[Dev] [BPS][IS] BPEL faile to pass headers from tenant mode

[Harsha Thirimanna]

Hi ,

We have deployed bpel to BPS in tenant mode and it will call back to IS.
That call back endpoint is admin service in IS. It is fail and says
unauthorized from BPS side and IS side we can't see
the Authorization headers. This is working fine in supper tenant mode.

I checked with BPS 3.2.0
And
BPS 4.4.2 features embeded in IS

I have attached wire logs from BPS for super tenant and a tenant.

In BPS side exception :


TID: [0] [BPS] [2015-10-02 09:09:41,829]  INFO
{org.wso2.carbon.core.services.util.CarbonAuthenticationUtil} -  '
a...@abc.com [1]' logged in at [2015-10-02 09:09:41,828+0530]
{org.wso2.carbon.core.services.util.CarbonAuthenticationUtil}
TID: [0] [BPS] [2015-10-02 09:10:12,129]  INFO
{org.apache.axis2.transport.http.HTTPSender} -  Unable to sendViaPost to
url[https://localhost:9443/services/WorkflowCallbackService]
{org.apache.axis2.transport.http.HTTPSender}
org.apache.axis2.AxisFault: Transport error: 401 Error: Unauthorized
at
org.apache.axis2.transport.http.HTTPSender.handleResponse(HTTPSender.java:308)
at
org.apache.axis2.transport.http.HTTPSender.sendViaPost(HTTPSender.java:194)
at
org.apache.axis2.transport.http.HTTPSender.send(HTTPSender.java:75)
at
org.apache.axis2.transport.http.CommonsHTTPTransportSender.writeMessageWithCommons(CommonsHTTPTransportSender.java:451)
at
org.apache.axis2.transport.http.CommonsHTTPTransportSender.invoke(CommonsHTTPTransportSender.java:278)
at org.apache.axis2.engine.AxisEngine.send(AxisEngine.java:442)
at
org.wso2.carbon.core.multitenancy.transports.TenantTransportSender.invoke(TenantTransportSender.java:198)
at org.apache.axis2.engine.AxisEngine.send(AxisEngine.java:442)
at
org.apache.axis2.description.OutOnlyAxisOperationClient.executeImpl(OutOnlyAxisOperation.java:297)
at
org.apache.axis2.client.OperationClient.execute(OperationClient.java:149)
at
org.wso2.carbon.bpel.core.ode.integration.utils.AxisServiceUtils.invokeService(AxisServiceUtils.java:305)
at
org.wso2.carbon.bpel.core.ode.integration.PartnerService.invoke(PartnerService.java:324)
at
org.wso2.carbon.bpel.core.ode.integration.BPELMessageExchangeContextImpl.invokePartner(BPELMessageExchangeContextImpl.java:43)
at
org.apache.ode.bpel.engine.BpelRuntimeContextImpl.invoke(BpelRuntimeContextImpl.java:793)
at org.apache.ode.bpel.runtime.INVOKE.run(INVOKE.java:130)
at sun.reflect.GeneratedMethodAccessor49.invoke(Unknown Source)
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:606)
at
org.apache.ode.jacob.vpu.JacobVPU$JacobThreadImpl.run(JacobVPU.java:451)
at org.apache.ode.jacob.vpu.JacobVPU.execute(JacobVPU.java:139)
at
org.apache.ode.bpel.engine.BpelRuntimeContextImpl.execute(BpelRuntimeContextImpl.java:898)
at
org.apache.ode.bpel.engine.PartnerLinkMyRoleImpl.invokeInstance(PartnerLinkMyRoleImpl.java:250)
at
org.apache.ode.bpel.engine.BpelProcess$1.invoke(BpelProcess.java:288)
at
org.apache.ode.bpel.engine.BpelProcess.invokeProcess(BpelProcess.java:224)
at
org.apache.ode.bpel.engine.BpelProcess.invokeProcess(BpelProcess.java:279)
at
org.apache.ode.bpel.engine.BpelProcess.handleJobDetails(BpelProcess.java:434)
at
org.apache.ode.bpel.engine.BpelEngineImpl.onScheduledJob(BpelEngineImpl.java:558)
at
org.apache.ode.bpel.engine.BpelServerImpl.onScheduledJob(BpelServerImpl.java:467)
at
org.apache.ode.scheduler.simple.SimpleScheduler$RunJob$1.call(SimpleScheduler.java:536)
at
org.apache.ode.scheduler.simple.SimpleScheduler$RunJob$1.call(SimpleScheduler.java:530)
at
org.apache.ode.scheduler.simple.SimpleScheduler.execTransaction(SimpleScheduler.java:280)
at
org.apache.ode.scheduler.simple.SimpleScheduler.execTransaction(SimpleScheduler.java:235)
at
org.apache.ode.scheduler.simple.SimpleScheduler$RunJob.call(SimpleScheduler.java:530)
at
org.apache.ode.scheduler.simple.SimpleScheduler$RunJob.call(SimpleScheduler.java:514)
at java.util.concurrent.FutureTask.run(FutureTask.java:262)
at
java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
at
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
at java.lang.Thread.run(Thread.java:744)



in IS side


[2015-10-02 09:26:35,045] DEBUG
{org.wso2.carbon.core.services.authentication.BasicAccessAuthenticator} -
 Authorization header missing !!
[2015-10-02 09:26:35,047] DEBUG
{org.wso2.carbon.core.services.authentication.AbstractAuthenticator} -
 Could not retrieve user name for authentication from request
[2015-10-02 09:26:35,048]  WARN
{org.wso2.carbon.server.admin.module.handler.AuthenticationHandler} -
 Illegal access attempt at [2015-10-02 09:26:35,0048] from IP address
127.0.0.1 while trying to authenticate access to 

[Dev] Starting server in debug mode when running tests

[Gothami Abayawickrama]

Hi all,
I need to start the server in debug mode when running tests. Can somebody
help me with this.

Thanks,
Gothami
-- 
*Gothami Abayawickrama*
Software Engineer Intern, WSO2, Inc
Mobile : +(94)717537697
goth...@wso2.com
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

[Dev] [Human Tasks] Listing Human Tasks Completed by a User

[Chamila Wijayarathna]

Hi all,

In IS dashboard gadget for approving/disapproving human tasks, currently we
are only showing tasks which are in the types "ASSIGNED_TO_ME" and
"CLAIMABLE". In the below jira (IDENTITY-3680), it is requested the tasks
completed by a particular user need to be shown in dashboard as well. Is
there a way we can get a list of human tasks completed by the logged in
user?

@Prabath, Johann, Pulasthi,
Since the main idea of the dashboard gadget is to claim/approve/disapprove
tasks, should we show 'completed' tasks at dashboard?

Thanks



-- Forwarded message --
From: Aparna Karunarathna (JIRA) 
Date: Tue, Sep 29, 2015 at 6:59 PM
Subject: [Carbon-jira] [jira] (IDENTITY-3680) Completed task are not
getting listed
To: carbon-j...@wso2.org


Aparna Karunarathna

created [image: Bug] IDENTITY-3680

*Completed task are not getting listed*

*Issue Type:* [image: Bug] Bug *Affects Versions:* 5.1.0-Alpha
*Assignee:* Pulasthi
Mahawithana

*Components:* workflows *Created:* 29/Sep/15 6:58 PM *Description:*

Completed task are not getting listed

Steps to reproduce
1. Create a workflow to approve users and add some user
2. Login to the dashboard and approve those users
3. Completed tasks are not showing
*Environment:*

Pack: Alpha
OS: Debian 8
Java: jdk1.7.0_79
Dep: Standalone
DB: Mysql 5.5.44
Browser: Firefox 40.0/ Chrome 44.0
*Project:* WSO2 Identity Server 
*Priority:* [image: Highest] Highest *Reporter:* Aparna Karunarathna
 This
message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA
administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

___
Carbon-jira mailing list
carbon-j...@wso2.org
https://wso2.org/cgi-bin/mailman/listinfo/carbon-jira




-- 
*Chamila Dilshan Wijayarathna,*
Software Engineer
Mobile:(+94)788193620
WSO2 Inc., http://wso2.com/
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] [BPS][IS] BPEL faile to pass headers from tenant mode

[Harsha Thirimanna]

I have created a Jira for this[1]

[1] https://wso2.org/jira/browse/BPS-888 because we are blocked.


*Harsha Thirimanna*
Senior Software Engineer; WSO2, Inc.; http://wso2.com
* *
*email: **hars...@wso2.com* * cell: +94 71 5186770 *
*twitter: **http://twitter.com/ *
*harshathirimannlinked-in: **http:
**//www.linkedin.com/pub/harsha-thirimanna/10/ab8/122
*

*Lean . Enterprise . Middleware*


On Fri, Oct 2, 2015 at 11:35 AM, Harsha Thirimanna  wrote:

> Hi ,
>
> We have deployed bpel to BPS in tenant mode and it will call back to IS.
> That call back endpoint is admin service in IS. It is fail and says
> unauthorized from BPS side and IS side we can't see
> the Authorization headers. This is working fine in supper tenant mode.
>
> I checked with BPS 3.2.0
> And
> BPS 4.4.2 features embeded in IS
>
> I have attached wire logs from BPS for super tenant and a tenant.
>
> In BPS side exception :
>
>
> TID: [0] [BPS] [2015-10-02 09:09:41,829]  INFO
> {org.wso2.carbon.core.services.util.CarbonAuthenticationUtil} -  '
> a...@abc.com [1]' logged in at [2015-10-02 09:09:41,828+0530]
> {org.wso2.carbon.core.services.util.CarbonAuthenticationUtil}
> TID: [0] [BPS] [2015-10-02 09:10:12,129]  INFO
> {org.apache.axis2.transport.http.HTTPSender} -  Unable to sendViaPost to
> url[https://localhost:9443/services/WorkflowCallbackService]
> {org.apache.axis2.transport.http.HTTPSender}
> org.apache.axis2.AxisFault: Transport error: 401 Error: Unauthorized
> at
> org.apache.axis2.transport.http.HTTPSender.handleResponse(HTTPSender.java:308)
> at
> org.apache.axis2.transport.http.HTTPSender.sendViaPost(HTTPSender.java:194)
> at
> org.apache.axis2.transport.http.HTTPSender.send(HTTPSender.java:75)
> at
> org.apache.axis2.transport.http.CommonsHTTPTransportSender.writeMessageWithCommons(CommonsHTTPTransportSender.java:451)
> at
> org.apache.axis2.transport.http.CommonsHTTPTransportSender.invoke(CommonsHTTPTransportSender.java:278)
> at org.apache.axis2.engine.AxisEngine.send(AxisEngine.java:442)
> at
> org.wso2.carbon.core.multitenancy.transports.TenantTransportSender.invoke(TenantTransportSender.java:198)
> at org.apache.axis2.engine.AxisEngine.send(AxisEngine.java:442)
> at
> org.apache.axis2.description.OutOnlyAxisOperationClient.executeImpl(OutOnlyAxisOperation.java:297)
> at
> org.apache.axis2.client.OperationClient.execute(OperationClient.java:149)
> at
> org.wso2.carbon.bpel.core.ode.integration.utils.AxisServiceUtils.invokeService(AxisServiceUtils.java:305)
> at
> org.wso2.carbon.bpel.core.ode.integration.PartnerService.invoke(PartnerService.java:324)
> at
> org.wso2.carbon.bpel.core.ode.integration.BPELMessageExchangeContextImpl.invokePartner(BPELMessageExchangeContextImpl.java:43)
> at
> org.apache.ode.bpel.engine.BpelRuntimeContextImpl.invoke(BpelRuntimeContextImpl.java:793)
> at org.apache.ode.bpel.runtime.INVOKE.run(INVOKE.java:130)
> at sun.reflect.GeneratedMethodAccessor49.invoke(Unknown Source)
> at
> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
> at java.lang.reflect.Method.invoke(Method.java:606)
> at
> org.apache.ode.jacob.vpu.JacobVPU$JacobThreadImpl.run(JacobVPU.java:451)
> at org.apache.ode.jacob.vpu.JacobVPU.execute(JacobVPU.java:139)
> at
> org.apache.ode.bpel.engine.BpelRuntimeContextImpl.execute(BpelRuntimeContextImpl.java:898)
> at
> org.apache.ode.bpel.engine.PartnerLinkMyRoleImpl.invokeInstance(PartnerLinkMyRoleImpl.java:250)
> at
> org.apache.ode.bpel.engine.BpelProcess$1.invoke(BpelProcess.java:288)
> at
> org.apache.ode.bpel.engine.BpelProcess.invokeProcess(BpelProcess.java:224)
> at
> org.apache.ode.bpel.engine.BpelProcess.invokeProcess(BpelProcess.java:279)
> at
> org.apache.ode.bpel.engine.BpelProcess.handleJobDetails(BpelProcess.java:434)
> at
> org.apache.ode.bpel.engine.BpelEngineImpl.onScheduledJob(BpelEngineImpl.java:558)
> at
> org.apache.ode.bpel.engine.BpelServerImpl.onScheduledJob(BpelServerImpl.java:467)
> at
> org.apache.ode.scheduler.simple.SimpleScheduler$RunJob$1.call(SimpleScheduler.java:536)
> at
> org.apache.ode.scheduler.simple.SimpleScheduler$RunJob$1.call(SimpleScheduler.java:530)
> at
> org.apache.ode.scheduler.simple.SimpleScheduler.execTransaction(SimpleScheduler.java:280)
> at
> org.apache.ode.scheduler.simple.SimpleScheduler.execTransaction(SimpleScheduler.java:235)
> at
> org.apache.ode.scheduler.simple.SimpleScheduler$RunJob.call(SimpleScheduler.java:530)
> at
> org.apache.ode.scheduler.simple.SimpleScheduler$RunJob.call(SimpleScheduler.java:514)
> at 

Re: [Dev] Starting server in debug mode when running tests

[Madusanka Premaratne]

​Hi Gothami,​
​If y​
ou
​need
 to
​ debug test cases,​
 enable maven surefire debug by using
​ the command​
 -Dmaven.surefire.debug

Thanks,
Madusanka

On Fri, Oct 2, 2015 at 11:41 AM, Gothami Abayawickrama 
wrote:

> Hi all,
> I need to start the server in debug mode when running tests. Can somebody
> help me with this.
>
> Thanks,
> Gothami
> --
> *Gothami Abayawickrama*
> Software Engineer Intern, WSO2, Inc
> Mobile : +(94)717537697
> goth...@wso2.com
>
> ___
> Dev mailing list
> Dev@wso2.org
> http://wso2.org/cgi-bin/mailman/listinfo/dev
>
>


-- 
*Madusanka Premaratne* | Associate Software Engineer
WSO2, Inc | lean. enterprise. middleware.
#20, Palm Grove, Colombo 03, Sri Lanka
Mobile: +94 71 835 70 73| Work: +94 112 145 345
Email: madusan...@wso2.com | Web: www.wso2.com

[image: Facebook]  [image: Twitter]
 [image: Google Plus]
 [image:
Linkedin]  [image: Instagram]
 [image: Skype]

___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] Starting server in debug mode when running tests

[Aruna Karunarathna]

On Fri, Oct 2, 2015 at 11:41 AM, Gothami Abayawickrama 
wrote:

> Hi all,
> I need to start the server in debug mode when running tests. Can somebody
> help me with this.
>
you can run the test case in debug mode.  [1]

[1].
http://maven.apache.org/surefire/maven-surefire-plugin/examples/debugging.html

>
> Thanks,
> Gothami
> --
> *Gothami Abayawickrama*
> Software Engineer Intern, WSO2, Inc
> Mobile : +(94)717537697
> goth...@wso2.com
>
> ___
> Dev mailing list
> Dev@wso2.org
> http://wso2.org/cgi-bin/mailman/listinfo/dev
>
>


-- 

*Aruna Sujith Karunarathna *| Software Engineer
WSO2, Inc | lean. enterprise. middleware.
#20, Palm Grove, Colombo 03, Sri Lanka
Mobile: +94 71 9040362 | Work: +94 112145345
Email: ar...@wso2.com | Web: www.wso2.com
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] [VOTE] Release WSO2 BPS 3.5.0 RC2

[Chathura Ekanayake]

[+] Stable - go ahead and release

Thanks,
Chathura

On Fri, Oct 2, 2015 at 11:35 AM, Milinda Perera  wrote:

> Hi,
>
> I did smoke test in clustered setup + depsync with mysql database for BPS,
> UM and registry (config registry and governance)
>
> 1. deploying / undeploying bpel
> 1.1. with several versions
> 1.2. with many (completed)
> 2. deploying / undeploying bpmn and humantasks with versions
> 3. bpel / humantask / bpmn versioning
> 4. bpmn / humantask explorers simple smoke test of basic
> functionalities + load balanced by fronting by nginx with sticky session
> enabled
> 5. Test bpel process cleanup tool
>
> [+] Stable - go ahead and release
>
> Thanks,
> Milinda
>
> On Fri, Oct 2, 2015 at 11:25 AM, Nandika Jayawardana 
> wrote:
>
>> Tested the cluster deployment, dep sync, bpel and bpmn functionality in
>> cluster.
>>
>> [x] Stable- go ahead and release.
>>
>> Regards
>> Nandika
>>
>> On Fri, Oct 2, 2015 at 6:47 AM, Natasha Wijesekara 
>> wrote:
>>
>>> Hi All,
>>>
>>> I tested the  functionalities of the  bpmn-explorer and the human-task
>>> explorer.
>>>
>>> [x] Stable- go ahead and release.
>>>
>>> Thanks,
>>>
>>>
>>> On Fri, Oct 2, 2015 at 2:28 AM, Shiva Balachandran 
>>> wrote:
>>>
 HI All,

 Tested the BPMN functionalites as well as the bpmn explorer. Looks
 amazing!

 ​
 ​
 [+] Stable - go ahead and release

 On Fri, Oct 2, 2015 at 1:10 AM, Hasitha Aravinda 
 wrote:

> Hi
>
> I have tested and Reviewed followings and found no issues.
>
>- INSTALL.txt
>- LICENSE.txt
>- README.txt
>- Tested Server start with MySQL -Dsetup.
>
> BPEL
>
>- Tested Correlation Scenario.
>- Tested Correlation Violation scenario.
>
> HumanTask
>
>- HumanTask creation and basic task commands : Claim, Suspend,
>Resume, Start, Complete, Skip, Fail, Delegate.
>- HumanTask coordination - Process termination and Task Skip
>scenario.
>- HumanTask Notification creation.
>
> BPMN
>
>- Tested Service Tasks, User Tasks, Parallel Gateway,  Exclusive
>Gateway processes.
>
>
> ​
> ​
> [+] Stable - go ahead and release
>
> ​Thanks,
> Hasitha.
>
>
> On Wed, Sep 30, 2015 at 11:03 AM, Firzhan Naqash 
> wrote:
>
>>
>> Hi Devs,
>>
>> *WSO2 BPS 3.5.0 RC2 Release Vote*
>>
>> This release fixes the following issues:
>> https://wso2.org/jira/browse/BPS-604?filter=12415
>>
>> Please download BPS 3.5.0 RC2 and test the functionality and vote.
>> Vote will be open for 72 hours or as needed.
>>
>> Binary distribution at:
>> http://svn.wso2.org/repos/wso2/people/firzhan/packs/bps/3.5.0/RC2/
>>
>> Maven staging repository:
>> http://maven.wso2.org/nexus/content/repositories/orgwso2bps-158/
>>
>> The tag to be voted upon :
>> https://github.com/wso2/product-bps/releases/tag/v3.5.0-RC2
>>
>>
>> [-] Broken - do not release (explain why)
>> ​​
>> [+] Stable - go ahead and release
>>
>> Thanks and Regards,
>> WSO2 BPS Team
>>
>>
>>
>> Regards,
>> Firzhan
>>
>>
>> --
>> *Firzhan Naqash*
>> Senior Software Engineer - Integration Platform Team
>> WSO2 Inc. http://wso2.com
>>
>> email: firz...@wso2.com 
>> mobile: (+94) 77 9785674 <%28%2B94%29%2071%205247551>*|
>> blog: http://firzhanblogger.blogspot.com/
>>   *
>> *twitter: https://twitter.com/firzhan007
>>  | linked-in: 
>> **https://www.linkedin.com/in/firzhan
>> *
>>
>> ___
>> Dev mailing list
>> Dev@wso2.org
>> http://wso2.org/cgi-bin/mailman/listinfo/dev
>>
>>
>
>
> --
> --
> Hasitha Aravinda,
> Senior Software Engineer,
> WSO2 Inc.
> Email: hasi...@wso2.com
> Mobile : +94 718 210 200
>
> ___
> Dev mailing list
> Dev@wso2.org
> http://wso2.org/cgi-bin/mailman/listinfo/dev
>
>


 --
 Shiva Balachandran
 Software Engineer
 WSO2 Inc.

 Mobile - +94 774445788
 Blog - https://shivabalachandran.wordpress.com/

 ___
 Dev mailing list
 Dev@wso2.org
 http://wso2.org/cgi-bin/mailman/listinfo/dev


>>>
>>>
>>> --
>>> *Natasha Wijesekare*
>>>
>>> *Software Engineering Intern, WSO2  Inc:  http://wso2.com
>>> *
>>> *email  : nata...@wso2.com *
>>> *mobile: +94 

Re: [Dev] [UX] [Carbon-jira] [jira] (IDENTITY-3528) Error while adding datepicker for selecting date range with jquery 1.6.0

[Johann Nallathamby]

Hi Dakshika,

Any update on this ? This is kind of a blocker for our Beta release.

Thanks.

On Fri, Sep 25, 2015 at 9:04 AM, Chamila Wijayarathna 
wrote:

> Hi Dakshika,'
>
> The issue can be reproduced in IS-5.1.0-alpha pack which can be downloaded
> from [1].
> The jsp page relevant to this issue is at [2].
> I have described how the issue can be reproduced at the above jira [3].
> Please let me know if you need any further details on this.
>
> Thanks
>
>
> 1. https://github.com/wso2/product-is/releases/tag/v5.1.0-alpha
> 2.
> https://github.com/wso2/carbon-identity/blob/master/components/workflow-mgt/org.wso2.carbon.identity.workflow.mgt.ui/src/main/resources/web/workflow-mgt/wf-request-list.jsp
> 3. https://wso2.org/jira/browse/IDENTITY-3528
>
> On Fri, Sep 25, 2015 at 6:26 AM, Dakshika Jayathilaka 
> wrote:
>
>> Hi Chamila,
>>
>> Yes we can help you on this. Can you share latest pack and other relevant
>> information.
>>
>> Regards,
>>
>> *Dakshika Jayathilaka*
>> PMC Member & Committer of Apache Stratos
>> Senior Software Engineer
>> WSO2, Inc.
>> lean.enterprise.middleware
>> 0771100911
>>
>> On Thu, Sep 24, 2015 at 5:04 PM, Chamila Wijayarathna 
>> wrote:
>>
>>> Hi Dakshika/ UX-team,
>>>
>>> We are having the issue mentioned in IDENTITY-3525, this is a blocker
>>> for IS 5.1.0 release.
>>> Can someone from UX team look into this ASAP?
>>>
>>> Thanks
>>>
>>>
>>> -- Forwarded message --
>>> From: Chamila Wijayarathna (JIRA) 
>>> Date: Fri, Aug 21, 2015 at 4:29 PM
>>> Subject: [Carbon-jira] [jira] (IDENTITY-3528) Error while adding
>>> datepicker for selecting date range with jquery 1.6.0
>>> To: carbon-j...@wso2.org
>>>
>>>
>>> Chamila Wijayarathna
>>> 
>>> created [image: Bug] IDENTITY-3528
>>> 
>>> *Error while adding datepicker for selecting date range with jquery
>>> 1.6.0* 
>>> *Issue Type:* [image: Bug] Bug *Assignee:* Thusitha Kalugamage
>>> 
>>> *Components:* workflows *Created:* 21/Aug/15 4:29 PM *Description:*
>>>
>>> This issue can be reproduced in current master branch of github. In
>>> monitor-> workflow requests page, in date picker there, when onClose called
>>> for one time, calander is not shown again, it shows input field as a test
>>> box.
>>> *Project:* WSO2 Identity Server 
>>> *Priority:* [image: Normal] Normal *Reporter:* Chamila Wijayarathna
>>>  This
>>> message is automatically generated by JIRA.
>>> If you think it was sent incorrectly, please contact your JIRA
>>> administrators
>>> For more information on JIRA, see:
>>> http://www.atlassian.com/software/jira
>>>
>>> ___
>>> Carbon-jira mailing list
>>> carbon-j...@wso2.org
>>> https://wso2.org/cgi-bin/mailman/listinfo/carbon-jira
>>>
>>>
>>>
>>>
>>> --
>>> *Chamila Dilshan Wijayarathna,*
>>> Software Engineer
>>> Mobile:(+94)788193620
>>> WSO2 Inc., http://wso2.com/
>>>
>>
>>
>
>
> --
> *Chamila Dilshan Wijayarathna,*
> Software Engineer
> Mobile:(+94)788193620
> WSO2 Inc., http://wso2.com/
>



-- 
Thanks & Regards,

*Johann Dilantha Nallathamby*
Technical Lead & Product Lead of WSO2 Identity Server
Governance Technologies Team
WSO2, Inc.
lean.enterprise.middleware

Mobile - *+9476950*
Blog - *http://nallaa.wordpress.com *
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] Starting server in debug mode when running tests

[Krishantha Samaraweera]

Hi Gothami,

On Fri, Oct 2, 2015 at 11:41 AM, Gothami Abayawickrama 
wrote:

> Hi all,
> I need to start the server in debug mode when running tests. Can somebody
> help me with this.
>

Are you trying to debug integration tests ? if yes, you can use
-Dsurefire.debug option to debug surefire process.

To debug product components set debug port for CarbonServerExtension in
automation.xml



org.wso2.carbon.automation.extensions.servers.carbonserver.CarbonServerExtension


   

Thanks,
Krishantha.

Thanks,
> Gothami
> --
> *Gothami Abayawickrama*
> Software Engineer Intern, WSO2, Inc
> Mobile : +(94)717537697
> goth...@wso2.com
>
> ___
> Dev mailing list
> Dev@wso2.org
> http://wso2.org/cgi-bin/mailman/listinfo/dev
>
>


-- 
Krishantha Samaraweera
Senior Technical Lead - Test Automation
Mobile: +94 77 7759918
WSO2, Inc.; http://wso2.com/
lean . enterprise . middleware.
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] [APIM] ScriptEngine Error after updating jaggery to 0.10.0

[Madusanka Premaratne]

Hi All,
The issue is due to incorrectly designed orbit bundles and solved by
excluding those from bin.xml

Thanks,
Madusanka

On Wed, Sep 16, 2015 at 9:45 AM, Madusanka Premaratne 
wrote:

> Hi UES team,
> I am getting following error intermittently. Which pops out from
> org.wso2.carbon.forum.registry.RegistryForumManager. As per my observations
> the particular package is visible to osgi.
>
> The OSGI outputs as follows.
>
> osgi> p org.wso2.carbon.forum.registry
> org.wso2.carbon.forum.registry;
> version="0.0.0"
>
> osgi> b 227
> org.wso2.carbon.forum_4.3.0.SNAPSHOT [227]
>   Id=227, Status=ACTIVE  Data
> Root=/Users/Maduz/Documents/API-MANAGER/Github/madusankapremaratne/product-apim/modules/distribution/product/target/wso2am-1.10.0-SNAPSHOT/repository/components/default/configuration/org.eclipse.osgi/bundles/227/data
>   "Registered Services"
> {org.wso2.carbon.utils.Axis2ConfigurationContextObserver}={service.id
> =152}
>   Services in use:
> {org.wso2.carbon.registry.core.service.RegistryService,
> org.wso2.carbon.registry.api.RegistryService}={service.id=149}
> {org.wso2.carbon.user.core.service.RealmService,
> org.wso2.carbon.user.api.UserRealmService}={service.id=143}
>   Exported packages
> org.wso2.carbon.forum; version="0.0.0"[exported]
> org.wso2.carbon.forum.dto; version="0.0.0"[exported]
> org.wso2.carbon.forum.registry; version="0.0.0"[exported]
>   Imported packages
> javax.xml.namespace;
> version="0.0.0"
> org.apache.axis2.context; version="1.6.1.wso2v14" [14]>
> org.apache.commons.logging;
> version="1.2.0"
> org.osgi.framework;
> version="1.7.0"
> org.osgi.service.component;
> version="1.2.0"
> org.wso2.carbon.context; version="4.4.1" [456]>
> org.wso2.carbon.governance.api.exception;
> version="0.0.0"
> org.wso2.carbon.governance.api.generic;
> version="0.0.0"
> org.wso2.carbon.governance.api.generic.dataobjects;
> version="0.0.0"
> org.wso2.carbon.governance.api.util;
> version="0.0.0"
> org.wso2.carbon.registry.core;
> version="1.0.1"
> org.wso2.carbon.registry.core.config;
> version="1.0.1"
> org.wso2.carbon.registry.core.exceptions;
> version="1.0.1"
> org.wso2.carbon.registry.core.jdbc.realm;
> version="1.0.1"
> org.wso2.carbon.registry.core.pagination;
> version="1.0.1"
> org.wso2.carbon.registry.core.service;
> version="1.0.1"
> org.wso2.carbon.registry.core.session;
> version="1.0.1"
> org.wso2.carbon.registry.core.utils;
> version="1.0.1"
> org.wso2.carbon.user.api;
> version="1.0.1"
> org.wso2.carbon.user.core;
> version="4.4.1"
> org.wso2.carbon.user.core.service;
> version="4.4.1"
> org.wso2.carbon.user.core.tenant;
> version="4.4.1"
> org.wso2.carbon.utils; version="4.4.1" [456]>
> org.wso2.carbon.utils.multitenancy;
> version="4.4.1"
>   No fragment bundles
>   Named class space
> org.wso2.carbon.forum; bundle-version="4.3.0.SNAPSHOT"[provided]
>   No required bundles
>
>
> The error I am getting is,
> [2015-09-16 09:29:17,190] ERROR - WebAppManager
> org.mozilla.javascript.EcmaError: TypeError: [JavaPackage
> org.wso2.carbon.forum.registry.RegistryForumManager] is not a function, it
> is object. (/store/site/blocks/forum/controller/topics.jag#45)
> org.jaggeryjs.scriptengine.exceptions.ScriptException:
> org.mozilla.javascript.EcmaError: TypeError: [JavaPackage
> org.wso2.carbon.forum.registry.RegistryForumManager] is not a function, it
> is object. (/store/site/blocks/forum/controller/topics.jag#45)
> at
> org.jaggeryjs.scriptengine.engine.RhinoEngine.execScript(RhinoEngine.java:571)
> at org.jaggeryjs.scriptengine.engine.RhinoEngine.exec(RhinoEngine.java:273)
> at
> org.jaggeryjs.jaggery.core.manager.WebAppManager.exec(WebAppManager.java:587)
> at
> org.jaggeryjs.jaggery.core.manager.WebAppManager.execute(WebAppManager.java:507)
> at org.jaggeryjs.jaggery.core.JaggeryServlet.doGet(JaggeryServlet.java:24)
> at javax.servlet.http.HttpServlet.service(HttpServlet.java:620)
> at javax.servlet.http.HttpServlet.service(HttpServlet.java:727)
> at
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:303)
> at
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
> at
> org.apache.catalina.core.ApplicationDispatcher.invoke(ApplicationDispatcher.java:748)
> at
> org.apache.catalina.core.ApplicationDispatcher.processRequest(ApplicationDispatcher.java:486)
> at
> org.apache.catalina.core.ApplicationDispatcher.doForward(ApplicationDispatcher.java:378)
> at
> org.apache.catalina.core.ApplicationDispatcher.forward(ApplicationDispatcher.java:338)
> at org.jaggeryjs.jaggery.core.JaggeryFilter.doFilter(JaggeryFilter.java:21)
> at
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
> at
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
> at 

Re: [Dev] Building docker images with PPaaS build scripts

[Pubudu Gunatilaka]

Hi Danushka,

I cannot think of any other solution for this. There are know issues in
docker[1] for this.

[1] - https://github.com/docker/docker/issues/10021

Thank you!

On Fri, Oct 2, 2015 at 11:05 AM, Danushka Fernando 
wrote:

> Your command freed up around 20G+ thanks. But still 28G is used.
>
> Thanks & Regards
> Danushka Fernando
> Senior Software Engineer
> WSO2 inc. http://wso2.com/
> Mobile : +94716332729
>
> On Fri, Oct 2, 2015 at 11:04 AM, Danushka Fernando 
> wrote:
>
>> Hi Pubudu
>> Here is the response of the *docker images* command
>>
>> REPOSITORY  TAG IMAGE ID
>> CREATED VIRTUAL SIZE
>> wso2/as 5.2.1   8dcdb94efc8d12 hours
>> ago1.294 GB
>> wso2/base-image 4.1.0   a972772832d616 hours
>> ago701.8 MB
>> 4d65ea1cc96417 hours
>> ago701.1 MB
>> 90d819958e2e18 hours
>> ago701.1 MB
>> 56639f5aff0018 hours
>> ago701.1 MB
>> debian  7.7 479215127fa79 months
>> ago84.97 MB
>>
>> But after I build the as image it ate 50G+ my disk space. That's the only
>> thing I did there.
>>
>> Thanks & Regards
>> Danushka Fernando
>> Senior Software Engineer
>> WSO2 inc. http://wso2.com/
>> Mobile : +94716332729
>>
>> On Fri, Oct 2, 2015 at 10:00 AM, Pubudu Gunatilaka 
>> wrote:
>>
>>> Hi Danushka,
>>>
>>> Are you having docker images with  tag? You can remove those
>>> images using the following command.
>>>
>>> *docker rmi $(docker images | grep "^" | awk "{print $3}")*
>>>
>>> If you have run docker containers in your machine, there can be
>>> containers that are stopped but not removed. You can verify that using 
>>> *docker
>>> ps -a* command and use the following command to remove stopped docker
>>> containers.
>>>
>>> *docker rm `docker ps --no-trunc -aq`*
>>>
>>> Thank you!
>>>
>>>
>>> On Fri, Oct 2, 2015 at 7:31 AM, Danushka Fernando 
>>> wrote:
>>>
 When we run PPaaS build.sh it takes lots of disk space and sometimes
 machine tends to go out of disk space. How we can resolve this?

 Thanks & Regards
 Danushka Fernando
 Senior Software Engineer
 WSO2 inc. http://wso2.com/
 Mobile : +94716332729

 ___
 Dev mailing list
 Dev@wso2.org
 http://wso2.org/cgi-bin/mailman/listinfo/dev


>>>
>>>
>>> --
>>> *Pubudu Gunatilaka*
>>> Committer and PMC Member - Apache Stratos
>>> Software Engineer
>>> WSO2, Inc.: http://wso2.com
>>> mobile : +94774079049 <%2B94772207163>
>>>
>>>
>>
>


-- 
*Pubudu Gunatilaka*
Committer and PMC Member - Apache Stratos
Software Engineer
WSO2, Inc.: http://wso2.com
mobile : +94774079049 <%2B94772207163>
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] Building docker images with PPaaS build scripts

[Danushka Fernando]

After exporting I deleted the image so it released 12GB. But it,s just 1G
image. And if we import it its only taking 1G

Thanks & Regards
Danushka Fernando
Senior Software Engineer
WSO2 inc. http://wso2.com/
Mobile : +94716332729

On Fri, Oct 2, 2015 at 12:08 PM, Pubudu Gunatilaka  wrote:

> Hi Danushka,
>
> I cannot think of any other solution for this. There are know issues in
> docker[1] for this.
>
> [1] - https://github.com/docker/docker/issues/10021
>
> Thank you!
>
> On Fri, Oct 2, 2015 at 11:05 AM, Danushka Fernando 
> wrote:
>
>> Your command freed up around 20G+ thanks. But still 28G is used.
>>
>> Thanks & Regards
>> Danushka Fernando
>> Senior Software Engineer
>> WSO2 inc. http://wso2.com/
>> Mobile : +94716332729
>>
>> On Fri, Oct 2, 2015 at 11:04 AM, Danushka Fernando 
>> wrote:
>>
>>> Hi Pubudu
>>> Here is the response of the *docker images* command
>>>
>>> REPOSITORY  TAG IMAGE ID
>>> CREATED VIRTUAL SIZE
>>> wso2/as 5.2.1   8dcdb94efc8d12 hours
>>> ago1.294 GB
>>> wso2/base-image 4.1.0   a972772832d616 hours
>>> ago701.8 MB
>>> 4d65ea1cc96417 hours
>>> ago701.1 MB
>>> 90d819958e2e18 hours
>>> ago701.1 MB
>>> 56639f5aff0018 hours
>>> ago701.1 MB
>>> debian  7.7 479215127fa79 months
>>> ago84.97 MB
>>>
>>> But after I build the as image it ate 50G+ my disk space. That's the
>>> only thing I did there.
>>>
>>> Thanks & Regards
>>> Danushka Fernando
>>> Senior Software Engineer
>>> WSO2 inc. http://wso2.com/
>>> Mobile : +94716332729
>>>
>>> On Fri, Oct 2, 2015 at 10:00 AM, Pubudu Gunatilaka 
>>> wrote:
>>>
 Hi Danushka,

 Are you having docker images with  tag? You can remove those
 images using the following command.

 *docker rmi $(docker images | grep "^" | awk "{print $3}")*

 If you have run docker containers in your machine, there can be
 containers that are stopped but not removed. You can verify that using 
 *docker
 ps -a* command and use the following command to remove stopped docker
 containers.

 *docker rm `docker ps --no-trunc -aq`*

 Thank you!


 On Fri, Oct 2, 2015 at 7:31 AM, Danushka Fernando 
 wrote:

> When we run PPaaS build.sh it takes lots of disk space and sometimes
> machine tends to go out of disk space. How we can resolve this?
>
> Thanks & Regards
> Danushka Fernando
> Senior Software Engineer
> WSO2 inc. http://wso2.com/
> Mobile : +94716332729
>
> ___
> Dev mailing list
> Dev@wso2.org
> http://wso2.org/cgi-bin/mailman/listinfo/dev
>
>


 --
 *Pubudu Gunatilaka*
 Committer and PMC Member - Apache Stratos
 Software Engineer
 WSO2, Inc.: http://wso2.com
 mobile : +94774079049 <%2B94772207163>


>>>
>>
>
>
> --
> *Pubudu Gunatilaka*
> Committer and PMC Member - Apache Stratos
> Software Engineer
> WSO2, Inc.: http://wso2.com
> mobile : +94774079049 <%2B94772207163>
>
>
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] [Human Tasks] Listing Human Tasks Completed by a User

[Vinod Kavinda]

Hi Chamila,
You can use SimpleQuery operatin in HumanTaskClientAPIAdmin service. Invoke
this operation in the same way you used to claimable status with
"COMPLETED" as the status.
 You can find a sample code in [1] line no 64.

[1] -
https://github.com/wso2/carbon-business-process/blob/master/components/humantask/humantask-explorer-web/src/web/js/WSHTRequest.js#L64

Regards,
Vinod Kavinda

On Fri, Oct 2, 2015 at 11:44 AM, Chamila Wijayarathna 
wrote:

> Hi all,
>
> In IS dashboard gadget for approving/disapproving human tasks, currently
> we are only showing tasks which are in the types "ASSIGNED_TO_ME" and
> "CLAIMABLE". In the below jira (IDENTITY-3680), it is requested the tasks
> completed by a particular user need to be shown in dashboard as well. Is
> there a way we can get a list of human tasks completed by the logged in
> user?
>
> @Prabath, Johann, Pulasthi,
> Since the main idea of the dashboard gadget is to claim/approve/disapprove
> tasks, should we show 'completed' tasks at dashboard?
>
> Thanks
>
>
>
> -- Forwarded message --
> From: Aparna Karunarathna (JIRA) 
> Date: Tue, Sep 29, 2015 at 6:59 PM
> Subject: [Carbon-jira] [jira] (IDENTITY-3680) Completed task are not
> getting listed
> To: carbon-j...@wso2.org
>
>
> Aparna Karunarathna
> 
> created [image: Bug] IDENTITY-3680
> 
> *Completed task are not getting listed*
> 
> *Issue Type:* [image: Bug] Bug *Affects Versions:* 5.1.0-Alpha *Assignee:* 
> Pulasthi
> Mahawithana
> 
> *Components:* workflows *Created:* 29/Sep/15 6:58 PM *Description:*
>
> Completed task are not getting listed
>
> Steps to reproduce
> 1. Create a workflow to approve users and add some user
> 2. Login to the dashboard and approve those users
> 3. Completed tasks are not showing
> *Environment:*
>
> Pack: Alpha
> OS: Debian 8
> Java: jdk1.7.0_79
> Dep: Standalone
> DB: Mysql 5.5.44
> Browser: Firefox 40.0/ Chrome 44.0
> *Project:* WSO2 Identity Server 
> *Priority:* [image: Highest] Highest *Reporter:* Aparna Karunarathna
>  This
> message is automatically generated by JIRA.
> If you think it was sent incorrectly, please contact your JIRA
> administrators
> For more information on JIRA, see: http://www.atlassian.com/software/jira
>
> ___
> Carbon-jira mailing list
> carbon-j...@wso2.org
> https://wso2.org/cgi-bin/mailman/listinfo/carbon-jira
>
>
>
>
> --
> *Chamila Dilshan Wijayarathna,*
> Software Engineer
> Mobile:(+94)788193620
> WSO2 Inc., http://wso2.com/
>



-- 
Vinod Kavinda
Software Engineer
*WSO2 Inc. - lean . enterprise . middleware .*
Mobile : +94 (0) 712 415544
Blog : http://soatechflicks.blogspot.com/
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] [BPS][IS] BPEL faile to pass headers from tenant mode

[Vinod Kavinda]

Hi Harsha,
I observed the requests using tcpMon(Used http). Seem to be it contains the
basic author headers in both tenant and super tenant mode. Please see the
attached logs.

Regards,
Vinod

On Fri, Oct 2, 2015 at 11:47 AM, Harsha Thirimanna  wrote:

> I have created a Jira for this[1]
>
> [1] https://wso2.org/jira/browse/BPS-888 because we are blocked.
>
>
> *Harsha Thirimanna*
> Senior Software Engineer; WSO2, Inc.; http://wso2.com
> * *
> *email: **hars...@wso2.com* * cell: +94 71 5186770 *
> *twitter: **http://twitter.com/ *
> *harshathirimannlinked-in: **http:
> **//www.linkedin.com/pub/harsha-thirimanna/10/ab8/122
> *
>
> *Lean . Enterprise . Middleware*
>
>
> On Fri, Oct 2, 2015 at 11:35 AM, Harsha Thirimanna 
> wrote:
>
>> Hi ,
>>
>> We have deployed bpel to BPS in tenant mode and it will call back to IS.
>> That call back endpoint is admin service in IS. It is fail and says
>> unauthorized from BPS side and IS side we can't see
>> the Authorization headers. This is working fine in supper tenant mode.
>>
>> I checked with BPS 3.2.0
>> And
>> BPS 4.4.2 features embeded in IS
>>
>> I have attached wire logs from BPS for super tenant and a tenant.
>>
>> In BPS side exception :
>>
>>
>> TID: [0] [BPS] [2015-10-02 09:09:41,829]  INFO
>> {org.wso2.carbon.core.services.util.CarbonAuthenticationUtil} -  '
>> a...@abc.com [1]' logged in at [2015-10-02 09:09:41,828+0530]
>> {org.wso2.carbon.core.services.util.CarbonAuthenticationUtil}
>> TID: [0] [BPS] [2015-10-02 09:10:12,129]  INFO
>> {org.apache.axis2.transport.http.HTTPSender} -  Unable to sendViaPost to
>> url[https://localhost:9443/services/WorkflowCallbackService]
>> {org.apache.axis2.transport.http.HTTPSender}
>> org.apache.axis2.AxisFault: Transport error: 401 Error: Unauthorized
>> at
>> org.apache.axis2.transport.http.HTTPSender.handleResponse(HTTPSender.java:308)
>> at
>> org.apache.axis2.transport.http.HTTPSender.sendViaPost(HTTPSender.java:194)
>> at
>> org.apache.axis2.transport.http.HTTPSender.send(HTTPSender.java:75)
>> at
>> org.apache.axis2.transport.http.CommonsHTTPTransportSender.writeMessageWithCommons(CommonsHTTPTransportSender.java:451)
>> at
>> org.apache.axis2.transport.http.CommonsHTTPTransportSender.invoke(CommonsHTTPTransportSender.java:278)
>> at org.apache.axis2.engine.AxisEngine.send(AxisEngine.java:442)
>> at
>> org.wso2.carbon.core.multitenancy.transports.TenantTransportSender.invoke(TenantTransportSender.java:198)
>> at org.apache.axis2.engine.AxisEngine.send(AxisEngine.java:442)
>> at
>> org.apache.axis2.description.OutOnlyAxisOperationClient.executeImpl(OutOnlyAxisOperation.java:297)
>> at
>> org.apache.axis2.client.OperationClient.execute(OperationClient.java:149)
>> at
>> org.wso2.carbon.bpel.core.ode.integration.utils.AxisServiceUtils.invokeService(AxisServiceUtils.java:305)
>> at
>> org.wso2.carbon.bpel.core.ode.integration.PartnerService.invoke(PartnerService.java:324)
>> at
>> org.wso2.carbon.bpel.core.ode.integration.BPELMessageExchangeContextImpl.invokePartner(BPELMessageExchangeContextImpl.java:43)
>> at
>> org.apache.ode.bpel.engine.BpelRuntimeContextImpl.invoke(BpelRuntimeContextImpl.java:793)
>> at org.apache.ode.bpel.runtime.INVOKE.run(INVOKE.java:130)
>> at sun.reflect.GeneratedMethodAccessor49.invoke(Unknown Source)
>> at
>> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
>> at java.lang.reflect.Method.invoke(Method.java:606)
>> at
>> org.apache.ode.jacob.vpu.JacobVPU$JacobThreadImpl.run(JacobVPU.java:451)
>> at org.apache.ode.jacob.vpu.JacobVPU.execute(JacobVPU.java:139)
>> at
>> org.apache.ode.bpel.engine.BpelRuntimeContextImpl.execute(BpelRuntimeContextImpl.java:898)
>> at
>> org.apache.ode.bpel.engine.PartnerLinkMyRoleImpl.invokeInstance(PartnerLinkMyRoleImpl.java:250)
>> at
>> org.apache.ode.bpel.engine.BpelProcess$1.invoke(BpelProcess.java:288)
>> at
>> org.apache.ode.bpel.engine.BpelProcess.invokeProcess(BpelProcess.java:224)
>> at
>> org.apache.ode.bpel.engine.BpelProcess.invokeProcess(BpelProcess.java:279)
>> at
>> org.apache.ode.bpel.engine.BpelProcess.handleJobDetails(BpelProcess.java:434)
>> at
>> org.apache.ode.bpel.engine.BpelEngineImpl.onScheduledJob(BpelEngineImpl.java:558)
>> at
>> org.apache.ode.bpel.engine.BpelServerImpl.onScheduledJob(BpelServerImpl.java:467)
>> at
>> org.apache.ode.scheduler.simple.SimpleScheduler$RunJob$1.call(SimpleScheduler.java:536)
>> at
>> org.apache.ode.scheduler.simple.SimpleScheduler$RunJob$1.call(SimpleScheduler.java:530)
>> at
>> 

[Dev] Creating topics and queues with spaces

[Thilanka Bowala]

Hi All,

Current MB allows to create topics and queues with blank spaces in the
middle of their names. Shouldn't this be restricted?

Any comments would be highly appreciated.

Thank you.
-- 
Thilanka Bowala
Software Engineer Intern
Mobile : +94 (0) 710 403098
thila...@wso2.com
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] [BPS][IS] BPEL faile to pass headers from tenant mode

[Harsha Thirimanna]

Did you see my wire logs ? It doesn't have any, what that mean. That is
same bpel package we are using that you gave


*Harsha Thirimanna*
Senior Software Engineer; WSO2, Inc.; http://wso2.com
* *
*email: **hars...@wso2.com* * cell: +94 71 5186770 *
*twitter: **http://twitter.com/ *
*harshathirimannlinked-in: **http:
**//www.linkedin.com/pub/harsha-thirimanna/10/ab8/122
*

*Lean . Enterprise . Middleware*


On Fri, Oct 2, 2015 at 6:17 PM, Vinod Kavinda  wrote:

> Hi Harsha,
> I observed the requests using tcpMon(Used http). Seem to be it contains
> the basic author headers in both tenant and super tenant mode. Please see
> the attached logs.
>
> Regards,
> Vinod
>
> On Fri, Oct 2, 2015 at 11:47 AM, Harsha Thirimanna 
> wrote:
>
>> I have created a Jira for this[1]
>>
>> [1] https://wso2.org/jira/browse/BPS-888 because we are blocked.
>>
>>
>> *Harsha Thirimanna*
>> Senior Software Engineer; WSO2, Inc.; http://wso2.com
>> * *
>> *email: **hars...@wso2.com* * cell: +94 71 5186770 *
>> *twitter: **http://twitter.com/ *
>> *harshathirimannlinked-in: **http:
>> **//www.linkedin.com/pub/harsha-thirimanna/10/ab8/122
>> *
>>
>> *Lean . Enterprise . Middleware*
>>
>>
>> On Fri, Oct 2, 2015 at 11:35 AM, Harsha Thirimanna 
>> wrote:
>>
>>> Hi ,
>>>
>>> We have deployed bpel to BPS in tenant mode and it will call back to IS.
>>> That call back endpoint is admin service in IS. It is fail and says
>>> unauthorized from BPS side and IS side we can't see
>>> the Authorization headers. This is working fine in supper tenant mode.
>>>
>>> I checked with BPS 3.2.0
>>> And
>>> BPS 4.4.2 features embeded in IS
>>>
>>> I have attached wire logs from BPS for super tenant and a tenant.
>>>
>>> In BPS side exception :
>>>
>>>
>>> TID: [0] [BPS] [2015-10-02 09:09:41,829]  INFO
>>> {org.wso2.carbon.core.services.util.CarbonAuthenticationUtil} -  '
>>> a...@abc.com [1]' logged in at [2015-10-02 09:09:41,828+0530]
>>> {org.wso2.carbon.core.services.util.CarbonAuthenticationUtil}
>>> TID: [0] [BPS] [2015-10-02 09:10:12,129]  INFO
>>> {org.apache.axis2.transport.http.HTTPSender} -  Unable to sendViaPost to
>>> url[https://localhost:9443/services/WorkflowCallbackService]
>>> {org.apache.axis2.transport.http.HTTPSender}
>>> org.apache.axis2.AxisFault: Transport error: 401 Error: Unauthorized
>>> at
>>> org.apache.axis2.transport.http.HTTPSender.handleResponse(HTTPSender.java:308)
>>> at
>>> org.apache.axis2.transport.http.HTTPSender.sendViaPost(HTTPSender.java:194)
>>> at
>>> org.apache.axis2.transport.http.HTTPSender.send(HTTPSender.java:75)
>>> at
>>> org.apache.axis2.transport.http.CommonsHTTPTransportSender.writeMessageWithCommons(CommonsHTTPTransportSender.java:451)
>>> at
>>> org.apache.axis2.transport.http.CommonsHTTPTransportSender.invoke(CommonsHTTPTransportSender.java:278)
>>> at org.apache.axis2.engine.AxisEngine.send(AxisEngine.java:442)
>>> at
>>> org.wso2.carbon.core.multitenancy.transports.TenantTransportSender.invoke(TenantTransportSender.java:198)
>>> at org.apache.axis2.engine.AxisEngine.send(AxisEngine.java:442)
>>> at
>>> org.apache.axis2.description.OutOnlyAxisOperationClient.executeImpl(OutOnlyAxisOperation.java:297)
>>> at
>>> org.apache.axis2.client.OperationClient.execute(OperationClient.java:149)
>>> at
>>> org.wso2.carbon.bpel.core.ode.integration.utils.AxisServiceUtils.invokeService(AxisServiceUtils.java:305)
>>> at
>>> org.wso2.carbon.bpel.core.ode.integration.PartnerService.invoke(PartnerService.java:324)
>>> at
>>> org.wso2.carbon.bpel.core.ode.integration.BPELMessageExchangeContextImpl.invokePartner(BPELMessageExchangeContextImpl.java:43)
>>> at
>>> org.apache.ode.bpel.engine.BpelRuntimeContextImpl.invoke(BpelRuntimeContextImpl.java:793)
>>> at org.apache.ode.bpel.runtime.INVOKE.run(INVOKE.java:130)
>>> at sun.reflect.GeneratedMethodAccessor49.invoke(Unknown Source)
>>> at
>>> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
>>> at java.lang.reflect.Method.invoke(Method.java:606)
>>> at
>>> org.apache.ode.jacob.vpu.JacobVPU$JacobThreadImpl.run(JacobVPU.java:451)
>>> at org.apache.ode.jacob.vpu.JacobVPU.execute(JacobVPU.java:139)
>>> at
>>> org.apache.ode.bpel.engine.BpelRuntimeContextImpl.execute(BpelRuntimeContextImpl.java:898)
>>> at
>>> org.apache.ode.bpel.engine.PartnerLinkMyRoleImpl.invokeInstance(PartnerLinkMyRoleImpl.java:250)
>>> at
>>> 

Re: [Dev] [UES][Dashboard Server] Dashboard anonymous view landing page

[Udara Rathnayake]

Thanks for the feedback lasantha and nipuna.
I'm +1 to make the landing page anon if there are any anon views defined in
other pages. Let's stick to that.

On Fri, Oct 2, 2015 at 9:15 AM, Nipuna Chandradasa  wrote:

> Hi Udara,
>
> As Lasantha said that making the landing page an anon view should be
> mandatory if there are anon views available under the that landing page
> even the landing page doesn't have anon content to view.
>
> I think this is a good idea because it is not that great to have child
> pages which has anon view but the user cannot access the main view. At
> Least if there are no content to show under the landing page to a user (
> Which is not that great if it mandatory to make the landing page anon view)
> at least we can show a message saying which pages are anon views and have
> the anon content.
>
> Thanks.
>
> On Fri, Oct 2, 2015 at 8:46 AM, Lasantha Samarakoon 
> wrote:
>
>> Hi Udara,
>>
>> Can't we show the actual landing page even though the anon view is not
>> defined? So if the landing page doesn't have a anon view, then we can show
>> some message with all other links to accessible pages (Same as what we have
>> in regular websites. Once you logged in you have more features, otherwise
>> limited. But the home page is home page).
>>
>> In your first option, the problem is that if the developer couldn't
>> define the anon view landing page, ultimately the dashboard is not
>> accessible for any anon user unless he knows the direct url for a page.
>> Then there's no point of introducing the anon view for such scenarios.
>>
>> In the second option, as you mentioned it actually breaks the concept
>> behind a landing page. And know one can define what will be the actual
>> landing page in such situation.
>>
>> Or else we can emphasis (or make it mandatory) the developer to define a
>> anon view for the landing page in the designer if there are any anon pages
>> for the dashboard.
>>
>>
>> Regards,
>>
>>
>> *Lasantha Samarakoon* | Software Engineer
>> WSO2, Inc.
>> #20, Palm Grove, Colombo 03, Sri Lanka
>> Mobile: +94 (71) 214 1576
>> Email:  lasant...@wso2.com
>> Web:www.wso2.com
>>
>> lean . enterprise . middleware
>>
>> On Thu, Oct 1, 2015 at 8:10 PM, Udara Rathnayake  wrote:
>>
>>> Hi All,
>>>
>>> At the moment we have a landing page (which developer can select while
>>> creating the dashboard) and this is the page end-user will initially get
>>> once he/she browse the dashboard.
>>>
>>> So for the anonymous view of the dashboard, we are going to use the same
>>> landing page's anon view(if exists) else user will be redirected to the
>>> login page.
>>> This approach will basically need developer to have a anon view within
>>> the landing page if there are anon views for other pages.
>>>
>>> Otherwise we can go through existing pages and check existence of anon
>>> views first and then render. This approach will deviate from the landing
>>> page concept a bit.
>>>
>>> Any thoughts?
>>>
>>> Regards,
>>> UdaraR
>>>
>>
>>
>> ___
>> Dev mailing list
>> Dev@wso2.org
>> http://wso2.org/cgi-bin/mailman/listinfo/dev
>>
>>
>
>
> --
> Nipuna Marcus
> *Software Engineer*
> WSO2 Inc.
> http://wso2.com/ - "lean . enterprise . middleware"
> Mobile : +94 (0) 713 667906
> nipu...@wso2.com
>
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] [APIM] Issue when automating API subscription workflow

[Irham Iqbal]

Adding Sanjeewa and Lalaji

On Fri, Oct 2, 2015 at 12:35 PM, Irham Iqbal  wrote:

> Hi,
>
> I am automating the API subscription workflow [1] under the topic
> "Engaging WS Workflow Executor in the API Manager" 3rd point when I
> subscribe to an API and invoke it before approve the subscription task
> APIM returns[2] which is expected because subscription task is not
> approved yet.
> But after approved the subscription task when i invoke the service it's
> still returning the same. I think it's because of caching, because If I
> invoke the service only after approve the subscription task it's working
> fine, also if I restart the server it's working fine
>
> [1]https://docs.wso2.com/display/AM190/Adding+an+API+Subscription+Workflow
> [2]
> 900909
> The subscription to the API is inactive
> 
> Access failure for API: /api4/1.0.0, version: 1.0.0 with key:
> a355845c9fb415ae7d531231ecfc5d2
> 
> 
>
> Thanks,
> Iqbal
> --
> Irham Iqbal
> Software Engineer - Test Automation
> WSO2, Inc.: http://wso2.com
> lean. enterprise. middleware
> phone: +94 777888452
>



-- 
Irham Iqbal
Software Engineer - Test Automation
WSO2, Inc.: http://wso2.com
lean. enterprise. middleware
phone: +94 777888452
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] [Human Tasks] Listing Human Tasks Completed by a User

[Hasitha Aravinda]

You can have multiple  elements in request.

eg:

COMPLETED
RESERVED
IN-PROGRESS

Thanks,
Hasitha.



On Fri, Oct 2, 2015 at 2:09 PM, Chamila Wijayarathna 
wrote:

> Hi Hasitha/Vinod,
>
> Thanks, by using
>
> http://schemas.xmlsoap.org/soap/envelope/;
> xmlns:ns="
> http://docs.oasis-open.org/ns/bpel4people/ws-humantask/api/200803;
> xmlns:ns1="
> http://docs.oasis-open.org/ns/bpel4people/ws-humantask/types/200803;>
>
>
>   
>  
> 
> COMPLETED
> 10
> 
> 0
> 
>
> ASSIGNED_TO_ME
>  
>   
>
> 
>
> as you have suggested, I could get the COMPLETED tasks of the logged in
> user.
>
> Is there a way to get COMPLETED, RESERVED and IN-PROGRESS tasks of
> ASSIGNED_TO_ME in one service call?
>
> Thanks
>
> On Fri, Oct 2, 2015 at 1:10 PM, Hasitha Aravinda  wrote:
>
>> Correct category is ASSIGNED_TO_ME and use status filter COMPLETED in
>> SimpleQuery.
>>
>> Thanks,
>> Hasitha.
>>
>> On Fri, Oct 2, 2015 at 12:41 PM, Vinod Kavinda  wrote:
>>
>>> Hi Chamila,
>>> Sorry I made a mistake, You can't do this in the same way as Claimable.
>>> Use the SimpleQuery in  HumanTaskClientAPIAdmin. Use the sample given.
>>>
>>> Thank You
>>> Vinod
>>>
>>> On Fri, Oct 2, 2015 at 12:22 PM, Vinod Kavinda  wrote:
>>>
 Hi Chamila,
 You can use SimpleQuery operatin in HumanTaskClientAPIAdmin service.
 Invoke this operation in the same way you used to claimable status with
 "COMPLETED" as the status.
  You can find a sample code in [1] line no 64.

 [1] -
 https://github.com/wso2/carbon-business-process/blob/master/components/humantask/humantask-explorer-web/src/web/js/WSHTRequest.js#L64

 Regards,
 Vinod Kavinda

 On Fri, Oct 2, 2015 at 11:44 AM, Chamila Wijayarathna  wrote:

> Hi all,
>
> In IS dashboard gadget for approving/disapproving human tasks,
> currently we are only showing tasks which are in the types 
> "ASSIGNED_TO_ME"
> and "CLAIMABLE". In the below jira (IDENTITY-3680), it is requested the
> tasks completed by a particular user need to be shown in dashboard as 
> well.
> Is there a way we can get a list of human tasks completed by the logged in
> user?
>
> @Prabath, Johann, Pulasthi,
> Since the main idea of the dashboard gadget is to
> claim/approve/disapprove tasks, should we show 'completed' tasks at
> dashboard?
>
> Thanks
>
>
>
> -- Forwarded message --
> From: Aparna Karunarathna (JIRA) 
> Date: Tue, Sep 29, 2015 at 6:59 PM
> Subject: [Carbon-jira] [jira] (IDENTITY-3680) Completed task are not
> getting listed
> To: carbon-j...@wso2.org
>
>
> Aparna Karunarathna
> 
> created [image: Bug] IDENTITY-3680
> 
> *Completed task are not getting listed*
> 
> *Issue Type:* [image: Bug] Bug *Affects Versions:* 5.1.0-Alpha
> *Assignee:* Pulasthi Mahawithana
> 
> *Components:* workflows *Created:* 29/Sep/15 6:58 PM *Description:*
>
> Completed task are not getting listed
>
> Steps to reproduce
> 1. Create a workflow to approve users and add some user
> 2. Login to the dashboard and approve those users
> 3. Completed tasks are not showing
> *Environment:*
>
> Pack: Alpha
> OS: Debian 8
> Java: jdk1.7.0_79
> Dep: Standalone
> DB: Mysql 5.5.44
> Browser: Firefox 40.0/ Chrome 44.0
> *Project:* WSO2 Identity Server
>  *Priority:* [image: Highest]
> Highest *Reporter:* Aparna Karunarathna
>  
> This
> message is automatically generated by JIRA.
> If you think it was sent incorrectly, please contact your JIRA
> administrators
> For more information on JIRA, see:
> http://www.atlassian.com/software/jira
>
> ___
> Carbon-jira mailing list
> carbon-j...@wso2.org
> https://wso2.org/cgi-bin/mailman/listinfo/carbon-jira
>
>
>
>
> --
> *Chamila Dilshan Wijayarathna,*
> Software Engineer
> Mobile:(+94)788193620
> WSO2 Inc., http://wso2.com/
>



 --
 Vinod Kavinda
 Software Engineer
 *WSO2 Inc. - lean . enterprise . middleware .*
 Mobile : +94 (0) 712 415544
 Blog : http://soatechflicks.blogspot.com/


>>>
>>>
>>> --
>>> Vinod Kavinda
>>> Software Engineer
>>> *WSO2 Inc. - lean . enterprise . middleware 

[Dev] [DEV][MB][MQTT] How to handle permission denied to subscribe a topic due to tenancy

[Pumudu Ruhunage]

Hi All,

If a tenant don't have permission to subscribe to a given topic (tenant '
a.com' try to subscribe to tenant 'b.com') currently it will keep connected
even though it's not subscribed, because user authentication was
successful. This is misleading to subscriber as no return code sent and
it's actively connected to broker.
AFAIK mqtt don't define how to handle tenancy scenarios in it's spec.
Couldn't find a definition in MQTT spec 3.1.0/3.1.1 on how to reject if
permission denied to subscribe to a given topic(due to tenancy).

One option to handle this scenario is to send return code 5 (Connection
Refused, not authorized) to client if it doesn't have permission to
subscribe to given topic. This way client will disconnect if it don't have
permission to subscribe. Is this acceptable or are there any alternatives
to handle this scenario?

jira https://wso2.org/jira/browse/MB-1409

Thanks,
Pumudu
-- 
Pumudu Ruhunage
Associate Software Engineer | WSO2 Inc
M: +94 779 664493  | http://wso2.com
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] [APIM] Issue when automating API subscription workflow

[Dinithi De Silva]

Hi Irham,

Did you disable caching? If not try disabling the caching. Refer to the
document [1].

[1] -
https://docs.wso2.com/display/AM191/Configuring+Caching#ConfiguringCaching-Responsecache

Thanks.

On Fri, Oct 2, 2015 at 12:35 PM, Irham Iqbal  wrote:

> Hi,
>
> I am automating the API subscription workflow [1] under the topic
> "Engaging WS Workflow Executor in the API Manager" 3rd point when I
> subscribe to an API and invoke it before approve the subscription task
> APIM returns[2] which is expected because subscription task is not
> approved yet.
> But after approved the subscription task when i invoke the service it's
> still returning the same. I think it's because of caching, because If I
> invoke the service only after approve the subscription task it's working
> fine, also if I restart the server it's working fine
>
> [1]https://docs.wso2.com/display/AM190/Adding+an+API+Subscription+Workflow
> [2]
> 900909
> The subscription to the API is inactive
> 
> Access failure for API: /api4/1.0.0, version: 1.0.0 with key:
> a355845c9fb415ae7d531231ecfc5d2
> 
> 
>
> Thanks,
> Iqbal
> --
> Irham Iqbal
> Software Engineer - Test Automation
> WSO2, Inc.: http://wso2.com
> lean. enterprise. middleware
> phone: +94 777888452
>
> ___
> Dev mailing list
> Dev@wso2.org
> http://wso2.org/cgi-bin/mailman/listinfo/dev
>
>


-- 
*Dinithi De Silva*
Associate Software Engineer, WSO2 Inc.
m:+94716667655 | e:dinit...@wso2.com | w: www.wso2.com
| a: #20, Palm Grove, Colombo 03
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] [IS] - Unable to decrypt the SAML Assertion When Authenticating to Travelocity app

[Ishara Karunarathna]

Hi Nadeesha,

On Fri, Oct 2, 2015 at 3:04 PM, Darshana Gunawardana 
wrote:

> Hi Nadeesha,
>
> Have you checked whether the assertion is encrypted in the response IS
> send back to travelocity app?
>
> And please provide the SSO Trace (save as a text file and attach in the
> mail) for the whole flow.
>
> Thanks,
> Darshana
>
> On Fri, Oct 2, 2015 at 2:53 PM, Nadeesha Meegoda 
> wrote:
>
>> Hi.
>>
>> I have configured the setup to Login to the Identity Server Using Another
>> Identity Server as per the details in [1] in Super tenant mode. With the
>> happy scenario according to the documentation this works fine. But I have
>> enabled some additional properties in IDP and SP used for IDP as following :
>>
>> *Properties enabled for Federated Authenticators* - SAML2 Web SSO
>> Configuration
>>
>> 1. Enabled Assertion Encryption
>> 2. Enable Assertion Signing
>> 3. Enable Authentication Response Signing
>>
>> *Properties enabled fo SP used for IDP *
>>
>> 1. Enabled Assertion Encryption
>> 2. Enabled Response Signing
>>
>> *Properties enabled fo SP used for travelocity app*
>>
>> 1. Enabled Assertion Encryption
>>
> What is the Certificate Alias you used here ?
is that the public key in travelocity app ?

> 2. Enabled Response Signing
>>
>> In the travelocity.properties file also I have enabled Assertion
>> Encryption,Response signing and Assertion signing. I have already imported
>> the Identity Provider Public Certificate to IDP
>>
>> When I'm signing in to travelocity.com I get Unable to decrypt the SAML
>> Assertion error and error in [2] in tomcat.
>>
>> Note that only enabling "assertion signing" in IDP I was successfully
>> able to login and no error was displayed. When I enabled the Assertion
>> Encryption this error occurred. Why is this error occurred when I enable
>> this property as mentioned above?
>>
>> Any help regarding this is highly appreciated!
>>
>>
>>
>> [1] -
>> https://docs.wso2.com/pages/viewpage.action?title=Login%2Bto%2Bthe%2BIdentity%2BServer%2BUsing%2BAnother%2BIdentity%2BServer=IS510
>>
>> [2] - Oct 02, 2015 2:10:47 PM
>> org.wso2.carbon.identity.sso.agent.SSOAgentFilter doFilter
>> SEVERE: An error has occurred
>> org.wso2.carbon.identity.sso.agent.exception.SSOAgentException: Unable to
>> decrypt the SAML Assertion
>> at
>> org.wso2.carbon.identity.sso.agent.saml.SAML2SSOManager.processSSOResponse(SAML2SSOManager.java:254)
>> at
>> org.wso2.carbon.identity.sso.agent.saml.SAML2SSOManager.processResponse(SAML2SSOManager.java:198)
>> at
>> org.wso2.carbon.identity.sso.agent.SSOAgentFilter.doFilter(SSOAgentFilter.java:89)
>> at
>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
>> at
>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
>> at
>> org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:220)
>> at
>> org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:122)
>> at
>> org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:505)
>> at
>> org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:170)
>> at
>> org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:103)
>> at
>> org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:956)
>> at
>> org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:116)
>> at
>> org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:423)
>> at
>> org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1079)
>> at
>> org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:625)
>> at
>> org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:318)
>> at
>> java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
>> at
>> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
>> at
>> org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
>> at java.lang.Thread.run(Thread.java:745)
>>
>>
>>
>>
>> Thanks!
>> --
>> *Nadeesha Meegoda*
>> Software Engineer - QA
>> WSO2 Inc.; http://wso2.com
>> lean.enterprise.middleware
>> email : nadees...@wso2.com
>> mobile: +94783639540
>> <%2B94%2077%202273555>
>>
>
>
>
> --
> Regards,
>
>
> *Darshana Gunawardana*Senior Software Engineer
> WSO2 Inc.; http://wso2.com
>
> *E-mail: darsh...@wso2.com *
> *Mobile: +94718566859 <%2B94718566859>*Lean . Enterprise . Middleware
>



-- 
Ishara Karunarathna
Senior Software Engineer
WSO2 Inc. - lean . enterprise . middleware |  wso2.com

email: isha...@wso2.com,   blog: isharaaruna.blogspot.com,   mobile:
+94717996791

Re: [Dev] [IS] - Unable to decrypt the SAML Assertion When Authenticating to Travelocity app

[Nadeesha Meegoda]

Hi Darshana,

Yes the response is encrypted. Sending the SAML sso trace attached with the
mail.

@Ishara I used wso2carbon as the certificate alias since I'm using the
default key stores and also I'm testing this in super tenant mode.  Do I
need to import the public certificate of the private key of travelocity app
to IS keystores in super tenant mode?

On Fri, Oct 2, 2015 at 3:19 PM, Ishara Karunarathna 
wrote:

> Hi Nadeesha,
>
> On Fri, Oct 2, 2015 at 3:04 PM, Darshana Gunawardana 
> wrote:
>
>> Hi Nadeesha,
>>
>> Have you checked whether the assertion is encrypted in the response IS
>> send back to travelocity app?
>>
>> And please provide the SSO Trace (save as a text file and attach in the
>> mail) for the whole flow.
>>
>> Thanks,
>> Darshana
>>
>> On Fri, Oct 2, 2015 at 2:53 PM, Nadeesha Meegoda 
>> wrote:
>>
>>> Hi.
>>>
>>> I have configured the setup to Login to the Identity Server Using
>>> Another Identity Server as per the details in [1] in Super tenant mode.
>>> With the happy scenario according to the documentation this works fine. But
>>> I have enabled some additional properties in IDP and SP used for IDP as
>>> following :
>>>
>>> *Properties enabled for Federated Authenticators* - SAML2 Web SSO
>>> Configuration
>>>
>>> 1. Enabled Assertion Encryption
>>> 2. Enable Assertion Signing
>>> 3. Enable Authentication Response Signing
>>>
>>> *Properties enabled fo SP used for IDP *
>>>
>>> 1. Enabled Assertion Encryption
>>> 2. Enabled Response Signing
>>>
>>> *Properties enabled fo SP used for travelocity app*
>>>
>>> 1. Enabled Assertion Encryption
>>>
>> What is the Certificate Alias you used here ?
> is that the public key in travelocity app ?
>
>> 2. Enabled Response Signing
>>>
>>> In the travelocity.properties file also I have enabled Assertion
>>> Encryption,Response signing and Assertion signing. I have already imported
>>> the Identity Provider Public Certificate to IDP
>>>
>>> When I'm signing in to travelocity.com I get Unable to decrypt the SAML
>>> Assertion error and error in [2] in tomcat.
>>>
>>> Note that only enabling "assertion signing" in IDP I was successfully
>>> able to login and no error was displayed. When I enabled the Assertion
>>> Encryption this error occurred. Why is this error occurred when I enable
>>> this property as mentioned above?
>>>
>>> Any help regarding this is highly appreciated!
>>>
>>>
>>>
>>> [1] -
>>> https://docs.wso2.com/pages/viewpage.action?title=Login%2Bto%2Bthe%2BIdentity%2BServer%2BUsing%2BAnother%2BIdentity%2BServer=IS510
>>>
>>> [2] - Oct 02, 2015 2:10:47 PM
>>> org.wso2.carbon.identity.sso.agent.SSOAgentFilter doFilter
>>> SEVERE: An error has occurred
>>> org.wso2.carbon.identity.sso.agent.exception.SSOAgentException: Unable
>>> to decrypt the SAML Assertion
>>> at
>>> org.wso2.carbon.identity.sso.agent.saml.SAML2SSOManager.processSSOResponse(SAML2SSOManager.java:254)
>>> at
>>> org.wso2.carbon.identity.sso.agent.saml.SAML2SSOManager.processResponse(SAML2SSOManager.java:198)
>>> at
>>> org.wso2.carbon.identity.sso.agent.SSOAgentFilter.doFilter(SSOAgentFilter.java:89)
>>> at
>>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
>>> at
>>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
>>> at
>>> org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:220)
>>> at
>>> org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:122)
>>> at
>>> org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:505)
>>> at
>>> org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:170)
>>> at
>>> org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:103)
>>> at
>>> org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:956)
>>> at
>>> org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:116)
>>> at
>>> org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:423)
>>> at
>>> org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1079)
>>> at
>>> org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:625)
>>> at
>>> org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:318)
>>> at
>>> java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
>>> at
>>> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
>>> at
>>> org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
>>> at java.lang.Thread.run(Thread.java:745)
>>>
>>>
>>>
>>>
>>> Thanks!
>>> --
>>> *Nadeesha Meegoda*
>>> Software Engineer - QA
>>> WSO2 Inc.; http://wso2.com
>>> 

Re: [Dev] [UX] [Carbon-jira] [jira] (IDENTITY-3528) Error while adding datepicker for selecting date range with jquery 1.6.0

[Dakshika Jayathilaka]

Hi,

please use below format on this.

$("input.DateFrom").datepicker({
minDate: 13
});

*minDate* can be data, number or string

Regards,

*Dakshika Jayathilaka*
PMC Member & Committer of Apache Stratos
Senior Software Engineer
WSO2, Inc.
lean.enterprise.middleware
0771100911

On Fri, Oct 2, 2015 at 11:53 AM, Johann Nallathamby  wrote:

> Hi Dakshika,
>
> Any update on this ? This is kind of a blocker for our Beta release.
>
> Thanks.
>
> On Fri, Sep 25, 2015 at 9:04 AM, Chamila Wijayarathna 
> wrote:
>
>> Hi Dakshika,'
>>
>> The issue can be reproduced in IS-5.1.0-alpha pack which can be
>> downloaded from [1].
>> The jsp page relevant to this issue is at [2].
>> I have described how the issue can be reproduced at the above jira [3].
>> Please let me know if you need any further details on this.
>>
>> Thanks
>>
>>
>> 1. https://github.com/wso2/product-is/releases/tag/v5.1.0-alpha
>> 2.
>> https://github.com/wso2/carbon-identity/blob/master/components/workflow-mgt/org.wso2.carbon.identity.workflow.mgt.ui/src/main/resources/web/workflow-mgt/wf-request-list.jsp
>> 3. https://wso2.org/jira/browse/IDENTITY-3528
>>
>> On Fri, Sep 25, 2015 at 6:26 AM, Dakshika Jayathilaka 
>> wrote:
>>
>>> Hi Chamila,
>>>
>>> Yes we can help you on this. Can you share latest pack and other
>>> relevant information.
>>>
>>> Regards,
>>>
>>> *Dakshika Jayathilaka*
>>> PMC Member & Committer of Apache Stratos
>>> Senior Software Engineer
>>> WSO2, Inc.
>>> lean.enterprise.middleware
>>> 0771100911
>>>
>>> On Thu, Sep 24, 2015 at 5:04 PM, Chamila Wijayarathna 
>>> wrote:
>>>
 Hi Dakshika/ UX-team,

 We are having the issue mentioned in IDENTITY-3525, this is a blocker
 for IS 5.1.0 release.
 Can someone from UX team look into this ASAP?

 Thanks


 -- Forwarded message --
 From: Chamila Wijayarathna (JIRA) 
 Date: Fri, Aug 21, 2015 at 4:29 PM
 Subject: [Carbon-jira] [jira] (IDENTITY-3528) Error while adding
 datepicker for selecting date range with jquery 1.6.0
 To: carbon-j...@wso2.org


 Chamila Wijayarathna
 
 created [image: Bug] IDENTITY-3528
 
 *Error while adding datepicker for selecting date range with jquery
 1.6.0* 
 *Issue Type:* [image: Bug] Bug *Assignee:* Thusitha Kalugamage
 
 *Components:* workflows *Created:* 21/Aug/15 4:29 PM *Description:*

 This issue can be reproduced in current master branch of github. In
 monitor-> workflow requests page, in date picker there, when onClose called
 for one time, calander is not shown again, it shows input field as a test
 box.
 *Project:* WSO2 Identity Server 
 *Priority:* [image: Normal] Normal *Reporter:* Chamila Wijayarathna
  
 This
 message is automatically generated by JIRA.
 If you think it was sent incorrectly, please contact your JIRA
 administrators
 For more information on JIRA, see:
 http://www.atlassian.com/software/jira

 ___
 Carbon-jira mailing list
 carbon-j...@wso2.org
 https://wso2.org/cgi-bin/mailman/listinfo/carbon-jira




 --
 *Chamila Dilshan Wijayarathna,*
 Software Engineer
 Mobile:(+94)788193620
 WSO2 Inc., http://wso2.com/

>>>
>>>
>>
>>
>> --
>> *Chamila Dilshan Wijayarathna,*
>> Software Engineer
>> Mobile:(+94)788193620
>> WSO2 Inc., http://wso2.com/
>>
>
>
>
> --
> Thanks & Regards,
>
> *Johann Dilantha Nallathamby*
> Technical Lead & Product Lead of WSO2 Identity Server
> Governance Technologies Team
> WSO2, Inc.
> lean.enterprise.middleware
>
> Mobile - *+9476950*
> Blog - *http://nallaa.wordpress.com *
>
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] [IS] - Unable to decrypt the SAML Assertion When Authenticating to Travelocity app

[Darshana Gunawardana]

Hi Nadeesha,

Have you checked whether the assertion is encrypted in the response IS send
back to travelocity app?

And please provide the SSO Trace (save as a text file and attach in the
mail) for the whole flow.

Thanks,
Darshana

On Fri, Oct 2, 2015 at 2:53 PM, Nadeesha Meegoda  wrote:

> Hi.
>
> I have configured the setup to Login to the Identity Server Using Another
> Identity Server as per the details in [1] in Super tenant mode. With the
> happy scenario according to the documentation this works fine. But I have
> enabled some additional properties in IDP and SP used for IDP as following :
>
> *Properties enabled for Federated Authenticators* - SAML2 Web SSO
> Configuration
>
> 1. Enabled Assertion Encryption
> 2. Enable Assertion Signing
> 3. Enable Authentication Response Signing
>
> *Properties enabled fo SP used for IDP *
>
> 1. Enabled Assertion Encryption
> 2. Enabled Response Signing
>
> *Properties enabled fo SP used for travelocity app*
>
> 1. Enabled Assertion Encryption
> 2. Enabled Response Signing
>
> In the travelocity.properties file also I have enabled Assertion
> Encryption,Response signing and Assertion signing. I have already imported
> the Identity Provider Public Certificate to IDP
>
> When I'm signing in to travelocity.com I get Unable to decrypt the SAML
> Assertion error and error in [2] in tomcat.
>
> Note that only enabling "assertion signing" in IDP I was successfully able
> to login and no error was displayed. When I enabled the Assertion
> Encryption this error occurred. Why is this error occurred when I enable
> this property as mentioned above?
>
> Any help regarding this is highly appreciated!
>
>
>
> [1] -
> https://docs.wso2.com/pages/viewpage.action?title=Login%2Bto%2Bthe%2BIdentity%2BServer%2BUsing%2BAnother%2BIdentity%2BServer=IS510
>
> [2] - Oct 02, 2015 2:10:47 PM
> org.wso2.carbon.identity.sso.agent.SSOAgentFilter doFilter
> SEVERE: An error has occurred
> org.wso2.carbon.identity.sso.agent.exception.SSOAgentException: Unable to
> decrypt the SAML Assertion
> at
> org.wso2.carbon.identity.sso.agent.saml.SAML2SSOManager.processSSOResponse(SAML2SSOManager.java:254)
> at
> org.wso2.carbon.identity.sso.agent.saml.SAML2SSOManager.processResponse(SAML2SSOManager.java:198)
> at
> org.wso2.carbon.identity.sso.agent.SSOAgentFilter.doFilter(SSOAgentFilter.java:89)
> at
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
> at
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
> at
> org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:220)
> at
> org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:122)
> at
> org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:505)
> at
> org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:170)
> at
> org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:103)
> at
> org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:956)
> at
> org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:116)
> at
> org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:423)
> at
> org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1079)
> at
> org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:625)
> at
> org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:318)
> at
> java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
> at
> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
> at
> org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
> at java.lang.Thread.run(Thread.java:745)
>
>
>
>
> Thanks!
> --
> *Nadeesha Meegoda*
> Software Engineer - QA
> WSO2 Inc.; http://wso2.com
> lean.enterprise.middleware
> email : nadees...@wso2.com
> mobile: +94783639540
> <%2B94%2077%202273555>
>



-- 
Regards,


*Darshana Gunawardana*Senior Software Engineer
WSO2 Inc.; http://wso2.com

*E-mail: darsh...@wso2.com *
*Mobile: +94718566859*Lean . Enterprise . Middleware
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] Building docker images with PPaaS build scripts

[Imesh Gunaratne]

+1 for what Pubudu has proposed.

This is a common problem that happens when working with Docker. It takes
considerable amount of disk space when large docker images are imported in
to the local docker registry, when there are dangling images [1] and when
there are stopped docker containers. Cleaning them should save disk space.

[1]
http://www.projectatomic.io/blog/2015/07/what-are-docker-none-none-images/

On Fri, Oct 2, 2015 at 12:10 PM, Danushka Fernando 
wrote:

> After exporting I deleted the image so it released 12GB. But it,s just 1G
> image. And if we import it its only taking 1G
>
> Thanks & Regards
> Danushka Fernando
> Senior Software Engineer
> WSO2 inc. http://wso2.com/
> Mobile : +94716332729
>
> On Fri, Oct 2, 2015 at 12:08 PM, Pubudu Gunatilaka 
> wrote:
>
>> Hi Danushka,
>>
>> I cannot think of any other solution for this. There are know issues in
>> docker[1] for this.
>>
>> [1] - https://github.com/docker/docker/issues/10021
>>
>> Thank you!
>>
>> On Fri, Oct 2, 2015 at 11:05 AM, Danushka Fernando 
>> wrote:
>>
>>> Your command freed up around 20G+ thanks. But still 28G is used.
>>>
>>> Thanks & Regards
>>> Danushka Fernando
>>> Senior Software Engineer
>>> WSO2 inc. http://wso2.com/
>>> Mobile : +94716332729
>>>
>>> On Fri, Oct 2, 2015 at 11:04 AM, Danushka Fernando 
>>> wrote:
>>>
 Hi Pubudu
 Here is the response of the *docker images* command

 REPOSITORY  TAG IMAGE ID
 CREATED VIRTUAL SIZE
 wso2/as 5.2.1   8dcdb94efc8d12 hours
 ago1.294 GB
 wso2/base-image 4.1.0   a972772832d616 hours
 ago701.8 MB
 4d65ea1cc96417 hours
 ago701.1 MB
 90d819958e2e18 hours
 ago701.1 MB
 56639f5aff0018 hours
 ago701.1 MB
 debian  7.7 479215127fa79 months
 ago84.97 MB

 But after I build the as image it ate 50G+ my disk space. That's the
 only thing I did there.

 Thanks & Regards
 Danushka Fernando
 Senior Software Engineer
 WSO2 inc. http://wso2.com/
 Mobile : +94716332729

 On Fri, Oct 2, 2015 at 10:00 AM, Pubudu Gunatilaka 
 wrote:

> Hi Danushka,
>
> Are you having docker images with  tag? You can remove those
> images using the following command.
>
> *docker rmi $(docker images | grep "^" | awk "{print $3}")*
>
> If you have run docker containers in your machine, there can be
> containers that are stopped but not removed. You can verify that using 
> *docker
> ps -a* command and use the following command to remove stopped docker
> containers.
>
> *docker rm `docker ps --no-trunc -aq`*
>
> Thank you!
>
>
> On Fri, Oct 2, 2015 at 7:31 AM, Danushka Fernando 
> wrote:
>
>> When we run PPaaS build.sh it takes lots of disk space and sometimes
>> machine tends to go out of disk space. How we can resolve this?
>>
>> Thanks & Regards
>> Danushka Fernando
>> Senior Software Engineer
>> WSO2 inc. http://wso2.com/
>> Mobile : +94716332729
>>
>> ___
>> Dev mailing list
>> Dev@wso2.org
>> http://wso2.org/cgi-bin/mailman/listinfo/dev
>>
>>
>
>
> --
> *Pubudu Gunatilaka*
> Committer and PMC Member - Apache Stratos
> Software Engineer
> WSO2, Inc.: http://wso2.com
> mobile : +94774079049 <%2B94772207163>
>
>

>>>
>>
>>
>> --
>> *Pubudu Gunatilaka*
>> Committer and PMC Member - Apache Stratos
>> Software Engineer
>> WSO2, Inc.: http://wso2.com
>> mobile : +94774079049 <%2B94772207163>
>>
>>
>


-- 
*Imesh Gunaratne*
Senior Technical Lead
WSO2 Inc: http://wso2.com
T: +94 11 214 5345 M: +94 77 374 2057
W: http://imesh.gunaratne.org
Lean . Enterprise . Middleware
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] [Vote] Release WSO2 Carbon Kernel 4.4.2 RC1

[Indika Sampath]

Hi Johann,

I have avoid creating role for each tmp queue when subscription adding to
non durable topic. Now we only create one internal role by topic name and
assign subscribe, publish and changePermission. Please find the PR [1]. We
have build a MB 3.0.0-SNAPSHOT pack with all latest changes including PR
[1] and check again with MSSQL. But we still encounter same dead-lock
issue. We are only adding 5 subscription at once. We have 2 node cluster
setup. Just add 2 subscription to node1 and 3 subscription to node2. It
seems root cause is not because of creating tmp role for each subscription.
Now we are adding patch given by Indunil, and check whether it resolve the
issue and update mail.

[1] https://github.com/wso2/carbon-business-messaging/pull/170

Cheers!

On Fri, Oct 2, 2015 at 5:08 PM, Johann Nallathamby  wrote:

> Hi All,
>
> We had a discussion involving MB team members and IS team members.
>
> Summary of the discussion:
>
> Possibility of deadlocks occurring have drastically reduced in MySQL and
> Oracle with the patches given so far and tested with high levels of
> concurrency. Only MSSQL gives deadlocks and that too for very small
> concurrency levels. In our experience we have in fact encountered several
> deadlocking issues with MSSQL setups previously also in certain other
> scenarios, and had to move to a non DB solution.
>
> At this moment we have fixed the code level issues which we have found so
> far. Beyond this it may be hard to find issues at code level. The fixes
> done so far also, doesn't completely eliminate the possibility of a
> deadlock; they only reduce it to a large extent, but that level doesn't
> seem to be enough for MSSQL. From our side we will look into profiling this
> use case on MSSQL server.
>
> If we are to completely eliminate deadlocking we will have to lock the
> tables which we haven't done as a practice because it will drastically
> reduce performance. Other option available is for the MB code to recover
> from the specific exception by retrying.
>
> However during the discussion there were several problems raised regarding
> implementation of topics.
>
> MB uses internal roles and permissions in user kernel to authorize access
> to Topics and Queues.
>
> First we figured out that permission (resource + action) are being created
> for each subscription (queues or topics). And for each subscription an
> internal role is also being created. The creation of permission seems
> redundant, because the resource name actually has a one-to-one
> correspondence with the role name (resource name can be derived from role
> name), and action can contain only 3 values, publish, subscribe and
> changePermission. Every time a new subscription is added a new role and 3
> new permissions are added for that subscription which is unwanted overhead.
> Every time a subscription is deleted the corresponding role and 3
> permissions are deleted. In a high load scenario there are many DB calls
> going on which effects performance drastically.
>
> In this case what we discussed with Indika is that, the permissions can be
> fixed to publish, subscribe and changePermission; they can be added
> through component.xml and will appear in the permission tree as well. Only
> the internal role can be created and those 3 permissions assigned. This way
> we are adding and deleting the internal role only and not doing any
> operations to the UM_PERMISSION  table which will reduce a lot of DB calls.
>
> The problem happens only for topics and not for queues, because in queues
> you don't seem to be creating roles or permissions per subscription. But
> for topics you do that and that seems to be executing huge amount of DB
> calls on the user-mgt tables to add and remove roles and permissions.
>
> Further when we discussed we also pointed out that creating an internal
> role per topic subscription is an unwanted overhead. Normally we create
> roles if we are going to assign a set of users to it. Using internal roles
> for queues seems correct. The use case requires users other than the
> subscriber to be added to the role for that topic. In case of topics, as
> per the implementation, you create a role per subscription (internally
> create a temp queue) and and assign the subscriber to it. As per Indika and
> Hasitha there is no use case to assign other users to it. The only
> requirement is to keep track of the user who subscribed to that temp queue.
> In this case creating a role as well as 3 permissions for it is
> unnecessary. You can just keep the name of the user along with the
> subscription/temp queue name in the metadata table that MB has.
>
> Please look into these options. As per IS team's understanding
> improvements along these lines will give a substantial improvement. We can
> help you in implementing these changes.
>
> Regards,
> Johann.
>
>
>
> On Thu, Oct 1, 2015 at 2:36 PM, Manuri Amaya Perera 
> wrote:
>
>> Hi Indunil,
>>
>> As I understand, 

Re: [Dev] [PPaaS] private-paas-cartridges repository structure

[Thanuja Uruththirakodeeswaran]

Hi All,

We have folder for base-image and inside that we have a folder called
'docker' for docker base image. In the VM scenario, we are using
init-scripts to create the vm base image. So what if we move the
init-scripts folder inside /common/base-image/vm/ path?

├── common
│   ├── base-image
│   │   └── docker
│   ├── common-plugins
│   │   ├── wso2-cleanup-handler.py
│   │   └── wso2-cleanup-handler.yapsy-plugin
│   ├── configurator
│   │   ├── live-test
│   │   ├── org.wso2.ppaas.cartridges.common.configurator.iml
│   │   ├── pom.xml
│   │   ├── README.md
│   │   ├── src
│   │   └── target
│   ├── init-scripts
│   │   ├── ec2
│   │   ├── gce
│   │   ├── openstack
│   │   ├── README.md
│   │   └── vcloud

Thanks.

On Thu, Oct 1, 2015 at 6:32 PM, Reka Thirunavukkarasu  wrote:

> Hi Gayan
>
> On Thu, Oct 1, 2015 at 6:16 PM, Gayan Gunarathne  wrote:
>
>>
>>
>> On Thu, Oct 1, 2015 at 6:06 PM, Reka Thirunavukkarasu 
>> wrote:
>>
>>> Hi
>>>
>>> Shall we maintain an installer as well(specially for VM cartridges) in
>>> this repository to quickly create specific cartridges in puppet? What this
>>> installer could do is,
>>>
>>> User has to provide the packs and set of values for the environment
>>> variables.
>>>
>>> - Install puppet master
>>> - Locate the relevant cartridges puppet modules
>>> - Place the packs, template modules and plugins to right location
>>> - Export all the user given environment variables
>>> - Execute configurator to configure the samples
>>>
>>> WDYT?
>>>
>>
>> Good thought reka. As our offline chat , we can plan to have two
>> installers for ppaas and ppaas cartridges.We can have the ppaas installer
>> to set up the ppaas related stuff while ppaas cartridge installer to set up
>> the cartridge specific installations.
>>
> +1. We can check whether we can modify the stratos-installer and use it as
> a ppaas-installer rather writing it from the scratch.
>
> Thanks,
> Reka
>
>>
>>> Thanks,
>>> Reka
>>>
>>> On Thu, Oct 1, 2015 at 2:01 PM, Gayan Gunarathne 
>>> wrote:
>>>
 Hi Akila,

 Common folder has all the common stuff related to the cartridges.So if
 someone can navigate to the common folder and get the stuff shared among
 the cartridges.

 I think it is meaningful to have those common stuff at a one place,
 then someone new to this repository also have a feeling those stuff will be
 common for all the cartridges.Common PCA plugins and utils also we can have
 inside the common folder

 Thanks,
 Gayan

 On Thu, Oct 1, 2015 at 12:52 PM, Akila Ravihansa Perera <
 raviha...@wso2.com> wrote:

> Hi Gayan,
>
> Wouldn't it be easier to navigate if we move those common folders to
> root folder?
>
> We can create a common folder under /plugins/ folder to keep common
> PCA plugins and util files.
>
> Just a thought...wdyt?
>
> Thanks.
>
> On Thu, Oct 1, 2015 at 10:29 AM, Gayan Gunarathne 
> wrote:
>
>> Adding to the Dev list
>>
>>
>> On Thu, Oct 1, 2015 at 7:05 AM, Imesh Gunaratne 
>> wrote:
>>
>>> Shall we move this discussion to Dev?
>>>
>>> Thanks
>>>
>>> On Wed, Sep 30, 2015 at 11:02 PM, Gayan Gunarathne 
>>> wrote:
>>>
 As puppet,init-scripts,base image are common for all the
 cartridges,shall we group them under common?
 Also what about the configurator?I can see two options
 One option will be move the configurator to the private-paas
 repository and release it with the private paas.Other option will be 
 we can
 do the separate release for the configurator.Seems it is better to 
 have a
 separate release for the configurator. WDYT?

 Thanks,
 Gayan

 On Wed, Sep 30, 2015 at 10:44 PM, Gayan Gunarathne  wrote:

> Hi,
>
> On Wed, Sep 30, 2015 at 9:48 PM, Akila Ravihansa Perera <
> raviha...@wso2.com> wrote:
>
>> +1 for having a simple folder structure. I think we can move the
>> contents in /common/ folder to root folder. One can easily identify 
>> the
>> important files available and easy to navigate as well.
>>
>> What should be the Maven groupId for this repo? How about
>> "org.wso2.ppaas.cartridges" or "org.wso2.cartridges" ?
>>
> We can use org.wso2.ppaas.cartridges as groupId
>
> Thanks,
> Gayan
>
>
>>
>
>> On Wed, Sep 30, 2015 at 9:24 PM, Imesh Gunaratne 
>> wrote:
>>
>>>  I would like to reduce the complexity of the folder structure
>>> and make it much simple. Shall we have some thing like below:
>>>
>>> 

Re: [Dev] [Vote] Release WSO2 Carbon Kernel 4.4.2 RC1

[Johann Nallathamby]

Hi All,

We had a discussion involving MB team members and IS team members.

Summary of the discussion:

Possibility of deadlocks occurring have drastically reduced in MySQL and
Oracle with the patches given so far and tested with high levels of
concurrency. Only MSSQL gives deadlocks and that too for very small
concurrency levels. In our experience we have in fact encountered several
deadlocking issues with MSSQL setups previously also in certain other
scenarios, and had to move to a non DB solution.

At this moment we have fixed the code level issues which we have found so
far. Beyond this it may be hard to find issues at code level. The fixes
done so far also, doesn't completely eliminate the possibility of a
deadlock; they only reduce it to a large extent, but that level doesn't
seem to be enough for MSSQL. From our side we will look into profiling this
use case on MSSQL server.

If we are to completely eliminate deadlocking we will have to lock the
tables which we haven't done as a practice because it will drastically
reduce performance. Other option available is for the MB code to recover
from the specific exception by retrying.

However during the discussion there were several problems raised regarding
implementation of topics.

MB uses internal roles and permissions in user kernel to authorize access
to Topics and Queues.

First we figured out that permission (resource + action) are being created
for each subscription (queues or topics). And for each subscription an
internal role is also being created. The creation of permission seems
redundant, because the resource name actually has a one-to-one
correspondence with the role name (resource name can be derived from role
name), and action can contain only 3 values, publish, subscribe and
changePermission. Every time a new subscription is added a new role and 3
new permissions are added for that subscription which is unwanted overhead.
Every time a subscription is deleted the corresponding role and 3
permissions are deleted. In a high load scenario there are many DB calls
going on which effects performance drastically.

In this case what we discussed with Indika is that, the permissions can be
fixed to publish, subscribe and changePermission; they can be added
through component.xml and will appear in the permission tree as well. Only
the internal role can be created and those 3 permissions assigned. This way
we are adding and deleting the internal role only and not doing any
operations to the UM_PERMISSION  table which will reduce a lot of DB calls.

The problem happens only for topics and not for queues, because in queues
you don't seem to be creating roles or permissions per subscription. But
for topics you do that and that seems to be executing huge amount of DB
calls on the user-mgt tables to add and remove roles and permissions.

Further when we discussed we also pointed out that creating an internal
role per topic subscription is an unwanted overhead. Normally we create
roles if we are going to assign a set of users to it. Using internal roles
for queues seems correct. The use case requires users other than the
subscriber to be added to the role for that topic. In case of topics, as
per the implementation, you create a role per subscription (internally
create a temp queue) and and assign the subscriber to it. As per Indika and
Hasitha there is no use case to assign other users to it. The only
requirement is to keep track of the user who subscribed to that temp queue.
In this case creating a role as well as 3 permissions for it is
unnecessary. You can just keep the name of the user along with the
subscription/temp queue name in the metadata table that MB has.

Please look into these options. As per IS team's understanding improvements
along these lines will give a substantial improvement. We can help you in
implementing these changes.

Regards,
Johann.



On Thu, Oct 1, 2015 at 2:36 PM, Manuri Amaya Perera 
wrote:

> Hi Indunil,
>
> As I understand, "FOREIGN KEY constraint violation" issue is a regression
> issue therefore the deadlock issue cannot be resolved until foreign key
> constraint violation issue is fixed, right?
>
> Thank you.
>
> On Thu, Oct 1, 2015 at 2:01 PM, Indunil Upeksha Rathnayake <
> indu...@wso2.com> wrote:
>
>> Hi,
>> The deadlock issue in https://wso2.org/jira/browse/MB-1326 is resolved
>> in both oracle 12c and 11g r2. (Please refer previous mails in this mail
>> thread to get the idea of the issue). Then after a "FOREIGN KEY constraint
>> violation" issue occurred in both mssql and oracle, intermittently (Refer
>> the attached file "errorLog_foriegnKeyViolation" for the error log). For
>> that, issued the fix in https://github.com/wso2/carbon-kernel/pull/512,
>> and it worked for oracle, but not for mssql. This is tested in following
>> scenarios in MB cluster.
>>
>> 1. 5 queues - 5 subscribers and 5 consumers ( 1 publisher and 1 consumer
>> each )
>> 2. 5 Topics - 5 subscribers and 5 consumers ( in 

Re: [Dev] Should mysql database scripts work with old mysql versions.

[Ishara Karunarathna]

Hi Ruwan,

On Fri, Oct 2, 2015 at 1:09 PM, Ruwan Abeykoon  wrote:

> Hi Ishara,
> >>In Identity server we started to persist session date with its updated
> timestamp. And retrieve the latest data object related to
> given session.
> >>If it's only supported for seconds we get duplicate entries. In that
> case we have to go for fractional seconds in timestamp
> or will have to store it in another data type.
>
> I think tying up with timestamp for any uniqueness is going to be
> problematic even if we select the most granular time resolution provided by
> the hardware.
>
Thats true and its depend on the use case too.
In our use case we don't depend only on the timestamp and we can't expect
nano second level time different between session participants.
In that case I believe we can go ahead with our approach.

Thanks,
Ishara

> For example lets say an IoT device sends more than one request in fraction
> of nano second and this might be causing problems down the pipeline/in the
> future.
> So I would suggest a changing the dependency of using timestamp for any
> uniqueness/ latest check by adding/appending a sequence number, if it is
> the case.
>
> Cheers,
> Ruwan
>
>
> On Fri, Oct 2, 2015 at 10:05 AM, Ishara Karunarathna 
> wrote:
>
>> Hi Shankar,
>>
>> On Thu, Oct 1, 2015 at 9:54 PM, Selvaratnam Uthaiyashankar <
>> shan...@wso2.com> wrote:
>>
>>> Is this support (fraction of second) there in other RDBMS (Oracle,
>>> MSSQL, etc?). If it is only Mysql 5.6.4 +, then we shouldn't use IMO. If
>>> this support is there in all other RDBMS, then it should be ok.
>>>
>>> I checked with Oracle, MSSQL, PostgreSQL, Informix and DB2. All support
>> for fraction of seconds.
>>
>> Thanks,
>> Ishara
>> [1]
>> http://docs.oracle.com/cd/B19306_01/server.102/b14200/sql_elements001.htm#i54330
>> [2] https://msdn.microsoft.com/en-us/library/ms187819.aspx
>> [3] http://www.postgresql.org/docs/9.1/static/datatype-datetime.html
>> [4]
>> https://www-01.ibm.com/support/knowledgecenter/SSGU8G_12.1.0/com.ibm.sqlr.doc/ids_sqr_110.htm
>> [5]
>> https://www-304.ibm.com/support/knowledgecenter/SSEPEK_10.0.0/com.ibm.db2z10.doc.intro/src/tpc/db2z_datetimetimestamp.dita
>>
>>> On Thu, Oct 1, 2015 at 9:40 PM, Ishara Karunarathna 
>>> wrote:
>>>
 Hi Shankar,

 On Thu, Oct 1, 2015 at 7:45 PM, Selvaratnam Uthaiyashankar <
 shan...@wso2.com> wrote:

> Normally, we should keep the compatibility with older versions.
>
> Is there any specific reason why you need upto microsecond precision
> for the timestamp?
>
 by default mysql support for seconds.
 In Identity server we started to persist session date with its updated
 timestamp. And retrieve the latest data object related to
 given session.
 If it's only supported for seconds we get duplicate entries. In that
 case we have to go for fractional seconds in timestamp
 or will have to store it in another data type.

 Thanks,
 Ishara

>
> On Wed, Sep 30, 2015 at 10:35 PM, Ishara Karunarathna <
> isha...@wso2.com> wrote:
>
>> Hi all,
>>
>> For example In mysql version 5.6.4 (released on February 5, 2013 )
>> onwards [1] it support for
>> fractional seconds for TIMESTAMP values, with up to microseconds (6
>> digits)
>>
>> But if we write scripts to get that features it won't work with older
>> versions.
>> So can we write scripts to work only with mysql version 5.6.4 and
>> latest or should we support for old versions ?.
>>
>> Thanks,
>> Ishara
>>
>> [1]
>> http://dev.mysql.com/doc/refman/5.6/en/mysql-nutshell.html#mysql-nutshell-additions
>> --
>> Ishara Karunarathna
>> Senior Software Engineer
>> WSO2 Inc. - lean . enterprise . middleware |  wso2.com
>>
>> email: isha...@wso2.com,   blog: isharaaruna.blogspot.com,   mobile:
>> +94717996791
>>
>
>
>
> --
> S.Uthaiyashankar
> VP Engineering
> WSO2 Inc.
> http://wso2.com/ - "lean . enterprise . middleware"
>
> Phone: +94 714897591
>



 --
 Ishara Karunarathna
 Senior Software Engineer
 WSO2 Inc. - lean . enterprise . middleware |  wso2.com

 email: isha...@wso2.com,   blog: isharaaruna.blogspot.com,   mobile:
 +94717996791

>>>
>>>
>>>
>>> --
>>> S.Uthaiyashankar
>>> VP Engineering
>>> WSO2 Inc.
>>> http://wso2.com/ - "lean . enterprise . middleware"
>>>
>>> Phone: +94 714897591
>>>
>>
>>
>>
>> --
>> Ishara Karunarathna
>> Senior Software Engineer
>> WSO2 Inc. - lean . enterprise . middleware |  wso2.com
>>
>> email: isha...@wso2.com,   blog: isharaaruna.blogspot.com,   mobile:
>> +94717996791
>>
>> ___
>> Dev mailing list
>> Dev@wso2.org
>> http://wso2.org/cgi-bin/mailman/listinfo/dev
>>
>>
>
>
> --
>
> *Ruwan Abeykoon*
> *Architect,*
> *WSO2, Inc. http://wso2.com 

Re: [Dev] Should mysql database scripts work with old mysql versions.

[Ruwan Abeykoon]

Hi Ishara,
Agreed, if we can be sure that things will behave well in high load.

Cheers,
Ruwan

On Fri, Oct 2, 2015 at 2:24 PM, Ishara Karunarathna 
wrote:

> Hi Ruwan,
>
> On Fri, Oct 2, 2015 at 1:09 PM, Ruwan Abeykoon  wrote:
>
>> Hi Ishara,
>> >>In Identity server we started to persist session date with its updated
>> timestamp. And retrieve the latest data object related to
>> given session.
>> >>If it's only supported for seconds we get duplicate entries. In that
>> case we have to go for fractional seconds in timestamp
>> or will have to store it in another data type.
>>
>> I think tying up with timestamp for any uniqueness is going to be
>> problematic even if we select the most granular time resolution provided by
>> the hardware.
>>
> Thats true and its depend on the use case too.
> In our use case we don't depend only on the timestamp and we can't expect
> nano second level time different between session participants.
> In that case I believe we can go ahead with our approach.
>
> Thanks,
> Ishara
>
>> For example lets say an IoT device sends more than one request in
>> fraction of nano second and this might be causing problems down the
>> pipeline/in the future.
>> So I would suggest a changing the dependency of using timestamp for any
>> uniqueness/ latest check by adding/appending a sequence number, if it is
>> the case.
>>
>> Cheers,
>> Ruwan
>>
>>
>> On Fri, Oct 2, 2015 at 10:05 AM, Ishara Karunarathna 
>> wrote:
>>
>>> Hi Shankar,
>>>
>>> On Thu, Oct 1, 2015 at 9:54 PM, Selvaratnam Uthaiyashankar <
>>> shan...@wso2.com> wrote:
>>>
 Is this support (fraction of second) there in other RDBMS (Oracle,
 MSSQL, etc?). If it is only Mysql 5.6.4 +, then we shouldn't use IMO. If
 this support is there in all other RDBMS, then it should be ok.

 I checked with Oracle, MSSQL, PostgreSQL, Informix and DB2. All
>>> support for fraction of seconds.
>>>
>>> Thanks,
>>> Ishara
>>> [1]
>>> http://docs.oracle.com/cd/B19306_01/server.102/b14200/sql_elements001.htm#i54330
>>> [2] https://msdn.microsoft.com/en-us/library/ms187819.aspx
>>> [3] http://www.postgresql.org/docs/9.1/static/datatype-datetime.html
>>> [4]
>>> https://www-01.ibm.com/support/knowledgecenter/SSGU8G_12.1.0/com.ibm.sqlr.doc/ids_sqr_110.htm
>>> [5]
>>> https://www-304.ibm.com/support/knowledgecenter/SSEPEK_10.0.0/com.ibm.db2z10.doc.intro/src/tpc/db2z_datetimetimestamp.dita
>>>
 On Thu, Oct 1, 2015 at 9:40 PM, Ishara Karunarathna 
 wrote:

> Hi Shankar,
>
> On Thu, Oct 1, 2015 at 7:45 PM, Selvaratnam Uthaiyashankar <
> shan...@wso2.com> wrote:
>
>> Normally, we should keep the compatibility with older versions.
>>
>> Is there any specific reason why you need upto microsecond precision
>> for the timestamp?
>>
> by default mysql support for seconds.
> In Identity server we started to persist session date with its updated
> timestamp. And retrieve the latest data object related to
> given session.
> If it's only supported for seconds we get duplicate entries. In that
> case we have to go for fractional seconds in timestamp
> or will have to store it in another data type.
>
> Thanks,
> Ishara
>
>>
>> On Wed, Sep 30, 2015 at 10:35 PM, Ishara Karunarathna <
>> isha...@wso2.com> wrote:
>>
>>> Hi all,
>>>
>>> For example In mysql version 5.6.4 (released on February 5, 2013 )
>>> onwards [1] it support for
>>> fractional seconds for TIMESTAMP values, with up to microseconds (6
>>> digits)
>>>
>>> But if we write scripts to get that features it won't work with
>>> older versions.
>>> So can we write scripts to work only with mysql version 5.6.4 and
>>> latest or should we support for old versions ?.
>>>
>>> Thanks,
>>> Ishara
>>>
>>> [1]
>>> http://dev.mysql.com/doc/refman/5.6/en/mysql-nutshell.html#mysql-nutshell-additions
>>> --
>>> Ishara Karunarathna
>>> Senior Software Engineer
>>> WSO2 Inc. - lean . enterprise . middleware |  wso2.com
>>>
>>> email: isha...@wso2.com,   blog: isharaaruna.blogspot.com,
>>> mobile: +94717996791
>>>
>>
>>
>>
>> --
>> S.Uthaiyashankar
>> VP Engineering
>> WSO2 Inc.
>> http://wso2.com/ - "lean . enterprise . middleware"
>>
>> Phone: +94 714897591
>>
>
>
>
> --
> Ishara Karunarathna
> Senior Software Engineer
> WSO2 Inc. - lean . enterprise . middleware |  wso2.com
>
> email: isha...@wso2.com,   blog: isharaaruna.blogspot.com,   mobile:
> +94717996791
>



 --
 S.Uthaiyashankar
 VP Engineering
 WSO2 Inc.
 http://wso2.com/ - "lean . enterprise . middleware"

 Phone: +94 714897591

>>>
>>>
>>>
>>> --
>>> Ishara Karunarathna
>>> Senior Software Engineer
>>> WSO2 Inc. - lean . enterprise . 

Re: [Dev] [Human Tasks] Listing Human Tasks Completed by a User

[Chamila Wijayarathna]

Hi Hasitha/Vinod,

Thanks, by using

http://schemas.xmlsoap.org/soap/envelope/;
xmlns:ns="http://docs.oasis-open.org/ns/bpel4people/ws-humantask/api/200803;
xmlns:ns1="
http://docs.oasis-open.org/ns/bpel4people/ws-humantask/types/200803;>
   
   
  
 

COMPLETED
10

0


ASSIGNED_TO_ME
 
  
   


as you have suggested, I could get the COMPLETED tasks of the logged in
user.

Is there a way to get COMPLETED, RESERVED and IN-PROGRESS tasks of
ASSIGNED_TO_ME in one service call?

Thanks

On Fri, Oct 2, 2015 at 1:10 PM, Hasitha Aravinda  wrote:

> Correct category is ASSIGNED_TO_ME and use status filter COMPLETED in
> SimpleQuery.
>
> Thanks,
> Hasitha.
>
> On Fri, Oct 2, 2015 at 12:41 PM, Vinod Kavinda  wrote:
>
>> Hi Chamila,
>> Sorry I made a mistake, You can't do this in the same way as Claimable.
>> Use the SimpleQuery in  HumanTaskClientAPIAdmin. Use the sample given.
>>
>> Thank You
>> Vinod
>>
>> On Fri, Oct 2, 2015 at 12:22 PM, Vinod Kavinda  wrote:
>>
>>> Hi Chamila,
>>> You can use SimpleQuery operatin in HumanTaskClientAPIAdmin service.
>>> Invoke this operation in the same way you used to claimable status with
>>> "COMPLETED" as the status.
>>>  You can find a sample code in [1] line no 64.
>>>
>>> [1] -
>>> https://github.com/wso2/carbon-business-process/blob/master/components/humantask/humantask-explorer-web/src/web/js/WSHTRequest.js#L64
>>>
>>> Regards,
>>> Vinod Kavinda
>>>
>>> On Fri, Oct 2, 2015 at 11:44 AM, Chamila Wijayarathna 
>>> wrote:
>>>
 Hi all,

 In IS dashboard gadget for approving/disapproving human tasks,
 currently we are only showing tasks which are in the types "ASSIGNED_TO_ME"
 and "CLAIMABLE". In the below jira (IDENTITY-3680), it is requested the
 tasks completed by a particular user need to be shown in dashboard as well.
 Is there a way we can get a list of human tasks completed by the logged in
 user?

 @Prabath, Johann, Pulasthi,
 Since the main idea of the dashboard gadget is to
 claim/approve/disapprove tasks, should we show 'completed' tasks at
 dashboard?

 Thanks



 -- Forwarded message --
 From: Aparna Karunarathna (JIRA) 
 Date: Tue, Sep 29, 2015 at 6:59 PM
 Subject: [Carbon-jira] [jira] (IDENTITY-3680) Completed task are not
 getting listed
 To: carbon-j...@wso2.org


 Aparna Karunarathna
 
 created [image: Bug] IDENTITY-3680
 
 *Completed task are not getting listed*
 
 *Issue Type:* [image: Bug] Bug *Affects Versions:* 5.1.0-Alpha
 *Assignee:* Pulasthi Mahawithana
 
 *Components:* workflows *Created:* 29/Sep/15 6:58 PM *Description:*

 Completed task are not getting listed

 Steps to reproduce
 1. Create a workflow to approve users and add some user
 2. Login to the dashboard and approve those users
 3. Completed tasks are not showing
 *Environment:*

 Pack: Alpha
 OS: Debian 8
 Java: jdk1.7.0_79
 Dep: Standalone
 DB: Mysql 5.5.44
 Browser: Firefox 40.0/ Chrome 44.0
 *Project:* WSO2 Identity Server 
 *Priority:* [image: Highest] Highest *Reporter:* Aparna Karunarathna
  This
 message is automatically generated by JIRA.
 If you think it was sent incorrectly, please contact your JIRA
 administrators
 For more information on JIRA, see:
 http://www.atlassian.com/software/jira

 ___
 Carbon-jira mailing list
 carbon-j...@wso2.org
 https://wso2.org/cgi-bin/mailman/listinfo/carbon-jira




 --
 *Chamila Dilshan Wijayarathna,*
 Software Engineer
 Mobile:(+94)788193620
 WSO2 Inc., http://wso2.com/

>>>
>>>
>>>
>>> --
>>> Vinod Kavinda
>>> Software Engineer
>>> *WSO2 Inc. - lean . enterprise . middleware .*
>>> Mobile : +94 (0) 712 415544
>>> Blog : http://soatechflicks.blogspot.com/
>>>
>>>
>>
>>
>> --
>> Vinod Kavinda
>> Software Engineer
>> *WSO2 Inc. - lean . enterprise . middleware .*
>> Mobile : +94 (0) 712 415544
>> Blog : http://soatechflicks.blogspot.com/
>>
>>
>
>
> --
> --
> Hasitha Aravinda,
> Senior Software Engineer,
> WSO2 Inc.
> Email: hasi...@wso2.com
> Mobile : +94 718 210 200
>



-- 
*Chamila Dilshan Wijayarathna,*
Software Engineer
Mobile:(+94)788193620
WSO2 Inc., http://wso2.com/
___
Dev mailing list

[Dev] [IS] - Unable to decrypt the SAML Assertion When Authenticating to Travelocity app

[Nadeesha Meegoda]

Hi.

I have configured the setup to Login to the Identity Server Using Another
Identity Server as per the details in [1] in Super tenant mode. With the
happy scenario according to the documentation this works fine. But I have
enabled some additional properties in IDP and SP used for IDP as following :

*Properties enabled for Federated Authenticators* - SAML2 Web SSO
Configuration

1. Enabled Assertion Encryption
2. Enable Assertion Signing
3. Enable Authentication Response Signing

*Properties enabled fo SP used for IDP *

1. Enabled Assertion Encryption
2. Enabled Response Signing

*Properties enabled fo SP used for travelocity app*

1. Enabled Assertion Encryption
2. Enabled Response Signing

In the travelocity.properties file also I have enabled Assertion
Encryption,Response signing and Assertion signing. I have already imported
the Identity Provider Public Certificate to IDP

When I'm signing in to travelocity.com I get Unable to decrypt the SAML
Assertion error and error in [2] in tomcat.

Note that only enabling "assertion signing" in IDP I was successfully able
to login and no error was displayed. When I enabled the Assertion
Encryption this error occurred. Why is this error occurred when I enable
this property as mentioned above?

Any help regarding this is highly appreciated!



[1] -
https://docs.wso2.com/pages/viewpage.action?title=Login%2Bto%2Bthe%2BIdentity%2BServer%2BUsing%2BAnother%2BIdentity%2BServer=IS510

[2] - Oct 02, 2015 2:10:47 PM
org.wso2.carbon.identity.sso.agent.SSOAgentFilter doFilter
SEVERE: An error has occurred
org.wso2.carbon.identity.sso.agent.exception.SSOAgentException: Unable to
decrypt the SAML Assertion
at
org.wso2.carbon.identity.sso.agent.saml.SAML2SSOManager.processSSOResponse(SAML2SSOManager.java:254)
at
org.wso2.carbon.identity.sso.agent.saml.SAML2SSOManager.processResponse(SAML2SSOManager.java:198)
at
org.wso2.carbon.identity.sso.agent.SSOAgentFilter.doFilter(SSOAgentFilter.java:89)
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
at
org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:220)
at
org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:122)
at
org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:505)
at
org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:170)
at
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:103)
at
org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:956)
at
org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:116)
at
org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:423)
at
org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1079)
at
org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:625)
at
org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:318)
at
java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
at
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
at
org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
at java.lang.Thread.run(Thread.java:745)




Thanks!
-- 
*Nadeesha Meegoda*
Software Engineer - QA
WSO2 Inc.; http://wso2.com
lean.enterprise.middleware
email : nadees...@wso2.com
mobile: +94783639540
<%2B94%2077%202273555>
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] [C5] Tomcat Plugging POC JSP error

[Afkham Azeez]

Is this for AS? If so we would be using Vanilla Tomcat.

On Fri, Oct 2, 2015 at 10:56 AM, Aruna Karunarathna  wrote:

> Hi all,
>
> When running Tomcat with C5 executing a jsp is causing the following
> error. [1] Complaining that unable to find the org.xml.sax.Attributes class.
>
> Do we need to explicitly export those classes coming from the JDK, I
> believe this class is coming from jre/lib/rt.jar?.. Any idea what is
> causing this error?.
>
> [1].
> osgi> [2015-10-02 10:47:09,677] ERROR
> {org.apache.catalina.core.ContainerBase.[Catalina].[localhost].[/sample].[jsp]}
> -  Servlet.service() for servlet [jsp] in context with path [/sample] threw
> exception [Servlet execution threw an exception] with root cause
> java.lang.ClassNotFoundException: org.xml.sax.Attributes cannot be found
> by org.apache.jasper.glassfish_2.2.2.v201205150955
> at
> org.eclipse.osgi.internal.loader.BundleLoader.findClassInternal(BundleLoader.java:501)
> at
> org.eclipse.osgi.internal.loader.BundleLoader.findClass(BundleLoader.java:421)
> at
> org.eclipse.osgi.internal.loader.BundleLoader.findClass(BundleLoader.java:412)
> at
> org.eclipse.osgi.internal.baseadaptor.DefaultClassLoader.loadClass(DefaultClassLoader.java:107)
> at java.lang.ClassLoader.loadClass(ClassLoader.java:357)
> at
> org.apache.jasper.compiler.ParserController.doParse(ParserController.java:244)
> at
> org.apache.jasper.compiler.ParserController.parse(ParserController.java:145)
> at org.apache.jasper.compiler.Compiler.generateJava(Compiler.java:212)
> at org.apache.jasper.compiler.Compiler.compile(Compiler.java:451)
> at
> org.apache.jasper.JspCompilationContext.compile(JspCompilationContext.java:625)
> at
> org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:374)
> at org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:492)
> at org.apache.jasper.servlet.JspServlet.service(JspServlet.java:378)
> at javax.servlet.http.HttpServlet.service(HttpServlet.java:770)
> at
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:303)
> at
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
> at
> org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:220)
> at
> org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:122)
> at
> org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:501)
> at
> org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:171)
> at
> org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:103)
> at
> org.wso2.carbon.tomcat.ext.valves.CarbonStuckThreadDetectionValve.invoke(CarbonStuckThreadDetectionValve.java:159)
> at
> org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:950)
> at
> org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:116)
> at
> org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:408)
> at
> org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1070)
> at
> org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:611)
> at
> org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1736)
> at
> org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.run(NioEndpoint.java:1695)
> at
> java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
> at
> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
> at
> org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
> at java.lang.Thread.run(Thread.java:745)
>
> Regards,
> Aruna
> --
>
> *Aruna Sujith Karunarathna *| Software Engineer
> WSO2, Inc | lean. enterprise. middleware.
> #20, Palm Grove, Colombo 03, Sri Lanka
> Mobile: +94 71 9040362 | Work: +94 112145345
> Email: ar...@wso2.com | Web: www.wso2.com
>
>



-- 
*Afkham Azeez*
Director of Architecture; WSO2, Inc.; http://wso2.com
Member; Apache Software Foundation; http://www.apache.org/
* *
*email: **az...@wso2.com* 
* cell: +94 77 3320919blog: **http://blog.afkham.org*

*twitter: **http://twitter.com/afkham_azeez*

*linked-in: **http://lk.linkedin.com/in/afkhamazeez
*

*Lean . Enterprise . Middleware*
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] [UX] [Carbon-jira] [jira] (IDENTITY-3528) Error while adding datepicker for selecting date range with jquery 1.6.0

[Johann Nallathamby]

Thanks for looking into this Dakshika.

On Fri, Oct 2, 2015 at 1:43 PM, Dakshika Jayathilaka 
wrote:

> Hi,
>
> please use below format on this.
>
> $("input.DateFrom").datepicker({
> minDate: 13
> });
>
> *minDate* can be data, number or string
>
> Regards,
>
> *Dakshika Jayathilaka*
> PMC Member & Committer of Apache Stratos
> Senior Software Engineer
> WSO2, Inc.
> lean.enterprise.middleware
> 0771100911
>
> On Fri, Oct 2, 2015 at 11:53 AM, Johann Nallathamby 
> wrote:
>
>> Hi Dakshika,
>>
>> Any update on this ? This is kind of a blocker for our Beta release.
>>
>> Thanks.
>>
>> On Fri, Sep 25, 2015 at 9:04 AM, Chamila Wijayarathna 
>> wrote:
>>
>>> Hi Dakshika,'
>>>
>>> The issue can be reproduced in IS-5.1.0-alpha pack which can be
>>> downloaded from [1].
>>> The jsp page relevant to this issue is at [2].
>>> I have described how the issue can be reproduced at the above jira [3].
>>> Please let me know if you need any further details on this.
>>>
>>> Thanks
>>>
>>>
>>> 1. https://github.com/wso2/product-is/releases/tag/v5.1.0-alpha
>>> 2.
>>> https://github.com/wso2/carbon-identity/blob/master/components/workflow-mgt/org.wso2.carbon.identity.workflow.mgt.ui/src/main/resources/web/workflow-mgt/wf-request-list.jsp
>>> 3. https://wso2.org/jira/browse/IDENTITY-3528
>>>
>>> On Fri, Sep 25, 2015 at 6:26 AM, Dakshika Jayathilaka >> > wrote:
>>>
 Hi Chamila,

 Yes we can help you on this. Can you share latest pack and other
 relevant information.

 Regards,

 *Dakshika Jayathilaka*
 PMC Member & Committer of Apache Stratos
 Senior Software Engineer
 WSO2, Inc.
 lean.enterprise.middleware
 0771100911

 On Thu, Sep 24, 2015 at 5:04 PM, Chamila Wijayarathna  wrote:

> Hi Dakshika/ UX-team,
>
> We are having the issue mentioned in IDENTITY-3525, this is a blocker
> for IS 5.1.0 release.
> Can someone from UX team look into this ASAP?
>
> Thanks
>
>
> -- Forwarded message --
> From: Chamila Wijayarathna (JIRA) 
> Date: Fri, Aug 21, 2015 at 4:29 PM
> Subject: [Carbon-jira] [jira] (IDENTITY-3528) Error while adding
> datepicker for selecting date range with jquery 1.6.0
> To: carbon-j...@wso2.org
>
>
> Chamila Wijayarathna
> 
> created [image: Bug] IDENTITY-3528
> 
> *Error while adding datepicker for selecting date range with jquery
> 1.6.0* 
> *Issue Type:* [image: Bug] Bug *Assignee:* Thusitha Kalugamage
> 
> *Components:* workflows *Created:* 21/Aug/15 4:29 PM *Description:*
>
> This issue can be reproduced in current master branch of github. In
> monitor-> workflow requests page, in date picker there, when onClose 
> called
> for one time, calander is not shown again, it shows input field as a test
> box.
> *Project:* WSO2 Identity Server
>  *Priority:* [image: Normal]
> Normal *Reporter:* Chamila Wijayarathna
>  
> This
> message is automatically generated by JIRA.
> If you think it was sent incorrectly, please contact your JIRA
> administrators
> For more information on JIRA, see:
> http://www.atlassian.com/software/jira
>
> ___
> Carbon-jira mailing list
> carbon-j...@wso2.org
> https://wso2.org/cgi-bin/mailman/listinfo/carbon-jira
>
>
>
>
> --
> *Chamila Dilshan Wijayarathna,*
> Software Engineer
> Mobile:(+94)788193620
> WSO2 Inc., http://wso2.com/
>


>>>
>>>
>>> --
>>> *Chamila Dilshan Wijayarathna,*
>>> Software Engineer
>>> Mobile:(+94)788193620
>>> WSO2 Inc., http://wso2.com/
>>>
>>
>>
>>
>> --
>> Thanks & Regards,
>>
>> *Johann Dilantha Nallathamby*
>> Technical Lead & Product Lead of WSO2 Identity Server
>> Governance Technologies Team
>> WSO2, Inc.
>> lean.enterprise.middleware
>>
>> Mobile - *+9476950*
>> Blog - *http://nallaa.wordpress.com *
>>
>
>


-- 
Thanks & Regards,

*Johann Dilantha Nallathamby*
Technical Lead & Product Lead of WSO2 Identity Server
Governance Technologies Team
WSO2, Inc.
lean.enterprise.middleware

Mobile - *+9476950*
Blog - *http://nallaa.wordpress.com *
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] [Vote] Release WSO2 Carbon Kernel 4.4.2 RC1

[Rajith Vitharana]

Hi,

This issue is blocking DSS 3.5.0 release as well, We need kernel 4.4.2 for
the DSS 3.5.0 as we can't use kernel 4.4.1(which has a bug in axis2json)
for now we are using kernel 4.4.0 but we can't use that for the final
release due to version incompatibilities, for example we can't install DSS
features in ESB 4.9.0 if we use kernel 4.4.0. Appreciate if we can solve
this issue ASAP

Thanks,

On Fri, Oct 2, 2015 at 5:36 PM, Indika Sampath  wrote:

> Hi Johann,
>
> I have avoid creating role for each tmp queue when subscription adding to
> non durable topic. Now we only create one internal role by topic name and
> assign subscribe, publish and changePermission. Please find the PR [1]. We
> have build a MB 3.0.0-SNAPSHOT pack with all latest changes including PR
> [1] and check again with MSSQL. But we still encounter same dead-lock
> issue. We are only adding 5 subscription at once. We have 2 node cluster
> setup. Just add 2 subscription to node1 and 3 subscription to node2. It
> seems root cause is not because of creating tmp role for each subscription.
> Now we are adding patch given by Indunil, and check whether it resolve the
> issue and update mail.
>
> [1] https://github.com/wso2/carbon-business-messaging/pull/170
>
> Cheers!
>
> On Fri, Oct 2, 2015 at 5:08 PM, Johann Nallathamby 
> wrote:
>
>> Hi All,
>>
>> We had a discussion involving MB team members and IS team members.
>>
>> Summary of the discussion:
>>
>> Possibility of deadlocks occurring have drastically reduced in MySQL and
>> Oracle with the patches given so far and tested with high levels of
>> concurrency. Only MSSQL gives deadlocks and that too for very small
>> concurrency levels. In our experience we have in fact encountered several
>> deadlocking issues with MSSQL setups previously also in certain other
>> scenarios, and had to move to a non DB solution.
>>
>> At this moment we have fixed the code level issues which we have found so
>> far. Beyond this it may be hard to find issues at code level. The fixes
>> done so far also, doesn't completely eliminate the possibility of a
>> deadlock; they only reduce it to a large extent, but that level doesn't
>> seem to be enough for MSSQL. From our side we will look into profiling this
>> use case on MSSQL server.
>>
>> If we are to completely eliminate deadlocking we will have to lock the
>> tables which we haven't done as a practice because it will drastically
>> reduce performance. Other option available is for the MB code to recover
>> from the specific exception by retrying.
>>
>> However during the discussion there were several problems raised
>> regarding implementation of topics.
>>
>> MB uses internal roles and permissions in user kernel to authorize access
>> to Topics and Queues.
>>
>> First we figured out that permission (resource + action) are being
>> created for each subscription (queues or topics). And for each subscription
>> an internal role is also being created. The creation of permission seems
>> redundant, because the resource name actually has a one-to-one
>> correspondence with the role name (resource name can be derived from role
>> name), and action can contain only 3 values, publish, subscribe and
>> changePermission. Every time a new subscription is added a new role and 3
>> new permissions are added for that subscription which is unwanted overhead.
>> Every time a subscription is deleted the corresponding role and 3
>> permissions are deleted. In a high load scenario there are many DB calls
>> going on which effects performance drastically.
>>
>> In this case what we discussed with Indika is that, the permissions can
>> be fixed to publish, subscribe and changePermission; they can be added
>> through component.xml and will appear in the permission tree as well. Only
>> the internal role can be created and those 3 permissions assigned. This way
>> we are adding and deleting the internal role only and not doing any
>> operations to the UM_PERMISSION  table which will reduce a lot of DB calls.
>>
>> The problem happens only for topics and not for queues, because in queues
>> you don't seem to be creating roles or permissions per subscription. But
>> for topics you do that and that seems to be executing huge amount of DB
>> calls on the user-mgt tables to add and remove roles and permissions.
>>
>> Further when we discussed we also pointed out that creating an internal
>> role per topic subscription is an unwanted overhead. Normally we create
>> roles if we are going to assign a set of users to it. Using internal roles
>> for queues seems correct. The use case requires users other than the
>> subscriber to be added to the role for that topic. In case of topics, as
>> per the implementation, you create a role per subscription (internally
>> create a temp queue) and and assign the subscriber to it. As per Indika and
>> Hasitha there is no use case to assign other users to it. The only
>> requirement is to keep track of the user who 

Re: [Dev] [IS] - Unable to decrypt the SAML Assertion When Authenticating to Travelocity app

[Nadeesha Meegoda]

Hi Tharindu,

When I tested this with single IS for SAML SSO (not the federated scenario)
everything worked fine for super tenant. I doubt this is related to the
federated scenario. Please have a look and let me know.

Thanks!

On Fri, Oct 2, 2015 at 8:52 PM, Tharindu Edirisinghe 
wrote:

> Hi Nadeesha,
>
> For super tenant, sso.agent should be able to decrypt the encrypted saml
> assertion. However there was an issue [1] where for a tenant, when the
> tenant encrypts the SAML assertion from the public certificate of the
> client (i.e travelocity app), then sso.agent could not decrypt the
> assertion because in the code, the private key of travelocity's key store
> was not getting picked up because of the particular method called in open
> saml library. This was patched sometimes back for sso.agent 1.2 version but
> we need to check whether the same fix got correctly merged to higher
> versions (i.e 1.4). Ideally this should anyway work for super tenant, but
> we'll check the same scenario more and let you know.
>
> [1] https://wso2.org/jira/browse/IDENTITY-3186
>
> Regards,
> TharinduE
>
> On Fri, Oct 2, 2015 at 3:34 PM, Nadeesha Meegoda 
> wrote:
>
>> Hi Darshana,
>>
>> Yes the response is encrypted. Sending the SAML sso trace attached with
>> the mail.
>>
>> @Ishara I used wso2carbon as the certificate alias since I'm using the
>> default key stores and also I'm testing this in super tenant mode.  Do I
>> need to import the public certificate of the private key of travelocity app
>> to IS keystores in super tenant mode?
>>
>> On Fri, Oct 2, 2015 at 3:19 PM, Ishara Karunarathna 
>> wrote:
>>
>>> Hi Nadeesha,
>>>
>>> On Fri, Oct 2, 2015 at 3:04 PM, Darshana Gunawardana 
>>> wrote:
>>>
 Hi Nadeesha,

 Have you checked whether the assertion is encrypted in the response IS
 send back to travelocity app?

 And please provide the SSO Trace (save as a text file and attach in the
 mail) for the whole flow.

 Thanks,
 Darshana

 On Fri, Oct 2, 2015 at 2:53 PM, Nadeesha Meegoda 
 wrote:

> Hi.
>
> I have configured the setup to Login to the Identity Server Using
> Another Identity Server as per the details in [1] in Super tenant mode.
> With the happy scenario according to the documentation this works fine. 
> But
> I have enabled some additional properties in IDP and SP used for IDP as
> following :
>
> *Properties enabled for Federated Authenticators* - SAML2 Web SSO
> Configuration
>
> 1. Enabled Assertion Encryption
> 2. Enable Assertion Signing
> 3. Enable Authentication Response Signing
>
> *Properties enabled fo SP used for IDP *
>
> 1. Enabled Assertion Encryption
> 2. Enabled Response Signing
>
> *Properties enabled fo SP used for travelocity app*
>
> 1. Enabled Assertion Encryption
>
 What is the Certificate Alias you used here ?
>>> is that the public key in travelocity app ?
>>>
 2. Enabled Response Signing
>
> In the travelocity.properties file also I have enabled Assertion
> Encryption,Response signing and Assertion signing. I have already imported
> the Identity Provider Public Certificate to IDP
>
> When I'm signing in to travelocity.com I get Unable to decrypt the
> SAML Assertion error and error in [2] in tomcat.
>
> Note that only enabling "assertion signing" in IDP I was successfully
> able to login and no error was displayed. When I enabled the Assertion
> Encryption this error occurred. Why is this error occurred when I enable
> this property as mentioned above?
>
> Any help regarding this is highly appreciated!
>
>
>
> [1] -
> https://docs.wso2.com/pages/viewpage.action?title=Login%2Bto%2Bthe%2BIdentity%2BServer%2BUsing%2BAnother%2BIdentity%2BServer=IS510
>
> [2] - Oct 02, 2015 2:10:47 PM
> org.wso2.carbon.identity.sso.agent.SSOAgentFilter doFilter
> SEVERE: An error has occurred
> org.wso2.carbon.identity.sso.agent.exception.SSOAgentException: Unable
> to decrypt the SAML Assertion
> at
> org.wso2.carbon.identity.sso.agent.saml.SAML2SSOManager.processSSOResponse(SAML2SSOManager.java:254)
> at
> org.wso2.carbon.identity.sso.agent.saml.SAML2SSOManager.processResponse(SAML2SSOManager.java:198)
> at
> org.wso2.carbon.identity.sso.agent.SSOAgentFilter.doFilter(SSOAgentFilter.java:89)
> at
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
> at
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
> at
> org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:220)
> at
> 

Re: [Dev] [IS] - Unable to decrypt the SAML Assertion When Authenticating to Travelocity app

[Tharindu Edirisinghe]

Hi Nadeesha,

For super tenant, sso.agent should be able to decrypt the encrypted saml
assertion. However there was an issue [1] where for a tenant, when the
tenant encrypts the SAML assertion from the public certificate of the
client (i.e travelocity app), then sso.agent could not decrypt the
assertion because in the code, the private key of travelocity's key store
was not getting picked up because of the particular method called in open
saml library. This was patched sometimes back for sso.agent 1.2 version but
we need to check whether the same fix got correctly merged to higher
versions (i.e 1.4). Ideally this should anyway work for super tenant, but
we'll check the same scenario more and let you know.

[1] https://wso2.org/jira/browse/IDENTITY-3186

Regards,
TharinduE

On Fri, Oct 2, 2015 at 3:34 PM, Nadeesha Meegoda  wrote:

> Hi Darshana,
>
> Yes the response is encrypted. Sending the SAML sso trace attached with
> the mail.
>
> @Ishara I used wso2carbon as the certificate alias since I'm using the
> default key stores and also I'm testing this in super tenant mode.  Do I
> need to import the public certificate of the private key of travelocity app
> to IS keystores in super tenant mode?
>
> On Fri, Oct 2, 2015 at 3:19 PM, Ishara Karunarathna 
> wrote:
>
>> Hi Nadeesha,
>>
>> On Fri, Oct 2, 2015 at 3:04 PM, Darshana Gunawardana 
>> wrote:
>>
>>> Hi Nadeesha,
>>>
>>> Have you checked whether the assertion is encrypted in the response IS
>>> send back to travelocity app?
>>>
>>> And please provide the SSO Trace (save as a text file and attach in the
>>> mail) for the whole flow.
>>>
>>> Thanks,
>>> Darshana
>>>
>>> On Fri, Oct 2, 2015 at 2:53 PM, Nadeesha Meegoda 
>>> wrote:
>>>
 Hi.

 I have configured the setup to Login to the Identity Server Using
 Another Identity Server as per the details in [1] in Super tenant mode.
 With the happy scenario according to the documentation this works fine. But
 I have enabled some additional properties in IDP and SP used for IDP as
 following :

 *Properties enabled for Federated Authenticators* - SAML2 Web SSO
 Configuration

 1. Enabled Assertion Encryption
 2. Enable Assertion Signing
 3. Enable Authentication Response Signing

 *Properties enabled fo SP used for IDP *

 1. Enabled Assertion Encryption
 2. Enabled Response Signing

 *Properties enabled fo SP used for travelocity app*

 1. Enabled Assertion Encryption

>>> What is the Certificate Alias you used here ?
>> is that the public key in travelocity app ?
>>
>>> 2. Enabled Response Signing

 In the travelocity.properties file also I have enabled Assertion
 Encryption,Response signing and Assertion signing. I have already imported
 the Identity Provider Public Certificate to IDP

 When I'm signing in to travelocity.com I get Unable to decrypt the
 SAML Assertion error and error in [2] in tomcat.

 Note that only enabling "assertion signing" in IDP I was successfully
 able to login and no error was displayed. When I enabled the Assertion
 Encryption this error occurred. Why is this error occurred when I enable
 this property as mentioned above?

 Any help regarding this is highly appreciated!



 [1] -
 https://docs.wso2.com/pages/viewpage.action?title=Login%2Bto%2Bthe%2BIdentity%2BServer%2BUsing%2BAnother%2BIdentity%2BServer=IS510

 [2] - Oct 02, 2015 2:10:47 PM
 org.wso2.carbon.identity.sso.agent.SSOAgentFilter doFilter
 SEVERE: An error has occurred
 org.wso2.carbon.identity.sso.agent.exception.SSOAgentException: Unable
 to decrypt the SAML Assertion
 at
 org.wso2.carbon.identity.sso.agent.saml.SAML2SSOManager.processSSOResponse(SAML2SSOManager.java:254)
 at
 org.wso2.carbon.identity.sso.agent.saml.SAML2SSOManager.processResponse(SAML2SSOManager.java:198)
 at
 org.wso2.carbon.identity.sso.agent.SSOAgentFilter.doFilter(SSOAgentFilter.java:89)
 at
 org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
 at
 org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
 at
 org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:220)
 at
 org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:122)
 at
 org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:505)
 at
 org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:170)
 at
 org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:103)
 at
 org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:956)
 at
 

Re: [Dev] Creating topics and queues with spaces

[Yasassri Ratnayake]

Hi,

When it comes to MQTT we can have spaces in-between topic names, following
is extracted from MQTT specification.

*Topic semantic and usage*

1442 The following rules apply to Topic Names and Topic Filters:
1443 All Topic Names and Topic Filters MUST be at least one character long
[MQTT-4.7.3-1]
1444 Topic Names and Topic Filters are case sensitive
*1445 Topic Names and Topic Filters can include the space character*
1446 A leading or trailing ‘/’ creates a distinct Topic Name or Topic Filter
1447 A Topic Name or Topic Filter consisting only of the ‘/’ character is
valid

But I couldn't find a clear definition from the AMQP spec. IMO white space
is just another character hence we can have spaces in the middle of the
name but not as a prefix or a suffix.

With Regards,

On Fri, Oct 2, 2015 at 6:19 PM, Thilanka Bowala  wrote:

> Hi All,
>
> Current MB allows to create topics and queues with blank spaces in the
> middle of their names. Shouldn't this be restricted?
>
> Any comments would be highly appreciated.
>
> Thank you.
> --
> Thilanka Bowala
> Software Engineer Intern
> Mobile : +94 (0) 710 403098
> thila...@wso2.com
>
> ___
> Dev mailing list
> Dev@wso2.org
> http://wso2.org/cgi-bin/mailman/listinfo/dev
>
>


-- 
Yasassri Ratnayake
Software Engineer - QA
WSO2 Inc ; http://wso2.com
lean.enterprise.middleware
*Mobile : +94715933168*
*Blogs : http://yasassriratnayake.blogspot.com
*
*http://wso2logs.blogspot.com *
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] Pull request has not merged into the current development branch of APIM

[Prabath Abeysekera]

Hi Nuwan,

Can we get this merged into the 1.10.x branch soon?

Cheers,
Prabath

On Wed, Sep 30, 2015 at 7:30 PM, Nuwan Dias  wrote:

> Hi Harshan,
>
> I think this is due to the fact that the 1.10.x branch was branched out
> from the 1.9.x branches and not from master. The master branch was used for
> parallel development work related to API Manager 2.0.0.
>
> Thanks,
> NuwanD.
>
> On Wed, Sep 30, 2015 at 7:16 PM, Harshan Liyanage 
> wrote:
>
>> Hi Nuwan,
>>
>> I don't see the following component [1] in the master branch. It is the
>> refactored version of Authorization manager implementation. But as I've
>> mentioned earlier it is there in the release-1.4.0 branch. Could you please
>> verify it?
>>
>> [1].
>> https://github.com/wso2/carbon-apimgt/tree/release-1.4.0/components/apimgt/org.wso2.carbon.apimgt.impl/src/main/java/org/wso2/carbon/apimgt/impl/auth/manager
>> [2].
>> https://github.com/wso2/carbon-apimgt/tree/master/components/apimgt/org.wso2.carbon.apimgt.impl/src/main/java/org/wso2/carbon/apimgt/impl
>>
>> Thanks,
>>
>> Harshan Liyanage
>> Software Engineer
>> Mobile: *+94724423048*
>> Email: hars...@wso2.com
>> Blog : http://harshanliyanage.blogspot.com/
>> *WSO2, Inc. :** wso2.com *
>> lean.enterprise.middleware.
>>
>> On Wed, Sep 30, 2015 at 7:06 PM, Nuwan Dias  wrote:
>>
>>> Hi Harshan,
>>>
>>> The PR [1] has been sent to the master branch and it has been merged. I
>>> don't see any pending PRs related to this on the release_1.10.x branch.
>>>
>>> [1] - https://github.com/wso2/carbon-apimgt/pull/10
>>>
>>> Thanks,
>>> NuwanD.
>>>
>>> On Wed, Sep 30, 2015 at 6:28 PM, Harshan Liyanage 
>>> wrote:
>>>
 Hi,

 It seems like the following pull request [1] is not merged into the
 latest master branch & 1.10.x branches of carbon-apimgt repo. But it is
 available in release-1.4.0 branch [2]. Is there any specific reason to not
 to merge this into the latest branches?

 [1]. https://github.com/wso2/carbon-apimgt/pull/10
 [2].
 https://github.com/wso2/carbon-apimgt/tree/release-1.4.0/components/apimgt/org.wso2.carbon.apimgt.impl/src/main/java/org/wso2/carbon/apimgt/impl

 Thanks,

 Harshan Liyanage
 Software Engineer
 Mobile: *+94724423048*
 Email: hars...@wso2.com
 Blog : http://harshanliyanage.blogspot.com/
 *WSO2, Inc. :** wso2.com *
 lean.enterprise.middleware.

>>>
>>>
>>>
>>> --
>>> Nuwan Dias
>>>
>>> Technical Lead - WSO2, Inc. http://wso2.com
>>> email : nuw...@wso2.com
>>> Phone : +94 777 775 729
>>>
>>
>>
>
>
> --
> Nuwan Dias
>
> Technical Lead - WSO2, Inc. http://wso2.com
> email : nuw...@wso2.com
> Phone : +94 777 775 729
>



-- 
Prabath Abeysekara
Technical Lead
WSO2 Inc.
Email: praba...@wso2.com
Mobile: +94774171471
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] [DEV][MB][MQTT] How to handle permission denied to subscribe a topic due to tenancy

[Yasassri Ratnayake]

Hi Pumudu,

MQTT spec doesn't talk about a permission model, So IMO the closest error
we can propagate to the client is "0x05 Connection Refused, not authorized".


With Regards,

On Fri, Oct 2, 2015 at 6:17 PM, Pumudu Ruhunage  wrote:

> Hi All,
>
> If a tenant don't have permission to subscribe to a given topic (tenant '
> a.com' try to subscribe to tenant 'b.com') currently it will keep
> connected even though it's not subscribed, because user authentication was
> successful. This is misleading to subscriber as no return code sent and
> it's actively connected to broker.
> AFAIK mqtt don't define how to handle tenancy scenarios in it's spec.
> Couldn't find a definition in MQTT spec 3.1.0/3.1.1 on how to reject if
> permission denied to subscribe to a given topic(due to tenancy).
>
> One option to handle this scenario is to send return code 5 (Connection
> Refused, not authorized) to client if it doesn't have permission to
> subscribe to given topic. This way client will disconnect if it don't have
> permission to subscribe. Is this acceptable or are there any alternatives
> to handle this scenario?
>
> jira https://wso2.org/jira/browse/MB-1409
>
> Thanks,
> Pumudu
> --
> Pumudu Ruhunage
> Associate Software Engineer | WSO2 Inc
> M: +94 779 664493  | http://wso2.com
>
> ___
> Dev mailing list
> Dev@wso2.org
> http://wso2.org/cgi-bin/mailman/listinfo/dev
>
>


-- 
Yasassri Ratnayake
Software Engineer - QA
WSO2 Inc ; http://wso2.com
lean.enterprise.middleware
*Mobile : +94715933168*
*Blogs : http://yasassriratnayake.blogspot.com
*
*http://wso2logs.blogspot.com *
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

[Dev] [APIM] Issue when automating API subscription workflow

[Irham Iqbal]

Hi,

I am automating the API subscription workflow [1] under the topic "Engaging
WS Workflow Executor in the API Manager" 3rd point when I subscribe to an
API and invoke it before approve the subscription task APIM returns[2]
which is expected because subscription task is not approved yet.
But after approved the subscription task when i invoke the service it's
still returning the same. I think it's because of caching, because If I
invoke the service only after approve the subscription task it's working
fine, also if I restart the server it's working fine

[1]https://docs.wso2.com/display/AM190/Adding+an+API+Subscription+Workflow
[2]
900909
The subscription to the API is inactive

Access failure for API: /api4/1.0.0, version: 1.0.0 with key:
a355845c9fb415ae7d531231ecfc5d2



Thanks,
Iqbal
-- 
Irham Iqbal
Software Engineer - Test Automation
WSO2, Inc.: http://wso2.com
lean. enterprise. middleware
phone: +94 777888452
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] [Human Tasks] Listing Human Tasks Completed by a User

[Vinod Kavinda]

Hi Chamila,
Sorry I made a mistake, You can't do this in the same way as Claimable. Use
the SimpleQuery in  HumanTaskClientAPIAdmin. Use the sample given.

Thank You
Vinod

On Fri, Oct 2, 2015 at 12:22 PM, Vinod Kavinda  wrote:

> Hi Chamila,
> You can use SimpleQuery operatin in HumanTaskClientAPIAdmin service.
> Invoke this operation in the same way you used to claimable status with
> "COMPLETED" as the status.
>  You can find a sample code in [1] line no 64.
>
> [1] -
> https://github.com/wso2/carbon-business-process/blob/master/components/humantask/humantask-explorer-web/src/web/js/WSHTRequest.js#L64
>
> Regards,
> Vinod Kavinda
>
> On Fri, Oct 2, 2015 at 11:44 AM, Chamila Wijayarathna 
> wrote:
>
>> Hi all,
>>
>> In IS dashboard gadget for approving/disapproving human tasks, currently
>> we are only showing tasks which are in the types "ASSIGNED_TO_ME" and
>> "CLAIMABLE". In the below jira (IDENTITY-3680), it is requested the tasks
>> completed by a particular user need to be shown in dashboard as well. Is
>> there a way we can get a list of human tasks completed by the logged in
>> user?
>>
>> @Prabath, Johann, Pulasthi,
>> Since the main idea of the dashboard gadget is to
>> claim/approve/disapprove tasks, should we show 'completed' tasks at
>> dashboard?
>>
>> Thanks
>>
>>
>>
>> -- Forwarded message --
>> From: Aparna Karunarathna (JIRA) 
>> Date: Tue, Sep 29, 2015 at 6:59 PM
>> Subject: [Carbon-jira] [jira] (IDENTITY-3680) Completed task are not
>> getting listed
>> To: carbon-j...@wso2.org
>>
>>
>> Aparna Karunarathna
>> 
>> created [image: Bug] IDENTITY-3680
>> 
>> *Completed task are not getting listed*
>> 
>> *Issue Type:* [image: Bug] Bug *Affects Versions:* 5.1.0-Alpha
>> *Assignee:* Pulasthi Mahawithana
>> 
>> *Components:* workflows *Created:* 29/Sep/15 6:58 PM *Description:*
>>
>> Completed task are not getting listed
>>
>> Steps to reproduce
>> 1. Create a workflow to approve users and add some user
>> 2. Login to the dashboard and approve those users
>> 3. Completed tasks are not showing
>> *Environment:*
>>
>> Pack: Alpha
>> OS: Debian 8
>> Java: jdk1.7.0_79
>> Dep: Standalone
>> DB: Mysql 5.5.44
>> Browser: Firefox 40.0/ Chrome 44.0
>> *Project:* WSO2 Identity Server 
>> *Priority:* [image: Highest] Highest *Reporter:* Aparna Karunarathna
>>  This
>> message is automatically generated by JIRA.
>> If you think it was sent incorrectly, please contact your JIRA
>> administrators
>> For more information on JIRA, see: http://www.atlassian.com/software/jira
>>
>> ___
>> Carbon-jira mailing list
>> carbon-j...@wso2.org
>> https://wso2.org/cgi-bin/mailman/listinfo/carbon-jira
>>
>>
>>
>>
>> --
>> *Chamila Dilshan Wijayarathna,*
>> Software Engineer
>> Mobile:(+94)788193620
>> WSO2 Inc., http://wso2.com/
>>
>
>
>
> --
> Vinod Kavinda
> Software Engineer
> *WSO2 Inc. - lean . enterprise . middleware .*
> Mobile : +94 (0) 712 415544
> Blog : http://soatechflicks.blogspot.com/
>
>


-- 
Vinod Kavinda
Software Engineer
*WSO2 Inc. - lean . enterprise . middleware .*
Mobile : +94 (0) 712 415544
Blog : http://soatechflicks.blogspot.com/
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] Should mysql database scripts work with old mysql versions.

[Ruwan Abeykoon]

Hi Ishara,
>>In Identity server we started to persist session date with its updated
timestamp. And retrieve the latest data object related to
given session.
>>If it's only supported for seconds we get duplicate entries. In that case
we have to go for fractional seconds in timestamp
or will have to store it in another data type.

I think tying up with timestamp for any uniqueness is going to be
problematic even if we select the most granular time resolution provided by
the hardware.
For example lets say an IoT device sends more than one request in fraction
of nano second and this might be causing problems down the pipeline/in the
future.
So I would suggest a changing the dependency of using timestamp for any
uniqueness/ latest check by adding/appending a sequence number, if it is
the case.

Cheers,
Ruwan


On Fri, Oct 2, 2015 at 10:05 AM, Ishara Karunarathna 
wrote:

> Hi Shankar,
>
> On Thu, Oct 1, 2015 at 9:54 PM, Selvaratnam Uthaiyashankar <
> shan...@wso2.com> wrote:
>
>> Is this support (fraction of second) there in other RDBMS (Oracle, MSSQL,
>> etc?). If it is only Mysql 5.6.4 +, then we shouldn't use IMO. If this
>> support is there in all other RDBMS, then it should be ok.
>>
>> I checked with Oracle, MSSQL, PostgreSQL, Informix and DB2. All support
> for fraction of seconds.
>
> Thanks,
> Ishara
> [1]
> http://docs.oracle.com/cd/B19306_01/server.102/b14200/sql_elements001.htm#i54330
> [2] https://msdn.microsoft.com/en-us/library/ms187819.aspx
> [3] http://www.postgresql.org/docs/9.1/static/datatype-datetime.html
> [4]
> https://www-01.ibm.com/support/knowledgecenter/SSGU8G_12.1.0/com.ibm.sqlr.doc/ids_sqr_110.htm
> [5]
> https://www-304.ibm.com/support/knowledgecenter/SSEPEK_10.0.0/com.ibm.db2z10.doc.intro/src/tpc/db2z_datetimetimestamp.dita
>
>> On Thu, Oct 1, 2015 at 9:40 PM, Ishara Karunarathna 
>> wrote:
>>
>>> Hi Shankar,
>>>
>>> On Thu, Oct 1, 2015 at 7:45 PM, Selvaratnam Uthaiyashankar <
>>> shan...@wso2.com> wrote:
>>>
 Normally, we should keep the compatibility with older versions.

 Is there any specific reason why you need upto microsecond precision
 for the timestamp?

>>> by default mysql support for seconds.
>>> In Identity server we started to persist session date with its updated
>>> timestamp. And retrieve the latest data object related to
>>> given session.
>>> If it's only supported for seconds we get duplicate entries. In that
>>> case we have to go for fractional seconds in timestamp
>>> or will have to store it in another data type.
>>>
>>> Thanks,
>>> Ishara
>>>

 On Wed, Sep 30, 2015 at 10:35 PM, Ishara Karunarathna  wrote:

> Hi all,
>
> For example In mysql version 5.6.4 (released on February 5, 2013 )
> onwards [1] it support for
> fractional seconds for TIMESTAMP values, with up to microseconds (6
> digits)
>
> But if we write scripts to get that features it won't work with older
> versions.
> So can we write scripts to work only with mysql version 5.6.4 and
> latest or should we support for old versions ?.
>
> Thanks,
> Ishara
>
> [1]
> http://dev.mysql.com/doc/refman/5.6/en/mysql-nutshell.html#mysql-nutshell-additions
> --
> Ishara Karunarathna
> Senior Software Engineer
> WSO2 Inc. - lean . enterprise . middleware |  wso2.com
>
> email: isha...@wso2.com,   blog: isharaaruna.blogspot.com,   mobile:
> +94717996791
>



 --
 S.Uthaiyashankar
 VP Engineering
 WSO2 Inc.
 http://wso2.com/ - "lean . enterprise . middleware"

 Phone: +94 714897591

>>>
>>>
>>>
>>> --
>>> Ishara Karunarathna
>>> Senior Software Engineer
>>> WSO2 Inc. - lean . enterprise . middleware |  wso2.com
>>>
>>> email: isha...@wso2.com,   blog: isharaaruna.blogspot.com,   mobile:
>>> +94717996791
>>>
>>
>>
>>
>> --
>> S.Uthaiyashankar
>> VP Engineering
>> WSO2 Inc.
>> http://wso2.com/ - "lean . enterprise . middleware"
>>
>> Phone: +94 714897591
>>
>
>
>
> --
> Ishara Karunarathna
> Senior Software Engineer
> WSO2 Inc. - lean . enterprise . middleware |  wso2.com
>
> email: isha...@wso2.com,   blog: isharaaruna.blogspot.com,   mobile:
> +94717996791
>
> ___
> Dev mailing list
> Dev@wso2.org
> http://wso2.org/cgi-bin/mailman/listinfo/dev
>
>


-- 

*Ruwan Abeykoon*
*Architect,*
*WSO2, Inc. http://wso2.com  *
*lean.enterprise.middleware.*

email: ruw...@wso2.com
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] [Human Tasks] Listing Human Tasks Completed by a User

[Hasitha Aravinda]

Correct category is ASSIGNED_TO_ME and use status filter COMPLETED in
SimpleQuery.

Thanks,
Hasitha.

On Fri, Oct 2, 2015 at 12:41 PM, Vinod Kavinda  wrote:

> Hi Chamila,
> Sorry I made a mistake, You can't do this in the same way as Claimable.
> Use the SimpleQuery in  HumanTaskClientAPIAdmin. Use the sample given.
>
> Thank You
> Vinod
>
> On Fri, Oct 2, 2015 at 12:22 PM, Vinod Kavinda  wrote:
>
>> Hi Chamila,
>> You can use SimpleQuery operatin in HumanTaskClientAPIAdmin service.
>> Invoke this operation in the same way you used to claimable status with
>> "COMPLETED" as the status.
>>  You can find a sample code in [1] line no 64.
>>
>> [1] -
>> https://github.com/wso2/carbon-business-process/blob/master/components/humantask/humantask-explorer-web/src/web/js/WSHTRequest.js#L64
>>
>> Regards,
>> Vinod Kavinda
>>
>> On Fri, Oct 2, 2015 at 11:44 AM, Chamila Wijayarathna 
>> wrote:
>>
>>> Hi all,
>>>
>>> In IS dashboard gadget for approving/disapproving human tasks, currently
>>> we are only showing tasks which are in the types "ASSIGNED_TO_ME" and
>>> "CLAIMABLE". In the below jira (IDENTITY-3680), it is requested the tasks
>>> completed by a particular user need to be shown in dashboard as well. Is
>>> there a way we can get a list of human tasks completed by the logged in
>>> user?
>>>
>>> @Prabath, Johann, Pulasthi,
>>> Since the main idea of the dashboard gadget is to
>>> claim/approve/disapprove tasks, should we show 'completed' tasks at
>>> dashboard?
>>>
>>> Thanks
>>>
>>>
>>>
>>> -- Forwarded message --
>>> From: Aparna Karunarathna (JIRA) 
>>> Date: Tue, Sep 29, 2015 at 6:59 PM
>>> Subject: [Carbon-jira] [jira] (IDENTITY-3680) Completed task are not
>>> getting listed
>>> To: carbon-j...@wso2.org
>>>
>>>
>>> Aparna Karunarathna
>>> 
>>> created [image: Bug] IDENTITY-3680
>>> 
>>> *Completed task are not getting listed*
>>> 
>>> *Issue Type:* [image: Bug] Bug *Affects Versions:* 5.1.0-Alpha
>>> *Assignee:* Pulasthi Mahawithana
>>> 
>>> *Components:* workflows *Created:* 29/Sep/15 6:58 PM *Description:*
>>>
>>> Completed task are not getting listed
>>>
>>> Steps to reproduce
>>> 1. Create a workflow to approve users and add some user
>>> 2. Login to the dashboard and approve those users
>>> 3. Completed tasks are not showing
>>> *Environment:*
>>>
>>> Pack: Alpha
>>> OS: Debian 8
>>> Java: jdk1.7.0_79
>>> Dep: Standalone
>>> DB: Mysql 5.5.44
>>> Browser: Firefox 40.0/ Chrome 44.0
>>> *Project:* WSO2 Identity Server 
>>> *Priority:* [image: Highest] Highest *Reporter:* Aparna Karunarathna
>>>  This
>>> message is automatically generated by JIRA.
>>> If you think it was sent incorrectly, please contact your JIRA
>>> administrators
>>> For more information on JIRA, see:
>>> http://www.atlassian.com/software/jira
>>>
>>> ___
>>> Carbon-jira mailing list
>>> carbon-j...@wso2.org
>>> https://wso2.org/cgi-bin/mailman/listinfo/carbon-jira
>>>
>>>
>>>
>>>
>>> --
>>> *Chamila Dilshan Wijayarathna,*
>>> Software Engineer
>>> Mobile:(+94)788193620
>>> WSO2 Inc., http://wso2.com/
>>>
>>
>>
>>
>> --
>> Vinod Kavinda
>> Software Engineer
>> *WSO2 Inc. - lean . enterprise . middleware .*
>> Mobile : +94 (0) 712 415544
>> Blog : http://soatechflicks.blogspot.com/
>>
>>
>
>
> --
> Vinod Kavinda
> Software Engineer
> *WSO2 Inc. - lean . enterprise . middleware .*
> Mobile : +94 (0) 712 415544
> Blog : http://soatechflicks.blogspot.com/
>
>


-- 
--
Hasitha Aravinda,
Senior Software Engineer,
WSO2 Inc.
Email: hasi...@wso2.com
Mobile : +94 718 210 200
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] WSO2 Committers += Vijitha Ekanayake

[Isuru Ranawaka]

Congrats vijitha !!!

On Sat, Oct 3, 2015 at 8:43 AM, Kasun Indrasiri  wrote:

> Hi devs,
>
> Its my pleasure to welcome Vijitha Ekanayake as a WSO2 Committer.
> Vijitha, welcome aboard and keep up the good work!
>
> Thanks.
>
> --
> Kasun Indrasiri
> Software Architect
> WSO2, Inc.; http://wso2.com
> lean.enterprise.middleware
>
> cell: +94 77 556 5206
> Blog : http://kasunpanorama.blogspot.com/
>
> ___
> Dev mailing list
> Dev@wso2.org
> http://wso2.org/cgi-bin/mailman/listinfo/dev
>
>


-- 
Best Regards
Isuru Ranawaka
M: +94714629880
Blog : http://isurur.blogspot.com/
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

[Dev] [VOTE] Release WSO2 Governance Registry 5.0.1 RC 2

[Sameera Kannangara]

Hi Devs,

WSO2 Governance Registry 5.0.1 RC2 Release Vote.

This release fixes the following issues:
https://wso2.org/jira/issues/?filter=12422

Please download, test and vote. Please refer the release verification guide
for detailed information on verifying this release.

Source & binary distribution files:
https://svn.wso2.org/repos/wso2/scratch/G-Reg/5.0.1/

Maven staging repo:
http://maven.wso2.org/nexus/content/repositories/orgwso2greg-006/

The tag to be voted upon:
https://github.com/wso2/product-greg/releases/tag/v5.0.1-RC2


[+] Stable - go ahead and release
[-]  Broken - do not release (explain why)

Thanks and Regards
G-Reg team

-- 
*Sameera Kannangara*
Software Engineer
Platform TG; WSO2 Inc. http://wso2.com
Contact:
phone: +94719541577
Lean . Enterprise . Middleware
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] [DEV][MB][MQTT] How to handle permission denied to subscribe a topic due to tenancy

[Pamod Sylvester]

The CONNECT and SUBSCRIBE are two different command messages. The
subscription phase comes after the connection.

Also the other fact is a single connection could involve multiple topic
subscriptions. So lets say if a given tenant sends a list of topic
subscriptions there could be subscriptions which the tenant could be
authorised among that list. So closing/refusing the entire connection might
not be appropriate in this case.

- 0x05 (Connection Refused: not authorized) is sent as an acknowledgement
for CONNECT message (CONNACK).  i.e a given client has provided
unauthorised credentials etc.

During this phase the subscription will not occur, we only could validate
whether a given tenants credentials are correct or not.

- When the subscription happens based on my understanding of the spec it
has passed the CONNACK stage. The only way we could indicate an error
related to subscription is through SUBACK.

  # The MQTT 3.1 specification has a limitation where error codes cannot be
sent with SUBACK. Hence for 3.1 spec having subscription failed in silent
mode is expected behaviour.

You could find a similar discussion on [1]. Based on [1] what they've done
is hacked the client and the server to accept error codes for 3.1
specification. This will not be clean and will not interop with other
clients (even if we could hack the server to send error codes, the clients
which has implemented according to 3.1 specification will not accept the
error message).

Another option is to initiate a disconnection from the broker to avoid
stale connections. But then again as mentioned in the beginning if there're
list of subscriptions for a connection, even the authorised subscriptions
would not be able to consume.

  # The MQTT 3.1.1 specification there's an error code introduced 0x80 for
forbidden subscriptions. So that should be the way we should ideally use
for indication of an error IMHO. But it'll be available in 3.1.1.


[1] https://issues.jboss.org/browse/ENTMQ-990




On Sat, Oct 3, 2015 at 7:06 AM, Hasitha Hiranya  wrote:

> Hi,
>
> Yes, Connection Refused, not authorized is the best we can do.
>
> @Pamod, any batter alternative?
>
> Thanks!
>
> On Fri, Oct 2, 2015 at 10:55 PM, Yasassri Ratnayake 
> wrote:
>
>> Hi Pumudu,
>>
>> MQTT spec doesn't talk about a permission model, So IMO the closest error
>> we can propagate to the client is "0x05 Connection Refused, not authorized".
>>
>>
>> With Regards,
>>
>> On Fri, Oct 2, 2015 at 6:17 PM, Pumudu Ruhunage  wrote:
>>
>>> Hi All,
>>>
>>> If a tenant don't have permission to subscribe to a given topic (tenant '
>>> a.com' try to subscribe to tenant 'b.com') currently it will keep
>>> connected even though it's not subscribed, because user authentication was
>>> successful. This is misleading to subscriber as no return code sent and
>>> it's actively connected to broker.
>>> AFAIK mqtt don't define how to handle tenancy scenarios in it's spec.
>>> Couldn't find a definition in MQTT spec 3.1.0/3.1.1 on how to reject if
>>> permission denied to subscribe to a given topic(due to tenancy).
>>>
>>> One option to handle this scenario is to send return code 5 (Connection
>>> Refused, not authorized) to client if it doesn't have permission to
>>> subscribe to given topic. This way client will disconnect if it don't have
>>> permission to subscribe. Is this acceptable or are there any alternatives
>>> to handle this scenario?
>>>
>>> jira https://wso2.org/jira/browse/MB-1409
>>>
>>> Thanks,
>>> Pumudu
>>> --
>>> Pumudu Ruhunage
>>> Associate Software Engineer | WSO2 Inc
>>> M: +94 779 664493  | http://wso2.com
>>>
>>> ___
>>> Dev mailing list
>>> Dev@wso2.org
>>> http://wso2.org/cgi-bin/mailman/listinfo/dev
>>>
>>>
>>
>>
>> --
>> Yasassri Ratnayake
>> Software Engineer - QA
>> WSO2 Inc ; http://wso2.com
>> lean.enterprise.middleware
>> *Mobile : +94715933168 <%2B94715933168>*
>> *Blogs : http://yasassriratnayake.blogspot.com
>> *
>> *http://wso2logs.blogspot.com *
>>
>> ___
>> Dev mailing list
>> Dev@wso2.org
>> http://wso2.org/cgi-bin/mailman/listinfo/dev
>>
>>
>
>
> --
> *Hasitha Abeykoon*
> Senior Software Engineer; WSO2, Inc.; http://wso2.com
> *cell:* *+94 719363063*
> *blog: **abeykoon.blogspot.com* 
>
>


-- 
*Pamod Sylvester *

*WSO2 Inc.; http://wso2.com *
cell: +94 77 7779495
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] Creating topics and queues with spaces

[Jason De Silva]

Hi Thilanka,

While going through the AMQP spec [1] I too could not find much details
about it but found out the following under the topic " 3.1.3.3 The Topic
Exchange Type" it says, "The routing key used for a topic exchange MUST
consist of zero or more words delimited by dots. Each word may contain the
letters A-Z and a-z and digits 0-9".


[1] - https://www.rabbitmq.com/resources/specs/amqp0-9-1.pdf

Regards,


On Fri, Oct 2, 2015 at 10:41 PM, Yasassri Ratnayake 
wrote:

> Hi,
>
> When it comes to MQTT we can have spaces in-between topic names, following
> is extracted from MQTT specification.
>
> *Topic semantic and usage*
>
> 1442 The following rules apply to Topic Names and Topic Filters:
> 1443 All Topic Names and Topic Filters MUST be at least one character long
> [MQTT-4.7.3-1]
> 1444 Topic Names and Topic Filters are case sensitive
> *1445 Topic Names and Topic Filters can include the space character*
> 1446 A leading or trailing ‘/’ creates a distinct Topic Name or Topic
> Filter
> 1447 A Topic Name or Topic Filter consisting only of the ‘/’ character is
> valid
>
> But I couldn't find a clear definition from the AMQP spec. IMO white space
> is just another character hence we can have spaces in the middle of the
> name but not as a prefix or a suffix.
>
> With Regards,
>
> On Fri, Oct 2, 2015 at 6:19 PM, Thilanka Bowala  wrote:
>
>> Hi All,
>>
>> Current MB allows to create topics and queues with blank spaces in the
>> middle of their names. Shouldn't this be restricted?
>>
>> Any comments would be highly appreciated.
>>
>> Thank you.
>> --
>> Thilanka Bowala
>> Software Engineer Intern
>> Mobile : +94 (0) 710 403098
>> thila...@wso2.com
>>
>> ___
>> Dev mailing list
>> Dev@wso2.org
>> http://wso2.org/cgi-bin/mailman/listinfo/dev
>>
>>
>
>
> --
> Yasassri Ratnayake
> Software Engineer - QA
> WSO2 Inc ; http://wso2.com
> lean.enterprise.middleware
> *Mobile : +94715933168 <%2B94715933168>*
> *Blogs : http://yasassriratnayake.blogspot.com
> *
> *http://wso2logs.blogspot.com *
>
> ___
> Dev mailing list
> Dev@wso2.org
> http://wso2.org/cgi-bin/mailman/listinfo/dev
>
>


-- 
Jason De Silva
*Software Engineer - QA*
Mobile: +94 (0) 772 097 678
Email: jas...@wso2.com
WSO2 Inc. www.wso2.com
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] [DEV][MB][MQTT] How to handle permission denied to subscribe a topic due to tenancy

[Hasitha Hiranya]

Hi,

Yes, Connection Refused, not authorized is the best we can do.

@Pamod, any batter alternative?

Thanks!

On Fri, Oct 2, 2015 at 10:55 PM, Yasassri Ratnayake 
wrote:

> Hi Pumudu,
>
> MQTT spec doesn't talk about a permission model, So IMO the closest error
> we can propagate to the client is "0x05 Connection Refused, not authorized".
>
>
> With Regards,
>
> On Fri, Oct 2, 2015 at 6:17 PM, Pumudu Ruhunage  wrote:
>
>> Hi All,
>>
>> If a tenant don't have permission to subscribe to a given topic (tenant '
>> a.com' try to subscribe to tenant 'b.com') currently it will keep
>> connected even though it's not subscribed, because user authentication was
>> successful. This is misleading to subscriber as no return code sent and
>> it's actively connected to broker.
>> AFAIK mqtt don't define how to handle tenancy scenarios in it's spec.
>> Couldn't find a definition in MQTT spec 3.1.0/3.1.1 on how to reject if
>> permission denied to subscribe to a given topic(due to tenancy).
>>
>> One option to handle this scenario is to send return code 5 (Connection
>> Refused, not authorized) to client if it doesn't have permission to
>> subscribe to given topic. This way client will disconnect if it don't have
>> permission to subscribe. Is this acceptable or are there any alternatives
>> to handle this scenario?
>>
>> jira https://wso2.org/jira/browse/MB-1409
>>
>> Thanks,
>> Pumudu
>> --
>> Pumudu Ruhunage
>> Associate Software Engineer | WSO2 Inc
>> M: +94 779 664493  | http://wso2.com
>>
>> ___
>> Dev mailing list
>> Dev@wso2.org
>> http://wso2.org/cgi-bin/mailman/listinfo/dev
>>
>>
>
>
> --
> Yasassri Ratnayake
> Software Engineer - QA
> WSO2 Inc ; http://wso2.com
> lean.enterprise.middleware
> *Mobile : +94715933168*
> *Blogs : http://yasassriratnayake.blogspot.com
> *
> *http://wso2logs.blogspot.com *
>
> ___
> Dev mailing list
> Dev@wso2.org
> http://wso2.org/cgi-bin/mailman/listinfo/dev
>
>


-- 
*Hasitha Abeykoon*
Senior Software Engineer; WSO2, Inc.; http://wso2.com
*cell:* *+94 719363063*
*blog: **abeykoon.blogspot.com* 
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] Pull request has not merged into the current development branch of APIM

[Prabath Abeysekera]

Please use [1] in Harshan's initial mail merged into the previously
available master, which you guys seem to have missed replicating in the
current version of it.

Cheers,
Prabath

Cheers,
Prabath

On Saturday, October 3, 2015, Nuwan Dias  wrote:

>
>
> On Friday, 2 October 2015, Prabath Abeysekera  > wrote:
>
>> Hi Nuwan,
>>
>> Can we get this merged into the 1.10.x branch soon?
>>
>
> If there's a PR I can merge it
>
>>
>> Cheers,
>> Prabath
>>
>> On Wed, Sep 30, 2015 at 7:30 PM, Nuwan Dias  wrote:
>>
>>> Hi Harshan,
>>>
>>> I think this is due to the fact that the 1.10.x branch was branched out
>>> from the 1.9.x branches and not from master. The master branch was used for
>>> parallel development work related to API Manager 2.0.0.
>>>
>>> Thanks,
>>> NuwanD.
>>>
>>> On Wed, Sep 30, 2015 at 7:16 PM, Harshan Liyanage 
>>> wrote:
>>>
 Hi Nuwan,

 I don't see the following component [1] in the master branch. It is the
 refactored version of Authorization manager implementation. But as I've
 mentioned earlier it is there in the release-1.4.0 branch. Could you please
 verify it?

 [1].
 https://github.com/wso2/carbon-apimgt/tree/release-1.4.0/components/apimgt/org.wso2.carbon.apimgt.impl/src/main/java/org/wso2/carbon/apimgt/impl/auth/manager
 [2].
 https://github.com/wso2/carbon-apimgt/tree/master/components/apimgt/org.wso2.carbon.apimgt.impl/src/main/java/org/wso2/carbon/apimgt/impl

 Thanks,

 Harshan Liyanage
 Software Engineer
 Mobile: *+94724423048*
 Email: hars...@wso2.com
 Blog : http://harshanliyanage.blogspot.com/
 *WSO2, Inc. :** wso2.com *
 lean.enterprise.middleware.

 On Wed, Sep 30, 2015 at 7:06 PM, Nuwan Dias  wrote:

> Hi Harshan,
>
> The PR [1] has been sent to the master branch and it has been merged.
> I don't see any pending PRs related to this on the release_1.10.x branch.
>
> [1] - https://github.com/wso2/carbon-apimgt/pull/10
>
> Thanks,
> NuwanD.
>
> On Wed, Sep 30, 2015 at 6:28 PM, Harshan Liyanage 
> wrote:
>
>> Hi,
>>
>> It seems like the following pull request [1] is not merged into the
>> latest master branch & 1.10.x branches of carbon-apimgt repo. But it is
>> available in release-1.4.0 branch [2]. Is there any specific reason to 
>> not
>> to merge this into the latest branches?
>>
>> [1]. https://github.com/wso2/carbon-apimgt/pull/10
>> [2].
>> https://github.com/wso2/carbon-apimgt/tree/release-1.4.0/components/apimgt/org.wso2.carbon.apimgt.impl/src/main/java/org/wso2/carbon/apimgt/impl
>>
>> Thanks,
>>
>> Harshan Liyanage
>> Software Engineer
>> Mobile: *+94724423048*
>> Email: hars...@wso2.com
>> Blog : http://harshanliyanage.blogspot.com/
>> *WSO2, Inc. :** wso2.com *
>> lean.enterprise.middleware.
>>
>
>
>
> --
> Nuwan Dias
>
> Technical Lead - WSO2, Inc. http://wso2.com
> email : nuw...@wso2.com
> Phone : +94 777 775 729
>


>>>
>>>
>>> --
>>> Nuwan Dias
>>>
>>> Technical Lead - WSO2, Inc. http://wso2.com
>>> email : nuw...@wso2.com
>>> Phone : +94 777 775 729
>>>
>>
>>
>>
>> --
>> Prabath Abeysekara
>> Technical Lead
>> WSO2 Inc.
>> Email: praba...@wso2.com
>> Mobile: +94774171471
>>
>
>
> --
> Nuwan Dias
>
> Technical Lead - WSO2, Inc. http://wso2.com
> email : nuw...@wso2.com 
> Phone : +94 777 775 729
>
>

-- 
Prabath Abeysekara
Technical Lead
WSO2 Inc.
Email: praba...@wso2.com
Mobile: +94774171471
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

[Dev] WSO2 Committers += Vijitha Ekanayake

[Kasun Indrasiri]

Hi devs,

Its my pleasure to welcome Vijitha Ekanayake as a WSO2 Committer.
Vijitha, welcome aboard and keep up the good work!

Thanks.

-- 
Kasun Indrasiri
Software Architect
WSO2, Inc.; http://wso2.com
lean.enterprise.middleware

cell: +94 77 556 5206
Blog : http://kasunpanorama.blogspot.com/
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] Pull request has not merged into the current development branch of APIM

[Nuwan Dias]

On Friday, 2 October 2015, Prabath Abeysekera  wrote:

> Hi Nuwan,
>
> Can we get this merged into the 1.10.x branch soon?
>

If there's a PR I can merge it

>
> Cheers,
> Prabath
>
> On Wed, Sep 30, 2015 at 7:30 PM, Nuwan Dias  > wrote:
>
>> Hi Harshan,
>>
>> I think this is due to the fact that the 1.10.x branch was branched out
>> from the 1.9.x branches and not from master. The master branch was used for
>> parallel development work related to API Manager 2.0.0.
>>
>> Thanks,
>> NuwanD.
>>
>> On Wed, Sep 30, 2015 at 7:16 PM, Harshan Liyanage > > wrote:
>>
>>> Hi Nuwan,
>>>
>>> I don't see the following component [1] in the master branch. It is the
>>> refactored version of Authorization manager implementation. But as I've
>>> mentioned earlier it is there in the release-1.4.0 branch. Could you please
>>> verify it?
>>>
>>> [1].
>>> https://github.com/wso2/carbon-apimgt/tree/release-1.4.0/components/apimgt/org.wso2.carbon.apimgt.impl/src/main/java/org/wso2/carbon/apimgt/impl/auth/manager
>>> [2].
>>> https://github.com/wso2/carbon-apimgt/tree/master/components/apimgt/org.wso2.carbon.apimgt.impl/src/main/java/org/wso2/carbon/apimgt/impl
>>>
>>> Thanks,
>>>
>>> Harshan Liyanage
>>> Software Engineer
>>> Mobile: *+94724423048*
>>> Email: hars...@wso2.com
>>> 
>>> Blog : http://harshanliyanage.blogspot.com/
>>> *WSO2, Inc. :** wso2.com *
>>> lean.enterprise.middleware.
>>>
>>> On Wed, Sep 30, 2015 at 7:06 PM, Nuwan Dias >> > wrote:
>>>
 Hi Harshan,

 The PR [1] has been sent to the master branch and it has been merged. I
 don't see any pending PRs related to this on the release_1.10.x branch.

 [1] - https://github.com/wso2/carbon-apimgt/pull/10

 Thanks,
 NuwanD.

 On Wed, Sep 30, 2015 at 6:28 PM, Harshan Liyanage > wrote:

> Hi,
>
> It seems like the following pull request [1] is not merged into the
> latest master branch & 1.10.x branches of carbon-apimgt repo. But it is
> available in release-1.4.0 branch [2]. Is there any specific reason to not
> to merge this into the latest branches?
>
> [1]. https://github.com/wso2/carbon-apimgt/pull/10
> [2].
> https://github.com/wso2/carbon-apimgt/tree/release-1.4.0/components/apimgt/org.wso2.carbon.apimgt.impl/src/main/java/org/wso2/carbon/apimgt/impl
>
> Thanks,
>
> Harshan Liyanage
> Software Engineer
> Mobile: *+94724423048*
> Email: hars...@wso2.com
> 
> Blog : http://harshanliyanage.blogspot.com/
> *WSO2, Inc. :** wso2.com *
> lean.enterprise.middleware.
>



 --
 Nuwan Dias

 Technical Lead - WSO2, Inc. http://wso2.com
 email : nuw...@wso2.com
 
 Phone : +94 777 775 729

>>>
>>>
>>
>>
>> --
>> Nuwan Dias
>>
>> Technical Lead - WSO2, Inc. http://wso2.com
>> email : nuw...@wso2.com 
>> Phone : +94 777 775 729
>>
>
>
>
> --
> Prabath Abeysekara
> Technical Lead
> WSO2 Inc.
> Email: praba...@wso2.com
> 
> Mobile: +94774171471
>


-- 
Nuwan Dias

Technical Lead - WSO2, Inc. http://wso2.com
email : nuw...@wso2.com
Phone : +94 777 775 729
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev