change won't take that much effort. May be about 30mins for
>> Farasath :)
>>
>> Thanks & Regards,
>> Johann.
>>
>> --
>>
>> *Johann Dilantha Nallathamby*
>> Senior Lead Solutions Engineer
>> WSO2, Inc.
>> lean.enterprise.middleware
>>
>> Mobile - *+9476950*
>> Blog - *http://nallaa.wordpress.com *
>>
>
>
>
> --
> Thanks & Regards,
> Asela
>
> ATL
> Mobile : +94 777 625 933 <+94%2077%20762%205933>
>  +358 449 228 979
>
> http://soasecurity.org/
> http://xacmlinfo.org/
>



-- 
Thanks & Regards,

*Johann Dilantha Nallathamby*
Senior Lead Solutions Engineer
WSO2, Inc.
lean.enterprise.middleware

Mobile - *+9476950*
Blog - *http://nallaa.wordpress.com *
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] [IS] Introducing a new attribute in CacheConfig for persistence

2017-07-28 Thread Asela Pathberiya 
On Fri, Jul 28, 2017 at 2:56 PM, Johann Nallathamby  wrote:

> Do you think we can live with these two kind of caches only? I am not sure.
>

Above properties for only the caches which are in framework. Basically to
handle the end user's session related stuff..  I do not think we need
separate configuration for each caches in framework.

But;  Yes.  we can consider separate configurations for other caches in
different components.

+1 If above configurations ("SessionDataPersist") are used by other
components such as OAuth2  it is wrong.  We need to fix with different
configuration.

Thanks,
Asela.


> May be others from IAM team can chip in. My objective is to use sticky
> sessions as much as possible and persist as less as possible, make the
> flows optimized. If there are no limitations in this I am fine
>

> E.g. SAML2 SSO and OAuth2 should work in a single setup without any issue
> and I want be able to disable all kind of temporary caches for SAML2 SSO
> because it can take advantage of sticky sessions, only having the user SSO
> session cache and SAML2 participant cache persisted, while for OAuth2 we
> need to persist some additional caches such AuthorizationGrantCache because
> it is used from Token endpoint which can't use sticky sessions. Is this
> possible now? If it's possible then it's fine and my thinking may be wrong.
>
> Regards,
> Johann.
>
> On Fri, Jul 28, 2017 at 2:13 PM, Asela Pathberiya  wrote:
>
>>
>>
>> On Fri, Jul 28, 2017 at 12:42 PM, Johann Nallathamby 
>> wrote:
>>
>>> Hi,
>>>
>>> What do you think about introducing $subject to selectively persist each
>>> and every cache we have? Right now I think all the caches are controlled by
>>> just two attributes "SessionDataPersist.Enabled" and
>>> "SessionDataPersist.Temporary". This classification is too broad I
>>> think with the recent performance issues we faced. So shall we do $subject?
>>>
>>
>> IMO;  we have used above two properties when it comes to persist the end
>> user's SSO session.  There may be few caches which governs by the
>> "SessionDataPersist.Temporary" property.  Do we really need multiple
>> properties for each caches ?  What is the actual use of it ? I suspect it
>> would make configuration more complex.
>>
>> Thanks,
>> Asela.
>>
>>
>>> I think the change won't take that much effort. May be about 30mins for
>>> Farasath :)
>>>
>>> Thanks & Regards,
>>> Johann.
>>>
>>> --
>>>
>>> *Johann Dilantha Nallathamby*
>>> Senior Lead Solutions Engineer
>>> WSO2, Inc.
>>> lean.enterprise.middleware
>>>
>>> Mobile - *+9476950*
>>> Blog - *http://nallaa.wordpress.com *
>>>
>>
>>
>>
>> --
>> Thanks & Regards,
>> Asela
>>
>> ATL
>> Mobile : +94 777 625 933 <+94%2077%20762%205933>
>>  +358 449 228 979
>>
>> http://soasecurity.org/
>> http://xacmlinfo.org/
>>
>
>
>
> --
> Thanks & Regards,
>
> *Johann Dilantha Nallathamby*
> Senior Lead Solutions Engineer
> WSO2, Inc.
> lean.enterprise.middleware
>
> Mobile - *+9476950*
> Blog - *http://nallaa.wordpress.com *
>



-- 
Thanks & Regards,
Asela

ATL
Mobile : +94 777 625 933
 +358 449 228 979

http://soasecurity.org/
http://xacmlinfo.org/
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] jndi.properties Production Recommended Configuration

2017-07-28 Thread Sashika Wijesinghe 
Hi Junior,

The connection details you have used are correct for failover scenarios.
Refer [1] to get more information about MB failover handling.


[1] https://docs.wso2.com/display/MB320/Handling+Failover

On Thu, Jul 27, 2017 at 7:04 PM, Júnior  wrote:

> Hi everyone,
>
> Is there any recommended jndi.properties connection setup for WSO2 MB
> Connection?
>
> we have a connection string like this:
>
> connectionfactory.TopicConnectionFactory=amqp://admin:admin@carbon/carbon?
> failover='roundrobin'='2'='
> tcp://server1:5675?retries='5'='50';tcp://
> server2:5675?retries='5'='50''
>
>
> These MB are clustered, but sometimes I see that when it lost the
> connection it simply is not able to reconnect.
>
> Is there any recommended settings to be used on this connection string for
> a more reliable Broker connection?
>
> Thanks,
> --
> Francisco Ribeiro
> *SCEA|SCJP|SCWCD|IBM Certified SOA Associate*
>
> ___
> Dev mailing list
> Dev@wso2.org
> http://wso2.org/cgi-bin/mailman/listinfo/dev
>
>


-- 

*Sashika WijesingheSoftware Engineer - QA Team*
Mobile : +94 (0) 774537487
sash...@wso2.com
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] [IS] Introducing a new attribute in CacheConfig for persistence

2017-07-28 Thread Johann Nallathamby 
On Fri, Jul 28, 2017 at 3:07 PM, Asela Pathberiya  wrote:

>
>
> On Fri, Jul 28, 2017 at 2:56 PM, Johann Nallathamby 
> wrote:
>
>> Do you think we can live with these two kind of caches only? I am not
>> sure.
>>
>
> Above properties for only the caches which are in framework. Basically to
> handle the end user's session related stuff..  I do not think we need
> separate configuration for each caches in framework.
>
> But;  Yes.  we can consider separate configurations for other caches in
> different components.
>
> +1 If above configurations ("SessionDataPersist") are used by other
> components such as OAuth2  it is wrong.  We need to fix with different
> configuration.
>

Yes, exactly. That is my concern. Framework is fine I think. It's the other
caches that are problematic. I think Thanuja is doing something related to
this. It will be better if we can verify this aspect also. Basically we
need to persist as less as possible and rely on sticky session wherever
possible. And also in some practical cases it will take couple of
milliseconds for user interaction before which the distributed caches may
be synced. So we may not have to persist in those cases also. I am speaking
independent of the distributed caching issues we have. With that in the
picture the end result may be different. Please consider all these.

Regards,
Johann.


>
> Thanks,
> Asela.
>
>
>> May be others from IAM team can chip in. My objective is to use sticky
>> sessions as much as possible and persist as less as possible, make the
>> flows optimized. If there are no limitations in this I am fine
>>
>
>> E.g. SAML2 SSO and OAuth2 should work in a single setup without any issue
>> and I want be able to disable all kind of temporary caches for SAML2 SSO
>> because it can take advantage of sticky sessions, only having the user SSO
>> session cache and SAML2 participant cache persisted, while for OAuth2 we
>> need to persist some additional caches such AuthorizationGrantCache because
>> it is used from Token endpoint which can't use sticky sessions. Is this
>> possible now? If it's possible then it's fine and my thinking may be wrong.
>>
>> Regards,
>> Johann.
>>
>> On Fri, Jul 28, 2017 at 2:13 PM, Asela Pathberiya  wrote:
>>
>>>
>>>
>>> On Fri, Jul 28, 2017 at 12:42 PM, Johann Nallathamby 
>>> wrote:
>>>
 Hi,

 What do you think about introducing $subject to selectively persist
 each and every cache we have? Right now I think all the caches are
 controlled by just two attributes "SessionDataPersist.Enabled" and
 "SessionDataPersist.Temporary". This classification is too broad I
 think with the recent performance issues we faced. So shall we do $subject?

>>>
>>> IMO;  we have used above two properties when it comes to persist the end
>>> user's SSO session.  There may be few caches which governs by the
>>> "SessionDataPersist.Temporary" property.  Do we really need multiple
>>> properties for each caches ?  What is the actual use of it ? I suspect it
>>> would make configuration more complex.
>>>
>>> Thanks,
>>> Asela.
>>>
>>>
 I think the change won't take that much effort. May be about 30mins for
 Farasath :)

 Thanks & Regards,
 Johann.

 --

 *Johann Dilantha Nallathamby*
 Senior Lead Solutions Engineer
 WSO2, Inc.
 lean.enterprise.middleware

 Mobile - *+9476950*
 Blog - *http://nallaa.wordpress.com *

>>>
>>>
>>>
>>> --
>>> Thanks & Regards,
>>> Asela
>>>
>>> ATL
>>> Mobile : +94 777 625 933 <+94%2077%20762%205933>
>>>  +358 449 228 979
>>>
>>> http://soasecurity.org/
>>> http://xacmlinfo.org/
>>>
>>
>>
>>
>> --
>> Thanks & Regards,
>>
>> *Johann Dilantha Nallathamby*
>> Senior Lead Solutions Engineer
>> WSO2, Inc.
>> lean.enterprise.middleware
>>
>> Mobile - *+9476950*
>> Blog - *http://nallaa.wordpress.com *
>>
>
>
>
> --
> Thanks & Regards,
> Asela
>
> ATL
> Mobile : +94 777 625 933 <+94%2077%20762%205933>
>  +358 449 228 979
>
> http://soasecurity.org/
> http://xacmlinfo.org/
>



-- 
Thanks & Regards,

*Johann Dilantha Nallathamby*
Senior Lead Solutions Engineer
WSO2, Inc.
lean.enterprise.middleware

Mobile - *+9476950*
Blog - *http://nallaa.wordpress.com *
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] IS User Portal is validating audience against Carbon SAML2 SSO authenticator defined in authenticator.xml

2017-07-28 Thread Johann Nallathamby 
Created - https://wso2.org/jira/browse/IDENTITY-6193

On Fri, Jul 28, 2017 at 1:44 PM, Rushmin Fernando  wrote:

> Let's consider this as the time permits.
>
> @Johann can you please create a Jira?
>
> On Fri, Jul 28, 2017 at 1:38 PM, Isura Karunaratne  wrote:
>
>> Adding Rushmin
>>
>> On Tue, Jul 18, 2017 at 10:22 AM, Johann Nallathamby 
>> wrote:
>>
>>> Hi All,
>>>
>>> We noticed $subject. I don't think this is valid because IS User Portal
>>> and Carbon management console should be treated as two SPs. So user portal
>>> reading the audience from authenticator.xml is wrong. Also it reads it even
>>> if SAML2 SSO authenticator is disabled. So this will create even more
>>> problems when both User Portal and Carbon management console is enabled for
>>> SSO. Correct way of validating audience should be by defining the audience
>>> in auth_config.json in the dashboard webapp.
>>>
>>> Can we please fix this for IS 5.4.0?
>>>
>>> Thanks & Regards,
>>> Johann.
>>>
>>> --
>>>
>>> *Johann Dilantha Nallathamby*
>>> Senior Lead Solutions Engineer
>>> WSO2, Inc.
>>> lean.enterprise.middleware
>>>
>>> Mobile - *+9476950*
>>> Blog - *http://nallaa.wordpress.com *
>>>
>>
>>
>>
>> --
>>
>> *Isura Dilhara Karunaratne*
>> Senior Software Engineer | WSO2
>> Email: is...@wso2.com
>> Mob : +94 772 254 810 <+94%2077%20225%204810>
>> Blog : http://isurad.blogspot.com/
>>
>>
>>
>>
>
>
> --
> *Best Regards*
>
> *Rushmin Fernando*
> *Technical Lead*
>
> WSO2 Inc.  - Lean . Enterprise . Middleware
>
> mobile : +94775615183
>
>
>


-- 
Thanks & Regards,

*Johann Dilantha Nallathamby*
Senior Lead Solutions Engineer
WSO2, Inc.
lean.enterprise.middleware

Mobile - *+9476950*
Blog - *http://nallaa.wordpress.com *
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] IS User Portal is validating audience against Carbon SAML2 SSO authenticator defined in authenticator.xml

2017-07-28 Thread Rushmin Fernando 
Thanks !

On Fri, Jul 28, 2017 at 3:31 PM, Johann Nallathamby  wrote:

> Created - https://wso2.org/jira/browse/IDENTITY-6193
>
> On Fri, Jul 28, 2017 at 1:44 PM, Rushmin Fernando 
> wrote:
>
>> Let's consider this as the time permits.
>>
>> @Johann can you please create a Jira?
>>
>> On Fri, Jul 28, 2017 at 1:38 PM, Isura Karunaratne 
>> wrote:
>>
>>> Adding Rushmin
>>>
>>> On Tue, Jul 18, 2017 at 10:22 AM, Johann Nallathamby 
>>> wrote:
>>>
 Hi All,

 We noticed $subject. I don't think this is valid because IS User Portal
 and Carbon management console should be treated as two SPs. So user portal
 reading the audience from authenticator.xml is wrong. Also it reads it even
 if SAML2 SSO authenticator is disabled. So this will create even more
 problems when both User Portal and Carbon management console is enabled for
 SSO. Correct way of validating audience should be by defining the audience
 in auth_config.json in the dashboard webapp.

 Can we please fix this for IS 5.4.0?

 Thanks & Regards,
 Johann.

 --

 *Johann Dilantha Nallathamby*
 Senior Lead Solutions Engineer
 WSO2, Inc.
 lean.enterprise.middleware

 Mobile - *+9476950*
 Blog - *http://nallaa.wordpress.com *

>>>
>>>
>>>
>>> --
>>>
>>> *Isura Dilhara Karunaratne*
>>> Senior Software Engineer | WSO2
>>> Email: is...@wso2.com
>>> Mob : +94 772 254 810 <+94%2077%20225%204810>
>>> Blog : http://isurad.blogspot.com/
>>>
>>>
>>>
>>>
>>
>>
>> --
>> *Best Regards*
>>
>> *Rushmin Fernando*
>> *Technical Lead*
>>
>> WSO2 Inc.  - Lean . Enterprise . Middleware
>>
>> mobile : +94775615183
>>
>>
>>
>
>
> --
> Thanks & Regards,
>
> *Johann Dilantha Nallathamby*
> Senior Lead Solutions Engineer
> WSO2, Inc.
> lean.enterprise.middleware
>
> Mobile - *+9476950*
> Blog - *http://nallaa.wordpress.com *
>



-- 
*Best Regards*

*Rushmin Fernando*
*Technical Lead*

WSO2 Inc.  - Lean . Enterprise . Middleware

mobile : +94775615183
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

[Dev] [GSOC 2017][API Manager ][Environment Support][Meeting Min]

2017-07-28 Thread Ravindu Perera 
Hi all

Meeting Min


   - Discussed on the UI part with  and got feedback from UI-expert on what
   to change.
   - Also discussed about getting a configuration map.
   - Did the append part for the tokens and the Ms4j token also discussed
   on the editing the path.


Thank you
Ravindu Perera.
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] [GSoC 2017][IS] SCIM 2.0 Compliance Test Suite

2017-07-28 Thread Darshana Gunawardana 
Hi VIndula,

Impressive progress so far..!!

As discussed let's have more focus on the the maximizing re-usability
aspects of this test suite. So the test suit will be easy to tryout, easy
to contribute & easy to integrate with test automation frameworks..

Regards,

On Fri, Jul 28, 2017 at 8:55 PM, Vindula Jayawardana <
vindula...@cse.mrt.ac.lk> wrote:

> Hi,
>
> As I demonstrated at the demo held today, I have been able to complete a
> milestone of the project as per the timeline. As decided at the meeting, I
> sent a PR[1] to the scim2-compliance-test-suite repo. Please review and
> merge.
>
> As I explained at the meeting, the current implementation[1] covers
> approximately 75% of compliance test suite. A brief overview of the
> implemented tests is as follows.
>
> 1. All tests for /Users Endpoint
> 2. All tests for /Groups Endpoint
> 3. /ServiceproviderConfig Endpoint
> 4. /ResourceType Endpoint
>
> Following are yet to be developed.
>
> 1. /Bulk Endpoint
>
> Since the project can accommodate additional features with the time
> remaining, as Darshana pointed out, I will also be working on the following
> value adding feature as well.
>
> 1. Ability to run custom test cases
>
> Thank you
>
> [1] : https://github.com/wso2-incubator/scim2-compliance-test-suite/pull/1
>
> *Vindula Jayawardana*
> Computer Science and Engineering Dept.
> University of Moratuwa
> mobile : +713462554
> Email : vindul...@gmail.com
>
> 
> 
> 
> 
>
> *“Respect is how to treat everyone, not just those you want to impress. "*
>
>
> *-Richard Branson-*
>
>
>
> On 10 July 2017 at 20:27, Omindu Rathnaweera  wrote:
>
>> Hi VIndula,
>>
>> You can use https://github.com/wso2-incubator/scim2-compliance-test-suite
>> for your development. Please send a PR with the current code.
>>
>> Regards,
>> Omindu.
>>
>> On Mon, Jun 26, 2017 at 11:52 PM, Omindu Rathnaweera 
>> wrote:
>>
>>> Scheduled the meeting on 28th Wednesday at 3.00 pm. Hope you've got the
>>> request.
>>>
>>>
>>> On Mon, Jun 26, 2017 at 11:17 PM, Vindula Jayawardana <
>>> vindula...@cse.mrt.ac.lk> wrote:
>>>
 Hi,

 Yes I can do a demo on the current implementation. How about the June
 28th Wednesday at 3.00 pm ?

 Please find the following details to test the /ServiceProviderConfig
 endpoint.

 1. Start the IS instance locally.
 2. Deploy the scimproxycompliance.war
 3. On the UI, select Compliance Test 2.0 tab
 4. Enter the IS SCIM base url as : https://localhost:9443

 I have tested with mocked IS 5.3.0 instance with SCIM 2.0 support.

 Thank you.

 *Vindula Jayawardana*
 Computer Science and Engineering Dept.
 University of Moratuwa
 mobile : +713462554
 Email : vindul...@gmail.com

 
 
 
 

 *“Respect is how to treat everyone, not just those you want to impress.
 "*


 *-Richard Branson-*



 On 26 June 2017 at 10:42, Omindu Rathnaweera  wrote:

> Hi Vindula,
>
> Would it possible for you to arrange the demo within the evaluation
> time period (26th - 30th)? Also please share the instructions to try out
> the 'ServiceProviderConfig' test.
>
> Thanks,
> Omindu.
>
> On Tue, Jun 20, 2017 at 5:12 PM, Vindula Jayawardana <
> vindula...@cse.mrt.ac.lk> wrote:
>
>> Hi,
>>
>> I was able to implement /ServiceProviderConfig endpoint compliance
>> test as an end to end test [1].
>>
>> As discussed I used feign JAX-RS client. I did not directly use
>> Charon core objects [1][2] in REST client due to json encoding and
>> decoding problem as mentioned by Gayan in the previous mail. Hence
>> I implemented separate object object models for this purpose.
>>
>> I am hoping to arrange a demo of the currently implemented test and
>> also it will be better if I can get your opinions on verifying the
>> architecture of the current implementation. Shall we have a quick demo
>> session on Thursday (22nd) ?
>>
>> [1] https://github.com/Vindulamj/SCIM-2.0-Complience-Test-Suite
>> [2] https://github.com/wso2/charon/blob/master/modules/charo
>> n-core/src/main/java/org/wso2/charon3/core/objects/User.java
>> [3] https://github.com/wso2/charon/blob/master/modules/charo
>> n-core/src/main/java/org/wso2/charon3/core/objects/Group.java
>>
>> Thank you.
>>
>> *Vindula Jayawardana*
>> Computer Science and Engineering Dept.
>> University of Moratuwa
>> mobile : +713462554
>>