Re: [Dev] [DEV][APIM][C5] - Caching requirement for OAuth2 protected microservices

[Sagara Gunathunga]

On Fri, Feb 24, 2017 at 7:28 AM, Uvindra Dias Jayasinha 
wrote:

> This will function like any of the local container classes we use(example:
> HashMap). I think its fine to use one of the available implementations(such
> as Guava since we already have it as a dependency) for this. Testing will
> reveal its suitability but I don't anticipate any issues since this is not
> as complicated as a distributed cache.
>

It's ok to pick one of the local cache implementations but make sure you
discuss with others without limiting to your own use case and pick a good
one so that others can use the same for their local caching requirements,
it's really ugly to use several local caching F/W across the platform other
than really exceptional cases.

Thanks !

>
> On 16 February 2017 at 22:45, Maduranga Siriwardena 
> wrote:
>
>> Hi Rajith,
>>
>> I think this is a generic requirement for all the C5 based products
>> rather than for this specific use case. So we need to come up with a
>> solution that can be used across the platform.
>>
>> Thanks,
>>
>> On Thu, Feb 16, 2017 at 12:37 AM, Rajith Roshan  wrote:
>>
>>> Hi all,
>>>
>>> In C5 API Manager  back end REST APIs (micro services) are protected
>>> using oauth2 token. Every time request comes to micro services, interceptor
>>> will validate the access token sent in the authorization header of the
>>> request. In order to validate the token we need to do a introspection call
>>> to the key manager.  We can not do this introspection call to the key
>>> manager for each and every request. We need a caching layer at the
>>> interceptor level in order to cache the access tokens.
>>>
>>> We are going to use local cache with small cache timeout periods for
>>> this. What are the best caching systems we can use for this.
>>> We can use either JCache (javax.cache), google guava cache[1] which are
>>> specially used as local caches. "Memcached" [2] is also another option but
>>> mostly used in distributed systems.
>>>
>>> [1] - https://github.com/google/guava/wiki/CachesExplained
>>> [2] - https://memcached.org/
>>> --
>>> Rajith Roshan
>>> Software Engineer, WSO2 Inc.
>>> Mobile: +94-72-642-8350 <%2B94-71-554-8430>
>>>
>>> ___
>>> Dev mailing list
>>> Dev@wso2.org
>>> http://wso2.org/cgi-bin/mailman/listinfo/dev
>>>
>>>
>>
>>
>> --
>> Maduranga Siriwardena
>> Software Engineer
>> WSO2 Inc; http://wso2.com/
>>
>> Email: madura...@wso2.com
>> Mobile: +94718990591 <+94%2071%20899%200591>
>> Blog: http://madurangasblogs.blogspot.com/
>> 
>>
>> ___
>> Dev mailing list
>> Dev@wso2.org
>> http://wso2.org/cgi-bin/mailman/listinfo/dev
>>
>>
>
>
> --
> Regards,
> Uvindra
>
> Mobile: 33962
>
> ___
> Dev mailing list
> Dev@wso2.org
> http://wso2.org/cgi-bin/mailman/listinfo/dev
>
>


-- 
Sagara Gunathunga

Associate Director / Architect; WSO2, Inc.;  http://wso2.com
V.P Apache Web Services;http://ws.apache.org/
Linkedin; http://www.linkedin.com/in/ssagara
Blog ;  http://ssagara.blogspot.com
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] [DEV][APIM][C5] - Caching requirement for OAuth2 protected microservices

[Uvindra Dias Jayasinha]

This will function like any of the local container classes we use(example:
HashMap). I think its fine to use one of the available implementations(such
as Guava since we already have it as a dependency) for this. Testing will
reveal its suitability but I don't anticipate any issues since this is not
as complicated as a distributed cache.

On 16 February 2017 at 22:45, Maduranga Siriwardena 
wrote:

> Hi Rajith,
>
> I think this is a generic requirement for all the C5 based products rather
> than for this specific use case. So we need to come up with a solution that
> can be used across the platform.
>
> Thanks,
>
> On Thu, Feb 16, 2017 at 12:37 AM, Rajith Roshan  wrote:
>
>> Hi all,
>>
>> In C5 API Manager  back end REST APIs (micro services) are protected
>> using oauth2 token. Every time request comes to micro services, interceptor
>> will validate the access token sent in the authorization header of the
>> request. In order to validate the token we need to do a introspection call
>> to the key manager.  We can not do this introspection call to the key
>> manager for each and every request. We need a caching layer at the
>> interceptor level in order to cache the access tokens.
>>
>> We are going to use local cache with small cache timeout periods for
>> this. What are the best caching systems we can use for this.
>> We can use either JCache (javax.cache), google guava cache[1] which are
>> specially used as local caches. "Memcached" [2] is also another option but
>> mostly used in distributed systems.
>>
>> [1] - https://github.com/google/guava/wiki/CachesExplained
>> [2] - https://memcached.org/
>> --
>> Rajith Roshan
>> Software Engineer, WSO2 Inc.
>> Mobile: +94-72-642-8350 <%2B94-71-554-8430>
>>
>> ___
>> Dev mailing list
>> Dev@wso2.org
>> http://wso2.org/cgi-bin/mailman/listinfo/dev
>>
>>
>
>
> --
> Maduranga Siriwardena
> Software Engineer
> WSO2 Inc; http://wso2.com/
>
> Email: madura...@wso2.com
> Mobile: +94718990591 <+94%2071%20899%200591>
> Blog: http://madurangasblogs.blogspot.com/
> 
>
> ___
> Dev mailing list
> Dev@wso2.org
> http://wso2.org/cgi-bin/mailman/listinfo/dev
>
>


-- 
Regards,
Uvindra

Mobile: 33962
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] GSoC 2017

[Vihanga Liyanage]

Hi all,

I hope you read my reply to the other mail tread, "Eclipse plugin for
Siddhi". As I said in there, we can use same Xtext[1] framework to develop
Siddhi plugins for both eclipse and Intellij IDEA editors. Here are my
example idea plugin project details. You can find the code in here[2].

This is the sample xtext grammar I used.



Syntax highlighting and error detection.


​
Code completion


​
I'd love to know your ideas about this.

[1] https://eclipse.org/Xtext/index.html
[2] https://github.com/vihanga-liyanage/IDEA-Plug-Ins

Regards,


Vihanga Liyanage,
Undergraduate,
University of Colombo School of Computing.
M: +94 71 012 4103





On Mon, Feb 13, 2017 at 11:50 AM, Vihanga Liyanage <
vihangaliyanage...@gmail.com> wrote:

> Thank you for your reply. I'll look into those things and will get back to
> you.
>
> Regards
>
>
> On Feb 13, 2017 10:35 AM, "Tishan Dahanayakage"  wrote:
>
> Hi Vihanga,
>
> Thanks for your interest in WSO2 and this project. I have improved idea
> page with more details. I would suggest you to start off with getting bit
> familiar with Siddhi grammar. Then you can look into idea plugin creation
> to support different languages. Then you can look into antlr based
> programming languages and how antlr can be used to generate parsers,
> lexers, etc. Above will provide you enough context information on how to
> proceed through with the idea.
> Feel free to revert back if you don't understand the requirement or have
> any other clarification.
>
> Thanks,
> Tishan
>
> On Sat, Feb 11, 2017 at 12:54 PM, Vihanga Liyanage <
> vihangaliyanage...@gmail.com> wrote:
>
>> Hi Tishan,
>>
>> I read through your project proposals for GSoC 2017 and particularly
>> interested in the project Proposal 4: Idea Plugin for Siddhi
>> 
>> , which lists you as the possible mentor. I'd really like to work on
>> this idea further, hoping to get selected for GSoC and complete the project
>> at the end.
>> It'll be really great if you could point me in a direction where I could
>> do some more background work on this.
>>
>> Best Regards,
>> Vihanga Liyanage,
>> Undergraduate,
>> University of Colombo School of Computing.
>> M: +94 71 012 4103 <+94%2071%20012%204103>
>>
>> 
>> 
>> 
>>
>
>
>
> --
> Tishan Dahanayakage
> Senior Software Engineer
> WSO2, Inc.
> Mobile:+94 716481328 <071%20648%201328>
>
> Disclaimer: This communication may contain privileged or other
> confidential information and is intended exclusively for the addressee/s.
> If you are not the intended recipient/s, or believe that you may have
> received this communication in error, please reply to the sender indicating
> that fact and delete the copy you received and in addition, you should not
> print, copy, re-transmit, disseminate, or otherwise use the information
> contained in this communication. Internet communications cannot be
> guaranteed to be timely, secure, error or virus-free. The sender does not
> accept liability for any errors or omissions.
>
>
>
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] GSoC 2017 - Proposal 20: [IS] OAuth 2.0 Dynamic Client Registration Management Protocol Support

[Ishara Karunarathna]

On Fri, Feb 24, 2017 at 11:16 AM, Dinuksha Ishwari <
dinuksha.ishw...@gmail.com> wrote:
[+ dev]

> Hi Ishara,
>
> Thank you for the information. I'm in the process of reading the related
> specifications and getting familiar with the code base further. Will get
> back to you soon.
>
> Thanks,
> Dinuksha.
>
> On Fri, Feb 24, 2017 at 10:14 AM, Ishara Karunarathna 
> wrote:
>
>> Hi Dinuksha,
>>
>> Thank you for your interest in GSoC and the effort on WSO2IS DCRM
>> implementation.
>> It’s great  that you have already started working with IS code base.
>> Further you can go through current DCR implementation from
>> here[1] and go through that code.
>>
>> You may find open jiras here[2]. Following are related to current DCR
>> implementation
>> https://wso2.org/jira/browse/IDENTITY-5185
>> https://wso2.org/jira/browse/IDENTITY-5184
>>
>> Thanks,
>> Ishara
>>
>> [1] https://github.com/wso2-extensions/identity-inbound-auth-oauth
>> [2] https://wso2.org/jira/projects/IDENTITY/issues/IDENTITY-
>> 5723?filter=allopenissues
>>
>>
>> On Mon, Feb 20, 2017 at 4:45 PM, Dinuksha Ishwari <
>> dinuksha.ishw...@gmail.com> wrote:
>>
>>> Hi All,
>>>
>>>
>>> I am Dinuksha Kanda Samanage, a 3rd year undergraduate from Sri Lanka
>>> Institute of Information Technology, following the Software Engineering
>>> specialization.
>>>
>>>
>>> This is to convey my interest in implementing the OAuth 2.0 Dynamic
>>> Client Registration Management Protocol Support for Identity Server
>>> (Proposal 20) in GSoC 2017.
>>>
>>>
>>> I am well versed in Java and also familiar with Maven and Git. I have
>>> been involved in implementing an OAuth 2.0 and OpenID Connect related
>>> project for almost 7 months during my internship.
>>>
>>>
>>> I have already started to get familiar with WSO2 codebase and fixed the
>>> JIRA [1] where the pull request is already merged to the WSO2 codebase. I
>>> will continue fixing more open JIRA tickets on Identity Server. (If you can
>>> suggest some, that would be great too)
>>>
>>>
>>> In order to get ready for this project, I already setup OAuth 2.0
>>> Playground2 sample with Identity Server 5.3.0 and wrote the blog post [2]
>>> for sharing my experience. When running this flow, I faced an issue and
>>> raised it in the Dev mail [3] and have got the answer now.
>>>
>>>
>>> My GitHub profile can be found at [4].
>>>
>>>
>>> Therefore I believe I can learn the required concepts/technologies and
>>> implement this project for GSoC 2017.
>>>
>>>
>>> I appreciate if you can guide me on proceeding further with the project.
>>>
>>>
>>> [1] https://wso2.org/jira/browse/IDENTITY-5241
>>>
>>> [2] http://dinukshaish.blogspot.com/2017/02/getting-started-with
>>> -oauth-20-using.html
>>>
>>> [3] [Dev] Mandatory Claims in OAuth 2.0 with Identity Server 5.3.0
>>>
>>> [4] https://github.com/dinuish94
>>>
>>>
>>> Best Regards,
>>>
>>> Dinuksha
>>>
>>> ___
>>> Dev mailing list
>>> Dev@wso2.org
>>> http://wso2.org/cgi-bin/mailman/listinfo/dev
>>>
>>>
>>
>>
>> --
>> Ishara Karunarathna
>> Associate Technical Lead
>> WSO2 Inc. - lean . enterprise . middleware |  wso2.com
>>
>> email: isha...@wso2.com,   blog: isharaaruna.blogspot.com,   mobile:
>> +94717996791 <+94%2071%20799%206791>
>>
>>
>>
>


-- 
Ishara Karunarathna
Associate Technical Lead
WSO2 Inc. - lean . enterprise . middleware |  wso2.com

email: isha...@wso2.com,   blog: isharaaruna.blogspot.com,   mobile:
+94717996791
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] GSoC 2017 - Proposal 20: [IS] OAuth 2.0 Dynamic Client Registration Management Protocol Support

[Ishara Karunarathna]

Hi Dinuksha,

Thank you for your interest in GSoC and the effort on WSO2IS DCRM
implementation.
It’s great  that you have already started working with IS code base.
Further you can go through current DCR implementation from
here[1] and go through that code.

You may find open jiras here[2]. Following are related to current DCR
implementation
https://wso2.org/jira/browse/IDENTITY-5185
https://wso2.org/jira/browse/IDENTITY-5184

Thanks,
Ishara

[1] https://github.com/wso2-extensions/identity-inbound-auth-oauth
[2]
https://wso2.org/jira/projects/IDENTITY/issues/IDENTITY-5723?filter=allopenissues


On Mon, Feb 20, 2017 at 4:45 PM, Dinuksha Ishwari <
dinuksha.ishw...@gmail.com> wrote:

> Hi All,
>
>
> I am Dinuksha Kanda Samanage, a 3rd year undergraduate from Sri Lanka
> Institute of Information Technology, following the Software Engineering
> specialization.
>
>
> This is to convey my interest in implementing the OAuth 2.0 Dynamic
> Client Registration Management Protocol Support for Identity Server
> (Proposal 20) in GSoC 2017.
>
>
> I am well versed in Java and also familiar with Maven and Git. I have been
> involved in implementing an OAuth 2.0 and OpenID Connect related project
> for almost 7 months during my internship.
>
>
> I have already started to get familiar with WSO2 codebase and fixed the
> JIRA [1] where the pull request is already merged to the WSO2 codebase. I
> will continue fixing more open JIRA tickets on Identity Server. (If you can
> suggest some, that would be great too)
>
>
> In order to get ready for this project, I already setup OAuth 2.0
> Playground2 sample with Identity Server 5.3.0 and wrote the blog post [2]
> for sharing my experience. When running this flow, I faced an issue and
> raised it in the Dev mail [3] and have got the answer now.
>
>
> My GitHub profile can be found at [4].
>
>
> Therefore I believe I can learn the required concepts/technologies and
> implement this project for GSoC 2017.
>
>
> I appreciate if you can guide me on proceeding further with the project.
>
>
> [1] https://wso2.org/jira/browse/IDENTITY-5241
>
> [2] http://dinukshaish.blogspot.com/2017/02/getting-started-
> with-oauth-20-using.html
>
> [3] [Dev] Mandatory Claims in OAuth 2.0 with Identity Server 5.3.0
>
> [4] https://github.com/dinuish94
>
>
> Best Regards,
>
> Dinuksha
>
> ___
> Dev mailing list
> Dev@wso2.org
> http://wso2.org/cgi-bin/mailman/listinfo/dev
>
>


-- 
Ishara Karunarathna
Associate Technical Lead
WSO2 Inc. - lean . enterprise . middleware |  wso2.com

email: isha...@wso2.com,   blog: isharaaruna.blogspot.com,   mobile:
+94717996791
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

[Dev] GSOC 2017 - Test Automation Tool

[Uditha Kasun]

Hi All,

I am Uditha Kasun Senavirathna, a 3rd year Software Engineering undergraduate 
student from Sri Lanka Institute Of Information Technology. I am interested in 
implementing your GSOC 2017 proposal for  a Test Automation Tool. I currently 
have some experience with test automation using frameworks like Selenium, 
Sikuli using java. It would be much appreciated if you could provide more 
information regarding the test automation tool to be implemented.

___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] Test automation tool - GSoC Proposal 13

[Dharshana Warusavitharana]

Hi Erandi,

Thank you for the interest in this project.

This project mainly focuses on automatic test case generation based on
given instruction set. In this case, its implementation is on steps
provided in a document.

You have to use NLP to derive a common medium something like XML/JSON to
interpret steps in an understandable format and derive test cases based on
that derivation.

We are mainly focused on  Java, TestNG and maven based test cases and
ability to evaluate documented steps against the same type of deployment
(may be docker) and verify whether the document is still valid or not.

There is a old GSOC project dome by Ruskshan for NLP and test case
generation based on WSO2 admin services [1].
This is just high level of the project , if you have any more issues please
feel free to ask.

[1].
https://github.com/ruks/Automated-test-case-generation-tool/tree/991e6e21927288d237c0a8d1985b7d2787f91a9b/Auto-TAF

Thank you,
Dharshana



On Fri, Feb 24, 2017 at 12:54 AM, Nuwan Silva  wrote:

> Adding DharshanaW
>
> On Wed, Feb 22, 2017 at 5:18 AM, Erandi Ganepola  > wrote:
>
>> Hi All,
>>
>> I am a final year student in MIT, University of Kelaniya. I went through
>> the proposals in GSoC 2017 and I am interested in $subject. I followed the
>> reference given in the documentation. But need to get more details on above
>> task.
>>
>> Can someone please explain more about the expected product and mention
>> more references to referer?
>>
>> Thanks and Regards,
>>
>> *Erandi Ganepola*
>> Undergraduate
>> BSc. Management and Information Technology
>> University of Kelaniya, Sri Lanka
>> +94710695692 <+94%2071%20069%205692>
>>
>> ___
>> Dev mailing list
>> Dev@wso2.org
>> http://wso2.org/cgi-bin/mailman/listinfo/dev
>>
>>
>
>
> --
>
>
> *Nuwan Silva*
> *Senior Software Engineer*
> Mobile: +9477 980 4543 <077%20980%204543>
>
> WSO2 Inc.
> lean . enterprise . middlewear.
> http://www.wso2.com
>



-- 

Dharshana Warusavitharana
Associate Technical Lead
WSO2 Inc. http://wso2.com
email : dharsha...@wso2.com 
Tel  : +94 11 214 5345
Fax :+94 11 2145300
cell : +94770342233
blog : http://dharshanaw.blogspot.com

lean . enterprise . middleware
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] Test automation tool - GSoC Proposal 13

[Nuwan Silva]

Adding DharshanaW

On Wed, Feb 22, 2017 at 5:18 AM, Erandi Ganepola 
wrote:

> Hi All,
>
> I am a final year student in MIT, University of Kelaniya. I went through
> the proposals in GSoC 2017 and I am interested in $subject. I followed the
> reference given in the documentation. But need to get more details on above
> task.
>
> Can someone please explain more about the expected product and mention
> more references to referer?
>
> Thanks and Regards,
>
> *Erandi Ganepola*
> Undergraduate
> BSc. Management and Information Technology
> University of Kelaniya, Sri Lanka
> +94710695692 <+94%2071%20069%205692>
>
> ___
> Dev mailing list
> Dev@wso2.org
> http://wso2.org/cgi-bin/mailman/listinfo/dev
>
>


-- 


*Nuwan Silva*
*Senior Software Engineer*
Mobile: +9477 980 4543

WSO2 Inc.
lean . enterprise . middlewear.
http://www.wso2.com
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

[Dev] Traffic Manager HA deployment on DC/OS

[JOSE MARIA ALVAREZ FERNANDEZ]

Hi all,As you may know, we are implementing WSO2 in El Corte Ingles, and we are trying to fit Traffic Manager in our architecture, based on DC/OS and containers. We would like to know which approach you think it may be better for the Traffic Manager component. As we are in a PaaS system, we would like to be able to scale this system out without problems. a) It is our understanding that we have to create a different database schema for every TM instance that we run. We would like to know if it is possible to run this without having to create a new schema for every component (that is, share the same schema). If we create a new schema, that would force us to differentiate the component at DC/OS level, giving them different configurations for different Traffic Manager instances. b) If that is not possible, we would like to know if it is possible to run TM with H2 in memory. As there is nothing that should be persisted in the TM schema, we thought that could be possible.If none of the options are viable, what deployment schema would be the best for this component, taking into account that we would like to be active/active (being able to scale out)?Thank you very much for your help and comments,Jose Maria.

www.elcorteingles.es


---

Este mensaje, y en su caso, cualquier fichero anexo al mismo, puede
contener información confidencial, siendo para uso exclusivo del 
destinatario, quedando prohibida su divulgación copia o  distribución a 
terceros sin la autorización expresa del remitente. Si Vd. ha recibido 
este mensaje erróneamente, se ruega lo  notifique al remitente y 
proceda a su borrado.
Gracias por su colaboración.

This message (including any attachments) may contain confidential 
information. It is intended for use by the recipient only. Any 
dissemination, copying or distribution to third parties without the 
express consent of the sender is strictly prohibited. If you have 
received this message in error, please delete it immediately and 
notify the sender. 
Thank you for your collaboration.
 

___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

[Dev] Fixed the Issue with Testng Configurations

[Irunika Weeraratne]

Hi all,
There was a problem with testng is not aware of the test classes configured
in the testng.xml.
Please find the following PR fixing the problem.
Please review and merge.
https://github.com/wso2/carbon-transports/pull/226

Thanks,
Irunika
*Irunika Weeraratne*
*Software Engineer | WSO2, Inc. *
*Email : irun...@wso2.com *
*LinkedIn : https://lk.linkedin.com/in/irunika
*
*Mobile : +94712403314*
*Lean . Enterprise . Middleware*
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] [IS 6.0.0] Making native claim dialect configurable

[Omindu Rathnaweera]

One of the advantages would be that we can avoid the overhead of claim
transformation.

Regards,
Omindu.

On Thu, Feb 23, 2017 at 1:53 PM, Omindu Rathnaweera  wrote:

> Do we need to make the native claim dialect configurable ? AFAIK it is not
> configurable and we are using a hardcoded constant for the dialect URI (
> http://wso2.org/claims).
>
>
> Regards,
> Omindu
>
> --
> Omindu Rathnaweera
> Software Engineer, WSO2 Inc.
> Mobile: +94 771 197 211 <+94%2077%20119%207211>
>



-- 
Omindu Rathnaweera
Software Engineer, WSO2 Inc.
Mobile: +94 771 197 211
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

[Dev] [IS 6.0.0] Making native claim dialect configurable

[Omindu Rathnaweera]

Do we need to make the native claim dialect configurable ? AFAIK it is not
configurable and we are using a hardcoded constant for the dialect URI (
http://wso2.org/claims).


Regards,
Omindu

-- 
Omindu Rathnaweera
Software Engineer, WSO2 Inc.
Mobile: +94 771 197 211
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev