Re: [Dev] [Architecture] [VOTE] Release of WSO2 Identity Server 5.6.0 RC3

[Amalka Subasinghe]

Hi all,

We tested following
- Private key jwt authentication
- OIDC login/logout flow
- OIDC Hybrid flow with "code id_token" response type

No blocking issues found. Hence +1 for the release

Thanks
Amalka

On Wed, Jun 20, 2018 at 11:08 AM Ayesha Dissanayaka  wrote:

> Hi All,
>
> I have tested following Identity Management Scenarios.
>
> User Self Registration
> Username Recovery
> Password Self Recovery
>
> via Email
>
> via Challenge Questions
>
>
> Admin Forced Password reset
>
> via Email link
>
> via OTP in Email
>
> via Offline OTP
>
>
> Email Notifications
>
> Resend Account Verification link
>
> Account lock/unlock
>
> Start password recovery flow with challenge questions
>
> +1 for the release as no blocking issue is found.
>
> Thanks!
> -Ayesha
>
>
> On Tue, Jun 19, 2018 at 5:27 PM, Madawa Soysa  wrote:
>
>> Hi All,
>>
>> I have tested the following,
>>
>>- Generating MP-JWT 1.0 compatible token.
>>- Microprofile JWT Sample
>>
>> No blocking issues found. Hence +1 for the release.
>>
>> On Tue, Jun 19, 2018 at 5:08 PM Biruntha Gnaneswaran 
>> wrote:
>>
>>> Hi All,
>>>
>>> I have tested the following,
>>>
>>> Create service provider and tested OAuth flow with playground when
>>> hashing access tokens, refresh tokens, client secrets, and authorization
>>> codes feature enabled.
>>>
>>> No blocking issues found.
>>>
>>> [+] Stable - go ahead and release
>>>
>>> Thanks,
>>>
>>> On Tue, Jun 19, 2018 at 4:52 PM, Nadeeshani Pathirennehelage <
>>> nadeesha...@wso2.com> wrote:
>>>
 Hi All,

 +1 from Platform Security Team.

 Thank You,
 Nadeeshani.

 On Tue, Jun 19, 2018 at 4:42 PM, Ashen Weerathunga 
 wrote:

> Hi All,
>
> I have tested the following and found no issues.
>
>- Consent Management for Self Sign Up.
>- Creating Users with the Ask Password Option.
>- Password pattern validation.
>- SAML SSO with Consent Management.
>
> [+] Stable - go ahead and release
>
> Thanks,
> Ashen
>
>
> On Tue, Jun 19, 2018 at 3:59 PM Ishara Karunarathna 
> wrote:
>
>> Hi All,
>>
>> Tested the IS 5.6.0-RC3 integration with IS-Analytics-5.6.0
>> And check the session analytics reports.
>>
>>
>> No blocking issues found.
>> [+] Stable
>>
>> Thanks,
>> Ishara
>>
>>
>>
>>
>>
>> On Tue, Jun 19, 2018 at 3:48 PM Isuri Anuradha 
>> wrote:
>>
>>> Hi all,
>>>
>>> I've tested following scenarios on the IS 5.6.0-RC3 pack.
>>>
>>>- SAML to SAML federation flow.
>>>- Publish and Update XACML policies.
>>>- OAuth token revocation.
>>>
>>> No blocking issues found.
>>>
>>> [+] Stable
>>>
>>> Thanks
>>> Isuri.
>>>
>>> On Tue, Jun 19, 2018 at 3:34 PM, Omindu Rathnaweera >> > wrote:
>>>
 Hi All,

 Tested SCIM 2.0 basic operations. No blocking issues found

 [+] Stable - Go ahead and release

 Regards,
 Omindu.





 On Tue, Jun 19, 2018 at 3:14 PM Nipuni Bhagya 
 wrote:

> Hi all,
>
> I've tested following scenarios on the IS 5.6.0-RC3 pack.
>
>- Configuring Single-Sign-On with SAML2
>- Configuring Single-Sign-On with OIDC
>- Configuring Multi-Factor Authentication
>- Configuring Twitter as a Federated Authenticator
>- Setting up Self-Signup
>- Creating a workflow
>- Tested Consent management API (Add/Retrieve purposes,
>Add/revoke consents.)
>
> No blocking issues found.
>
> [+] Stable
>
> Thanks,
>
>
> On Tue, Jun 19, 2018 at 2:38 AM Pulasthi Mahawithana <
> pulast...@wso2.com> wrote:
>
>> Hi,
>>
>> Tested SSO with Multi step/multi option authentication, Google
>> and Twitter authenticators
>>
>> No blocking issues found.
>>
>> [+] Stable - Go ahead and release
>>
>>
>> On Tue, Jun 19, 2018 at 2:59 PM Hasanthi Purnima Dissanayake <
>> hasan...@wso2.com> wrote:
>>
>>> Hi,
>>>
>>> Tested below scenarios on IS 5.6.0-RC3 pack,
>>>
>>> - Register a service provider
>>> - Obtain an access token using JWT grant type
>>> - Invoke user info endpoint using the token.
>>>
>>> No blocking issues found.
>>>
>>> [+] Stable - Go ahead and release
>>>
>>> Thanks,
>>> Hasanthi
>>>
>>> On Tue, Jun 19, 2018 at 2:44 PM, Dewni Weeraman 
>>> wrote:
>>>
 Hi,

 Tested below scenarios on IS 5.6.0-RC3 pack,

- Invoke the 

Re: [Dev] [Architecture] [VOTE] Release of WSO2 Identity Server 5.6.0 RC3

[Ayesha Dissanayaka]

Hi All,

I have tested following Identity Management Scenarios.

User Self Registration
Username Recovery
Password Self Recovery

via Email

via Challenge Questions


Admin Forced Password reset

via Email link

via OTP in Email

via Offline OTP


Email Notifications

Resend Account Verification link

Account lock/unlock

Start password recovery flow with challenge questions

+1 for the release as no blocking issue is found.

Thanks!
-Ayesha


On Tue, Jun 19, 2018 at 5:27 PM, Madawa Soysa  wrote:

> Hi All,
>
> I have tested the following,
>
>- Generating MP-JWT 1.0 compatible token.
>- Microprofile JWT Sample
>
> No blocking issues found. Hence +1 for the release.
>
> On Tue, Jun 19, 2018 at 5:08 PM Biruntha Gnaneswaran 
> wrote:
>
>> Hi All,
>>
>> I have tested the following,
>>
>> Create service provider and tested OAuth flow with playground when
>> hashing access tokens, refresh tokens, client secrets, and authorization
>> codes feature enabled.
>>
>> No blocking issues found.
>>
>> [+] Stable - go ahead and release
>>
>> Thanks,
>>
>> On Tue, Jun 19, 2018 at 4:52 PM, Nadeeshani Pathirennehelage <
>> nadeesha...@wso2.com> wrote:
>>
>>> Hi All,
>>>
>>> +1 from Platform Security Team.
>>>
>>> Thank You,
>>> Nadeeshani.
>>>
>>> On Tue, Jun 19, 2018 at 4:42 PM, Ashen Weerathunga 
>>> wrote:
>>>
 Hi All,

 I have tested the following and found no issues.

- Consent Management for Self Sign Up.
- Creating Users with the Ask Password Option.
- Password pattern validation.
- SAML SSO with Consent Management.

 [+] Stable - go ahead and release

 Thanks,
 Ashen


 On Tue, Jun 19, 2018 at 3:59 PM Ishara Karunarathna 
 wrote:

> Hi All,
>
> Tested the IS 5.6.0-RC3 integration with IS-Analytics-5.6.0
> And check the session analytics reports.
>
>
> No blocking issues found.
> [+] Stable
>
> Thanks,
> Ishara
>
>
>
>
>
> On Tue, Jun 19, 2018 at 3:48 PM Isuri Anuradha  wrote:
>
>> Hi all,
>>
>> I've tested following scenarios on the IS 5.6.0-RC3 pack.
>>
>>- SAML to SAML federation flow.
>>- Publish and Update XACML policies.
>>- OAuth token revocation.
>>
>> No blocking issues found.
>>
>> [+] Stable
>>
>> Thanks
>> Isuri.
>>
>> On Tue, Jun 19, 2018 at 3:34 PM, Omindu Rathnaweera 
>> wrote:
>>
>>> Hi All,
>>>
>>> Tested SCIM 2.0 basic operations. No blocking issues found
>>>
>>> [+] Stable - Go ahead and release
>>>
>>> Regards,
>>> Omindu.
>>>
>>>
>>>
>>>
>>>
>>> On Tue, Jun 19, 2018 at 3:14 PM Nipuni Bhagya 
>>> wrote:
>>>
 Hi all,

 I've tested following scenarios on the IS 5.6.0-RC3 pack.

- Configuring Single-Sign-On with SAML2
- Configuring Single-Sign-On with OIDC
- Configuring Multi-Factor Authentication
- Configuring Twitter as a Federated Authenticator
- Setting up Self-Signup
- Creating a workflow
- Tested Consent management API (Add/Retrieve purposes,
Add/revoke consents.)

 No blocking issues found.

 [+] Stable

 Thanks,


 On Tue, Jun 19, 2018 at 2:38 AM Pulasthi Mahawithana <
 pulast...@wso2.com> wrote:

> Hi,
>
> Tested SSO with Multi step/multi option authentication, Google
> and Twitter authenticators
>
> No blocking issues found.
>
> [+] Stable - Go ahead and release
>
>
> On Tue, Jun 19, 2018 at 2:59 PM Hasanthi Purnima Dissanayake <
> hasan...@wso2.com> wrote:
>
>> Hi,
>>
>> Tested below scenarios on IS 5.6.0-RC3 pack,
>>
>> - Register a service provider
>> - Obtain an access token using JWT grant type
>> - Invoke user info endpoint using the token.
>>
>> No blocking issues found.
>>
>> [+] Stable - Go ahead and release
>>
>> Thanks,
>> Hasanthi
>>
>> On Tue, Jun 19, 2018 at 2:44 PM, Dewni Weeraman 
>> wrote:
>>
>>> Hi,
>>>
>>> Tested below scenarios on IS 5.6.0-RC3 pack,
>>>
>>>- Invoke the OAuth Introspection Endpoint.
>>>- OAuth token revocation.
>>>- Entitlement policy creation using write policy in xml and
>>>publishing.
>>>- Using REST APIs via XACML to manage entitlement.
>>>- Create, update, get, delete an OAuth app using Dynamic
>>>Client Registration endpoint.
>>>
>>>
>>> No blocking issues found.
>>>
>>> [+] Stable - Go ahead and release
>>>
>>> 

Re: [Dev] Lib directory in Stream Processor contains OSGI bundles

[Tharindu Malawaraarachchi]

Hi all,
Thanks a lot!

Tharindu

On Wed, Jun 20, 2018 at 9:45 AM Viduranga Gunarathne 
wrote:

> Hi Tharindu,
>
> Please find the comments inline.
>
> On Tue, Jun 19, 2018 at 6:33 PM Tharindu Malawaraarachchi <
> tharind...@wso2.com> wrote:
>
>> Hi all,
>> In Carbon 4 based wso2 products, there are 2 separate folders
>> (dropins and lib) to keep OSGI bundles and other non OSGI jars. But in wso2
>> stream processor there is no dropins directory and the lib directory keeps
>> OSGI bundles.
>> Is it mandate to convert the non OSGI modules to OSGi with stream
>> processor?
>>
>
> WSO2 products run on an OSGi environment and it would be best to add as an
> OSGi bundle rather than a jar. However it is not mandatory. You can add
> jars also. Accoding to guide[1] you only need to add mysql-connector jars
> as it is to the lib folder.
>
> Also you can refer guide[2] to activate the osgi console and refer blog[3]
> to see how to debug the osgi bundles at runtime.
>
>
>> Or is there a way to add non OSGI jars [example- sql driver jars] to SP
>>
>> Thanks and Regards,
>> Tharindu
>> --
>> *Tharindu Malawaraarachchi*
>> Software Engineer | WSO2
>>
>> tharind...@wso2.com
>> +94 719340143
>> https://www.linkedin.com/in/tharindun/
>>
>> ___
>> Dev mailing list
>> Dev@wso2.org
>> http://wso2.org/cgi-bin/mailman/listinfo/dev
>>
>
> [1] https://docs.wso2.com/display/SP400/Fully+Distributed+Deployment
> [2] https://docs.wso2.com/display/Carbon447/Product+Startup+Options
> [3]
> http://movingaheadblog.blogspot.com/2014/01/how-to-debug-wso2-carbon-products-using.html
> --
> Regards*,*
> *Viduranga Gunarathne*
> *Software Engineer*
> *WSO2 (Pvt) Ltd.*
>
> *Mobile : *+94712437484
> *Email   : *vidura...@wso2.com
> *Web : *http://wso2.com
> *Blog: *http://medium.com/vlgunarathne
> 
>


-- 
*Tharindu Malawaraarachchi*
Software Engineer | WSO2

tharind...@wso2.com
+94 719340143
https://www.linkedin.com/in/tharindun/
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] Lib directory in Stream Processor contains OSGI bundles

[Viduranga Gunarathne]

Hi Tharindu,

Please find the comments inline.

On Tue, Jun 19, 2018 at 6:33 PM Tharindu Malawaraarachchi <
tharind...@wso2.com> wrote:

> Hi all,
> In Carbon 4 based wso2 products, there are 2 separate folders (dropins and
> lib) to keep OSGI bundles and other non OSGI jars. But in wso2 stream
> processor there is no dropins directory and the lib directory keeps OSGI
> bundles.
> Is it mandate to convert the non OSGI modules to OSGi with stream
> processor?
>

WSO2 products run on an OSGi environment and it would be best to add as an
OSGi bundle rather than a jar. However it is not mandatory. You can add
jars also. Accoding to guide[1] you only need to add mysql-connector jars
as it is to the lib folder.

Also you can refer guide[2] to activate the osgi console and refer blog[3]
to see how to debug the osgi bundles at runtime.


> Or is there a way to add non OSGI jars [example- sql driver jars] to SP
>
> Thanks and Regards,
> Tharindu
> --
> *Tharindu Malawaraarachchi*
> Software Engineer | WSO2
>
> tharind...@wso2.com
> +94 719340143
> https://www.linkedin.com/in/tharindun/
>
> ___
> Dev mailing list
> Dev@wso2.org
> http://wso2.org/cgi-bin/mailman/listinfo/dev
>

[1] https://docs.wso2.com/display/SP400/Fully+Distributed+Deployment
[2] https://docs.wso2.com/display/Carbon447/Product+Startup+Options
[3]
http://movingaheadblog.blogspot.com/2014/01/how-to-debug-wso2-carbon-products-using.html
-- 
Regards*,*
*Viduranga Gunarathne*
*Software Engineer*
*WSO2 (Pvt) Ltd.*

*Mobile : *+94712437484
*Email   : *vidura...@wso2.com
*Web : *http://wso2.com
*Blog: *http://medium.com/vlgunarathne

___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] [Siddhi] UTC time of a given timezone

[Vanjikumaran Sivajothy]

AFAIK siddhi does not have a timezone [1].
but cant you write a custom func? [2]


[2] https://docs.wso2.com/display/CEP420/Writing+a+Custom+Function+Extension
[1] https://github.com/wso2/siddhi/issues/398

On Tue, Jun 19, 2018 at 2:28 PM, Shazni Nazeer  wrote:

>
> Hi,
>
> I have a requirement to get the UTC time of a given CST time. I can do by
> adding 6 or 5 hours based on *daylight* savings.
>
> I have a Siddhi query with a select as below.
>
> time:dateAdd(str:concat(time:dateFormat(time:dateSub(SchApptDateTime, 2,
> 'day'), "-MM-dd")," 09:01:00.000"), *6*, 'hour')  as
> ScheduledDateTimeUtc
>
> As you can see I have added 6 hours manually. Is there a way to get the
> UTC time of a given time based on given time-zone in Sidhdhi?
>
> If not is there an alternative way to get this worked?
>
> regards
> --
> Shazni Nazeer
>
> Mob : +94 37331
> LinkedIn : http://lk.linkedin.com/in/shazninazeer
>
> Blogs :
>
> https://medium.com/@mshazninazeer
> http://shazninazeer.blogspot.com
>
> 
>



-- 
*Vanjikumaran Sivajothy*
Lead Solutions Engineer - *WSO2 Inc. *
Committer and PMC member - Apache Synapse.
*http://wso2.com *
 *+1-925-464-6816*
[image: LinkedIn]
 [image:
Blogger]  [image: SlideShare]


This communication may contain privileged or other confidential information
and is intended exclusively for the addressee/s. If you are not the
intended recipient/s, or believe that you may have received this
communication in error, please reply to the sender indicating that fact and
delete the copy you received and in addition, you should not print,
copy, re-transmit, disseminate, or otherwise use the information contained
in this communication. Internet communications cannot be guaranteed to be
timely, secure, error or virus-free. The sender does not accept liability
for any errors or omissions
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

[Dev] [Siddhi] UTC time of a given timezone

[Shazni Nazeer]

Hi,

I have a requirement to get the UTC time of a given CST time. I can do by
adding 6 or 5 hours based on *daylight* savings.

I have a Siddhi query with a select as below.

time:dateAdd(str:concat(time:dateFormat(time:dateSub(SchApptDateTime, 2,
'day'), "-MM-dd")," 09:01:00.000"), *6*, 'hour')  as
ScheduledDateTimeUtc

As you can see I have added 6 hours manually. Is there a way to get the UTC
time of a given time based on given time-zone in Sidhdhi?

If not is there an alternative way to get this worked?

regards
-- 
Shazni Nazeer

Mob : +94 37331
LinkedIn : http://lk.linkedin.com/in/shazninazeer

Blogs :

https://medium.com/@mshazninazeer
http://shazninazeer.blogspot.com


___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] Lib directory in Stream Processor contains OSGI bundles

[Raveen Rathnayake]

Hi Tharindu,

WSO2 Stream Processor is based on the carbon 5. Hence if you want to add
non OSGI modules to stream processor you can do it by converting them using
the jartobundle.sh placed in /bin/jartobundle.sh add adding them
to the lib folder.

Execute the script:

   - In a Unix system:  sh jartobundle.sh [source jar file/source directory
   containing jar files] [destination directory]
   - Windows platform: jartobundle.bat [source jar file/source directory
   containing jar files] [destination directory]


  You can find more info here[1].

[1] https://docs.wso2.com/display/Carbon510/Converting+JARs+to+OSGi+Bundles

Thanks,
Raveen.

On Tue, Jun 19, 2018 at 6:33 PM Tharindu Malawaraarachchi <
tharind...@wso2.com> wrote:

> Hi all,
> In Carbon 4 based wso2 products, there are 2 separate folders (dropins and
> lib) to keep OSGI bundles and other non OSGI jars. But in wso2 stream
> processor there is no dropins directory and the lib directory keeps OSGI
> bundles.
> Is it mandate to convert the non OSGI modules to OSGi with stream
> processor? Or is there a way to add non OSGI jars [example- sql driver
> jars] to SP
>
> Thanks and Regards,
> Tharindu
> --
> *Tharindu Malawaraarachchi*
> Software Engineer | WSO2
>
> tharind...@wso2.com
> +94 719340143
> https://www.linkedin.com/in/tharindun/
>
> ___
> Dev mailing list
> Dev@wso2.org
> http://wso2.org/cgi-bin/mailman/listinfo/dev
>


-- 
Raveen Savinda Rathnayake,
Software Engineering Intern,
WSO2 Inc.

*lean. enterprise. middleware  *
Web: www.WSO2.com Mobile : +94771144549  Blog : https://blog.raveen.me




___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

[Dev] Lib directory in Stream Processor contains OSGI bundles

[Tharindu Malawaraarachchi]

Hi all,
In Carbon 4 based wso2 products, there are 2 separate folders (dropins and
lib) to keep OSGI bundles and other non OSGI jars. But in wso2 stream
processor there is no dropins directory and the lib directory keeps OSGI
bundles.
Is it mandate to convert the non OSGI modules to OSGi with stream
processor? Or is there a way to add non OSGI jars [example- sql driver
jars] to SP

Thanks and Regards,
Tharindu
-- 
*Tharindu Malawaraarachchi*
Software Engineer | WSO2

tharind...@wso2.com
+94 719340143
https://www.linkedin.com/in/tharindun/
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] [Architecture] [VOTE] Release of WSO2 Identity Server 5.6.0 RC3

[Madawa Soysa]

Hi All,

I have tested the following,

   - Generating MP-JWT 1.0 compatible token.
   - Microprofile JWT Sample

No blocking issues found. Hence +1 for the release.

On Tue, Jun 19, 2018 at 5:08 PM Biruntha Gnaneswaran 
wrote:

> Hi All,
>
> I have tested the following,
>
> Create service provider and tested OAuth flow with playground when hashing
> access tokens, refresh tokens, client secrets, and authorization codes
> feature enabled.
>
> No blocking issues found.
>
> [+] Stable - go ahead and release
>
> Thanks,
>
> On Tue, Jun 19, 2018 at 4:52 PM, Nadeeshani Pathirennehelage <
> nadeesha...@wso2.com> wrote:
>
>> Hi All,
>>
>> +1 from Platform Security Team.
>>
>> Thank You,
>> Nadeeshani.
>>
>> On Tue, Jun 19, 2018 at 4:42 PM, Ashen Weerathunga 
>> wrote:
>>
>>> Hi All,
>>>
>>> I have tested the following and found no issues.
>>>
>>>- Consent Management for Self Sign Up.
>>>- Creating Users with the Ask Password Option.
>>>- Password pattern validation.
>>>- SAML SSO with Consent Management.
>>>
>>> [+] Stable - go ahead and release
>>>
>>> Thanks,
>>> Ashen
>>>
>>>
>>> On Tue, Jun 19, 2018 at 3:59 PM Ishara Karunarathna 
>>> wrote:
>>>
 Hi All,

 Tested the IS 5.6.0-RC3 integration with IS-Analytics-5.6.0
 And check the session analytics reports.


 No blocking issues found.
 [+] Stable

 Thanks,
 Ishara





 On Tue, Jun 19, 2018 at 3:48 PM Isuri Anuradha  wrote:

> Hi all,
>
> I've tested following scenarios on the IS 5.6.0-RC3 pack.
>
>- SAML to SAML federation flow.
>- Publish and Update XACML policies.
>- OAuth token revocation.
>
> No blocking issues found.
>
> [+] Stable
>
> Thanks
> Isuri.
>
> On Tue, Jun 19, 2018 at 3:34 PM, Omindu Rathnaweera 
> wrote:
>
>> Hi All,
>>
>> Tested SCIM 2.0 basic operations. No blocking issues found
>>
>> [+] Stable - Go ahead and release
>>
>> Regards,
>> Omindu.
>>
>>
>>
>>
>>
>> On Tue, Jun 19, 2018 at 3:14 PM Nipuni Bhagya 
>> wrote:
>>
>>> Hi all,
>>>
>>> I've tested following scenarios on the IS 5.6.0-RC3 pack.
>>>
>>>- Configuring Single-Sign-On with SAML2
>>>- Configuring Single-Sign-On with OIDC
>>>- Configuring Multi-Factor Authentication
>>>- Configuring Twitter as a Federated Authenticator
>>>- Setting up Self-Signup
>>>- Creating a workflow
>>>- Tested Consent management API (Add/Retrieve purposes,
>>>Add/revoke consents.)
>>>
>>> No blocking issues found.
>>>
>>> [+] Stable
>>>
>>> Thanks,
>>>
>>>
>>> On Tue, Jun 19, 2018 at 2:38 AM Pulasthi Mahawithana <
>>> pulast...@wso2.com> wrote:
>>>
 Hi,

 Tested SSO with Multi step/multi option authentication, Google
 and Twitter authenticators

 No blocking issues found.

 [+] Stable - Go ahead and release


 On Tue, Jun 19, 2018 at 2:59 PM Hasanthi Purnima Dissanayake <
 hasan...@wso2.com> wrote:

> Hi,
>
> Tested below scenarios on IS 5.6.0-RC3 pack,
>
> - Register a service provider
> - Obtain an access token using JWT grant type
> - Invoke user info endpoint using the token.
>
> No blocking issues found.
>
> [+] Stable - Go ahead and release
>
> Thanks,
> Hasanthi
>
> On Tue, Jun 19, 2018 at 2:44 PM, Dewni Weeraman 
> wrote:
>
>> Hi,
>>
>> Tested below scenarios on IS 5.6.0-RC3 pack,
>>
>>- Invoke the OAuth Introspection Endpoint.
>>- OAuth token revocation.
>>- Entitlement policy creation using write policy in xml and
>>publishing.
>>- Using REST APIs via XACML to manage entitlement.
>>- Create, update, get, delete an OAuth app using Dynamic
>>Client Registration endpoint.
>>
>>
>> No blocking issues found.
>>
>> [+] Stable - Go ahead and release
>>
>> Thanks,
>> Dewni
>>
>> On Tue, Jun 19, 2018 at 1:43 PM, Sathya Bandara 
>> wrote:
>>
>>> Hi all,
>>>
>>> I've tested following scenarios on the IS 5.6.0-RC3 pack.
>>>
>>> User management (add/update/remove users).
>>> User management in secondary userstores (Read-Write LDAP).
>>> Consent Management in SAML SSO.
>>> SAML to SAML federation.
>>> Creating workflows definitions for primary userstore users.
>>> Engaging/Disabling workflows on user-store operations.
>>> Enable role based authorization using XACML for service
>>> providers.
>>> Tenant 

Re: [Dev] [Architecture] [VOTE] Release of WSO2 Identity Server 5.6.0 RC3

[Biruntha Gnaneswaran]

Hi All,

I have tested the following,

Create service provider and tested OAuth flow with playground when hashing
access tokens, refresh tokens, client secrets, and authorization codes
feature enabled.

No blocking issues found.

[+] Stable - go ahead and release

Thanks,

On Tue, Jun 19, 2018 at 4:52 PM, Nadeeshani Pathirennehelage <
nadeesha...@wso2.com> wrote:

> Hi All,
>
> +1 from Platform Security Team.
>
> Thank You,
> Nadeeshani.
>
> On Tue, Jun 19, 2018 at 4:42 PM, Ashen Weerathunga  wrote:
>
>> Hi All,
>>
>> I have tested the following and found no issues.
>>
>>- Consent Management for Self Sign Up.
>>- Creating Users with the Ask Password Option.
>>- Password pattern validation.
>>- SAML SSO with Consent Management.
>>
>> [+] Stable - go ahead and release
>>
>> Thanks,
>> Ashen
>>
>>
>> On Tue, Jun 19, 2018 at 3:59 PM Ishara Karunarathna 
>> wrote:
>>
>>> Hi All,
>>>
>>> Tested the IS 5.6.0-RC3 integration with IS-Analytics-5.6.0
>>> And check the session analytics reports.
>>>
>>>
>>> No blocking issues found.
>>> [+] Stable
>>>
>>> Thanks,
>>> Ishara
>>>
>>>
>>>
>>>
>>>
>>> On Tue, Jun 19, 2018 at 3:48 PM Isuri Anuradha  wrote:
>>>
 Hi all,

 I've tested following scenarios on the IS 5.6.0-RC3 pack.

- SAML to SAML federation flow.
- Publish and Update XACML policies.
- OAuth token revocation.

 No blocking issues found.

 [+] Stable

 Thanks
 Isuri.

 On Tue, Jun 19, 2018 at 3:34 PM, Omindu Rathnaweera 
 wrote:

> Hi All,
>
> Tested SCIM 2.0 basic operations. No blocking issues found
>
> [+] Stable - Go ahead and release
>
> Regards,
> Omindu.
>
>
>
>
>
> On Tue, Jun 19, 2018 at 3:14 PM Nipuni Bhagya 
> wrote:
>
>> Hi all,
>>
>> I've tested following scenarios on the IS 5.6.0-RC3 pack.
>>
>>- Configuring Single-Sign-On with SAML2
>>- Configuring Single-Sign-On with OIDC
>>- Configuring Multi-Factor Authentication
>>- Configuring Twitter as a Federated Authenticator
>>- Setting up Self-Signup
>>- Creating a workflow
>>- Tested Consent management API (Add/Retrieve purposes,
>>Add/revoke consents.)
>>
>> No blocking issues found.
>>
>> [+] Stable
>>
>> Thanks,
>>
>>
>> On Tue, Jun 19, 2018 at 2:38 AM Pulasthi Mahawithana <
>> pulast...@wso2.com> wrote:
>>
>>> Hi,
>>>
>>> Tested SSO with Multi step/multi option authentication, Google
>>> and Twitter authenticators
>>>
>>> No blocking issues found.
>>>
>>> [+] Stable - Go ahead and release
>>>
>>>
>>> On Tue, Jun 19, 2018 at 2:59 PM Hasanthi Purnima Dissanayake <
>>> hasan...@wso2.com> wrote:
>>>
 Hi,

 Tested below scenarios on IS 5.6.0-RC3 pack,

 - Register a service provider
 - Obtain an access token using JWT grant type
 - Invoke user info endpoint using the token.

 No blocking issues found.

 [+] Stable - Go ahead and release

 Thanks,
 Hasanthi

 On Tue, Jun 19, 2018 at 2:44 PM, Dewni Weeraman 
 wrote:

> Hi,
>
> Tested below scenarios on IS 5.6.0-RC3 pack,
>
>- Invoke the OAuth Introspection Endpoint.
>- OAuth token revocation.
>- Entitlement policy creation using write policy in xml and
>publishing.
>- Using REST APIs via XACML to manage entitlement.
>- Create, update, get, delete an OAuth app using Dynamic
>Client Registration endpoint.
>
>
> No blocking issues found.
>
> [+] Stable - Go ahead and release
>
> Thanks,
> Dewni
>
> On Tue, Jun 19, 2018 at 1:43 PM, Sathya Bandara 
> wrote:
>
>> Hi all,
>>
>> I've tested following scenarios on the IS 5.6.0-RC3 pack.
>>
>> User management (add/update/remove users).
>> User management in secondary userstores (Read-Write LDAP).
>> Consent Management in SAML SSO.
>> SAML to SAML federation.
>> Creating workflows definitions for primary userstore users.
>> Engaging/Disabling workflows on user-store operations.
>> Enable role based authorization using XACML for service providers.
>> Tenant creation/update/disabling.
>>
>> No blocking issues are found.
>>
>> [+] Stable - go ahead and release.
>>
>> Thanks,
>> Sathya
>>
>>
>> On Tue, Jun 19, 2018 at 12:26 PM, Vihanga Liyanage <
>> viha...@wso2.com> wrote:
>>
>>> Hi all,
>>>
>>> I've tested following scenarios on the IS 5.6.0-RC3 pack with
>>> 

Re: [Dev] [Architecture] [VOTE] Release of WSO2 Identity Server 5.6.0 RC3

[Nadeeshani Pathirennehelage]

Hi All,

+1 from Platform Security Team.

Thank You,
Nadeeshani.

On Tue, Jun 19, 2018 at 4:42 PM, Ashen Weerathunga  wrote:

> Hi All,
>
> I have tested the following and found no issues.
>
>- Consent Management for Self Sign Up.
>- Creating Users with the Ask Password Option.
>- Password pattern validation.
>- SAML SSO with Consent Management.
>
> [+] Stable - go ahead and release
>
> Thanks,
> Ashen
>
>
> On Tue, Jun 19, 2018 at 3:59 PM Ishara Karunarathna 
> wrote:
>
>> Hi All,
>>
>> Tested the IS 5.6.0-RC3 integration with IS-Analytics-5.6.0
>> And check the session analytics reports.
>>
>>
>> No blocking issues found.
>> [+] Stable
>>
>> Thanks,
>> Ishara
>>
>>
>>
>>
>>
>> On Tue, Jun 19, 2018 at 3:48 PM Isuri Anuradha  wrote:
>>
>>> Hi all,
>>>
>>> I've tested following scenarios on the IS 5.6.0-RC3 pack.
>>>
>>>- SAML to SAML federation flow.
>>>- Publish and Update XACML policies.
>>>- OAuth token revocation.
>>>
>>> No blocking issues found.
>>>
>>> [+] Stable
>>>
>>> Thanks
>>> Isuri.
>>>
>>> On Tue, Jun 19, 2018 at 3:34 PM, Omindu Rathnaweera 
>>> wrote:
>>>
 Hi All,

 Tested SCIM 2.0 basic operations. No blocking issues found

 [+] Stable - Go ahead and release

 Regards,
 Omindu.





 On Tue, Jun 19, 2018 at 3:14 PM Nipuni Bhagya  wrote:

> Hi all,
>
> I've tested following scenarios on the IS 5.6.0-RC3 pack.
>
>- Configuring Single-Sign-On with SAML2
>- Configuring Single-Sign-On with OIDC
>- Configuring Multi-Factor Authentication
>- Configuring Twitter as a Federated Authenticator
>- Setting up Self-Signup
>- Creating a workflow
>- Tested Consent management API (Add/Retrieve purposes, Add/revoke
>consents.)
>
> No blocking issues found.
>
> [+] Stable
>
> Thanks,
>
>
> On Tue, Jun 19, 2018 at 2:38 AM Pulasthi Mahawithana <
> pulast...@wso2.com> wrote:
>
>> Hi,
>>
>> Tested SSO with Multi step/multi option authentication, Google
>> and Twitter authenticators
>>
>> No blocking issues found.
>>
>> [+] Stable - Go ahead and release
>>
>>
>> On Tue, Jun 19, 2018 at 2:59 PM Hasanthi Purnima Dissanayake <
>> hasan...@wso2.com> wrote:
>>
>>> Hi,
>>>
>>> Tested below scenarios on IS 5.6.0-RC3 pack,
>>>
>>> - Register a service provider
>>> - Obtain an access token using JWT grant type
>>> - Invoke user info endpoint using the token.
>>>
>>> No blocking issues found.
>>>
>>> [+] Stable - Go ahead and release
>>>
>>> Thanks,
>>> Hasanthi
>>>
>>> On Tue, Jun 19, 2018 at 2:44 PM, Dewni Weeraman 
>>> wrote:
>>>
 Hi,

 Tested below scenarios on IS 5.6.0-RC3 pack,

- Invoke the OAuth Introspection Endpoint.
- OAuth token revocation.
- Entitlement policy creation using write policy in xml and
publishing.
- Using REST APIs via XACML to manage entitlement.
- Create, update, get, delete an OAuth app using Dynamic Client
Registration endpoint.


 No blocking issues found.

 [+] Stable - Go ahead and release

 Thanks,
 Dewni

 On Tue, Jun 19, 2018 at 1:43 PM, Sathya Bandara 
 wrote:

> Hi all,
>
> I've tested following scenarios on the IS 5.6.0-RC3 pack.
>
> User management (add/update/remove users).
> User management in secondary userstores (Read-Write LDAP).
> Consent Management in SAML SSO.
> SAML to SAML federation.
> Creating workflows definitions for primary userstore users.
> Engaging/Disabling workflows on user-store operations.
> Enable role based authorization using XACML for service providers.
> Tenant creation/update/disabling.
>
> No blocking issues are found.
>
> [+] Stable - go ahead and release.
>
> Thanks,
> Sathya
>
>
> On Tue, Jun 19, 2018 at 12:26 PM, Vihanga Liyanage <
> viha...@wso2.com> wrote:
>
>> Hi all,
>>
>> I've tested following scenarios on the IS 5.6.0-RC3 pack with
>> default database setup.
>>
>>- Enable user self-registration and self-register a new user.
>>- Add multiple consent purposes with multiple PII categories.
>>- Login to dashboard and see whether we can see the default
>>consent and above added PII categories.
>>- Confirm claims are getting filtered based on consents.
>>- Configure a service provider with OpenID Connect and
>>acquire access tokens via Authorization Code, Implicit, Client 
>> Credential

Re: [Dev] [Architecture] [VOTE] Release of WSO2 Identity Server 5.6.0 RC3

[Ashen Weerathunga]

Hi All,

I have tested the following and found no issues.

   - Consent Management for Self Sign Up.
   - Creating Users with the Ask Password Option.
   - Password pattern validation.
   - SAML SSO with Consent Management.

[+] Stable - go ahead and release

Thanks,
Ashen


On Tue, Jun 19, 2018 at 3:59 PM Ishara Karunarathna 
wrote:

> Hi All,
>
> Tested the IS 5.6.0-RC3 integration with IS-Analytics-5.6.0
> And check the session analytics reports.
>
>
> No blocking issues found.
> [+] Stable
>
> Thanks,
> Ishara
>
>
>
>
>
> On Tue, Jun 19, 2018 at 3:48 PM Isuri Anuradha  wrote:
>
>> Hi all,
>>
>> I've tested following scenarios on the IS 5.6.0-RC3 pack.
>>
>>- SAML to SAML federation flow.
>>- Publish and Update XACML policies.
>>- OAuth token revocation.
>>
>> No blocking issues found.
>>
>> [+] Stable
>>
>> Thanks
>> Isuri.
>>
>> On Tue, Jun 19, 2018 at 3:34 PM, Omindu Rathnaweera 
>> wrote:
>>
>>> Hi All,
>>>
>>> Tested SCIM 2.0 basic operations. No blocking issues found
>>>
>>> [+] Stable - Go ahead and release
>>>
>>> Regards,
>>> Omindu.
>>>
>>>
>>>
>>>
>>>
>>> On Tue, Jun 19, 2018 at 3:14 PM Nipuni Bhagya  wrote:
>>>
 Hi all,

 I've tested following scenarios on the IS 5.6.0-RC3 pack.

- Configuring Single-Sign-On with SAML2
- Configuring Single-Sign-On with OIDC
- Configuring Multi-Factor Authentication
- Configuring Twitter as a Federated Authenticator
- Setting up Self-Signup
- Creating a workflow
- Tested Consent management API (Add/Retrieve purposes, Add/revoke
consents.)

 No blocking issues found.

 [+] Stable

 Thanks,


 On Tue, Jun 19, 2018 at 2:38 AM Pulasthi Mahawithana <
 pulast...@wso2.com> wrote:

> Hi,
>
> Tested SSO with Multi step/multi option authentication, Google
> and Twitter authenticators
>
> No blocking issues found.
>
> [+] Stable - Go ahead and release
>
>
> On Tue, Jun 19, 2018 at 2:59 PM Hasanthi Purnima Dissanayake <
> hasan...@wso2.com> wrote:
>
>> Hi,
>>
>> Tested below scenarios on IS 5.6.0-RC3 pack,
>>
>> - Register a service provider
>> - Obtain an access token using JWT grant type
>> - Invoke user info endpoint using the token.
>>
>> No blocking issues found.
>>
>> [+] Stable - Go ahead and release
>>
>> Thanks,
>> Hasanthi
>>
>> On Tue, Jun 19, 2018 at 2:44 PM, Dewni Weeraman 
>> wrote:
>>
>>> Hi,
>>>
>>> Tested below scenarios on IS 5.6.0-RC3 pack,
>>>
>>>- Invoke the OAuth Introspection Endpoint.
>>>- OAuth token revocation.
>>>- Entitlement policy creation using write policy in xml and
>>>publishing.
>>>- Using REST APIs via XACML to manage entitlement.
>>>- Create, update, get, delete an OAuth app using Dynamic Client
>>>Registration endpoint.
>>>
>>>
>>> No blocking issues found.
>>>
>>> [+] Stable - Go ahead and release
>>>
>>> Thanks,
>>> Dewni
>>>
>>> On Tue, Jun 19, 2018 at 1:43 PM, Sathya Bandara 
>>> wrote:
>>>
 Hi all,

 I've tested following scenarios on the IS 5.6.0-RC3 pack.

 User management (add/update/remove users).
 User management in secondary userstores (Read-Write LDAP).
 Consent Management in SAML SSO.
 SAML to SAML federation.
 Creating workflows definitions for primary userstore users.
 Engaging/Disabling workflows on user-store operations.
 Enable role based authorization using XACML for service providers.
 Tenant creation/update/disabling.

 No blocking issues are found.

 [+] Stable - go ahead and release.

 Thanks,
 Sathya


 On Tue, Jun 19, 2018 at 12:26 PM, Vihanga Liyanage <
 viha...@wso2.com> wrote:

> Hi all,
>
> I've tested following scenarios on the IS 5.6.0-RC3 pack with
> default database setup.
>
>- Enable user self-registration and self-register a new user.
>- Add multiple consent purposes with multiple PII categories.
>- Login to dashboard and see whether we can see the default
>consent and above added PII categories.
>- Confirm claims are getting filtered based on consents.
>- Configure a service provider with OpenID Connect and acquire
>access tokens via Authorization Code, Implicit, Client Credential 
> and
>Password grant types.
>- Enable ID token encryption for the service provider and test
>the flow with decryption for all grant types.
>- Delete the self-signed up user, create another user with the
>exact same username, log in to the dashboard and see what are the

Re: [Dev] [Architecture] [VOTE] Release of WSO2 Identity Server 5.6.0 RC3

[Ishara Karunarathna]

Hi All,

Tested the IS 5.6.0-RC3 integration with IS-Analytics-5.6.0
And check the session analytics reports.


No blocking issues found.
[+] Stable

Thanks,
Ishara





On Tue, Jun 19, 2018 at 3:48 PM Isuri Anuradha  wrote:

> Hi all,
>
> I've tested following scenarios on the IS 5.6.0-RC3 pack.
>
>- SAML to SAML federation flow.
>- Publish and Update XACML policies.
>- OAuth token revocation.
>
> No blocking issues found.
>
> [+] Stable
>
> Thanks
> Isuri.
>
> On Tue, Jun 19, 2018 at 3:34 PM, Omindu Rathnaweera 
> wrote:
>
>> Hi All,
>>
>> Tested SCIM 2.0 basic operations. No blocking issues found
>>
>> [+] Stable - Go ahead and release
>>
>> Regards,
>> Omindu.
>>
>>
>>
>>
>>
>> On Tue, Jun 19, 2018 at 3:14 PM Nipuni Bhagya  wrote:
>>
>>> Hi all,
>>>
>>> I've tested following scenarios on the IS 5.6.0-RC3 pack.
>>>
>>>- Configuring Single-Sign-On with SAML2
>>>- Configuring Single-Sign-On with OIDC
>>>- Configuring Multi-Factor Authentication
>>>- Configuring Twitter as a Federated Authenticator
>>>- Setting up Self-Signup
>>>- Creating a workflow
>>>- Tested Consent management API (Add/Retrieve purposes, Add/revoke
>>>consents.)
>>>
>>> No blocking issues found.
>>>
>>> [+] Stable
>>>
>>> Thanks,
>>>
>>>
>>> On Tue, Jun 19, 2018 at 2:38 AM Pulasthi Mahawithana 
>>> wrote:
>>>
 Hi,

 Tested SSO with Multi step/multi option authentication, Google
 and Twitter authenticators

 No blocking issues found.

 [+] Stable - Go ahead and release


 On Tue, Jun 19, 2018 at 2:59 PM Hasanthi Purnima Dissanayake <
 hasan...@wso2.com> wrote:

> Hi,
>
> Tested below scenarios on IS 5.6.0-RC3 pack,
>
> - Register a service provider
> - Obtain an access token using JWT grant type
> - Invoke user info endpoint using the token.
>
> No blocking issues found.
>
> [+] Stable - Go ahead and release
>
> Thanks,
> Hasanthi
>
> On Tue, Jun 19, 2018 at 2:44 PM, Dewni Weeraman 
> wrote:
>
>> Hi,
>>
>> Tested below scenarios on IS 5.6.0-RC3 pack,
>>
>>- Invoke the OAuth Introspection Endpoint.
>>- OAuth token revocation.
>>- Entitlement policy creation using write policy in xml and
>>publishing.
>>- Using REST APIs via XACML to manage entitlement.
>>- Create, update, get, delete an OAuth app using Dynamic Client
>>Registration endpoint.
>>
>>
>> No blocking issues found.
>>
>> [+] Stable - Go ahead and release
>>
>> Thanks,
>> Dewni
>>
>> On Tue, Jun 19, 2018 at 1:43 PM, Sathya Bandara 
>> wrote:
>>
>>> Hi all,
>>>
>>> I've tested following scenarios on the IS 5.6.0-RC3 pack.
>>>
>>> User management (add/update/remove users).
>>> User management in secondary userstores (Read-Write LDAP).
>>> Consent Management in SAML SSO.
>>> SAML to SAML federation.
>>> Creating workflows definitions for primary userstore users.
>>> Engaging/Disabling workflows on user-store operations.
>>> Enable role based authorization using XACML for service providers.
>>> Tenant creation/update/disabling.
>>>
>>> No blocking issues are found.
>>>
>>> [+] Stable - go ahead and release.
>>>
>>> Thanks,
>>> Sathya
>>>
>>>
>>> On Tue, Jun 19, 2018 at 12:26 PM, Vihanga Liyanage >> > wrote:
>>>
 Hi all,

 I've tested following scenarios on the IS 5.6.0-RC3 pack with
 default database setup.

- Enable user self-registration and self-register a new user.
- Add multiple consent purposes with multiple PII categories.
- Login to dashboard and see whether we can see the default
consent and above added PII categories.
- Confirm claims are getting filtered based on consents.
- Configure a service provider with OpenID Connect and acquire
access tokens via Authorization Code, Implicit, Client Credential 
 and
Password grant types.
- Enable ID token encryption for the service provider and test
the flow with decryption for all grant types.
- Delete the self-signed up user, create another user with the
exact same username, log in to the dashboard and see what are the
consents shown.
- Revoke consents of the user via the dashboard and try
accessing the SP to verify the consents are asked again.
- Delete the SP, login to the dashboard and see whether the
consents are deleted for that SP.

 No blocking issues are found.

 [+] Stable - go ahead and release.

 Thanks,
 Vihanga.

 On Fri, Jun 15, 2018 at 6:29 PM Madawa Soysa 
 wrote:

> Hi all,
>
> 

Re: [Dev] [Architecture] [VOTE] Release of WSO2 Identity Server 5.6.0 RC3

[Thanuja Jayasinghe]

Hi All,

Tested user account association scenarios. No blocking issues found.

[+] Stable - Go ahead and release

Thanks,
Thanuja

On Tue, Jun 19, 2018 at 3:48 PM Isuri Anuradha  wrote:

> Hi all,
>
> I've tested following scenarios on the IS 5.6.0-RC3 pack.
>
>- SAML to SAML federation flow.
>- Publish and Update XACML policies.
>- OAuth token revocation.
>
> No blocking issues found.
>
> [+] Stable
>
> Thanks
> Isuri.
>
> On Tue, Jun 19, 2018 at 3:34 PM, Omindu Rathnaweera 
> wrote:
>
>> Hi All,
>>
>> Tested SCIM 2.0 basic operations. No blocking issues found
>>
>> [+] Stable - Go ahead and release
>>
>> Regards,
>> Omindu.
>>
>>
>>
>>
>>
>> On Tue, Jun 19, 2018 at 3:14 PM Nipuni Bhagya  wrote:
>>
>>> Hi all,
>>>
>>> I've tested following scenarios on the IS 5.6.0-RC3 pack.
>>>
>>>- Configuring Single-Sign-On with SAML2
>>>- Configuring Single-Sign-On with OIDC
>>>- Configuring Multi-Factor Authentication
>>>- Configuring Twitter as a Federated Authenticator
>>>- Setting up Self-Signup
>>>- Creating a workflow
>>>- Tested Consent management API (Add/Retrieve purposes, Add/revoke
>>>consents.)
>>>
>>> No blocking issues found.
>>>
>>> [+] Stable
>>>
>>> Thanks,
>>>
>>>
>>> On Tue, Jun 19, 2018 at 2:38 AM Pulasthi Mahawithana 
>>> wrote:
>>>
 Hi,

 Tested SSO with Multi step/multi option authentication, Google
 and Twitter authenticators

 No blocking issues found.

 [+] Stable - Go ahead and release


 On Tue, Jun 19, 2018 at 2:59 PM Hasanthi Purnima Dissanayake <
 hasan...@wso2.com> wrote:

> Hi,
>
> Tested below scenarios on IS 5.6.0-RC3 pack,
>
> - Register a service provider
> - Obtain an access token using JWT grant type
> - Invoke user info endpoint using the token.
>
> No blocking issues found.
>
> [+] Stable - Go ahead and release
>
> Thanks,
> Hasanthi
>
> On Tue, Jun 19, 2018 at 2:44 PM, Dewni Weeraman 
> wrote:
>
>> Hi,
>>
>> Tested below scenarios on IS 5.6.0-RC3 pack,
>>
>>- Invoke the OAuth Introspection Endpoint.
>>- OAuth token revocation.
>>- Entitlement policy creation using write policy in xml and
>>publishing.
>>- Using REST APIs via XACML to manage entitlement.
>>- Create, update, get, delete an OAuth app using Dynamic Client
>>Registration endpoint.
>>
>>
>> No blocking issues found.
>>
>> [+] Stable - Go ahead and release
>>
>> Thanks,
>> Dewni
>>
>> On Tue, Jun 19, 2018 at 1:43 PM, Sathya Bandara 
>> wrote:
>>
>>> Hi all,
>>>
>>> I've tested following scenarios on the IS 5.6.0-RC3 pack.
>>>
>>> User management (add/update/remove users).
>>> User management in secondary userstores (Read-Write LDAP).
>>> Consent Management in SAML SSO.
>>> SAML to SAML federation.
>>> Creating workflows definitions for primary userstore users.
>>> Engaging/Disabling workflows on user-store operations.
>>> Enable role based authorization using XACML for service providers.
>>> Tenant creation/update/disabling.
>>>
>>> No blocking issues are found.
>>>
>>> [+] Stable - go ahead and release.
>>>
>>> Thanks,
>>> Sathya
>>>
>>>
>>> On Tue, Jun 19, 2018 at 12:26 PM, Vihanga Liyanage >> > wrote:
>>>
 Hi all,

 I've tested following scenarios on the IS 5.6.0-RC3 pack with
 default database setup.

- Enable user self-registration and self-register a new user.
- Add multiple consent purposes with multiple PII categories.
- Login to dashboard and see whether we can see the default
consent and above added PII categories.
- Confirm claims are getting filtered based on consents.
- Configure a service provider with OpenID Connect and acquire
access tokens via Authorization Code, Implicit, Client Credential 
 and
Password grant types.
- Enable ID token encryption for the service provider and test
the flow with decryption for all grant types.
- Delete the self-signed up user, create another user with the
exact same username, log in to the dashboard and see what are the
consents shown.
- Revoke consents of the user via the dashboard and try
accessing the SP to verify the consents are asked again.
- Delete the SP, login to the dashboard and see whether the
consents are deleted for that SP.

 No blocking issues are found.

 [+] Stable - go ahead and release.

 Thanks,
 Vihanga.

 On Fri, Jun 15, 2018 at 6:29 PM Madawa Soysa 
 wrote:

> Hi all,
>
> We are pleased to announce the third 

Re: [Dev] [Architecture] [VOTE] Release of WSO2 Identity Server 5.6.0 RC3

[Isuri Anuradha]

Hi all,

I've tested following scenarios on the IS 5.6.0-RC3 pack.

   - SAML to SAML federation flow.
   - Publish and Update XACML policies.
   - OAuth token revocation.

No blocking issues found.

[+] Stable

Thanks
Isuri.

On Tue, Jun 19, 2018 at 3:34 PM, Omindu Rathnaweera  wrote:

> Hi All,
>
> Tested SCIM 2.0 basic operations. No blocking issues found
>
> [+] Stable - Go ahead and release
>
> Regards,
> Omindu.
>
>
>
>
>
> On Tue, Jun 19, 2018 at 3:14 PM Nipuni Bhagya  wrote:
>
>> Hi all,
>>
>> I've tested following scenarios on the IS 5.6.0-RC3 pack.
>>
>>- Configuring Single-Sign-On with SAML2
>>- Configuring Single-Sign-On with OIDC
>>- Configuring Multi-Factor Authentication
>>- Configuring Twitter as a Federated Authenticator
>>- Setting up Self-Signup
>>- Creating a workflow
>>- Tested Consent management API (Add/Retrieve purposes, Add/revoke
>>consents.)
>>
>> No blocking issues found.
>>
>> [+] Stable
>>
>> Thanks,
>>
>>
>> On Tue, Jun 19, 2018 at 2:38 AM Pulasthi Mahawithana 
>> wrote:
>>
>>> Hi,
>>>
>>> Tested SSO with Multi step/multi option authentication, Google
>>> and Twitter authenticators
>>>
>>> No blocking issues found.
>>>
>>> [+] Stable - Go ahead and release
>>>
>>>
>>> On Tue, Jun 19, 2018 at 2:59 PM Hasanthi Purnima Dissanayake <
>>> hasan...@wso2.com> wrote:
>>>
 Hi,

 Tested below scenarios on IS 5.6.0-RC3 pack,

 - Register a service provider
 - Obtain an access token using JWT grant type
 - Invoke user info endpoint using the token.

 No blocking issues found.

 [+] Stable - Go ahead and release

 Thanks,
 Hasanthi

 On Tue, Jun 19, 2018 at 2:44 PM, Dewni Weeraman  wrote:

> Hi,
>
> Tested below scenarios on IS 5.6.0-RC3 pack,
>
>- Invoke the OAuth Introspection Endpoint.
>- OAuth token revocation.
>- Entitlement policy creation using write policy in xml and
>publishing.
>- Using REST APIs via XACML to manage entitlement.
>- Create, update, get, delete an OAuth app using Dynamic Client
>Registration endpoint.
>
>
> No blocking issues found.
>
> [+] Stable - Go ahead and release
>
> Thanks,
> Dewni
>
> On Tue, Jun 19, 2018 at 1:43 PM, Sathya Bandara 
> wrote:
>
>> Hi all,
>>
>> I've tested following scenarios on the IS 5.6.0-RC3 pack.
>>
>> User management (add/update/remove users).
>> User management in secondary userstores (Read-Write LDAP).
>> Consent Management in SAML SSO.
>> SAML to SAML federation.
>> Creating workflows definitions for primary userstore users.
>> Engaging/Disabling workflows on user-store operations.
>> Enable role based authorization using XACML for service providers.
>> Tenant creation/update/disabling.
>>
>> No blocking issues are found.
>>
>> [+] Stable - go ahead and release.
>>
>> Thanks,
>> Sathya
>>
>>
>> On Tue, Jun 19, 2018 at 12:26 PM, Vihanga Liyanage 
>> wrote:
>>
>>> Hi all,
>>>
>>> I've tested following scenarios on the IS 5.6.0-RC3 pack with
>>> default database setup.
>>>
>>>- Enable user self-registration and self-register a new user.
>>>- Add multiple consent purposes with multiple PII categories.
>>>- Login to dashboard and see whether we can see the default
>>>consent and above added PII categories.
>>>- Confirm claims are getting filtered based on consents.
>>>- Configure a service provider with OpenID Connect and acquire
>>>access tokens via Authorization Code, Implicit, Client Credential and
>>>Password grant types.
>>>- Enable ID token encryption for the service provider and test
>>>the flow with decryption for all grant types.
>>>- Delete the self-signed up user, create another user with the
>>>exact same username, log in to the dashboard and see what are the
>>>consents shown.
>>>- Revoke consents of the user via the dashboard and try
>>>accessing the SP to verify the consents are asked again.
>>>- Delete the SP, login to the dashboard and see whether the
>>>consents are deleted for that SP.
>>>
>>> No blocking issues are found.
>>>
>>> [+] Stable - go ahead and release.
>>>
>>> Thanks,
>>> Vihanga.
>>>
>>> On Fri, Jun 15, 2018 at 6:29 PM Madawa Soysa 
>>> wrote:
>>>
 Hi all,

 We are pleased to announce the third release candidate of WSO2
 Identity Server 5.6.0.

 This release fixes the following issues

- 5.6.0-RC Fixes

- 5.6.0-Beta Fixes

- 5.6.0-Alpha2 Fixes

Re: [Dev] [Architecture] [VOTE] Release of WSO2 Identity Server 5.6.0 RC3

[Omindu Rathnaweera]

Hi All,

Tested SCIM 2.0 basic operations. No blocking issues found

[+] Stable - Go ahead and release

Regards,
Omindu.





On Tue, Jun 19, 2018 at 3:14 PM Nipuni Bhagya  wrote:

> Hi all,
>
> I've tested following scenarios on the IS 5.6.0-RC3 pack.
>
>- Configuring Single-Sign-On with SAML2
>- Configuring Single-Sign-On with OIDC
>- Configuring Multi-Factor Authentication
>- Configuring Twitter as a Federated Authenticator
>- Setting up Self-Signup
>- Creating a workflow
>- Tested Consent management API (Add/Retrieve purposes, Add/revoke
>consents.)
>
> No blocking issues found.
>
> [+] Stable
>
> Thanks,
>
>
> On Tue, Jun 19, 2018 at 2:38 AM Pulasthi Mahawithana 
> wrote:
>
>> Hi,
>>
>> Tested SSO with Multi step/multi option authentication, Google
>> and Twitter authenticators
>>
>> No blocking issues found.
>>
>> [+] Stable - Go ahead and release
>>
>>
>> On Tue, Jun 19, 2018 at 2:59 PM Hasanthi Purnima Dissanayake <
>> hasan...@wso2.com> wrote:
>>
>>> Hi,
>>>
>>> Tested below scenarios on IS 5.6.0-RC3 pack,
>>>
>>> - Register a service provider
>>> - Obtain an access token using JWT grant type
>>> - Invoke user info endpoint using the token.
>>>
>>> No blocking issues found.
>>>
>>> [+] Stable - Go ahead and release
>>>
>>> Thanks,
>>> Hasanthi
>>>
>>> On Tue, Jun 19, 2018 at 2:44 PM, Dewni Weeraman  wrote:
>>>
 Hi,

 Tested below scenarios on IS 5.6.0-RC3 pack,

- Invoke the OAuth Introspection Endpoint.
- OAuth token revocation.
- Entitlement policy creation using write policy in xml and
publishing.
- Using REST APIs via XACML to manage entitlement.
- Create, update, get, delete an OAuth app using Dynamic Client
Registration endpoint.


 No blocking issues found.

 [+] Stable - Go ahead and release

 Thanks,
 Dewni

 On Tue, Jun 19, 2018 at 1:43 PM, Sathya Bandara 
 wrote:

> Hi all,
>
> I've tested following scenarios on the IS 5.6.0-RC3 pack.
>
> User management (add/update/remove users).
> User management in secondary userstores (Read-Write LDAP).
> Consent Management in SAML SSO.
> SAML to SAML federation.
> Creating workflows definitions for primary userstore users.
> Engaging/Disabling workflows on user-store operations.
> Enable role based authorization using XACML for service providers.
> Tenant creation/update/disabling.
>
> No blocking issues are found.
>
> [+] Stable - go ahead and release.
>
> Thanks,
> Sathya
>
>
> On Tue, Jun 19, 2018 at 12:26 PM, Vihanga Liyanage 
> wrote:
>
>> Hi all,
>>
>> I've tested following scenarios on the IS 5.6.0-RC3 pack with
>> default database setup.
>>
>>- Enable user self-registration and self-register a new user.
>>- Add multiple consent purposes with multiple PII categories.
>>- Login to dashboard and see whether we can see the default
>>consent and above added PII categories.
>>- Confirm claims are getting filtered based on consents.
>>- Configure a service provider with OpenID Connect and acquire
>>access tokens via Authorization Code, Implicit, Client Credential and
>>Password grant types.
>>- Enable ID token encryption for the service provider and test
>>the flow with decryption for all grant types.
>>- Delete the self-signed up user, create another user with the
>>exact same username, log in to the dashboard and see what are the
>>consents shown.
>>- Revoke consents of the user via the dashboard and try accessing
>>the SP to verify the consents are asked again.
>>- Delete the SP, login to the dashboard and see whether the
>>consents are deleted for that SP.
>>
>> No blocking issues are found.
>>
>> [+] Stable - go ahead and release.
>>
>> Thanks,
>> Vihanga.
>>
>> On Fri, Jun 15, 2018 at 6:29 PM Madawa Soysa 
>> wrote:
>>
>>> Hi all,
>>>
>>> We are pleased to announce the third release candidate of WSO2
>>> Identity Server 5.6.0.
>>>
>>> This release fixes the following issues
>>>
>>>- 5.6.0-RC Fixes
>>>
>>>- 5.6.0-Beta Fixes
>>>
>>>- 5.6.0-Alpha2 Fixes
>>>
>>>- 5.6.0-Alpha Fixes
>>>
>>>- 5.6.0-M7 Fixes
>>>
>>>- 5.6.0-M6 Fixes
>>>
>>>- 5.6.0-M5 Fixes
>>>
>>>- 

Re: [Dev] [Architecture] [VOTE] Release of WSO2 Identity Server 5.6.0 RC3

[Pulasthi Mahawithana]

Hi,

Tested SSO with Multi step/multi option authentication, Google and Twitter
authenticators

No blocking issues found.

[+] Stable - Go ahead and release


On Tue, Jun 19, 2018 at 2:59 PM Hasanthi Purnima Dissanayake <
hasan...@wso2.com> wrote:

> Hi,
>
> Tested below scenarios on IS 5.6.0-RC3 pack,
>
> - Register a service provider
> - Obtain an access token using JWT grant type
> - Invoke user info endpoint using the token.
>
> No blocking issues found.
>
> [+] Stable - Go ahead and release
>
> Thanks,
> Hasanthi
>
> On Tue, Jun 19, 2018 at 2:44 PM, Dewni Weeraman  wrote:
>
>> Hi,
>>
>> Tested below scenarios on IS 5.6.0-RC3 pack,
>>
>>- Invoke the OAuth Introspection Endpoint.
>>- OAuth token revocation.
>>- Entitlement policy creation using write policy in xml and
>>publishing.
>>- Using REST APIs via XACML to manage entitlement.
>>- Create, update, get, delete an OAuth app using Dynamic Client
>>Registration endpoint.
>>
>>
>> No blocking issues found.
>>
>> [+] Stable - Go ahead and release
>>
>> Thanks,
>> Dewni
>>
>> On Tue, Jun 19, 2018 at 1:43 PM, Sathya Bandara  wrote:
>>
>>> Hi all,
>>>
>>> I've tested following scenarios on the IS 5.6.0-RC3 pack.
>>>
>>> User management (add/update/remove users).
>>> User management in secondary userstores (Read-Write LDAP).
>>> Consent Management in SAML SSO.
>>> SAML to SAML federation.
>>> Creating workflows definitions for primary userstore users.
>>> Engaging/Disabling workflows on user-store operations.
>>> Enable role based authorization using XACML for service providers.
>>> Tenant creation/update/disabling.
>>>
>>> No blocking issues are found.
>>>
>>> [+] Stable - go ahead and release.
>>>
>>> Thanks,
>>> Sathya
>>>
>>>
>>> On Tue, Jun 19, 2018 at 12:26 PM, Vihanga Liyanage 
>>> wrote:
>>>
 Hi all,

 I've tested following scenarios on the IS 5.6.0-RC3 pack with default
 database setup.

- Enable user self-registration and self-register a new user.
- Add multiple consent purposes with multiple PII categories.
- Login to dashboard and see whether we can see the default consent
and above added PII categories.
- Confirm claims are getting filtered based on consents.
- Configure a service provider with OpenID Connect and acquire
access tokens via Authorization Code, Implicit, Client Credential and
Password grant types.
- Enable ID token encryption for the service provider and test the
flow with decryption for all grant types.
- Delete the self-signed up user, create another user with the
exact same username, log in to the dashboard and see what are the
consents shown.
- Revoke consents of the user via the dashboard and try accessing
the SP to verify the consents are asked again.
- Delete the SP, login to the dashboard and see whether the consents
are deleted for that SP.

 No blocking issues are found.

 [+] Stable - go ahead and release.

 Thanks,
 Vihanga.

 On Fri, Jun 15, 2018 at 6:29 PM Madawa Soysa  wrote:

> Hi all,
>
> We are pleased to announce the third release candidate of WSO2
> Identity Server 5.6.0.
>
> This release fixes the following issues
>
>- 5.6.0-RC Fixes
>
>- 5.6.0-Beta Fixes
>
>- 5.6.0-Alpha2 Fixes
>
>- 5.6.0-Alpha Fixes
>
>- 5.6.0-M7 Fixes
>
>- 5.6.0-M6 Fixes
>
>- 5.6.0-M5 Fixes
>
>- 5.6.0-M4 Fixes
>
>- 5.6.0-M3 Fixes
>
>- 5.6.0-M2 Fixes
>
>- 5.6.0-M1 Fixes
>
>
> Source and distribution,
> Runtime -
> https://github.com/wso2/product-is/releases/tag/v5.6.0-rc3
> Analytics -
> https://github.com/wso2/analytics-is/releases/v5.6.0-rc3
>
> Please download, test the product and vote.
>
> [+] Stable - go ahead and release
> [-] Broken - do not release (explain why)
>
> Thanks,
> WSO2 Identity and Access Management Team
> --
>
> Madawa Soysa / Senior Software Engineer
> mada...@wso2.com / +94714616050
>
> *WSO2 Inc.*
> lean.enterprise.middleware
>
>   

Re: [Dev] [VOTE] Release of WSO2 Identity Server 5.6.0 RC3

[Senthalan Kanagalingam]

Hi all,

I have tested the following,

Create service provider and tested oAuth flow with playground.
multi-authentication with facebook.
Configure TOTP Authenticator.

No blocking issues found.

[+] Stable - Go ahead and release

thanks,

On Tue, Jun 19, 2018 at 1:44 PM Sathya Bandara  wrote:

> Hi all,
>
> I've tested following scenarios on the IS 5.6.0-RC3 pack.
>
> User management (add/update/remove users).
> User management in secondary userstores (Read-Write LDAP).
> Consent Management in SAML SSO.
> SAML to SAML federation.
> Creating workflows definitions for primary userstore users.
> Engaging/Disabling workflows on user-store operations.
> Enable role based authorization using XACML for service providers.
> Tenant creation/update/disabling.
>
> No blocking issues are found.
>
> [+] Stable - go ahead and release.
>
> Thanks,
> Sathya
>
>
> On Tue, Jun 19, 2018 at 12:26 PM, Vihanga Liyanage 
> wrote:
>
>> Hi all,
>>
>> I've tested following scenarios on the IS 5.6.0-RC3 pack with default
>> database setup.
>>
>>- Enable user self-registration and self-register a new user.
>>- Add multiple consent purposes with multiple PII categories.
>>- Login to dashboard and see whether we can see the default consent
>>and above added PII categories.
>>- Confirm claims are getting filtered based on consents.
>>- Configure a service provider with OpenID Connect and acquire access
>>tokens via Authorization Code, Implicit, Client Credential and Password
>>grant types.
>>- Enable ID token encryption for the service provider and test the
>>flow with decryption for all grant types.
>>- Delete the self-signed up user, create another user with the exact
>>same username, log in to the dashboard and see what are the consents
>>shown.
>>- Revoke consents of the user via the dashboard and try accessing the
>>SP to verify the consents are asked again.
>>- Delete the SP, login to the dashboard and see whether the consents
>>are deleted for that SP.
>>
>> No blocking issues are found.
>>
>> [+] Stable - go ahead and release.
>>
>> Thanks,
>> Vihanga.
>>
>> On Fri, Jun 15, 2018 at 6:29 PM Madawa Soysa  wrote:
>>
>>> Hi all,
>>>
>>> We are pleased to announce the third release candidate of WSO2 Identity
>>> Server 5.6.0.
>>>
>>> This release fixes the following issues
>>>
>>>- 5.6.0-RC Fixes
>>>
>>>- 5.6.0-Beta Fixes
>>>
>>>- 5.6.0-Alpha2 Fixes
>>>
>>>- 5.6.0-Alpha Fixes
>>>
>>>- 5.6.0-M7 Fixes
>>>
>>>- 5.6.0-M6 Fixes
>>>
>>>- 5.6.0-M5 Fixes
>>>
>>>- 5.6.0-M4 Fixes
>>>
>>>- 5.6.0-M3 Fixes
>>>
>>>- 5.6.0-M2 Fixes
>>>
>>>- 5.6.0-M1 Fixes
>>>
>>>
>>> Source and distribution,
>>> Runtime -
>>> https://github.com/wso2/product-is/releases/tag/v5.6.0-rc3
>>> Analytics - https://github.com/wso2/analytics-is/releases/v5.6.0-rc3
>>>
>>> Please download, test the product and vote.
>>>
>>> [+] Stable - go ahead and release
>>> [-] Broken - do not release (explain why)
>>>
>>> Thanks,
>>> WSO2 Identity and Access Management Team
>>> --
>>>
>>> Madawa Soysa / Senior Software Engineer
>>> mada...@wso2.com / +94714616050
>>>
>>> *WSO2 Inc.*
>>> lean.enterprise.middleware
>>>
>>>   
>>>
>>>
>>>
>>>
>>
>> --
>>
>> Vihanga Liyanage
>>
>> Software Engineer | WS*O₂* Inc.
>>
>> M : +*94710124103* | http://wso2.com
>>
>> [image: http://wso2.com/signature] 
>>
>> ___
>> Dev mailing list
>> Dev@wso2.org
>> http://wso2.org/cgi-bin/mailman/listinfo/dev
>>
>>
>
>
> --
> Sathya Bandara
> Software Engineer
> WSO2 Inc. http://wso2.com
> Mobile: (+94) 715 360 421 <+94%2071%20411%205032>
>
> <+94%2071%20411%205032>
> ___
> Dev mailing list
> Dev@wso2.org
> http://wso2.org/cgi-bin/mailman/listinfo/dev
>


-- 

*Senthalan Kanagalingam*
*Software Engineer - WSO2 Inc.*
*Mobile : +94 (0) 77 18 77 466*

___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] [Architecture] [VOTE] Release of WSO2 Identity Server 5.6.0 RC3

[Isura Karunaratne]

Hi,

Tested followed scenarios in super tenant, primary user store.


   - Account Locking
   - Self Registration with email confirmation.
   - Self-care portal operations.
   - Password reset through a notification.
   - Password reset through challenge questions.
   - Account Recovery.
   - Password History validation.
   - Password Pattern validation.

No blocking issues found.

[+] Stable - Go ahead and release

Thanks
Isura.

On Tue, Jun 19, 2018 at 2:46 PM Dewni Weeraman  wrote:

> Hi,
>
> Tested below scenarios on IS 5.6.0-RC3 pack,
>
>- Invoke the OAuth Introspection Endpoint.
>- OAuth token revocation.
>- Entitlement policy creation using write policy in xml and publishing.
>- Using REST APIs via XACML to manage entitlement.
>- Create, update, get, delete an OAuth app using Dynamic Client
>Registration endpoint.
>
>
> No blocking issues found.
>
> [+] Stable - Go ahead and release
>
> Thanks,
> Dewni
>
> On Tue, Jun 19, 2018 at 1:43 PM, Sathya Bandara  wrote:
>
>> Hi all,
>>
>> I've tested following scenarios on the IS 5.6.0-RC3 pack.
>>
>> User management (add/update/remove users).
>> User management in secondary userstores (Read-Write LDAP).
>> Consent Management in SAML SSO.
>> SAML to SAML federation.
>> Creating workflows definitions for primary userstore users.
>> Engaging/Disabling workflows on user-store operations.
>> Enable role based authorization using XACML for service providers.
>> Tenant creation/update/disabling.
>>
>> No blocking issues are found.
>>
>> [+] Stable - go ahead and release.
>>
>> Thanks,
>> Sathya
>>
>>
>> On Tue, Jun 19, 2018 at 12:26 PM, Vihanga Liyanage 
>> wrote:
>>
>>> Hi all,
>>>
>>> I've tested following scenarios on the IS 5.6.0-RC3 pack with default
>>> database setup.
>>>
>>>- Enable user self-registration and self-register a new user.
>>>- Add multiple consent purposes with multiple PII categories.
>>>- Login to dashboard and see whether we can see the default consent
>>>and above added PII categories.
>>>- Confirm claims are getting filtered based on consents.
>>>- Configure a service provider with OpenID Connect and acquire
>>>access tokens via Authorization Code, Implicit, Client Credential and
>>>Password grant types.
>>>- Enable ID token encryption for the service provider and test the
>>>flow with decryption for all grant types.
>>>- Delete the self-signed up user, create another user with the exact
>>>same username, log in to the dashboard and see what are the consents
>>>shown.
>>>- Revoke consents of the user via the dashboard and try accessing
>>>the SP to verify the consents are asked again.
>>>- Delete the SP, login to the dashboard and see whether the consents
>>>are deleted for that SP.
>>>
>>> No blocking issues are found.
>>>
>>> [+] Stable - go ahead and release.
>>>
>>> Thanks,
>>> Vihanga.
>>>
>>> On Fri, Jun 15, 2018 at 6:29 PM Madawa Soysa  wrote:
>>>
 Hi all,

 We are pleased to announce the third release candidate of WSO2 Identity
 Server 5.6.0.

 This release fixes the following issues

- 5.6.0-RC Fixes

- 5.6.0-Beta Fixes

- 5.6.0-Alpha2 Fixes

- 5.6.0-Alpha Fixes

- 5.6.0-M7 Fixes

- 5.6.0-M6 Fixes

- 5.6.0-M5 Fixes

- 5.6.0-M4 Fixes

- 5.6.0-M3 Fixes

- 5.6.0-M2 Fixes

- 5.6.0-M1 Fixes


 Source and distribution,
 Runtime -
 https://github.com/wso2/product-is/releases/tag/v5.6.0-rc3
 Analytics -
 https://github.com/wso2/analytics-is/releases/v5.6.0-rc3

 Please download, test the product and vote.

 [+] Stable - go ahead and release
 [-] Broken - do not release (explain why)

 Thanks,
 WSO2 Identity and Access Management Team
 --

 Madawa Soysa / Senior Software Engineer
 mada...@wso2.com / +94714616050

 *WSO2 Inc.*
 lean.enterprise.middleware

   




>>>
>>> --
>>>
>>> Vihanga Liyanage
>>>
>>> Software Engineer | WS*O₂* Inc.
>>>
>>> M : +*94710124103* | http://wso2.com
>>>
>>> [image: http://wso2.com/signature] 
>>>
>>> 

Re: [Dev] [Architecture] [VOTE] Release of WSO2 Identity Server 5.6.0 RC3

[Hasanthi Purnima Dissanayake]

Hi,

Tested below scenarios on IS 5.6.0-RC3 pack,

- Register a service provider
- Obtain an access token using JWT grant type
- Invoke user info endpoint using the token.

No blocking issues found.

[+] Stable - Go ahead and release

Thanks,
Hasanthi

On Tue, Jun 19, 2018 at 2:44 PM, Dewni Weeraman  wrote:

> Hi,
>
> Tested below scenarios on IS 5.6.0-RC3 pack,
>
>- Invoke the OAuth Introspection Endpoint.
>- OAuth token revocation.
>- Entitlement policy creation using write policy in xml and publishing.
>- Using REST APIs via XACML to manage entitlement.
>- Create, update, get, delete an OAuth app using Dynamic Client
>Registration endpoint.
>
>
> No blocking issues found.
>
> [+] Stable - Go ahead and release
>
> Thanks,
> Dewni
>
> On Tue, Jun 19, 2018 at 1:43 PM, Sathya Bandara  wrote:
>
>> Hi all,
>>
>> I've tested following scenarios on the IS 5.6.0-RC3 pack.
>>
>> User management (add/update/remove users).
>> User management in secondary userstores (Read-Write LDAP).
>> Consent Management in SAML SSO.
>> SAML to SAML federation.
>> Creating workflows definitions for primary userstore users.
>> Engaging/Disabling workflows on user-store operations.
>> Enable role based authorization using XACML for service providers.
>> Tenant creation/update/disabling.
>>
>> No blocking issues are found.
>>
>> [+] Stable - go ahead and release.
>>
>> Thanks,
>> Sathya
>>
>>
>> On Tue, Jun 19, 2018 at 12:26 PM, Vihanga Liyanage 
>> wrote:
>>
>>> Hi all,
>>>
>>> I've tested following scenarios on the IS 5.6.0-RC3 pack with default
>>> database setup.
>>>
>>>- Enable user self-registration and self-register a new user.
>>>- Add multiple consent purposes with multiple PII categories.
>>>- Login to dashboard and see whether we can see the default consent
>>>and above added PII categories.
>>>- Confirm claims are getting filtered based on consents.
>>>- Configure a service provider with OpenID Connect and acquire
>>>access tokens via Authorization Code, Implicit, Client Credential and
>>>Password grant types.
>>>- Enable ID token encryption for the service provider and test the
>>>flow with decryption for all grant types.
>>>- Delete the self-signed up user, create another user with the exact
>>>same username, log in to the dashboard and see what are the consents
>>>shown.
>>>- Revoke consents of the user via the dashboard and try accessing
>>>the SP to verify the consents are asked again.
>>>- Delete the SP, login to the dashboard and see whether the consents
>>>are deleted for that SP.
>>>
>>> No blocking issues are found.
>>>
>>> [+] Stable - go ahead and release.
>>>
>>> Thanks,
>>> Vihanga.
>>>
>>> On Fri, Jun 15, 2018 at 6:29 PM Madawa Soysa  wrote:
>>>
 Hi all,

 We are pleased to announce the third release candidate of WSO2 Identity
 Server 5.6.0.

 This release fixes the following issues

- 5.6.0-RC Fixes

- 5.6.0-Beta Fixes

- 5.6.0-Alpha2 Fixes

- 5.6.0-Alpha Fixes

- 5.6.0-M7 Fixes

- 5.6.0-M6 Fixes

- 5.6.0-M5 Fixes

- 5.6.0-M4 Fixes

- 5.6.0-M3 Fixes

- 5.6.0-M2 Fixes

- 5.6.0-M1 Fixes


 Source and distribution,
 Runtime -  https://github.com/wso2/pro
 duct-is/releases/tag/v5.6.0-rc3
 Analytics - https://github.com/wso2/anal
 ytics-is/releases/v5.6.0-rc3

 Please download, test the product and vote.

 [+] Stable - go ahead and release
 [-] Broken - do not release (explain why)

 Thanks,
 WSO2 Identity and Access Management Team
 --

 Madawa Soysa / Senior Software Engineer
 mada...@wso2.com / +94714616050

 *WSO2 Inc.*
 lean.enterprise.middleware

   




>>>
>>> --
>>>
>>> Vihanga Liyanage
>>>
>>> Software Engineer | WS*O₂* Inc.
>>>
>>> M : +*94710124103* | http://wso2.com
>>>
>>> [image: http://wso2.com/signature] 
>>>
>>> ___
>>> Dev mailing list
>>> Dev@wso2.org
>>> http://wso2.org/cgi-bin/mailman/listinfo/dev
>>>
>>>
>>
>>
>> --
>> Sathya Bandara
>> Software 

Re: [Dev] Micro Gateway CLI - Hashing Resources (APIs/Policies) for change detection

[Nuwan Dias]

When we do WUM updates to the distribution (Microgateway Toolkit), we may
have to force build the runtime even if there aren't changes to the API and
Policy definitions. In that case we may need a flag to force build.

On Tue, Jun 19, 2018 at 2:41 PM, Isuru Haththotuwa  wrote:

> +1 for this approach.
>
> On Tue, Jun 19, 2018 at 1:47 PM, Malintha Amarasinghe 
> wrote:
>
>> + IsuruH
>>
>> On Tue, Jun 19, 2018 at 12:41 PM, Malintha Amarasinghe <
>> malint...@wso2.com> wrote:
>>
>>> List of fields planned to be added as of now; kindly let me know if any
>>> field is missing.
>>>
>>> *API*
>>> name
>>> context
>>> version
>>> apiDefinition
>>> responseCaching
>>> isDefaultVersion
>>> type - (http vs ws)
>>> transport - (http/https)
>>> endpointConfig
>>> endpointSecurity
>>> corsConfiguration
>>> authorizationHeader
>>>
>>>
>>> *SubscriptionThrottlePolicy*
>>> policyName
>>> defaultLimit (throttling limits)
>>> stopOnQuotaReach
>>>
>>> *ApplicationThrottlePolicy*
>>> policyName
>>> defaultLimit (throttling limits)
>>>
>>>
>>> Thanks!
>>> Malintha
>>>
>>> On Tue, Jun 19, 2018 at 12:00 PM, Harsha Kumara 
>>> wrote:
>>>


 On Tue, Jun 19, 2018 at 11:45 AM Malintha Amarasinghe <
 malint...@wso2.com> wrote:

> Hi,
>
> Micro gateway CLI works completely separately to API manager; whenever
> a new API is added for a label, whenever there is a change happens to an
> existing label there won't be any events published etc like previously. 
> The
> CLI needs to regenerate the source build it and push the artifacts to the
> deployment and the full process needs to complete. In most occasions, the
> CLI can be configured to run periodically to generate sources and do above
> job.
>
> But in this case, most of the time, the CLI will be uselessly
> generating sources building it and pushing the artifacts to deployment.
> Comparatively, building and pushing artifacts to deployment have a huge
> overhead compared to generating sources.
>
> This effort is to avoid that as much as possible by change-detection;
> i.e.
>
> 1. The CLI will check if any of the required resources has changed vs
> the previous build and notify the user after a successful "setup" (source
> generate) command using the command line output and the exit code of the
> command.
> 2. Using the exit code, a user can write a shell script etc to decide
> whether he should proceed with "build" or not.
>
>
> *Proposed implementation:*
>
> API Publisher APIs does not have ETag feature. Even if it is there,
> the ETag will be generated for the whole resource. For code generation, we
> will be only using few attributes of the resource, hence using a global
> ETag for a resource may lead to unnecessary changes for the ETag. Hence 
> the
> proposed implementation will be using a CLI-side hash generation for *used
> attributes *of the resource (API/Policies) only.
>
> To mark the attributes which are used for generating the code, a newly
> introduced annotation "@Hash" can be used.
>
> Ex:
>
> public class APIDetailedDTO extends APIInfoDTO {
>
> /**
>  * Swagger definition of the APIDetailedDTO which contains details 
> about URI templates and scopes\n
>  **/
> *@Hash*
> @JsonProperty("apiDefinition")
> public String getApiDefinition() {
> return apiDefinition;
> }
>
> public void setApiDefinition(String apiDefinition) {
> this.apiDefinition = apiDefinition;
> }
>
>
> /**
>  * WSDL URL if the APIDetailedDTO is based on a WSDL endpoint\n
>  **/
> @JsonProperty("wsdlUri")
> public String getWsdlUri() {
> return wsdlUri;
> }
>
> public void setWsdlUri(String wsdlUri) {
> this.wsdlUri = wsdlUri;
> }
>
> *@Hash*
> @JsonProperty("responseCaching")
> public String getResponseCaching() {
> return responseCaching;
> }
>
>
>
> The methods marked with *@Hash* will be automatically extracted from
> the code and will be used to generate the hashes for each resource.
>
> The generated hashes will be stored inside the CLI's temp folder
> against each resources' UUID, which will be used to compare the hash
> changes between next runs.
>
 What are the fields which we have added to the hash?

>
>
> Highly appreciate your ideas on this.
>
> Thanks!
> Malintha
>
>
> --
> Malintha Amarasinghe
> *WSO2, Inc. - lean | enterprise | middleware*
> http://wso2.com/
>
> Mobile : +94 712383306
>


 --
 Harsha Kumara
 Associate Technical Lead, WSO2 Inc.
 Mobile: +94775505618
 Blog:harshcreationz.blogspot.com

>>>
>>>
>>>

Re: [Dev] [Architecture] [VOTE] Release of WSO2 API Manager 2.5.0 RC3

[Chamin Dias]

Hi,

We are closing the vote due to the above issue. We will fix the issue and
release another release candidate as soon as possible.

Thanks.

On Tue, Jun 19, 2018 at 2:03 PM, Thilini Shanika  wrote:

> Hi All,
>
> Found [1] while testing the distributed deployment of APIM. Hence -1 for
> RC3.
>
> [1] https://github.com/wso2/product-apim/issues/3459
>
>
>
>
>
> On Tue, Jun 19, 2018 at 11:11 AM, Dinusha Dissanayake 
> wrote:
>
>> Hi all,
>>
>> Tested the following.
>>
>> Different user creations. ( admin, publisher and subscriber)
>> Created APIS.
>> Published APIs.
>> Subscribed and token generation.
>> Stat viewing in publisher and store with analytics enabled.
>> Alert generation for API tier usage crossing and abnormal resource
>> pattern detection.
>>
>> [+] Stable -go ahead and release
>>
>>
>>
>>
>>
>> On Tue, Jun 19, 2018 at 11:06 AM, Prasanna Dangalla 
>> wrote:
>>
>>> Hi All,
>>>
>>> I tested the following scenarios to super tenant and tenant.
>>>
>>>- New API creation
>>>- New Application Creation with ouath and JWT
>>>- Custom subscription Policy creation
>>>- Generating OAuth token
>>>- Generating JWT
>>>- Invoking API using OAuth token.
>>>- Blocking the API from invoking JTI in JWT
>>>- Invoke the API using JTI as access token when the application type
>>>is changed from JWT to OAuth.
>>>- Application creation for JWT and OAuth
>>>
>>>
>>> [+]Stable - go ahead and release
>>>
>>> Thanks
>>>
>>> *Prasanna Dangalla*
>>> Senior Software Engineer, WSO2, Inc.; http://wso2.com/
>>> lean.enterprise.middleware
>>>
>>>
>>> *cell: +94 718 11 27 51*
>>> *twitter: @prasa77*
>>>
>>>
>>> On Tue, Jun 19, 2018 at 10:09 AM Vithursa Mahendrarajah <
>>> vithu...@wso2.com> wrote:
>>>
 Hi,

 I have tested following and no issues found.

- Application creation, update and key generation using REST API
- Application Attributes (Server specific and tenant specific)
- Creating and Publishing API
- Application creation & subscription

 [+] Stable - go ahead and release

 Thanks,

 On Tue, Jun 19, 2018 at 9:47 AM, Chamin Dias  wrote:

> Hi,
>
> Tested following (for both super tenat and tenat) and no issues found.
>
> Enviornment : Mac OS, Safari web browser
> a) Label creation/update
> b) Attaching/removing labels to/from APIs
> c) Displaying label information in Publisher and Store
>
> [+] Stable - go ahead and release
>
> Thanks.
>
> On Tue, Jun 19, 2018 at 6:11 AM, Chamalee De Silva 
> wrote:
>
>> Hi,
>> I have tested following and no issues found.
>>
>> 1. Basic API flow
>> - API creation, publishing, invocation etc.
>> 2. Creating users and roles, and user permissions.
>>
>> 3. Single Sign On with WSO2 Idnetity Server (WSO2 IS 5.6.0 RC3)
>>  - SP init and IDP init SSO
>>  - Assertion Encryption
>>  - Single logout on/off
>>  -  SAML request singning in store and publisher.
>>
>> 4. Installing SCIM identity feature in API Manager 2.5.0
>>
>> 5. API Properties
>>
>> 6. SDK generation feature
>>
>>
>> [+]Stable - go ahead and release
>>
>>
>> Thanks,
>> Chamalee
>>
>>
>>
>> On Tue, Jun 19, 2018 at 12:07 AM, Chamin Dias 
>> wrote:
>>
>>> Hi all,
>>>
>>> We are pleased to announce the third release candidate of WSO2 API
>>> Manager 2.5.0.
>>>
>>> This release fixes the following issues.
>>> Fixes : carbon-apimgt
>>> 
>>> Fixes : product-apim
>>> 
>>> Fixes : analytics-apim
>>> 
>>>
>>> Source and distribution,
>>> Runtime : https://github.com/wso2/produc
>>> t-apim/releases/tag/v2.5.0-rc3
>>> Analytics : https://github.com/wso2/analyt
>>> ics-apim/releases/tag/v2.5.0-rc1
>>>
>>> Please download, test the product and vote.
>>>
>>> [+] Stable - go ahead and release
>>> [-] Broken - do not release (explain why)
>>>
>>> Note : We can still use APIM-Analytics 2.5.0-rc1 for analytics (no
>>> issues reported so far).
>>>
>>> Thanks,
>>> WSO2 API Manager Team
>>>
>>> --
>>> Chamin Dias
>>> Mobile : 0716097455
>>> Email : cham...@wso2.com
>>> LinkedIn : https://www.linkedin.com/in/chamindias
>>>
>>>
>>> ___
>>> Dev mailing list
>>> Dev@wso2.org
>>> http://wso2.org/cgi-bin/mailman/listinfo/dev
>>>
>>>
>>
>>
>> 

Re: [Dev] [VOTE] Release of WSO2 Identity Server 5.6.0 RC3

[Dewni Weeraman]

Hi,

Tested below scenarios on IS 5.6.0-RC3 pack,

   - Invoke the OAuth Introspection Endpoint.
   - OAuth token revocation.
   - Entitlement policy creation using write policy in xml and publishing.
   - Using REST APIs via XACML to manage entitlement.
   - Create, update, get, delete an OAuth app using Dynamic Client
   Registration endpoint.


No blocking issues found.

[+] Stable - Go ahead and release

Thanks,
Dewni

On Tue, Jun 19, 2018 at 1:43 PM, Sathya Bandara  wrote:

> Hi all,
>
> I've tested following scenarios on the IS 5.6.0-RC3 pack.
>
> User management (add/update/remove users).
> User management in secondary userstores (Read-Write LDAP).
> Consent Management in SAML SSO.
> SAML to SAML federation.
> Creating workflows definitions for primary userstore users.
> Engaging/Disabling workflows on user-store operations.
> Enable role based authorization using XACML for service providers.
> Tenant creation/update/disabling.
>
> No blocking issues are found.
>
> [+] Stable - go ahead and release.
>
> Thanks,
> Sathya
>
>
> On Tue, Jun 19, 2018 at 12:26 PM, Vihanga Liyanage 
> wrote:
>
>> Hi all,
>>
>> I've tested following scenarios on the IS 5.6.0-RC3 pack with default
>> database setup.
>>
>>- Enable user self-registration and self-register a new user.
>>- Add multiple consent purposes with multiple PII categories.
>>- Login to dashboard and see whether we can see the default consent
>>and above added PII categories.
>>- Confirm claims are getting filtered based on consents.
>>- Configure a service provider with OpenID Connect and acquire access
>>tokens via Authorization Code, Implicit, Client Credential and Password
>>grant types.
>>- Enable ID token encryption for the service provider and test the
>>flow with decryption for all grant types.
>>- Delete the self-signed up user, create another user with the exact
>>same username, log in to the dashboard and see what are the consents
>>shown.
>>- Revoke consents of the user via the dashboard and try accessing the
>>SP to verify the consents are asked again.
>>- Delete the SP, login to the dashboard and see whether the consents
>>are deleted for that SP.
>>
>> No blocking issues are found.
>>
>> [+] Stable - go ahead and release.
>>
>> Thanks,
>> Vihanga.
>>
>> On Fri, Jun 15, 2018 at 6:29 PM Madawa Soysa  wrote:
>>
>>> Hi all,
>>>
>>> We are pleased to announce the third release candidate of WSO2 Identity
>>> Server 5.6.0.
>>>
>>> This release fixes the following issues
>>>
>>>- 5.6.0-RC Fixes
>>>
>>>- 5.6.0-Beta Fixes
>>>
>>>- 5.6.0-Alpha2 Fixes
>>>
>>>- 5.6.0-Alpha Fixes
>>>
>>>- 5.6.0-M7 Fixes
>>>
>>>- 5.6.0-M6 Fixes
>>>
>>>- 5.6.0-M5 Fixes
>>>
>>>- 5.6.0-M4 Fixes
>>>
>>>- 5.6.0-M3 Fixes
>>>
>>>- 5.6.0-M2 Fixes
>>>
>>>- 5.6.0-M1 Fixes
>>>
>>>
>>> Source and distribution,
>>> Runtime -  https://github.com/wso2/product-is/releases/tag/v5.6.0-
>>> rc3
>>> Analytics - https://github.com/wso2/analytics-is/releases/v5.6.0-rc3
>>>
>>> Please download, test the product and vote.
>>>
>>> [+] Stable - go ahead and release
>>> [-] Broken - do not release (explain why)
>>>
>>> Thanks,
>>> WSO2 Identity and Access Management Team
>>> --
>>>
>>> Madawa Soysa / Senior Software Engineer
>>> mada...@wso2.com / +94714616050
>>>
>>> *WSO2 Inc.*
>>> lean.enterprise.middleware
>>>
>>>   
>>>
>>>
>>>
>>>
>>
>> --
>>
>> Vihanga Liyanage
>>
>> Software Engineer | WS*O₂* Inc.
>>
>> M : +*94710124103* | http://wso2.com
>>
>> [image: http://wso2.com/signature] 
>>
>> ___
>> Dev mailing list
>> Dev@wso2.org
>> http://wso2.org/cgi-bin/mailman/listinfo/dev
>>
>>
>
>
> --
> Sathya Bandara
> Software Engineer
> WSO2 Inc. http://wso2.com
> Mobile: (+94) 715 360 421 <+94%2071%20411%205032>
>
> <+94%2071%20411%205032>
>
> ___
> Dev mailing list
> Dev@wso2.org
> http://wso2.org/cgi-bin/mailman/listinfo/dev
>
>


-- 
*Dewni Weeraman*
Trainee Software Engineer | WSO2

Email: de...@wso2.com
Mobile: +94772979049
Web: http://wso2.com/
___
Dev mailing list
Dev@wso2.org

Re: [Dev] Micro Gateway CLI - Hashing Resources (APIs/Policies) for change detection

[Isuru Haththotuwa]

+1 for this approach.

On Tue, Jun 19, 2018 at 1:47 PM, Malintha Amarasinghe 
wrote:

> + IsuruH
>
> On Tue, Jun 19, 2018 at 12:41 PM, Malintha Amarasinghe  > wrote:
>
>> List of fields planned to be added as of now; kindly let me know if any
>> field is missing.
>>
>> *API*
>> name
>> context
>> version
>> apiDefinition
>> responseCaching
>> isDefaultVersion
>> type - (http vs ws)
>> transport - (http/https)
>> endpointConfig
>> endpointSecurity
>> corsConfiguration
>> authorizationHeader
>>
>>
>> *SubscriptionThrottlePolicy*
>> policyName
>> defaultLimit (throttling limits)
>> stopOnQuotaReach
>>
>> *ApplicationThrottlePolicy*
>> policyName
>> defaultLimit (throttling limits)
>>
>>
>> Thanks!
>> Malintha
>>
>> On Tue, Jun 19, 2018 at 12:00 PM, Harsha Kumara  wrote:
>>
>>>
>>>
>>> On Tue, Jun 19, 2018 at 11:45 AM Malintha Amarasinghe <
>>> malint...@wso2.com> wrote:
>>>
 Hi,

 Micro gateway CLI works completely separately to API manager; whenever
 a new API is added for a label, whenever there is a change happens to an
 existing label there won't be any events published etc like previously. The
 CLI needs to regenerate the source build it and push the artifacts to the
 deployment and the full process needs to complete. In most occasions, the
 CLI can be configured to run periodically to generate sources and do above
 job.

 But in this case, most of the time, the CLI will be uselessly
 generating sources building it and pushing the artifacts to deployment.
 Comparatively, building and pushing artifacts to deployment have a huge
 overhead compared to generating sources.

 This effort is to avoid that as much as possible by change-detection;
 i.e.

 1. The CLI will check if any of the required resources has changed vs
 the previous build and notify the user after a successful "setup" (source
 generate) command using the command line output and the exit code of the
 command.
 2. Using the exit code, a user can write a shell script etc to decide
 whether he should proceed with "build" or not.


 *Proposed implementation:*

 API Publisher APIs does not have ETag feature. Even if it is there, the
 ETag will be generated for the whole resource. For code generation, we will
 be only using few attributes of the resource, hence using a global ETag for
 a resource may lead to unnecessary changes for the ETag. Hence the proposed
 implementation will be using a CLI-side hash generation for *used
 attributes *of the resource (API/Policies) only.

 To mark the attributes which are used for generating the code, a newly
 introduced annotation "@Hash" can be used.

 Ex:

 public class APIDetailedDTO extends APIInfoDTO {

 /**
  * Swagger definition of the APIDetailedDTO which contains details 
 about URI templates and scopes\n
  **/
 *@Hash*
 @JsonProperty("apiDefinition")
 public String getApiDefinition() {
 return apiDefinition;
 }

 public void setApiDefinition(String apiDefinition) {
 this.apiDefinition = apiDefinition;
 }


 /**
  * WSDL URL if the APIDetailedDTO is based on a WSDL endpoint\n
  **/
 @JsonProperty("wsdlUri")
 public String getWsdlUri() {
 return wsdlUri;
 }

 public void setWsdlUri(String wsdlUri) {
 this.wsdlUri = wsdlUri;
 }

 *@Hash*
 @JsonProperty("responseCaching")
 public String getResponseCaching() {
 return responseCaching;
 }



 The methods marked with *@Hash* will be automatically extracted from
 the code and will be used to generate the hashes for each resource.

 The generated hashes will be stored inside the CLI's temp folder
 against each resources' UUID, which will be used to compare the hash
 changes between next runs.

>>> What are the fields which we have added to the hash?
>>>


 Highly appreciate your ideas on this.

 Thanks!
 Malintha


 --
 Malintha Amarasinghe
 *WSO2, Inc. - lean | enterprise | middleware*
 http://wso2.com/

 Mobile : +94 712383306

>>>
>>>
>>> --
>>> Harsha Kumara
>>> Associate Technical Lead, WSO2 Inc.
>>> Mobile: +94775505618
>>> Blog:harshcreationz.blogspot.com
>>>
>>
>>
>>
>> --
>> Malintha Amarasinghe
>> *WSO2, Inc. - lean | enterprise | middleware*
>> http://wso2.com/
>>
>> Mobile : +94 712383306
>>
>
>
>
> --
> Malintha Amarasinghe
> *WSO2, Inc. - lean | enterprise | middleware*
> http://wso2.com/
>
> Mobile : +94 712383306
>



-- 
Thanks and Regards,

Isuru H.
+94 716 358 048* *
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] [Architecture] [VOTE] Release of WSO2 API Manager 2.5.0 RC3

[Thilini Shanika]

Hi All,

Found [1] while testing the distributed deployment of APIM. Hence -1 for
RC3.

[1] https://github.com/wso2/product-apim/issues/3459





On Tue, Jun 19, 2018 at 11:11 AM, Dinusha Dissanayake 
wrote:

> Hi all,
>
> Tested the following.
>
> Different user creations. ( admin, publisher and subscriber)
> Created APIS.
> Published APIs.
> Subscribed and token generation.
> Stat viewing in publisher and store with analytics enabled.
> Alert generation for API tier usage crossing and abnormal resource pattern
> detection.
>
> [+] Stable -go ahead and release
>
>
>
>
>
> On Tue, Jun 19, 2018 at 11:06 AM, Prasanna Dangalla 
> wrote:
>
>> Hi All,
>>
>> I tested the following scenarios to super tenant and tenant.
>>
>>- New API creation
>>- New Application Creation with ouath and JWT
>>- Custom subscription Policy creation
>>- Generating OAuth token
>>- Generating JWT
>>- Invoking API using OAuth token.
>>- Blocking the API from invoking JTI in JWT
>>- Invoke the API using JTI as access token when the application type
>>is changed from JWT to OAuth.
>>- Application creation for JWT and OAuth
>>
>>
>> [+]Stable - go ahead and release
>>
>> Thanks
>>
>> *Prasanna Dangalla*
>> Senior Software Engineer, WSO2, Inc.; http://wso2.com/
>> lean.enterprise.middleware
>>
>>
>> *cell: +94 718 11 27 51*
>> *twitter: @prasa77*
>>
>>
>> On Tue, Jun 19, 2018 at 10:09 AM Vithursa Mahendrarajah <
>> vithu...@wso2.com> wrote:
>>
>>> Hi,
>>>
>>> I have tested following and no issues found.
>>>
>>>- Application creation, update and key generation using REST API
>>>- Application Attributes (Server specific and tenant specific)
>>>- Creating and Publishing API
>>>- Application creation & subscription
>>>
>>> [+] Stable - go ahead and release
>>>
>>> Thanks,
>>>
>>> On Tue, Jun 19, 2018 at 9:47 AM, Chamin Dias  wrote:
>>>
 Hi,

 Tested following (for both super tenat and tenat) and no issues found.

 Enviornment : Mac OS, Safari web browser
 a) Label creation/update
 b) Attaching/removing labels to/from APIs
 c) Displaying label information in Publisher and Store

 [+] Stable - go ahead and release

 Thanks.

 On Tue, Jun 19, 2018 at 6:11 AM, Chamalee De Silva 
 wrote:

> Hi,
> I have tested following and no issues found.
>
> 1. Basic API flow
> - API creation, publishing, invocation etc.
> 2. Creating users and roles, and user permissions.
>
> 3. Single Sign On with WSO2 Idnetity Server (WSO2 IS 5.6.0 RC3)
>  - SP init and IDP init SSO
>  - Assertion Encryption
>  - Single logout on/off
>  -  SAML request singning in store and publisher.
>
> 4. Installing SCIM identity feature in API Manager 2.5.0
>
> 5. API Properties
>
> 6. SDK generation feature
>
>
> [+]Stable - go ahead and release
>
>
> Thanks,
> Chamalee
>
>
>
> On Tue, Jun 19, 2018 at 12:07 AM, Chamin Dias 
> wrote:
>
>> Hi all,
>>
>> We are pleased to announce the third release candidate of WSO2 API
>> Manager 2.5.0.
>>
>> This release fixes the following issues.
>> Fixes : carbon-apimgt
>> 
>> Fixes : product-apim
>> 
>> Fixes : analytics-apim
>> 
>>
>> Source and distribution,
>> Runtime : https://github.com/wso2/produc
>> t-apim/releases/tag/v2.5.0-rc3
>> Analytics : https://github.com/wso2/analyt
>> ics-apim/releases/tag/v2.5.0-rc1
>>
>> Please download, test the product and vote.
>>
>> [+] Stable - go ahead and release
>> [-] Broken - do not release (explain why)
>>
>> Note : We can still use APIM-Analytics 2.5.0-rc1 for analytics (no
>> issues reported so far).
>>
>> Thanks,
>> WSO2 API Manager Team
>>
>> --
>> Chamin Dias
>> Mobile : 0716097455
>> Email : cham...@wso2.com
>> LinkedIn : https://www.linkedin.com/in/chamindias
>>
>>
>> ___
>> Dev mailing list
>> Dev@wso2.org
>> http://wso2.org/cgi-bin/mailman/listinfo/dev
>>
>>
>
>
> --
> Thanks & Regards,
>
> *Chamalee De Silva*
> Senior Software Engineer
> *WS**O2* Inc. :http://wso2.com/
>
> Office   :- *+94 11 2145345 <%2B94%2011%202145345>*
> mobile  :- *+94 7 <%2B94%2077%202782039>1 4315942*
>
>


 --
 Chamin Dias
 Mobile : 0716097455
 Email : cham...@wso2.com
 LinkedIn : 

Re: [Dev] Micro Gateway CLI - Hashing Resources (APIs/Policies) for change detection

[Malintha Amarasinghe]

+ IsuruH

On Tue, Jun 19, 2018 at 12:41 PM, Malintha Amarasinghe 
wrote:

> List of fields planned to be added as of now; kindly let me know if any
> field is missing.
>
> *API*
> name
> context
> version
> apiDefinition
> responseCaching
> isDefaultVersion
> type - (http vs ws)
> transport - (http/https)
> endpointConfig
> endpointSecurity
> corsConfiguration
> authorizationHeader
>
>
> *SubscriptionThrottlePolicy*
> policyName
> defaultLimit (throttling limits)
> stopOnQuotaReach
>
> *ApplicationThrottlePolicy*
> policyName
> defaultLimit (throttling limits)
>
>
> Thanks!
> Malintha
>
> On Tue, Jun 19, 2018 at 12:00 PM, Harsha Kumara  wrote:
>
>>
>>
>> On Tue, Jun 19, 2018 at 11:45 AM Malintha Amarasinghe 
>> wrote:
>>
>>> Hi,
>>>
>>> Micro gateway CLI works completely separately to API manager; whenever a
>>> new API is added for a label, whenever there is a change happens to an
>>> existing label there won't be any events published etc like previously. The
>>> CLI needs to regenerate the source build it and push the artifacts to the
>>> deployment and the full process needs to complete. In most occasions, the
>>> CLI can be configured to run periodically to generate sources and do above
>>> job.
>>>
>>> But in this case, most of the time, the CLI will be uselessly generating
>>> sources building it and pushing the artifacts to deployment. Comparatively,
>>> building and pushing artifacts to deployment have a huge overhead compared
>>> to generating sources.
>>>
>>> This effort is to avoid that as much as possible by change-detection;
>>> i.e.
>>>
>>> 1. The CLI will check if any of the required resources has changed vs
>>> the previous build and notify the user after a successful "setup" (source
>>> generate) command using the command line output and the exit code of the
>>> command.
>>> 2. Using the exit code, a user can write a shell script etc to decide
>>> whether he should proceed with "build" or not.
>>>
>>>
>>> *Proposed implementation:*
>>>
>>> API Publisher APIs does not have ETag feature. Even if it is there, the
>>> ETag will be generated for the whole resource. For code generation, we will
>>> be only using few attributes of the resource, hence using a global ETag for
>>> a resource may lead to unnecessary changes for the ETag. Hence the proposed
>>> implementation will be using a CLI-side hash generation for *used
>>> attributes *of the resource (API/Policies) only.
>>>
>>> To mark the attributes which are used for generating the code, a newly
>>> introduced annotation "@Hash" can be used.
>>>
>>> Ex:
>>>
>>> public class APIDetailedDTO extends APIInfoDTO {
>>>
>>> /**
>>>  * Swagger definition of the APIDetailedDTO which contains details 
>>> about URI templates and scopes\n
>>>  **/
>>> *@Hash*
>>> @JsonProperty("apiDefinition")
>>> public String getApiDefinition() {
>>> return apiDefinition;
>>> }
>>>
>>> public void setApiDefinition(String apiDefinition) {
>>> this.apiDefinition = apiDefinition;
>>> }
>>>
>>>
>>> /**
>>>  * WSDL URL if the APIDetailedDTO is based on a WSDL endpoint\n
>>>  **/
>>> @JsonProperty("wsdlUri")
>>> public String getWsdlUri() {
>>> return wsdlUri;
>>> }
>>>
>>> public void setWsdlUri(String wsdlUri) {
>>> this.wsdlUri = wsdlUri;
>>> }
>>>
>>> *@Hash*
>>> @JsonProperty("responseCaching")
>>> public String getResponseCaching() {
>>> return responseCaching;
>>> }
>>>
>>>
>>>
>>> The methods marked with *@Hash* will be automatically extracted from
>>> the code and will be used to generate the hashes for each resource.
>>>
>>> The generated hashes will be stored inside the CLI's temp folder against
>>> each resources' UUID, which will be used to compare the hash changes
>>> between next runs.
>>>
>> What are the fields which we have added to the hash?
>>
>>>
>>>
>>> Highly appreciate your ideas on this.
>>>
>>> Thanks!
>>> Malintha
>>>
>>>
>>> --
>>> Malintha Amarasinghe
>>> *WSO2, Inc. - lean | enterprise | middleware*
>>> http://wso2.com/
>>>
>>> Mobile : +94 712383306
>>>
>>
>>
>> --
>> Harsha Kumara
>> Associate Technical Lead, WSO2 Inc.
>> Mobile: +94775505618
>> Blog:harshcreationz.blogspot.com
>>
>
>
>
> --
> Malintha Amarasinghe
> *WSO2, Inc. - lean | enterprise | middleware*
> http://wso2.com/
>
> Mobile : +94 712383306
>



-- 
Malintha Amarasinghe
*WSO2, Inc. - lean | enterprise | middleware*
http://wso2.com/

Mobile : +94 712383306
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] [VOTE] Release of WSO2 Identity Server 5.6.0 RC3

[Sathya Bandara]

Hi all,

I've tested following scenarios on the IS 5.6.0-RC3 pack.

User management (add/update/remove users).
User management in secondary userstores (Read-Write LDAP).
Consent Management in SAML SSO.
SAML to SAML federation.
Creating workflows definitions for primary userstore users.
Engaging/Disabling workflows on user-store operations.
Enable role based authorization using XACML for service providers.
Tenant creation/update/disabling.

No blocking issues are found.

[+] Stable - go ahead and release.

Thanks,
Sathya


On Tue, Jun 19, 2018 at 12:26 PM, Vihanga Liyanage  wrote:

> Hi all,
>
> I've tested following scenarios on the IS 5.6.0-RC3 pack with default
> database setup.
>
>- Enable user self-registration and self-register a new user.
>- Add multiple consent purposes with multiple PII categories.
>- Login to dashboard and see whether we can see the default consent
>and above added PII categories.
>- Confirm claims are getting filtered based on consents.
>- Configure a service provider with OpenID Connect and acquire access
>tokens via Authorization Code, Implicit, Client Credential and Password
>grant types.
>- Enable ID token encryption for the service provider and test the
>flow with decryption for all grant types.
>- Delete the self-signed up user, create another user with the exact
>same username, log in to the dashboard and see what are the consents
>shown.
>- Revoke consents of the user via the dashboard and try accessing the
>SP to verify the consents are asked again.
>- Delete the SP, login to the dashboard and see whether the consents
>are deleted for that SP.
>
> No blocking issues are found.
>
> [+] Stable - go ahead and release.
>
> Thanks,
> Vihanga.
>
> On Fri, Jun 15, 2018 at 6:29 PM Madawa Soysa  wrote:
>
>> Hi all,
>>
>> We are pleased to announce the third release candidate of WSO2 Identity
>> Server 5.6.0.
>>
>> This release fixes the following issues
>>
>>- 5.6.0-RC Fixes
>>
>>- 5.6.0-Beta Fixes
>>
>>- 5.6.0-Alpha2 Fixes
>>
>>- 5.6.0-Alpha Fixes
>>
>>- 5.6.0-M7 Fixes
>>
>>- 5.6.0-M6 Fixes
>>
>>- 5.6.0-M5 Fixes
>>
>>- 5.6.0-M4 Fixes
>>
>>- 5.6.0-M3 Fixes
>>
>>- 5.6.0-M2 Fixes
>>
>>- 5.6.0-M1 Fixes
>>
>>
>> Source and distribution,
>> Runtime -  https://github.com/wso2/product-is/releases/tag/v5.6.0-rc3
>> Analytics - https://github.com/wso2/analytics-is/releases/v5.6.0-rc3
>>
>> Please download, test the product and vote.
>>
>> [+] Stable - go ahead and release
>> [-] Broken - do not release (explain why)
>>
>> Thanks,
>> WSO2 Identity and Access Management Team
>> --
>>
>> Madawa Soysa / Senior Software Engineer
>> mada...@wso2.com / +94714616050
>>
>> *WSO2 Inc.*
>> lean.enterprise.middleware
>>
>>   
>>
>>
>>
>>
>
> --
>
> Vihanga Liyanage
>
> Software Engineer | WS*O₂* Inc.
>
> M : +*94710124103* | http://wso2.com
>
> [image: http://wso2.com/signature] 
>
> ___
> Dev mailing list
> Dev@wso2.org
> http://wso2.org/cgi-bin/mailman/listinfo/dev
>
>


-- 
Sathya Bandara
Software Engineer
WSO2 Inc. http://wso2.com
Mobile: (+94) 715 360 421 <+94%2071%20411%205032>

<+94%2071%20411%205032>
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] Micro Gateway CLI - Hashing Resources (APIs/Policies) for change detection

[Malintha Amarasinghe]

List of fields planned to be added as of now; kindly let me know if any
field is missing.

*API*
name
context
version
apiDefinition
responseCaching
isDefaultVersion
type - (http vs ws)
transport - (http/https)
endpointConfig
endpointSecurity
corsConfiguration
authorizationHeader


*SubscriptionThrottlePolicy*
policyName
defaultLimit (throttling limits)
stopOnQuotaReach

*ApplicationThrottlePolicy*
policyName
defaultLimit (throttling limits)


Thanks!
Malintha

On Tue, Jun 19, 2018 at 12:00 PM, Harsha Kumara  wrote:

>
>
> On Tue, Jun 19, 2018 at 11:45 AM Malintha Amarasinghe 
> wrote:
>
>> Hi,
>>
>> Micro gateway CLI works completely separately to API manager; whenever a
>> new API is added for a label, whenever there is a change happens to an
>> existing label there won't be any events published etc like previously. The
>> CLI needs to regenerate the source build it and push the artifacts to the
>> deployment and the full process needs to complete. In most occasions, the
>> CLI can be configured to run periodically to generate sources and do above
>> job.
>>
>> But in this case, most of the time, the CLI will be uselessly generating
>> sources building it and pushing the artifacts to deployment. Comparatively,
>> building and pushing artifacts to deployment have a huge overhead compared
>> to generating sources.
>>
>> This effort is to avoid that as much as possible by change-detection;
>> i.e.
>>
>> 1. The CLI will check if any of the required resources has changed vs the
>> previous build and notify the user after a successful "setup" (source
>> generate) command using the command line output and the exit code of the
>> command.
>> 2. Using the exit code, a user can write a shell script etc to decide
>> whether he should proceed with "build" or not.
>>
>>
>> *Proposed implementation:*
>>
>> API Publisher APIs does not have ETag feature. Even if it is there, the
>> ETag will be generated for the whole resource. For code generation, we will
>> be only using few attributes of the resource, hence using a global ETag for
>> a resource may lead to unnecessary changes for the ETag. Hence the proposed
>> implementation will be using a CLI-side hash generation for *used
>> attributes *of the resource (API/Policies) only.
>>
>> To mark the attributes which are used for generating the code, a newly
>> introduced annotation "@Hash" can be used.
>>
>> Ex:
>>
>> public class APIDetailedDTO extends APIInfoDTO {
>>
>> /**
>>  * Swagger definition of the APIDetailedDTO which contains details about 
>> URI templates and scopes\n
>>  **/
>> *@Hash*
>> @JsonProperty("apiDefinition")
>> public String getApiDefinition() {
>> return apiDefinition;
>> }
>>
>> public void setApiDefinition(String apiDefinition) {
>> this.apiDefinition = apiDefinition;
>> }
>>
>>
>> /**
>>  * WSDL URL if the APIDetailedDTO is based on a WSDL endpoint\n
>>  **/
>> @JsonProperty("wsdlUri")
>> public String getWsdlUri() {
>> return wsdlUri;
>> }
>>
>> public void setWsdlUri(String wsdlUri) {
>> this.wsdlUri = wsdlUri;
>> }
>>
>> *@Hash*
>> @JsonProperty("responseCaching")
>> public String getResponseCaching() {
>> return responseCaching;
>> }
>>
>>
>>
>> The methods marked with *@Hash* will be automatically extracted from the
>> code and will be used to generate the hashes for each resource.
>>
>> The generated hashes will be stored inside the CLI's temp folder against
>> each resources' UUID, which will be used to compare the hash changes
>> between next runs.
>>
> What are the fields which we have added to the hash?
>
>>
>>
>> Highly appreciate your ideas on this.
>>
>> Thanks!
>> Malintha
>>
>>
>> --
>> Malintha Amarasinghe
>> *WSO2, Inc. - lean | enterprise | middleware*
>> http://wso2.com/
>>
>> Mobile : +94 712383306
>>
>
>
> --
> Harsha Kumara
> Associate Technical Lead, WSO2 Inc.
> Mobile: +94775505618
> Blog:harshcreationz.blogspot.com
>



-- 
Malintha Amarasinghe
*WSO2, Inc. - lean | enterprise | middleware*
http://wso2.com/

Mobile : +94 712383306
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] [VOTE] Release of WSO2 Identity Server 5.6.0 RC3

[Vihanga Liyanage]

Hi all,

I've tested following scenarios on the IS 5.6.0-RC3 pack with default
database setup.

   - Enable user self-registration and self-register a new user.
   - Add multiple consent purposes with multiple PII categories.
   - Login to dashboard and see whether we can see the default consent and
   above added PII categories.
   - Confirm claims are getting filtered based on consents.
   - Configure a service provider with OpenID Connect and acquire access
   tokens via Authorization Code, Implicit, Client Credential and Password
   grant types.
   - Enable ID token encryption for the service provider and test the flow
   with decryption for all grant types.
   - Delete the self-signed up user, create another user with the exact
   same username, log in to the dashboard and see what are the consents
   shown.
   - Revoke consents of the user via the dashboard and try accessing the SP
   to verify the consents are asked again.
   - Delete the SP, login to the dashboard and see whether the consents are
   deleted for that SP.

No blocking issues are found.

[+] Stable - go ahead and release.

Thanks,
Vihanga.

On Fri, Jun 15, 2018 at 6:29 PM Madawa Soysa  wrote:

> Hi all,
>
> We are pleased to announce the third release candidate of WSO2 Identity
> Server 5.6.0.
>
> This release fixes the following issues
>
>- 5.6.0-RC Fixes
>
>- 5.6.0-Beta Fixes
>
>- 5.6.0-Alpha2 Fixes
>
>- 5.6.0-Alpha Fixes
>
>- 5.6.0-M7 Fixes
>
>- 5.6.0-M6 Fixes
>
>- 5.6.0-M5 Fixes
>
>- 5.6.0-M4 Fixes
>
>- 5.6.0-M3 Fixes
>
>- 5.6.0-M2 Fixes
>
>- 5.6.0-M1 Fixes
>
>
> Source and distribution,
> Runtime -  https://github.com/wso2/product-is/releases/tag/v5.6.0-rc3
> Analytics - https://github.com/wso2/analytics-is/releases/v5.6.0-rc3
>
> Please download, test the product and vote.
>
> [+] Stable - go ahead and release
> [-] Broken - do not release (explain why)
>
> Thanks,
> WSO2 Identity and Access Management Team
> --
>
> Madawa Soysa / Senior Software Engineer
> mada...@wso2.com / +94714616050
>
> *WSO2 Inc.*
> lean.enterprise.middleware
>
>   
>
>
>
>

-- 

Vihanga Liyanage

Software Engineer | WS*O₂* Inc.

M : +*94710124103* | http://wso2.com

[image: http://wso2.com/signature] 
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] Micro Gateway CLI - Hashing Resources (APIs/Policies) for change detection

[Harsha Kumara]

On Tue, Jun 19, 2018 at 11:45 AM Malintha Amarasinghe 
wrote:

> Hi,
>
> Micro gateway CLI works completely separately to API manager; whenever a
> new API is added for a label, whenever there is a change happens to an
> existing label there won't be any events published etc like previously. The
> CLI needs to regenerate the source build it and push the artifacts to the
> deployment and the full process needs to complete. In most occasions, the
> CLI can be configured to run periodically to generate sources and do above
> job.
>
> But in this case, most of the time, the CLI will be uselessly generating
> sources building it and pushing the artifacts to deployment. Comparatively,
> building and pushing artifacts to deployment have a huge overhead compared
> to generating sources.
>
> This effort is to avoid that as much as possible by change-detection; i.e.
>
> 1. The CLI will check if any of the required resources has changed vs the
> previous build and notify the user after a successful "setup" (source
> generate) command using the command line output and the exit code of the
> command.
> 2. Using the exit code, a user can write a shell script etc to decide
> whether he should proceed with "build" or not.
>
>
> *Proposed implementation:*
>
> API Publisher APIs does not have ETag feature. Even if it is there, the
> ETag will be generated for the whole resource. For code generation, we will
> be only using few attributes of the resource, hence using a global ETag for
> a resource may lead to unnecessary changes for the ETag. Hence the proposed
> implementation will be using a CLI-side hash generation for *used
> attributes *of the resource (API/Policies) only.
>
> To mark the attributes which are used for generating the code, a newly
> introduced annotation "@Hash" can be used.
>
> Ex:
>
> public class APIDetailedDTO extends APIInfoDTO {
>
> /**
>  * Swagger definition of the APIDetailedDTO which contains details about 
> URI templates and scopes\n
>  **/
> *@Hash*
> @JsonProperty("apiDefinition")
> public String getApiDefinition() {
> return apiDefinition;
> }
>
> public void setApiDefinition(String apiDefinition) {
> this.apiDefinition = apiDefinition;
> }
>
>
> /**
>  * WSDL URL if the APIDetailedDTO is based on a WSDL endpoint\n
>  **/
> @JsonProperty("wsdlUri")
> public String getWsdlUri() {
> return wsdlUri;
> }
>
> public void setWsdlUri(String wsdlUri) {
> this.wsdlUri = wsdlUri;
> }
>
> *@Hash*
> @JsonProperty("responseCaching")
> public String getResponseCaching() {
> return responseCaching;
> }
>
>
>
> The methods marked with *@Hash* will be automatically extracted from the
> code and will be used to generate the hashes for each resource.
>
> The generated hashes will be stored inside the CLI's temp folder against
> each resources' UUID, which will be used to compare the hash changes
> between next runs.
>
What are the fields which we have added to the hash?

>
>
> Highly appreciate your ideas on this.
>
> Thanks!
> Malintha
>
>
> --
> Malintha Amarasinghe
> *WSO2, Inc. - lean | enterprise | middleware*
> http://wso2.com/
>
> Mobile : +94 712383306
>


-- 
Harsha Kumara
Associate Technical Lead, WSO2 Inc.
Mobile: +94775505618
Blog:harshcreationz.blogspot.com
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

[Dev] Micro Gateway CLI - Hashing Resources (APIs/Policies) for change detection

[Malintha Amarasinghe]

Hi,

Micro gateway CLI works completely separately to API manager; whenever a
new API is added for a label, whenever there is a change happens to an
existing label there won't be any events published etc like previously. The
CLI needs to regenerate the source build it and push the artifacts to the
deployment and the full process needs to complete. In most occasions, the
CLI can be configured to run periodically to generate sources and do above
job.

But in this case, most of the time, the CLI will be uselessly generating
sources building it and pushing the artifacts to deployment. Comparatively,
building and pushing artifacts to deployment have a huge overhead compared
to generating sources.

This effort is to avoid that as much as possible by change-detection; i.e.

1. The CLI will check if any of the required resources has changed vs the
previous build and notify the user after a successful "setup" (source
generate) command using the command line output and the exit code of the
command.
2. Using the exit code, a user can write a shell script etc to decide
whether he should proceed with "build" or not.


*Proposed implementation:*

API Publisher APIs does not have ETag feature. Even if it is there, the
ETag will be generated for the whole resource. For code generation, we will
be only using few attributes of the resource, hence using a global ETag for
a resource may lead to unnecessary changes for the ETag. Hence the proposed
implementation will be using a CLI-side hash generation for *used
attributes *of the resource (API/Policies) only.

To mark the attributes which are used for generating the code, a newly
introduced annotation "@Hash" can be used.

Ex:

public class APIDetailedDTO extends APIInfoDTO {

/**
 * Swagger definition of the APIDetailedDTO which contains details
about URI templates and scopes\n
 **/
*@Hash*
@JsonProperty("apiDefinition")
public String getApiDefinition() {
return apiDefinition;
}

public void setApiDefinition(String apiDefinition) {
this.apiDefinition = apiDefinition;
}


/**
 * WSDL URL if the APIDetailedDTO is based on a WSDL endpoint\n
 **/
@JsonProperty("wsdlUri")
public String getWsdlUri() {
return wsdlUri;
}

public void setWsdlUri(String wsdlUri) {
this.wsdlUri = wsdlUri;
}

*@Hash*
@JsonProperty("responseCaching")
public String getResponseCaching() {
return responseCaching;
}



The methods marked with *@Hash* will be automatically extracted from the
code and will be used to generate the hashes for each resource.

The generated hashes will be stored inside the CLI's temp folder against
each resources' UUID, which will be used to compare the hash changes
between next runs.


Highly appreciate your ideas on this.

Thanks!
Malintha


-- 
Malintha Amarasinghe
*WSO2, Inc. - lean | enterprise | middleware*
http://wso2.com/

Mobile : +94 712383306
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev