On Sun, Sep 29, 2019 at 10:48 AM Harsha Kumara <hars...@wso2.com> wrote:
> > > On Fri, Sep 27, 2019 at 7:30 PM Harsha Kumara <hars...@wso2.com> wrote: > >> >> >> On Fri, Sep 27, 2019 at 7:06 PM Piraveena Paralogarajah < >> pirave...@wso2.com> wrote: >> >>> Hi Harsha, >>> >>> As @Sathya Bandara <sat...@wso2.com> pointed in the previous mail, >>> >>> In the oauth spec [1], it mandates that client should not use more than >>>> one authentication mechanism per request. Hence, we have that validation >>>> here. >>>> [1] https://tools.ietf.org/html/rfc6749#section-2.3 >>> >>> >>> A client should not use more than one authentication mechanism. But an >>> Identity provider can have any number of authenticators enabled since >>> different clients can use different authentication mechanisms. Using two >>> authentication mechanisms at the same time need to be fixed in the >>> client-side. >>> >> Agreed on that, but our client initialization even in outbound openid >> client doesn't specifically set the certificate. Since we set the trustores >> as system properties, it will by default engage that during the http client >> initilizations. With this, any client who prefer to use MutualTLS for the >> token endpoint should disable this. Since MutualTLS is a transport level >> security implementation, people will consider it as an additional layer of >> security. When request reached the token endpoint, mutual TLS is already >> completed. If client wrote by us which reside in the product call this >> endpoint will lead to this issue. Rather than asking users to disable it, >> my suggestion is to disable the authenticator by default. >> > The ideal solution for this would be to implement the approach suggested by Hasintha. Prior to IS-5.7.0, the MTLS authenticator was shipped as an external connector and in IS-5.8.0 it has been added to the product by default and enabled it. If we are to disable this in 5.9.0 by default, there will be inconsistency in the configurations for the existing customers. However, I am +1 to disable this config in IS as KM distribution for APIM 3.0.0. And keep the authenticator enabled in IS-5.9.0 as IS-5.9.0-RC vote is ongoing and this is not a blocker for that. >>> Regards, >>> Piraveena >>> *Piraveena Paralogarajah* >>> Software Engineer | WSO2 Inc. >>> *(m)* +94776099594 | *(e)* pirave...@wso2.com >>> >>> >>> >>> On Fri, Sep 27, 2019 at 6:53 PM Harsha Kumara <hars...@wso2.com> wrote: >>> >>>> +1 to have it under the application level. >>>> >>>> This issue even occur when i configure IS as a OIDC provider in our API >>>> Manager. Rather than asking clients to turn if off through the >>>> configuration, I'm favour of having that disable by default. If person >>>> configure IS as KM, then this become a mandatory configuration to disable. >>>> Also this extension added after the IS 5.7.0, if user migrate, then this >>>> again become a mandatory option during the migration. >>>> >>>> Thanks, >>>> Harsha >>>> >>>> >>>> >>>> On Fri, Sep 27, 2019 at 5:47 PM Hasintha Indrajee <hasin...@wso2.com> >>>> wrote: >>>> >>>>> The original problem is we can't execute client authenticators per >>>>> application. As per our current implementation we never can have a both >>>>> MTLS and Basic Auth client authentication supported in the server while >>>>> different clients using Basic auth + MTLS and BasicAuth or MTLS alone. >>>>> >>>>> Hence I think, the best solution is to make client authenticators >>>>> configurable per oauth app. This should be an easy implementation. (Store >>>>> engaged authenticators as oauth app property and honour them through an >>>>> abstract logic in ClientAuthenticators). >>>>> >>>>> However It's rationale to turn this MTLS client authenticator off for >>>>> OB since it's one of their OOTB use cases. >>>>> >>>>> On Fri, Sep 27, 2019 at 5:08 PM Harsha Kumara <hars...@wso2.com> >>>>> wrote: >>>>> >>>>>> Hi All, >>>>>> >>>>>> When I configured the IS as KM, same issue occured during the token >>>>>> generation as our client initialize using the required keystores. Client >>>>>> will set the javax.servlet.request.X509Certificate by default. Our >>>>>> products >>>>>> support http verify clent as option which means client can authenticate >>>>>> with one or two way SSL. Also there are clients who secure their token >>>>>> endpoint with mutual authentication along with the default authentication >>>>>> used in the grant types. AFAIK, in OB usecases it require token endpoint >>>>>> to >>>>>> secured with MutualTLS. I believe this authenticator should be disabled >>>>>> by >>>>>> default. @Hasintha Indrajee <hasin...@wso2.com> WDYT? >>>>>> >>>>>> Thanks, >>>>>> Harsha >>>>>> >>>>>> On Sat, Sep 21, 2019 at 10:12 AM Harsha Kumara <hars...@wso2.com> >>>>>> wrote: >>>>>> >>>>>>> Thank you for the information. Since I'm using the alpha4 update, it >>>>>>> should have that fix. I'll check further >>>>>>> >>>>>>> On Sat, Sep 21, 2019 at 12:20 AM Sathya Bandara <sat...@wso2.com> >>>>>>> wrote: >>>>>>> >>>>>>>> That PR was not merged. Instead the missing registry configs were >>>>>>>> re-added [1] >>>>>>>> >>>>>>>> [1] https://github.com/wso2/product-is/pull/6076 >>>>>>>> >>>>>>>> On Fri, Sep 20, 2019 at 8:35 PM Harsha Kumara <hars...@wso2.com> >>>>>>>> wrote: >>>>>>>> >>>>>>>>> Since this either should handle at client side and mandate not to >>>>>>>>> send the certificate or we have to disable the handler. Looks like we >>>>>>>>> have >>>>>>>>> disabled the handler by default in >>>>>>>>> https://github.com/wso2/carbon-identity-framework/pull/2336/files >>>>>>>>> >>>>>>>>> But I don't see it in the wso2is-5.9.0-alpha4-SNAPSHOT. Was it >>>>>>>>> revert again? >>>>>>>>> >>>>>>>>> Thanks, >>>>>>>>> Harsha >>>>>>>>> >>>>>>>>> On Fri, Sep 20, 2019 at 7:53 PM Harsha Kumara <hars...@wso2.com> >>>>>>>>> wrote: >>>>>>>>> >>>>>>>>>> Thanks a lot @Sathya Bandara <sat...@wso2.com> That should be >>>>>>>>>> the issue. I will check and update the thread. >>>>>>>>>> >>>>>>>>>> Thanks, >>>>>>>>>> Harsha >>>>>>>>>> >>>>>>>>>> On Fri, Sep 20, 2019 at 7:14 PM Sathya Bandara <sat...@wso2.com> >>>>>>>>>> wrote: >>>>>>>>>> >>>>>>>>>>> We came across a similar issue where the OIDC federated >>>>>>>>>>> authenticator sets the certificate by default to the request [1]. >>>>>>>>>>> This has >>>>>>>>>>> occurred due to a change to registry.xml with new config model. >>>>>>>>>>> When the >>>>>>>>>>> changes were reverted it worked as expected [2]. Maybe the same >>>>>>>>>>> issue >>>>>>>>>>> exists with APIM? >>>>>>>>>>> >>>>>>>>>>> [1] "Error when invoking OIDC federated Authenticator in IS >>>>>>>>>>> 5.9.0-m5" >>>>>>>>>>> [2] https://github.com/wso2/product-is/issues/6013 >>>>>>>>>>> >>>>>>>>>>> On Fri, Sep 20, 2019 at 6:50 PM Harsha Kumara <hars...@wso2.com> >>>>>>>>>>> wrote: >>>>>>>>>>> >>>>>>>>>>>> Yes that's correct. I'm using the openid authenticator, so it >>>>>>>>>>>> sets the certificate by default to the header, hence multiple >>>>>>>>>>>> authenticators getting triggered..But mutual SSL is handled at the >>>>>>>>>>>> transport layer and even with mutual authentication, client id and >>>>>>>>>>>> secret >>>>>>>>>>>> will be present in the request. I feel there is something wrong >>>>>>>>>>>> with the >>>>>>>>>>>> logic. >>>>>>>>>>>> >>>>>>>>>>>> On Fri, Sep 20, 2019 at 6:39 PM Sathya Bandara <sat...@wso2.com> >>>>>>>>>>>> wrote: >>>>>>>>>>>> >>>>>>>>>>>>> If client secret is used for client authentication with POST >>>>>>>>>>>>> request to the token endpoint, then its not required to send the >>>>>>>>>>>>> certificate. >>>>>>>>>>>>> >>>>>>>>>>>>> On Fri, Sep 20, 2019 at 6:35 PM Harsha Kumara < >>>>>>>>>>>>> hars...@wso2.com> wrote: >>>>>>>>>>>>> >>>>>>>>>>>>>> So if so our OpenIDConnectAuthenticator shouldn't set >>>>>>>>>>>>>> certificate in the request during the authorization code >>>>>>>>>>>>>> exchange? >>>>>>>>>>>>>> >>>>>>>>>>>>>> On Fri, Sep 20, 2019 at 6:30 PM Sathya Bandara < >>>>>>>>>>>>>> sat...@wso2.com> wrote: >>>>>>>>>>>>>> >>>>>>>>>>>>>>> Hi Harsha, >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> In the oauth spec [1], it mandates that client should not >>>>>>>>>>>>>>> use more than one authentication mechanism per request. Hence, >>>>>>>>>>>>>>> we have that >>>>>>>>>>>>>>> validation here. >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> [1] https://tools.ietf.org/html/rfc6749#section-2.3 >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> Thanks, >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> On Fri, Sep 20, 2019 at 6:25 PM Harsha Kumara < >>>>>>>>>>>>>>> hars...@wso2.com> wrote: >>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> As we can configure multiple authenticators, and add them >>>>>>>>>>>>>>>> based on canAuthenticate method response, why we need to >>>>>>>>>>>>>>>> return above error >>>>>>>>>>>>>>>> if multiple authenticators engaged? >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> On Fri, Sep 20, 2019 at 6:22 PM Harsha Kumara < >>>>>>>>>>>>>>>> hars...@wso2.com> wrote: >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>> It seems the logic of checking authenticator list greater >>>>>>>>>>>>>>>>> than 1 should be correct? >>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>> On Fri, Sep 20, 2019 at 5:30 PM Harsha Kumara < >>>>>>>>>>>>>>>>> hars...@wso2.com> wrote: >>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>> Hi, >>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>> With the API Manager 3.0.0 release, we are going to add >>>>>>>>>>>>>>>>>> OIDC authenticator to the API Manager as we already had that >>>>>>>>>>>>>>>>>> capability in >>>>>>>>>>>>>>>>>> directly through the site.json configuration. >>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>> However to try the scenario, I have followed the >>>>>>>>>>>>>>>>>> document[1]. >>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>> Setup would be APIM 3.0.0 and IS-5.9.0-Alpha4-SNAPSHOT. I >>>>>>>>>>>>>>>>>> got below error during the authorization code exchange. >>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>> [2019-09-20 15:33:38,428] ERROR - DefaultStepHandler >>>>>>>>>>>>>>>>>> Authentication failed exception! >>>>>>>>>>>>>>>>>> org.wso2.carbon.identity.application.authentication.framework.exception.AuthenticationFailedException: >>>>>>>>>>>>>>>>>> invalid_request, The client MUST NOT use more than one >>>>>>>>>>>>>>>>>> authentication >>>>>>>>>>>>>>>>>> method in each >>>>>>>>>>>>>>>>>> at >>>>>>>>>>>>>>>>>> org.wso2.carbon.identity.application.authenticator.oidc.OpenIDConnectAuthenticator.getOauthResponse(OpenIDConnectAuthenticator.java:615) >>>>>>>>>>>>>>>>>> ~[org.wso2.carbon.identity.application.authenticator.oidc-5.3.2.jar:?] >>>>>>>>>>>>>>>>>> at >>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>> This error occurred due to engaging the >>>>>>>>>>>>>>>>>> MutualTLSAuthenticator in the token exchange flow. Below >>>>>>>>>>>>>>>>>> check returns list >>>>>>>>>>>>>>>>>> of authenticators greater than one due to engaging this >>>>>>>>>>>>>>>>>> authenticator. It >>>>>>>>>>>>>>>>>> seems during the token exchange flow, we send the >>>>>>>>>>>>>>>>>> certificate in the header >>>>>>>>>>>>>>>>>> which lead to trigger the MutualTLSAuthenticator enable >>>>>>>>>>>>>>>>>> checks and add to >>>>>>>>>>>>>>>>>> the authenticator list. If I removed the mutual >>>>>>>>>>>>>>>>>> authenticator jar, this >>>>>>>>>>>>>>>>>> started to work. >>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>> // Will return an invalid request response if multiple >>>>>>>>>>>>>>>>>> authentication mechanisms are engaged irrespective of >>>>>>>>>>>>>>>>>> // whether the grant type is confidential or not. >>>>>>>>>>>>>>>>>> if >>>>>>>>>>>>>>>>>> (oAuthClientAuthnContext.isMultipleAuthenticatorsEngaged()) { >>>>>>>>>>>>>>>>>> tokenRespDTO = >>>>>>>>>>>>>>>>>> handleError(OAuth2ErrorCodes.INVALID_REQUEST, "The client >>>>>>>>>>>>>>>>>> MUST NOT use more than one " + >>>>>>>>>>>>>>>>>> "authentication method in each", tokenReqDTO); >>>>>>>>>>>>>>>>>> setResponseHeaders(tokReqMsgCtx, tokenRespDTO); >>>>>>>>>>>>>>>>>> triggerPostListeners(tokenReqDTO, tokenRespDTO, >>>>>>>>>>>>>>>>>> tokReqMsgCtx, isRefreshRequest); >>>>>>>>>>>>>>>>>> return tokenRespDTO; >>>>>>>>>>>>>>>>>> } >>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>> Generally people will configure ODIC with external >>>>>>>>>>>>>>>>>> provider and won't encounter this kind of problem. For >>>>>>>>>>>>>>>>>> testing if tried >>>>>>>>>>>>>>>>>> with our IS as OIDC provider, this will leads to trigger the >>>>>>>>>>>>>>>>>> above error. >>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>> Is it required to engage mutual tls authenticator when >>>>>>>>>>>>>>>>>> certificate present? Can't we ship it by default setting to >>>>>>>>>>>>>>>>>> false? >>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>> [1] >>>>>>>>>>>>>>>>>> https://docs.wso2.com/display/AM260/Configuring+Single+Sign-on+with+OpenID+Connect >>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>> Thanks, >>>>>>>>>>>>>>>>>> Harsha >>>>>>>>>>>>>>>>>> -- >>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>> *Harsha Kumara* >>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>> Technical Lead, WSO2 Inc. >>>>>>>>>>>>>>>>>> Mobile: +94775505618 >>>>>>>>>>>>>>>>>> Email: hars...@wso2.coim >>>>>>>>>>>>>>>>>> Blog: harshcreationz.blogspot.com >>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>>> GET INTEGRATION AGILE >>>>>>>>>>>>>>>>>> Integration Agility for Digitally Driven Business >>>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>> -- >>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>> *Harsha Kumara* >>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>> Technical Lead, WSO2 Inc. >>>>>>>>>>>>>>>>> Mobile: +94775505618 >>>>>>>>>>>>>>>>> Email: hars...@wso2.coim >>>>>>>>>>>>>>>>> Blog: harshcreationz.blogspot.com >>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>> GET INTEGRATION AGILE >>>>>>>>>>>>>>>>> Integration Agility for Digitally Driven Business >>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> -- >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> *Harsha Kumara* >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> Technical Lead, WSO2 Inc. >>>>>>>>>>>>>>>> Mobile: +94775505618 >>>>>>>>>>>>>>>> Email: hars...@wso2.coim >>>>>>>>>>>>>>>> Blog: harshcreationz.blogspot.com >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> GET INTEGRATION AGILE >>>>>>>>>>>>>>>> Integration Agility for Digitally Driven Business >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> -- >>>>>>>>>>>>>>> Sathya Bandara >>>>>>>>>>>>>>> Senior Software Engineer >>>>>>>>>>>>>>> Blog: https://medium.com/@technospace >>>>>>>>>>>>>>> WSO2 Inc. http://wso2.com >>>>>>>>>>>>>>> Mobile: (+94) 715 360 421 <+94%2071%20411%205032> >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> <+94%2071%20411%205032> >>>>>>>>>>>>>>> >>>>>>>>>>>>>> >>>>>>>>>>>>>> >>>>>>>>>>>>>> -- >>>>>>>>>>>>>> >>>>>>>>>>>>>> *Harsha Kumara* >>>>>>>>>>>>>> >>>>>>>>>>>>>> Technical Lead, WSO2 Inc. >>>>>>>>>>>>>> Mobile: +94775505618 >>>>>>>>>>>>>> Email: hars...@wso2.coim >>>>>>>>>>>>>> Blog: harshcreationz.blogspot.com >>>>>>>>>>>>>> >>>>>>>>>>>>>> GET INTEGRATION AGILE >>>>>>>>>>>>>> Integration Agility for Digitally Driven Business >>>>>>>>>>>>>> >>>>>>>>>>>>> >>>>>>>>>>>>> >>>>>>>>>>>>> -- >>>>>>>>>>>>> Sathya Bandara >>>>>>>>>>>>> Senior Software Engineer >>>>>>>>>>>>> Blog: https://medium.com/@technospace >>>>>>>>>>>>> WSO2 Inc. http://wso2.com >>>>>>>>>>>>> Mobile: (+94) 715 360 421 <+94%2071%20411%205032> >>>>>>>>>>>>> >>>>>>>>>>>>> <+94%2071%20411%205032> >>>>>>>>>>>>> >>>>>>>>>>>> >>>>>>>>>>>> >>>>>>>>>>>> -- >>>>>>>>>>>> >>>>>>>>>>>> *Harsha Kumara* >>>>>>>>>>>> >>>>>>>>>>>> Technical Lead, WSO2 Inc. >>>>>>>>>>>> Mobile: +94775505618 >>>>>>>>>>>> Email: hars...@wso2.coim >>>>>>>>>>>> Blog: harshcreationz.blogspot.com >>>>>>>>>>>> >>>>>>>>>>>> GET INTEGRATION AGILE >>>>>>>>>>>> Integration Agility for Digitally Driven Business >>>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> -- >>>>>>>>>>> Sathya Bandara >>>>>>>>>>> Senior Software Engineer >>>>>>>>>>> Blog: https://medium.com/@technospace >>>>>>>>>>> WSO2 Inc. http://wso2.com >>>>>>>>>>> Mobile: (+94) 715 360 421 <+94%2071%20411%205032> >>>>>>>>>>> >>>>>>>>>>> <+94%2071%20411%205032> >>>>>>>>>>> >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> -- >>>>>>>>>> >>>>>>>>>> *Harsha Kumara* >>>>>>>>>> >>>>>>>>>> Technical Lead, WSO2 Inc. >>>>>>>>>> Mobile: +94775505618 >>>>>>>>>> Email: hars...@wso2.coim >>>>>>>>>> Blog: harshcreationz.blogspot.com >>>>>>>>>> >>>>>>>>>> GET INTEGRATION AGILE >>>>>>>>>> Integration Agility for Digitally Driven Business >>>>>>>>>> >>>>>>>>> >>>>>>>>> >>>>>>>>> -- >>>>>>>>> >>>>>>>>> *Harsha Kumara* >>>>>>>>> >>>>>>>>> Technical Lead, WSO2 Inc. >>>>>>>>> Mobile: +94775505618 >>>>>>>>> Email: hars...@wso2.coim >>>>>>>>> Blog: harshcreationz.blogspot.com >>>>>>>>> >>>>>>>>> GET INTEGRATION AGILE >>>>>>>>> Integration Agility for Digitally Driven Business >>>>>>>>> >>>>>>>> -- >>>>>>>> Sathya Bandara >>>>>>>> Senior Software Engineer >>>>>>>> Blog: https://medium.com/@technospace >>>>>>>> WSO2 Inc. http://wso2.com >>>>>>>> Mobile: (+94) 715 360 421 <+94%2071%20411%205032> >>>>>>>> >>>>>>>> <+94%2071%20411%205032> >>>>>>>> >>>>>>> >>>>>>> >>>>>>> -- >>>>>>> >>>>>>> *Harsha Kumara* >>>>>>> >>>>>>> Technical Lead, WSO2 Inc. >>>>>>> Mobile: +94775505618 >>>>>>> Email: hars...@wso2.coim >>>>>>> Blog: harshcreationz.blogspot.com >>>>>>> >>>>>>> GET INTEGRATION AGILE >>>>>>> Integration Agility for Digitally Driven Business >>>>>>> >>>>>> >>>>>> >>>>>> -- >>>>>> >>>>>> *Harsha Kumara* >>>>>> >>>>>> Technical Lead, WSO2 Inc. >>>>>> Mobile: +94775505618 >>>>>> Email: hars...@wso2.coim >>>>>> Blog: harshcreationz.blogspot.com >>>>>> >>>>>> GET INTEGRATION AGILE >>>>>> Integration Agility for Digitally Driven Business >>>>>> >>>>> >>>>> >>>>> -- >>>>> Hasintha Indrajee >>>>> WSO2, Inc. >>>>> Mobile:+94 771892453 >>>>> >>>>> >>>> >>>> -- >>>> >>>> *Harsha Kumara* >>>> >>>> Technical Lead, WSO2 Inc. >>>> Mobile: +94775505618 >>>> Email: hars...@wso2.coim >>>> Blog: harshcreationz.blogspot.com >>>> >>>> GET INTEGRATION AGILE >>>> Integration Agility for Digitally Driven Business >>>> >>> >> >> -- >> >> *Harsha Kumara* >> >> Technical Lead, WSO2 Inc. >> Mobile: +94775505618 >> Email: hars...@wso2.coim >> Blog: harshcreationz.blogspot.com >> >> GET INTEGRATION AGILE >> Integration Agility for Digitally Driven Business >> > > > -- > > *Harsha Kumara* > > Technical Lead, WSO2 Inc. > Mobile: +94775505618 > Email: hars...@wso2.coim > Blog: harshcreationz.blogspot.com > > GET INTEGRATION AGILE > Integration Agility for Digitally Driven Business > -- *Ayesha Dissanayaka* Associate Technical Lead WSO2, Inc : http://wso2.com <http://www.google.com/url?q=http%3A%2F%2Fwso2.com&sa=D&sntz=1&usg=AFQjCNEZvyc0uMD1HhBaEGCBxs6e9fBObg> 20, Palm grove Avenue, Colombo 3 E-Mail: aye...@wso2.com <ayshsa...@gmail.com> Mobile: +94713580922
_______________________________________________ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev
