Re: [Dev] [IS] Table "IDP_METADATA" not found

[Charitha Goonetilleke]

Hi Ayyoob & Chamila,

Thanks for details.

@NuwanD

Seems, carbon-apimgt release-1.10.x db creating script doesn't have that
table in their db creation script[1]. Since IoT-Server use apimgt db
creating script, we need to have that change in carbon-apimgt db creation
scripts[2].

[1]
https://github.com/wso2/carbon-apimgt/blob/release-1.10.x/features/apimgt/org.wso2.carbon.apimgt.core.feature/src/main/resources/sql/h2.sql
[2]
https://github.com/wso2/carbon-apimgt/tree/release-1.10.x/features/apimgt/org.wso2.carbon.apimgt.core.feature/src/main/resources/sql


On Wed, Oct 21, 2015 at 12:03 PM, Chamila Wijayarathna 
wrote:

> Hi Charitha,
>
> This missing table was introduced to carbon-identity in a commit merged
> within last  week. So my guess on your issue is, you may trying to start a
> newly build server while pointing it to a DB early. So can you drop
> existing DB, create a new DB and start your server with -Dsetup, and check
> if this issue still occurs?
>
> Thanks
>
> On Wed, Oct 21, 2015 at 11:51 AM, Charitha Goonetilleke <
> charit...@wso2.com> wrote:
>
>> Hi All,
>>
>> I'm using carbon-identity 4.6.0-SNAPSHOT for IoT-Server. In
>> my application-authentication.xml and identity.xml, I used WSO2AM_DB as
>> data source. But when H2 console doesn't showing any table named
>> IDP_METADATA under WSO2AM_DB.
>>
>> I'm getting following error on server startup and when try to login with
>> sso.
>>
>> org.wso2.carbon.idp.mgt.IdentityProviderManagementException: Error
>> occurred while retrieving registered Identity Provider Entity IDs for
>> tenant carbon.super
>> at
>> org.wso2.carbon.idp.mgt.dao.IdPManagementDAO.getIdPs(IdPManagementDAO.java:139)
>> at
>> org.wso2.carbon.idp.mgt.dao.CacheBackedIdPMgtDAO.getIdPs(CacheBackedIdPMgtDAO.java:73)
>> at
>> org.wso2.carbon.idp.mgt.IdentityProviderManager.getIdPs(IdentityProviderManager.java:675)
>> at
>> org.wso2.carbon.idp.mgt.internal.IdPManagementServiceComponent.cleanUpRemovedIdps(IdPManagementServiceComponent.java:221)
>> at
>> org.wso2.carbon.idp.mgt.internal.IdPManagementServiceComponent.activate(IdPManagementServiceComponent.java:147)
>> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
>> at
>> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
>> at
>> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
>> at java.lang.reflect.Method.invoke(Method.java:606)
>> at
>> org.eclipse.equinox.internal.ds.model.ServiceComponent.activate(ServiceComponent.java:260)
>> at
>> org.eclipse.equinox.internal.ds.model.ServiceComponentProp.activate(ServiceComponentProp.java:146)
>> at
>> org.eclipse.equinox.internal.ds.model.ServiceComponentProp.build(ServiceComponentProp.java:345)
>> at
>> org.eclipse.equinox.internal.ds.InstanceProcess.buildComponent(InstanceProcess.java:620)
>> at
>> org.eclipse.equinox.internal.ds.InstanceProcess.buildComponents(InstanceProcess.java:197)
>> at org.eclipse.equinox.internal.ds.Resolver.getEligible(Resolver.java:343)
>> at
>> org.eclipse.equinox.internal.ds.SCRManager.serviceChanged(SCRManager.java:222)
>> at
>> org.eclipse.osgi.internal.serviceregistry.FilteredServiceListener.serviceChanged(FilteredServiceListener.java:107)
>> at
>> org.eclipse.osgi.framework.internal.core.BundleContextImpl.dispatchEvent(BundleContextImpl.java:861)
>> at
>> org.eclipse.osgi.framework.eventmgr.EventManager.dispatchEvent(EventManager.java:230)
>> at
>> org.eclipse.osgi.framework.eventmgr.ListenerQueue.dispatchEventSynchronous(ListenerQueue.java:148)
>> at
>> org.eclipse.osgi.internal.serviceregistry.ServiceRegistry.publishServiceEventPrivileged(ServiceRegistry.java:819)
>> at
>> org.eclipse.osgi.internal.serviceregistry.ServiceRegistry.publishServiceEvent(ServiceRegistry.java:771)
>> at
>> org.eclipse.osgi.internal.serviceregistry.ServiceRegistrationImpl.register(ServiceRegistrationImpl.java:130)
>> at
>> org.eclipse.osgi.internal.serviceregistry.ServiceRegistry.registerService(ServiceRegistry.java:214)
>> at
>> org.eclipse.osgi.framework.internal.core.BundleContextImpl.registerService(BundleContextImpl.java:433)
>> at
>> org.eclipse.osgi.framework.internal.core.BundleContextImpl.registerService(BundleContextImpl.java:451)
>> at
>> org.wso2.carbon.identity.core.internal.IdentityCoreServiceComponent.activate(IdentityCoreServiceComponent.java:107)
>> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
>> at
>> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
>> at
>> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
>> at java.lang.reflect.Method.invoke(Method.java:606)
>> at
>> org.eclipse.equinox.internal.ds.model.ServiceComponent.activate(ServiceComponent.java:260)
>> at
>> org.eclipse.equinox.internal.ds.model.ServiceComponentProp.activate(ServiceComponentProp.java:146)
>> at
>> org.eclipse.equinox.internal.ds.model.ServiceComponentProp.build(ServiceComponentProp.java:345)
>> at
>> org.eclipse.equinox.inte

Re: [Dev] Releasing Carbon Commons 4.5.x Patch Version

[Rajith Vitharana]

Hi,

I guess we have to go with commons 4.4.x rather than 4.5.1, because I have
tried to build with commons 4.5.0 and it wasn't successful, throw below
error

Cannot complete the install because one or more required items could not be
found.
 Software being installed: WSO2 Tenant Common Composite Feature 4.4.3
(org.wso2.carbon.tenant.common.feature.group 4.4.3)
 Missing requirement: WSO2 Tenant Common Composite Feature 4.4.3
(org.wso2.carbon.tenant.common.feature.group 4.4.3) requires
'org.wso2.carbon.tenant.mgt.common.feature.group [4.4.4,4.5.0)' but it
could not be found
Application failed, log file location:
/home/rajith/Wso2/mavenRepo/repository/org/eclipse/tycho/tycho-p2-runtime/0.13.0/eclipse/configuration/1445409020170.log

seems carbon tenant common composite feature 4.4.3 (latest released version
) required a commons version below 4.5.0, So if we are going to go with
commons 4.5.1, we may have to get a release of carbon-multitenancy as well,
So shall we go ahead with commons 4.4.x?

Below are the new fixes that needs to be in 4.4.x

[1] -
https://github.com/wso2/carbon-commons/commit/3290aa0a9b41c6fc1804b6e383a1540e9e888a2a
This is a bug fix
[2] -
https://github.com/wso2/carbon-commons/commit/0b9f08299b13348d11cf0bc5d92da9c492c782f5
This is just indentation
[3] - https://github.com/wso2/carbon-commons/pull/172
This is a UI improvement done for jira [4]. It has only client side (UI)
fixes and only DSS uses them
[4] - https://wso2.org/jira/browse/DS-1034

Will we be able to get a commons 4.4.x out with those fixes?

Thanks,


On Wed, Oct 21, 2015 at 2:09 AM, Anjana Fernando  wrote:

> Hi Sameera / KasunG,
>
> We are doing RC releases for DAS and DSS today (21'st), and we have
> several fixes done for Carbon Commons, among them, a blocker [1] being
> fixed for DAS. Can we please get a patch release done for Carbon Commons
> today, since we have critical deadlines for these products, and their RCs
> must go out today, thus we need these fixes as well.
>
> [1] https://wso2.org/jira/browse/CCOMMONS-2
>
> Cheers,
> Anjana.
> --
> *Anjana Fernando*
> Senior Technical Lead
> WSO2 Inc. | http://wso2.com
> lean . enterprise . middleware
>



-- 
Rajith Vitharana

Software Engineer,
WSO2 Inc. : wso2.com
Mobile : +94715883223
Blog : http://lankavitharana.blogspot.com/
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

[Dev] Where is org.wso2.carbon.databridge.agent.thrift ?

[Kalpa Welivitigoda]

Hi all,

$subject please,

I updated carbon-commons version in carbon-dependency to 4.5.0 and it seems
org.wso2.carbon.databridge.agent.thrift is removed from carbon-commons from
4.5.0.

-- 
Best Regards,

Kalpa Welivitigoda
Software Engineer, WSO2 Inc. http://wso2.com
Email: kal...@wso2.com
Mobile: +94776509215
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] [IS] Table "IDP_METADATA" not found

[Chamila Wijayarathna]

Hi Charitha,

This missing table was introduced to carbon-identity in a commit merged
within last  week. So my guess on your issue is, you may trying to start a
newly build server while pointing it to a DB early. So can you drop
existing DB, create a new DB and start your server with -Dsetup, and check
if this issue still occurs?

Thanks

On Wed, Oct 21, 2015 at 11:51 AM, Charitha Goonetilleke 
wrote:

> Hi All,
>
> I'm using carbon-identity 4.6.0-SNAPSHOT for IoT-Server. In
> my application-authentication.xml and identity.xml, I used WSO2AM_DB as
> data source. But when H2 console doesn't showing any table named
> IDP_METADATA under WSO2AM_DB.
>
> I'm getting following error on server startup and when try to login with
> sso.
>
> org.wso2.carbon.idp.mgt.IdentityProviderManagementException: Error
> occurred while retrieving registered Identity Provider Entity IDs for
> tenant carbon.super
> at
> org.wso2.carbon.idp.mgt.dao.IdPManagementDAO.getIdPs(IdPManagementDAO.java:139)
> at
> org.wso2.carbon.idp.mgt.dao.CacheBackedIdPMgtDAO.getIdPs(CacheBackedIdPMgtDAO.java:73)
> at
> org.wso2.carbon.idp.mgt.IdentityProviderManager.getIdPs(IdentityProviderManager.java:675)
> at
> org.wso2.carbon.idp.mgt.internal.IdPManagementServiceComponent.cleanUpRemovedIdps(IdPManagementServiceComponent.java:221)
> at
> org.wso2.carbon.idp.mgt.internal.IdPManagementServiceComponent.activate(IdPManagementServiceComponent.java:147)
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> at
> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
> at
> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
> at java.lang.reflect.Method.invoke(Method.java:606)
> at
> org.eclipse.equinox.internal.ds.model.ServiceComponent.activate(ServiceComponent.java:260)
> at
> org.eclipse.equinox.internal.ds.model.ServiceComponentProp.activate(ServiceComponentProp.java:146)
> at
> org.eclipse.equinox.internal.ds.model.ServiceComponentProp.build(ServiceComponentProp.java:345)
> at
> org.eclipse.equinox.internal.ds.InstanceProcess.buildComponent(InstanceProcess.java:620)
> at
> org.eclipse.equinox.internal.ds.InstanceProcess.buildComponents(InstanceProcess.java:197)
> at org.eclipse.equinox.internal.ds.Resolver.getEligible(Resolver.java:343)
> at
> org.eclipse.equinox.internal.ds.SCRManager.serviceChanged(SCRManager.java:222)
> at
> org.eclipse.osgi.internal.serviceregistry.FilteredServiceListener.serviceChanged(FilteredServiceListener.java:107)
> at
> org.eclipse.osgi.framework.internal.core.BundleContextImpl.dispatchEvent(BundleContextImpl.java:861)
> at
> org.eclipse.osgi.framework.eventmgr.EventManager.dispatchEvent(EventManager.java:230)
> at
> org.eclipse.osgi.framework.eventmgr.ListenerQueue.dispatchEventSynchronous(ListenerQueue.java:148)
> at
> org.eclipse.osgi.internal.serviceregistry.ServiceRegistry.publishServiceEventPrivileged(ServiceRegistry.java:819)
> at
> org.eclipse.osgi.internal.serviceregistry.ServiceRegistry.publishServiceEvent(ServiceRegistry.java:771)
> at
> org.eclipse.osgi.internal.serviceregistry.ServiceRegistrationImpl.register(ServiceRegistrationImpl.java:130)
> at
> org.eclipse.osgi.internal.serviceregistry.ServiceRegistry.registerService(ServiceRegistry.java:214)
> at
> org.eclipse.osgi.framework.internal.core.BundleContextImpl.registerService(BundleContextImpl.java:433)
> at
> org.eclipse.osgi.framework.internal.core.BundleContextImpl.registerService(BundleContextImpl.java:451)
> at
> org.wso2.carbon.identity.core.internal.IdentityCoreServiceComponent.activate(IdentityCoreServiceComponent.java:107)
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> at
> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
> at
> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
> at java.lang.reflect.Method.invoke(Method.java:606)
> at
> org.eclipse.equinox.internal.ds.model.ServiceComponent.activate(ServiceComponent.java:260)
> at
> org.eclipse.equinox.internal.ds.model.ServiceComponentProp.activate(ServiceComponentProp.java:146)
> at
> org.eclipse.equinox.internal.ds.model.ServiceComponentProp.build(ServiceComponentProp.java:345)
> at
> org.eclipse.equinox.internal.ds.InstanceProcess.buildComponent(InstanceProcess.java:620)
> at
> org.eclipse.equinox.internal.ds.InstanceProcess.buildComponents(InstanceProcess.java:197)
> at org.eclipse.equinox.internal.ds.Resolver.getEligible(Resolver.java:343)
> at
> org.eclipse.equinox.internal.ds.SCRManager.serviceChanged(SCRManager.java:222)
> at
> org.eclipse.osgi.internal.serviceregistry.FilteredServiceListener.serviceChanged(FilteredServiceListener.java:107)
> at
> org.eclipse.osgi.framework.internal.core.BundleContextImpl.dispatchEvent(BundleContextImpl.java:861)
> at
> org.eclipse.osgi.framework.eventmgr.EventManager.dispatchEvent(EventManager.java:230)
> at
> org.eclipse.osgi.framework.eventmgr.ListenerQueue.dispatchEventSynchronous(ListenerQueue.java:

Re: [Dev] [IS] Table "IDP_METADATA" not found

[Ayyoob Hamza]

Hi Charitha,
You have to update APIMGT Schema with the latest IS schema changes.

[1]
https://github.com/wso2/carbon-apimgt/tree/release-1.10.x/features/apimgt/org.wso2.carbon.apimgt.core.feature/src/main/resources/sql
[2]
https://github.com/wso2/carbon-identity/blob/v5.0.0/features/identity-core/org.wso2.carbon.identity.core.server.feature/resources/dbscripts/h2.sql#L386

Thanks

*Ayyoob Hamza*
*Software Engineer*
WSO2 Inc.; http://wso2.com
email: ayy...@wso2.com cell: +94 77 1681010 <%2B94%2077%207779495>

On Wed, Oct 21, 2015 at 11:51 AM, Charitha Goonetilleke 
wrote:

> Hi All,
>
> I'm using carbon-identity 4.6.0-SNAPSHOT for IoT-Server. In
> my application-authentication.xml and identity.xml, I used WSO2AM_DB as
> data source. But when H2 console doesn't showing any table named
> IDP_METADATA under WSO2AM_DB.
>
> I'm getting following error on server startup and when try to login with
> sso.
>
> org.wso2.carbon.idp.mgt.IdentityProviderManagementException: Error
> occurred while retrieving registered Identity Provider Entity IDs for
> tenant carbon.super
> at
> org.wso2.carbon.idp.mgt.dao.IdPManagementDAO.getIdPs(IdPManagementDAO.java:139)
> at
> org.wso2.carbon.idp.mgt.dao.CacheBackedIdPMgtDAO.getIdPs(CacheBackedIdPMgtDAO.java:73)
> at
> org.wso2.carbon.idp.mgt.IdentityProviderManager.getIdPs(IdentityProviderManager.java:675)
> at
> org.wso2.carbon.idp.mgt.internal.IdPManagementServiceComponent.cleanUpRemovedIdps(IdPManagementServiceComponent.java:221)
> at
> org.wso2.carbon.idp.mgt.internal.IdPManagementServiceComponent.activate(IdPManagementServiceComponent.java:147)
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> at
> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
> at
> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
> at java.lang.reflect.Method.invoke(Method.java:606)
> at
> org.eclipse.equinox.internal.ds.model.ServiceComponent.activate(ServiceComponent.java:260)
> at
> org.eclipse.equinox.internal.ds.model.ServiceComponentProp.activate(ServiceComponentProp.java:146)
> at
> org.eclipse.equinox.internal.ds.model.ServiceComponentProp.build(ServiceComponentProp.java:345)
> at
> org.eclipse.equinox.internal.ds.InstanceProcess.buildComponent(InstanceProcess.java:620)
> at
> org.eclipse.equinox.internal.ds.InstanceProcess.buildComponents(InstanceProcess.java:197)
> at org.eclipse.equinox.internal.ds.Resolver.getEligible(Resolver.java:343)
> at
> org.eclipse.equinox.internal.ds.SCRManager.serviceChanged(SCRManager.java:222)
> at
> org.eclipse.osgi.internal.serviceregistry.FilteredServiceListener.serviceChanged(FilteredServiceListener.java:107)
> at
> org.eclipse.osgi.framework.internal.core.BundleContextImpl.dispatchEvent(BundleContextImpl.java:861)
> at
> org.eclipse.osgi.framework.eventmgr.EventManager.dispatchEvent(EventManager.java:230)
> at
> org.eclipse.osgi.framework.eventmgr.ListenerQueue.dispatchEventSynchronous(ListenerQueue.java:148)
> at
> org.eclipse.osgi.internal.serviceregistry.ServiceRegistry.publishServiceEventPrivileged(ServiceRegistry.java:819)
> at
> org.eclipse.osgi.internal.serviceregistry.ServiceRegistry.publishServiceEvent(ServiceRegistry.java:771)
> at
> org.eclipse.osgi.internal.serviceregistry.ServiceRegistrationImpl.register(ServiceRegistrationImpl.java:130)
> at
> org.eclipse.osgi.internal.serviceregistry.ServiceRegistry.registerService(ServiceRegistry.java:214)
> at
> org.eclipse.osgi.framework.internal.core.BundleContextImpl.registerService(BundleContextImpl.java:433)
> at
> org.eclipse.osgi.framework.internal.core.BundleContextImpl.registerService(BundleContextImpl.java:451)
> at
> org.wso2.carbon.identity.core.internal.IdentityCoreServiceComponent.activate(IdentityCoreServiceComponent.java:107)
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> at
> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
> at
> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
> at java.lang.reflect.Method.invoke(Method.java:606)
> at
> org.eclipse.equinox.internal.ds.model.ServiceComponent.activate(ServiceComponent.java:260)
> at
> org.eclipse.equinox.internal.ds.model.ServiceComponentProp.activate(ServiceComponentProp.java:146)
> at
> org.eclipse.equinox.internal.ds.model.ServiceComponentProp.build(ServiceComponentProp.java:345)
> at
> org.eclipse.equinox.internal.ds.InstanceProcess.buildComponent(InstanceProcess.java:620)
> at
> org.eclipse.equinox.internal.ds.InstanceProcess.buildComponents(InstanceProcess.java:197)
> at org.eclipse.equinox.internal.ds.Resolver.getEligible(Resolver.java:343)
> at
> org.eclipse.equinox.internal.ds.SCRManager.serviceChanged(SCRManager.java:222)
> at
> org.eclipse.osgi.internal.serviceregistry.FilteredServiceListener.serviceChanged(FilteredServiceListener.java:107)
> at
> org.eclipse.osgi.framework.internal.core.BundleContextImpl.dispatchEvent(BundleContextImpl.java:861)
> at
> org.eclipse.os

Re: [Dev] [APIM] [OSGI] Removal of dynamic imports causes CNF on extention points

[Shani Ranasinghe]

Thanks KasunG & Kishanthan for the inputs.

On Mon, Oct 19, 2015 at 10:49 AM, Kishanthan Thangarajah <
kishant...@wso2.com> wrote:

>
>
> On Fri, Oct 16, 2015 at 4:31 PM, Shani Ranasinghe  wrote:
>
>>
>> Hi,
>>
>> In APIM current code (1.10), we have removed the > >* from all packages at the moment.
>>
>> We faced an issue now, where an extension point would not work with this
>> change. i.e. if we put a external jar into the
>> /repository/components/lib folder, that class will not be picked
>> up by the component OSGI bundle because of the aforementioned reason.
>>
>> Discussing with KasunG, I learned that we cannot remove the 
>> DynamicImport-Package
>> statement, if the components use Class.forName() or 
>> .class.getClassLoader().loadClass();
>> because the OSGI bundle would not be able to identify the external class.
>>
>> As a possible solution, what we thought of is, to move the Class.forName()
>> to a central location, possibily to the org.wso2.carbon.apimgt.impl
>> package, and have the
>> * to that package. Then
>> all other packages that used to have the Class.forName() can be referred to
>> the method introduced in the org.wso2.carbon.apimgt.impl package.
>>
>> @KasunG, Kishanthan, is this the correct approach?
>>
>
> This will not work. DynamicImport-Package :   (or
> org.wso2.carbon.apimgt.impl) means, you do not know that this package will
> be available at runtime in advance so that bundle resolution process will
> not take this package into account when resolving the bundle import
> statements. It will only try to resolve this package when it is requested
> to be loaded.
>
> For packages (mostly if its extensions) we will not know the package name
> in advance too, and for situations like this we will have to use the "*"
> with dynamic import. We do not have any other ways to solve this when
> loading classes using Class.forName and we do not know the package names in
> advance.
>
>
>> Are there any other approaches that we could look into?
>> --
>> Thanks and Regards
>> *,Shani Ranasinghe*
>> Senior Software Engineer
>> WSO2 Inc.; http://wso2.com
>> lean.enterprise.middleware
>>
>> mobile: +94 77 2273555
>> Blog: http://waysandmeans.blogspot.com/
>> linked in: lk.linkedin.com/pub/shani-ranasinghe/34/111/ab
>>
>
>
>
> --
> *Kishanthan Thangarajah*
> Associate Technical Lead,
> Platform Technologies Team,
> WSO2, Inc.
> lean.enterprise.middleware
>
> Mobile - +94773426635
> Blog - *http://kishanthan.wordpress.com *
> Twitter - *http://twitter.com/kishanthan *
>



-- 
Thanks and Regards
*,Shani Ranasinghe*
Senior Software Engineer
WSO2 Inc.; http://wso2.com
lean.enterprise.middleware

mobile: +94 77 2273555
Blog: http://waysandmeans.blogspot.com/
linked in: lk.linkedin.com/pub/shani-ranasinghe/34/111/ab
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

[Dev] [IS] Table "IDP_METADATA" not found

[Charitha Goonetilleke]

Hi All,

I'm using carbon-identity 4.6.0-SNAPSHOT for IoT-Server. In
my application-authentication.xml and identity.xml, I used WSO2AM_DB as
data source. But when H2 console doesn't showing any table named
IDP_METADATA under WSO2AM_DB.

I'm getting following error on server startup and when try to login with
sso.

org.wso2.carbon.idp.mgt.IdentityProviderManagementException: Error occurred
while retrieving registered Identity Provider Entity IDs for tenant
carbon.super
at
org.wso2.carbon.idp.mgt.dao.IdPManagementDAO.getIdPs(IdPManagementDAO.java:139)
at
org.wso2.carbon.idp.mgt.dao.CacheBackedIdPMgtDAO.getIdPs(CacheBackedIdPMgtDAO.java:73)
at
org.wso2.carbon.idp.mgt.IdentityProviderManager.getIdPs(IdentityProviderManager.java:675)
at
org.wso2.carbon.idp.mgt.internal.IdPManagementServiceComponent.cleanUpRemovedIdps(IdPManagementServiceComponent.java:221)
at
org.wso2.carbon.idp.mgt.internal.IdPManagementServiceComponent.activate(IdPManagementServiceComponent.java:147)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:606)
at
org.eclipse.equinox.internal.ds.model.ServiceComponent.activate(ServiceComponent.java:260)
at
org.eclipse.equinox.internal.ds.model.ServiceComponentProp.activate(ServiceComponentProp.java:146)
at
org.eclipse.equinox.internal.ds.model.ServiceComponentProp.build(ServiceComponentProp.java:345)
at
org.eclipse.equinox.internal.ds.InstanceProcess.buildComponent(InstanceProcess.java:620)
at
org.eclipse.equinox.internal.ds.InstanceProcess.buildComponents(InstanceProcess.java:197)
at org.eclipse.equinox.internal.ds.Resolver.getEligible(Resolver.java:343)
at
org.eclipse.equinox.internal.ds.SCRManager.serviceChanged(SCRManager.java:222)
at
org.eclipse.osgi.internal.serviceregistry.FilteredServiceListener.serviceChanged(FilteredServiceListener.java:107)
at
org.eclipse.osgi.framework.internal.core.BundleContextImpl.dispatchEvent(BundleContextImpl.java:861)
at
org.eclipse.osgi.framework.eventmgr.EventManager.dispatchEvent(EventManager.java:230)
at
org.eclipse.osgi.framework.eventmgr.ListenerQueue.dispatchEventSynchronous(ListenerQueue.java:148)
at
org.eclipse.osgi.internal.serviceregistry.ServiceRegistry.publishServiceEventPrivileged(ServiceRegistry.java:819)
at
org.eclipse.osgi.internal.serviceregistry.ServiceRegistry.publishServiceEvent(ServiceRegistry.java:771)
at
org.eclipse.osgi.internal.serviceregistry.ServiceRegistrationImpl.register(ServiceRegistrationImpl.java:130)
at
org.eclipse.osgi.internal.serviceregistry.ServiceRegistry.registerService(ServiceRegistry.java:214)
at
org.eclipse.osgi.framework.internal.core.BundleContextImpl.registerService(BundleContextImpl.java:433)
at
org.eclipse.osgi.framework.internal.core.BundleContextImpl.registerService(BundleContextImpl.java:451)
at
org.wso2.carbon.identity.core.internal.IdentityCoreServiceComponent.activate(IdentityCoreServiceComponent.java:107)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:606)
at
org.eclipse.equinox.internal.ds.model.ServiceComponent.activate(ServiceComponent.java:260)
at
org.eclipse.equinox.internal.ds.model.ServiceComponentProp.activate(ServiceComponentProp.java:146)
at
org.eclipse.equinox.internal.ds.model.ServiceComponentProp.build(ServiceComponentProp.java:345)
at
org.eclipse.equinox.internal.ds.InstanceProcess.buildComponent(InstanceProcess.java:620)
at
org.eclipse.equinox.internal.ds.InstanceProcess.buildComponents(InstanceProcess.java:197)
at org.eclipse.equinox.internal.ds.Resolver.getEligible(Resolver.java:343)
at
org.eclipse.equinox.internal.ds.SCRManager.serviceChanged(SCRManager.java:222)
at
org.eclipse.osgi.internal.serviceregistry.FilteredServiceListener.serviceChanged(FilteredServiceListener.java:107)
at
org.eclipse.osgi.framework.internal.core.BundleContextImpl.dispatchEvent(BundleContextImpl.java:861)
at
org.eclipse.osgi.framework.eventmgr.EventManager.dispatchEvent(EventManager.java:230)
at
org.eclipse.osgi.framework.eventmgr.ListenerQueue.dispatchEventSynchronous(ListenerQueue.java:148)
at
org.eclipse.osgi.internal.serviceregistry.ServiceRegistry.publishServiceEventPrivileged(ServiceRegistry.java:819)
at
org.eclipse.osgi.internal.serviceregistry.ServiceRegistry.publishServiceEvent(ServiceRegistry.java:771)
at
org.eclipse.osgi.internal.serviceregistry.ServiceRegistrationImpl.register(ServiceRegistrationImpl.java:130)
at
org.eclipse.osgi.internal.serviceregistry.ServiceRegistry.registerService(ServiceRegistry.java:214)
at
org.eclipse.osgi.framework.internal.core.BundleContextImpl.registerService(BundleContextImpl.java:433)
at
org.eclipse.osgi.framework.inter

Re: [Dev] WSO2EMM 2.0.0 Milestone 7 Released

[Prabath Abeysekera]

Guys,

Please do report doc JIRAs (blockers) upon any missing pieces in the
product documentation. That will help us keep track of things properly and
fix them ASAP.

Cheers,
Prabath

On Wed, Oct 21, 2015 at 10:41 AM, Shavindri Dissanayake 
wrote:

> Hi Chamara and Sashika,
>
> We do have a guide to set up the database [1]. It has details on setting
> up H2 [2] and MySQL [3]. Please do let me know if any areas in this doc
> needs to updated accordingly.
>
> Thank you for the heads up!
>
> [1] https://docs.wso2.com/display/EMM200/Working+with+Databases
> [2] https://docs.wso2.com/display/EMM200/Setting+up+H2
> [3] https://docs.wso2.com/display/EMM200/Setting+up+MySQL
>
> Thanks & Regards
> Shavindri Dissanayake
> Technical Writer
>
> WSO2 Inc.
> lean.enterprise.middleware
>
> On Wed, Oct 21, 2015 at 10:18 AM, Chamara Ariyarathne 
> wrote:
>
>> Since there are several datasources to be configured, we need to have a
>> guide on setting up databases for the product documentation.
>>
>> On Wed, Oct 21, 2015 at 10:09 AM, Sashika Wijesinghe 
>> wrote:
>>
>>> Hi All,
>>>
>>> I observed FileNotFoundException when starting a fresh pack with mysql
>>> database [1] . Further there is a naming issue in WSO2AM_DS datasource,
>>> same jndi config name is used for WSO2AM_DB and WSO2AM_DS [2].
>>>
>>> I have reported JIRA for above issues.
>>>
>>> [1] https://wso2.org/jira/browse/EMM-822
>>> [2] https://wso2.org/jira/browse/EMM-823
>>>
>>> Regards,
>>> --
>>>
>>> *Sashika WijesingheSoftware Engineer - QA Team*
>>> Mobile : +94 (0) 774537487
>>> sash...@wso2.com
>>>
>>
>>
>>
>> --
>> *Chamara Ariyarathne*
>> Associate Technical Lead - QA
>> WSO2 Inc; http://www.wso2.com/
>> Mobile; *+94772786766 <%2B94772786766>*
>>
>
>


-- 
Prabath Abeysekara
Technical Lead
WSO2 Inc.
Email: praba...@wso2.com
Mobile: +94774171471
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] Upto 100MB Datasets

[Nirmal Fernando]

Hi Nifras,

No, no impact. It's the value we chose as the default. :-) Please increase
as needed by referring to the FAQ pointed by Jason.

On Wed, Oct 21, 2015 at 10:11 AM, NIFRAS ISMAIL 
wrote:

> ​Hi Jason,
> why? This limitation on 100MB . Does changes make any bad behaviour?​
>
> Regards.
> *M. Nifras Ismail*
> [image: LinkedIn] 
>
>
>
> On Wed, Oct 21, 2015 at 10:01 AM, Jason De Silva  wrote:
>
>> Hi Nifras,
>>
>> As per [1] you can configure it refer the section "Is there a file size
>> limit to my dataset?".
>>
>> [1] https://docs.wso2.com/display/ML100/FAQ
>>
>> Regards,
>>
>> On Wed, Oct 21, 2015 at 9:17 AM, NIFRAS ISMAIL 
>> wrote:
>>
>>> Hi Team ML,
>>> Can't we process upto 100MB dataset files. Unfortunately my dataset is
>>> 228MB
>>>
>>> Thank you
>>>
>>> Regards.
>>> *M. Nifras Ismail*
>>> [image: LinkedIn] 
>>>
>>>
>>>
>>> ___
>>> Dev mailing list
>>> Dev@wso2.org
>>> http://wso2.org/cgi-bin/mailman/listinfo/dev
>>>
>>>
>>
>>
>> --
>> Jason De Silva
>> *Software Engineer - QA*
>> Mobile: +94 (0) 772 097 678
>> Email: jas...@wso2.com
>> WSO2 Inc. www.wso2.com
>>
>
>
> ___
> Dev mailing list
> Dev@wso2.org
> http://wso2.org/cgi-bin/mailman/listinfo/dev
>
>


-- 

Thanks & regards,
Nirmal

Team Lead - WSO2 Machine Learner
Associate Technical Lead - Data Technologies Team, WSO2 Inc.
Mobile: +94715779733
Blog: http://nirmalfdo.blogspot.com/
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] [VOTE] Release WSO2 Private PaaS 4.1.0 RC2

[Gayan Gunarathne]

Hi All,

Please find the release candidate of the WSO2 PPaaS cartridges related to
the WSO2 Private PaaS 4.1.0.

https://svn.wso2.org/repos/wso2/scratch/PPAAS/wso2ppaas-cartridges-4.1.1/

Please use these set of Cartridges to test the WSO2 Private PaaS 4.1.0
release.

Thanks,
Gayan

On Wed, Oct 21, 2015 at 8:05 AM, Imesh Gunaratne  wrote:

> Hi Devs,
>
> This is the second release candidate of WSO2 Private PaaS 4.1.0.
>
> This release fixes the following issues:
> https://wso2.org/jira/issues/?filter=12467
>
> Please download, test and vote. The vote will be open for 72 hours or as
> needed.
>
> *​Source and binary distribution files:*
> https://svn.wso2.org/repos/wso2/scratch/PPAAS/wso2ppaas-4.1.0-rc2/
>
> *Maven staging repository:*
> http://maven.wso2.org/nexus/content/repositories/orgwso2ppaas-028/
>
> *The tag to be voted upon:*
> https://github.com/wso2/product-private-paas/tree/v4.1.0-rc2
>
>
> [ ] Broken - do not release (explain why)
> [ ] Stable - go ahead and release
>
>
> Thanks,
> The WSO2 Private PaaS Team
>
> --
> *Imesh Gunaratne*
> Senior Technical Lead
> WSO2 Inc: http://wso2.com
> T: +94 11 214 5345 M: +94 77 374 2057
> W: http://imesh.gunaratne.org
> Lean . Enterprise . Middleware
>
>
> ___
> Dev mailing list
> Dev@wso2.org
> http://wso2.org/cgi-bin/mailman/listinfo/dev
>
>


-- 

Gayan Gunarathne
Technical Lead, WSO2 Inc. (http://wso2.com)
Committer & PMC Member, Apache Stratos
email : gay...@wso2.com  | mobile : +94 775030545 <%2B94%20766819985>
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] WSO2EMM 2.0.0 Milestone 7 Released

[Shavindri Dissanayake]

Hi Chamara and Sashika,

We do have a guide to set up the database [1]. It has details on setting up
H2 [2] and MySQL [3]. Please do let me know if any areas in this doc needs
to updated accordingly.

Thank you for the heads up!

[1] https://docs.wso2.com/display/EMM200/Working+with+Databases
[2] https://docs.wso2.com/display/EMM200/Setting+up+H2
[3] https://docs.wso2.com/display/EMM200/Setting+up+MySQL

Thanks & Regards
Shavindri Dissanayake
Technical Writer

WSO2 Inc.
lean.enterprise.middleware

On Wed, Oct 21, 2015 at 10:18 AM, Chamara Ariyarathne 
wrote:

> Since there are several datasources to be configured, we need to have a
> guide on setting up databases for the product documentation.
>
> On Wed, Oct 21, 2015 at 10:09 AM, Sashika Wijesinghe 
> wrote:
>
>> Hi All,
>>
>> I observed FileNotFoundException when starting a fresh pack with mysql
>> database [1] . Further there is a naming issue in WSO2AM_DS datasource,
>> same jndi config name is used for WSO2AM_DB and WSO2AM_DS [2].
>>
>> I have reported JIRA for above issues.
>>
>> [1] https://wso2.org/jira/browse/EMM-822
>> [2] https://wso2.org/jira/browse/EMM-823
>>
>> Regards,
>> --
>>
>> *Sashika WijesingheSoftware Engineer - QA Team*
>> Mobile : +94 (0) 774537487
>> sash...@wso2.com
>>
>
>
>
> --
> *Chamara Ariyarathne*
> Associate Technical Lead - QA
> WSO2 Inc; http://www.wso2.com/
> Mobile; *+94772786766 <%2B94772786766>*
>
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] K-Means Clustering on ML

[NIFRAS ISMAIL]

Hi Nirmal,
Thanks for the guidance. Great :)

Regards.
*M. Nifras Ismail*
[image: LinkedIn] 



On Wed, Oct 21, 2015 at 10:39 AM, NIFRAS ISMAIL 
wrote:

> Absolutely, the *product_id *is the response variable. Get the point
> catch u after classify ASAP.
>
> Thank you
>
> Regards.
> *M. Nifras Ismail*
> [image: LinkedIn] 
>
>
>
> On Wed, Oct 21, 2015 at 10:35 AM, Fazlan Nazeem  wrote:
>
>> AFAIU your problem is a multi-class classification problem. Therefore any
>> algorithm which falls under that category can be used (decision tree, naive
>> bayes etc). You should appropriately chose the response variable(the
>> feature to be predicted) in the workflow. I hope in this case what you are
>> trying to predict is the "product_id". Therefore that should be the
>> response variable.
>>
>> On Wed, Oct 21, 2015 at 10:22 AM, NIFRAS ISMAIL 
>> wrote:
>>
>>> Hi Fazlan,
>>>
>>> I have reached that point [1] . I am confused about algorithms which I
>>> choose to find the patterns on the data.
>>>
>>> I clearly mention you about my problem. Could you please give me a
>>> solution of choosing algorithm.
>>>
>>> * I have data of shopping mall basket.
>>> ​​
>>> * Data Headers :
>>> time_id,unit_sales,customer_id,birthdate,marital_status,yearly_income,gender,total_children,num_children_at_home,education,member_card,occupation,houseowner,num_cars_owned,product_id
>>>
>>> * From this data i need to predict which item will be buy by the user in
>>> next visit?
>>>  *{coffee,sugar} => {milk}*
>>> Which algorithm I need to choose?
>>>
>>>
>>>
>>> [1] https://docs.wso2.com/display/ML100/Exploring+Data
>>> 
>>>
>>> Regards.
>>> *M. Nifras Ismail*
>>> [image: LinkedIn] 
>>>
>>>
>>>
>>> On Wed, Oct 21, 2015 at 10:10 AM, Fazlan Nazeem 
>>> wrote:
>>>
 K-means algorithm is applied to cluster the data you already have into
 identifiable clusters. It is applied to better understand the data you
 already have.

 in the general K-means algorithm we are not going to predict clusters
 for new data points. Therefore the predict option is not available for
 kmeans models. The view option will be available in the next release so
 that you can view the cluster diagram of it. As a workaround you can view
 the cluster diagram of your data set through the data exploration view(This
 also uses K-means). Please refer to the "cluster diagram" section of the
 the documentation[1] link.

 [1] https://docs.wso2.com/display/ML100/Exploring+Data
 

 On Wed, Oct 21, 2015 at 9:09 AM, NIFRAS ISMAIL 
 wrote:

> Hi Team ML,
> I have did K-Means clustering on wso2ML but unfortunately I could not
> find the Predict tab.
>
> I am using a shopping mall data set. I need to find the users buying
> patterns. Therefore, I cluster the user buying products from different
> models by K-Means Clustering .
>
> I have successfully created the model and i could not find the
> predict. How am i predict using wso2 ML UI.
>
> I'm following this documentation
> 
>
>
> ​
>
> Regards.
> *M. Nifras Ismail*
> [image: LinkedIn]
> 
>
>
>
> ___
> Dev mailing list
> Dev@wso2.org
> http://wso2.org/cgi-bin/mailman/listinfo/dev
>
>


 --
 Thanks & Regards,

 Fazlan Nazeem

 *Software Engineer*

 *WSO2 Inc*
 Mobile : +94772338839
 <%2B94%20%280%29%20773%20451194>
 fazl...@wso2.com

>>>
>>>
>>
>>
>> --
>> Thanks & Regards,
>>
>> Fazlan Nazeem
>>
>> *Software Engineer*
>>
>> *WSO2 Inc*
>> Mobile : +94772338839
>> <%2B94%20%280%29%20773%20451194>
>> fazl...@wso2.com
>>
>
>
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] K-Means Clustering on ML

[Nirmal Fernando]

Hi Nifras,

On Wed, Oct 21, 2015 at 10:22 AM, NIFRAS ISMAIL 
wrote:

> Hi Fazlan,
>
> I have reached that point [1] . I am confused about algorithms which I
> choose to find the patterns on the data.
>
> I clearly mention you about my problem. Could you please give me a
> solution of choosing algorithm.
>

Please follow
https://docs.wso2.com/display/ML100/How+to+Select+an+Algorithm+in+WSO2+ML
and select the best algorithm for your scenario.

>
> * I have data of shopping mall basket.
> ​​
> * Data Headers :
> time_id,unit_sales,customer_id,birthdate,marital_status,yearly_income,gender,total_children,num_children_at_home,education,member_card,occupation,houseowner,num_cars_owned,product_id
>
> * From this data i need to predict which item will be buy by the user in
> next visit?
>  *{coffee,sugar} => {milk}*
> Which algorithm I need to choose?
>
>
>
> [1] https://docs.wso2.com/display/ML100/Exploring+Data
> 
>
> Regards.
> *M. Nifras Ismail*
> [image: LinkedIn] 
>
>
>
> On Wed, Oct 21, 2015 at 10:10 AM, Fazlan Nazeem  wrote:
>
>> K-means algorithm is applied to cluster the data you already have into
>> identifiable clusters. It is applied to better understand the data you
>> already have.
>>
>> in the general K-means algorithm we are not going to predict clusters for
>> new data points. Therefore the predict option is not available for kmeans
>> models. The view option will be available in the next release so that you
>> can view the cluster diagram of it. As a workaround you can view the
>> cluster diagram of your data set through the data exploration view(This
>> also uses K-means). Please refer to the "cluster diagram" section of the
>> the documentation[1] link.
>>
>> [1] https://docs.wso2.com/display/ML100/Exploring+Data
>> 
>>
>> On Wed, Oct 21, 2015 at 9:09 AM, NIFRAS ISMAIL 
>> wrote:
>>
>>> Hi Team ML,
>>> I have did K-Means clustering on wso2ML but unfortunately I could not
>>> find the Predict tab.
>>>
>>> I am using a shopping mall data set. I need to find the users buying
>>> patterns. Therefore, I cluster the user buying products from different
>>> models by K-Means Clustering .
>>>
>>> I have successfully created the model and i could not find the predict.
>>> How am i predict using wso2 ML UI.
>>>
>>> I'm following this documentation
>>> 
>>>
>>>
>>> ​
>>>
>>> Regards.
>>> *M. Nifras Ismail*
>>> [image: LinkedIn] 
>>>
>>>
>>>
>>> ___
>>> Dev mailing list
>>> Dev@wso2.org
>>> http://wso2.org/cgi-bin/mailman/listinfo/dev
>>>
>>>
>>
>>
>> --
>> Thanks & Regards,
>>
>> Fazlan Nazeem
>>
>> *Software Engineer*
>>
>> *WSO2 Inc*
>> Mobile : +94772338839
>> <%2B94%20%280%29%20773%20451194>
>> fazl...@wso2.com
>>
>
>
> ___
> Dev mailing list
> Dev@wso2.org
> http://wso2.org/cgi-bin/mailman/listinfo/dev
>
>


-- 

Thanks & regards,
Nirmal

Team Lead - WSO2 Machine Learner
Associate Technical Lead - Data Technologies Team, WSO2 Inc.
Mobile: +94715779733
Blog: http://nirmalfdo.blogspot.com/
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] K-Means Clustering on ML

[NIFRAS ISMAIL]

Absolutely, the *product_id *is the response variable. Get the point catch
u after classify ASAP.

Thank you

Regards.
*M. Nifras Ismail*
[image: LinkedIn] 



On Wed, Oct 21, 2015 at 10:35 AM, Fazlan Nazeem  wrote:

> AFAIU your problem is a multi-class classification problem. Therefore any
> algorithm which falls under that category can be used (decision tree, naive
> bayes etc). You should appropriately chose the response variable(the
> feature to be predicted) in the workflow. I hope in this case what you are
> trying to predict is the "product_id". Therefore that should be the
> response variable.
>
> On Wed, Oct 21, 2015 at 10:22 AM, NIFRAS ISMAIL 
> wrote:
>
>> Hi Fazlan,
>>
>> I have reached that point [1] . I am confused about algorithms which I
>> choose to find the patterns on the data.
>>
>> I clearly mention you about my problem. Could you please give me a
>> solution of choosing algorithm.
>>
>> * I have data of shopping mall basket.
>> ​​
>> * Data Headers :
>> time_id,unit_sales,customer_id,birthdate,marital_status,yearly_income,gender,total_children,num_children_at_home,education,member_card,occupation,houseowner,num_cars_owned,product_id
>>
>> * From this data i need to predict which item will be buy by the user in
>> next visit?
>>  *{coffee,sugar} => {milk}*
>> Which algorithm I need to choose?
>>
>>
>>
>> [1] https://docs.wso2.com/display/ML100/Exploring+Data
>> 
>>
>> Regards.
>> *M. Nifras Ismail*
>> [image: LinkedIn] 
>>
>>
>>
>> On Wed, Oct 21, 2015 at 10:10 AM, Fazlan Nazeem  wrote:
>>
>>> K-means algorithm is applied to cluster the data you already have into
>>> identifiable clusters. It is applied to better understand the data you
>>> already have.
>>>
>>> in the general K-means algorithm we are not going to predict clusters
>>> for new data points. Therefore the predict option is not available for
>>> kmeans models. The view option will be available in the next release so
>>> that you can view the cluster diagram of it. As a workaround you can view
>>> the cluster diagram of your data set through the data exploration view(This
>>> also uses K-means). Please refer to the "cluster diagram" section of the
>>> the documentation[1] link.
>>>
>>> [1] https://docs.wso2.com/display/ML100/Exploring+Data
>>> 
>>>
>>> On Wed, Oct 21, 2015 at 9:09 AM, NIFRAS ISMAIL 
>>> wrote:
>>>
 Hi Team ML,
 I have did K-Means clustering on wso2ML but unfortunately I could not
 find the Predict tab.

 I am using a shopping mall data set. I need to find the users buying
 patterns. Therefore, I cluster the user buying products from different
 models by K-Means Clustering .

 I have successfully created the model and i could not find the predict.
 How am i predict using wso2 ML UI.

 I'm following this documentation
 


 ​

 Regards.
 *M. Nifras Ismail*
 [image: LinkedIn] 



 ___
 Dev mailing list
 Dev@wso2.org
 http://wso2.org/cgi-bin/mailman/listinfo/dev


>>>
>>>
>>> --
>>> Thanks & Regards,
>>>
>>> Fazlan Nazeem
>>>
>>> *Software Engineer*
>>>
>>> *WSO2 Inc*
>>> Mobile : +94772338839
>>> <%2B94%20%280%29%20773%20451194>
>>> fazl...@wso2.com
>>>
>>
>>
>
>
> --
> Thanks & Regards,
>
> Fazlan Nazeem
>
> *Software Engineer*
>
> *WSO2 Inc*
> Mobile : +94772338839
> <%2B94%20%280%29%20773%20451194>
> fazl...@wso2.com
>
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] K-Means Clustering on ML

[Fazlan Nazeem]

AFAIU your problem is a multi-class classification problem. Therefore any
algorithm which falls under that category can be used (decision tree, naive
bayes etc). You should appropriately chose the response variable(the
feature to be predicted) in the workflow. I hope in this case what you are
trying to predict is the "product_id". Therefore that should be the
response variable.

On Wed, Oct 21, 2015 at 10:22 AM, NIFRAS ISMAIL 
wrote:

> Hi Fazlan,
>
> I have reached that point [1] . I am confused about algorithms which I
> choose to find the patterns on the data.
>
> I clearly mention you about my problem. Could you please give me a
> solution of choosing algorithm.
>
> * I have data of shopping mall basket.
> ​​
> * Data Headers :
> time_id,unit_sales,customer_id,birthdate,marital_status,yearly_income,gender,total_children,num_children_at_home,education,member_card,occupation,houseowner,num_cars_owned,product_id
>
> * From this data i need to predict which item will be buy by the user in
> next visit?
>  *{coffee,sugar} => {milk}*
> Which algorithm I need to choose?
>
>
>
> [1] https://docs.wso2.com/display/ML100/Exploring+Data
> 
>
> Regards.
> *M. Nifras Ismail*
> [image: LinkedIn] 
>
>
>
> On Wed, Oct 21, 2015 at 10:10 AM, Fazlan Nazeem  wrote:
>
>> K-means algorithm is applied to cluster the data you already have into
>> identifiable clusters. It is applied to better understand the data you
>> already have.
>>
>> in the general K-means algorithm we are not going to predict clusters for
>> new data points. Therefore the predict option is not available for kmeans
>> models. The view option will be available in the next release so that you
>> can view the cluster diagram of it. As a workaround you can view the
>> cluster diagram of your data set through the data exploration view(This
>> also uses K-means). Please refer to the "cluster diagram" section of the
>> the documentation[1] link.
>>
>> [1] https://docs.wso2.com/display/ML100/Exploring+Data
>> 
>>
>> On Wed, Oct 21, 2015 at 9:09 AM, NIFRAS ISMAIL 
>> wrote:
>>
>>> Hi Team ML,
>>> I have did K-Means clustering on wso2ML but unfortunately I could not
>>> find the Predict tab.
>>>
>>> I am using a shopping mall data set. I need to find the users buying
>>> patterns. Therefore, I cluster the user buying products from different
>>> models by K-Means Clustering .
>>>
>>> I have successfully created the model and i could not find the predict.
>>> How am i predict using wso2 ML UI.
>>>
>>> I'm following this documentation
>>> 
>>>
>>>
>>> ​
>>>
>>> Regards.
>>> *M. Nifras Ismail*
>>> [image: LinkedIn] 
>>>
>>>
>>>
>>> ___
>>> Dev mailing list
>>> Dev@wso2.org
>>> http://wso2.org/cgi-bin/mailman/listinfo/dev
>>>
>>>
>>
>>
>> --
>> Thanks & Regards,
>>
>> Fazlan Nazeem
>>
>> *Software Engineer*
>>
>> *WSO2 Inc*
>> Mobile : +94772338839
>> <%2B94%20%280%29%20773%20451194>
>> fazl...@wso2.com
>>
>
>


-- 
Thanks & Regards,

Fazlan Nazeem

*Software Engineer*

*WSO2 Inc*
Mobile : +94772338839
<%2B94%20%280%29%20773%20451194>
fazl...@wso2.com
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] K-Means Clustering on ML

[NIFRAS ISMAIL]

Hi Fazlan,

I have reached that point [1] . I am confused about algorithms which I
choose to find the patterns on the data.

I clearly mention you about my problem. Could you please give me a solution
of choosing algorithm.

* I have data of shopping mall basket.
​​
* Data Headers :
time_id,unit_sales,customer_id,birthdate,marital_status,yearly_income,gender,total_children,num_children_at_home,education,member_card,occupation,houseowner,num_cars_owned,product_id

* From this data i need to predict which item will be buy by the user in
next visit?
 *{coffee,sugar} => {milk}*
Which algorithm I need to choose?



[1] https://docs.wso2.com/display/ML100/Exploring+Data


Regards.
*M. Nifras Ismail*
[image: LinkedIn] 



On Wed, Oct 21, 2015 at 10:10 AM, Fazlan Nazeem  wrote:

> K-means algorithm is applied to cluster the data you already have into
> identifiable clusters. It is applied to better understand the data you
> already have.
>
> in the general K-means algorithm we are not going to predict clusters for
> new data points. Therefore the predict option is not available for kmeans
> models. The view option will be available in the next release so that you
> can view the cluster diagram of it. As a workaround you can view the
> cluster diagram of your data set through the data exploration view(This
> also uses K-means). Please refer to the "cluster diagram" section of the
> the documentation[1] link.
>
> [1] https://docs.wso2.com/display/ML100/Exploring+Data
> 
>
> On Wed, Oct 21, 2015 at 9:09 AM, NIFRAS ISMAIL 
> wrote:
>
>> Hi Team ML,
>> I have did K-Means clustering on wso2ML but unfortunately I could not
>> find the Predict tab.
>>
>> I am using a shopping mall data set. I need to find the users buying
>> patterns. Therefore, I cluster the user buying products from different
>> models by K-Means Clustering .
>>
>> I have successfully created the model and i could not find the predict.
>> How am i predict using wso2 ML UI.
>>
>> I'm following this documentation
>> 
>>
>>
>> ​
>>
>> Regards.
>> *M. Nifras Ismail*
>> [image: LinkedIn] 
>>
>>
>>
>> ___
>> Dev mailing list
>> Dev@wso2.org
>> http://wso2.org/cgi-bin/mailman/listinfo/dev
>>
>>
>
>
> --
> Thanks & Regards,
>
> Fazlan Nazeem
>
> *Software Engineer*
>
> *WSO2 Inc*
> Mobile : +94772338839
> <%2B94%20%280%29%20773%20451194>
> fazl...@wso2.com
>
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] WSO2EMM 2.0.0 Milestone 7 Released

[Chamara Ariyarathne]

Since there are several datasources to be configured, we need to have a
guide on setting up databases for the product documentation.

On Wed, Oct 21, 2015 at 10:09 AM, Sashika Wijesinghe 
wrote:

> Hi All,
>
> I observed FileNotFoundException when starting a fresh pack with mysql
> database [1] . Further there is a naming issue in WSO2AM_DS datasource,
> same jndi config name is used for WSO2AM_DB and WSO2AM_DS [2].
>
> I have reported JIRA for above issues.
>
> [1] https://wso2.org/jira/browse/EMM-822
> [2] https://wso2.org/jira/browse/EMM-823
>
> Regards,
> --
>
> *Sashika WijesingheSoftware Engineer - QA Team*
> Mobile : +94 (0) 774537487
> sash...@wso2.com
>



-- 
*Chamara Ariyarathne*
Associate Technical Lead - QA
WSO2 Inc; http://www.wso2.com/
Mobile; *+94772786766 <%2B94772786766>*
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] Upto 100MB Datasets

[NIFRAS ISMAIL]

​Hi Jason,
why? This limitation on 100MB . Does changes make any bad behaviour?​

Regards.
*M. Nifras Ismail*
[image: LinkedIn] 



On Wed, Oct 21, 2015 at 10:01 AM, Jason De Silva  wrote:

> Hi Nifras,
>
> As per [1] you can configure it refer the section "Is there a file size
> limit to my dataset?".
>
> [1] https://docs.wso2.com/display/ML100/FAQ
>
> Regards,
>
> On Wed, Oct 21, 2015 at 9:17 AM, NIFRAS ISMAIL 
> wrote:
>
>> Hi Team ML,
>> Can't we process upto 100MB dataset files. Unfortunately my dataset is
>> 228MB
>>
>> Thank you
>>
>> Regards.
>> *M. Nifras Ismail*
>> [image: LinkedIn] 
>>
>>
>>
>> ___
>> Dev mailing list
>> Dev@wso2.org
>> http://wso2.org/cgi-bin/mailman/listinfo/dev
>>
>>
>
>
> --
> Jason De Silva
> *Software Engineer - QA*
> Mobile: +94 (0) 772 097 678
> Email: jas...@wso2.com
> WSO2 Inc. www.wso2.com
>
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] K-Means Clustering on ML

[Fazlan Nazeem]

K-means algorithm is applied to cluster the data you already have into
identifiable clusters. It is applied to better understand the data you
already have.

in the general K-means algorithm we are not going to predict clusters for
new data points. Therefore the predict option is not available for kmeans
models. The view option will be available in the next release so that you
can view the cluster diagram of it. As a workaround you can view the
cluster diagram of your data set through the data exploration view(This
also uses K-means). Please refer to the "cluster diagram" section of the
the documentation[1] link.

[1] https://docs.wso2.com/display/ML100/Exploring+Data


On Wed, Oct 21, 2015 at 9:09 AM, NIFRAS ISMAIL 
wrote:

> Hi Team ML,
> I have did K-Means clustering on wso2ML but unfortunately I could not find
> the Predict tab.
>
> I am using a shopping mall data set. I need to find the users buying
> patterns. Therefore, I cluster the user buying products from different
> models by K-Means Clustering .
>
> I have successfully created the model and i could not find the predict.
> How am i predict using wso2 ML UI.
>
> I'm following this documentation
> 
>
>
> ​
>
> Regards.
> *M. Nifras Ismail*
> [image: LinkedIn] 
>
>
>
> ___
> Dev mailing list
> Dev@wso2.org
> http://wso2.org/cgi-bin/mailman/listinfo/dev
>
>


-- 
Thanks & Regards,

Fazlan Nazeem

*Software Engineer*

*WSO2 Inc*
Mobile : +94772338839
<%2B94%20%280%29%20773%20451194>
fazl...@wso2.com
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] WSO2EMM 2.0.0 Milestone 7 Released

[Sashika Wijesinghe]

Hi All,

I observed FileNotFoundException when starting a fresh pack with mysql
database [1] . Further there is a naming issue in WSO2AM_DS datasource,
same jndi config name is used for WSO2AM_DB and WSO2AM_DS [2].

I have reported JIRA for above issues.

[1] https://wso2.org/jira/browse/EMM-822
[2] https://wso2.org/jira/browse/EMM-823

Regards,
-- 

*Sashika WijesingheSoftware Engineer - QA Team*
Mobile : +94 (0) 774537487
sash...@wso2.com
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] Upto 100MB Datasets

[Jason De Silva]

Hi Nifras,

As per [1] you can configure it refer the section "Is there a file size
limit to my dataset?".

[1] https://docs.wso2.com/display/ML100/FAQ

Regards,

On Wed, Oct 21, 2015 at 9:17 AM, NIFRAS ISMAIL 
wrote:

> Hi Team ML,
> Can't we process upto 100MB dataset files. Unfortunately my dataset is
> 228MB
>
> Thank you
>
> Regards.
> *M. Nifras Ismail*
> [image: LinkedIn] 
>
>
>
> ___
> Dev mailing list
> Dev@wso2.org
> http://wso2.org/cgi-bin/mailman/listinfo/dev
>
>


-- 
Jason De Silva
*Software Engineer - QA*
Mobile: +94 (0) 772 097 678
Email: jas...@wso2.com
WSO2 Inc. www.wso2.com
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] [DS] Adding separate landing pages for default and anonymous view

[Dakshika Jayathilaka]

Hi All,

IMO we need to identify real use case with user stories. Then we can
identify whether we need to bring it as a new feature or how to manage with
existing workflow.  Shall we discuss this with proper user stories ?

Thank you,

Regards,
*Dakshika Jayathilaka*
PMC Member & Committer of Apache Stratos
Senior Software Engineer
WSO2, Inc.
lean.enterprise.middleware
0771100911

On Wed, Oct 21, 2015 at 9:08 AM, Ayesha Dissanayaka  wrote:

> Hi all,
>
> On Tue, Oct 20, 2015 at 6:15 PM, Nipuna Chandradasa 
> wrote:
>
>> So what we came up with was to add an option to define landing pages for
>> anonymous state and the default state of the dashboard. So there will be
>> two landing pages when it comes to a anonymous dashboard. One landing page
>> is for anonymous state and other landing page for default state.
>
>
> Above is what suggested by UX team during the off-line discussion we
> had.(Nipuna, Dakshika and Myself).
> There are some valid use cases where an user only need to create one page
> in dashboard anon view and multiple pages in logged in view. In that case
> by forcing to make the landing page anonymous, user has to recreate the
> anon page again. And will have to repeat that every time landing page is
> switched.
>
> Thanks!
> -Ayesha
>
>
> On Wed, Oct 21, 2015 at 8:49 AM, Nipuna Chandradasa 
> wrote:
>
>> +1 for manu  so basically we can inform user using a warning or info
>> message . whether he can make the page anon or not and inform the
>> reason if he cannot, when he clicking on the check box.
>>
>> On Wed, Oct 21, 2015 at 6:06 AM, Manuranga Perera  wrote:
>>
>>> That is also a good idea, but we need to inform user this
>>> On Oct 20, 2015 10:28 AM, "Udara Rathnayake"  wrote:
>>>
 To make it simple,

 Once user select anon option in a page we can programmatically make
 landing page anon. This is what I initially thought of doing.

 On Tue, Oct 20, 2015 at 7:48 PM, Manuranga Perera 
 wrote:

> wouldn't this be complex. we shouldn't bring any new features if it's
> not realy necessary, will just add to maintenance cost.
>
> how about making it mandatory for landing page to be anon if user make
> any page anon.
>
> that is, you can't make any page anon before making landing anon.
>
>
> UX team what do you think?
>
> On Tue, Oct 20, 2015 at 6:15 PM, Nipuna Chandradasa 
> wrote:
>
>> Hi team,
>>
>> There was a problem which came up during the discussion about
>> anonymous view in dashboard server.
>>
>> Discussion was about restricting the user creating an anonymous page
>> without making the landing page (Home page) of the dashboard anonymous.
>>
>> But this way user always have to make the landing page anonymous in
>> order to make the other pages anonymous even user does not want to make 
>> the
>> landing page anonymous.
>>
>> So what we came up with was to add an option to define landing pages
>> for anonymous state and the default state of the dashboard. So there will
>> be two landing pages when it comes to a anonymous dashboard. One landing
>> page is for anonymous state and other landing page for default state.
>>
>> Appreciate any suggestions and comments on this.
>>
>> Thank you.
>> --
>> Nipuna Marcus
>> *Software Engineer*
>> WSO2 Inc.
>> http://wso2.com/ - "lean . enterprise . middleware"
>> Mobile : +94 (0) 713 667906
>> nipu...@wso2.com
>>
>
>
>
> --
> With regards,
> *Manu*ranga Perera.
>
> phone : 071 7 70 20 50
> mail : m...@wso2.com
>


>>
>>
>> --
>> Nipuna Marcus
>> *Software Engineer*
>> WSO2 Inc.
>> http://wso2.com/ - "lean . enterprise . middleware"
>> Mobile : +94 (0) 713 667906
>> nipu...@wso2.com
>>
>
>
>
> --
> *Ayesha Dissanayaka*
> Software Engineer,
> WSO2, Inc : http://wso2.com
> 
> 20, Palmgrove Avenue, Colombo 3
> E-Mail: aye...@wso2.com 
>
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

[Dev] Upto 100MB Datasets

[NIFRAS ISMAIL]

Hi Team ML,
Can't we process upto 100MB dataset files. Unfortunately my dataset is 228MB

Thank you

Regards.
*M. Nifras Ismail*
[image: LinkedIn] 
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

[Dev] K-Means Clustering on ML

[NIFRAS ISMAIL]

Hi Team ML,
I have did K-Means clustering on wso2ML but unfortunately I could not find
the Predict tab.

I am using a shopping mall data set. I need to find the users buying
patterns. Therefore, I cluster the user buying products from different
models by K-Means Clustering .

I have successfully created the model and i could not find the predict. How
am i predict using wso2 ML UI.

I'm following this documentation



​

Regards.
*M. Nifras Ismail*
[image: LinkedIn] 
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] [DS] Adding separate landing pages for default and anonymous view

[Ayesha Dissanayaka]

Hi all,

On Tue, Oct 20, 2015 at 6:15 PM, Nipuna Chandradasa 
wrote:

> So what we came up with was to add an option to define landing pages for
> anonymous state and the default state of the dashboard. So there will be
> two landing pages when it comes to a anonymous dashboard. One landing page
> is for anonymous state and other landing page for default state.


Above is what suggested by UX team during the off-line discussion we
had.(Nipuna, Dakshika and Myself).
There are some valid use cases where an user only need to create one page
in dashboard anon view and multiple pages in logged in view. In that case
by forcing to make the landing page anonymous, user has to recreate the
anon page again. And will have to repeat that every time landing page is
switched.

Thanks!
-Ayesha


On Wed, Oct 21, 2015 at 8:49 AM, Nipuna Chandradasa 
wrote:

> +1 for manu  so basically we can inform user using a warning or info
> message . whether he can make the page anon or not and inform the
> reason if he cannot, when he clicking on the check box.
>
> On Wed, Oct 21, 2015 at 6:06 AM, Manuranga Perera  wrote:
>
>> That is also a good idea, but we need to inform user this
>> On Oct 20, 2015 10:28 AM, "Udara Rathnayake"  wrote:
>>
>>> To make it simple,
>>>
>>> Once user select anon option in a page we can programmatically make
>>> landing page anon. This is what I initially thought of doing.
>>>
>>> On Tue, Oct 20, 2015 at 7:48 PM, Manuranga Perera  wrote:
>>>
 wouldn't this be complex. we shouldn't bring any new features if it's
 not realy necessary, will just add to maintenance cost.

 how about making it mandatory for landing page to be anon if user make
 any page anon.

 that is, you can't make any page anon before making landing anon.


 UX team what do you think?

 On Tue, Oct 20, 2015 at 6:15 PM, Nipuna Chandradasa 
 wrote:

> Hi team,
>
> There was a problem which came up during the discussion about
> anonymous view in dashboard server.
>
> Discussion was about restricting the user creating an anonymous page
> without making the landing page (Home page) of the dashboard anonymous.
>
> But this way user always have to make the landing page anonymous in
> order to make the other pages anonymous even user does not want to make 
> the
> landing page anonymous.
>
> So what we came up with was to add an option to define landing pages
> for anonymous state and the default state of the dashboard. So there will
> be two landing pages when it comes to a anonymous dashboard. One landing
> page is for anonymous state and other landing page for default state.
>
> Appreciate any suggestions and comments on this.
>
> Thank you.
> --
> Nipuna Marcus
> *Software Engineer*
> WSO2 Inc.
> http://wso2.com/ - "lean . enterprise . middleware"
> Mobile : +94 (0) 713 667906
> nipu...@wso2.com
>



 --
 With regards,
 *Manu*ranga Perera.

 phone : 071 7 70 20 50
 mail : m...@wso2.com

>>>
>>>
>
>
> --
> Nipuna Marcus
> *Software Engineer*
> WSO2 Inc.
> http://wso2.com/ - "lean . enterprise . middleware"
> Mobile : +94 (0) 713 667906
> nipu...@wso2.com
>



-- 
*Ayesha Dissanayaka*
Software Engineer,
WSO2, Inc : http://wso2.com

20, Palmgrove Avenue, Colombo 3
E-Mail: aye...@wso2.com 
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] [DS] Adding separate landing pages for default and anonymous view

[Nipuna Chandradasa]

+1 for manu  so basically we can inform user using a warning or info
message . whether he can make the page anon or not and inform the
reason if he cannot, when he clicking on the check box.

On Wed, Oct 21, 2015 at 6:06 AM, Manuranga Perera  wrote:

> That is also a good idea, but we need to inform user this
> On Oct 20, 2015 10:28 AM, "Udara Rathnayake"  wrote:
>
>> To make it simple,
>>
>> Once user select anon option in a page we can programmatically make
>> landing page anon. This is what I initially thought of doing.
>>
>> On Tue, Oct 20, 2015 at 7:48 PM, Manuranga Perera  wrote:
>>
>>> wouldn't this be complex. we shouldn't bring any new features if it's
>>> not realy necessary, will just add to maintenance cost.
>>>
>>> how about making it mandatory for landing page to be anon if user make
>>> any page anon.
>>>
>>> that is, you can't make any page anon before making landing anon.
>>>
>>>
>>> UX team what do you think?
>>>
>>> On Tue, Oct 20, 2015 at 6:15 PM, Nipuna Chandradasa 
>>> wrote:
>>>
 Hi team,

 There was a problem which came up during the discussion about anonymous
 view in dashboard server.

 Discussion was about restricting the user creating an anonymous page
 without making the landing page (Home page) of the dashboard anonymous.

 But this way user always have to make the landing page anonymous in
 order to make the other pages anonymous even user does not want to make the
 landing page anonymous.

 So what we came up with was to add an option to define landing pages
 for anonymous state and the default state of the dashboard. So there will
 be two landing pages when it comes to a anonymous dashboard. One landing
 page is for anonymous state and other landing page for default state.

 Appreciate any suggestions and comments on this.

 Thank you.
 --
 Nipuna Marcus
 *Software Engineer*
 WSO2 Inc.
 http://wso2.com/ - "lean . enterprise . middleware"
 Mobile : +94 (0) 713 667906
 nipu...@wso2.com

>>>
>>>
>>>
>>> --
>>> With regards,
>>> *Manu*ranga Perera.
>>>
>>> phone : 071 7 70 20 50
>>> mail : m...@wso2.com
>>>
>>
>>


-- 
Nipuna Marcus
*Software Engineer*
WSO2 Inc.
http://wso2.com/ - "lean . enterprise . middleware"
Mobile : +94 (0) 713 667906
nipu...@wso2.com
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

[Dev] [VOTE] Release WSO2 Private PaaS 4.1.0 RC2

[Imesh Gunaratne]

Hi Devs,

This is the second release candidate of WSO2 Private PaaS 4.1.0.

This release fixes the following issues:
https://wso2.org/jira/issues/?filter=12467

Please download, test and vote. The vote will be open for 72 hours or as
needed.

*​Source and binary distribution files:*
https://svn.wso2.org/repos/wso2/scratch/PPAAS/wso2ppaas-4.1.0-rc2/

*Maven staging repository:*
http://maven.wso2.org/nexus/content/repositories/orgwso2ppaas-028/

*The tag to be voted upon:*
https://github.com/wso2/product-private-paas/tree/v4.1.0-rc2


[ ] Broken - do not release (explain why)
[ ] Stable - go ahead and release


Thanks,
The WSO2 Private PaaS Team

-- 
*Imesh Gunaratne*
Senior Technical Lead
WSO2 Inc: http://wso2.com
T: +94 11 214 5345 M: +94 77 374 2057
W: http://imesh.gunaratne.org
Lean . Enterprise . Middleware
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] [VOTE] Release WSO2 Private PaaS 4.1.0 RC1

[Imesh Gunaratne]

Please consider this vote as canceled. We have fixed above issues and done
a new release build.
We will trigger a new vote thread for 4.1.0-rc2 soon.

Thanks

On Wed, Oct 21, 2015 at 12:49 AM, Imesh Gunaratne  wrote:

> On Wed, Oct 21, 2015 at 12:22 AM, Akila Ravihansa Perera <
> raviha...@wso2.com> wrote:
>
>>
>> Please see inline. Sorry to drag this, but I think it's better to clarify
>> unclear areas :)
>>
>
> +1
>
>>
 Yes that's true but in a such design any other external system will not
>>> be able to to access the APIs using API Keys without having to integrate
>>> with the same SSO solution.
>>>
>>
>> I tend to disagree. Using a compatible Identity Provider (for eg: WSO2
>> IS) we can secure the API using multiple grant types. In this scenario API
>> can be secured via SSO but not limited to that.
>>
>> AFAIU grant types and API keys are different. API keys can be
> pre-generated for a particular user and used in a X system for accessing an
> API (Example: EC2 access & secret keys). As long as X system has the API
> keys it does not need to talk to an Identity Provider to obtain a token
> based on a grant type.
>
>>

>>> May be this was not clear. We do not need a login page to make a request
>>> to an API endpoint which is secured with Basic Auth. We can make a HTTP
>>> call with an Authorization header having credentials (Base64 encoded) via
>>> HTTPS.
>>>
>>
>> If we are going to send the Authorization header then we need to get the
>> credentials from the user first. I'm not clear how you plan to implement
>> this without a login screen. How do you propose to create this header in
>> client request?
>>
>>
> My concern is that when a system A is talking to a system B where system B
> has a dashboard where it talks to its own API, system A does not need to
> worry about the API call of system B. System A only needs a way to
> authenticate to system B. System B should handle how it authenticate to its
> own API.
>
> In an ideal situation we need to use SSO between system A and B assuming
> that the enduser needs to access both systems as a part of a single
> solution. However it does not mean that the API of system B should use the
> same SSO system for authentication. IMO if the API of system B is generic
> and needed by third party systems it should have a more user friendly
> authentication system such as API Keys.
>
>>
>

> Thanks
>
> On Wed, Oct 21, 2015 at 12:22 AM, Akila Ravihansa Perera <
> raviha...@wso2.com> wrote:
>
>> Hi Imesh,
>>
>> Please see inline. Sorry to drag this, but I think it's better to clarify
>> unclear areas :)
>>
>> SSO can be used to authenticate the user who is accessing the
 monitoring/metering dashboard, thereby authenticating him to the API as
 well. We don't need to maintain a session token/cookie for this which is an
 overhead for this scenario, IMO.


>>> Yes that's true but in a such design any other external system will not
>>> be able to to access the APIs using API Keys without having to integrate
>>> with the same SSO solution.
>>>
>>
>> I tend to disagree. Using a compatible Identity Provider (for eg: WSO2
>> IS) we can secure the API using multiple grant types. In this scenario API
>> can be secured via SSO but not limited to that.
>>
>>
>>> Imagine Twitter has exposed set of APIs using Twitter SSO solution. Now
>>> if we were to consume those APIs in a X system. This X system needs to
>>> integrate with Twitter SSO solution first. IMO this is not a good design,
>>> ideally those APIs should be accessible with API Keys. This is how actually
>>> Twitter has exposed their APIs.
>>>

>
 If we are using basic auth, the user needs to submit the credentials
 via a form, which is again an overhead. Any implementation of
 authToken/JSESSIONID would require the user to submit credential at some
 layer. What I'm suggesting is to authenticate the user via SSO to the DAS
 dashboard, which would authenticate him to the API as well. I'm -1 on
 developing a separate login screen for this.


>>> May be this was not clear. We do not need a login page to make a request
>>> to an API endpoint which is secured with Basic Auth. We can make a HTTP
>>> call with an Authorization header having credentials (Base64 encoded) via
>>> HTTPS.
>>>
>>
>> If we are going to send the Authorization header then we need to get the
>> credentials from the user first. I'm not clear how you plan to implement
>> this without a login screen. How do you propose to create this header in
>> client request?
>>
>>
>>>
>
 This would not be manageable as we add entities in future I think. We
 can handle this internally by not using the request parameter variable to
 create the query. But rather choose the correct sql query conditionally
 based on the request parameter. This would basically result in rewriting
 all Jaggery files.

>>>
>>
>>
>>>
>>> Yes ideally it should be the context path (/api/member

Re: [Dev] [DS] Adding separate landing pages for default and anonymous view

[Manuranga Perera]

That is also a good idea, but we need to inform user this
On Oct 20, 2015 10:28 AM, "Udara Rathnayake"  wrote:

> To make it simple,
>
> Once user select anon option in a page we can programmatically make
> landing page anon. This is what I initially thought of doing.
>
> On Tue, Oct 20, 2015 at 7:48 PM, Manuranga Perera  wrote:
>
>> wouldn't this be complex. we shouldn't bring any new features if it's not
>> realy necessary, will just add to maintenance cost.
>>
>> how about making it mandatory for landing page to be anon if user make
>> any page anon.
>>
>> that is, you can't make any page anon before making landing anon.
>>
>>
>> UX team what do you think?
>>
>> On Tue, Oct 20, 2015 at 6:15 PM, Nipuna Chandradasa 
>> wrote:
>>
>>> Hi team,
>>>
>>> There was a problem which came up during the discussion about anonymous
>>> view in dashboard server.
>>>
>>> Discussion was about restricting the user creating an anonymous page
>>> without making the landing page (Home page) of the dashboard anonymous.
>>>
>>> But this way user always have to make the landing page anonymous in
>>> order to make the other pages anonymous even user does not want to make the
>>> landing page anonymous.
>>>
>>> So what we came up with was to add an option to define landing pages for
>>> anonymous state and the default state of the dashboard. So there will be
>>> two landing pages when it comes to a anonymous dashboard. One landing page
>>> is for anonymous state and other landing page for default state.
>>>
>>> Appreciate any suggestions and comments on this.
>>>
>>> Thank you.
>>> --
>>> Nipuna Marcus
>>> *Software Engineer*
>>> WSO2 Inc.
>>> http://wso2.com/ - "lean . enterprise . middleware"
>>> Mobile : +94 (0) 713 667906
>>> nipu...@wso2.com
>>>
>>
>>
>>
>> --
>> With regards,
>> *Manu*ranga Perera.
>>
>> phone : 071 7 70 20 50
>> mail : m...@wso2.com
>>
>
>
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

[Dev] Releasing Carbon Commons 4.5.x Patch Version

[Anjana Fernando]

Hi Sameera / KasunG,

We are doing RC releases for DAS and DSS today (21'st), and we have several
fixes done for Carbon Commons, among them, a blocker [1] being fixed for
DAS. Can we please get a patch release done for Carbon Commons today, since
we have critical deadlines for these products, and their RCs must go out
today, thus we need these fixes as well.

[1] https://wso2.org/jira/browse/CCOMMONS-2

Cheers,
Anjana.
-- 
*Anjana Fernando*
Senior Technical Lead
WSO2 Inc. | http://wso2.com
lean . enterprise . middleware
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] [VOTE] Release WSO2 Private PaaS 4.1.0 RC1

[Imesh Gunaratne]

On Wed, Oct 21, 2015 at 12:22 AM, Akila Ravihansa Perera  wrote:

>
> Please see inline. Sorry to drag this, but I think it's better to clarify
> unclear areas :)
>

+1

>
>>> Yes that's true but in a such design any other external system will not
>> be able to to access the APIs using API Keys without having to integrate
>> with the same SSO solution.
>>
>
> I tend to disagree. Using a compatible Identity Provider (for eg: WSO2 IS)
> we can secure the API using multiple grant types. In this scenario API can
> be secured via SSO but not limited to that.
>
> AFAIU grant types and API keys are different. API keys can be
pre-generated for a particular user and used in a X system for accessing an
API (Example: EC2 access & secret keys). As long as X system has the API
keys it does not need to talk to an Identity Provider to obtain a token
based on a grant type.

>
>>>
>> May be this was not clear. We do not need a login page to make a request
>> to an API endpoint which is secured with Basic Auth. We can make a HTTP
>> call with an Authorization header having credentials (Base64 encoded) via
>> HTTPS.
>>
>
> If we are going to send the Authorization header then we need to get the
> credentials from the user first. I'm not clear how you plan to implement
> this without a login screen. How do you propose to create this header in
> client request?
>
>
My concern is that when a system A is talking to a system B where system B
has a dashboard where it talks to its own API, system A does not need to
worry about the API call of system B. System A only needs a way to
authenticate to system B. System B should handle how it authenticate to its
own API.

In an ideal situation we need to use SSO between system A and B assuming
that the enduser needs to access both systems as a part of a single
solution. However it does not mean that the API of system B should use the
same SSO system for authentication. IMO if the API of system B is generic
and needed by third party systems it should have a more user friendly
authentication system such as API Keys.

>

>>>
Thanks

On Wed, Oct 21, 2015 at 12:22 AM, Akila Ravihansa Perera  wrote:

> Hi Imesh,
>
> Please see inline. Sorry to drag this, but I think it's better to clarify
> unclear areas :)
>
> SSO can be used to authenticate the user who is accessing the
>>> monitoring/metering dashboard, thereby authenticating him to the API as
>>> well. We don't need to maintain a session token/cookie for this which is an
>>> overhead for this scenario, IMO.
>>>
>>>
>> Yes that's true but in a such design any other external system will not
>> be able to to access the APIs using API Keys without having to integrate
>> with the same SSO solution.
>>
>
> I tend to disagree. Using a compatible Identity Provider (for eg: WSO2 IS)
> we can secure the API using multiple grant types. In this scenario API can
> be secured via SSO but not limited to that.
>
>
>> Imagine Twitter has exposed set of APIs using Twitter SSO solution. Now
>> if we were to consume those APIs in a X system. This X system needs to
>> integrate with Twitter SSO solution first. IMO this is not a good design,
>> ideally those APIs should be accessible with API Keys. This is how actually
>> Twitter has exposed their APIs.
>>
>>>

>>> If we are using basic auth, the user needs to submit the credentials via
>>> a form, which is again an overhead. Any implementation of
>>> authToken/JSESSIONID would require the user to submit credential at some
>>> layer. What I'm suggesting is to authenticate the user via SSO to the DAS
>>> dashboard, which would authenticate him to the API as well. I'm -1 on
>>> developing a separate login screen for this.
>>>
>>>
>> May be this was not clear. We do not need a login page to make a request
>> to an API endpoint which is secured with Basic Auth. We can make a HTTP
>> call with an Authorization header having credentials (Base64 encoded) via
>> HTTPS.
>>
>
> If we are going to send the Authorization header then we need to get the
> credentials from the user first. I'm not clear how you plan to implement
> this without a login screen. How do you propose to create this header in
> client request?
>
>
>>

>>> This would not be manageable as we add entities in future I think. We
>>> can handle this internally by not using the request parameter variable to
>>> create the query. But rather choose the correct sql query conditionally
>>> based on the request parameter. This would basically result in rewriting
>>> all Jaggery files.
>>>
>>
>
>
>>
>> Yes ideally it should be the context path (/api/member -> member table,
>> /api/cluster/health -> cluster health table, etc)
>>
>
> +1
>
>
>
>>
>> Thanks
>>
>> On Tue, Oct 20, 2015 at 11:40 PM, Akila Ravihansa Perera <
>> raviha...@wso2.com> wrote:
>>
>>> Hi Gayan,
>>>
>>> The code reference you pointed at [1] is used in a prepared SQL
>>> statement [2]. The risk of SQL injection attack is minimal in that case,
>>> AFAIU.
>>>
>>> [1]
>>> https://github.c

Re: [Dev] [VOTE] Release WSO2 Private PaaS 4.1.0 RC1

[Akila Ravihansa Perera]

Hi Imesh,

Please see inline. Sorry to drag this, but I think it's better to clarify
unclear areas :)

SSO can be used to authenticate the user who is accessing the
>> monitoring/metering dashboard, thereby authenticating him to the API as
>> well. We don't need to maintain a session token/cookie for this which is an
>> overhead for this scenario, IMO.
>>
>>
> Yes that's true but in a such design any other external system will not be
> able to to access the APIs using API Keys without having to integrate with
> the same SSO solution.
>

I tend to disagree. Using a compatible Identity Provider (for eg: WSO2 IS)
we can secure the API using multiple grant types. In this scenario API can
be secured via SSO but not limited to that.


> Imagine Twitter has exposed set of APIs using Twitter SSO solution. Now if
> we were to consume those APIs in a X system. This X system needs to
> integrate with Twitter SSO solution first. IMO this is not a good design,
> ideally those APIs should be accessible with API Keys. This is how actually
> Twitter has exposed their APIs.
>
>>
>>>
>> If we are using basic auth, the user needs to submit the credentials via
>> a form, which is again an overhead. Any implementation of
>> authToken/JSESSIONID would require the user to submit credential at some
>> layer. What I'm suggesting is to authenticate the user via SSO to the DAS
>> dashboard, which would authenticate him to the API as well. I'm -1 on
>> developing a separate login screen for this.
>>
>>
> May be this was not clear. We do not need a login page to make a request
> to an API endpoint which is secured with Basic Auth. We can make a HTTP
> call with an Authorization header having credentials (Base64 encoded) via
> HTTPS.
>

If we are going to send the Authorization header then we need to get the
credentials from the user first. I'm not clear how you plan to implement
this without a login screen. How do you propose to create this header in
client request?


>
>>>
>> This would not be manageable as we add entities in future I think. We can
>> handle this internally by not using the request parameter variable to
>> create the query. But rather choose the correct sql query conditionally
>> based on the request parameter. This would basically result in rewriting
>> all Jaggery files.
>>
>


>
> Yes ideally it should be the context path (/api/member -> member table,
> /api/cluster/health -> cluster health table, etc)
>

+1



>
> Thanks
>
> On Tue, Oct 20, 2015 at 11:40 PM, Akila Ravihansa Perera <
> raviha...@wso2.com> wrote:
>
>> Hi Gayan,
>>
>> The code reference you pointed at [1] is used in a prepared SQL statement
>> [2]. The risk of SQL injection attack is minimal in that case, AFAIU.
>>
>> [1]
>> https://github.com/wso2/product-private-paas/blob/v4.1.0-rc1/extensions/das/artifacts/metering-dashboard/jaggery-files/member-info.jag#L49
>> [2]
>> https://github.com/wso2/product-private-paas/blob/v4.1.0-rc1/extensions/das/artifacts/metering-dashboard/jaggery-files/member-info.jag#L53
>>
>> Thanks.
>>
>> On Tue, Oct 20, 2015 at 11:33 PM, Akila Ravihansa Perera <
>> raviha...@wso2.com> wrote:
>>
>>> Hi Imesh,
>>>
>>> Please see inline.
>>>
>>> On Tue, Oct 20, 2015 at 11:08 PM, Imesh Gunaratne 
>>> wrote:
>>>
 On Tue, Oct 20, 2015 at 10:25 PM, Akila Ravihansa Perera <
 raviha...@wso2.com> wrote:
>
>
> I think the proper way to secure the Jaggery services is by using SSO.
>

 I tend to disagree on this statement. SSO is used when authenticating a
 human to a series of software systems. An API should not use SSO for
 authentication rather it should use session based authentication either by
 creating session tokens or API Keys, refer this [3].

>>>
>>> SSO can be used to authenticate the user who is accessing the
>>> monitoring/metering dashboard, thereby authenticating him to the API as
>>> well. We don't need to maintain a session token/cookie for this which is an
>>> overhead for this scenario, IMO.
>>>
>>>


> According to the thread on wso2dev@ with subject "SingleSignOn
> support in DAS Analytics Dashboard" this is not yet supported in DAS. The
> approach taken in analytics.jsg as you mentioned require a separate login
> screen as in [1]. IMHO, this is not a suitable method to secure a Jaggery
> based API.
>
> No, have a look at the analytics.jag authentication logic. It first
 accepts an Authorization header and creates a session token. Authorization
 header can accept basic auth, see [4]. Afterwards corresponding calls are
 authenticated using authToken/JSESSIONID.

>>>
>>> If we are using basic auth, the user needs to submit the credentials via
>>> a form, which is again an overhead. Any implementation of
>>> authToken/JSESSIONID would require the user to submit credential at some
>>> layer. What I'm suggesting is to authenticate the user via SSO to the DAS
>>> dashboard, which would authenticate him to the API as well. I'm

Re: [Dev] [VOTE] Release WSO2 Private PaaS 4.1.0 RC1

[Imesh Gunaratne]

On Tue, Oct 20, 2015 at 11:27 PM, Gayan Gunarathne  wrote:
>
>
>>
>>> Regarding table names in SQL queries; this is not the best approach to
>>> design the API but these table names are escaped from request parameters
>>> [2] which would minimize the risk of a SQL injection attack. This is
>>> definitely a potential security issue as well as an API design issue we
>>> need to fix. But I think fixing this will need a major refactoring to the
>>> Jaggery files. wdyt?
>>>
>>
>> No, we can simply fix this by creating an API per table/entity.
>>
>
> You mean to have separate API for each table in the database? So if there
> 10 tables , there will be more than 10 APIs. I think it wont work when
> there are more no of tables.
>

We already have separate APIs for each entity. Yes may be we can have one
API implementation which could internally identify the entity based on the
context path (similar to Java RESTful services).

On Tue, Oct 20, 2015 at 11:33 PM, Akila Ravihansa Perera  wrote:
>
>
> SSO can be used to authenticate the user who is accessing the
> monitoring/metering dashboard, thereby authenticating him to the API as
> well. We don't need to maintain a session token/cookie for this which is an
> overhead for this scenario, IMO.
>
>
Yes that's true but in a such design any other external system will not be
able to to access the APIs using API Keys without having to integrate with
the same SSO solution.

Imagine Twitter has exposed set of APIs using Twitter SSO solution. Now if
we were to consume those APIs in a X system. This X system needs to
integrate with Twitter SSO solution first. IMO this is not a good design,
ideally those APIs should be accessible with API Keys. This is how actually
Twitter has exposed their APIs.

>
>>
> If we are using basic auth, the user needs to submit the credentials via a
> form, which is again an overhead. Any implementation of
> authToken/JSESSIONID would require the user to submit credential at some
> layer. What I'm suggesting is to authenticate the user via SSO to the DAS
> dashboard, which would authenticate him to the API as well. I'm -1 on
> developing a separate login screen for this.
>
>
May be this was not clear. We do not need a login page to make a request to
an API endpoint which is secured with Basic Auth. We can make a HTTP call
with an Authorization header having credentials (Base64 encoded) via HTTPS.


>
>>
> This would not be manageable as we add entities in future I think. We can
> handle this internally by not using the request parameter variable to
> create the query. But rather choose the correct sql query conditionally
> based on the request parameter. This would basically result in rewriting
> all Jaggery files.
>

Yes ideally it should be the context path (/api/member -> member table,
/api/cluster/health -> cluster health table, etc)

Thanks

On Tue, Oct 20, 2015 at 11:40 PM, Akila Ravihansa Perera  wrote:

> Hi Gayan,
>
> The code reference you pointed at [1] is used in a prepared SQL statement
> [2]. The risk of SQL injection attack is minimal in that case, AFAIU.
>
> [1]
> https://github.com/wso2/product-private-paas/blob/v4.1.0-rc1/extensions/das/artifacts/metering-dashboard/jaggery-files/member-info.jag#L49
> [2]
> https://github.com/wso2/product-private-paas/blob/v4.1.0-rc1/extensions/das/artifacts/metering-dashboard/jaggery-files/member-info.jag#L53
>
> Thanks.
>
> On Tue, Oct 20, 2015 at 11:33 PM, Akila Ravihansa Perera <
> raviha...@wso2.com> wrote:
>
>> Hi Imesh,
>>
>> Please see inline.
>>
>> On Tue, Oct 20, 2015 at 11:08 PM, Imesh Gunaratne  wrote:
>>
>>> On Tue, Oct 20, 2015 at 10:25 PM, Akila Ravihansa Perera <
>>> raviha...@wso2.com> wrote:


 I think the proper way to secure the Jaggery services is by using SSO.

>>>
>>> I tend to disagree on this statement. SSO is used when authenticating a
>>> human to a series of software systems. An API should not use SSO for
>>> authentication rather it should use session based authentication either by
>>> creating session tokens or API Keys, refer this [3].
>>>
>>
>> SSO can be used to authenticate the user who is accessing the
>> monitoring/metering dashboard, thereby authenticating him to the API as
>> well. We don't need to maintain a session token/cookie for this which is an
>> overhead for this scenario, IMO.
>>
>>
>>>
>>>
 According to the thread on wso2dev@ with subject "SingleSignOn support
 in DAS Analytics Dashboard" this is not yet supported in DAS. The approach
 taken in analytics.jsg as you mentioned require a separate login screen as
 in [1]. IMHO, this is not a suitable method to secure a Jaggery based API.

 No, have a look at the analytics.jag authentication logic. It first
>>> accepts an Authorization header and creates a session token. Authorization
>>> header can accept basic auth, see [4]. Afterwards corresponding calls are
>>> authenticated using authToken/JSESSIONID.
>>>
>>
>> If we are using basic auth, the user needs to submit 

Re: [Dev] [VOTE] Release WSO2 Private PaaS 4.1.0 RC1

[Akila Ravihansa Perera]

Hi Gayan,

The code reference you pointed at [1] is used in a prepared SQL statement
[2]. The risk of SQL injection attack is minimal in that case, AFAIU.

[1]
https://github.com/wso2/product-private-paas/blob/v4.1.0-rc1/extensions/das/artifacts/metering-dashboard/jaggery-files/member-info.jag#L49
[2]
https://github.com/wso2/product-private-paas/blob/v4.1.0-rc1/extensions/das/artifacts/metering-dashboard/jaggery-files/member-info.jag#L53

Thanks.

On Tue, Oct 20, 2015 at 11:33 PM, Akila Ravihansa Perera  wrote:

> Hi Imesh,
>
> Please see inline.
>
> On Tue, Oct 20, 2015 at 11:08 PM, Imesh Gunaratne  wrote:
>
>> On Tue, Oct 20, 2015 at 10:25 PM, Akila Ravihansa Perera <
>> raviha...@wso2.com> wrote:
>>>
>>>
>>> I think the proper way to secure the Jaggery services is by using SSO.
>>>
>>
>> I tend to disagree on this statement. SSO is used when authenticating a
>> human to a series of software systems. An API should not use SSO for
>> authentication rather it should use session based authentication either by
>> creating session tokens or API Keys, refer this [3].
>>
>
> SSO can be used to authenticate the user who is accessing the
> monitoring/metering dashboard, thereby authenticating him to the API as
> well. We don't need to maintain a session token/cookie for this which is an
> overhead for this scenario, IMO.
>
>
>>
>>
>>> According to the thread on wso2dev@ with subject "SingleSignOn support
>>> in DAS Analytics Dashboard" this is not yet supported in DAS. The approach
>>> taken in analytics.jsg as you mentioned require a separate login screen as
>>> in [1]. IMHO, this is not a suitable method to secure a Jaggery based API.
>>>
>>> No, have a look at the analytics.jag authentication logic. It first
>> accepts an Authorization header and creates a session token. Authorization
>> header can accept basic auth, see [4]. Afterwards corresponding calls are
>> authenticated using authToken/JSESSIONID.
>>
>
> If we are using basic auth, the user needs to submit the credentials via a
> form, which is again an overhead. Any implementation of
> authToken/JSESSIONID would require the user to submit credential at some
> layer. What I'm suggesting is to authenticate the user via SSO to the DAS
> dashboard, which would authenticate him to the API as well. I'm -1 on
> developing a separate login screen for this.
>
>
>>
>>
>>> Regarding table names in SQL queries; this is not the best approach to
>>> design the API but these table names are escaped from request parameters
>>> [2] which would minimize the risk of a SQL injection attack. This is
>>> definitely a potential security issue as well as an API design issue we
>>> need to fix. But I think fixing this will need a major refactoring to the
>>> Jaggery files. wdyt?
>>>
>>
>> No, we can simply fix this by creating an API per table/entity.
>>
>
> This would not be manageable as we add entities in future I think. We can
> handle this internally by not using the request parameter variable to
> create the query. But rather choose the correct sql query conditionally
> based on the request parameter. This would basically result in rewriting
> all Jaggery files.
>
> Thanks.
>
>
>
>>
>>> [1]
>>> https://github.com/wso2/carbon-dashboards/blob/master/apps/portal/theme/templates/login.jag
>>> [2]
>>> https://github.com/wso2/product-private-paas/blob/v4.1.0-rc1/extensions/das/artifacts/metering-dashboard/jaggery-files/member-info.jag#L26
>>>
>>> [3] https://www.owasp.org/index.php/REST_Security_Cheat_Sheet
>> [4]
>> https://github.com/wso2/carbon-analytics/blob/d7d4f7c31981eb6aff8921fefba7c030eb11a80a/components/analytics-io/org.wso2.carbon.analytics.jsservice/src/main/java/org/wso2/carbon/analytics/jsservice/Utils.java#L352
>>
>> Thanks
>>
>> On Tue, Oct 20, 2015 at 10:25 PM, Akila Ravihansa Perera <
>> raviha...@wso2.com> wrote:
>>
>>> Hi Imesh,
>>>
>>> I think the proper way to secure the Jaggery services is by using SSO.
>>> According to the thread on wso2dev@ with subject "SingleSignOn support
>>> in DAS Analytics Dashboard" this is not yet supported in DAS. The approach
>>> taken in analytics.jsg as you mentioned require a separate login screen as
>>> in [1]. IMHO, this is not a suitable method to secure a Jaggery based API.
>>>
>>> Regarding table names in SQL queries; this is not the best approach to
>>> design the API but these table names are escaped from request parameters
>>> [2] which would minimize the risk of a SQL injection attack. This is
>>> definitely a potential security issue as well as an API design issue we
>>> need to fix. But I think fixing this will need a major refactoring to the
>>> Jaggery files. wdyt?
>>>
>>> [1]
>>> https://github.com/wso2/carbon-dashboards/blob/master/apps/portal/theme/templates/login.jag
>>> [2]
>>> https://github.com/wso2/product-private-paas/blob/v4.1.0-rc1/extensions/das/artifacts/metering-dashboard/jaggery-files/member-info.jag#L26
>>>
>>> Thanks.
>>>
>>> On Tue, Oct 20, 2015 at 8:38 PM, Imesh Gunaratne  wrote:
>>>
 Hi

Re: [Dev] [VOTE] Release WSO2 Private PaaS 4.1.0 RC1

[Akila Ravihansa Perera]

Hi Imesh,

Please see inline.

On Tue, Oct 20, 2015 at 11:08 PM, Imesh Gunaratne  wrote:

> On Tue, Oct 20, 2015 at 10:25 PM, Akila Ravihansa Perera <
> raviha...@wso2.com> wrote:
>>
>>
>> I think the proper way to secure the Jaggery services is by using SSO.
>>
>
> I tend to disagree on this statement. SSO is used when authenticating a
> human to a series of software systems. An API should not use SSO for
> authentication rather it should use session based authentication either by
> creating session tokens or API Keys, refer this [3].
>

SSO can be used to authenticate the user who is accessing the
monitoring/metering dashboard, thereby authenticating him to the API as
well. We don't need to maintain a session token/cookie for this which is an
overhead for this scenario, IMO.


>
>
>> According to the thread on wso2dev@ with subject "SingleSignOn support
>> in DAS Analytics Dashboard" this is not yet supported in DAS. The approach
>> taken in analytics.jsg as you mentioned require a separate login screen as
>> in [1]. IMHO, this is not a suitable method to secure a Jaggery based API.
>>
>> No, have a look at the analytics.jag authentication logic. It first
> accepts an Authorization header and creates a session token. Authorization
> header can accept basic auth, see [4]. Afterwards corresponding calls are
> authenticated using authToken/JSESSIONID.
>

If we are using basic auth, the user needs to submit the credentials via a
form, which is again an overhead. Any implementation of
authToken/JSESSIONID would require the user to submit credential at some
layer. What I'm suggesting is to authenticate the user via SSO to the DAS
dashboard, which would authenticate him to the API as well. I'm -1 on
developing a separate login screen for this.


>
>
>> Regarding table names in SQL queries; this is not the best approach to
>> design the API but these table names are escaped from request parameters
>> [2] which would minimize the risk of a SQL injection attack. This is
>> definitely a potential security issue as well as an API design issue we
>> need to fix. But I think fixing this will need a major refactoring to the
>> Jaggery files. wdyt?
>>
>
> No, we can simply fix this by creating an API per table/entity.
>

This would not be manageable as we add entities in future I think. We can
handle this internally by not using the request parameter variable to
create the query. But rather choose the correct sql query conditionally
based on the request parameter. This would basically result in rewriting
all Jaggery files.

Thanks.



>
>> [1]
>> https://github.com/wso2/carbon-dashboards/blob/master/apps/portal/theme/templates/login.jag
>> [2]
>> https://github.com/wso2/product-private-paas/blob/v4.1.0-rc1/extensions/das/artifacts/metering-dashboard/jaggery-files/member-info.jag#L26
>>
>> [3] https://www.owasp.org/index.php/REST_Security_Cheat_Sheet
> [4]
> https://github.com/wso2/carbon-analytics/blob/d7d4f7c31981eb6aff8921fefba7c030eb11a80a/components/analytics-io/org.wso2.carbon.analytics.jsservice/src/main/java/org/wso2/carbon/analytics/jsservice/Utils.java#L352
>
> Thanks
>
> On Tue, Oct 20, 2015 at 10:25 PM, Akila Ravihansa Perera <
> raviha...@wso2.com> wrote:
>
>> Hi Imesh,
>>
>> I think the proper way to secure the Jaggery services is by using SSO.
>> According to the thread on wso2dev@ with subject "SingleSignOn support
>> in DAS Analytics Dashboard" this is not yet supported in DAS. The approach
>> taken in analytics.jsg as you mentioned require a separate login screen as
>> in [1]. IMHO, this is not a suitable method to secure a Jaggery based API.
>>
>> Regarding table names in SQL queries; this is not the best approach to
>> design the API but these table names are escaped from request parameters
>> [2] which would minimize the risk of a SQL injection attack. This is
>> definitely a potential security issue as well as an API design issue we
>> need to fix. But I think fixing this will need a major refactoring to the
>> Jaggery files. wdyt?
>>
>> [1]
>> https://github.com/wso2/carbon-dashboards/blob/master/apps/portal/theme/templates/login.jag
>> [2]
>> https://github.com/wso2/product-private-paas/blob/v4.1.0-rc1/extensions/das/artifacts/metering-dashboard/jaggery-files/member-info.jag#L26
>>
>> Thanks.
>>
>> On Tue, Oct 20, 2015 at 8:38 PM, Imesh Gunaratne  wrote:
>>
>>> Hi,
>>>
>>> It looks like there are two security issues in the APIs exposed by the
>>> DAS metering and monitoring dashboards [1], [2]:
>>>
>>>- APIs have no authentication mechanism
>>>- Table name is concatenated in the SQL queries
>>>
>>> We may need to add an authentication check similar to analytics.jag [3]:
>>>
>>> var authParam = request.getHeader(AUTHORIZATION_HEADER);
>>> if (authParam != null) {
>>> credentials = JSUtils.authenticate(authParam);
>>> authenticationAdminStub = new
>>> AuthenticationAdminStub(authenticationWSUrl);
>>> authenticationAdminStub.login(credentials[0], credentials[1],
>>

Re: [Dev] [VOTE] Release WSO2 Private PaaS 4.1.0 RC1

[Gayan Gunarathne]

There are some other request parameters we used in the inline SQL query
in[1]. Those are also make a huge risk for SQL injection attack. We need to
remove those as well.

[1]
https://github.com/wso2/product-private-paas/blob/v4.1.0-rc1/extensions/das/artifacts/metering-dashboard/jaggery-files/member-info.jag#L49

Thanks,
Gayan

On Tue, Oct 20, 2015 at 11:27 PM, Gayan Gunarathne  wrote:

>
> Hi,
>
> On Tue, Oct 20, 2015 at 11:08 PM, Imesh Gunaratne  wrote:
>
>> On Tue, Oct 20, 2015 at 10:25 PM, Akila Ravihansa Perera <
>> raviha...@wso2.com> wrote:
>>>
>>>
>>> I think the proper way to secure the Jaggery services is by using SSO.
>>>
>>
>> I tend to disagree on this statement. SSO is used when authenticating a
>> human to a series of software systems. An API should not use SSO for
>> authentication rather it should use session based authentication either by
>> creating session tokens or API Keys, refer this [3].
>>
>>
>>> According to the thread on wso2dev@ with subject "SingleSignOn support
>>> in DAS Analytics Dashboard" this is not yet supported in DAS. The approach
>>> taken in analytics.jsg as you mentioned require a separate login screen as
>>> in [1]. IMHO, this is not a suitable method to secure a Jaggery based API.
>>>
>>> No, have a look at the analytics.jag authentication logic. It first
>> accepts an Authorization header and creates a session token. Authorization
>> header can accept basic auth, see [4]. Afterwards corresponding calls are
>> authenticated using authToken/JSESSIONID.
>>
>
> Agree with Imesh.I think we need to consider authToken based
> authentication that's simplify our requirement.
>
>>
>>
>>> Regarding table names in SQL queries; this is not the best approach to
>>> design the API but these table names are escaped from request parameters
>>> [2] which would minimize the risk of a SQL injection attack. This is
>>> definitely a potential security issue as well as an API design issue we
>>> need to fix. But I think fixing this will need a major refactoring to the
>>> Jaggery files. wdyt?
>>>
>>
>> No, we can simply fix this by creating an API per table/entity.
>>
>
> You mean to have separate API for each table in the database? So if there
> 10 tables , there will be more than 10 APIs. I think it wont work when
> there are more no of tables.
>
> What about we selecting the table inside the API method based on the
> scenario?
>
> Main security vulnerability here is those APIs expect the table name as a
> request parameter. We need to remove this.
>
> Thanks,
> Gayan
>
>
>>
>>> [1]
>>> https://github.com/wso2/carbon-dashboards/blob/master/apps/portal/theme/templates/login.jag
>>> [2]
>>> https://github.com/wso2/product-private-paas/blob/v4.1.0-rc1/extensions/das/artifacts/metering-dashboard/jaggery-files/member-info.jag#L26
>>>
>>> [3] https://www.owasp.org/index.php/REST_Security_Cheat_Sheet
>> [4]
>> https://github.com/wso2/carbon-analytics/blob/d7d4f7c31981eb6aff8921fefba7c030eb11a80a/components/analytics-io/org.wso2.carbon.analytics.jsservice/src/main/java/org/wso2/carbon/analytics/jsservice/Utils.java#L352
>>
>> Thanks
>>
>> On Tue, Oct 20, 2015 at 10:25 PM, Akila Ravihansa Perera <
>> raviha...@wso2.com> wrote:
>>
>>> Hi Imesh,
>>>
>>> I think the proper way to secure the Jaggery services is by using SSO.
>>> According to the thread on wso2dev@ with subject "SingleSignOn support
>>> in DAS Analytics Dashboard" this is not yet supported in DAS. The approach
>>> taken in analytics.jsg as you mentioned require a separate login screen as
>>> in [1]. IMHO, this is not a suitable method to secure a Jaggery based API.
>>>
>>> Regarding table names in SQL queries; this is not the best approach to
>>> design the API but these table names are escaped from request parameters
>>> [2] which would minimize the risk of a SQL injection attack. This is
>>> definitely a potential security issue as well as an API design issue we
>>> need to fix. But I think fixing this will need a major refactoring to the
>>> Jaggery files. wdyt?
>>>
>>> [1]
>>> https://github.com/wso2/carbon-dashboards/blob/master/apps/portal/theme/templates/login.jag
>>> [2]
>>> https://github.com/wso2/product-private-paas/blob/v4.1.0-rc1/extensions/das/artifacts/metering-dashboard/jaggery-files/member-info.jag#L26
>>>
>>> Thanks.
>>>
>>> On Tue, Oct 20, 2015 at 8:38 PM, Imesh Gunaratne  wrote:
>>>
 Hi,

 It looks like there are two security issues in the APIs exposed by the
 DAS metering and monitoring dashboards [1], [2]:

- APIs have no authentication mechanism
- Table name is concatenated in the SQL queries

 We may need to add an authentication check similar to analytics.jag [3]:

 var authParam = request.getHeader(AUTHORIZATION_HEADER);
 if (authParam != null) {
 credentials = JSUtils.authenticate(authParam);
 authenticationAdminStub = new
 AuthenticationAdminStub(authenticationWSUrl);
 authenticationAdminStub.login(creden

Re: [Dev] [VOTE] Release WSO2 Private PaaS 4.1.0 RC1

[Gayan Gunarathne]

Hi,

On Tue, Oct 20, 2015 at 11:08 PM, Imesh Gunaratne  wrote:

> On Tue, Oct 20, 2015 at 10:25 PM, Akila Ravihansa Perera <
> raviha...@wso2.com> wrote:
>>
>>
>> I think the proper way to secure the Jaggery services is by using SSO.
>>
>
> I tend to disagree on this statement. SSO is used when authenticating a
> human to a series of software systems. An API should not use SSO for
> authentication rather it should use session based authentication either by
> creating session tokens or API Keys, refer this [3].
>
>
>> According to the thread on wso2dev@ with subject "SingleSignOn support
>> in DAS Analytics Dashboard" this is not yet supported in DAS. The approach
>> taken in analytics.jsg as you mentioned require a separate login screen as
>> in [1]. IMHO, this is not a suitable method to secure a Jaggery based API.
>>
>> No, have a look at the analytics.jag authentication logic. It first
> accepts an Authorization header and creates a session token. Authorization
> header can accept basic auth, see [4]. Afterwards corresponding calls are
> authenticated using authToken/JSESSIONID.
>

Agree with Imesh.I think we need to consider authToken based authentication
that's simplify our requirement.

>
>
>> Regarding table names in SQL queries; this is not the best approach to
>> design the API but these table names are escaped from request parameters
>> [2] which would minimize the risk of a SQL injection attack. This is
>> definitely a potential security issue as well as an API design issue we
>> need to fix. But I think fixing this will need a major refactoring to the
>> Jaggery files. wdyt?
>>
>
> No, we can simply fix this by creating an API per table/entity.
>

You mean to have separate API for each table in the database? So if there
10 tables , there will be more than 10 APIs. I think it wont work when
there are more no of tables.

What about we selecting the table inside the API method based on the
scenario?

Main security vulnerability here is those APIs expect the table name as a
request parameter. We need to remove this.

Thanks,
Gayan


>
>> [1]
>> https://github.com/wso2/carbon-dashboards/blob/master/apps/portal/theme/templates/login.jag
>> [2]
>> https://github.com/wso2/product-private-paas/blob/v4.1.0-rc1/extensions/das/artifacts/metering-dashboard/jaggery-files/member-info.jag#L26
>>
>> [3] https://www.owasp.org/index.php/REST_Security_Cheat_Sheet
> [4]
> https://github.com/wso2/carbon-analytics/blob/d7d4f7c31981eb6aff8921fefba7c030eb11a80a/components/analytics-io/org.wso2.carbon.analytics.jsservice/src/main/java/org/wso2/carbon/analytics/jsservice/Utils.java#L352
>
> Thanks
>
> On Tue, Oct 20, 2015 at 10:25 PM, Akila Ravihansa Perera <
> raviha...@wso2.com> wrote:
>
>> Hi Imesh,
>>
>> I think the proper way to secure the Jaggery services is by using SSO.
>> According to the thread on wso2dev@ with subject "SingleSignOn support
>> in DAS Analytics Dashboard" this is not yet supported in DAS. The approach
>> taken in analytics.jsg as you mentioned require a separate login screen as
>> in [1]. IMHO, this is not a suitable method to secure a Jaggery based API.
>>
>> Regarding table names in SQL queries; this is not the best approach to
>> design the API but these table names are escaped from request parameters
>> [2] which would minimize the risk of a SQL injection attack. This is
>> definitely a potential security issue as well as an API design issue we
>> need to fix. But I think fixing this will need a major refactoring to the
>> Jaggery files. wdyt?
>>
>> [1]
>> https://github.com/wso2/carbon-dashboards/blob/master/apps/portal/theme/templates/login.jag
>> [2]
>> https://github.com/wso2/product-private-paas/blob/v4.1.0-rc1/extensions/das/artifacts/metering-dashboard/jaggery-files/member-info.jag#L26
>>
>> Thanks.
>>
>> On Tue, Oct 20, 2015 at 8:38 PM, Imesh Gunaratne  wrote:
>>
>>> Hi,
>>>
>>> It looks like there are two security issues in the APIs exposed by the
>>> DAS metering and monitoring dashboards [1], [2]:
>>>
>>>- APIs have no authentication mechanism
>>>- Table name is concatenated in the SQL queries
>>>
>>> We may need to add an authentication check similar to analytics.jag [3]:
>>>
>>> var authParam = request.getHeader(AUTHORIZATION_HEADER);
>>> if (authParam != null) {
>>> credentials = JSUtils.authenticate(authParam);
>>> authenticationAdminStub = new
>>> AuthenticationAdminStub(authenticationWSUrl);
>>> authenticationAdminStub.login(credentials[0], credentials[1],
>>> LOCALHOST);
>>> var serviceContext =
>>> authenticationAdminStub._getServiceClient().getLastOperationContext()
>>> .getServiceContext();
>>> var sessionCookie =
>>> serviceContext.getProperty(HTTPConstants.COOKIE_STRING);
>>> options.setProperty(HTTPConstants.COOKIE_STRING, sessionCookie);
>>> } else {
>>> var token = session.get(AUTH_TOKEN);
>>> if (token != null) {
>>> options.setProperty(HTTPConstants.COOKIE_S

Re: [Dev] [VOTE] Release WSO2 Private PaaS 4.1.0 RC1

[Imesh Gunaratne]

On Tue, Oct 20, 2015 at 10:25 PM, Akila Ravihansa Perera  wrote:
>
>
> I think the proper way to secure the Jaggery services is by using SSO.
>

I tend to disagree on this statement. SSO is used when authenticating a
human to a series of software systems. An API should not use SSO for
authentication rather it should use session based authentication either by
creating session tokens or API Keys, refer this [3].


> According to the thread on wso2dev@ with subject "SingleSignOn support in
> DAS Analytics Dashboard" this is not yet supported in DAS. The approach
> taken in analytics.jsg as you mentioned require a separate login screen as
> in [1]. IMHO, this is not a suitable method to secure a Jaggery based API.
>
> No, have a look at the analytics.jag authentication logic. It first
accepts an Authorization header and creates a session token. Authorization
header can accept basic auth, see [4]. Afterwards corresponding calls are
authenticated using authToken/JSESSIONID.


> Regarding table names in SQL queries; this is not the best approach to
> design the API but these table names are escaped from request parameters
> [2] which would minimize the risk of a SQL injection attack. This is
> definitely a potential security issue as well as an API design issue we
> need to fix. But I think fixing this will need a major refactoring to the
> Jaggery files. wdyt?
>

No, we can simply fix this by creating an API per table/entity.

>
> [1]
> https://github.com/wso2/carbon-dashboards/blob/master/apps/portal/theme/templates/login.jag
> [2]
> https://github.com/wso2/product-private-paas/blob/v4.1.0-rc1/extensions/das/artifacts/metering-dashboard/jaggery-files/member-info.jag#L26
>
> [3] https://www.owasp.org/index.php/REST_Security_Cheat_Sheet
[4]
https://github.com/wso2/carbon-analytics/blob/d7d4f7c31981eb6aff8921fefba7c030eb11a80a/components/analytics-io/org.wso2.carbon.analytics.jsservice/src/main/java/org/wso2/carbon/analytics/jsservice/Utils.java#L352

Thanks

On Tue, Oct 20, 2015 at 10:25 PM, Akila Ravihansa Perera  wrote:

> Hi Imesh,
>
> I think the proper way to secure the Jaggery services is by using SSO.
> According to the thread on wso2dev@ with subject "SingleSignOn support in
> DAS Analytics Dashboard" this is not yet supported in DAS. The approach
> taken in analytics.jsg as you mentioned require a separate login screen as
> in [1]. IMHO, this is not a suitable method to secure a Jaggery based API.
>
> Regarding table names in SQL queries; this is not the best approach to
> design the API but these table names are escaped from request parameters
> [2] which would minimize the risk of a SQL injection attack. This is
> definitely a potential security issue as well as an API design issue we
> need to fix. But I think fixing this will need a major refactoring to the
> Jaggery files. wdyt?
>
> [1]
> https://github.com/wso2/carbon-dashboards/blob/master/apps/portal/theme/templates/login.jag
> [2]
> https://github.com/wso2/product-private-paas/blob/v4.1.0-rc1/extensions/das/artifacts/metering-dashboard/jaggery-files/member-info.jag#L26
>
> Thanks.
>
> On Tue, Oct 20, 2015 at 8:38 PM, Imesh Gunaratne  wrote:
>
>> Hi,
>>
>> It looks like there are two security issues in the APIs exposed by the
>> DAS metering and monitoring dashboards [1], [2]:
>>
>>- APIs have no authentication mechanism
>>- Table name is concatenated in the SQL queries
>>
>> We may need to add an authentication check similar to analytics.jag [3]:
>>
>> var authParam = request.getHeader(AUTHORIZATION_HEADER);
>> if (authParam != null) {
>> credentials = JSUtils.authenticate(authParam);
>> authenticationAdminStub = new
>> AuthenticationAdminStub(authenticationWSUrl);
>> authenticationAdminStub.login(credentials[0], credentials[1],
>> LOCALHOST);
>> var serviceContext =
>> authenticationAdminStub._getServiceClient().getLastOperationContext()
>> .getServiceContext();
>> var sessionCookie =
>> serviceContext.getProperty(HTTPConstants.COOKIE_STRING);
>> options.setProperty(HTTPConstants.COOKIE_STRING, sessionCookie);
>> } else {
>> var token = session.get(AUTH_TOKEN);
>> if (token != null) {
>> options.setProperty(HTTPConstants.COOKIE_STRING, token);
>> } else {
>> log.error("user is not authenticated!");
>> response.status = HTTP_USER_NOT_AUTHENTICATED;
>> print('{ "status": "Failed", "message": "User is not
>> authenticated." }');
>> return;
>> }
>> }
>>
>> In addition we may need to avoid concatenating table names in SQL queries.
>>
>> [1]
>> https://github.com/wso2/product-private-paas/tree/v4.1.0-rc1/extensions/das/artifacts/metering-dashboard/jaggery-files
>> [2]
>> https://github.com/wso2/product-private-paas/tree/v4.1.0-rc1/extensions/das/artifacts/monitoring-dashboard/jaggery-files
>> [3]
>> https://github.com/wso2/carbon-dashboards/blob/master/apps/portal/controllers/a

Re: [Dev] [DS] Adding separate landing pages for default and anonymous view

[Udara Rathnayake]

On Tue, Oct 20, 2015 at 10:09 PM, Lasantha Samarakoon 
wrote:

> +1 for Manu's suggestion. Let's make it compulsory to define the anon view
> of the landing page before defining an anon view of any other page.
>
> @Udara: I am afraid of making the landing page anon programmatically as it
> is not intentional. The user won't notice that the anon view has been
> defined for the landing page and he will forget to customize the anon view.
>
True. But I don't think user will make the landing page anon first and
create another page with the anon view. Most of the time users will create
a new page, after that only consider about creating a anon view. But at
that point if we have the anon option disabled, I see some usability gap.

>
>
> Regards,
>
> *Lasantha Samarakoon* | Software Engineer
> WSO2, Inc.
> #20, Palm Grove, Colombo 03, Sri Lanka
> Mobile: +94 (71) 214 1576
> Email:  lasant...@wso2.com
> Web:www.wso2.com
>
> lean . enterprise . middleware
>
> On Tue, Oct 20, 2015 at 7:57 PM, Udara Rathnayake  wrote:
>
>> To make it simple,
>>
>> Once user select anon option in a page we can programmatically make
>> landing page anon. This is what I initially thought of doing.
>>
>> On Tue, Oct 20, 2015 at 7:48 PM, Manuranga Perera  wrote:
>>
>>> wouldn't this be complex. we shouldn't bring any new features if it's
>>> not realy necessary, will just add to maintenance cost.
>>>
>>> how about making it mandatory for landing page to be anon if user make
>>> any page anon.
>>>
>>> that is, you can't make any page anon before making landing anon.
>>>
>>>
>>> UX team what do you think?
>>>
>>> On Tue, Oct 20, 2015 at 6:15 PM, Nipuna Chandradasa 
>>> wrote:
>>>
 Hi team,

 There was a problem which came up during the discussion about anonymous
 view in dashboard server.

 Discussion was about restricting the user creating an anonymous page
 without making the landing page (Home page) of the dashboard anonymous.

 But this way user always have to make the landing page anonymous in
 order to make the other pages anonymous even user does not want to make the
 landing page anonymous.

 So what we came up with was to add an option to define landing pages
 for anonymous state and the default state of the dashboard. So there will
 be two landing pages when it comes to a anonymous dashboard. One landing
 page is for anonymous state and other landing page for default state.

 Appreciate any suggestions and comments on this.

 Thank you.
 --
 Nipuna Marcus
 *Software Engineer*
 WSO2 Inc.
 http://wso2.com/ - "lean . enterprise . middleware"
 Mobile : +94 (0) 713 667906
 nipu...@wso2.com

>>>
>>>
>>>
>>> --
>>> With regards,
>>> *Manu*ranga Perera.
>>>
>>> phone : 071 7 70 20 50
>>> mail : m...@wso2.com
>>>
>>
>>
>
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] [VOTE] Release WSO2 Private PaaS 4.1.0 RC1

[Akila Ravihansa Perera]

Hi Imesh,

I think the proper way to secure the Jaggery services is by using SSO.
According to the thread on wso2dev@ with subject "SingleSignOn support in
DAS Analytics Dashboard" this is not yet supported in DAS. The approach
taken in analytics.jsg as you mentioned require a separate login screen as
in [1]. IMHO, this is not a suitable method to secure a Jaggery based API.

Regarding table names in SQL queries; this is not the best approach to
design the API but these table names are escaped from request parameters
[2] which would minimize the risk of a SQL injection attack. This is
definitely a potential security issue as well as an API design issue we
need to fix. But I think fixing this will need a major refactoring to the
Jaggery files. wdyt?

[1]
https://github.com/wso2/carbon-dashboards/blob/master/apps/portal/theme/templates/login.jag
[2]
https://github.com/wso2/product-private-paas/blob/v4.1.0-rc1/extensions/das/artifacts/metering-dashboard/jaggery-files/member-info.jag#L26

Thanks.

On Tue, Oct 20, 2015 at 8:38 PM, Imesh Gunaratne  wrote:

> Hi,
>
> It looks like there are two security issues in the APIs exposed by the DAS
> metering and monitoring dashboards [1], [2]:
>
>- APIs have no authentication mechanism
>- Table name is concatenated in the SQL queries
>
> We may need to add an authentication check similar to analytics.jag [3]:
>
> var authParam = request.getHeader(AUTHORIZATION_HEADER);
> if (authParam != null) {
> credentials = JSUtils.authenticate(authParam);
> authenticationAdminStub = new
> AuthenticationAdminStub(authenticationWSUrl);
> authenticationAdminStub.login(credentials[0], credentials[1],
> LOCALHOST);
> var serviceContext =
> authenticationAdminStub._getServiceClient().getLastOperationContext()
> .getServiceContext();
> var sessionCookie =
> serviceContext.getProperty(HTTPConstants.COOKIE_STRING);
> options.setProperty(HTTPConstants.COOKIE_STRING, sessionCookie);
> } else {
> var token = session.get(AUTH_TOKEN);
> if (token != null) {
> options.setProperty(HTTPConstants.COOKIE_STRING, token);
> } else {
> log.error("user is not authenticated!");
> response.status = HTTP_USER_NOT_AUTHENTICATED;
> print('{ "status": "Failed", "message": "User is not
> authenticated." }');
> return;
> }
> }
>
> In addition we may need to avoid concatenating table names in SQL queries.
>
> [1]
> https://github.com/wso2/product-private-paas/tree/v4.1.0-rc1/extensions/das/artifacts/metering-dashboard/jaggery-files
> [2]
> https://github.com/wso2/product-private-paas/tree/v4.1.0-rc1/extensions/das/artifacts/monitoring-dashboard/jaggery-files
> [3]
> https://github.com/wso2/carbon-dashboards/blob/master/apps/portal/controllers/apis/analytics.jag#L88
>
> I think we may need to cancel this vote and do RC2 by fixing these
> problems.
>
> Thanks
>
> On Tue, Oct 20, 2015 at 5:02 PM, Akila Ravihansa Perera <
> raviha...@wso2.com> wrote:
>
>> Hi,
>>
>> This is the first release candidate of WSO2 Private PaaS 4.1.0.
>>
>> This release fixes the following issues:
>> https://wso2.org/jira/issues/?filter=12464
>>
>> Please download, test and vote. The vote will be open for 72 hours or as
>> needed.
>>
>> *​Source and binary distribution files:*
>> https://svn.wso2.org/repos/wso2/scratch/PPAAS/wso2ppaas-4.1.0-rc1
>>
>> *Maven staging repository:*
>> http://maven.wso2.org/nexus/content/repositories/orgwso2ppaas-027/
>>
>> *The tag to be voted upon:*
>> https://github.com/wso2/product-private-paas/tree/v4.1.0-rc1
>>
>>
>> [ ] Broken - do not release (explain why)
>> [ ] Stable - go ahead and release
>>
>>
>> Thanks,
>> The WSO2 Private PaaS Team
>>
>> ___
>> Dev mailing list
>> Dev@wso2.org
>> http://wso2.org/cgi-bin/mailman/listinfo/dev
>>
>>
>
>
> --
> *Imesh Gunaratne*
> Senior Technical Lead
> WSO2 Inc: http://wso2.com
> T: +94 11 214 5345 M: +94 77 374 2057
> W: http://imesh.gunaratne.org
> Lean . Enterprise . Middleware
>
>


-- 
Akila Ravihansa Perera
WSO2 Inc.;  http://wso2.com/

Blog: http://ravihansa3000.blogspot.com
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] [DS] Adding separate landing pages for default and anonymous view

[Lasantha Samarakoon]

+1 for Manu's suggestion. Let's make it compulsory to define the anon view
of the landing page before defining an anon view of any other page.

@Udara: I am afraid of making the landing page anon programmatically as it
is not intentional. The user won't notice that the anon view has been
defined for the landing page and he will forget to customize the anon view.


Regards,

*Lasantha Samarakoon* | Software Engineer
WSO2, Inc.
#20, Palm Grove, Colombo 03, Sri Lanka
Mobile: +94 (71) 214 1576
Email:  lasant...@wso2.com
Web:www.wso2.com

lean . enterprise . middleware

On Tue, Oct 20, 2015 at 7:57 PM, Udara Rathnayake  wrote:

> To make it simple,
>
> Once user select anon option in a page we can programmatically make
> landing page anon. This is what I initially thought of doing.
>
> On Tue, Oct 20, 2015 at 7:48 PM, Manuranga Perera  wrote:
>
>> wouldn't this be complex. we shouldn't bring any new features if it's not
>> realy necessary, will just add to maintenance cost.
>>
>> how about making it mandatory for landing page to be anon if user make
>> any page anon.
>>
>> that is, you can't make any page anon before making landing anon.
>>
>>
>> UX team what do you think?
>>
>> On Tue, Oct 20, 2015 at 6:15 PM, Nipuna Chandradasa 
>> wrote:
>>
>>> Hi team,
>>>
>>> There was a problem which came up during the discussion about anonymous
>>> view in dashboard server.
>>>
>>> Discussion was about restricting the user creating an anonymous page
>>> without making the landing page (Home page) of the dashboard anonymous.
>>>
>>> But this way user always have to make the landing page anonymous in
>>> order to make the other pages anonymous even user does not want to make the
>>> landing page anonymous.
>>>
>>> So what we came up with was to add an option to define landing pages for
>>> anonymous state and the default state of the dashboard. So there will be
>>> two landing pages when it comes to a anonymous dashboard. One landing page
>>> is for anonymous state and other landing page for default state.
>>>
>>> Appreciate any suggestions and comments on this.
>>>
>>> Thank you.
>>> --
>>> Nipuna Marcus
>>> *Software Engineer*
>>> WSO2 Inc.
>>> http://wso2.com/ - "lean . enterprise . middleware"
>>> Mobile : +94 (0) 713 667906
>>> nipu...@wso2.com
>>>
>>
>>
>>
>> --
>> With regards,
>> *Manu*ranga Perera.
>>
>> phone : 071 7 70 20 50
>> mail : m...@wso2.com
>>
>
>
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

[Dev] WSO2 Carbon Kernel 4.4.2 Released

[Manuri Amaya Perera]

*WSO2 Carbon Kernel 4.4.2 Released*

​
Carbon team is pleased to announce the release of the Carbon Kernel 4.4.2.

Following are the improvements and bug fixes included in this release.

*Improvements*

   - [CARBON-15463 ] Check the
   existence of group within group search base when groups are assigned to
   given user
   - [CARBON-15223 ] Optimize
   Deployment Synchornizer to prevent unwanted svn status checks
   - [CARBON-15340 ] Carbon
   Clustering Membership Scheme Extension Model
   - [CARBON-15497 ] Support
   setting Database Properties


*Fixed Bugs*

   - [CARBON-15376 ] JSONOMBuilder
   drives system to an indefinite loop
   - [CARBON-15422 ] Webapp
   uploaded in AS 5.3.0 gets corrupted
   - [CARBON-15395 ] Upgrade
   Hazelcast version to 3.5.2
   - [CARBON-15417 ] Cannot
   login from a user in secondary user store, if primary user store is
   inaccessible
   - [CARBON-14508 ]
org.wso2.carbon.registry.core.exceptions.ResourceNotFoundException:
   Resource does not exist at path
   /_system/config/repository/transports/https/listener thrown when accessing
   ?wsdl of Proxy services
   - [CARBON-15473 ] Update
   client-truststore with updated CA certificates
   - [CARBON-14871 ] Carbon
   Management console UI does not check session validity before initialized
   the logout
   - [CARBON-15427 ] LDAP
   connections are not closing propertly in user core
   - [CARBON-15446 ] Deadlock
   when closing subscribers in Oracle
   - [CARBON-15436 ] SSO enabled
   for Carbon Servers - logout functionality leads to unexpected behavior,
   when user is idle / server restart
   - [CARBON-15517 ] Fixing case
   senstivity problem in INTERNAL domain
   - [CARBON-15393 ] When using
   a colon sign ":" in admin password, it giving error
   - [CARBON-15023 ] [Intermittent
   issue] - Security does not get synchronized to workers of some tenants
   (noticed with an axis2service + dataservice)
   - [CARBON-15388 ] Unable to
   log into Carbon Console when appbase path contains some repeating folder
   name in Virtual Host
   - [CARBON-15331 ] Lazy
   Loading does not pick the value from Tenant IdleTime in carbon.xml
   - [CARBON-15460 ] [SCIM
   provisioning connector] Provisioned user is not assigned to the role - when
   User Store Domain is specified
   - [CARBON-15459 ] Back-end
   validation doesn't work for Tenant admin while creating the tenant
   - [CARBON-15452 ] "registry.xml"
   file has converted to dos mode
   - [CARBON-15332 ]
java.util.ConcurrentModificationException
   when invoking API on a tenant
   - [CARBON-15343 ] Engaging of
   modules globally fails
   - [CARBON-15385 ] Deployment
   of a versioned webapp with a context.xml fails in Application Server
   - [CARBON-15339 ] NPE - when
   invoke same namespace service to get json response using gson formatter in
   multi-tenant mode
   - [CARBON-15353 ] Cannot run
   APIM with " -DworkerNode=true" when running as Gateway Worker
   - [CARBON-15396 ] In Rest,
   Post body content doesn't get processed correctly
   - [CARBON-15239 ] Cannot
   connect to Informix DB without using username/password in Datasource Config
   - [CARBON-15410 ] Unable to
   recover from a situation where database server is restarted




*Known Issues*
https://wso2.org/jira/issues/?filter=12397


*How to Contribute*

   - WSO2 Carbon Kernel code is hosted in github.
   - The Git repository is https://github.com/wso2/carbon-kernel/
   - Carbon Kernel 4.4.2 release tag is
   https://github.com/wso2/carbon-kernel/releases/tag/v4.4.2
   - Please report issues at Carbon Jira,
   https://wso2.org/jira/browse/CARBON




*Contact Us *

​WSO2 Carbon developers​ can be contacted via following mailing lists:

   - 

Re: [Dev] [VOTE] Release WSO2 Private PaaS 4.1.0 RC1

[Imesh Gunaratne]

Hi,

It looks like there are two security issues in the APIs exposed by the DAS
metering and monitoring dashboards [1], [2]:

   - APIs have no authentication mechanism
   - Table name is concatenated in the SQL queries

We may need to add an authentication check similar to analytics.jag [3]:

var authParam = request.getHeader(AUTHORIZATION_HEADER);
if (authParam != null) {
credentials = JSUtils.authenticate(authParam);
authenticationAdminStub = new
AuthenticationAdminStub(authenticationWSUrl);
authenticationAdminStub.login(credentials[0], credentials[1],
LOCALHOST);
var serviceContext =
authenticationAdminStub._getServiceClient().getLastOperationContext()
.getServiceContext();
var sessionCookie =
serviceContext.getProperty(HTTPConstants.COOKIE_STRING);
options.setProperty(HTTPConstants.COOKIE_STRING, sessionCookie);
} else {
var token = session.get(AUTH_TOKEN);
if (token != null) {
options.setProperty(HTTPConstants.COOKIE_STRING, token);
} else {
log.error("user is not authenticated!");
response.status = HTTP_USER_NOT_AUTHENTICATED;
print('{ "status": "Failed", "message": "User is not
authenticated." }');
return;
}
}

In addition we may need to avoid concatenating table names in SQL queries.

[1]
https://github.com/wso2/product-private-paas/tree/v4.1.0-rc1/extensions/das/artifacts/metering-dashboard/jaggery-files
[2]
https://github.com/wso2/product-private-paas/tree/v4.1.0-rc1/extensions/das/artifacts/monitoring-dashboard/jaggery-files
[3]
https://github.com/wso2/carbon-dashboards/blob/master/apps/portal/controllers/apis/analytics.jag#L88

I think we may need to cancel this vote and do RC2 by fixing these problems.

Thanks

On Tue, Oct 20, 2015 at 5:02 PM, Akila Ravihansa Perera 
wrote:

> Hi,
>
> This is the first release candidate of WSO2 Private PaaS 4.1.0.
>
> This release fixes the following issues:
> https://wso2.org/jira/issues/?filter=12464
>
> Please download, test and vote. The vote will be open for 72 hours or as
> needed.
>
> *​Source and binary distribution files:*
> https://svn.wso2.org/repos/wso2/scratch/PPAAS/wso2ppaas-4.1.0-rc1
>
> *Maven staging repository:*
> http://maven.wso2.org/nexus/content/repositories/orgwso2ppaas-027/
>
> *The tag to be voted upon:*
> https://github.com/wso2/product-private-paas/tree/v4.1.0-rc1
>
>
> [ ] Broken - do not release (explain why)
> [ ] Stable - go ahead and release
>
>
> Thanks,
> The WSO2 Private PaaS Team
>
> ___
> Dev mailing list
> Dev@wso2.org
> http://wso2.org/cgi-bin/mailman/listinfo/dev
>
>


-- 
*Imesh Gunaratne*
Senior Technical Lead
WSO2 Inc: http://wso2.com
T: +94 11 214 5345 M: +94 77 374 2057
W: http://imesh.gunaratne.org
Lean . Enterprise . Middleware
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] [DS] Adding separate landing pages for default and anonymous view

[Udara Rathnayake]

To make it simple,

Once user select anon option in a page we can programmatically make landing
page anon. This is what I initially thought of doing.

On Tue, Oct 20, 2015 at 7:48 PM, Manuranga Perera  wrote:

> wouldn't this be complex. we shouldn't bring any new features if it's not
> realy necessary, will just add to maintenance cost.
>
> how about making it mandatory for landing page to be anon if user make any
> page anon.
>
> that is, you can't make any page anon before making landing anon.
>
>
> UX team what do you think?
>
> On Tue, Oct 20, 2015 at 6:15 PM, Nipuna Chandradasa 
> wrote:
>
>> Hi team,
>>
>> There was a problem which came up during the discussion about anonymous
>> view in dashboard server.
>>
>> Discussion was about restricting the user creating an anonymous page
>> without making the landing page (Home page) of the dashboard anonymous.
>>
>> But this way user always have to make the landing page anonymous in order
>> to make the other pages anonymous even user does not want to make the
>> landing page anonymous.
>>
>> So what we came up with was to add an option to define landing pages for
>> anonymous state and the default state of the dashboard. So there will be
>> two landing pages when it comes to a anonymous dashboard. One landing page
>> is for anonymous state and other landing page for default state.
>>
>> Appreciate any suggestions and comments on this.
>>
>> Thank you.
>> --
>> Nipuna Marcus
>> *Software Engineer*
>> WSO2 Inc.
>> http://wso2.com/ - "lean . enterprise . middleware"
>> Mobile : +94 (0) 713 667906
>> nipu...@wso2.com
>>
>
>
>
> --
> With regards,
> *Manu*ranga Perera.
>
> phone : 071 7 70 20 50
> mail : m...@wso2.com
>
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] [DS] Adding separate landing pages for default and anonymous view

[Manuranga Perera]

wouldn't this be complex. we shouldn't bring any new features if it's not
realy necessary, will just add to maintenance cost.

how about making it mandatory for landing page to be anon if user make any
page anon.

that is, you can't make any page anon before making landing anon.


UX team what do you think?

On Tue, Oct 20, 2015 at 6:15 PM, Nipuna Chandradasa 
wrote:

> Hi team,
>
> There was a problem which came up during the discussion about anonymous
> view in dashboard server.
>
> Discussion was about restricting the user creating an anonymous page
> without making the landing page (Home page) of the dashboard anonymous.
>
> But this way user always have to make the landing page anonymous in order
> to make the other pages anonymous even user does not want to make the
> landing page anonymous.
>
> So what we came up with was to add an option to define landing pages for
> anonymous state and the default state of the dashboard. So there will be
> two landing pages when it comes to a anonymous dashboard. One landing page
> is for anonymous state and other landing page for default state.
>
> Appreciate any suggestions and comments on this.
>
> Thank you.
> --
> Nipuna Marcus
> *Software Engineer*
> WSO2 Inc.
> http://wso2.com/ - "lean . enterprise . middleware"
> Mobile : +94 (0) 713 667906
> nipu...@wso2.com
>



-- 
With regards,
*Manu*ranga Perera.

phone : 071 7 70 20 50
mail : m...@wso2.com
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

[Dev] [DS] Adding separate landing pages for default and anonymous view

[Nipuna Chandradasa]

Hi team,

There was a problem which came up during the discussion about anonymous
view in dashboard server.

Discussion was about restricting the user creating an anonymous page
without making the landing page (Home page) of the dashboard anonymous.

But this way user always have to make the landing page anonymous in order
to make the other pages anonymous even user does not want to make the
landing page anonymous.

So what we came up with was to add an option to define landing pages for
anonymous state and the default state of the dashboard. So there will be
two landing pages when it comes to a anonymous dashboard. One landing page
is for anonymous state and other landing page for default state.

Appreciate any suggestions and comments on this.

Thank you.
-- 
Nipuna Marcus
*Software Engineer*
WSO2 Inc.
http://wso2.com/ - "lean . enterprise . middleware"
Mobile : +94 (0) 713 667906
nipu...@wso2.com
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

[Dev] Changing Versions in Docker Images of WSO2 Products

[Pubudu Gunatilaka]

Hi,

I am working on $subject. In the current version controlling of docker
images we have the following format.

wso2/am:1.9.0 (This is for WSO2 API Manager 1.9.0)

wso2 - organization
am - repository
1.9.0 - product version

As we have a separate repository for Private Paas Cartridges[1] it is hard
to maintain cartridges with the product version. Therefore following format
is suggested.

wso2/am-1.9.0:4.1.0

wso2 - organization
am-1.9.0 - repository
4.1.0 - private paas cartridge repo version

With this approach we can release any minor changes in docker images or
template modules of a particular product version.

Appreciate any suggestions and comments on this.

[1] - https://github.com/wso2/private-paas-cartridges

Thank you!
-- 
*Pubudu Gunatilaka*
Committer and PMC Member - Apache Stratos
Software Engineer
WSO2, Inc.: http://wso2.com
mobile : +94774079049 <%2B94772207163>
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] [DAS] MySQL Database and Table creation when using carbonJDBC option in spark environment

[Imesh Gunaratne]

Thanks Thanuja, please add above details to the JIRA issue.

On Tue, Oct 20, 2015 at 5:11 PM, Thanuja Uruththirakodeeswaran <
thanu...@wso2.com> wrote:

> Hi Imesh,
>
> Yes, INSERT INTO is not working for carbonJDBC tables which have primary
> keys set when we try to insert record which is already existing in JDBC
> table.
>
> If we set primary key for a JDBC table and in a scheduled spark script
> when we try to copy persisted events raw data from carbonAnaltyics table to
> JDBC table using 'INSERT INTO' query as below:
>
> CREATE TEMPORARY TABLE memberstatus
> USING CarbonAnalytics
> OPTIONS (tableName "MEMBER_LIFECYCLE");
>
> create temporary table member_status_new
> using CarbonJDBC options (dataSource
> "WSO2_ANALYTICS_PROCESSED_DATA_STORE_DB", tableName "MEMBER_STATUS_NEW");
>
> INSERT INTO TABLE member_status_new select timestamp,
> application_id, cluster_alias, member_id,
> member_status from memberstatus;
>
> where MEMBER_STATUS_NEW table is created before hand using following sql
> statement:
> CREATE TABLE ANALYTICS_PROCESSED_DATA_STORE.MEMBER_STATUS_NEW(Time BIGINT
> UNSIGNED, ApplicationId VARCHAR(150), ClusterAlias VARCHAR(150), MemberId
> VARCHAR(150), MemberStatus VARCHAR(50), Primary Key(Time, MemberId));
>
>
> I'm getting below error:
> [2015-10-20 15:38:30,305] ERROR
> {org.wso2.carbon.ntask.core.impl.TaskQuartzJobAdapter} -  Error in
> executing task: Error while saving data to the table MEMBER_STATUS_NEW
> java.lang.RuntimeException: Error while saving data to the table
> MEMBER_STATUS_NEW
> at
> org.apache.spark.sql.jdbc.carbon.JDBCRelation.insert(JDBCRelation.scala:193)
> at org.apache.spark.sql.sources.InsertIntoDataSource.run(commands.scala:53)
> at
> org.apache.spark.sql.execution.ExecutedCommand.sideEffectResult$lzycompute(commands.scala:57)
> at
> org.apache.spark.sql.execution.ExecutedCommand.sideEffectResult(commands.scala:57)
> at
> org.apache.spark.sql.execution.ExecutedCommand.doExecute(commands.scala:68)
> at
> org.apache.spark.sql.execution.SparkPlan$$anonfun$execute$1.apply(SparkPlan.scala:88)
> at
> org.apache.spark.sql.execution.SparkPlan$$anonfun$execute$1.apply(SparkPlan.scala:88)
> at
> org.apache.spark.rdd.RDDOperationScope$.withScope(RDDOperationScope.scala:147)
> at org.apache.spark.sql.execution.SparkPlan.execute(SparkPlan.scala:87)
> at
> org.apache.spark.sql.SQLContext$QueryExecution.toRdd$lzycompute(SQLContext.scala:950)
> at
> org.apache.spark.sql.SQLContext$QueryExecution.toRdd(SQLContext.scala:950)
> at org.apache.spark.sql.DataFrame.(DataFrame.scala:144)
> at org.apache.spark.sql.DataFrame.(DataFrame.scala:128)
> at org.apache.spark.sql.DataFrame$.apply(DataFrame.scala:51)
> at org.apache.spark.sql.SQLContext.sql(SQLContext.scala:755)
> at
> org.wso2.carbon.analytics.spark.core.internal.SparkAnalyticsExecutor.executeQueryLocal(SparkAnalyticsExecutor.java:623)
> at
> org.wso2.carbon.analytics.spark.core.internal.SparkAnalyticsExecutor.executeQuery(SparkAnalyticsExecutor.java:605)
> at
> org.wso2.carbon.analytics.spark.core.CarbonAnalyticsProcessorService.executeQuery(CarbonAnalyticsProcessorService.java:199)
> at
> org.wso2.carbon.analytics.spark.core.CarbonAnalyticsProcessorService.executeScript(CarbonAnalyticsProcessorService.java:149)
> at
> org.wso2.carbon.analytics.spark.core.AnalyticsTask.execute(AnalyticsTask.java:57)
> at
> org.wso2.carbon.ntask.core.impl.TaskQuartzJobAdapter.execute(TaskQuartzJobAdapter.java:67)
> at org.quartz.core.JobRunShell.run(JobRunShell.java:213)
> at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:471)
> at java.util.concurrent.FutureTask.run(FutureTask.java:262)
> at
> java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
> at
> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
> at java.lang.Thread.run(Thread.java:745)
> Caused by:
> org.wso2.carbon.analytics.spark.core.exception.AnalyticsExecutionException:
> Error while saving data to the table MEMBER_STATUS_NEW
> at
> org.apache.spark.sql.jdbc.carbon.package$JDBCWriteDetails$.saveTable(carbon.scala:115)
> at
> org.apache.spark.sql.jdbc.carbon.JDBCRelation.insert(JDBCRelation.scala:188)
> ... 26 more
> Caused by: org.apache.spark.SparkException: Job aborted due to stage
> failure: Task 0 in stage 3584.0 failed 1 times, most recent failure: Lost
> task 0.0 in stage 3584.0 (TID 124672, localhost):
> com.mysql.jdbc.exceptions.jdbc4.MySQLIntegrityConstraintViolationException:
> Duplicate entry
> '1445331059446-single-cartridge-app.my-php.php.domain31185c44-697' for key
> 'PRIMARY'
> at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
> at
> sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:57)
> at
> sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
> at java.lang.reflect.Constructor.newInstance(Constructor.java:526)
> at com.mysql.j

Re: [Dev] Message Format for Dashboard server

[Dakshika Jayathilaka]

Hi Nipuna,

you can use different style formats depending on your requirement.

1. Form field related notifications
2. Form related notifications

for form fields related notifications we are using inline styles. Second
type can use to handle generic notification which belongs to form instead
individual field.

check some sample styles here.
https://htmlpreview.github.io/?https://raw.githubusercontent.com/wso2-dev-ux/product-cloud/master/Markup/form_notification.html

Regards,

*Dakshika Jayathilaka*
PMC Member & Committer of Apache Stratos
Senior Software Engineer
WSO2, Inc.
lean.enterprise.middleware
0771100911

On Tue, Oct 20, 2015 at 5:32 PM, Nipuna Chandradasa 
wrote:

> Hi Dakshika,
>
> As we discussed earlier i am going to develop two options to define
> landing pages for each default and anonymous view.
>
> Also i am going to complete the validation for the Dashboard server
> designer view.
>
> So can you please suggest an message format which can be used across the
> UES?
> ( Any threads regarding this also would be very helpful )
>
> Thank you
> --
> Nipuna Marcus
> *Software Engineer*
> WSO2 Inc.
> http://wso2.com/ - "lean . enterprise . middleware"
> Mobile : +94 (0) 713 667906
> nipu...@wso2.com
>
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] [Jaggery] response.sendError() not working for PUT and DELETE

[Sajith Ariyarathna]

H Thilini,

Seems that I made a mistake here.

> I tested with your code snippet and it works fine to me. Please check &
> compare your *jaggery.conf* file with the given below.
>
> {
>   "displayName": "test",
>   "logLevel": "debug",
>   "urlMappings": [
> {
>   "url": "/debug/*",
>   "path": "/lib/debugging.jag"
> }
>   ],
>   "errorPages": {
> "404": "/app/error.html"
>   }
> }
>
> I forgot to test above config for PUT & DELETE requested before posting.
When I ran a full test, I was able to produce 403 Forbidden for PUT and
DELETE requests..

I looked into the problem and looks like it goes all the way to Tomcat.
Jaggery error pages are implemented via Tomcat "custom error pages" option
[1]. When you call response.sendError function in Jaggery, it ultimately
calls HttpServletResponse.sendError [2] method. In Tomcat's implementation,
sendError method restarts the entire request routing/dispatching process.
So when sendError is called for a PUT or DELETE request, whole dispatching
process restarts and try to serve the configured custom error page (
*error.html*) [3]. Since *error.html* is a static resource, now the request
is handled by the DefaultServlet [4]. Now for the DefaultServlet, the HTTP
request looks like "*apply PUT/DELETE operation on error.html*". Here,
DefaultServlet's *readonly* property comes to play [5]. Default value of
the *readonly* property is true which means clients cannot modify or delete
static resources in the server. Hence "*appying PUT/DELETE operation on
error.html*" is forbidden. Therefore the 403 Forbidden is sent to the
client.

[1] http://wiki.apache.org/tomcat/FAQ/Miscellaneous#Q6
[2]
https://tomcat.apache.org/tomcat-5.5-doc/servletapi/javax/servlet/http/HttpServletResponse.html#sendError(int)
[3] http://stackoverflow.com/a/23177116/1577286
[4] https://tomcat.apache.org/tomcat-7.0-doc/default-servlet.html#what
[5] https://tomcat.apache.org/tomcat-7.0-doc/security-howto.html#web.xml

Thanks.

On Tue, Oct 20, 2015 at 3:10 PM, Dakshika Jayathilaka 
wrote:

> Hi,
>
> Can you check the jaggery version that your using. AFAIK there are several
> changes done in latest version.
>
> Regards,
>
> *Dakshika Jayathilaka*
> PMC Member & Committer of Apache Stratos
> Senior Software Engineer
> WSO2, Inc.
> lean.enterprise.middleware
> 0771100911
>
> On Tue, Oct 20, 2015 at 2:58 PM, Thilini Cooray  wrote:
>
>> Hi,
>>
>> Our jaggery.conf file is like this [1].
>> Since HTTP GET and POST are working fine.
>> I doubt whether this can be an issue with the conf file.
>>
>> [1]
>> https://github.com/wso2/carbon-apimgt/blob/release-1.9.0/features/apimgt/org.wso2.carbon.apimgt.store.feature/src/main/resources/store/jaggery.conf
>>
>> Thanks.
>>
>> On Tue, Oct 20, 2015 at 2:38 PM, Sajith Ariyarathna 
>> wrote:
>>
>>> Hi Thilini,
>>>
>>> I tested with your code snippet and it works fine to me. Please check &
>>> compare your *jaggery.conf* file with the given below.
>>>
>>> {
>>>   "displayName": "test",
>>>   "logLevel": "debug",
>>>   "urlMappings": [
>>> {
>>>   "url": "/debug/*",
>>>   "path": "/lib/debugging.jag"
>>> }
>>>   ],
>>>   "errorPages": {
>>> "404": "/app/error.html"
>>>   }
>>> }
>>>
>>>
>>> Thanks.
>>>
>>> On Tue, Oct 20, 2015 at 10:54 AM, Thilini Cooray 
>>> wrote:
>>>
 Hi,

 This is the source.

 var uri = request.getRequestURI();

 var callPath=uri.replace("/store","");

 var action = "list"; // default action list the topics
 if(uri != null) {
 var uriMatcher = new URIMatcher(callPath);
 if (uriMatcher.match("/forum") || uriMatcher.match("/forum/")) {
 action = "list";
 }
 else if (uriMatcher.match("/forum/new")) {
 action = "new"; // create topic
 }
 else if (uriMatcher.match("/forum/new/{id}")) {
 action = "new"; // create topic
 }
 else if (uriMatcher.match("/forum/topic/{id}")) {
 var topic = uriMatcher.elements().id;
 action = "topic";
 } else {
 action = "exit";
 }
 }

 if(action == "exit"){
 *response.sendError(404);*
 } else {

 // Logic comes here

 }

 404 will refer to 
 /repository/deployment/server/jaggeryapps/store/pages/error-pages/404.html


 Thanks.



 On Tue, Oct 20, 2015 at 10:39 AM, Sajith Ariyarathna >>> > wrote:

> Hi Thilini,
>
> Can you share your code here?
>
> I tested following Jaggery code. (Test was executed in* AppM 1.0.0*
> pack and *Advanced Rest Client* was used as the HTTP client)
>
> *URL Mapping in jaggery.conf: *
>
> {
>
> "url": "/test/*",
>
> "path": "/lib/test.jag"
>
> }
>
>
> *File*: *test.jag*
>
> *Code:*
>
> var log = new Log("[testing]");
>
> log.info("Hit for HTTP method " + request.getMethod());
>
> response.sen

[Dev] WSO2 Committers += Shenavi de Mel

[Amila Maha Arachchi]

Hi all,

Its my pleasure to welcome Shenavi de Mel as a WSO2 Committer. Shenavi is a
member of WSO2 Cloud team and has been contributing to the team in
development, integration and deployment work. In recognition of her
contribution, she has been voted as a WSO2 Committer.

Shenavi, welcome aboard and keep up the good work..

Regards,
Amila.

-- 
*Amila Maharachchi*
Senior Technical Lead
WSO2, Inc.; http://wso2.com

Blog: http://maharachchi.blogspot.com
Mobile: +94719371446
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

[Dev] Message Format for Dashboard server

[Nipuna Chandradasa]

Hi Dakshika,

As we discussed earlier i am going to develop two options to define landing
pages for each default and anonymous view.

Also i am going to complete the validation for the Dashboard server
designer view.

So can you please suggest an message format which can be used across the
UES?
( Any threads regarding this also would be very helpful )

Thank you
-- 
Nipuna Marcus
*Software Engineer*
WSO2 Inc.
http://wso2.com/ - "lean . enterprise . middleware"
Mobile : +94 (0) 713 667906
nipu...@wso2.com
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] [DAS] MySQL Database and Table creation when using carbonJDBC option in spark environment

[Thanuja Uruththirakodeeswaran]

Hi Imesh,

Yes, INSERT INTO is not working for carbonJDBC tables which have primary
keys set when we try to insert record which is already existing in JDBC
table.

If we set primary key for a JDBC table and in a scheduled spark script when
we try to copy persisted events raw data from carbonAnaltyics table to JDBC
table using 'INSERT INTO' query as below:

CREATE TEMPORARY TABLE memberstatus
USING CarbonAnalytics
OPTIONS (tableName "MEMBER_LIFECYCLE");

create temporary table member_status_new
using CarbonJDBC options (dataSource
"WSO2_ANALYTICS_PROCESSED_DATA_STORE_DB", tableName "MEMBER_STATUS_NEW");

INSERT INTO TABLE member_status_new select timestamp,
application_id, cluster_alias, member_id,
member_status from memberstatus;

where MEMBER_STATUS_NEW table is created before hand using following sql
statement:
CREATE TABLE ANALYTICS_PROCESSED_DATA_STORE.MEMBER_STATUS_NEW(Time BIGINT
UNSIGNED, ApplicationId VARCHAR(150), ClusterAlias VARCHAR(150), MemberId
VARCHAR(150), MemberStatus VARCHAR(50), Primary Key(Time, MemberId));


I'm getting below error:
[2015-10-20 15:38:30,305] ERROR
{org.wso2.carbon.ntask.core.impl.TaskQuartzJobAdapter} -  Error in
executing task: Error while saving data to the table MEMBER_STATUS_NEW
java.lang.RuntimeException: Error while saving data to the table
MEMBER_STATUS_NEW
at
org.apache.spark.sql.jdbc.carbon.JDBCRelation.insert(JDBCRelation.scala:193)
at org.apache.spark.sql.sources.InsertIntoDataSource.run(commands.scala:53)
at
org.apache.spark.sql.execution.ExecutedCommand.sideEffectResult$lzycompute(commands.scala:57)
at
org.apache.spark.sql.execution.ExecutedCommand.sideEffectResult(commands.scala:57)
at
org.apache.spark.sql.execution.ExecutedCommand.doExecute(commands.scala:68)
at
org.apache.spark.sql.execution.SparkPlan$$anonfun$execute$1.apply(SparkPlan.scala:88)
at
org.apache.spark.sql.execution.SparkPlan$$anonfun$execute$1.apply(SparkPlan.scala:88)
at
org.apache.spark.rdd.RDDOperationScope$.withScope(RDDOperationScope.scala:147)
at org.apache.spark.sql.execution.SparkPlan.execute(SparkPlan.scala:87)
at
org.apache.spark.sql.SQLContext$QueryExecution.toRdd$lzycompute(SQLContext.scala:950)
at
org.apache.spark.sql.SQLContext$QueryExecution.toRdd(SQLContext.scala:950)
at org.apache.spark.sql.DataFrame.(DataFrame.scala:144)
at org.apache.spark.sql.DataFrame.(DataFrame.scala:128)
at org.apache.spark.sql.DataFrame$.apply(DataFrame.scala:51)
at org.apache.spark.sql.SQLContext.sql(SQLContext.scala:755)
at
org.wso2.carbon.analytics.spark.core.internal.SparkAnalyticsExecutor.executeQueryLocal(SparkAnalyticsExecutor.java:623)
at
org.wso2.carbon.analytics.spark.core.internal.SparkAnalyticsExecutor.executeQuery(SparkAnalyticsExecutor.java:605)
at
org.wso2.carbon.analytics.spark.core.CarbonAnalyticsProcessorService.executeQuery(CarbonAnalyticsProcessorService.java:199)
at
org.wso2.carbon.analytics.spark.core.CarbonAnalyticsProcessorService.executeScript(CarbonAnalyticsProcessorService.java:149)
at
org.wso2.carbon.analytics.spark.core.AnalyticsTask.execute(AnalyticsTask.java:57)
at
org.wso2.carbon.ntask.core.impl.TaskQuartzJobAdapter.execute(TaskQuartzJobAdapter.java:67)
at org.quartz.core.JobRunShell.run(JobRunShell.java:213)
at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:471)
at java.util.concurrent.FutureTask.run(FutureTask.java:262)
at
java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
at
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
at java.lang.Thread.run(Thread.java:745)
Caused by:
org.wso2.carbon.analytics.spark.core.exception.AnalyticsExecutionException:
Error while saving data to the table MEMBER_STATUS_NEW
at
org.apache.spark.sql.jdbc.carbon.package$JDBCWriteDetails$.saveTable(carbon.scala:115)
at
org.apache.spark.sql.jdbc.carbon.JDBCRelation.insert(JDBCRelation.scala:188)
... 26 more
Caused by: org.apache.spark.SparkException: Job aborted due to stage
failure: Task 0 in stage 3584.0 failed 1 times, most recent failure: Lost
task 0.0 in stage 3584.0 (TID 124672, localhost):
com.mysql.jdbc.exceptions.jdbc4.MySQLIntegrityConstraintViolationException:
Duplicate entry
'1445331059446-single-cartridge-app.my-php.php.domain31185c44-697' for key
'PRIMARY'
at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
at
sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:57)
at
sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
at java.lang.reflect.Constructor.newInstance(Constructor.java:526)
at com.mysql.jdbc.Util.handleNewInstance(Util.java:400)
at com.mysql.jdbc.Util.getInstance(Util.java:383)
at com.mysql.jdbc.SQLError.createSQLException(SQLError.java:973)
at com.mysql.jdbc.MysqlIO.checkErrorPacket(MysqlIO.java:3847)
at com.mysql.jdbc.MysqlIO.checkErrorPacket(MysqlIO.java:3783)
at com.mysql.jdbc.MysqlIO.sendCommand(MysqlIO.java:2447)
at com.my

[Dev] [VOTE] Release WSO2 Private PaaS 4.1.0 RC1

[Akila Ravihansa Perera]

Hi,

This is the first release candidate of WSO2 Private PaaS 4.1.0.

This release fixes the following issues:
https://wso2.org/jira/issues/?filter=12464

Please download, test and vote. The vote will be open for 72 hours or as
needed.

*​Source and binary distribution files:*
https://svn.wso2.org/repos/wso2/scratch/PPAAS/wso2ppaas-4.1.0-rc1

*Maven staging repository:*
http://maven.wso2.org/nexus/content/repositories/orgwso2ppaas-027/

*The tag to be voted upon:*
https://github.com/wso2/product-private-paas/tree/v4.1.0-rc1


[ ] Broken - do not release (explain why)
[ ] Stable - go ahead and release


Thanks,
The WSO2 Private PaaS Team
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] [DAS] MySQL Database and Table creation when using carbonJDBC option in spark environment

[Imesh Gunaratne]

Hi Thanuja,

Can you please explain the following statement that you have mentioned in
the JIRA?

2. Also we can't execute INSERT INTO for carbonJDBC table which has primary
key set.


This looks to me that INSERT INTO does not work with CarbonJDBC with tables
having primary keys.

Thanks


On Tue, Oct 20, 2015 at 1:38 PM, Thanuja Uruththirakodeeswaran <
thanu...@wso2.com> wrote:

> Hi Niranda,
>
> I have created a jira [1] to track the issues we have in carbonJDBC option.
>
> [1]. https://wso2.org/jira/browse/DAS-273
>
> Thanks.
>
> On Thu, Oct 1, 2015 at 3:12 PM, Sinthuja Ragendran 
> wrote:
>
>> Hi Niranda,
>>
>> On Thu, Oct 1, 2015 at 2:28 PM, Inosh Goonewardena 
>> wrote:
>>
>>> Hi Niranda,
>>>
>>> On Thu, Oct 1, 2015 at 1:33 PM, Sinthuja Ragendran 
>>> wrote:
>>>
 Hi Niranda,

 On Thu, Oct 1, 2015 at 1:28 PM, Niranda Perera 
 wrote:

> Hi Thanuja and Imesh,
>
> let me clarify the use of the term "create temporary table" with
> regard to Spark.
> inside DAS we save ('persist') data in DAL (Dara access layer) tables.
> So in order for us to query these tables, spark needs some sort of a
> mapping to the tables in DAL in its runtime environment. This mapping is
> created in the temporary table queries. These temp tables are only a
> mapping. Not a physical table.
>
> @thanuja, yes you are correct! We have to manually create the tables
> in MySQL before making the temp table mapping in Spark SQL.
>
 With Carbon JDBC connector, can we try to create the table if it is not
 existing? May be we can let the users to pass the actual create table
 statement as another parameter with options.  IMHO it will be more user
 friendly if we could do that, WDYT?

>>>
>>> Yes. +1. For tables created using CarbonAnalytics it is possible to
>>> provide the table schema as below [1]. I believe we can use the similar
>>> approach in CarbonJDBC also to  provide the create table query.
>>>
>>> As per the current implementation what happens is even though the table
>>> is created manually before the script execution, "insert overwrite..."
>>> statement execution will delete the original table and recreate a new table
>>> using a generated schema(schema information is generated using the original
>>> table structure). In this approach, table that is re-created at the query
>>> execution will not have primary keys and indexes of the original table(if
>>> there were any). So if we can provide a complete create table query, we can
>>> preserve original table structure too.
>>>
>>
>> Yeah, +1.
>>
>>
>>>
>>> On the other hand, I believe we should also support "insert into.."
>>> statements in CarbonJDBC. "insert into.." statements will not delete and
>>> recreate the table like the "insert overwrite..." statements, and it will
>>> only update the existing table[2].
>>>
>>
>> Yeah, I also have concern on this. Because currently the insert overwrite
>> statement drops the table, and repopulate the data entirely, and hence the
>> dashboard which reads from the table may be empty/partial data. This is
>> also an issue when we are purging the original data scenario, where the
>> summarised data will also be cleaned and no old data available to
>> repopulate the summarised data again. Can we have it as replace the row if
>> it's already existing in insert overwrite, rather dropping the entire table
>> to avoid such issues?
>>
>> Thanks,
>> Sinthuja.
>>
>>
>>>
>>> [1] CREATE TEMPORARY TABLE plugUsage
>>> USING CarbonAnalytics
>>> OPTIONS (tableName "plug_usage",
>>> * schema "house_id INT, household_id INT, plug_id INT, usage
>>> FLOAT"*,
>>>  primaryKeys "household_id, plug_id"
>>> );
>>>
>>> [2] [Dev] [Architecture] Carbon Spark JDBC connector
>>>
>>>

 Thanks,
 Sinthuja.


> On Thu, Oct 1, 2015 at 9:53 AM, Thanuja Uruththirakodeeswaran <
> thanu...@wso2.com> wrote:
>>
>>
>> In DAS spark environment, we can't directly insert the analyzed data
>> to our mysql table. We should create a temporary table using our
>> datasources to manipulate them.
>>
>
> Yes, can you please explain the reasons? What does this analysis do?
> Why we cannot directly insert them to the RDBMS?
>
> Thanks
>
> On Thu, Oct 1, 2015 at 9:53 AM, Thanuja Uruththirakodeeswaran <
> thanu...@wso2.com> wrote:
>
>> Hi Imesh,
>>
>> If we take the above scenario, I need to insert the
>> analyzed/aggregated data which is obtained as result after spark sql
>> processing, to my mysql table (sample_table). In order to do that, first 
>> we
>> need to create a temporary table using the corresponding mysql database
>> (sample_datasource) and table(sample_table) in spark environment and then
>> only by inserting data to this temporary table in spark environment, we 
>> can
>> update our mysql table.
>>
>> In DAS spark environment, w

Re: [Dev] [Jaggery] response.sendError() not working for PUT and DELETE

[Dakshika Jayathilaka]

Hi,

Can you check the jaggery version that your using. AFAIK there are several
changes done in latest version.

Regards,

*Dakshika Jayathilaka*
PMC Member & Committer of Apache Stratos
Senior Software Engineer
WSO2, Inc.
lean.enterprise.middleware
0771100911

On Tue, Oct 20, 2015 at 2:58 PM, Thilini Cooray  wrote:

> Hi,
>
> Our jaggery.conf file is like this [1].
> Since HTTP GET and POST are working fine.
> I doubt whether this can be an issue with the conf file.
>
> [1]
> https://github.com/wso2/carbon-apimgt/blob/release-1.9.0/features/apimgt/org.wso2.carbon.apimgt.store.feature/src/main/resources/store/jaggery.conf
>
> Thanks.
>
> On Tue, Oct 20, 2015 at 2:38 PM, Sajith Ariyarathna 
> wrote:
>
>> Hi Thilini,
>>
>> I tested with your code snippet and it works fine to me. Please check &
>> compare your *jaggery.conf* file with the given below.
>>
>> {
>>   "displayName": "test",
>>   "logLevel": "debug",
>>   "urlMappings": [
>> {
>>   "url": "/debug/*",
>>   "path": "/lib/debugging.jag"
>> }
>>   ],
>>   "errorPages": {
>> "404": "/app/error.html"
>>   }
>> }
>>
>>
>> Thanks.
>>
>> On Tue, Oct 20, 2015 at 10:54 AM, Thilini Cooray 
>> wrote:
>>
>>> Hi,
>>>
>>> This is the source.
>>>
>>> var uri = request.getRequestURI();
>>>
>>> var callPath=uri.replace("/store","");
>>>
>>> var action = "list"; // default action list the topics
>>> if(uri != null) {
>>> var uriMatcher = new URIMatcher(callPath);
>>> if (uriMatcher.match("/forum") || uriMatcher.match("/forum/")) {
>>> action = "list";
>>> }
>>> else if (uriMatcher.match("/forum/new")) {
>>> action = "new"; // create topic
>>> }
>>> else if (uriMatcher.match("/forum/new/{id}")) {
>>> action = "new"; // create topic
>>> }
>>> else if (uriMatcher.match("/forum/topic/{id}")) {
>>> var topic = uriMatcher.elements().id;
>>> action = "topic";
>>> } else {
>>> action = "exit";
>>> }
>>> }
>>>
>>> if(action == "exit"){
>>> *response.sendError(404);*
>>> } else {
>>>
>>> // Logic comes here
>>>
>>> }
>>>
>>> 404 will refer to 
>>> /repository/deployment/server/jaggeryapps/store/pages/error-pages/404.html
>>>
>>>
>>> Thanks.
>>>
>>>
>>>
>>> On Tue, Oct 20, 2015 at 10:39 AM, Sajith Ariyarathna 
>>> wrote:
>>>
 Hi Thilini,

 Can you share your code here?

 I tested following Jaggery code. (Test was executed in* AppM 1.0.0*
 pack and *Advanced Rest Client* was used as the HTTP client)

 *URL Mapping in jaggery.conf: *

 {

 "url": "/test/*",

 "path": "/lib/test.jag"

 }


 *File*: *test.jag*

 *Code:*

 var log = new Log("[testing]");

 log.info("Hit for HTTP method " + request.getMethod());

 response.sendError(404, "Testing page not found.");


 *Terminal Output:*

 [2015-10-20 10:26:52,885]  INFO - [testing] Hit for HTTP method GET

 [2015-10-20 10:26:57,499]  INFO - [testing] Hit for HTTP method POST

 [2015-10-20 10:27:02,045]  INFO - [testing] Hit for HTTP method PUT

 [2015-10-20 10:27:06,011]  INFO - [testing] Hit for HTTP method DELETE

 [2015-10-20 10:27:08,491]  INFO - [testing] Hit for HTTP method HEAD

 [2015-10-20 10:27:10,860]  INFO - [testing] Hit for HTTP method OPTIONS


 *HTTP Output:*

 404 Not Found

 404 Not Found

 404 Not Found

 404 Not Found

 404 Not Found

 404 Not Found


 Since the expected output was received in above, I believe the issue is
 on your side, not in Jaggery.

 Thanks.

 On Mon, Oct 19, 2015 at 2:04 PM, Thilini Cooray 
 wrote:

> Hi,
>
> I want to send error messages for invalid URLs from API Manager Store
> jaggery layer.
>
> I use response.sendError(404) for this purpose.
> For HTTP POST and GET this method returns the correct error page while
> it doesn't return any message for PUT and DELETE.
>
> I debugged [1] and found out that the errors send in all HTTP methods
> gets hit in
>
> rho.response.sendError((Integer) args[0]);
>
> Output stream of rho.response also contains the correct error page in
> all HTTP methods.
> Yet it doesn't get returned in HTTP PUT and DELETE methods.
>
> I am unable to figure out the reason for this behaviour.
> Any help is appreciated.
>
> Thanks.
>
> [1]
> http://svn.wso2.org/repos/wso2/carbon/platform/tags/turing-chunk04/components/jaggery/0.9.0.ALPHA4.wso2v1/hostobjects/org.jaggeryjs.hostobjects.web/src/main/java/org/jaggeryjs/hostobjects/web/ResponseHostObject.java
>
> --
> Best Regards,
>
> *Thilini Cooray*
> Software Engineer
> Mobile : +94 (0) 774 570 112 <%2B94%20%280%29%20773%20451194>
> E-mail : thili...@wso2.com
>
> WSO2 Inc. www.wso2.com
> lean.enterprise.middle

Re: [Dev] [Jaggery] response.sendError() not working for PUT and DELETE

[Thilini Cooray]

Hi,

Our jaggery.conf file is like this [1].
Since HTTP GET and POST are working fine.
I doubt whether this can be an issue with the conf file.

[1]
https://github.com/wso2/carbon-apimgt/blob/release-1.9.0/features/apimgt/org.wso2.carbon.apimgt.store.feature/src/main/resources/store/jaggery.conf

Thanks.

On Tue, Oct 20, 2015 at 2:38 PM, Sajith Ariyarathna 
wrote:

> Hi Thilini,
>
> I tested with your code snippet and it works fine to me. Please check &
> compare your *jaggery.conf* file with the given below.
>
> {
>   "displayName": "test",
>   "logLevel": "debug",
>   "urlMappings": [
> {
>   "url": "/debug/*",
>   "path": "/lib/debugging.jag"
> }
>   ],
>   "errorPages": {
> "404": "/app/error.html"
>   }
> }
>
>
> Thanks.
>
> On Tue, Oct 20, 2015 at 10:54 AM, Thilini Cooray 
> wrote:
>
>> Hi,
>>
>> This is the source.
>>
>> var uri = request.getRequestURI();
>>
>> var callPath=uri.replace("/store","");
>>
>> var action = "list"; // default action list the topics
>> if(uri != null) {
>> var uriMatcher = new URIMatcher(callPath);
>> if (uriMatcher.match("/forum") || uriMatcher.match("/forum/")) {
>> action = "list";
>> }
>> else if (uriMatcher.match("/forum/new")) {
>> action = "new"; // create topic
>> }
>> else if (uriMatcher.match("/forum/new/{id}")) {
>> action = "new"; // create topic
>> }
>> else if (uriMatcher.match("/forum/topic/{id}")) {
>> var topic = uriMatcher.elements().id;
>> action = "topic";
>> } else {
>> action = "exit";
>> }
>> }
>>
>> if(action == "exit"){
>> *response.sendError(404);*
>> } else {
>>
>> // Logic comes here
>>
>> }
>>
>> 404 will refer to 
>> /repository/deployment/server/jaggeryapps/store/pages/error-pages/404.html
>>
>>
>> Thanks.
>>
>>
>>
>> On Tue, Oct 20, 2015 at 10:39 AM, Sajith Ariyarathna 
>> wrote:
>>
>>> Hi Thilini,
>>>
>>> Can you share your code here?
>>>
>>> I tested following Jaggery code. (Test was executed in* AppM 1.0.0*
>>> pack and *Advanced Rest Client* was used as the HTTP client)
>>>
>>> *URL Mapping in jaggery.conf: *
>>>
>>> {
>>>
>>> "url": "/test/*",
>>>
>>> "path": "/lib/test.jag"
>>>
>>> }
>>>
>>>
>>> *File*: *test.jag*
>>>
>>> *Code:*
>>>
>>> var log = new Log("[testing]");
>>>
>>> log.info("Hit for HTTP method " + request.getMethod());
>>>
>>> response.sendError(404, "Testing page not found.");
>>>
>>>
>>> *Terminal Output:*
>>>
>>> [2015-10-20 10:26:52,885]  INFO - [testing] Hit for HTTP method GET
>>>
>>> [2015-10-20 10:26:57,499]  INFO - [testing] Hit for HTTP method POST
>>>
>>> [2015-10-20 10:27:02,045]  INFO - [testing] Hit for HTTP method PUT
>>>
>>> [2015-10-20 10:27:06,011]  INFO - [testing] Hit for HTTP method DELETE
>>>
>>> [2015-10-20 10:27:08,491]  INFO - [testing] Hit for HTTP method HEAD
>>>
>>> [2015-10-20 10:27:10,860]  INFO - [testing] Hit for HTTP method OPTIONS
>>>
>>>
>>> *HTTP Output:*
>>>
>>> 404 Not Found
>>>
>>> 404 Not Found
>>>
>>> 404 Not Found
>>>
>>> 404 Not Found
>>>
>>> 404 Not Found
>>>
>>> 404 Not Found
>>>
>>>
>>> Since the expected output was received in above, I believe the issue is
>>> on your side, not in Jaggery.
>>>
>>> Thanks.
>>>
>>> On Mon, Oct 19, 2015 at 2:04 PM, Thilini Cooray 
>>> wrote:
>>>
 Hi,

 I want to send error messages for invalid URLs from API Manager Store
 jaggery layer.

 I use response.sendError(404) for this purpose.
 For HTTP POST and GET this method returns the correct error page while
 it doesn't return any message for PUT and DELETE.

 I debugged [1] and found out that the errors send in all HTTP methods
 gets hit in

 rho.response.sendError((Integer) args[0]);

 Output stream of rho.response also contains the correct error page in
 all HTTP methods.
 Yet it doesn't get returned in HTTP PUT and DELETE methods.

 I am unable to figure out the reason for this behaviour.
 Any help is appreciated.

 Thanks.

 [1]
 http://svn.wso2.org/repos/wso2/carbon/platform/tags/turing-chunk04/components/jaggery/0.9.0.ALPHA4.wso2v1/hostobjects/org.jaggeryjs.hostobjects.web/src/main/java/org/jaggeryjs/hostobjects/web/ResponseHostObject.java

 --
 Best Regards,

 *Thilini Cooray*
 Software Engineer
 Mobile : +94 (0) 774 570 112 <%2B94%20%280%29%20773%20451194>
 E-mail : thili...@wso2.com

 WSO2 Inc. www.wso2.com
 lean.enterprise.middleware

 ___
 Dev mailing list
 Dev@wso2.org
 http://wso2.org/cgi-bin/mailman/listinfo/dev


>>>
>>>
>>> --
>>> Sajith Ariyarathna
>>> Software Engineer; WSO2, Inc.;  http://wso2.com/
>>> mobile: +94 77 6602284, +94 71 3951048
>>>
>>
>>
>>
>> --
>> Best Regards,
>>
>> *Thilini Cooray*
>> Software Engineer
>> Mobile : +94 (0) 774 570 112 <%2B94%20%280%29%20773%20451194>
>> E-mail : thili...@wso2.com
>>
>> WSO2 Inc. www.wso2.com
>> lean.enterpri

[Dev] WSO2EMM 2.0.0 Milestone 7 Released

[Geeth Munasinghe]

Hi all,

We are pleased to announce that WSO2EMM 2.0.0 Milestone 7 is released.

This release includes the following features and improvements.

   1. Adding users and sending email invitations.  (admin ui)
   2. Adding roles (admin ui)
   3. View device details (Admin ui)
   4. Android device management
  1. Device Enrollment
  2. Executing device operations (Admin ui & Android Agent)
   5. Windows
  1. Device Enrollment
  2. Executing device operations (Admin ui & Windows native agent)
   6. Operations
  1. Add operations to device  (Admin ui)
   7. Policy
  1. Add policy (Admin ui)
  2. Edit policy (Admin ui)
  3. Change priorities (Admin ui)
  4. Change management (When a policy changed, related devices should
  be notified to apply new changes)
  5. Monitoring the device to check whether applied policy is violated
  or not.


References

Product  can be downloaded from [1].
[1] https://svn.wso2.org/repos/wso2/people/prabatha/MDM/2.0.0-M7/

Thanks
Geeth


*G. K. S. Munasinghe*
*Senior Software Engineer,*
*WSO2, Inc. http://wso2.com  *
*lean.enterprise.middleware.*

email: ge...@wso2.com
phone:(+94) 777911226
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] [DEV] Implement unit/integration test cases for API Manager JAX-RS Rest API

[Sanjeewa Malalgoda]

QAA team shall we have discussion on this and come to conclusion?
Please let us know possible time slots.

Thanks,
sanjeewa.

On Mon, Oct 19, 2015 at 12:44 PM, Sanjeewa Malalgoda 
wrote:

> Here idea is easily manage the tests and web application.
> Since web application purely depend on swagger definition it will
> automatically generate beans, service skeletons etc.
>
> So in same way if we implement test cases we don't have to go and edit
> test case code after we adding new parameters or something like that.
> What we can simply do is change sample data set feed into test.
>
>
>
> On Mon, Oct 19, 2015 at 12:34 PM, Joseph Fonseka  wrote:
>
>> Hi Nuwan
>>
>> Thanks for pointing that out, in that case test can be version-ed so auto
>> generated tests for version 1.0.0 should work with API 1.0.1 ...
>>
>> WDYT?
>>
>> Regards
>> Jo
>>
>> On Mon, Oct 19, 2015 at 12:29 PM, Nuwan Dias  wrote:
>>
>>> Is it right to auto-generate the test client code? IMO one objective of
>>> this should be to make sure the REST APIs don't change across patch
>>> releases, etc. If we auto-generate the test stubs we would loose that
>>> advantage.
>>>
>> I don't get how we loose advantage here.
> If we don't want to change service API we don't have to edit swagger json
> and that is it.
> Then it will not change service API, neither test client or data set feed
> in to test.
> If we consider both integration and unit tests those will be released
> anyway with product and component release.
> So tests will be automatically version-ed with component/product version.
>
> Thanks,
> sanjeewa.
>
>
>>
>>> Thanks,
>>> NuwanD.
>>>
>>> On Mon, Oct 19, 2015 at 12:26 PM, Joseph Fonseka 
>>> wrote:
>>>
 Hi Sanjeewa

 Saneth & I had an offline chat regarding this last week there are few
 things we need to consider.

 1. Generating integration test for the Jax-RS functionality ex . If
 crud operations work, if it returns correct error messages.
  -  We can use swagger-codegen to do this.
  -  API Definition has all the details of the API interface
 what missing are the data fixtures.
  - There are few options with the fixtures which we can auto
 generate since the schema of the model is there or we can use a predefined
 set of json files.

 2. How to get the existing integration test to utilize the new API.
  - We already have a lot of integration tests which uses
 existing store & publisher APIs to add/remove resources. As Saneth mention
 they have written it in a layered architecture this replacing the existing
 API layer with Jax-rs existing test should work.
  - We might have to look at this in the next phase when we plan
 to deprecate the existing APIs.

 3. How to make it easy to write test in the future with Jax-Rs API.
  - Ex Creating a Jax-rs client/library to utilize by other
 integration test.

 Thanks & Regards
 Jo

 On Mon, Oct 19, 2015 at 12:17 PM, Joseph Fonseka 
 wrote:

> Sorry mail got sent accidentally half written. will complete and send
> shortly.
>
> On Mon, Oct 19, 2015 at 12:15 PM, Joseph Fonseka 
> wrote:
>
>> Hi Sanjeewa
>>
>> Saneth & I had an offline chat regarding this last week there are few
>> things we need to consider.
>>
>> 1. Generating integration test for the Jax-RS functionality ex . If
>> crud operations work, if it returns correct error messages.
>>  -  We can use swagger-codegen to do this.
>>  API Definition has all the details of the API interface what missing
>> are
>>
>> 2. How to get the existing integration test to utilize the new API.
>>  - We already have a lot of integration tests which uses
>> existing store & publisher APIs to add/remove resources. As Saneth 
>> mention
>> they have written it in a layered architecture this replacing the 
>> existing
>> API layer with Jax-rs existing test should work.
>>
>>
>> 3. How to make it easy to write test in the future with Jax-Rs API.
>>
>>
>>
>>
>> On Mon, Oct 19, 2015 at 11:39 AM, Sanjeewa Malalgoda <
>> sanje...@wso2.com> wrote:
>>
>>> Hi Team,
>>> We are planning to implement complete REST API for all operations
>>> available in API Manager.
>>> This will be CXF based jax-rs application.
>>> This application based on swagger template and service skeleton
>>> automatically generate according to swagger to cxf implementation done 
>>> by
>>> Jo.
>>> We would like to know what would be the best approach to implement
>>> test for this service.
>>> Do we have any mechanism to generate client and test service in unit
>>> test level ? I can see there are projects to generate java client based 
>>> on
>>> swagger content.
>>> Or do we need to write integration test to run th

Re: [Dev] [IS] - Unable to decrypt the SAML Assertion When Authenticating to Travelocity app

[Nadeesha Meegoda]

Yes it works for super tenant mode

On Tue, Oct 20, 2015 at 2:32 PM, Gayan Gunawardana  wrote:

>
>
> On Tue, Oct 20, 2015 at 2:21 PM, Nadeesha Meegoda 
> wrote:
>
>> Hi all,
>>
>> I have done the same setup in tenant mode  (IDP and travelocity SP are in
>> tenant mode)
>>
>
> Could you be able to resolve the issue in super tenant mode ?
>
>> and enabled assertion encryption. The SP created for the IDP is in super
>> tenant mode that is the 2nd IS. Now I am getting error in IS side. I have
>> exported the external IS private key and imported it to IDP. Any reason
>> behind this exception that I have missed doing? (Testing in the
>> wso2is-5.1.0-kernel-4.2.0-SNAPSHOT given on 14th Oct)
>>
>> Note - I can successfully log in when assertion encryption is disabled.
>>
>>
>> [1] -
>> https://docs.wso2.com/pages/viewpage.action?title=Login%2Bto%2Bthe%2BIdentity%2BServer%2BUsing%2BAnother%2BIdentity%2BServer&spaceKey=IS510
>>
>> [2015-10-20 13:50:00,139] ERROR {org.opensaml.xml.encryption.Decrypter}
>> -  Failed to decrypt EncryptedKey, valid decryption key could not be
>> resolved
>> [2015-10-20 13:50:00,140] ERROR
>> {org.wso2.carbon.identity.application.authentication.framework.handler.step.impl.DefaultStepHandler}
>> -  Unable to decrypt the SAML Assertion
>> org.wso2.carbon.identity.application.authentication.framework.exception.AuthenticationFailedException:
>> Unable to decrypt the SAML Assertion
>> at
>> org.wso2.carbon.identity.application.authenticator.samlsso.SAMLSSOAuthenticator.processAuthenticationResponse(SAMLSSOAuthenticator.java:202)
>> at
>> org.wso2.carbon.identity.application.authentication.framework.AbstractApplicationAuthenticator.process(AbstractApplicationAuthenticator.java:65)
>> at
>> org.wso2.carbon.identity.application.authentication.framework.handler.step.impl.DefaultStepHandler.doAuthentication(DefaultStepHandler.java:426)
>> at
>> org.wso2.carbon.identity.application.authentication.framework.handler.step.impl.DefaultStepHandler.handleResponse(DefaultStepHandler.java:400)
>> at
>> org.wso2.carbon.identity.application.authentication.framework.handler.step.impl.DefaultStepHandler.handle(DefaultStepHandler.java:114)
>> at
>> org.wso2.carbon.identity.application.authentication.framework.handler.sequence.impl.DefaultStepBasedSequenceHandler.handle(DefaultStepBasedSequenceHandler.java:171)
>> at
>> org.wso2.carbon.identity.application.authentication.framework.handler.request.impl.DefaultAuthenticationRequestHandler.handle(DefaultAuthenticationRequestHandler.java:111)
>> at
>> org.wso2.carbon.identity.application.authentication.framework.handler.request.impl.DefaultRequestCoordinator.handle(DefaultRequestCoordinator.java:119)
>> at
>> org.wso2.carbon.identity.application.authentication.framework.servlet.CommonAuthenticationServlet.doPost(CommonAuthenticationServlet.java:53)
>> at javax.servlet.http.HttpServlet.service(HttpServlet.java:646)
>> at javax.servlet.http.HttpServlet.service(HttpServlet.java:727)
>> at
>> org.eclipse.equinox.http.helper.ContextPathServletAdaptor.service(ContextPathServletAdaptor.java:37)
>> at
>> org.eclipse.equinox.http.servlet.internal.ServletRegistration.service(ServletRegistration.java:61)
>> at
>> org.eclipse.equinox.http.servlet.internal.ProxyServlet.processAlias(ProxyServlet.java:128)
>> at
>> org.eclipse.equinox.http.servlet.internal.ProxyServlet.service(ProxyServlet.java:60)
>> at javax.servlet.http.HttpServlet.service(HttpServlet.java:727)
>> at
>> org.wso2.carbon.tomcat.ext.servlet.DelegationServlet.service(DelegationServlet.java:68)
>> at
>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:303)
>> at
>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
>> at
>> org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)
>> at
>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
>> at
>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
>> at
>> org.wso2.carbon.ui.filters.CSRFPreventionFilter.doFilter(CSRFPreventionFilter.java:88)
>> at
>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
>> at
>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
>> at
>> org.wso2.carbon.ui.filters.CRLFPreventionFilter.doFilter(CRLFPreventionFilter.java:59)
>> at
>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
>> at
>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
>> at
>> org.wso2.carbon.tomcat.ext.filter.CharacterSetFilter.doFilter(CharacterSetFilter.java:61)
>> at
>> org.

Re: [Dev] [Jaggery] response.sendError() not working for PUT and DELETE

[Sajith Ariyarathna]

Hi Thilini,

I tested with your code snippet and it works fine to me. Please check &
compare your *jaggery.conf* file with the given below.

{
  "displayName": "test",
  "logLevel": "debug",
  "urlMappings": [
{
  "url": "/debug/*",
  "path": "/lib/debugging.jag"
}
  ],
  "errorPages": {
"404": "/app/error.html"
  }
}


Thanks.

On Tue, Oct 20, 2015 at 10:54 AM, Thilini Cooray  wrote:

> Hi,
>
> This is the source.
>
> var uri = request.getRequestURI();
>
> var callPath=uri.replace("/store","");
>
> var action = "list"; // default action list the topics
> if(uri != null) {
> var uriMatcher = new URIMatcher(callPath);
> if (uriMatcher.match("/forum") || uriMatcher.match("/forum/")) {
> action = "list";
> }
> else if (uriMatcher.match("/forum/new")) {
> action = "new"; // create topic
> }
> else if (uriMatcher.match("/forum/new/{id}")) {
> action = "new"; // create topic
> }
> else if (uriMatcher.match("/forum/topic/{id}")) {
> var topic = uriMatcher.elements().id;
> action = "topic";
> } else {
> action = "exit";
> }
> }
>
> if(action == "exit"){
> *response.sendError(404);*
> } else {
>
> // Logic comes here
>
> }
>
> 404 will refer to 
> /repository/deployment/server/jaggeryapps/store/pages/error-pages/404.html
>
>
> Thanks.
>
>
>
> On Tue, Oct 20, 2015 at 10:39 AM, Sajith Ariyarathna 
> wrote:
>
>> Hi Thilini,
>>
>> Can you share your code here?
>>
>> I tested following Jaggery code. (Test was executed in* AppM 1.0.0* pack
>> and *Advanced Rest Client* was used as the HTTP client)
>>
>> *URL Mapping in jaggery.conf: *
>>
>> {
>>
>> "url": "/test/*",
>>
>> "path": "/lib/test.jag"
>>
>> }
>>
>>
>> *File*: *test.jag*
>>
>> *Code:*
>>
>> var log = new Log("[testing]");
>>
>> log.info("Hit for HTTP method " + request.getMethod());
>>
>> response.sendError(404, "Testing page not found.");
>>
>>
>> *Terminal Output:*
>>
>> [2015-10-20 10:26:52,885]  INFO - [testing] Hit for HTTP method GET
>>
>> [2015-10-20 10:26:57,499]  INFO - [testing] Hit for HTTP method POST
>>
>> [2015-10-20 10:27:02,045]  INFO - [testing] Hit for HTTP method PUT
>>
>> [2015-10-20 10:27:06,011]  INFO - [testing] Hit for HTTP method DELETE
>>
>> [2015-10-20 10:27:08,491]  INFO - [testing] Hit for HTTP method HEAD
>>
>> [2015-10-20 10:27:10,860]  INFO - [testing] Hit for HTTP method OPTIONS
>>
>>
>> *HTTP Output:*
>>
>> 404 Not Found
>>
>> 404 Not Found
>>
>> 404 Not Found
>>
>> 404 Not Found
>>
>> 404 Not Found
>>
>> 404 Not Found
>>
>>
>> Since the expected output was received in above, I believe the issue is
>> on your side, not in Jaggery.
>>
>> Thanks.
>>
>> On Mon, Oct 19, 2015 at 2:04 PM, Thilini Cooray 
>> wrote:
>>
>>> Hi,
>>>
>>> I want to send error messages for invalid URLs from API Manager Store
>>> jaggery layer.
>>>
>>> I use response.sendError(404) for this purpose.
>>> For HTTP POST and GET this method returns the correct error page while
>>> it doesn't return any message for PUT and DELETE.
>>>
>>> I debugged [1] and found out that the errors send in all HTTP methods
>>> gets hit in
>>>
>>> rho.response.sendError((Integer) args[0]);
>>>
>>> Output stream of rho.response also contains the correct error page in
>>> all HTTP methods.
>>> Yet it doesn't get returned in HTTP PUT and DELETE methods.
>>>
>>> I am unable to figure out the reason for this behaviour.
>>> Any help is appreciated.
>>>
>>> Thanks.
>>>
>>> [1]
>>> http://svn.wso2.org/repos/wso2/carbon/platform/tags/turing-chunk04/components/jaggery/0.9.0.ALPHA4.wso2v1/hostobjects/org.jaggeryjs.hostobjects.web/src/main/java/org/jaggeryjs/hostobjects/web/ResponseHostObject.java
>>>
>>> --
>>> Best Regards,
>>>
>>> *Thilini Cooray*
>>> Software Engineer
>>> Mobile : +94 (0) 774 570 112 <%2B94%20%280%29%20773%20451194>
>>> E-mail : thili...@wso2.com
>>>
>>> WSO2 Inc. www.wso2.com
>>> lean.enterprise.middleware
>>>
>>> ___
>>> Dev mailing list
>>> Dev@wso2.org
>>> http://wso2.org/cgi-bin/mailman/listinfo/dev
>>>
>>>
>>
>>
>> --
>> Sajith Ariyarathna
>> Software Engineer; WSO2, Inc.;  http://wso2.com/
>> mobile: +94 77 6602284, +94 71 3951048
>>
>
>
>
> --
> Best Regards,
>
> *Thilini Cooray*
> Software Engineer
> Mobile : +94 (0) 774 570 112 <%2B94%20%280%29%20773%20451194>
> E-mail : thili...@wso2.com
>
> WSO2 Inc. www.wso2.com
> lean.enterprise.middleware
>



-- 
Sajith Ariyarathna
Software Engineer; WSO2, Inc.;  http://wso2.com/
mobile: +94 77 6602284, +94 71 3951048
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

[Dev] OAuth clientId in SP_INBOUND_AUTH

[Nuwan Dias]

Hi,

When we enable key encryption for OAuth keys, the clientId is encrypted in
the IDN_OAUTH_CONSUMER_APPS table. But it is left in plain text in the
INBOUND_AUTH_KEY column of the SP_INBOUND_AUTH table. This happens in
carbon-identity_4.6.0-M2 release. Should not values in both columns be
encrypted?

Thanks,
NuwanD.

-- 
Nuwan Dias

Technical Lead - WSO2, Inc. http://wso2.com
email : nuw...@wso2.com
Phone : +94 777 775 729
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] [IS] - Unable to decrypt the SAML Assertion When Authenticating to Travelocity app

[Gayan Gunawardana]

On Tue, Oct 20, 2015 at 2:21 PM, Nadeesha Meegoda 
wrote:

> Hi all,
>
> I have done the same setup in tenant mode  (IDP and travelocity SP are in
> tenant mode)
>

Could you be able to resolve the issue in super tenant mode ?

> and enabled assertion encryption. The SP created for the IDP is in super
> tenant mode that is the 2nd IS. Now I am getting error in IS side. I have
> exported the external IS private key and imported it to IDP. Any reason
> behind this exception that I have missed doing? (Testing in the
> wso2is-5.1.0-kernel-4.2.0-SNAPSHOT given on 14th Oct)
>
> Note - I can successfully log in when assertion encryption is disabled.
>
>
> [1] -
> https://docs.wso2.com/pages/viewpage.action?title=Login%2Bto%2Bthe%2BIdentity%2BServer%2BUsing%2BAnother%2BIdentity%2BServer&spaceKey=IS510
>
> [2015-10-20 13:50:00,139] ERROR {org.opensaml.xml.encryption.Decrypter} -
> Failed to decrypt EncryptedKey, valid decryption key could not be resolved
> [2015-10-20 13:50:00,140] ERROR
> {org.wso2.carbon.identity.application.authentication.framework.handler.step.impl.DefaultStepHandler}
> -  Unable to decrypt the SAML Assertion
> org.wso2.carbon.identity.application.authentication.framework.exception.AuthenticationFailedException:
> Unable to decrypt the SAML Assertion
> at
> org.wso2.carbon.identity.application.authenticator.samlsso.SAMLSSOAuthenticator.processAuthenticationResponse(SAMLSSOAuthenticator.java:202)
> at
> org.wso2.carbon.identity.application.authentication.framework.AbstractApplicationAuthenticator.process(AbstractApplicationAuthenticator.java:65)
> at
> org.wso2.carbon.identity.application.authentication.framework.handler.step.impl.DefaultStepHandler.doAuthentication(DefaultStepHandler.java:426)
> at
> org.wso2.carbon.identity.application.authentication.framework.handler.step.impl.DefaultStepHandler.handleResponse(DefaultStepHandler.java:400)
> at
> org.wso2.carbon.identity.application.authentication.framework.handler.step.impl.DefaultStepHandler.handle(DefaultStepHandler.java:114)
> at
> org.wso2.carbon.identity.application.authentication.framework.handler.sequence.impl.DefaultStepBasedSequenceHandler.handle(DefaultStepBasedSequenceHandler.java:171)
> at
> org.wso2.carbon.identity.application.authentication.framework.handler.request.impl.DefaultAuthenticationRequestHandler.handle(DefaultAuthenticationRequestHandler.java:111)
> at
> org.wso2.carbon.identity.application.authentication.framework.handler.request.impl.DefaultRequestCoordinator.handle(DefaultRequestCoordinator.java:119)
> at
> org.wso2.carbon.identity.application.authentication.framework.servlet.CommonAuthenticationServlet.doPost(CommonAuthenticationServlet.java:53)
> at javax.servlet.http.HttpServlet.service(HttpServlet.java:646)
> at javax.servlet.http.HttpServlet.service(HttpServlet.java:727)
> at
> org.eclipse.equinox.http.helper.ContextPathServletAdaptor.service(ContextPathServletAdaptor.java:37)
> at
> org.eclipse.equinox.http.servlet.internal.ServletRegistration.service(ServletRegistration.java:61)
> at
> org.eclipse.equinox.http.servlet.internal.ProxyServlet.processAlias(ProxyServlet.java:128)
> at
> org.eclipse.equinox.http.servlet.internal.ProxyServlet.service(ProxyServlet.java:60)
> at javax.servlet.http.HttpServlet.service(HttpServlet.java:727)
> at
> org.wso2.carbon.tomcat.ext.servlet.DelegationServlet.service(DelegationServlet.java:68)
> at
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:303)
> at
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
> at
> org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)
> at
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
> at
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
> at
> org.wso2.carbon.ui.filters.CSRFPreventionFilter.doFilter(CSRFPreventionFilter.java:88)
> at
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
> at
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
> at
> org.wso2.carbon.ui.filters.CRLFPreventionFilter.doFilter(CRLFPreventionFilter.java:59)
> at
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
> at
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
> at
> org.wso2.carbon.tomcat.ext.filter.CharacterSetFilter.doFilter(CharacterSetFilter.java:61)
> at
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
> at
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:

Re: [Dev] [IS] - Unable to decrypt the SAML Assertion When Authenticating to Travelocity app

[Nadeesha Meegoda]

Hi all,

I have done the same setup in tenant mode  (IDP and travelocity SP are in
tenant mode) and enabled assertion encryption. The SP created for the IDP
is in super tenant mode that is the 2nd IS. Now I am getting error in IS
side. I have exported the external IS private key and imported it to IDP.
Any reason behind this exception that I have missed doing? (Testing in the
wso2is-5.1.0-kernel-4.2.0-SNAPSHOT given on 14th Oct)

Note - I can successfully log in when assertion encryption is disabled.


[1] -
https://docs.wso2.com/pages/viewpage.action?title=Login%2Bto%2Bthe%2BIdentity%2BServer%2BUsing%2BAnother%2BIdentity%2BServer&spaceKey=IS510

[2015-10-20 13:50:00,139] ERROR {org.opensaml.xml.encryption.Decrypter} -
Failed to decrypt EncryptedKey, valid decryption key could not be resolved
[2015-10-20 13:50:00,140] ERROR
{org.wso2.carbon.identity.application.authentication.framework.handler.step.impl.DefaultStepHandler}
-  Unable to decrypt the SAML Assertion
org.wso2.carbon.identity.application.authentication.framework.exception.AuthenticationFailedException:
Unable to decrypt the SAML Assertion
at
org.wso2.carbon.identity.application.authenticator.samlsso.SAMLSSOAuthenticator.processAuthenticationResponse(SAMLSSOAuthenticator.java:202)
at
org.wso2.carbon.identity.application.authentication.framework.AbstractApplicationAuthenticator.process(AbstractApplicationAuthenticator.java:65)
at
org.wso2.carbon.identity.application.authentication.framework.handler.step.impl.DefaultStepHandler.doAuthentication(DefaultStepHandler.java:426)
at
org.wso2.carbon.identity.application.authentication.framework.handler.step.impl.DefaultStepHandler.handleResponse(DefaultStepHandler.java:400)
at
org.wso2.carbon.identity.application.authentication.framework.handler.step.impl.DefaultStepHandler.handle(DefaultStepHandler.java:114)
at
org.wso2.carbon.identity.application.authentication.framework.handler.sequence.impl.DefaultStepBasedSequenceHandler.handle(DefaultStepBasedSequenceHandler.java:171)
at
org.wso2.carbon.identity.application.authentication.framework.handler.request.impl.DefaultAuthenticationRequestHandler.handle(DefaultAuthenticationRequestHandler.java:111)
at
org.wso2.carbon.identity.application.authentication.framework.handler.request.impl.DefaultRequestCoordinator.handle(DefaultRequestCoordinator.java:119)
at
org.wso2.carbon.identity.application.authentication.framework.servlet.CommonAuthenticationServlet.doPost(CommonAuthenticationServlet.java:53)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:646)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:727)
at
org.eclipse.equinox.http.helper.ContextPathServletAdaptor.service(ContextPathServletAdaptor.java:37)
at
org.eclipse.equinox.http.servlet.internal.ServletRegistration.service(ServletRegistration.java:61)
at
org.eclipse.equinox.http.servlet.internal.ProxyServlet.processAlias(ProxyServlet.java:128)
at
org.eclipse.equinox.http.servlet.internal.ProxyServlet.service(ProxyServlet.java:60)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:727)
at
org.wso2.carbon.tomcat.ext.servlet.DelegationServlet.service(DelegationServlet.java:68)
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:303)
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
at
org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
at
org.wso2.carbon.ui.filters.CSRFPreventionFilter.doFilter(CSRFPreventionFilter.java:88)
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
at
org.wso2.carbon.ui.filters.CRLFPreventionFilter.doFilter(CRLFPreventionFilter.java:59)
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
at
org.wso2.carbon.tomcat.ext.filter.CharacterSetFilter.doFilter(CharacterSetFilter.java:61)
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
at
org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:220)
at
org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:122)
at
org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.j

Re: [Dev] [DAS] MySQL Database and Table creation when using carbonJDBC option in spark environment

[Thanuja Uruththirakodeeswaran]

Hi Niranda,

I have created a jira [1] to track the issues we have in carbonJDBC option.

[1]. https://wso2.org/jira/browse/DAS-273

Thanks.

On Thu, Oct 1, 2015 at 3:12 PM, Sinthuja Ragendran 
wrote:

> Hi Niranda,
>
> On Thu, Oct 1, 2015 at 2:28 PM, Inosh Goonewardena  wrote:
>
>> Hi Niranda,
>>
>> On Thu, Oct 1, 2015 at 1:33 PM, Sinthuja Ragendran 
>> wrote:
>>
>>> Hi Niranda,
>>>
>>> On Thu, Oct 1, 2015 at 1:28 PM, Niranda Perera  wrote:
>>>
 Hi Thanuja and Imesh,

 let me clarify the use of the term "create temporary table" with regard
 to Spark.
 inside DAS we save ('persist') data in DAL (Dara access layer) tables.
 So in order for us to query these tables, spark needs some sort of a
 mapping to the tables in DAL in its runtime environment. This mapping is
 created in the temporary table queries. These temp tables are only a
 mapping. Not a physical table.

 @thanuja, yes you are correct! We have to manually create the tables in
 MySQL before making the temp table mapping in Spark SQL.

>>> With Carbon JDBC connector, can we try to create the table if it is not
>>> existing? May be we can let the users to pass the actual create table
>>> statement as another parameter with options.  IMHO it will be more user
>>> friendly if we could do that, WDYT?
>>>
>>
>> Yes. +1. For tables created using CarbonAnalytics it is possible to
>> provide the table schema as below [1]. I believe we can use the similar
>> approach in CarbonJDBC also to  provide the create table query.
>>
>> As per the current implementation what happens is even though the table
>> is created manually before the script execution, "insert overwrite..."
>> statement execution will delete the original table and recreate a new table
>> using a generated schema(schema information is generated using the original
>> table structure). In this approach, table that is re-created at the query
>> execution will not have primary keys and indexes of the original table(if
>> there were any). So if we can provide a complete create table query, we can
>> preserve original table structure too.
>>
>
> Yeah, +1.
>
>
>>
>> On the other hand, I believe we should also support "insert into.."
>> statements in CarbonJDBC. "insert into.." statements will not delete and
>> recreate the table like the "insert overwrite..." statements, and it will
>> only update the existing table[2].
>>
>
> Yeah, I also have concern on this. Because currently the insert overwrite
> statement drops the table, and repopulate the data entirely, and hence the
> dashboard which reads from the table may be empty/partial data. This is
> also an issue when we are purging the original data scenario, where the
> summarised data will also be cleaned and no old data available to
> repopulate the summarised data again. Can we have it as replace the row if
> it's already existing in insert overwrite, rather dropping the entire table
> to avoid such issues?
>
> Thanks,
> Sinthuja.
>
>
>>
>> [1] CREATE TEMPORARY TABLE plugUsage
>> USING CarbonAnalytics
>> OPTIONS (tableName "plug_usage",
>> * schema "house_id INT, household_id INT, plug_id INT, usage
>> FLOAT"*,
>>  primaryKeys "household_id, plug_id"
>> );
>>
>> [2] [Dev] [Architecture] Carbon Spark JDBC connector
>>
>>
>>>
>>> Thanks,
>>> Sinthuja.
>>>
>>>
 On Thu, Oct 1, 2015 at 9:53 AM, Thanuja Uruththirakodeeswaran <
 thanu...@wso2.com> wrote:
>
>
> In DAS spark environment, we can't directly insert the analyzed data
> to our mysql table. We should create a temporary table using our
> datasources to manipulate them.
>

 Yes, can you please explain the reasons? What does this analysis do?
 Why we cannot directly insert them to the RDBMS?

 Thanks

 On Thu, Oct 1, 2015 at 9:53 AM, Thanuja Uruththirakodeeswaran <
 thanu...@wso2.com> wrote:

> Hi Imesh,
>
> If we take the above scenario, I need to insert the
> analyzed/aggregated data which is obtained as result after spark sql
> processing, to my mysql table (sample_table). In order to do that, first 
> we
> need to create a temporary table using the corresponding mysql database
> (sample_datasource) and table(sample_table) in spark environment and then
> only by inserting data to this temporary table in spark environment, we 
> can
> update our mysql table.
>
> In DAS spark environment, we can't directly insert the analyzed data
> to our mysql table. We should create a temporary table using our
> datasources to manipulate them. I think that's why they named it as '
> *temporary*' table.
>
> @Niranda Please correct me if I'm wrong.
>
> Thanks.
>
> On Thu, Oct 1, 2015 at 7:00 AM, Imesh Gunaratne 
> wrote:
>
>> Hi Thanuja,
>>
>> Can you please explain the purpose of these temporary tables?
>>
>> Thanks
>>
>> On Wed, Sep 30, 2015 at 11:

Re: [Dev] Error in BAM 2.5.0 startup

[Mahesh Chinthaka]

Got it resolved after restarting mu machine. assume that there was a
problem with thrift server on localhost : 9160.

Thanks

On Tue, Oct 20, 2015 at 12:40 PM, Mahesh Chinthaka  wrote:

> Hi all,
>
> I got an error when running a freshpack.
>
> ERROR {me.prettyprint.cassandra.connection.HConnectionManager} -  Could
> not start connection pool for host localhost():9160
> [2015-10-20 12:34:06,755]  WARN
> {me.prettyprint.cassandra.connection.CassandraHostRetryService} -  Downed
> localhost():9160 host still appears to be down: Unable to open
> transport to localhost(10.100.5.156):9160 , java.net.ConnectException:
> Connection refused
> [2015-10-20 12:34:06,758] ERROR
> {org.wso2.carbon.bam.notification.task.internal.NotificationDispatchComponent}
> -  All host pools marked down. Retry burden pushed out to client.
> me.prettyprint.hector.api.exceptions.HectorException: All host pools
> marked down. Retry burden pushed out to client.
> at
> me.prettyprint.cassandra.connection.HConnectionManager.getClientFromLBPolicy(HConnectionManager.java:390)
> at
> me.prettyprint.cassandra.connection.HConnectionManager.operateWithFailover(HConnectionManager.java:244)
> at
> me.prettyprint.cassandra.service.ThriftCluster.addKeyspace(ThriftCluster.java:168)
> at
> org.wso2.carbon.bam.datasource.BAMDataSourceService.createKeyspaceIfNotExist(BAMDataSourceService.java:277)
> at
> org.wso2.carbon.bam.datasource.BAMDataSourceService.getClusterKeyspaceFromCassandraConfig(BAMDataSourceService.java:294)
> at
> org.wso2.carbon.bam.datasource.BAMDataSourceService.getClusterKeyspaceFromCassandraDataSource(BAMDataSourceService.java:300)
> at
> org.wso2.carbon.bam.notification.task.internal.NotificationDispatchComponent.initRecordStore(NotificationDispatchComponent.java:87)
> at
> org.wso2.carbon.bam.notification.task.internal.NotificationDispatchComponent.activate(NotificationDispatchComponent.java:78)
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> at
> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
> at
> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
> at java.lang.reflect.Method.invoke(Method.java:597)
> at
> org.eclipse.equinox.internal.ds.model.ServiceComponent.activate(ServiceComponent.java:260)
> at
> org.eclipse.equinox.internal.ds.model.ServiceComponentProp.activate(ServiceComponentProp.java:146)
> at
> org.eclipse.equinox.internal.ds.model.ServiceComponentProp.build(ServiceComponentProp.java:347)
> at
> org.eclipse.equinox.internal.ds.InstanceProcess.buildComponent(InstanceProcess.java:620)
> at
> org.eclipse.equinox.internal.ds.InstanceProcess.buildComponents(InstanceProcess.java:197)
> at org.eclipse.equinox.internal.ds.Resolver.getEligible(Resolver.java:343)
> at
> org.eclipse.equinox.internal.ds.SCRManager.serviceChanged(SCRManager.java:222)
> at
> org.eclipse.osgi.internal.serviceregistry.FilteredServiceListener.serviceChanged(FilteredServiceListener.java:107)
> at
> org.eclipse.osgi.framework.internal.core.BundleContextImpl.dispatchEvent(BundleContextImpl.java:861)
> at
> org.eclipse.osgi.framework.eventmgr.EventManager.dispatchEvent(EventManager.java:230)
> at
> org.eclipse.osgi.framework.eventmgr.ListenerQueue.dispatchEventSynchronous(ListenerQueue.java:148)
> at
> org.eclipse.osgi.internal.serviceregistry.ServiceRegistry.publishServiceEventPrivileged(ServiceRegistry.java:819)
> at
> org.eclipse.osgi.internal.serviceregistry.ServiceRegistry.publishServiceEvent(ServiceRegistry.java:771)
> at
> org.eclipse.osgi.internal.serviceregistry.ServiceRegistrationImpl.register(ServiceRegistrationImpl.java:130)
> at
> org.eclipse.osgi.internal.serviceregistry.ServiceRegistry.registerService(ServiceRegistry.java:214)
> at
> org.eclipse.osgi.framework.internal.core.BundleContextImpl.registerService(BundleContextImpl.java:433)
> at
> org.eclipse.osgi.framework.internal.core.BundleContextImpl.registerService(BundleContextImpl.java:451)
> at
> org.wso2.carbon.ntask.core.internal.TasksDSComponent.activate(TasksDSComponent.java:105)
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> at
> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
> at
> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
> at java.lang.reflect.Method.invoke(Method.java:597)
> at
> org.eclipse.equinox.internal.ds.model.ServiceComponent.activate(ServiceComponent.java:260)
> at
> org.eclipse.equinox.internal.ds.model.ServiceComponentProp.activate(ServiceComponentProp.java:146)
> at
> org.eclipse.equinox.internal.ds.model.ServiceComponentProp.build(ServiceComponentProp.java:347)
> at
> org.eclipse.equinox.internal.ds.InstanceProcess.buildComponent(InstanceProcess.java:620)
> at
> org.eclipse.equinox.internal.ds.InstanceProcess.buildComponents(InstanceProcess.java:197)
> at org.eclipse.equinox.internal.ds.Resolver.getEligible(Resolver.java:343)
> at
> org.eclipse.equinox.internal.ds.SCRManager.serviceChan

[Dev] Error in BAM 2.5.0 startup

[Mahesh Chinthaka]

Hi all,

I got an error when running a freshpack.

ERROR {me.prettyprint.cassandra.connection.HConnectionManager} -  Could not
start connection pool for host localhost():9160
[2015-10-20 12:34:06,755]  WARN
{me.prettyprint.cassandra.connection.CassandraHostRetryService} -  Downed
localhost():9160 host still appears to be down: Unable to open
transport to localhost(10.100.5.156):9160 , java.net.ConnectException:
Connection refused
[2015-10-20 12:34:06,758] ERROR
{org.wso2.carbon.bam.notification.task.internal.NotificationDispatchComponent}
-  All host pools marked down. Retry burden pushed out to client.
me.prettyprint.hector.api.exceptions.HectorException: All host pools marked
down. Retry burden pushed out to client.
at
me.prettyprint.cassandra.connection.HConnectionManager.getClientFromLBPolicy(HConnectionManager.java:390)
at
me.prettyprint.cassandra.connection.HConnectionManager.operateWithFailover(HConnectionManager.java:244)
at
me.prettyprint.cassandra.service.ThriftCluster.addKeyspace(ThriftCluster.java:168)
at
org.wso2.carbon.bam.datasource.BAMDataSourceService.createKeyspaceIfNotExist(BAMDataSourceService.java:277)
at
org.wso2.carbon.bam.datasource.BAMDataSourceService.getClusterKeyspaceFromCassandraConfig(BAMDataSourceService.java:294)
at
org.wso2.carbon.bam.datasource.BAMDataSourceService.getClusterKeyspaceFromCassandraDataSource(BAMDataSourceService.java:300)
at
org.wso2.carbon.bam.notification.task.internal.NotificationDispatchComponent.initRecordStore(NotificationDispatchComponent.java:87)
at
org.wso2.carbon.bam.notification.task.internal.NotificationDispatchComponent.activate(NotificationDispatchComponent.java:78)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at
org.eclipse.equinox.internal.ds.model.ServiceComponent.activate(ServiceComponent.java:260)
at
org.eclipse.equinox.internal.ds.model.ServiceComponentProp.activate(ServiceComponentProp.java:146)
at
org.eclipse.equinox.internal.ds.model.ServiceComponentProp.build(ServiceComponentProp.java:347)
at
org.eclipse.equinox.internal.ds.InstanceProcess.buildComponent(InstanceProcess.java:620)
at
org.eclipse.equinox.internal.ds.InstanceProcess.buildComponents(InstanceProcess.java:197)
at org.eclipse.equinox.internal.ds.Resolver.getEligible(Resolver.java:343)
at
org.eclipse.equinox.internal.ds.SCRManager.serviceChanged(SCRManager.java:222)
at
org.eclipse.osgi.internal.serviceregistry.FilteredServiceListener.serviceChanged(FilteredServiceListener.java:107)
at
org.eclipse.osgi.framework.internal.core.BundleContextImpl.dispatchEvent(BundleContextImpl.java:861)
at
org.eclipse.osgi.framework.eventmgr.EventManager.dispatchEvent(EventManager.java:230)
at
org.eclipse.osgi.framework.eventmgr.ListenerQueue.dispatchEventSynchronous(ListenerQueue.java:148)
at
org.eclipse.osgi.internal.serviceregistry.ServiceRegistry.publishServiceEventPrivileged(ServiceRegistry.java:819)
at
org.eclipse.osgi.internal.serviceregistry.ServiceRegistry.publishServiceEvent(ServiceRegistry.java:771)
at
org.eclipse.osgi.internal.serviceregistry.ServiceRegistrationImpl.register(ServiceRegistrationImpl.java:130)
at
org.eclipse.osgi.internal.serviceregistry.ServiceRegistry.registerService(ServiceRegistry.java:214)
at
org.eclipse.osgi.framework.internal.core.BundleContextImpl.registerService(BundleContextImpl.java:433)
at
org.eclipse.osgi.framework.internal.core.BundleContextImpl.registerService(BundleContextImpl.java:451)
at
org.wso2.carbon.ntask.core.internal.TasksDSComponent.activate(TasksDSComponent.java:105)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at
org.eclipse.equinox.internal.ds.model.ServiceComponent.activate(ServiceComponent.java:260)
at
org.eclipse.equinox.internal.ds.model.ServiceComponentProp.activate(ServiceComponentProp.java:146)
at
org.eclipse.equinox.internal.ds.model.ServiceComponentProp.build(ServiceComponentProp.java:347)
at
org.eclipse.equinox.internal.ds.InstanceProcess.buildComponent(InstanceProcess.java:620)
at
org.eclipse.equinox.internal.ds.InstanceProcess.buildComponents(InstanceProcess.java:197)
at org.eclipse.equinox.internal.ds.Resolver.getEligible(Resolver.java:343)
at
org.eclipse.equinox.internal.ds.SCRManager.serviceChanged(SCRManager.java:222)
at
org.eclipse.osgi.internal.serviceregistry.FilteredServiceListener.serviceChanged(FilteredServiceListener.java:107)
at
org.eclipse.osgi.framework.internal.core.BundleContextImpl.dispatchEvent(BundleContextImpl.java:861)
at
org.eclipse.osgi.framework.eventmgr.EventManager.dispatchEvent(EventManager.java:230)
at
org.eclipse.osgi.framework.ev