[Dev] [VOTE] Release WSO2 API Manager 2.1.0 RC1

[Praminda Jayawardana]

Hi All,

This is the 1st Release Candidate of WSO2 API Manager 2.1.0

Please download, test the product and vote. Vote will be open for 72 hours
or as needed.

Source and distribution

Run-time : https://github.com/wso2/product-apim/releases/
download/v2.1.0-rc1/wso2am-2.1.0-RC1.zip
Analytics : https://github.com/wso2/analytics-apim/releases/
download/v2.1.0-rc1/wso2am-analytics-2.1.0-RC1.zip
Tooling : https://github.com/wso2/devstudio-tooling-apim/
releases/tag/v2.1.0


This release fixes the following issues:
Runtime : https://wso2.org/jira/issues/?filter=13623
Analytics : https://wso2.org/jira/issues/?filter=13624
Tooling : https://wso2.org/jira/browse/DEVTOOLAPI-1


Please vote as follows.
[+] Stable - go ahead and release
[-] Broken - do not release (explain why)


Thanks,
- WSO2 API Manager Team -
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

[Dev] Let's stop using inline script tags

[Manuranga Perera]

With UUF we have a proper place to put script tags for each fragment/page.
So let's stop using 

Re: [Dev] Logs in Wso2 IS

[Darshana Gunawardana]

Hi Koné,

There is another possible way of getting audit log in the UI. It should be
able to log audit logs to wso2carbon.log by changing log appenders in
log4j.properties file and get those logs visible in the log monitoring UI.
Haven't tested this, but it should be possible.

Regards,

On Wed, Jan 4, 2017 at 4:08 PM, Koné Alioune Badara <
kon...@etna-alternance.net> wrote:

> Hello,
>
> Thank you for the answer, is it planned to add that audit in the UI? If
> not, is there a possibility to add an external pluggin to do so?
>
> Regards.
>
> 2017-01-04 10:57 GMT+01:00 Darshana Gunawardana :
>
>> Hi Koné,
>>
>> The default management console does not provide the capability to monitor
>> audit logs from its UI.
>>
>> Adding our analytics experts to get more insight from our log analyzing
>> efforts.
>>
>> Thanks,
>>
>> On Wed, Jan 4, 2017 at 2:54 PM, Koné Alioune Badara <
>> kon...@etna-alternance.net> wrote:
>>
>>> Hello,
>>>
>>> Yes it is exactly what I mean.
>>>
>>> Regards.
>>>
>>> 2017-01-04 9:41 GMT+01:00 Chamila Wijayarathna >> >:
>>>
 Hi Koné,

 What you mean by having the log in the management console? You want to
 see the log in a UI page in management console?

 On Wed, Jan 4, 2017 at 7:37 PM, Koné Alioune Badara <
 kon...@etna-alternance.net> wrote:

> Hello,
>
> Thank you for your answers, is there anyway to have this log in the
> management console?
>
> Regards.
>
> 2017-01-04 2:19 GMT+01:00 Chamila Wijayarathna <
> cdwijayarat...@gmail.com>:
>
>> I reporter issue with audit logs in profile update at [1
>> ]. Please feel free to
>> close if not relevant.
>>
>> [1]. https://wso2.org/jira/browse/IDENTITY-5557
>>
>> On Wed, Jan 4, 2017 at 10:01 AM, Chamila Wijayarathna <
>> cdwijayarat...@gmail.com> wrote:
>>
>>> Hi Koné,
>>>
>>> You can find logs for user creation and deletion at
>>> /repository/logs/audit file. It also logs change password events. 
>>> However
>>> it does not seem to log user profile update events which IMO should be
>>> logged as well.
>>>
>>> @Johann : Is there any particular reason for not logging user
>>> profile updates at audit logs?
>>>
>>> Regards!
>>>
>>> On Wed, Jan 4, 2017 at 4:05 AM, Koné Alioune Badara <
>>> kon...@etna-alternance.net> wrote:
>>>
 Hello,

 Where can I find the logs of user created/updated/deleted in Wso2IS
 management console?

 Regards,

 --
 Cordialement,

 Alioune B KONÉ.

 ___
 Dev mailing list
 Dev@wso2.org
 http://wso2.org/cgi-bin/mailman/listinfo/dev


>>>
>>>
>>> --
>>> Chamila Dilshan Wijayarathna,
>>> PhD Research Student
>>> The University of New South Wales (UNSW Canberra)
>>> Australian Centre for Cyber Security
>>> Australian Defence Force Academy
>>> PO Box 7916, Canberra BA ACT 2610
>>> Australia
>>> Mobile:(+61)416895795 <+61%20416%20895%20795>
>>>
>>>
>>
>>
>> --
>> Chamila Dilshan Wijayarathna,
>> PhD Research Student
>> The University of New South Wales (UNSW Canberra)
>> Australian Centre for Cyber Security
>> Australian Defence Force Academy
>> PO Box 7916, Canberra BA ACT 2610
>> Australia
>> Mobile:(+61)416895795 <+61%20416%20895%20795>
>>
>>
>
>
> --
> Cordialement,
>
> Alioune B KONÉ.
> MASTER ETNA 2016.
>



 --
 Chamila Dilshan Wijayarathna,
 PhD Research Student
 The University of New South Wales (UNSW Canberra)
 Australian Centre for Cyber Security
 Australian Defence Force Academy
 PO Box 7916, Canberra BA ACT 2610
 Australia
 Mobile:(+61)416895795 <+61%20416%20895%20795>


>>>
>>>
>>> --
>>> Cordialement,
>>>
>>> Alioune B KONÉ.
>>> MASTER ETNA 2016.
>>>
>>> ___
>>> Dev mailing list
>>> Dev@wso2.org
>>> http://wso2.org/cgi-bin/mailman/listinfo/dev
>>>
>>>
>>
>>
>> --
>> Regards,
>>
>>
>> *Darshana Gunawardana*Associate Technical Lead
>> WSO2 Inc.; http://wso2.com
>>
>> *E-mail: darsh...@wso2.com *
>> *Mobile: +94718566859 <+94%2071%20856%206859>*Lean . Enterprise .
>> Middleware
>>
>
>
>
> --
> Cordialement,
>
> Alioune B KONÉ.
> MASTER ETNA 2016.
>



-- 
Regards,


*Darshana Gunawardana*Associate Technical Lead
WSO2 Inc.; http://wso2.com

*E-mail: darsh...@wso2.com *
*Mobile: +94718566859*Lean . Enterprise . Middleware
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

[Dev] [VOTE] Release WSO2 Identity Server 5.3.0- RC3

[Pulasthi Mahawithana]

Hi All,

This is the 3rd Release Candidate of WSO2 Identity Server 5.3.0.

Please download, test the product and vote. Vote will be open for 72 hours
or as needed.

This release fixes the following issues:

Runtime : https://wso2.org/jira/issues/?filter=13612
Analytics : https://wso2.org/jira/issues/?filter=13614

Source and distribution

Run-time : https://github.com/wso2/product-is/releases/tag/v5.3.0-rc3
Analytics : https://github.com/wso2/analytics-is/releases/tag/v5.3.0-rc3

Please vote as follows.
[+] Stable - go ahead and release
[-] Broken - do not release (explain why)

Thanks,
- WSO2 Identity Server Team -

-- 
*Pulasthi Mahawithana*
Senior Software Engineer
WSO2 Inc., http://wso2.com/
Mobile: +94-71-5179022
Blog: http://blog.pulasthi.org


___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] [Oracle] How to handle insertion of empty string in oracle.

[Uvindra Dias Jayasinha]

Setting a default value for empty fields being sent seems to be best.

Furthermore we can have default values set in our DTO objects in case a
given field is omitted altogether.

So handling both the above scenarios can overcome the limitation in Oracle.

But I dont know if this is good for the REST API user experience, when
retrieving data that contains these default values.

On 6 January 2017 at 15:28, Tharindu Dharmarathna 
wrote:

>
>
> On Fri, Jan 6, 2017 at 3:26 PM, Tharindu Dharmarathna 
> wrote:
>
>> Hi All,
>>
>> I faced $Subject in Oracle database while running integration test on C5
>> on top.
>>
>> *Observation*
>>
>> when insert empty string ("") it was save as null in database.
>>
>> While going through SO I had found [1] , which did happen in oracle
>> database.
>>
>>
>> We have come up with several ways to handle empty strings which user
>> sends through the rest api.
>>
>> 1.  Validate the request and send error when giving empty strings
>> 2.  Set default value like "N/A" into the fields which send as empty.
>>
>> Is there any other way to handle this problem ?.
>>
>> [1] - http://stackoverflow.com/questions/13278773/null-vs-empty-
>> string-in-oracle
>>
>> Thanks
>>
>>
>> *Tharindu Dharmarathna*Software Engineer
>> WSO2 Inc.; http://wso2.com
>> lean.enterprise.middleware
>>
>> mobile: *+94779109091 <+94%2077%20910%209091>*
>>
>
>
>
> --
>
> *Tharindu Dharmarathna*Software Engineer
> WSO2 Inc.; http://wso2.com
> lean.enterprise.middleware
>
> mobile: *+94779109091 <+94%2077%20910%209091>*
>



-- 
Regards,
Uvindra

Mobile: 33962
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] [Architecture] [IS] [C5] Self sign-up in C5 User Portal

[Indunil Upeksha Rathnayake]

Hi,

Thanks for all of your ideas and suggestions. As I have mentioned,
currently for M1, we are planning to cover user self sign-up without any
email notification(user will be registered and automatically get logged
in).  But I think, including your ideas following things would be good
improvements to have in future releases.

*1)  Configurable option to enable/disable email confirmation*

   - Admin should be having flexibility to configure self sign-up with
   email verification and uncontrolled sign up for user store domains

*2)  Self sign-up configured in user store level*

   - Allow anyone to sign up(no restrictions) or restrict users to specific
   domains
   - Should be able to configure a particular user store where self sign up
   users should go, since there can be multiple user store domains and some
   are read only etc

*3) Administrators should receive en email when a new account is created*

Need to discuss further about these and make user stories if needed.

Thanks and Regards

On Fri, Jan 6, 2017 at 5:08 PM, Indunil Upeksha Rathnayake  wrote:

> Hi Nuwan,
>
> Thanks for your reply. For M1, we are planning to cover user self sign-up
> without any email notification(user will be registered and automatically
> get logged in). For future releases captcha should be included and that
> need to be covered in the user stories.
>
> Thanks and Regards
>
> On Wed, Jan 4, 2017 at 9:41 AM, Nuwan Dias  wrote:
>
>> Having a captcha should be supported OOTB in the default portal. I assume
>> we've considered that to be so in C5?
>>
>> On Wed, Jan 4, 2017 at 9:22 AM, Dimuthu Leelarathne 
>> wrote:
>>
>>>
>>>
>>> On Tue, Jan 3, 2017 at 1:00 PM, Ishara Karunarathna 
>>> wrote:
>>>


 On Tue, Jan 3, 2017 at 12:52 PM, Johann Nallathamby 
 wrote:

> What are the new user stories we are trying to implement that are not
> already there in IS 5.3.0? Can we come up with a list of new requirements?
> Isn't most of the above user stories already there in IS 5.3.0?
>
 Yes in 5.3.0 we have almost complete user store. But when it comes to
 C5 implementation we can't cover it with a single milestone release,So we
 need to start with a simple user story and use different version of that
 adding other use cases associated with that.


>>> First we need to envision what we are going to achieve in the long run.
>>> Then we need to start with the simplest case. For C5 are we trying to
>>> achieve something different to what we already have?
>>>
>>> thanks,
>>> Dimuthu
>>>
>>> -Ishara


> On Tue, Jan 3, 2017 at 10:30 AM, Ishara Karunarathna  > wrote:
>
>> Hi Indunil,
>>
>> When we think about self sign up.
>> basic use case is User comes to self sign up page and add his user
>> informations, system will create a account and let user to login.
>>
>> But there are lot of associated use cases with this. For example.
>> 1. Once user self signed up need to send a verification mail.
>> 2. self sign up should go through a approval process.
>> 3. User should be assign to a particular roles.
>>
>> To cater those requirements we need additional features.  And we may
>> need several version of this user story to complete this feature.
>> For the 1st implementation better to implement the simple case. where
>> use self sign up and login (with login permission only )
>>
>> Thanks,
>> -Ishara
>>
>>
>>
>> On Tue, Jan 3, 2017 at 9:54 AM, Indunil Upeksha Rathnayake <
>> indu...@wso2.com> wrote:
>>
>>> Hi,
>>>
>>> In IS C5, we are currently implementing self sign-up in the User
>>> Portal and having following considerations regarding the self sign-up
>>> functionality.
>>>
>>> what would be the correct way of achieving self sign-up and would
>>> like to know how it has been implemented in other C5 based products.
>>> If self sign up is enabled, *users should be create their own user
>>> accounts and will be able to logged in immediately?* or there
>>> should be an *account confirmation through the email* which helps
>>> to confirm an actual user? or there should be configurations to
>>> enable/disable both registration and account confirmation?
>>>
>>> And when it comes to self sign-up, specially if there are no account
>>> confirmation, in C5, I think it's better to include improvements such 
>>> as a
>>> way to *allow anyone to sign up (no restrictions) or restrict users
>>> to specific domains* and also a way to choose whether *administrators
>>> should receive an email when a new account is created*.
>>>
>>> I would appreciate your ideas/suggestions on this.
>>>
>>> Thanks and Regards
>>> --
>>> Indunil Upeksha Rathnayake
>>> Software Engineer | WSO2 Inc
>>> Emailindu...@wso2.com
>>> Mobile   0772182255 <077%20218%202255>
>>>
>>
>>
>>

Re: [Dev] [Architecture] [IS] [C5] Self sign-up in C5 User Portal

[Indunil Upeksha Rathnayake]

Hi Nuwan,

Thanks for your reply. For M1, we are planning to cover user self sign-up
without any email notification(user will be registered and automatically
get logged in). For future releases captcha should be included and that
need to be covered in the user stories.

Thanks and Regards

On Wed, Jan 4, 2017 at 9:41 AM, Nuwan Dias  wrote:

> Having a captcha should be supported OOTB in the default portal. I assume
> we've considered that to be so in C5?
>
> On Wed, Jan 4, 2017 at 9:22 AM, Dimuthu Leelarathne 
> wrote:
>
>>
>>
>> On Tue, Jan 3, 2017 at 1:00 PM, Ishara Karunarathna 
>> wrote:
>>
>>>
>>>
>>> On Tue, Jan 3, 2017 at 12:52 PM, Johann Nallathamby 
>>> wrote:
>>>
 What are the new user stories we are trying to implement that are not
 already there in IS 5.3.0? Can we come up with a list of new requirements?
 Isn't most of the above user stories already there in IS 5.3.0?

>>> Yes in 5.3.0 we have almost complete user store. But when it comes to C5
>>> implementation we can't cover it with a single milestone release,So we need
>>> to start with a simple user story and use different version of that adding
>>> other use cases associated with that.
>>>
>>>
>> First we need to envision what we are going to achieve in the long run.
>> Then we need to start with the simplest case. For C5 are we trying to
>> achieve something different to what we already have?
>>
>> thanks,
>> Dimuthu
>>
>> -Ishara
>>>
>>>
 On Tue, Jan 3, 2017 at 10:30 AM, Ishara Karunarathna 
 wrote:

> Hi Indunil,
>
> When we think about self sign up.
> basic use case is User comes to self sign up page and add his user
> informations, system will create a account and let user to login.
>
> But there are lot of associated use cases with this. For example.
> 1. Once user self signed up need to send a verification mail.
> 2. self sign up should go through a approval process.
> 3. User should be assign to a particular roles.
>
> To cater those requirements we need additional features.  And we may
> need several version of this user story to complete this feature.
> For the 1st implementation better to implement the simple case. where
> use self sign up and login (with login permission only )
>
> Thanks,
> -Ishara
>
>
>
> On Tue, Jan 3, 2017 at 9:54 AM, Indunil Upeksha Rathnayake <
> indu...@wso2.com> wrote:
>
>> Hi,
>>
>> In IS C5, we are currently implementing self sign-up in the User
>> Portal and having following considerations regarding the self sign-up
>> functionality.
>>
>> what would be the correct way of achieving self sign-up and would
>> like to know how it has been implemented in other C5 based products.
>> If self sign up is enabled, *users should be create their own user
>> accounts and will be able to logged in immediately?* or there should
>> be an *account confirmation through the email* which helps to
>> confirm an actual user? or there should be configurations to 
>> enable/disable
>> both registration and account confirmation?
>>
>> And when it comes to self sign-up, specially if there are no account
>> confirmation, in C5, I think it's better to include improvements such as 
>> a
>> way to *allow anyone to sign up (no restrictions) or restrict users
>> to specific domains* and also a way to choose whether *administrators
>> should receive an email when a new account is created*.
>>
>> I would appreciate your ideas/suggestions on this.
>>
>> Thanks and Regards
>> --
>> Indunil Upeksha Rathnayake
>> Software Engineer | WSO2 Inc
>> Emailindu...@wso2.com
>> Mobile   0772182255 <077%20218%202255>
>>
>
>
>
> --
> Ishara Karunarathna
> Associate Technical Lead
> WSO2 Inc. - lean . enterprise . middleware |  wso2.com
>
> email: isha...@wso2.com,   blog: isharaaruna.blogspot.com,   mobile:
> +94717996791 <+94%2071%20799%206791>
>
>
>


 --
 Thanks & Regards,

 *Johann Dilantha Nallathamby*
 Technical Lead & Product Lead of WSO2 Identity Server
 Governance Technologies Team
 WSO2, Inc.
 lean.enterprise.middleware

 Mobile - *+9476950*
 Blog - *http://nallaa.wordpress.com *

>>>
>>>
>>>
>>> --
>>> Ishara Karunarathna
>>> Associate Technical Lead
>>> WSO2 Inc. - lean . enterprise . middleware |  wso2.com
>>>
>>> email: isha...@wso2.com,   blog: isharaaruna.blogspot.com,   mobile:
>>> +94717996791 <071%20799%206791>
>>>
>>>
>>>
>>> ___
>>> Architecture mailing list
>>> architect...@wso2.org
>>> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
>>>
>>>
>>
>>
>> --
>> Dimuthu Leelarathne
>> Director, Solutions Architecture
>>
>> WSO2, Inc. (http://wso2.com)
>> email: dimut...@wso2.com
>> Mobile:

Re: [Dev] [Architecture] [IS] [C5] Self sign-up in C5 User Portal

[Indunil Upeksha Rathnayake]

Hi Dimuthu,

For M1, we are planning to cover user self sign-up without any email
notification(user will be registered and automatically get logged in). We
need to discuss about how it will be handled in the long run, haven't
covered all the user stories yet. Currently(IS 5.3.0) in self sign-up
process, it creates the user and locks the user account until the
user confirmation is received and an email will be send to the user. Need
to discuss whether this will be the same in IS 6.0.0(C5) as well.

Thanks and Regards

On Wed, Jan 4, 2017 at 9:22 AM, Dimuthu Leelarathne 
wrote:

>
>
> On Tue, Jan 3, 2017 at 1:00 PM, Ishara Karunarathna 
> wrote:
>
>>
>>
>> On Tue, Jan 3, 2017 at 12:52 PM, Johann Nallathamby 
>> wrote:
>>
>>> What are the new user stories we are trying to implement that are not
>>> already there in IS 5.3.0? Can we come up with a list of new requirements?
>>> Isn't most of the above user stories already there in IS 5.3.0?
>>>
>> Yes in 5.3.0 we have almost complete user store. But when it comes to C5
>> implementation we can't cover it with a single milestone release,So we need
>> to start with a simple user story and use different version of that adding
>> other use cases associated with that.
>>
>>
> First we need to envision what we are going to achieve in the long run.
> Then we need to start with the simplest case. For C5 are we trying to
> achieve something different to what we already have?
>
> thanks,
> Dimuthu
>
> -Ishara
>>
>>
>>> On Tue, Jan 3, 2017 at 10:30 AM, Ishara Karunarathna 
>>> wrote:
>>>
 Hi Indunil,

 When we think about self sign up.
 basic use case is User comes to self sign up page and add his user
 informations, system will create a account and let user to login.

 But there are lot of associated use cases with this. For example.
 1. Once user self signed up need to send a verification mail.
 2. self sign up should go through a approval process.
 3. User should be assign to a particular roles.

 To cater those requirements we need additional features.  And we may
 need several version of this user story to complete this feature.
 For the 1st implementation better to implement the simple case. where
 use self sign up and login (with login permission only )

 Thanks,
 -Ishara



 On Tue, Jan 3, 2017 at 9:54 AM, Indunil Upeksha Rathnayake <
 indu...@wso2.com> wrote:

> Hi,
>
> In IS C5, we are currently implementing self sign-up in the User
> Portal and having following considerations regarding the self sign-up
> functionality.
>
> what would be the correct way of achieving self sign-up and would like
> to know how it has been implemented in other C5 based products.
> If self sign up is enabled, *users should be create their own user
> accounts and will be able to logged in immediately?* or there should
> be an *account confirmation through the email* which helps to confirm
> an actual user? or there should be configurations to enable/disable both
> registration and account confirmation?
>
> And when it comes to self sign-up, specially if there are no account
> confirmation, in C5, I think it's better to include improvements such as a
> way to *allow anyone to sign up (no restrictions) or restrict users
> to specific domains* and also a way to choose whether *administrators
> should receive an email when a new account is created*.
>
> I would appreciate your ideas/suggestions on this.
>
> Thanks and Regards
> --
> Indunil Upeksha Rathnayake
> Software Engineer | WSO2 Inc
> Emailindu...@wso2.com
> Mobile   0772182255 <077%20218%202255>
>



 --
 Ishara Karunarathna
 Associate Technical Lead
 WSO2 Inc. - lean . enterprise . middleware |  wso2.com

 email: isha...@wso2.com,   blog: isharaaruna.blogspot.com,   mobile:
 +94717996791 <+94%2071%20799%206791>



>>>
>>>
>>> --
>>> Thanks & Regards,
>>>
>>> *Johann Dilantha Nallathamby*
>>> Technical Lead & Product Lead of WSO2 Identity Server
>>> Governance Technologies Team
>>> WSO2, Inc.
>>> lean.enterprise.middleware
>>>
>>> Mobile - *+9476950*
>>> Blog - *http://nallaa.wordpress.com *
>>>
>>
>>
>>
>> --
>> Ishara Karunarathna
>> Associate Technical Lead
>> WSO2 Inc. - lean . enterprise . middleware |  wso2.com
>>
>> email: isha...@wso2.com,   blog: isharaaruna.blogspot.com,   mobile:
>> +94717996791 <071%20799%206791>
>>
>>
>>
>> ___
>> Architecture mailing list
>> architect...@wso2.org
>> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
>>
>>
>
>
> --
> Dimuthu Leelarathne
> Director, Solutions Architecture
>
> WSO2, Inc. (http://wso2.com)
> email: dimut...@wso2.com
> Mobile: +94773661935 <+94%2077%20366%201935>
> Blog: http://muthulee.blogspot.com
>
> Lean . Enterprise . M

Re: [Dev] [WSO2 IS] Permission to create roles and assign users to them

[Hanen Ben Rhouma]

Is it possible to hide the extra modules (IdP, SP, Claim Mgt, etc.) from
the interface once the user is logged with a role which has "/permission/
admin/manage/identity" as permissions ?

Regards,
Hanen

On Thu, Jan 5, 2017 at 12:06 PM, Hanen Ben Rhouma 
wrote:

> I did add both permissions and same is happening.
>
> Shall I raise a bug?
>
> Regards,
> Hanen
>
>
> On Thu, Jan 5, 2017 at 11:40 AM, Chamila Wijayarathna <
> cdwijayarat...@gmail.com> wrote:
>
>> Hi Hanen,
>>
>> To achieve this in SOAP API calls, your user need to have both "User
>> Management" and "Role Management" permissions.
>>
>> Regards!
>> Chamila
>>
>> On Thu, Jan 5, 2017 at 9:37 PM, Hanen Ben Rhouma 
>> wrote:
>>
>>> Hi,
>>>
>>> In fact, even by using the SOAP service call to add role mgt only as a
>>> permission, the result is the same the created user won't have the
>>> possibility to create roles:
>>>
>>> http://schemas.
>>> xmlsoap.org/soap/envelope/" xmlns:ser="http://service.ws.u
>>> m.carbon.wso2.org" xmlns:xsd="http://dao.service.
>>> ws.um.carbon.wso2.org/xsd">
>>>
>>>
>>>   
>>>  
>>>  TestRole
>>>  
>>>  hanen
>>>  
>>>  
>>> 
>>> ui.execute
>>> 
>>> /permission/admin/manage/identity/rolemgt/>> xsd:resourceId>
>>>  
>>>   
>>>
>>> 
>>>
>>> Regards,
>>> Hanen
>>>
>>> On Wed, Jan 4, 2017 at 5:06 PM, Darshana Gunawardana 
>>> wrote:
>>>
 Hi Chamila\Hanen,

 Yes. you need to have "'/permission/admin/manage/identity'" permission
 to manage roles from the UI. Since we are doing multiple management
 operation via management console we require much higher level of
 permissions. But Relevant backend services (UserAdmin service) do support
 finer level permission ("/permission/admin/manage/identity/usermgt")
 then if some external client need to connect with restricted permissions
 still it's possible. But indeed this UIs can be improved to support fine
 grained permissions. Since we are working on the IS 6.0.0 which is based on
 next gen Carbon 5 platform with complete re-design of the product with
 parallel to IS 5.3.0 release, we did not focus on major redesigning of UI
 and related UI permissions with the IS 5.3.0.

 Giving you bit of insight of IS 6.0.0 effort, we have plans to decouple
 persona that use identity server for different types of administration and
 provide separate views for each of those. You will be able to follow up on
 those discussions on architecture list soon.

 We have created https://wso2.org/jira/browse/IDENTITY-5560 to track
 this specific improvement, and it will consider fixing this in a future
 release.

 Thanks

 On Wed, Jan 4, 2017 at 7:13 PM, Hanen Ben Rhouma 
 wrote:

> Hi,
>
> Actually I tried most of the combinations and the smallest set of
> permissions allowing users to create roles is by selecting the whole
> "Identity" permissions block. Why 
> Sometimes we want some type of users to be able to only create users
> and assign them to some roles, the rest of the application (IdP, SP, Key
> stores, Workflow mgt, etc.) isn't trivial to them and is not even in their
> scope of responsibility. Why such limitation?
>
> Regards,
> Hanen
>
> On Wed, Jan 4, 2017 at 1:32 PM, Chamila Wijayarathna <
> cdwijayarat...@gmail.com> wrote:
>
>> Hi,
>>
>> It looks like you need to have '/permission/admin/manage/identity'
>> to do this using management console. However, when looking at code if you
>> are doing it using API calls, having "User Management" and "Role
>> Management" should be enough to do this.
>>
>> It should work with "Roles Management" IMO, I'm not sure why it's not
>> implemented like that.
>> @Johann, Darshana : Any idea on this?
>>
>> On Wed, Jan 4, 2017 at 10:42 PM, Hanen Ben Rhouma > > wrote:
>>
>>>
>>> Hello,
>>>
>>> What is the permission that gives the user the possibility to create
>>> roles and assign users to them? I tried "Roles Management" permission 
>>> but
>>> it's not doing the trick.
>>>
>>>
>>> Regards,
>>> Hanen
>>>
>>> ___
>>> Dev mailing list
>>> Dev@wso2.org
>>> http://wso2.org/cgi-bin/mailman/listinfo/dev
>>>
>>>
>>
>>
>> --
>> Chamila Dilshan Wijayarathna,
>> PhD Research Student
>> The University of New South Wales (UNSW Canberra)
>> Australian Centre for Cyber Security
>> Australian Defence Force Academy
>> PO Box 7916, Canberra BA ACT 2610
>> Australia
>> Mobile:(+61)416895795 <+61%20416%20895%20795>
>>
>>
>


 --
 Regards,


 *Darshana Gunawardana*Associate Technical Lead
 WSO2 Inc.; http://wso2.com

 *E-mai

Re: [Dev] [Oracle] How to handle insertion of empty string in oracle.

[Tharindu Dharmarathna]

On Fri, Jan 6, 2017 at 3:26 PM, Tharindu Dharmarathna 
wrote:

> Hi All,
>
> I faced $Subject in Oracle database while running integration test on C5
> on top.
>
> *Observation*
>
> when insert empty string ("") it was save as null in database.
>
> While going through SO I had found [1] , which did happen in oracle
> database.
>
>
> We have come up with several ways to handle empty strings which user sends
> through the rest api.
>
> 1.  Validate the request and send error when giving empty strings
> 2.  Set default value like "N/A" into the fields which send as empty.
>
> Is there any other way to handle this problem ?.
>
> [1] - http://stackoverflow.com/questions/13278773/null-vs-
> empty-string-in-oracle
>
> Thanks
>
>
> *Tharindu Dharmarathna*Software Engineer
> WSO2 Inc.; http://wso2.com
> lean.enterprise.middleware
>
> mobile: *+94779109091 <+94%2077%20910%209091>*
>



-- 

*Tharindu Dharmarathna*Software Engineer
WSO2 Inc.; http://wso2.com
lean.enterprise.middleware

mobile: *+94779109091*
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

[Dev] [Oracle] How to handle insertion of empty string in oracle.

[Tharindu Dharmarathna]

Hi All,

I faced $Subject in Oracle database while running integration test on C5 on
top.

*Observation*

when insert empty string ("") it was save as null in database.

While going through SO I had found [1] , which did happen in oracle
database.


We have come up with several ways to handle empty strings which user sends
through the rest api.

1.  Validate the request and send error when giving empty strings
2.  Set default value like "N/A" into the fields which send as empty.

Is there any other way to handle this problem ?.

[1] -
http://stackoverflow.com/questions/13278773/null-vs-empty-string-in-oracle

Thanks


*Tharindu Dharmarathna*Software Engineer
WSO2 Inc.; http://wso2.com
lean.enterprise.middleware

mobile: *+94779109091*
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] [Puppet-Base] Error in running puppet agent - due to recent changes

[Lasantha Samarakoon]

Hi Samitha,

Thanks for informing. I will check this and get back to you ASAP.


Regards,



*Lasantha Samarakoon* | Software Engineer
WSO2, Inc.
#20, Palm Grove, Colombo 03, Sri Lanka
Mobile: +94 (71) 214 1576
Email:  lasant...@wso2.com
Web:www.wso2.com

lean . enterprise . middleware

On Fri, Jan 6, 2017 at 2:36 PM, Samitha Chathuranga 
wrote:

> Hi Lasantha,
>
> When running puppet agent with puppet-apim, the I got the error in [1].
> This issue didn't occur previously, before merging the commit [2] made by
> you related to fixing some 'puppet not applying issue'.
>
> I reverted the changes done to the file wso2base/manifests/install.pp and
> tried again and then the error is not occurred. So it seems this is an
> issue occurred due to the fix by [2]. Can you please look into this and
> resolve it or are there any other concerns related to this fix?
>
> [1]-
>
> Error: Could not set 'file' on ensure: No such file or directory -
> /mnt/packs/wso2am-2.1.0-SNAPSHOT.zip20170106-15708-ymnom7.lock at
> 94:/etc/puppet/modules/wso2base/manifests/install.pp
> Error: Could not set 'file' on ensure: No such file or directory -
> /mnt/packs/wso2am-2.1.0-SNAPSHOT.zip20170106-15708-ymnom7.lock at
> 94:/etc/puppet/modules/wso2base/manifests/install.pp
> Wrapped exception:
> No such file or directory - /mnt/packs/wso2am-2.1.0-
> SNAPSHOT.zip20170106-15708-ymnom7.lock
> Error: /Stage[main]/Wso2base::Install/File[/mnt/packs/
> wso2am-2.1.0-SNAPSHOT.zip]/ensure: change from absent to file failed:
> Could not set 'file' on ensure: No such file or directory -
> /mnt/packs/wso2am-2.1.0-SNAPSHOT.zip20170106-15708-ymnom7.lock at
> 94:/etc/puppet/modules/wso2base/manifests/install.pp
> Notice: /Stage[main]/Wso2base::Install/Exec[extract_/mnt/
> packs/wso2am-2.1.0-SNAPSHOT.zip]: Dependency 
> File[/mnt/packs/wso2am-2.1.0-SNAPSHOT.zip]
> has failures: true
> Warning: /Stage[main]/Wso2base::Install/Exec[extract_/mnt/
> packs/wso2am-2.1.0-SNAPSHOT.zip]: Skipping because of failed dependencies
> Notice: /Stage[main]/Wso2base::Install/Exec[set_ownership_/mnt/
> 192.168.57.219/wso2am-2.1.0-SNAPSHOT]: Dependency
> File[/mnt/packs/wso2am-2.1.0-SNAPSHOT.zip] has failures: true
> Warning: /Stage[main]/Wso2base::Install/Exec[set_ownership_/mnt/
> 192.168.57.219/wso2am-2.1.0-SNAPSHOT]: Skipping because of failed
> dependencies
> .
>
> [2] - https://github.com/wso2/puppet-base/commit/
> c611e83502548bcffc2eda6b85be5973dba13633
>
>
> Thanks,
> Samitha
> --
> Samitha Chathuranga
> Software Engineer, WSO2 Inc.
> lean.enterprise.middleware
> Mobile: +94715123761
>
> [image: http://wso2.com/signature] 
>
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] About the Role & Permission on the AS 5.3.0

[wenxing zheng]

Thanks to Thusitha. Will check the links.

On Fri, Jan 6, 2017 at 4:36 PM, Thusitha Thilina Dayaratne <
thusit...@wso2.com> wrote:

> Hi Wenxing,
>
> 1. what's the differences between them, how about the use cases?
>
> Please refer [1] for more details on each of the table
>
>> 2. when I am using the UserStoreManager to addUser with role lists, into
>> which table will those roles go?
>
> You can refer to the particular UserStore addUser method and check on this
> e.g if you are using JDBCUserStore refer to [2] code might differ based on
> the version
> 3. for an User, I can get its role list, but how to get the permission
> list of an User?
> I think you can refer to AS test case[1] which we do a similar thing
>
> [1] - http://tharindue.blogspot.com/2015/04/wso2-identity-server-
> data-dictionary.html
> [2] - https://github.com/wso2/carbon-kernel/blob/v4.4.9/
> core/org.wso2.carbon.user.core/src/main/java/org/wso2/
> carbon/user/core/jdbc/JDBCUserStoreManager.java#L1265
> [3] - https://github.com/wso2/product-as/blob/wso2as-5.3.0/
> modules/integration/tests-integration/tests/src/test/
> java/org/wso2/appserver/integration/tests/usermgt/
> UserManagementWithAdminUserTestCase.java#L165
>
> Thanks
> Thusitha
>
>
> On Fri, Jan 6, 2017 at 1:54 PM, wenxing zheng 
> wrote:
>
>> Dear all,
>>
>> With AS 5.3.0, we are able to create multiple tenants, and per tenant, we
>> can create its own users with different roles.
>>
>> Regarding the Role definition in the DB, we have several kinds of roles,
>> including:
>> 1. UM_ROLE
>> 2. UM_USER_ROLE
>> 3. UM_SYSTEM_ROLE
>> 4. UM_SYSTEM_USER_ROLE
>> 5. UM_HYBRID_ROLE
>> 6. UM_HYBRID_USER_ROLE
>> 7. UM_SHARED_USER_ROLE
>>
>> My questions are:
>> 1. what's the differences between them, how about the use cases?
>> 2. when I am using the UserStoreManager to addUser with role lists, into
>> which table will those roles go?
>> 3. for an User, I can get its role list, but how to get the permission
>> list of an User?
>>
>>
>> Please shed more light on this topic and share some detailed description
>> for reference.
>>
>> Thanks, Wenxing
>>
>> ___
>> Dev mailing list
>> Dev@wso2.org
>> http://wso2.org/cgi-bin/mailman/listinfo/dev
>>
>>
>
>
> --
> Thusitha Dayaratne
> Software Engineer
> WSO2 Inc. - lean . enterprise . middleware |  wso2.com
>
> Mobile  +94712756809 <+94%2071%20275%206809>
> Blog  alokayasoya.blogspot.com
> Abouthttp://about.me/thusithathilina
> 
>
>
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

[Dev] [Puppet-Base] Error in running puppet agent - due to recent changes

[Samitha Chathuranga]

Hi Lasantha,

When running puppet agent with puppet-apim, the I got the error in [1].
This issue didn't occur previously, before merging the commit [2] made by
you related to fixing some 'puppet not applying issue'.

I reverted the changes done to the file wso2base/manifests/install.pp and
tried again and then the error is not occurred. So it seems this is an
issue occurred due to the fix by [2]. Can you please look into this and
resolve it or are there any other concerns related to this fix?

[1]-

Error: Could not set 'file' on ensure: No such file or directory -
/mnt/packs/wso2am-2.1.0-SNAPSHOT.zip20170106-15708-ymnom7.lock at
94:/etc/puppet/modules/wso2base/manifests/install.pp
Error: Could not set 'file' on ensure: No such file or directory -
/mnt/packs/wso2am-2.1.0-SNAPSHOT.zip20170106-15708-ymnom7.lock at
94:/etc/puppet/modules/wso2base/manifests/install.pp
Wrapped exception:
No such file or directory -
/mnt/packs/wso2am-2.1.0-SNAPSHOT.zip20170106-15708-ymnom7.lock
Error:
/Stage[main]/Wso2base::Install/File[/mnt/packs/wso2am-2.1.0-SNAPSHOT.zip]/ensure:
change from absent to file failed: Could not set 'file' on ensure: No such
file or directory -
/mnt/packs/wso2am-2.1.0-SNAPSHOT.zip20170106-15708-ymnom7.lock at
94:/etc/puppet/modules/wso2base/manifests/install.pp
Notice:
/Stage[main]/Wso2base::Install/Exec[extract_/mnt/packs/wso2am-2.1.0-SNAPSHOT.zip]:
Dependency File[/mnt/packs/wso2am-2.1.0-SNAPSHOT.zip] has failures: true
Warning:
/Stage[main]/Wso2base::Install/Exec[extract_/mnt/packs/wso2am-2.1.0-SNAPSHOT.zip]:
Skipping because of failed dependencies
Notice: /Stage[main]/Wso2base::Install/Exec[set_ownership_/mnt/
192.168.57.219/wso2am-2.1.0-SNAPSHOT]: Dependency
File[/mnt/packs/wso2am-2.1.0-SNAPSHOT.zip] has failures: true
Warning: /Stage[main]/Wso2base::Install/Exec[set_ownership_/mnt/
192.168.57.219/wso2am-2.1.0-SNAPSHOT]: Skipping because of failed
dependencies
.

[2] -
https://github.com/wso2/puppet-base/commit/c611e83502548bcffc2eda6b85be5973dba13633


Thanks,
Samitha
-- 
Samitha Chathuranga
Software Engineer, WSO2 Inc.
lean.enterprise.middleware
Mobile: +94715123761

[image: http://wso2.com/signature] 
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] About the Role & Permission on the AS 5.3.0

[Thusitha Thilina Dayaratne]

Hi Wenxing,

1. what's the differences between them, how about the use cases?

Please refer [1] for more details on each of the table

> 2. when I am using the UserStoreManager to addUser with role lists, into
> which table will those roles go?

You can refer to the particular UserStore addUser method and check on this
e.g if you are using JDBCUserStore refer to [2] code might differ based on
the version
3. for an User, I can get its role list, but how to get the permission list
of an User?
I think you can refer to AS test case[1] which we do a similar thing

[1] -
http://tharindue.blogspot.com/2015/04/wso2-identity-server-data-dictionary.html
[2] -
https://github.com/wso2/carbon-kernel/blob/v4.4.9/core/org.wso2.carbon.user.core/src/main/java/org/wso2/carbon/user/core/jdbc/JDBCUserStoreManager.java#L1265
[3] -
https://github.com/wso2/product-as/blob/wso2as-5.3.0/modules/integration/tests-integration/tests/src/test/java/org/wso2/appserver/integration/tests/usermgt/UserManagementWithAdminUserTestCase.java#L165

Thanks
Thusitha


On Fri, Jan 6, 2017 at 1:54 PM, wenxing zheng 
wrote:

> Dear all,
>
> With AS 5.3.0, we are able to create multiple tenants, and per tenant, we
> can create its own users with different roles.
>
> Regarding the Role definition in the DB, we have several kinds of roles,
> including:
> 1. UM_ROLE
> 2. UM_USER_ROLE
> 3. UM_SYSTEM_ROLE
> 4. UM_SYSTEM_USER_ROLE
> 5. UM_HYBRID_ROLE
> 6. UM_HYBRID_USER_ROLE
> 7. UM_SHARED_USER_ROLE
>
> My questions are:
> 1. what's the differences between them, how about the use cases?
> 2. when I am using the UserStoreManager to addUser with role lists, into
> which table will those roles go?
> 3. for an User, I can get its role list, but how to get the permission
> list of an User?
>
>
> Please shed more light on this topic and share some detailed description
> for reference.
>
> Thanks, Wenxing
>
> ___
> Dev mailing list
> Dev@wso2.org
> http://wso2.org/cgi-bin/mailman/listinfo/dev
>
>


-- 
Thusitha Dayaratne
Software Engineer
WSO2 Inc. - lean . enterprise . middleware |  wso2.com

Mobile  +94712756809
Blog  alokayasoya.blogspot.com
Abouthttp://about.me/thusithathilina

___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

[Dev] About the Role & Permission on the AS 5.3.0

[wenxing zheng]

Dear all,

With AS 5.3.0, we are able to create multiple tenants, and per tenant, we
can create its own users with different roles.

Regarding the Role definition in the DB, we have several kinds of roles,
including:
1. UM_ROLE
2. UM_USER_ROLE
3. UM_SYSTEM_ROLE
4. UM_SYSTEM_USER_ROLE
5. UM_HYBRID_ROLE
6. UM_HYBRID_USER_ROLE
7. UM_SHARED_USER_ROLE

My questions are:
1. what's the differences between them, how about the use cases?
2. when I am using the UserStoreManager to addUser with role lists, into
which table will those roles go?
3. for an User, I can get its role list, but how to get the permission list
of an User?


Please shed more light on this topic and share some detailed description
for reference.

Thanks, Wenxing
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev