On Tue, Aug 20, 2019 at 4:38 PM Harsha Kumara <hars...@wso2.com> wrote:
> > This is a good finding. Given this issue, I don't think it is a good idea >>>>> to proceed with the encoded slash in the path. >>>>> >>>>>> >>>>>> Alternatively, we can pass user-store in following ways: >>>>>> >>>>>> 1. /roles/{rolename}?userstore={userstore} >>>>>> 2. /userstore/{userstore}/roles/{roleName} >>>>>> 3. /roles/{rolename}/userstore/{userstore} >>>>>> 4. Or, need to have a configurable character to differentiate >>>>>> user-store and role name. For instance, roles/{userstore}*-* >>>>>> {roleName} >>>>>> >>>>>> Which way we can implement? Appreciate your suggestions regarding >>>>>> this. >>>>>> >>>>> >>>>> How do we treat Internal roles? Can we treat "Internal" as a user >>>>> store? >>>>> >>>>> Eg: check if "Internal/subscriber" is available: >>>>> >>>>> HEAD /roles/subscriber?userStore=Internal >>>>> >>>>> Is this a valid way of representing it? >>>>> >>>> >>>> If we're not allowed to create secondary userstores with the name >>>> "Internal", this should be ok. >>>> >>> For internal roles should be pass this at all? >>> >> >> That should be the behavior for the users in the primary user store right? >> > I meant userstore name shouldn't be mandatory parameter for checking > internal role existence. If not user store means we can treat it as a > internal role? > We can't I think. There should be a way to differentiate primary userstore users and internal users. Thanks, Bhathiya > >> Thanks, >> Bhathiya >> >> >>> >>>> Thanks, >>>> Bhathiya >>>> >>>> >>>>> >>>>> >>>>>> >>>>>> [1] https://issues.apache.org/jira/browse/CXF-4207 >>>>>> [2] >>>>>> https://github.com/wso2/carbon-apimgt/blob/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.util/src/main/java/org/wso2/carbon/apimgt/rest/api/util/impl/WebAppAuthenticatorImpl.java#L138 >>>>>> [3] >>>>>> https://github.com/wso2/carbon-apimgt/blob/master/components/apimgt/org.wso2.carbon.apimgt.rest.api.util/src/main/java/org/wso2/carbon/apimgt/rest/api/util/impl/WebAppAuthenticatorImpl.java#L113 >>>>>> [4] >>>>>> https://serverfault.com/questions/914847/stop-apache-from-decoding-characters-from-uri-for-path-info >>>>>> [5] https://backstage.forgerock.com/knowledge/kb/article/a59558448 >>>>>> [6] >>>>>> http://tomcat.apache.org/tomcat-9.0-doc/security-howto.html#System_Properties >>>>>> <http://tomcat.apache.org/tomcat-9.0-doc/security-howto.html> >>>>>> >>>>>> <http://tomcat.apache.org/tomcat-9.0-doc/security-howto.html> >>>>>> Thanks, >>>>>> Vithursa >>>>>> >>>>>> On Fri, Aug 16, 2019 at 11:07 AM Vithursa Mahendrarajah < >>>>>> vithu...@wso2.com> wrote: >>>>>> >>>>>>> Ack, will do that. >>>>>>> >>>>>>> On Fri, Aug 16, 2019 at 12:16 AM Harsha Kumara <hars...@wso2.com> >>>>>>> wrote: >>>>>>> >>>>>>>> @Vithursa Mahendrarajah <vithu...@wso2.com> Once you implement, >>>>>>>> let's add several test cases with special characters, secondary user >>>>>>>> store >>>>>>>> roles and etc. >>>>>>>> >>>>>>>> On Thu, Aug 15, 2019 at 4:16 PM Vithursa Mahendrarajah < >>>>>>>> vithu...@wso2.com> wrote: >>>>>>>> >>>>>>>>> Hi all, >>>>>>>>> >>>>>>>>> Thanks for the suggestions. As per the suggestions, we have >>>>>>>>> decided to go with HEAD request option. As mentioned earlier in this >>>>>>>>> thread, following are the scenarios where role validation is required: >>>>>>>>> >>>>>>>>> 1. API Design phase - >>>>>>>>> - Publisher access control - check whether the role exists and >>>>>>>>> the logged-in user has the role >>>>>>>>> - Store visibility - check whether the role exists or not >>>>>>>>> 2. API Manage phase - when adding new scope - check whether >>>>>>>>> the role exists or not >>>>>>>>> >>>>>>>>> We have decided to add the OAuth2 scope as apim:api_create as >>>>>>>>> these functionalities are used by API creator. >>>>>>>>> >>>>>>>>> As per the offline discussion had with @Malintha Amarasinghe >>>>>>>>> <malint...@wso2.com> and @Kasun Thennakoon <kasu...@wso2.com>, >>>>>>>>> when checking whether the logged-in user has particular role, claims >>>>>>>>> in ID >>>>>>>>> token stored in browser local storage could be used. By considering >>>>>>>>> the >>>>>>>>> possibility of manipulating the ID token in local storage, complexity >>>>>>>>> in >>>>>>>>> handling when using secondary userstore and the security concerns in >>>>>>>>> exposing roles assigned to particular user, we have decided to >>>>>>>>> introduce another REST API to check whether the logged-in user has the >>>>>>>>> given role as this would be more cleaner. >>>>>>>>> >>>>>>>>> Please find the REST API definition as follows: >>>>>>>>> >>>>>>>>> ###################################################### >>>>>>>>> # The Role Name Existence >>>>>>>>> ###################################################### >>>>>>>>> /roles/{roleName}: >>>>>>>>> #----------------------------------------------------- >>>>>>>>> # The role name existence check resource >>>>>>>>> #----------------------------------------------------- >>>>>>>>> head: >>>>>>>>> security: >>>>>>>>> - OAuth2Security: >>>>>>>>> - apim:api_create >>>>>>>>> summary: >>>>>>>>> Check given role name already exists >>>>>>>>> description: >>>>>>>>> Using this operation, to check whether given role already >>>>>>>>> exists >>>>>>>>> parameters: >>>>>>>>> - $ref : '#/parameters/roleName' >>>>>>>>> responses: >>>>>>>>> 200: >>>>>>>>> description: >>>>>>>>> OK. >>>>>>>>> Requested role name is returned. >>>>>>>>> 404: >>>>>>>>> description: >>>>>>>>> Not Found. >>>>>>>>> Requested role name does not exist. >>>>>>>>> >>>>>>>>> ###################################################### >>>>>>>>> # The Role Name Existence for the logged-in user >>>>>>>>> ###################################################### >>>>>>>>> /me/roles/{roleName}: >>>>>>>>> #----------------------------------------------------- >>>>>>>>> # Validate role against a user >>>>>>>>> #----------------------------------------------------- >>>>>>>>> head: >>>>>>>>> security: >>>>>>>>> - OAuth2Security: >>>>>>>>> - apim:api_create >>>>>>>>> summary: >>>>>>>>> Validate whether the logged-in user has the given role >>>>>>>>> description: >>>>>>>>> Using this operation, logged-in user can check whether he has >>>>>>>>> given role. >>>>>>>>> parameters: >>>>>>>>> - $ref : '#/parameters/roleName' >>>>>>>>> responses: >>>>>>>>> 200: >>>>>>>>> description: >>>>>>>>> OK. >>>>>>>>> Logged-in user has the role. >>>>>>>>> 404: >>>>>>>>> description: >>>>>>>>> Not Found. >>>>>>>>> Logged-in user does not have the role. >>>>>>>>> >>>>>>>>> Appreciate any feedback on this. >>>>>>>>> >>>>>>>>> Thanks, >>>>>>>>> Vithursa >>>>>>>>> >>>>>>>>> On Thu, Aug 15, 2019 at 11:35 AM Naduni Pamudika <nad...@wso2.com> >>>>>>>>> wrote: >>>>>>>>> >>>>>>>>>> +Vithursa Mahendrarajah <vithu...@wso2.com> >>>>>>>>>> >>>>>>>>>> On Mon, Aug 12, 2019 at 5:26 PM Sanjeewa Malalgoda < >>>>>>>>>> sanje...@wso2.com> wrote: >>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> On Thu, Aug 8, 2019 at 9:08 PM Malintha Amarasinghe < >>>>>>>>>>> malint...@wso2.com> wrote: >>>>>>>>>>> >>>>>>>>>>>> When we return a 404, it implies that the URL (or the resource) >>>>>>>>>>>> does not exist. Here the URL/resource is */validate-role *(a >>>>>>>>>>>> controller resource) which always exists so it is wrong to return >>>>>>>>>>>> a 404 at >>>>>>>>>>>> any case. >>>>>>>>>>>> >>>>>>>>>>> Yes agree with this and controller resource(as query params >>>>>>>>>>> optional controller resource will be resource) is not ideal for >>>>>>>>>>> this. >>>>>>>>>>> Using head would be good option. Like nirmal mentioned any >>>>>>>>>>> additional parameters related to filter criteria can be passed as >>>>>>>>>>> query >>>>>>>>>>> parameters. >>>>>>>>>>> >>>>>>>>>>> Thanks, >>>>>>>>>>> sanjeewa/ >>>>>>>>>>> >>>>>>>>>>>> >>>>>>>>>>>> Thanks! >>>>>>>>>>>> >>>>>>>>>>>> On Thu, Aug 8, 2019 at 7:12 PM Menaka Jayawardena < >>>>>>>>>>>> men...@wso2.com> wrote: >>>>>>>>>>>> >>>>>>>>>>>>> Hi Naduni, >>>>>>>>>>>>> >>>>>>>>>>>>> Wh the GET request always returns 200? >>>>>>>>>>>>> Can't we set the status code 404 if the role is not found? So >>>>>>>>>>>>> we can check the response status from the UI. We do not want to >>>>>>>>>>>>> read the >>>>>>>>>>>>> body then. >>>>>>>>>>>>> >>>>>>>>>>>>> >>>>>>>>>>>>> >>>>>>>>>>>>> On Thu, Aug 8, 2019 at 6:05 PM Naduni Pamudika < >>>>>>>>>>>>> nad...@wso2.com> wrote: >>>>>>>>>>>>> >>>>>>>>>>>>>> Hi All, >>>>>>>>>>>>>> >>>>>>>>>>>>>> Thanks all for the suggestions. With the GET method @Bhathiya >>>>>>>>>>>>>> Jayasekara <bhath...@wso2.com> suggested, we have the >>>>>>>>>>>>>> following 2 options now. >>>>>>>>>>>>>> >>>>>>>>>>>>>> 1. *HEAD /roles/{roleName}* >>>>>>>>>>>>>> 2. *GET /validate-role?role=rolename* >>>>>>>>>>>>>> >>>>>>>>>>>>>> >>>>>>>>>>>>>> If we go with the option 1, it will simplify the work in the >>>>>>>>>>>>>> UI side while doing the role validations by using the Rest API >>>>>>>>>>>>>> since we can >>>>>>>>>>>>>> do the validation by looking at the status code (If the role >>>>>>>>>>>>>> exists it is a >>>>>>>>>>>>>> 200 and if not it is a 404). If we go with the option 2, it will >>>>>>>>>>>>>> always >>>>>>>>>>>>>> return a 200 status code and we need to check the response body >>>>>>>>>>>>>> to validate >>>>>>>>>>>>>> a particular role name (We can send *isRoleExist=true* and >>>>>>>>>>>>>> *isRoleExist=false* in the response body depending on the >>>>>>>>>>>>>> existence of a role name). >>>>>>>>>>>>>> >>>>>>>>>>>>>> Since most of us are +1 with the option 2, shall we move >>>>>>>>>>>>>> forward with the GET method? >>>>>>>>>>>>>> >>>>>>>>>>>>>> Thanks, >>>>>>>>>>>>>> Naduni >>>>>>>>>>>>>> >>>>>>>>>>>>>> On Wed, Aug 7, 2019 at 7:27 PM Bhathiya Jayasekara < >>>>>>>>>>>>>> bhath...@wso2.com> wrote: >>>>>>>>>>>>>> >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> On Wed, Aug 7, 2019 at 6:24 PM Malintha Amarasinghe < >>>>>>>>>>>>>>> malint...@wso2.com> wrote: >>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> On Wed, Aug 7, 2019 at 3:39 PM Harsha Kumara < >>>>>>>>>>>>>>>> hars...@wso2.com> wrote: >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>> On Wed, Aug 7, 2019 at 3:37 PM Malintha Amarasinghe < >>>>>>>>>>>>>>>>> malint...@wso2.com> wrote: >>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>> On Wed, Aug 7, 2019 at 3:35 PM Harsha Kumara < >>>>>>>>>>>>>>>>>> hars...@wso2.com> wrote: >>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>> Let's say if someone wants to check existence of role >>>>>>>>>>>>>>>>>>> foo in user store TEST. He will do a call /roke/TEST/foo >>>>>>>>>>>>>>>>>>> which isn't valid >>>>>>>>>>>>>>>>>>> request right? >>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>> @Harsha Kumara <hars...@wso2.com> we need to URL encode >>>>>>>>>>>>>>>>>> the role name. The request will become /roles/TEST%2Ffoo >>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>> Yes that's true. Again some customers might have different >>>>>>>>>>>>>>>>> letters in their role names. Might note be a good idea to >>>>>>>>>>>>>>>>> include as a path >>>>>>>>>>>>>>>>> parameter. >>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> Even if we add as a query param, that will go as part of >>>>>>>>>>>>>>>> the URL which might lead to similar issues? We may need to >>>>>>>>>>>>>>>> test this for >>>>>>>>>>>>>>>> query parameters as well. >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> I preferred the HEAD method due to the simpleness ( only >>>>>>>>>>>>>>>> need to respond with 204 or 404 without any payload based on >>>>>>>>>>>>>>>> the >>>>>>>>>>>>>>>> availability of the role) and RESTfulness (consider a role as >>>>>>>>>>>>>>>> a resource >>>>>>>>>>>>>>>> and do a fetch on it in the usual way). HEAD is the usual way >>>>>>>>>>>>>>>> for checking >>>>>>>>>>>>>>>> the existence of a resource. However, we do not have the need >>>>>>>>>>>>>>>> for >>>>>>>>>>>>>>>> implementing a GET here for now. >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> This is actually my worry is. I don't think we'll ever have >>>>>>>>>>>>>>> to give a /roles/{role} in the publisher APIs. So having a HEAD >>>>>>>>>>>>>>> without a >>>>>>>>>>>>>>> GET feels strange to me. Maybe it's just me. >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> Thanks, >>>>>>>>>>>>>>> Bhathiya >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>> On Wed, Aug 7, 2019 at 3:33 PM Mushthaq Rumy < >>>>>>>>>>>>>>>>>>> musht...@wso2.com> wrote: >>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>> Adding [Architecture] >>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>> On Wed, Aug 7, 2019 at 3:30 PM Mushthaq Rumy < >>>>>>>>>>>>>>>>>>>> musht...@wso2.com> wrote: >>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>> Since we will be UserStoreManager, this should cover >>>>>>>>>>>>>>>>>>>>> the secondary user stores as well. >>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>> Thanks & Regards, >>>>>>>>>>>>>>>>>>>>> Mushthaq >>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>> On Wed, Aug 7, 2019 at 3:28 PM Harsha Kumara < >>>>>>>>>>>>>>>>>>>>> hars...@wso2.com> wrote: >>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>> What happen if the role is from secondary user store? >>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>> On Wed, Aug 7, 2019 at 3:24 PM Naduni Pamudika < >>>>>>>>>>>>>>>>>>>>>> nad...@wso2.com> wrote: >>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>> Hi All, >>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>> We are planning to add a REST API endpoint to APIM >>>>>>>>>>>>>>>>>>>>>>> 3.0 Publisher Rest APIs and the intention is to check >>>>>>>>>>>>>>>>>>>>>>> the existence of a >>>>>>>>>>>>>>>>>>>>>>> particular role name. This will be used in order to >>>>>>>>>>>>>>>>>>>>>>> manage roles when >>>>>>>>>>>>>>>>>>>>>>> enabling Publisher Access Control and Store Visibility >>>>>>>>>>>>>>>>>>>>>>> and when adding >>>>>>>>>>>>>>>>>>>>>>> Scopes. >>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>> The swagger definition for the new endpoint would be >>>>>>>>>>>>>>>>>>>>>>> as follows. >>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>> ###################################################### >>>>>>>>>>>>>>>>>>>>>>> # The Role Name Existence >>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>> ###################################################### >>>>>>>>>>>>>>>>>>>>>>> /roles/{roleName}: >>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>> #----------------------------------------------------- >>>>>>>>>>>>>>>>>>>>>>> # The role name existence check resource >>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>> #----------------------------------------------------- >>>>>>>>>>>>>>>>>>>>>>> head: >>>>>>>>>>>>>>>>>>>>>>> security: >>>>>>>>>>>>>>>>>>>>>>> - OAuth2Security: >>>>>>>>>>>>>>>>>>>>>>> - apim:api_view >>>>>>>>>>>>>>>>>>>>>>> summary: | >>>>>>>>>>>>>>>>>>>>>>> Check given role name is already exist >>>>>>>>>>>>>>>>>>>>>>> description: | >>>>>>>>>>>>>>>>>>>>>>> Using this operation, you can check a >>>>>>>>>>>>>>>>>>>>>>> given role name is already used. You need to provide >>>>>>>>>>>>>>>>>>>>>>> the role name you want >>>>>>>>>>>>>>>>>>>>>>> to check. >>>>>>>>>>>>>>>>>>>>>>> parameters: >>>>>>>>>>>>>>>>>>>>>>> - $ref : '#/parameters/roleName' >>>>>>>>>>>>>>>>>>>>>>> responses: >>>>>>>>>>>>>>>>>>>>>>> 200: >>>>>>>>>>>>>>>>>>>>>>> description: | >>>>>>>>>>>>>>>>>>>>>>> OK. >>>>>>>>>>>>>>>>>>>>>>> Requested role name is returned. >>>>>>>>>>>>>>>>>>>>>>> 404: >>>>>>>>>>>>>>>>>>>>>>> description: | >>>>>>>>>>>>>>>>>>>>>>> Not Found. >>>>>>>>>>>>>>>>>>>>>>> Requested role name does not exist. >>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>> ###################################################### >>>>>>>>>>>>>>>>>>>>>>> # Role Name >>>>>>>>>>>>>>>>>>>>>>> roleName: >>>>>>>>>>>>>>>>>>>>>>> name: roleName >>>>>>>>>>>>>>>>>>>>>>> in: path >>>>>>>>>>>>>>>>>>>>>>> description: | >>>>>>>>>>>>>>>>>>>>>>> The role name >>>>>>>>>>>>>>>>>>>>>>> required: true >>>>>>>>>>>>>>>>>>>>>>> type: string >>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>> It is a HEAD method (*/roles/{roleName}*) which >>>>>>>>>>>>>>>>>>>>>>> will return a 200 status code if the given role name >>>>>>>>>>>>>>>>>>>>>>> exists and a 404 >>>>>>>>>>>>>>>>>>>>>>> status code if the give role name is not found. Sample >>>>>>>>>>>>>>>>>>>>>>> requests and >>>>>>>>>>>>>>>>>>>>>>> responses are given below. >>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>> Request: >>>>>>>>>>>>>>>>>>>>>>> HEAD >>>>>>>>>>>>>>>>>>>>>>> https://localhost:9443/api/am/publisher/v1.0/roles/valid-role >>>>>>>>>>>>>>>>>>>>>>> HTTP/1.1 >>>>>>>>>>>>>>>>>>>>>>> Authorization: Bearer >>>>>>>>>>>>>>>>>>>>>>> ae4eae22-3f65-387b-a171-d37eaa366fa8 >>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>> Response: >>>>>>>>>>>>>>>>>>>>>>> HTTP/1.1 200 OK >>>>>>>>>>>>>>>>>>>>>>> Connection: keep-alive >>>>>>>>>>>>>>>>>>>>>>> Content-Length: 0 >>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>> Request: >>>>>>>>>>>>>>>>>>>>>>> HEAD >>>>>>>>>>>>>>>>>>>>>>> https://localhost:9443/api/am/publisher/v1.0/roles/invalid-role >>>>>>>>>>>>>>>>>>>>>>> HTTP/1.1 >>>>>>>>>>>>>>>>>>>>>>> Authorization: Bearer >>>>>>>>>>>>>>>>>>>>>>> ae4eae22-3f65-387b-a171-d37eaa366fa8 >>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>> Response: >>>>>>>>>>>>>>>>>>>>>>> HTTP/1.1 404 Not Found >>>>>>>>>>>>>>>>>>>>>>> Connection: keep-alive >>>>>>>>>>>>>>>>>>>>>>> Content-Length: 0 >>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>> Are we good to have the endpoint definition as this? >>>>>>>>>>>>>>>>>>>>>>> Appreciate your inputs to proceed further. >>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>> Thanks, >>>>>>>>>>>>>>>>>>>>>>> Naduni >>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>> -- >>>>>>>>>>>>>>>>>>>>>>> *Naduni Pamudika* | Senior Software Engineer | WSO2 >>>>>>>>>>>>>>>>>>>>>>> Inc. >>>>>>>>>>>>>>>>>>>>>>> (m) +94 (71) 9143658 | (w) +94 (11) 2145345 | (e) >>>>>>>>>>>>>>>>>>>>>>> nad...@wso2.com >>>>>>>>>>>>>>>>>>>>>>> [image: http://wso2.com/signature] >>>>>>>>>>>>>>>>>>>>>>> <http://wso2.com/signature> >>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>> -- >>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>> *Harsha Kumara* >>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>> Technical Lead, WSO2 Inc. >>>>>>>>>>>>>>>>>>>>>> Mobile: +94775505618 >>>>>>>>>>>>>>>>>>>>>> Email: hars...@wso2.coim >>>>>>>>>>>>>>>>>>>>>> Blog: harshcreationz.blogspot.com >>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>>> GET INTEGRATION AGILE >>>>>>>>>>>>>>>>>>>>>> Integration Agility for Digitally Driven Business >>>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>> -- >>>>>>>>>>>>>>>>>>>>> Mushthaq Rumy >>>>>>>>>>>>>>>>>>>>> *Senior Software Engineer* >>>>>>>>>>>>>>>>>>>>> Mobile : +94 (0) 779 492140 >>>>>>>>>>>>>>>>>>>>> Email : musht...@wso2.com >>>>>>>>>>>>>>>>>>>>> WSO2, Inc.; http://wso2.com/ >>>>>>>>>>>>>>>>>>>>> lean . enterprise . middleware. >>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>>> <http://wso2.com/signature> >>>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>> -- >>>>>>>>>>>>>>>>>>>> Mushthaq Rumy >>>>>>>>>>>>>>>>>>>> *Senior Software Engineer* >>>>>>>>>>>>>>>>>>>> Mobile : +94 (0) 779 492140 >>>>>>>>>>>>>>>>>>>> Email : musht...@wso2.com >>>>>>>>>>>>>>>>>>>> WSO2, Inc.; http://wso2.com/ >>>>>>>>>>>>>>>>>>>> lean . enterprise . middleware. >>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>>> <http://wso2.com/signature> >>>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>> -- >>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>> *Harsha Kumara* >>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>> Technical Lead, WSO2 Inc. >>>>>>>>>>>>>>>>>>> Mobile: +94775505618 >>>>>>>>>>>>>>>>>>> Email: hars...@wso2.coim >>>>>>>>>>>>>>>>>>> Blog: harshcreationz.blogspot.com >>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>>> GET INTEGRATION AGILE >>>>>>>>>>>>>>>>>>> Integration Agility for Digitally Driven Business >>>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>> -- >>>>>>>>>>>>>>>>>> Malintha Amarasinghe >>>>>>>>>>>>>>>>>> *WSO2, Inc. - lean | enterprise | middleware* >>>>>>>>>>>>>>>>>> http://wso2.com/ >>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>> Mobile : +94 712383306 >>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>> -- >>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>> *Harsha Kumara* >>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>> Technical Lead, WSO2 Inc. >>>>>>>>>>>>>>>>> Mobile: +94775505618 >>>>>>>>>>>>>>>>> Email: hars...@wso2.coim >>>>>>>>>>>>>>>>> Blog: harshcreationz.blogspot.com >>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>> GET INTEGRATION AGILE >>>>>>>>>>>>>>>>> Integration Agility for Digitally Driven Business >>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> -- >>>>>>>>>>>>>>>> Malintha Amarasinghe >>>>>>>>>>>>>>>> *WSO2, Inc. - lean | enterprise | middleware* >>>>>>>>>>>>>>>> http://wso2.com/ >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> Mobile : +94 712383306 >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> -- >>>>>>>>>>>>>>> *Bhathiya Jayasekara* | Technical Lead | WSO2 Inc. >>>>>>>>>>>>>>> (m) +94 71 547 8185 | (e) bhathiya-@t-wso2-d0t-com >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> >>>>>>>>>>>>>> >>>>>>>>>>>>>> -- >>>>>>>>>>>>>> *Naduni Pamudika* | Senior Software Engineer | WSO2 Inc. >>>>>>>>>>>>>> (m) +94 (71) 9143658 | (w) +94 (11) 2145345 | (e) >>>>>>>>>>>>>> nad...@wso2.com >>>>>>>>>>>>>> [image: http://wso2.com/signature] >>>>>>>>>>>>>> <http://wso2.com/signature> >>>>>>>>>>>>>> >>>>>>>>>>>>>> >>>>>>>>>>>>> >>>>>>>>>>>>> -- >>>>>>>>>>>>> >>>>>>>>>>>>> *Menaka Jayawardena* >>>>>>>>>>>>> Senior Software Engineer | WSO2 Inc. >>>>>>>>>>>>> +94 71 350 5470 | +94 76 717 2511 | men...@wso2.com >>>>>>>>>>>>> >>>>>>>>>>>>> <https://wso2.com/signature> >>>>>>>>>>>>> >>>>>>>>>>>>> >>>>>>>>>>>> >>>>>>>>>>>> -- >>>>>>>>>>>> Malintha Amarasinghe >>>>>>>>>>>> *WSO2, Inc. - lean | enterprise | middleware* >>>>>>>>>>>> http://wso2.com/ >>>>>>>>>>>> >>>>>>>>>>>> Mobile : +94 712383306 >>>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> -- >>>>>>>>>>> *Sanjeewa Malalgoda* >>>>>>>>>>> Software Architect | Associate Director, Engineering - WSO2 Inc. >>>>>>>>>>> (m) +94 712933253 | (e) sanje...@wso2.com | (b) Blogger >>>>>>>>>>> <http://sanjeewamalalgoda.blogspot.com>, Medium >>>>>>>>>>> <https://medium.com/@sanjeewa190> >>>>>>>>>>> >>>>>>>>>>> GET INTEGRATION AGILE <https://wso2.com/signature> >>>>>>>>>>> Integration Agility for Digitally Driven Business >>>>>>>>>>> >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> -- >>>>>>>>>> *Naduni Pamudika* | Senior Software Engineer | WSO2 Inc. >>>>>>>>>> (m) +94 (71) 9143658 | (w) +94 (11) 2145345 | (e) nad...@wso2.com >>>>>>>>>> [image: http://wso2.com/signature] <http://wso2.com/signature> >>>>>>>>>> >>>>>>>>>> >>>>>>>>> >>>>>>>>> -- >>>>>>>>> Vithursa Mahendrarajah >>>>>>>>> Software Engineer >>>>>>>>> WSO2 Inc. - http ://wso2.com >>>>>>>>> Mobile : +947*66695643* <+94%2077%20819%201300> >>>>>>>>> >>>>>>>>> >>>>>>>>> * <http://wso2.com/signature> <http://wso2.com/signature> >>>>>>>>> <http://wso2.com/signature>* >>>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> -- >>>>>>>> >>>>>>>> *Harsha Kumara* >>>>>>>> >>>>>>>> Technical Lead, WSO2 Inc. >>>>>>>> Mobile: +94775505618 >>>>>>>> Email: hars...@wso2.coim >>>>>>>> Blog: harshcreationz.blogspot.com >>>>>>>> >>>>>>>> GET INTEGRATION AGILE >>>>>>>> Integration Agility for Digitally Driven Business >>>>>>>> >>>>>>> >>>>>>> >>>>>>> -- >>>>>>> Vithursa Mahendrarajah >>>>>>> Software Engineer >>>>>>> WSO2 Inc. - http ://wso2.com >>>>>>> Mobile : +947*66695643* <+94%2077%20819%201300> >>>>>>> >>>>>>> >>>>>>> * <http://wso2.com/signature> <http://wso2.com/signature> >>>>>>> <http://wso2.com/signature>* >>>>>>> >>>>>> >>>>>> >>>>>> -- >>>>>> Vithursa Mahendrarajah >>>>>> Software Engineer >>>>>> WSO2 Inc. - http ://wso2.com >>>>>> Mobile : +947*66695643* <+94%2077%20819%201300> >>>>>> >>>>>> >>>>>> * <http://wso2.com/signature> <http://wso2.com/signature> >>>>>> <http://wso2.com/signature>* >>>>>> >>>>> >>>> >>>> -- >>>> *Bhathiya Jayasekara* | Technical Lead | WSO2 Inc. >>>> (m) +94 71 547 8185 | (e) bhathiya-@t-wso2-d0t-com >>>> >>>> >>>> >>> >>> -- >>> >>> *Harsha Kumara* >>> >>> Technical Lead, WSO2 Inc. >>> Mobile: +94775505618 >>> Email: hars...@wso2.coim >>> Blog: harshcreationz.blogspot.com >>> >>> GET INTEGRATION AGILE >>> Integration Agility for Digitally Driven Business >>> >> >> >> -- >> *Bhathiya Jayasekara* | Technical Lead | WSO2 Inc. >> (m) +94 71 547 8185 | (e) bhathiya-@t-wso2-d0t-com >> >> >> > > -- > > *Harsha Kumara* > > Technical Lead, WSO2 Inc. > Mobile: +94775505618 > Email: hars...@wso2.coim > Blog: harshcreationz.blogspot.com > > GET INTEGRATION AGILE > Integration Agility for Digitally Driven Business > -- *Bhathiya Jayasekara* | Technical Lead | WSO2 Inc. (m) +94 71 547 8185 | (e) bhathiya-@t-wso2-d0t-com
_______________________________________________ Architecture mailing list Architecture@wso2.org https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture