Re: [Dev] [Architecture] [IS] GSoC 2017 - WS-Trust Implementation for IS6

[Isuranga Perera]

Hi,

Please review and merge PR [1].

[1] https://github.com/wso2-incubator/mss4j-ws-trust/pull/1

On Wed, Sep 6, 2017 at 7:27 AM, Malithi Edirisinghe 
wrote:

> Hi Isuranga,
>
> Great job on completing the project :)
>
> Could you please send a PR to the repository above. Also, it would be
> better if you can include a sequence diagram in your documentation for one
> STS operation. For example token issuance. That would help to easily
> understand the invocation and the flow.
>
> Thanks,
> Malithi.
>
> On Tue, Sep 5, 2017 at 5:14 PM, Maheshika Goonetilleke  > wrote:
>
>> Hi Johann
>>
>> Created: https://github.com/wso2-incubator/mss4j-ws-trust
>>
>> On Tue, Sep 5, 2017 at 4:03 PM, Johann Nallathamby 
>> wrote:
>>
>>> Hi Maheshika,
>>>
>>> Can we have repo created for this project under wso2-incubator?
>>>
>>> Name: "mss4j-ws-trust"
>>>
>>> Regards,
>>> Johann.
>>>
>>> On Tue, Sep 5, 2017 at 11:59 AM, Johann Nallathamby 
>>> wrote:
>>>
 Great job Isuranga over the past 3 months in completing this project!!
 Hope you had a great learning experience and will keep contributing to WSO2
 Identity Server in future.

 Can you please write a WSO2 article on the technical details of how
 this integration was done between MSS4J and CXF? We can publish that in our
 Oxygen Tank.

 And also you can write a blog post on how to integrate CXF as a
 WS-Security engine to any generic web services engine?

 Regards,
 Johann.


 On Tue, Sep 5, 2017 at 10:35 AM, Isuranga Perera <
 isurangamper...@gmail.com> wrote:

> Hi All,
>
> I was able to complete the WS-Trust Implementation for Identity Server
> 6 with all the functional requirements.
>
> Project Repository [1]
> Documentation [2]
>
> I would like to thanks my mentors Johann Nallathamby, Malithi
> Edirisinghe, Kasun Gajasinghe who gave an immense support throughout the
> project by giving necessary guidance whenever needed. In addition to that,
> I would like to thanks,  Sagara Gunathnga, Harsha Thirimanne and Thusitha
> Dayaratne for supporting me through Dev list.
>
> [1] https://github.com/IsurangaPerera/identity-inbound-auth-sts
> [2] https://docs.google.com/document/d/1ZRLQnazRgH4ZZu2luxFm
> YjXVpRw17n29NkkjeTXVWn0/edit?usp=sharing
> 
>
> Best Regards
> Isuranga Perera
>
>
> ___
> Dev mailing list
> Dev@wso2.org
> http://wso2.org/cgi-bin/mailman/listinfo/dev
>
>


 --
 Thanks & Regards,

 *Johann Dilantha Nallathamby*
 Senior Lead Solutions Engineer
 WSO2, Inc.
 lean.enterprise.middleware

 Mobile - *+9476950*
 Blog - *http://nallaa.wordpress.com *

>>>
>>>
>>>
>>> --
>>> Thanks & Regards,
>>>
>>> *Johann Dilantha Nallathamby*
>>> Senior Lead Solutions Engineer
>>> WSO2, Inc.
>>> lean.enterprise.middleware
>>>
>>> Mobile - *+9476950*
>>> Blog - *http://nallaa.wordpress.com *
>>>
>>
>>
>>
>> --
>>
>> Thanks & Best Regards,
>>
>> Maheshika Goonetilleke
>> Senior Engineering Process Coordinator
>>
>> *WSO2 Inc*
>> *email   : mahesh...@wso2.com *
>> *mobile : +94 773 596707 <+94%2077%20359%206707>*
>> *www: :http://wso2.com *lean . enterprise . middleware
>>
>>
>>
>>
>>
>> ___
>> Architecture mailing list
>> architect...@wso2.org
>> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
>>
>>
>
>
> --
>
> *Malithi Edirisinghe*
> Associate Technical Lead
> WSO2 Inc.
>
> Mobile : +94 (0) 718176807
> malit...@wso2.com
>
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] WSO2 API Manager 3.0.0-M6 Released!

[Anuruddha Liyanarachchi]

Hi Youcef,

Thanks for reporting the issue.
As per the logs, the issue is occurring when parsing the IPV6 IP address.
>
>  URL parsing error for : http://0:0:0:0:0:0:0:1:9292/publisher


We have not tested the product in an IPV6 environment.

We will track this issue via the JIRA you have created. [1]

[1] https://github.com/wso2/product-apim/issues/1559

On Sun, Sep 3, 2017 at 11:53 PM, Youcef HILEM 
wrote:

> Hi,
> This exception is thrown when I access to the API Publisher at
> https://localhost:9292/publisher
>
> C:\Platform\POC\WSO2\APIM-3.0.0\wso2apim-3.0.0-m6>.\bin\carbon.bat --run
> JAVA_HOME environment variable is set to C:\Platform\Java\jdk1.8.0_144
> CARBON_HOME environment variable is set to
> C:\Platform\POC\WSO2\APIM-3~1.0\WSO2AP~2.0-M\bin\..
> osgi> [2017-09-03 08:46:24,689]  INFO {com.zaxxer.hikari.HikariDataSource}
> -
> HikariPool-0 - is starting.
> [2017-09-03 08:46:25,324]  INFO {com.zaxxer.hikari.HikariDataSource} -
> HikariPool-1 - is starting.
> [2017-09-03 08:46:25,533]  INFO
> {org.wso2.carbon.lcm.sql.LifecycleDatabaseCreator} - Lifecycle DB tables
> created successfully.
> [2017-09-03 08:46:25,717]  INFO
> {org.wso2.msf4j.analytics.metrics.MetricsComponent} - Metrics Component is
> activated
> [2017-09-03 08:46:25,756]  INFO
> {org.wso2.carbon.transport.http.netty.internal.
> HTTPTransportServiceComponent}
> - All CarbonHTTPServerInitializers are available
> [2017-09-03 08:46:25,957]  INFO
> {org.wso2.msf4j.internal.MicroservicesRegistryImpl} - Added microservice:
> org.wso2.msf4j.swagger.SwaggerDefinitionService@258efa0f
> [2017-09-03 08:46:25,982]  INFO
> {org.wso2.msf4j.internal.MicroservicesRegistryImpl} - Added microservice:
> org.wso2.carbon.apimgt.rest.api.admin.BlacklistApi@1058e7de
> [2017-09-03 08:46:25,996]  INFO
> {org.wso2.msf4j.internal.MicroservicesRegistryImpl} - Added microservice:
> org.wso2.carbon.apimgt.rest.api.admin.LabelsApi@1f0ddb56
> [2017-09-03 08:46:26,063]  INFO
> {org.wso2.msf4j.internal.MicroservicesRegistryImpl} - Added microservice:
> org.wso2.carbon.apimgt.rest.api.admin.PoliciesApi@67a21ce1
> [2017-09-03 08:46:26,109]  INFO
> {org.wso2.msf4j.internal.MicroservicesRegistryImpl} - Added microservice:
> org.wso2.carbon.apimgt.rest.api.admin.WorkflowsApi@77bef20e
> [2017-09-03 08:46:26,153]  INFO
> {org.wso2.msf4j.internal.MicroservicesRegistryImpl} - Added microservice:
> org.wso2.carbon.apimgt.rest.api.authenticator.AuthenticatorAPI@3a63340a
> [2017-09-03 08:46:26,201]  INFO
> {org.wso2.msf4j.internal.MicroservicesRegistryImpl} - Added microservice:
> org.wso2.carbon.apimgt.rest.api.core.ApisApi@75334517
> [2017-09-03 08:46:26,250]  INFO
> {org.wso2.msf4j.internal.MicroservicesRegistryImpl} - Added microservice:
> org.wso2.carbon.apimgt.rest.api.core.ApplicationsApi@5925bff7
> [2017-09-03 08:46:26,292]  INFO
> {org.wso2.msf4j.internal.MicroservicesRegistryImpl} - Added microservice:
> org.wso2.carbon.apimgt.rest.api.core.BlacklistApi@36d15239
> [2017-09-03 08:46:26,344]  INFO
> {org.wso2.msf4j.internal.MicroservicesRegistryImpl} - Added microservice:
> org.wso2.carbon.apimgt.rest.api.core.EndpointsApi@25ecbdbd
> [2017-09-03 08:46:26,389]  INFO
> {org.wso2.msf4j.internal.MicroservicesRegistryImpl} - Added microservice:
> org.wso2.carbon.apimgt.rest.api.core.ExportApi@100fbbd9
> [2017-09-03 08:46:26,435]  INFO
> {org.wso2.msf4j.internal.MicroservicesRegistryImpl} - Added microservice:
> org.wso2.carbon.apimgt.rest.api.core.GatewaysApi@64a16428
> [2017-09-03 08:46:26,486]  INFO
> {org.wso2.msf4j.internal.MicroservicesRegistryImpl} - Added microservice:
> org.wso2.carbon.apimgt.rest.api.core.PoliciesApi@58ddb21f
> [2017-09-03 08:46:26,526]  INFO
> {org.wso2.msf4j.internal.MicroservicesRegistryImpl} - Added microservice:
> org.wso2.carbon.apimgt.rest.api.core.ResourcesApi@189cedec
> [2017-09-03 08:46:26,576]  INFO
> {org.wso2.msf4j.internal.MicroservicesRegistryImpl} - Added microservice:
> org.wso2.carbon.apimgt.rest.api.core.SubscriptionsApi@75204c55
> [2017-09-03 08:46:26,685]  INFO
> {org.wso2.msf4j.internal.MicroservicesRegistryImpl} - Added microservice:
> org.wso2.carbon.apimgt.rest.api.publisher.ApisApi@5e5fd600
> [2017-09-03 08:46:26,775]  INFO
> {org.wso2.msf4j.internal.MicroservicesRegistryImpl} - Added microservice:
> org.wso2.carbon.apimgt.rest.api.publisher.EndpointsApi@54d8b3be
> [2017-09-03 08:46:26,865]  INFO
> {org.wso2.msf4j.internal.MicroservicesRegistryImpl} - Added microservice:
> org.wso2.carbon.apimgt.rest.api.publisher.ExportApi@1a9dff73
> [2017-09-03 08:46:26,994]  INFO
> {org.wso2.msf4j.internal.MicroservicesRegistryImpl} - Added microservice:
> org.wso2.carbon.apimgt.rest.api.publisher.ImportApi@6d280b48
> [2017-09-03 08:46:27,109]  INFO
> {org.wso2.msf4j.internal.MicroservicesRegistryImpl} - Added microservice:
> org.wso2.carbon.apimgt.rest.api.publisher.LabelsApi@18bb07f9
> [2017-09-03 08:46:27,225]  INFO
> {org.wso2.msf4j.internal.MicroservicesRegistryImpl} - Added microservice:
> org.wso2.carbon.apimgt.rest.api.publisher.

[Dev] WSO2 Committers += Vidura Nanayakkara

[Chandana Napagoda]

Hi Devs,

It is my pleasure to welcome Vidura Nanayakkara as a WSO2 Committer. Vidura
has made some great contributions to WSO2 Platform during the last few
months and in recognition of his commitment and contributions, he has been
voted as a Committer for WSO2.

@Vidura, welcome aboard and keep up the good work.

Best Regards,
Chandana
-- 
*Chandana Napagoda*
Associate Technical Lead
WSO2 Inc. - http://wso2.org

*Email  :  chand...@wso2.com **Mobile : +94718169299*

*Blog  :http://blog.napagoda.com  |
http://chandana.napagoda.com *

*Linkedin : http://www.linkedin.com/in/chandananapagoda
*
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] [Architecture] [IS] GSoC 2017 - WS-Trust Implementation for IS6

[Malithi Edirisinghe]

Hi Isuranga,

Great job on completing the project :)

Could you please send a PR to the repository above. Also, it would be
better if you can include a sequence diagram in your documentation for one
STS operation. For example token issuance. That would help to easily
understand the invocation and the flow.

Thanks,
Malithi.

On Tue, Sep 5, 2017 at 5:14 PM, Maheshika Goonetilleke 
wrote:

> Hi Johann
>
> Created: https://github.com/wso2-incubator/mss4j-ws-trust
>
> On Tue, Sep 5, 2017 at 4:03 PM, Johann Nallathamby 
> wrote:
>
>> Hi Maheshika,
>>
>> Can we have repo created for this project under wso2-incubator?
>>
>> Name: "mss4j-ws-trust"
>>
>> Regards,
>> Johann.
>>
>> On Tue, Sep 5, 2017 at 11:59 AM, Johann Nallathamby 
>> wrote:
>>
>>> Great job Isuranga over the past 3 months in completing this project!!
>>> Hope you had a great learning experience and will keep contributing to WSO2
>>> Identity Server in future.
>>>
>>> Can you please write a WSO2 article on the technical details of how this
>>> integration was done between MSS4J and CXF? We can publish that in our
>>> Oxygen Tank.
>>>
>>> And also you can write a blog post on how to integrate CXF as a
>>> WS-Security engine to any generic web services engine?
>>>
>>> Regards,
>>> Johann.
>>>
>>>
>>> On Tue, Sep 5, 2017 at 10:35 AM, Isuranga Perera <
>>> isurangamper...@gmail.com> wrote:
>>>
 Hi All,

 I was able to complete the WS-Trust Implementation for Identity Server
 6 with all the functional requirements.

 Project Repository [1]
 Documentation [2]

 I would like to thanks my mentors Johann Nallathamby, Malithi
 Edirisinghe, Kasun Gajasinghe who gave an immense support throughout the
 project by giving necessary guidance whenever needed. In addition to that,
 I would like to thanks,  Sagara Gunathnga, Harsha Thirimanne and Thusitha
 Dayaratne for supporting me through Dev list.

 [1] https://github.com/IsurangaPerera/identity-inbound-auth-sts
 [2] https://docs.google.com/document/d/1ZRLQnazRgH4ZZu2luxFm
 YjXVpRw17n29NkkjeTXVWn0/edit?usp=sharing
 

 Best Regards
 Isuranga Perera


 ___
 Dev mailing list
 Dev@wso2.org
 http://wso2.org/cgi-bin/mailman/listinfo/dev


>>>
>>>
>>> --
>>> Thanks & Regards,
>>>
>>> *Johann Dilantha Nallathamby*
>>> Senior Lead Solutions Engineer
>>> WSO2, Inc.
>>> lean.enterprise.middleware
>>>
>>> Mobile - *+9476950*
>>> Blog - *http://nallaa.wordpress.com *
>>>
>>
>>
>>
>> --
>> Thanks & Regards,
>>
>> *Johann Dilantha Nallathamby*
>> Senior Lead Solutions Engineer
>> WSO2, Inc.
>> lean.enterprise.middleware
>>
>> Mobile - *+9476950*
>> Blog - *http://nallaa.wordpress.com *
>>
>
>
>
> --
>
> Thanks & Best Regards,
>
> Maheshika Goonetilleke
> Senior Engineering Process Coordinator
>
> *WSO2 Inc*
> *email   : mahesh...@wso2.com *
> *mobile : +94 773 596707 <+94%2077%20359%206707>*
> *www: :http://wso2.com *lean . enterprise . middleware
>
>
>
>
>
> ___
> Architecture mailing list
> architect...@wso2.org
> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
>
>


-- 

*Malithi Edirisinghe*
Associate Technical Lead
WSO2 Inc.

Mobile : +94 (0) 718176807
malit...@wso2.com
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] Siddhi CEP

[Damith Wickramasinghe]

Hi Hasara,

Documentation is still in working progress. It need to be re-factored.  In
Editor mode the default saving location is the workspace folder thus not
letting you to select a location to be saved . Also in Editor mode you can
create any siddhi app and try it out using our event simulator , debugger
which are inbuilt in the editor. Once you tested your siddhi app you can
copy it to siddhi-files folder and start the SP in worker mode.(worker.sh)
and try to publish events according to source you have defined. The error
you have mentioned in the editor should not be appearing. We will look into
it.

Regards,
Damith


On Wed, Sep 6, 2017 at 12:00 AM, Hasara Maithree <
hasaramaithreedesi...@gmail.com> wrote:

> Hi,
>
> In documentation of quick start guide, it is mentioned that
> SmartHomePlan.siddhi should be saved in /deployment/siddhi-files.But
> by default, it is saved in /deployment/workspace.So the final
> result of the query ends with error. But when I pasted it in siddhi-files
> folder, it works fine. I think there is an issue with the saving location
> because, in SP there is no option to select location to save, but by
> default it is saved to workspace.
>
>
> ​
>
>
>
> Thank you
>
>
>
> On Tue, Sep 5, 2017 at 10:55 PM, Hasara Maithree <
> hasaramaithreedesi...@gmail.com> wrote:
>
>> Hi,
>>
>> I got it.
>>
>> Thank you.
>>
>> On Tue, Sep 5, 2017 at 10:32 PM, Minudika Malshan 
>> wrote:
>>
>>> Hi,
>>>
>>> Sorry. A little correction. 4.0.0-M10 is the latest release [1]
>>> [1] https://github.com/wso2/product-sp/releases/tag/v4.0.0-M10
>>>
>>> BR
>>>
>>>
>>>
>>> On Tue, Sep 5, 2017 at 10:28 PM, Minudika Malshan 
>>> wrote:
>>>
 Hi Hasara,

 Only milestone versions of *WSO2 Stream Processor *have been released
 yet. And yes, 4.0.0-M9 is the latest one.
 Note that the capabilities of WSO2 CEP and DAS are now provided thorugh
 WSO2 Stream Processor.

 BR

 On Tue, Sep 5, 2017 at 10:15 PM, Hasara Maithree <
 hasaramaithreedesi...@gmail.com> wrote:

> Hi Minudika,
>
> I think I figured out my problem. I downloaded the wso2 SP 4.0.0-M9
> from the link https://github.com/wso2/product-sp/releases/download/v4
> .0.0-M9/wso2sp-4.0.0-M9.zip .
> I assume this is the latest stable version of wso2 SP. I will try
> creating simple siddhi apps in order to familiarize with the
> environment.
>
> Thank you
>
> On Tue, Sep 5, 2017 at 9:23 PM, Hasara Maithree <
> hasaramaithreedesi...@gmail.com> wrote:
>
>> Hi Minudika,
>>
>> Thank you very much for your reply. I have a small thing to clarify.
>> Is WSO2 stream processor referred as WSO2 CEP (Complex Event Processor) 
>> or
>> are they different?
>> When I went through the product list, I couldn't find WSO2 SP. And
>> the link given by you [2] led me to downlowad WSO2 data analytics server.
>> Can you please sort out this confusion ?
>>
>> Thank you
>>
>> On Mon, Sep 4, 2017 at 7:14 PM, Hasara Maithree <
>> hasaramaithreedesi...@gmail.com> wrote:
>>
>>> Hi Minudika,
>>> Thank you very much for your reply. I have a small thing to clarify.
>>> Is WSO2 stream processor referred as WSO2 CEP (Complex Event Processor) 
>>> or
>>> are they different?
>>> When I went through the product list, I couldn't find WSO2 SP. And
>>> the link given by you [2] led me to downlowad WSO2 data analytics 
>>> server.
>>> Can you please sort out this confusion ?
>>> Thank you
>>>
>>> On Mon, Sep 4, 2017 at 11:57 AM, Minudika Malshan >> > wrote:
>>>
 Hi Hasara,

 It's nice to hear about your interest on Siddhi.

 As the first step, go through the Siddhi guide[1].
 Then try to create and run some siddhi apps on *WSO2 Stream
 Processor*[2].

 After getting familiar with the flow,
 you can go through Siddhi source code[2] and it's extensions'
 source codes[4], run some tests and try to understand how the work is
 getting done.

 You can also find the issues to be solved in the siddhi issue
 tracker[5]

 Please raise if there are any doubts.

 [1] https://wso2.github.io/siddhi/documentation/siddhi-4.0/
 [2] https://docs.wso2.com/display/SP400/Quick+Start+Guide
 [3] https://github.com/wso2/siddhi
 [4] 
 https://github.com/wso2-extensions?utf8=%E2%9C%93&q=siddhi&type=&language=

 [5] https://github.com/wso2/siddhi/issues

 BR


 On Mon, Sep 4, 2017 at 11:22 AM, Hasara Maithree <
 hasaramaithreedesi...@gmail.com> wrote:

> Hi all,
>
> I'm Hasara Maithree De Silva and I'm a 2nd year undergraduate of
> department of computer science and engineering in University of 
> Moratuwa. I
> wou

Re: [Dev] Siddhi CEP

[Hasara Maithree]

Hi,

In documentation of quick start guide, it is mentioned that
SmartHomePlan.siddhi should be saved in /deployment/siddhi-files.But
by default, it is saved in /deployment/workspace.So the final
result of the query ends with error. But when I pasted it in siddhi-files
folder, it works fine. I think there is an issue with the saving location
because, in SP there is no option to select location to save, but by
default it is saved to workspace.


​



Thank you



On Tue, Sep 5, 2017 at 10:55 PM, Hasara Maithree <
hasaramaithreedesi...@gmail.com> wrote:

> Hi,
>
> I got it.
>
> Thank you.
>
> On Tue, Sep 5, 2017 at 10:32 PM, Minudika Malshan 
> wrote:
>
>> Hi,
>>
>> Sorry. A little correction. 4.0.0-M10 is the latest release [1]
>> [1] https://github.com/wso2/product-sp/releases/tag/v4.0.0-M10
>>
>> BR
>>
>>
>>
>> On Tue, Sep 5, 2017 at 10:28 PM, Minudika Malshan 
>> wrote:
>>
>>> Hi Hasara,
>>>
>>> Only milestone versions of *WSO2 Stream Processor *have been released
>>> yet. And yes, 4.0.0-M9 is the latest one.
>>> Note that the capabilities of WSO2 CEP and DAS are now provided thorugh
>>> WSO2 Stream Processor.
>>>
>>> BR
>>>
>>> On Tue, Sep 5, 2017 at 10:15 PM, Hasara Maithree <
>>> hasaramaithreedesi...@gmail.com> wrote:
>>>
 Hi Minudika,

 I think I figured out my problem. I downloaded the wso2 SP 4.0.0-M9
 from the link https://github.com/wso2/product-sp/releases/download/v4
 .0.0-M9/wso2sp-4.0.0-M9.zip .
 I assume this is the latest stable version of wso2 SP. I will try
 creating simple siddhi apps in order to familiarize with the
 environment.

 Thank you

 On Tue, Sep 5, 2017 at 9:23 PM, Hasara Maithree <
 hasaramaithreedesi...@gmail.com> wrote:

> Hi Minudika,
>
> Thank you very much for your reply. I have a small thing to clarify.
> Is WSO2 stream processor referred as WSO2 CEP (Complex Event Processor) or
> are they different?
> When I went through the product list, I couldn't find WSO2 SP. And the
> link given by you [2] led me to downlowad WSO2 data analytics server. Can
> you please sort out this confusion ?
>
> Thank you
>
> On Mon, Sep 4, 2017 at 7:14 PM, Hasara Maithree <
> hasaramaithreedesi...@gmail.com> wrote:
>
>> Hi Minudika,
>> Thank you very much for your reply. I have a small thing to clarify.
>> Is WSO2 stream processor referred as WSO2 CEP (Complex Event Processor) 
>> or
>> are they different?
>> When I went through the product list, I couldn't find WSO2 SP. And
>> the link given by you [2] led me to downlowad WSO2 data analytics server.
>> Can you please sort out this confusion ?
>> Thank you
>>
>> On Mon, Sep 4, 2017 at 11:57 AM, Minudika Malshan 
>> wrote:
>>
>>> Hi Hasara,
>>>
>>> It's nice to hear about your interest on Siddhi.
>>>
>>> As the first step, go through the Siddhi guide[1].
>>> Then try to create and run some siddhi apps on *WSO2 Stream
>>> Processor*[2].
>>>
>>> After getting familiar with the flow,
>>> you can go through Siddhi source code[2] and it's extensions' source
>>> codes[4], run some tests and try to understand how the work is getting 
>>> done.
>>>
>>> You can also find the issues to be solved in the siddhi issue
>>> tracker[5]
>>>
>>> Please raise if there are any doubts.
>>>
>>> [1] https://wso2.github.io/siddhi/documentation/siddhi-4.0/
>>> [2] https://docs.wso2.com/display/SP400/Quick+Start+Guide
>>> [3] https://github.com/wso2/siddhi
>>> [4] 
>>> https://github.com/wso2-extensions?utf8=%E2%9C%93&q=siddhi&type=&language=
>>>
>>> [5] https://github.com/wso2/siddhi/issues
>>>
>>> BR
>>>
>>>
>>> On Mon, Sep 4, 2017 at 11:22 AM, Hasara Maithree <
>>> hasaramaithreedesi...@gmail.com> wrote:
>>>
 Hi all,

 I'm Hasara Maithree De Silva and I'm a 2nd year undergraduate of
 department of computer science and engineering in University of 
 Moratuwa. I
 would really like to contribute myself to open source projects. I 
 thought
 of initiating it with siddhi since I found the project is quite
 interesting. It would be great if you can guide me through the project 
 in
 order to get an idea of how to contribute myself.

 Thank you

 ___
 Dev mailing list
 Dev@wso2.org
 http://wso2.org/cgi-bin/mailman/listinfo/dev


>>>
>>>
>>> --
>>> *Minudika Gammanpila*
>>> Software Engineer - WSO2
>>>
>>> Email   :  minud...@wso2.com
>>>
>>> Web :  http://wso2.com 
>>>
>>
>>
>

>>>
>>>
>>> --
>>> *Minudika Gammanpila*
>>> Software Engineer - WSO2
>>>
>>> Email   :  minud...@wso2.com
>>> Mobile :  +947

Re: [Dev] Siddhi CEP

[Hasara Maithree]

Hi,

I got it.

Thank you.

On Tue, Sep 5, 2017 at 10:32 PM, Minudika Malshan  wrote:

> Hi,
>
> Sorry. A little correction. 4.0.0-M10 is the latest release [1]
> [1] https://github.com/wso2/product-sp/releases/tag/v4.0.0-M10
>
> BR
>
>
>
> On Tue, Sep 5, 2017 at 10:28 PM, Minudika Malshan 
> wrote:
>
>> Hi Hasara,
>>
>> Only milestone versions of *WSO2 Stream Processor *have been released
>> yet. And yes, 4.0.0-M9 is the latest one.
>> Note that the capabilities of WSO2 CEP and DAS are now provided thorugh
>> WSO2 Stream Processor.
>>
>> BR
>>
>> On Tue, Sep 5, 2017 at 10:15 PM, Hasara Maithree <
>> hasaramaithreedesi...@gmail.com> wrote:
>>
>>> Hi Minudika,
>>>
>>> I think I figured out my problem. I downloaded the wso2 SP 4.0.0-M9 from
>>> the link https://github.com/wso2/product-sp/releases/download/v4
>>> .0.0-M9/wso2sp-4.0.0-M9.zip .
>>> I assume this is the latest stable version of wso2 SP. I will try
>>> creating simple siddhi apps in order to familiarize with the
>>> environment.
>>>
>>> Thank you
>>>
>>> On Tue, Sep 5, 2017 at 9:23 PM, Hasara Maithree <
>>> hasaramaithreedesi...@gmail.com> wrote:
>>>
 Hi Minudika,

 Thank you very much for your reply. I have a small thing to clarify. Is
 WSO2 stream processor referred as WSO2 CEP (Complex Event Processor) or are
 they different?
 When I went through the product list, I couldn't find WSO2 SP. And the
 link given by you [2] led me to downlowad WSO2 data analytics server. Can
 you please sort out this confusion ?

 Thank you

 On Mon, Sep 4, 2017 at 7:14 PM, Hasara Maithree <
 hasaramaithreedesi...@gmail.com> wrote:

> Hi Minudika,
> Thank you very much for your reply. I have a small thing to clarify.
> Is WSO2 stream processor referred as WSO2 CEP (Complex Event Processor) or
> are they different?
> When I went through the product list, I couldn't find WSO2 SP. And the
> link given by you [2] led me to downlowad WSO2 data analytics server. Can
> you please sort out this confusion ?
> Thank you
>
> On Mon, Sep 4, 2017 at 11:57 AM, Minudika Malshan 
> wrote:
>
>> Hi Hasara,
>>
>> It's nice to hear about your interest on Siddhi.
>>
>> As the first step, go through the Siddhi guide[1].
>> Then try to create and run some siddhi apps on *WSO2 Stream
>> Processor*[2].
>>
>> After getting familiar with the flow,
>> you can go through Siddhi source code[2] and it's extensions' source
>> codes[4], run some tests and try to understand how the work is getting 
>> done.
>>
>> You can also find the issues to be solved in the siddhi issue
>> tracker[5]
>>
>> Please raise if there are any doubts.
>>
>> [1] https://wso2.github.io/siddhi/documentation/siddhi-4.0/
>> [2] https://docs.wso2.com/display/SP400/Quick+Start+Guide
>> [3] https://github.com/wso2/siddhi
>> [4] 
>> https://github.com/wso2-extensions?utf8=%E2%9C%93&q=siddhi&type=&language=
>>
>> [5] https://github.com/wso2/siddhi/issues
>>
>> BR
>>
>>
>> On Mon, Sep 4, 2017 at 11:22 AM, Hasara Maithree <
>> hasaramaithreedesi...@gmail.com> wrote:
>>
>>> Hi all,
>>>
>>> I'm Hasara Maithree De Silva and I'm a 2nd year undergraduate of
>>> department of computer science and engineering in University of 
>>> Moratuwa. I
>>> would really like to contribute myself to open source projects. I 
>>> thought
>>> of initiating it with siddhi since I found the project is quite
>>> interesting. It would be great if you can guide me through the project 
>>> in
>>> order to get an idea of how to contribute myself.
>>>
>>> Thank you
>>>
>>> ___
>>> Dev mailing list
>>> Dev@wso2.org
>>> http://wso2.org/cgi-bin/mailman/listinfo/dev
>>>
>>>
>>
>>
>> --
>> *Minudika Gammanpila*
>> Software Engineer - WSO2
>>
>> Email   :  minud...@wso2.com
>>
>> Web :  http://wso2.com 
>>
>
>

>>>
>>
>>
>> --
>> *Minudika Gammanpila*
>> Software Engineer - WSO2
>>
>> Email   :  minud...@wso2.com
>> Mobile :  +94715659887 <+94%2071%20565%209887>
>> Web :  http://wso2.com
>>
>>  
>>
>
>
>
> --
> *Minudika Gammanpila*
> Software Engineer - WSO2
>
> Email   :  minud...@wso2.com
> Mobile :  +94715659887 <+94%2071%20565%209887>
> Web :  http://wso2.com
>
>  
>
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] Where can I find /token endpoint source code.

[Farasath Ahamed]

Hi Shiva,

Please use reply all including the dev list :) So that others will be able
to chip in with their ideas as well...

There is a small catch there. Even if you managed to pass the
tenantDomain as a query param to the token endpoint it will not reach your
extended password grant handler. The reason is this line of code in our
current implementation[1], which limits the password grant type to pass
username, password parameters only to the grant handler. We have fixed this
in master where we pass all the parameters sent in the token.

There is a small trick to get this working. You can write a grant handler
extending the password grant handler but register it as a custom grant
instead of grant_type=password, let's say you register it as
grant_type=custom1, then in the token request you can send the
tenantDomain as a parameter like below,

"grant_type=custom1&username=ddd&password&tenantDomain=abc.com",

within the grant handler, you can access any parameter sent using,

 // extract request parameters
 RequestParameter[] parameters =
oAuthTokenReqMessageContext.getOauth2AccessTokenReqDTO().getRequestParameters();

All the details you need to implement a custom grant type are in [2] with
examples. Give it a try! :)


[1] https://github.com/wso2-support/identity-inbound-auth-
oauth/blob/support-5.3.3/components/org.wso2.carbon.
identity.oauth.endpoint/src/main/java/org/wso2/carbon/
identity/oauth/endpoint/token/OAuth2TokenEndpoint.java#L273-L275

[2]
https://docs.wso2.com/display/IS530/Writing+a+Custom+OAuth+2.0+Grant+Type


Thanks,
Farasath Ahamed
Software Engineer, WSO2 Inc.; http://wso2.com
Mobile: +94777603866
Blog: blog.farazath.com
Twitter: @farazath619 




On Tue, Sep 5, 2017 at 10:16 PM,  wrote:

> Yes absolutely 😊 is there any way or alternate way?
>
>
>
> *From:* Farasath Ahamed [mailto:farasa...@wso2.com]
> *Sent:* 05 September 2017 22:14
> *To:* shiv...@securelyshare.com; WSO2 Developers' List 
> *Subject:* Re: [Dev] Where can I find /token endpoint source code.
>
>
>
>
>
>
>
> On Tue, Sep 5, 2017 at 10:06 PM,  wrote:
>
> Hi Ahamed,
>
>
>
> Thank you for your response I found the configuration files. Is it
> possible to change the /token context attribute to take a path variable in
> /token and pass that to /oauth2/token. Eg.
>
>
>
> http://ws.apache.org/ns/synapse"; name="_WSO2AMTokenAPI_"
> context="/{domain}/token">
>
>
>
> And your ultimate target is to pass this particular parameter to the
> password grant handler is it?
>
>
>
>
>
> Thank You,
>
> Shiva Kumar KR
>
>
>
> *From:* Farasath Ahamed [mailto:farasa...@wso2.com]
> *Sent:* 05 September 2017 21:26
> *To:* shiv...@securelyshare.com
> *Cc:* WSO2 Developers' List 
> *Subject:* Re: [Dev] Where can I find /token endpoint source code.
>
>
>
> Hi Shiva,
>
>
>
> /token exposed is actually a proxy to /oauth2/token which is the actual
> endpoint that handles your token request. Souce code for OAuth2 Token
> Endpoint can be found in [1].
>
> You can find the proxy configuration for /token in
> APIM_HOME/repository/deployment/server/synapse-configs/
> default/api/_TokenAPI_.xml
>
>
>
>
>
> [1] https://github.com/wso2-extensions/identity-inbound-auth
> -oauth/blob/v5.3.4/components/org.wso2.carbon.identity.
> oauth.endpoint/src/main/java/org/wso2/carbon/identity/
> oauth/endpoint/token/OAuth2TokenEndpoint.java
>
>
>
>
>
> Thanks,
>
> Farasath
>
>
> Farasath Ahamed
>
> Software Engineer, WSO2 Inc.; http://wso2.com
>
> Mobile: +94777603866
>
> Blog: blog.farazath.com
>
> Twitter: @farazath619 
>
> 
>
>   
>
>   
>
>   
>
> On Tue, Sep 5, 2017 at 9:13 PM, <*shiv...@securelyshare.com*> wrote:
> 
>
> Hi WSO2 team, 
>
>   
>
> I want to know in which class /token url request is handled. It will be
> very helpful for me if any one suggest which class name and project.
> 
>
>   
>
> Thank You, 
>
> Shiva Kumar KR 
>
>
> ___
> Dev mailing list
> *Dev@wso2.org*
> *http://wso2.org/cgi-bin/mailman/listinfo/dev* 
>
>   
>
>   
>
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] Siddhi CEP

[Minudika Malshan]

Hi,

Sorry. A little correction. 4.0.0-M10 is the latest release [1]
[1] https://github.com/wso2/product-sp/releases/tag/v4.0.0-M10

BR



On Tue, Sep 5, 2017 at 10:28 PM, Minudika Malshan  wrote:

> Hi Hasara,
>
> Only milestone versions of *WSO2 Stream Processor *have been released
> yet. And yes, 4.0.0-M9 is the latest one.
> Note that the capabilities of WSO2 CEP and DAS are now provided thorugh
> WSO2 Stream Processor.
>
> BR
>
> On Tue, Sep 5, 2017 at 10:15 PM, Hasara Maithree <
> hasaramaithreedesi...@gmail.com> wrote:
>
>> Hi Minudika,
>>
>> I think I figured out my problem. I downloaded the wso2 SP 4.0.0-M9 from
>> the link https://github.com/wso2/product-sp/releases/download/v4
>> .0.0-M9/wso2sp-4.0.0-M9.zip .
>> I assume this is the latest stable version of wso2 SP. I will try
>> creating simple siddhi apps in order to familiarize with the
>> environment.
>>
>> Thank you
>>
>> On Tue, Sep 5, 2017 at 9:23 PM, Hasara Maithree <
>> hasaramaithreedesi...@gmail.com> wrote:
>>
>>> Hi Minudika,
>>>
>>> Thank you very much for your reply. I have a small thing to clarify. Is
>>> WSO2 stream processor referred as WSO2 CEP (Complex Event Processor) or are
>>> they different?
>>> When I went through the product list, I couldn't find WSO2 SP. And the
>>> link given by you [2] led me to downlowad WSO2 data analytics server. Can
>>> you please sort out this confusion ?
>>>
>>> Thank you
>>>
>>> On Mon, Sep 4, 2017 at 7:14 PM, Hasara Maithree <
>>> hasaramaithreedesi...@gmail.com> wrote:
>>>
 Hi Minudika,
 Thank you very much for your reply. I have a small thing to clarify. Is
 WSO2 stream processor referred as WSO2 CEP (Complex Event Processor) or are
 they different?
 When I went through the product list, I couldn't find WSO2 SP. And the
 link given by you [2] led me to downlowad WSO2 data analytics server. Can
 you please sort out this confusion ?
 Thank you

 On Mon, Sep 4, 2017 at 11:57 AM, Minudika Malshan 
 wrote:

> Hi Hasara,
>
> It's nice to hear about your interest on Siddhi.
>
> As the first step, go through the Siddhi guide[1].
> Then try to create and run some siddhi apps on *WSO2 Stream Processor*
> [2].
>
> After getting familiar with the flow,
> you can go through Siddhi source code[2] and it's extensions' source
> codes[4], run some tests and try to understand how the work is getting 
> done.
>
> You can also find the issues to be solved in the siddhi issue
> tracker[5]
>
> Please raise if there are any doubts.
>
> [1] https://wso2.github.io/siddhi/documentation/siddhi-4.0/
> [2] https://docs.wso2.com/display/SP400/Quick+Start+Guide
> [3] https://github.com/wso2/siddhi
> [4] 
> https://github.com/wso2-extensions?utf8=%E2%9C%93&q=siddhi&type=&language=
>
> [5] https://github.com/wso2/siddhi/issues
>
> BR
>
>
> On Mon, Sep 4, 2017 at 11:22 AM, Hasara Maithree <
> hasaramaithreedesi...@gmail.com> wrote:
>
>> Hi all,
>>
>> I'm Hasara Maithree De Silva and I'm a 2nd year undergraduate of
>> department of computer science and engineering in University of 
>> Moratuwa. I
>> would really like to contribute myself to open source projects. I thought
>> of initiating it with siddhi since I found the project is quite
>> interesting. It would be great if you can guide me through the project in
>> order to get an idea of how to contribute myself.
>>
>> Thank you
>>
>> ___
>> Dev mailing list
>> Dev@wso2.org
>> http://wso2.org/cgi-bin/mailman/listinfo/dev
>>
>>
>
>
> --
> *Minudika Gammanpila*
> Software Engineer - WSO2
>
> Email   :  minud...@wso2.com
>
> Web :  http://wso2.com 
>


>>>
>>
>
>
> --
> *Minudika Gammanpila*
> Software Engineer - WSO2
>
> Email   :  minud...@wso2.com
> Mobile :  +94715659887 <+94%2071%20565%209887>
> Web :  http://wso2.com
>
>  
>



-- 
*Minudika Gammanpila*
Software Engineer - WSO2

Email   :  minud...@wso2.com
Mobile :  +94715659887
Web :  http://wso2.com

 
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] Siddhi CEP

[Minudika Malshan]

Hi Hasara,

Only milestone versions of *WSO2 Stream Processor *have been released yet.
And yes, 4.0.0-M9 is the latest one.
Note that the capabilities of WSO2 CEP and DAS are now provided thorugh
WSO2 Stream Processor.

BR

On Tue, Sep 5, 2017 at 10:15 PM, Hasara Maithree <
hasaramaithreedesi...@gmail.com> wrote:

> Hi Minudika,
>
> I think I figured out my problem. I downloaded the wso2 SP 4.0.0-M9 from
> the link https://github.com/wso2/product-sp/releases/download/v4
> .0.0-M9/wso2sp-4.0.0-M9.zip .
> I assume this is the latest stable version of wso2 SP. I will try creating
> simple siddhi apps in order to familiarize with the environment.
>
> Thank you
>
> On Tue, Sep 5, 2017 at 9:23 PM, Hasara Maithree <
> hasaramaithreedesi...@gmail.com> wrote:
>
>> Hi Minudika,
>>
>> Thank you very much for your reply. I have a small thing to clarify. Is
>> WSO2 stream processor referred as WSO2 CEP (Complex Event Processor) or are
>> they different?
>> When I went through the product list, I couldn't find WSO2 SP. And the
>> link given by you [2] led me to downlowad WSO2 data analytics server. Can
>> you please sort out this confusion ?
>>
>> Thank you
>>
>> On Mon, Sep 4, 2017 at 7:14 PM, Hasara Maithree <
>> hasaramaithreedesi...@gmail.com> wrote:
>>
>>> Hi Minudika,
>>> Thank you very much for your reply. I have a small thing to clarify. Is
>>> WSO2 stream processor referred as WSO2 CEP (Complex Event Processor) or are
>>> they different?
>>> When I went through the product list, I couldn't find WSO2 SP. And the
>>> link given by you [2] led me to downlowad WSO2 data analytics server. Can
>>> you please sort out this confusion ?
>>> Thank you
>>>
>>> On Mon, Sep 4, 2017 at 11:57 AM, Minudika Malshan 
>>> wrote:
>>>
 Hi Hasara,

 It's nice to hear about your interest on Siddhi.

 As the first step, go through the Siddhi guide[1].
 Then try to create and run some siddhi apps on *WSO2 Stream Processor*
 [2].

 After getting familiar with the flow,
 you can go through Siddhi source code[2] and it's extensions' source
 codes[4], run some tests and try to understand how the work is getting 
 done.

 You can also find the issues to be solved in the siddhi issue tracker[5]

 Please raise if there are any doubts.

 [1] https://wso2.github.io/siddhi/documentation/siddhi-4.0/
 [2] https://docs.wso2.com/display/SP400/Quick+Start+Guide
 [3] https://github.com/wso2/siddhi
 [4] 
 https://github.com/wso2-extensions?utf8=%E2%9C%93&q=siddhi&type=&language=

 [5] https://github.com/wso2/siddhi/issues

 BR


 On Mon, Sep 4, 2017 at 11:22 AM, Hasara Maithree <
 hasaramaithreedesi...@gmail.com> wrote:

> Hi all,
>
> I'm Hasara Maithree De Silva and I'm a 2nd year undergraduate of
> department of computer science and engineering in University of Moratuwa. 
> I
> would really like to contribute myself to open source projects. I thought
> of initiating it with siddhi since I found the project is quite
> interesting. It would be great if you can guide me through the project in
> order to get an idea of how to contribute myself.
>
> Thank you
>
> ___
> Dev mailing list
> Dev@wso2.org
> http://wso2.org/cgi-bin/mailman/listinfo/dev
>
>


 --
 *Minudika Gammanpila*
 Software Engineer - WSO2

 Email   :  minud...@wso2.com

 Web :  http://wso2.com 

>>>
>>>
>>
>


-- 
*Minudika Gammanpila*
Software Engineer - WSO2

Email   :  minud...@wso2.com
Mobile :  +94715659887
Web :  http://wso2.com

 
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] Avoid Invoking REST endpoints from SSO login page

[Hasintha Indrajee]

Can we alter a config inside webapp easily ? I mean if another product
wants to change the config in order to change the OOTB behaviour, it has to
extract and change the config at product build time. Is this
straightforward to a config inside a webapp ? On the other hand we cannot
move this config to a file which stays out of the webapp. It's not correct
since authentication endpoint should be ideally self contained.

On Tue, Sep 5, 2017 at 10:01 PM, Nuwandi Wickramasinghe 
wrote:

>
>
> On Tue, Sep 5, 2017 at 12:59 PM, Farasath Ahamed 
> wrote:
>
>>
>>
>> On Tue, Sep 5, 2017 at 12:39 PM, Pulasthi Mahawithana > > wrote:
>>
>>>
>>>
>>> On Mon, Sep 4, 2017 at 2:44 PM, Hasintha Indrajee 
>>> wrote:
>>>
 I think we must avoid this if this is just to check whether the
 endpoint exists or not. This is anyway a costly operation. Head will only
 reduce the transport cost. Otherwise when the head request reaches back
 end, it does the relevant operation treating the request as a GET and avoid
 responding with actual payload. In our case this is very costly because
 within these calls, there are user store accesses and multiple other DB
 accesses.

>>>
>>> We'll need that check (or some other way) to check whether the identity
>>> mgt webapp exists and deployed since some products don't ship it by
>>> default. And yes, we need to get rid of calling an endpoint which does any
>>> heavy work. So shall we do the HEAD to a page which does not do any heavy
>>> work? May be to "accountrecoveryendpoint/error.jsp"?
>>>
>>
>> Wouldn't it be easier if we do this with a config.
>> ie. By default we do not show these links. If any product ships the
>> account recovery endpoint  and they want to show the recovery links for all
>> service provider logins, then they override this config at product level.
>>
> +1
> Actually there is "IdentityManagementEndpointContextURL" parameter
> configured in authenticationendpoint web.xml. Value of this parameter is
> used to determine the recoveryendpoint url. As per the current
> implementation, if this parameter is not configured, we retrieve the webapp
> url by calling *IdentityUtil.getServerURL("/accountrecoveryendpoint",
> true, true). *Can't we avoid showing the links if
> *IdentityManagementEndpointContextURL* is not configured in
> authentication endpoint? In the default pack, this parameter is commented
> out. So anyone who needs it can un comment it.
>
> However with this implementation, the default behavior of dashboard login
> page would change.
>
>>
>> Another reason for this suggestion is that, upto IS 5.3.0 we only showed
>> the recovery related links when login into user dashboard only. So this is
>> essentially a change in the default behaviour of the product where we now
>> show the recovery links in the login page for all service providers (not
>> just the dashboard). So if someone wants to stick to the previous behaviour
>> they should have a way to do so (ie. maintain backward compatibility).
>>
>
>>
>>>
>>>

 On Fri, Aug 18, 2017 at 4:39 PM, Isura Karunaratne 
 wrote:

>
> On Fri, Aug 18, 2017 at 4:33 PM Malithi Edirisinghe 
> wrote:
>
>> On Fri, Aug 18, 2017 at 4:02 PM, Isura Karunaratne 
>> wrote:
>>
>>> Hi Malithi,
>>>
>>> On Fri, Aug 18, 2017 at 3:41 PM, Malithi Edirisinghe <
>>> malit...@wso2.com> wrote:
>>>


 On Fri, Aug 18, 2017 at 12:31 PM, Nuwandi Wickramasinghe <
 nuwan...@wso2.com> wrote:

> Looks like http calls are done to validate the endpoint url. Do we
> need this validation before showing the link?
>
> Shall we remove these calls and directly show the hyper link?
>

 So here the validation is done as we are invoking another webapp.
 So that this check make sure a broken link is never to be shown in this
 login page. Moreover, this is just a HEAD call so I don't think 
 invoking
 that impacts the login page performance, because the actual page is not
 getting rendered here.
 The other thing is these webapps are coming from two features, so
 IMO, we cannot directly couple them together.

>>>
>>> Is that working correctly?. I think HEAD operation returns 200 OK
>>> for any endpoint starting with https://localhost:9443.
>>>
>>
>> How can that happen ?
>>
> Because carbon redirects invalid urls to main page.
>

>>> This is because the http client follows the redirects by default. If we
>>> disable following redirects at the client this check should be possible,
>>> and it will return a 302 if identity mgt web app doesn't exist.
>>>

>
> We call head on the URL right. Anyway, if it's not working we should
>> fix.
>>
>>>
>>> Thanks
>>> Isura.
>>>
>>>
> On Fri, Aug 18, 2017 at 11:54 AM, Farasath Ahamed <
> farasa...

Re: [Dev] Siddhi CEP

[Hasara Maithree]

Hi Minudika,

I think I figured out my problem. I downloaded the wso2 SP 4.0.0-M9 from
the link https://github.com/wso2/product-sp/releases/download/
v4.0.0-M9/wso2sp-4.0.0-M9.zip .
I assume this is the latest stable version of wso2 SP. I will try creating
simple siddhi apps in order to familiarize with the environment.

Thank you

On Tue, Sep 5, 2017 at 9:23 PM, Hasara Maithree <
hasaramaithreedesi...@gmail.com> wrote:

> Hi Minudika,
>
> Thank you very much for your reply. I have a small thing to clarify. Is
> WSO2 stream processor referred as WSO2 CEP (Complex Event Processor) or are
> they different?
> When I went through the product list, I couldn't find WSO2 SP. And the
> link given by you [2] led me to downlowad WSO2 data analytics server. Can
> you please sort out this confusion ?
>
> Thank you
>
> On Mon, Sep 4, 2017 at 7:14 PM, Hasara Maithree <
> hasaramaithreedesi...@gmail.com> wrote:
>
>> Hi Minudika,
>> Thank you very much for your reply. I have a small thing to clarify. Is
>> WSO2 stream processor referred as WSO2 CEP (Complex Event Processor) or are
>> they different?
>> When I went through the product list, I couldn't find WSO2 SP. And the
>> link given by you [2] led me to downlowad WSO2 data analytics server. Can
>> you please sort out this confusion ?
>> Thank you
>>
>> On Mon, Sep 4, 2017 at 11:57 AM, Minudika Malshan 
>> wrote:
>>
>>> Hi Hasara,
>>>
>>> It's nice to hear about your interest on Siddhi.
>>>
>>> As the first step, go through the Siddhi guide[1].
>>> Then try to create and run some siddhi apps on *WSO2 Stream Processor*
>>> [2].
>>>
>>> After getting familiar with the flow,
>>> you can go through Siddhi source code[2] and it's extensions' source
>>> codes[4], run some tests and try to understand how the work is getting done.
>>>
>>> You can also find the issues to be solved in the siddhi issue tracker[5]
>>>
>>> Please raise if there are any doubts.
>>>
>>> [1] https://wso2.github.io/siddhi/documentation/siddhi-4.0/
>>> [2] https://docs.wso2.com/display/SP400/Quick+Start+Guide
>>> [3] https://github.com/wso2/siddhi
>>> [4] 
>>> https://github.com/wso2-extensions?utf8=%E2%9C%93&q=siddhi&type=&language=
>>>
>>> [5] https://github.com/wso2/siddhi/issues
>>>
>>> BR
>>>
>>>
>>> On Mon, Sep 4, 2017 at 11:22 AM, Hasara Maithree <
>>> hasaramaithreedesi...@gmail.com> wrote:
>>>
 Hi all,

 I'm Hasara Maithree De Silva and I'm a 2nd year undergraduate of
 department of computer science and engineering in University of Moratuwa. I
 would really like to contribute myself to open source projects. I thought
 of initiating it with siddhi since I found the project is quite
 interesting. It would be great if you can guide me through the project in
 order to get an idea of how to contribute myself.

 Thank you

 ___
 Dev mailing list
 Dev@wso2.org
 http://wso2.org/cgi-bin/mailman/listinfo/dev


>>>
>>>
>>> --
>>> *Minudika Gammanpila*
>>> Software Engineer - WSO2
>>>
>>> Email   :  minud...@wso2.com
>>>
>>> Web :  http://wso2.com 
>>>
>>
>>
>
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] Where can I find /token endpoint source code.

[Farasath Ahamed]

On Tue, Sep 5, 2017 at 10:06 PM,  wrote:

> Hi Ahamed,
>
>
>
> Thank you for your response I found the configuration files. Is it
> possible to change the /token context attribute to take a path variable in
> /token and pass that to /oauth2/token. Eg.
>
>
>
> http://ws.apache.org/ns/synapse"; name="_WSO2AMTokenAPI_"
> context="/{domain}/token">
>

And your ultimate target is to pass this particular parameter to the
password grant handler is it?


>
>
> Thank You,
>
> Shiva Kumar KR
>
>
>
> *From:* Farasath Ahamed [mailto:farasa...@wso2.com]
> *Sent:* 05 September 2017 21:26
> *To:* shiv...@securelyshare.com
> *Cc:* WSO2 Developers' List 
> *Subject:* Re: [Dev] Where can I find /token endpoint source code.
>
>
>
> Hi Shiva,
>
>
>
> /token exposed is actually a proxy to /oauth2/token which is the actual
> endpoint that handles your token request. Souce code for OAuth2 Token
> Endpoint can be found in [1].
>
> You can find the proxy configuration for /token in APIM_HOME/repository/
> deployment/server/synapse-configs/default/api/_TokenAPI_.xml
>
>
>
>
>
> [1] https://github.com/wso2-extensions/identity-inbound-
> auth-oauth/blob/v5.3.4/components/org.wso2.carbon.
> identity.oauth.endpoint/src/main/java/org/wso2/carbon/
> identity/oauth/endpoint/token/OAuth2TokenEndpoint.java
>
>
>
>
>
> Thanks,
>
> Farasath
>
>
> Farasath Ahamed
>
> Software Engineer, WSO2 Inc.; http://wso2.com
>
> Mobile: +94777603866
>
> Blog: blog.farazath.com
>
> Twitter: @farazath619 
>
> 
>
>
>
>
>
>
>
> On Tue, Sep 5, 2017 at 9:13 PM,  wrote:
>
> Hi WSO2 team,
>
>
>
> I want to know in which class /token url request is handled. It will be
> very helpful for me if any one suggest which class name and project.
>
>
>
> Thank You,
>
> Shiva Kumar KR
>
>
> ___
> Dev mailing list
> Dev@wso2.org
> http://wso2.org/cgi-bin/mailman/listinfo/dev
>
>
>
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] Avoid Invoking REST endpoints from SSO login page

[Nuwandi Wickramasinghe]

On Tue, Sep 5, 2017 at 12:59 PM, Farasath Ahamed  wrote:

>
>
> On Tue, Sep 5, 2017 at 12:39 PM, Pulasthi Mahawithana 
> wrote:
>
>>
>>
>> On Mon, Sep 4, 2017 at 2:44 PM, Hasintha Indrajee 
>> wrote:
>>
>>> I think we must avoid this if this is just to check whether the endpoint
>>> exists or not. This is anyway a costly operation. Head will only reduce the
>>> transport cost. Otherwise when the head request reaches back end, it does
>>> the relevant operation treating the request as a GET and avoid responding
>>> with actual payload. In our case this is very costly because within these
>>> calls, there are user store accesses and multiple other DB accesses.
>>>
>>
>> We'll need that check (or some other way) to check whether the identity
>> mgt webapp exists and deployed since some products don't ship it by
>> default. And yes, we need to get rid of calling an endpoint which does any
>> heavy work. So shall we do the HEAD to a page which does not do any heavy
>> work? May be to "accountrecoveryendpoint/error.jsp"?
>>
>
> Wouldn't it be easier if we do this with a config.
> ie. By default we do not show these links. If any product ships the
> account recovery endpoint  and they want to show the recovery links for all
> service provider logins, then they override this config at product level.
>
+1
Actually there is "IdentityManagementEndpointContextURL" parameter
configured in authenticationendpoint web.xml. Value of this parameter is
used to determine the recoveryendpoint url. As per the current
implementation, if this parameter is not configured, we retrieve the webapp
url by calling *IdentityUtil.getServerURL("/accountrecoveryendpoint", true,
true). *Can't we avoid showing the links if
*IdentityManagementEndpointContextURL* is not configured in authentication
endpoint? In the default pack, this parameter is commented out. So anyone
who needs it can un comment it.

However with this implementation, the default behavior of dashboard login
page would change.

>
> Another reason for this suggestion is that, upto IS 5.3.0 we only showed
> the recovery related links when login into user dashboard only. So this is
> essentially a change in the default behaviour of the product where we now
> show the recovery links in the login page for all service providers (not
> just the dashboard). So if someone wants to stick to the previous behaviour
> they should have a way to do so (ie. maintain backward compatibility).
>

>
>>
>>
>>>
>>> On Fri, Aug 18, 2017 at 4:39 PM, Isura Karunaratne 
>>> wrote:
>>>

 On Fri, Aug 18, 2017 at 4:33 PM Malithi Edirisinghe 
 wrote:

> On Fri, Aug 18, 2017 at 4:02 PM, Isura Karunaratne 
> wrote:
>
>> Hi Malithi,
>>
>> On Fri, Aug 18, 2017 at 3:41 PM, Malithi Edirisinghe <
>> malit...@wso2.com> wrote:
>>
>>>
>>>
>>> On Fri, Aug 18, 2017 at 12:31 PM, Nuwandi Wickramasinghe <
>>> nuwan...@wso2.com> wrote:
>>>
 Looks like http calls are done to validate the endpoint url. Do we
 need this validation before showing the link?

 Shall we remove these calls and directly show the hyper link?

>>>
>>> So here the validation is done as we are invoking another webapp. So
>>> that this check make sure a broken link is never to be shown in this 
>>> login
>>> page. Moreover, this is just a HEAD call so I don't think invoking that
>>> impacts the login page performance, because the actual page is not 
>>> getting
>>> rendered here.
>>> The other thing is these webapps are coming from two features, so
>>> IMO, we cannot directly couple them together.
>>>
>>
>> Is that working correctly?. I think HEAD operation returns 200 OK for
>> any endpoint starting with https://localhost:9443.
>>
>
> How can that happen ?
>
 Because carbon redirects invalid urls to main page.

>>>
>> This is because the http client follows the redirects by default. If we
>> disable following redirects at the client this check should be possible,
>> and it will return a 302 if identity mgt web app doesn't exist.
>>
>>>

 We call head on the URL right. Anyway, if it's not working we should
> fix.
>
>>
>> Thanks
>> Isura.
>>
>>
 On Fri, Aug 18, 2017 at 11:54 AM, Farasath Ahamed <
 farasa...@wso2.com> wrote:

>
> There is another complication here. We are not honouring the
> hostname verification settings set by Kernel when doing the backend 
> call.
> Ideally, we should be using the common-http client if we are doing
> any backend https calls.
>
>
> Farasath Ahamed
> Software Engineer, WSO2 Inc.; http://wso2.com
> Mobile: +94777603866
> Blog: blog.farazath.com
> Twitter: @farazath619 
> 
>
>
>
>>

Re: [Dev] Where can I find /token endpoint source code.

[Farasath Ahamed]

Hi Shiva,

/token exposed is actually a proxy to /oauth2/token which is the actual
endpoint that handles your token request. Souce code for OAuth2 Token
Endpoint can be found in [1].
You can find the proxy configuration for /token in
APIM_HOME/repository/deployment/server/synapse-configs/default/api/_TokenAPI_.xml


[1]
https://github.com/wso2-extensions/identity-inbound-auth-oauth/blob/v5.3.4/components/org.wso2.carbon.identity.oauth.endpoint/src/main/java/org/wso2/carbon/identity/oauth/endpoint/token/OAuth2TokenEndpoint.java


Thanks,
Farasath

Farasath Ahamed
Software Engineer, WSO2 Inc.; http://wso2.com
Mobile: +94777603866
Blog: blog.farazath.com
Twitter: @farazath619 




On Tue, Sep 5, 2017 at 9:13 PM,  wrote:

> Hi WSO2 team,
>
>
>
> I want to know in which class /token url request is handled. It will be
> very helpful for me if any one suggest which class name and project.
>
>
>
> Thank You,
>
> Shiva Kumar KR
>
> ___
> Dev mailing list
> Dev@wso2.org
> http://wso2.org/cgi-bin/mailman/listinfo/dev
>
>
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] Siddhi CEP

[Hasara Maithree]

Hi Minudika,

Thank you very much for your reply. I have a small thing to clarify. Is
WSO2 stream processor referred as WSO2 CEP (Complex Event Processor) or are
they different?
When I went through the product list, I couldn't find WSO2 SP. And the link
given by you [2] led me to downlowad WSO2 data analytics server. Can you
please sort out this confusion ?

Thank you

On Mon, Sep 4, 2017 at 7:14 PM, Hasara Maithree <
hasaramaithreedesi...@gmail.com> wrote:

> Hi Minudika,
> Thank you very much for your reply. I have a small thing to clarify. Is
> WSO2 stream processor referred as WSO2 CEP (Complex Event Processor) or are
> they different?
> When I went through the product list, I couldn't find WSO2 SP. And the
> link given by you [2] led me to downlowad WSO2 data analytics server. Can
> you please sort out this confusion ?
> Thank you
>
> On Mon, Sep 4, 2017 at 11:57 AM, Minudika Malshan 
> wrote:
>
>> Hi Hasara,
>>
>> It's nice to hear about your interest on Siddhi.
>>
>> As the first step, go through the Siddhi guide[1].
>> Then try to create and run some siddhi apps on *WSO2 Stream Processor*
>> [2].
>>
>> After getting familiar with the flow,
>> you can go through Siddhi source code[2] and it's extensions' source
>> codes[4], run some tests and try to understand how the work is getting done.
>>
>> You can also find the issues to be solved in the siddhi issue tracker[5]
>>
>> Please raise if there are any doubts.
>>
>> [1] https://wso2.github.io/siddhi/documentation/siddhi-4.0/
>> [2] https://docs.wso2.com/display/SP400/Quick+Start+Guide
>> [3] https://github.com/wso2/siddhi
>> [4] 
>> https://github.com/wso2-extensions?utf8=%E2%9C%93&q=siddhi&type=&language=
>>
>> [5] https://github.com/wso2/siddhi/issues
>>
>> BR
>>
>>
>> On Mon, Sep 4, 2017 at 11:22 AM, Hasara Maithree <
>> hasaramaithreedesi...@gmail.com> wrote:
>>
>>> Hi all,
>>>
>>> I'm Hasara Maithree De Silva and I'm a 2nd year undergraduate of
>>> department of computer science and engineering in University of Moratuwa. I
>>> would really like to contribute myself to open source projects. I thought
>>> of initiating it with siddhi since I found the project is quite
>>> interesting. It would be great if you can guide me through the project in
>>> order to get an idea of how to contribute myself.
>>>
>>> Thank you
>>>
>>> ___
>>> Dev mailing list
>>> Dev@wso2.org
>>> http://wso2.org/cgi-bin/mailman/listinfo/dev
>>>
>>>
>>
>>
>> --
>> *Minudika Gammanpila*
>> Software Engineer - WSO2
>>
>> Email   :  minud...@wso2.com
>>
>> Web :  http://wso2.com 
>>
>
>
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] Custom API handler gets ClassNotFoundException

[Todd Hill]

So, Harsha, the issue isn't resolved, but I have some additional
information comparing the OSGI output from the API Manager v2.1.0 to the
ESB v4.8.0.

I ran each server with the system property -DosgiConsole, so I could query
the bundle information. In both cases I let the WSO2 framework do the
bundling by putting the raw jar into the
repository/components/lib. The generate MANIFEST.MF files by the
framework were listed earlier in this thread.

Below are the results after executing the OSGI command b  both
before the handler is executed and after it has executed (albeit with an
error in the APIM version). What is most notable is that the missing
package org.apache.synapse.core.axis2 is clearly imported in the ESB
version, but not in the APIM version.

I'm a newbie to WSO2/OSGI, so I could be missing something ... but I wonder
if this helps you diagnose what might be going on.
Thank you.



For reference, here are the import statements in the Handler class:
import com.google.common.base.Joiner;
import org.apache.axiom.om.*;
import org.apache.axis2.databinding.types.URI;
import org.apache.commons.lang.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.synapse.MessageContext;
import org.apache.synapse.core.axis2.Axis2MessageContext;
import org.apache.synapse.rest.AbstractHandler;
import org.apache.synapse.rest.RESTConstants;
import org.apache.synapse.transport.passthru.util.RelayUtils;

import javax.xml.namespace.QName;
import javax.xml.stream.XMLStreamException;
import java.io.IOException;
import java.io.StringReader;
import java.util.*;


Results
*APIM 2.1.0*

*Before executing Handler*
osgi> b 57
esb.poc_1.0.0_SNAPSHOT_1.0.0 [57]
  Id=57, Status=ACTIVE  Data
Root=/Users/tkhill/wso2am-2.1.0/repository/components/default/configuration/org.eclipse.osgi/bundles/57/data
  "No registered services."
  No services in use.
  Exported packages
edu.wisc.services.esbpoc; version="0.0.0"[exported]
  Imported packages
org.apache.synapse.rest; version="0.0.0"
javax.xml.stream; version="1.0.1"
org.apache.axiom.om; version="1.2.11.wso2v11"
org.apache.axis2.databinding.types;
version="1.6.1.wso2v20"
org.apache.commons.logging;
version="1.2.0"
  No fragment bundles
  Named class space
esb.poc_1.0.0_SNAPSHOT; bundle-version="1.0.0"[provided]
  No required bundles

*After executing Handler (but gets error -
org.apache.synapse.core.axis2.Axis2MessageContext cannot be found by
esb.poc_1.0.0_SNAPSHOT_1.0.0)*
osgi> b 57
esb.poc_1.0.0_SNAPSHOT_1.0.0 [57]
  Id=57, Status=ACTIVE  Data
Root=/Users/tkhill/wso2am-2.1.0/repository/components/default/configuration/org.eclipse.osgi/bundles/57/data
  "No registered services."
  No services in use.
  Exported packages
edu.wisc.services.esbpoc; version="0.0.0"[exported]
  Imported packages
org.apache.synapse.rest; version="0.0.0"
javax.xml.stream; version="1.0.1"
org.apache.axiom.om; version="1.2.11.wso2v11"
org.apache.axis2.databinding.types;
version="1.6.1.wso2v20"
org.apache.commons.logging;
version="1.2.0"
org.apache.synapse; version="0.0.0"
org.jaxen; version="1.1.1"
org.apache.axiom.om.xpath;
version="1.2.11.wso2v11"
org.apache.commons.lang; version="2.6.0"
com.google.common.base; version="19.0.0"
  No fragment bundles
  Named class space
esb.poc_1.0.0_SNAPSHOT; bundle-version="1.0.0"[provided]
  No required bundles



ESB 4.8.0
*Before executing Handler  *
  osgi> b 40
  esb.poc_1.0.0_SNAPSHOT_1.0.0 [40]
Id=40, Status=ACTIVE  Data
Root=/Users/tkhill/wso2esb-4.8.0/repository/components/default/configuration/org.eclipse.osgi/bundles/40/data
"No registered services."
No services in use.
Exported packages
  edu.wisc.services.esbpoc; version="0.0.0"[exported]
Imported packages
  org.apache.synapse.rest; version="0.0.0"
  org.apache.axis2.databinding.types;
version="1.6.1.wso2v10"
  javax.xml.stream;
version="1.0.1"
  org.apache.axiom.om; version="1.2.11.wso2v4"
  org.apache.commons.logging;
version="1.1.1"
No fragment bundles
Named class space
  esb.poc_1.0.0_SNAPSHOT; bundle-version="1.0.0"[provided]
No required bundles

*After executing Handler*
osgi> b 40
esb.poc_1.0.0_SNAPSHOT_1.0.0 [40]
  Id=40, Status=ACTIVE  Data
Root=/Users/tkhill/wso2esb-4.8.0/repository/components/default/configuration/org.eclipse.osgi/bundles/40/data
  "No registered services."
  No services in use.
  Exported packages
edu.wisc.services.esbpoc; version="0.0.0"[exported]
  Imported packages
org.apache.synapse.rest; version="0.0.0"
org.apache.axis2.databinding.types;
version="1.6.1.wso2v10"
javax.xml.stream;
version="1.0.1"
org.apache.axiom.om; version="1.2.11.wso2v4"
org.apache.commons.logging;
version="1.1.1"
org.jaxen; version="1.1.1"
org.apache.axiom.om.xpath; version="1.2.11.wso2v4"
org.apache.synapse.core.axis2;
version="0.0.0"
org.apache.axis2.context; ver

[Dev] Where can I find /token endpoint source code.

[shiva.k]

Hi WSO2 team,

 

I want to know in which class /token url request is handled. It will be very
helpful for me if any one suggest which class name and project.

 

Thank You,

Shiva Kumar KR

___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] Fwd: Possible Bug Reports

[Sagar Kapadia]

Hi Chiranga!
Waiting for a response
Sagar

On Jul 21, 2017 10:07 PM, "Sagar Kapadia"  wrote:

> Hi Chiranga!,
> Use this source. I fixed the osgi version to be compatible with WSO2 DAS,
> and now the messages do show up in the console. [Please see the screenshot]
> https://drive.google.com/file/d/0BwqZCw5oc2rwc2YxRkwyRWJnQnc/
> view?usp=sharing
> Thanks,
> Sagar
>
>
> On Fri, Jul 21, 2017 at 3:19 PM, Sagar Kapadia  wrote:
>
>> Hi Chiranga,
>> please find the link to source of the custom event publisher project.
>>
>> https://drive.google.com/file/d/0BwqZCw5oc2rwb013Q2hwRTdEY0U
>> /view?usp=sharing
>>
>>
>> I can run it in Eclipse and it shows the desired output [
>> Hello World Before!!
>> Registered Factory
>> Registered Service
>> Hello World AFter!!
>> 3 is the id I get when I do ss in the osgi console
>> However, when I deploy it to WSO2 DAS in the dropins folder, it shows no
>> messages . When I do "start 3" ,it prints the following error message
>> gogo: BundleException: The bundle "CustomEventPublisher_1.0.0.201707211505
>> [3]" could not be resolved. Reason: Missing Constraint: Import-Package:
>> org.osgi.service.component; version="1.2.2"
>>
>> This problem did not occur earlier and I seem to have messed up the
>> configuration of the project somehow. Previously, I used to get a listing
>> of registered services, on doing "b 3"
>> I will try to fix this issue , but am sending the code in the mean time
>> Sincerely,
>> Sagar
>>
>>
>> On Fri, Jul 21, 2017 at 1:53 PM, Sagar Kapadia 
>> wrote:
>>
>>> Hi Chiranga,
>>> I am using wso2das-3.1.0
>>> Sagar
>>>
>>>
>>> On Fri, Jul 21, 2017 at 10:36 AM, Chiranga Alwis 
>>> wrote:
>>>
 Hi Sagar,

 can you please specify the WSO2 Data Analytics Server version you are
 using, as well?

 On Thu, Jul 20, 2017 at 11:00 PM, Chiranga Alwis 
 wrote:

> Hi Sagar,
>
> it would be helpful if you could share the code mentioned in part a.
> of your question.
>
> On Thu, Jul 20, 2017 at 1:02 PM, Chandana Napagoda 
> wrote:
>
>> +Chiranga
>>
>> On Thu, Jul 20, 2017 at 11:39 AM, Sagar Kapadia 
>> wrote:
>>
>>>
>>> -- Forwarded message --
>>> From: Sagar Kapadia 
>>> Date: Wed, Jul 19, 2017 at 5:05 PM
>>> Subject: Possible Bug Reports
>>> To: dev-requ...@wso2.org, ash...@avinashi.com,
>>> sa...@cloudnineconsulting.in
>>>
>>>
>>> Hi,
>>> a. Custom OSGI components are not recognized.
>>> I created a custom event publisher and copied the jar to dropins
>>> folder. The start method of the Activator class was called. But the
>>> activate method was never called. I can share the code if required
>>> This issue has been reported by someone else previously.
>>> https://wso2.org/jira/browse/CARBON-12728
>>>
>>> I have updated to latest version using WUM.
>>>
>>> b. The documentation of sample to create a custom event publisher is
>>> out of date. The classes have been replaced by interfaces and vice 
>>> versa in
>>> the present version of the library
>>>
>>> c. Console doesnt show up in windows 7 , similar to this question on
>>> SO, which hasnt been
>>> answered yet
>>>
>>> https://stackoverflow.com/questions/43608516/new-with-wso2-das
>>> d. The Http Publisher writes events to the Trace, but does not
>>> actually do a POST. The configuration is as below
>>> 
>>> >>   trace="enable" xmlns="http://wso2.org/carbon/eventpublisher";>
>>>   
>>>   
>>>   
>>> 
>>> HttpPost
>>> https://requestb.in/1atd4211
>>> 
>>>   
>>> 
>>> and traces are
>>> 16:51:26,157 [-] [Grizzly(2)]  INFO EVENT_TRACE_LOGGER TenantId :
>>> -1234, Event Publisher : RequestBinPublihser2, after processing
>>> {"event":{"metaData":{"payload":"RT @WernWatt: Net terug van
>>> #bzacongres The future of firefighting #SmartCity #WearableTechnology
>>> #verdomdInteressant https://t.co/6AqhU6r3…","topic
>>> ":"tweets/gesucfator1978"},"payloadData":{"id":887633471555993600,"text":"RT
>>> @WernWatt: Net terug van #bzacongres The future of firefighting 
>>> #SmartCity
>>> #WearableTechnology #verdomdInteressant https://t.co/6AqhU6r3
>>> …","created_on":null}}}
>>>
>>>
>>>
>>> I would have filed a bug report, but have forgotten my password and
>>> am unable to login.
>>> I sent a mail regarding this, but have not received any reply yet.
>>> Please confirm whether this bug exists.
>>>
>>> We are evaluating WSO2 Data Analytics Server, and need to know if
>>> there is a bug, or we should be doing something differently.
>>> Sincerely,
>>> Sagar R. Kapadia
>>>
>>>
>>> ___
>>> Dev mailing list
>>> Dev@wso2.org
>>> http://wso2.org/cgi-bin/mailman/listinfo/dev
>>>
>>>
>>
>>
>> --
>

Re: [Dev] how to obtain tenant domain from just clientid and client secret.

[Farasath Ahamed]

On Tue, Sep 5, 2017 at 12:52 PM,  wrote:

> Hi Farasath,
>
>
>
> Thank you very much for your response. Advance sorry if this takes some
> time to read,
>
> I customizing the password grant type authentication which will call a my
> rest api to do authentication of users stored in our database server, *I
> cannot plug in it as a JDBC user store to wso2*. I just have to take
> username, password and tenant Id during authentication. My backend api
> expect tenantId for every request. Please see the details below of my
> requirements
>

By tenantId do you mean the tenantDomain of the authenticating user or the
app?
Can we assume these two (ie. App tenant Domain and User tenant domain) will
always be the same


>
> My API is also multi tenanted and it expects tenantId for every request.
>
> I use below url to obtain token.
>
> http://locahost:8280/token
>
> postbody -> grant_type=password&username=du...@gmail.com&password=dummy
>
> basicAuth -> clientId:clientsecret base64 encoded.
>
>
>
> I have to use du...@gmail.com@tenantdomain as username to get token
> because then only I can authenticate with my custom authentication
> mechanism.
>
>
>
> To obtain tenantId I am appending tenant domain name to username but I
> should avaoid this and use simply gmail username. I cannot use any user
> store that wso2 supports.
>
> I am using below code to extract tenantId from domain name which will
> extracted from username.
>
>
>
> Here -> username = du...@gmail.com@tenantdomain.com
>
>
>
> String username = oAuth2AccessTokenReqDTO.getResourceOwnerUsername();
>
> String userTenantDomain = MultitenantUtils.*getTenantDomain*(
> username);
>
> *int* tenantId = IdentityTenantUtil.*getTenantId*(userTenantDomain
> );
>
> String tenantAwareUserName = MultitenantUtils.
> *getTenantAwareUsername*(username);
>
>
>
> Please suggest if it’s possible to get tenantId without giving anything in
> username.
>
>
>
> Thank You,
>
> Shiva Kumar K R.
>
>
>
> *From:* Farasath Ahamed [mailto:farasa...@wso2.com]
> *Sent:* 05 September 2017 12:13
> *To:* shiv...@securelyshare.com
> *Cc:* WSO2 Developers' List 
> *Subject:* Re: [Dev] how to obtain tenant domain from just clientid and
> client secret.
>
>
>
>
>
>
> Farasath Ahamed
>
> Software Engineer, WSO2 Inc.; http://wso2.com
>
> Mobile: +94777603866
>
> Blog: blog.farazath.com
>
> Twitter: @farazath619 
>
> 
>
>
>
>
>
>
>
> On Mon, Sep 4, 2017 at 7:30 PM,  wrote:
>
> Hi,
>
> I am using WSO2 api manager 2.1.0, and I am extending password grant type
> handler to customize few operations
>
> I tried to obtain tenant domain from OAuthAppDO from I got the below
> exception please help me.
>
>
>
> Here what is the tenantDomain you are trying obtain?
>
> Tenant domain to which the app belongs to or the tenant domain of the
> authenticated user?
>
>
>
> If it is Tenant domain to which the app belongs to, you can use util
> method[1]
>
>
>
> [1] https://github.com/wso2-extensions/identity-inbound-auth
> -oauth/blob/master/components/org.wso2.carbon.identity.
> oauth/src/main/java/org/wso2/carbon/identity/oauth2/util/
> OAuth2Util.java#L1290-L1316
>
>
>
>
>
> This is utility method I trying to get OauthAppDO from which I get
> AuthenticatedUser object and it’s tenantdomain. But it’s throwing exception.
>
>
>
> String tenantDomain = OAuthUtil.getAppInformationByC
> lientId(oAuth2AccessTokenReqDTO.getClientId()).getUser().get
> TenantDomain();
>
>
>
> ... 47 more
>
> [2017-09-04 18:55:59,723] ERROR - StandardWrapperValve Servlet.service()
> for servlet [OAuth2Endpoints] in context with path [/oauth2] threw exception
>
> java.lang.RuntimeException: org.apache.cxf.interceptor.Fault:
> org.wso2.carbon.identity.oauth.OAuthUtil.getAppInformationBy
> ClientId(Ljava/lang/String;)Lorg/wso2/carbon/identity/
> oauth/dao/OAuthAppDO;
>
> at org.apache.cxf.interceptor.AbstractFaultChainInitiatorObserv
> er.onMessage(AbstractFaultChainInitiatorObserver.java:116)
>
> at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(Phase
> InterceptorChain.java:336)
>
> at org.apache.cxf.transport.ChainInitiationObserver.onMessage(C
> hainInitiationObserver.java:121)
>
> at org.apache.cxf.transport.http.AbstractHTTPDestination.invoke
> (AbstractHTTPDestination.java:249)
>
> at org.apache.cxf.transport.servlet.ServletController.invokeDes
> tination(ServletController.java:248)
>
> at org.apache.cxf.transport.servlet.ServletController.invoke(
> ServletController.java:222)
>
> at org.apache.cxf.transport.servlet.ServletController.invoke(
> ServletController.java:153)
>
> at org.apache.cxf.transport.servlet.CXFNonSpringServlet.invoke(
> CXFNonSpringServlet.java:171)
>
> at org.apache.cxf.transport.servlet.AbstractHTTPServlet.handleR
> equest(AbstractHTTPServlet.java:289)
>
> at org.apache.cxf.transport.servlet.AbstractHTTPServlet.doPost(
> AbstractHTTPServlet.ja

Re: [Dev] [IS] GSoC 2017 - WS-Trust Implementation for IS6

[Maheshika Goonetilleke]

Hi Johann

Created: https://github.com/wso2-incubator/mss4j-ws-trust

On Tue, Sep 5, 2017 at 4:03 PM, Johann Nallathamby  wrote:

> Hi Maheshika,
>
> Can we have repo created for this project under wso2-incubator?
>
> Name: "mss4j-ws-trust"
>
> Regards,
> Johann.
>
> On Tue, Sep 5, 2017 at 11:59 AM, Johann Nallathamby 
> wrote:
>
>> Great job Isuranga over the past 3 months in completing this project!!
>> Hope you had a great learning experience and will keep contributing to WSO2
>> Identity Server in future.
>>
>> Can you please write a WSO2 article on the technical details of how this
>> integration was done between MSS4J and CXF? We can publish that in our
>> Oxygen Tank.
>>
>> And also you can write a blog post on how to integrate CXF as a
>> WS-Security engine to any generic web services engine?
>>
>> Regards,
>> Johann.
>>
>>
>> On Tue, Sep 5, 2017 at 10:35 AM, Isuranga Perera <
>> isurangamper...@gmail.com> wrote:
>>
>>> Hi All,
>>>
>>> I was able to complete the WS-Trust Implementation for Identity Server 6
>>> with all the functional requirements.
>>>
>>> Project Repository [1]
>>> Documentation [2]
>>>
>>> I would like to thanks my mentors Johann Nallathamby, Malithi
>>> Edirisinghe, Kasun Gajasinghe who gave an immense support throughout the
>>> project by giving necessary guidance whenever needed. In addition to that,
>>> I would like to thanks,  Sagara Gunathnga, Harsha Thirimanne and Thusitha
>>> Dayaratne for supporting me through Dev list.
>>>
>>> [1] https://github.com/IsurangaPerera/identity-inbound-auth-sts
>>> [2] https://docs.google.com/document/d/1ZRLQnazRgH4ZZu2luxFm
>>> YjXVpRw17n29NkkjeTXVWn0/edit?usp=sharing
>>> 
>>>
>>> Best Regards
>>> Isuranga Perera
>>>
>>>
>>> ___
>>> Dev mailing list
>>> Dev@wso2.org
>>> http://wso2.org/cgi-bin/mailman/listinfo/dev
>>>
>>>
>>
>>
>> --
>> Thanks & Regards,
>>
>> *Johann Dilantha Nallathamby*
>> Senior Lead Solutions Engineer
>> WSO2, Inc.
>> lean.enterprise.middleware
>>
>> Mobile - *+9476950*
>> Blog - *http://nallaa.wordpress.com *
>>
>
>
>
> --
> Thanks & Regards,
>
> *Johann Dilantha Nallathamby*
> Senior Lead Solutions Engineer
> WSO2, Inc.
> lean.enterprise.middleware
>
> Mobile - *+9476950*
> Blog - *http://nallaa.wordpress.com *
>



-- 

Thanks & Best Regards,

Maheshika Goonetilleke
Senior Engineering Process Coordinator

*WSO2 Inc*
*email   : mahesh...@wso2.com *
*mobile : +94 773 596707*
*www: :http://wso2.com *lean . enterprise . middleware
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] [IS] GSoC 2017 - WS-Trust Implementation for IS6

[Johann Nallathamby]

Hi Maheshika,

Can we have repo created for this project under wso2-incubator?

Name: "mss4j-ws-trust"

Regards,
Johann.

On Tue, Sep 5, 2017 at 11:59 AM, Johann Nallathamby  wrote:

> Great job Isuranga over the past 3 months in completing this project!!
> Hope you had a great learning experience and will keep contributing to WSO2
> Identity Server in future.
>
> Can you please write a WSO2 article on the technical details of how this
> integration was done between MSS4J and CXF? We can publish that in our
> Oxygen Tank.
>
> And also you can write a blog post on how to integrate CXF as a
> WS-Security engine to any generic web services engine?
>
> Regards,
> Johann.
>
>
> On Tue, Sep 5, 2017 at 10:35 AM, Isuranga Perera <
> isurangamper...@gmail.com> wrote:
>
>> Hi All,
>>
>> I was able to complete the WS-Trust Implementation for Identity Server 6
>> with all the functional requirements.
>>
>> Project Repository [1]
>> Documentation [2]
>>
>> I would like to thanks my mentors Johann Nallathamby, Malithi
>> Edirisinghe, Kasun Gajasinghe who gave an immense support throughout the
>> project by giving necessary guidance whenever needed. In addition to that,
>> I would like to thanks,  Sagara Gunathnga, Harsha Thirimanne and Thusitha
>> Dayaratne for supporting me through Dev list.
>>
>> [1] https://github.com/IsurangaPerera/identity-inbound-auth-sts
>> [2] https://docs.google.com/document/d/1ZRLQnazRgH4ZZu2luxFm
>> YjXVpRw17n29NkkjeTXVWn0/edit?usp=sharing
>> 
>>
>> Best Regards
>> Isuranga Perera
>>
>>
>> ___
>> Dev mailing list
>> Dev@wso2.org
>> http://wso2.org/cgi-bin/mailman/listinfo/dev
>>
>>
>
>
> --
> Thanks & Regards,
>
> *Johann Dilantha Nallathamby*
> Senior Lead Solutions Engineer
> WSO2, Inc.
> lean.enterprise.middleware
>
> Mobile - *+9476950*
> Blog - *http://nallaa.wordpress.com *
>



-- 
Thanks & Regards,

*Johann Dilantha Nallathamby*
Senior Lead Solutions Engineer
WSO2, Inc.
lean.enterprise.middleware

Mobile - *+9476950*
Blog - *http://nallaa.wordpress.com *
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] [IS] Shall We Link Corresponding IS Documentation as Context Sensitive Help Pages in IS Management Console?

[Darshana Gunawardana]

+1 to remove this.

This is something comes from kernel right? So this is something has to
agree with all products.

Are we ok to remove this in a kernel patch release?

On Tue, Sep 5, 2017 at 1:58 PM, Shiraz Azad  wrote:

> Agree with Thilina. At the same time, we should make sure we dont clutter
> the UI with explaining notes. In that case, a UI guide will be really
> effective. +1 for that.
>
> Thanks
> Shiraz
>
> On Mon, Sep 4, 2017 at 10:41 AM, Thilina Madumal 
> wrote:
>
>> Hi all,
>>
>> For the 5.4.0 we have to go with the assumption that the current
>> Implementation of the UI, self-explain enough.
>> With that assumption, we can go ahead and can remove the help links. WDYT?
>>
>> Making UI self-explain better can be achieved in the 5.5.0 release since
>> there is a plan to re-write the UI.
>> For that, I suggest implementing something like UI guide (something
>> similar to what APIM has done, IMO it is pretty effective) when a user
>> starts a fresh pack.
>>
>> Regards,
>> Thilina.
>>
>> On Sat, Sep 2, 2017 at 8:14 AM, Shiraz Azad  wrote:
>>
>>> +1. for removing links and making the UI self explained.
>>>
>>> Shiraz
>>>
>>>
>>> On Thu, Aug 31, 2017 at 7:07 PM, Thilina Madumal 
>>> wrote:
>>>
 +1 to remove the links as Johann has suggested.

 Regards,
 Thilina.

 On Thu, Aug 31, 2017 at 11:40 AM, Johann Nallathamby 
 wrote:

> +1 to remove these links. I think better UX is the solution than
> asking users to read more docs.
>
> Regards,
> Johann.
>
> On Thu, Aug 31, 2017 at 11:04 AM, Samuel Gnaniah 
> wrote:
>
>> Our strategy here is to remove these help links and walk through the
>> UI with the dev team to make the UIs and forms easier to configure 
>> without
>> requiring additional documentation. This is the stragety we are following
>> for all products.
>>
>> Thanks,
>>
>> --
>>
>> *Samuel Gnaniah*
>> Lead Technical Writer
>>
>> WSO2 (pvt.) Ltd.
>> Colombo, Sri Lanka
>> (+94) 773131798 <+94%2077%20313%201798>
>>
>> On Thu, Aug 31, 2017 at 10:51 AM, Sherene Mahanama 
>> wrote:
>>
>>> +documentation, +shiraz, +samuel
>>>
>>> On Thu, Aug 31, 2017 at 10:50 AM, Sherene Mahanama >> > wrote:
>>>
 Hi Team,

 We can use [1] as the base URL as it will always point to the
 latest docs of IS. If we export an html page though, when we update 
 the doc
 page with improvements the changes won't get reflected in the help page
 right unless we export again every time we make a change?

 [1] https://docs.wso2.com/identity-server

 Thanks,
 Sherene

 On Thu, Aug 31, 2017 at 10:38 AM, Omindu Rathnaweera <
 omi...@wso2.com> wrote:

> One other option would be to export an html from the doc page and
> include it in the product.
>
> On Thu, Aug 31, 2017 at 10:35 AM, Johann Nallathamby <
> joh...@wso2.com> wrote:
>
>> Only problem I see is if Internet access is not available from
>> the client's machine which can access the carbon console, which 
>> could be
>> the case sometimes.
>>
>> On Thu, Aug 31, 2017 at 10:22 AM, Thilina Madumal <
>> thilina...@wso2.com> wrote:
>>
>>> Hi Devs,
>>>
>>> Currently, in IS Management Console, the context sensitive help
>>> pages are outdated. See [1].
>>> Even though the content is up to date, the content is not
>>> informative enough IMO.
>>>
>>> If we are to update the help-pages, we need to make them up to
>>> date and informative enough.
>>> The concern is if we are to do so;
>>>
>>>1. The effort is significantly high
>>>2. Also, it is kind of writing another set of documentation
>>>
>>> We already have a nice set of documentation for the Product IS.
>>> Therefore shall we link the already available IS documentation
>>> to Help Pages of IS Management Console? WDYT?
>>>
>>> [1] https://wso2.org/jira/browse/IDENTITY-446
>>>
>>> Thanks & Regards,
>>> Thilina.
>>>
>>> --
>>> *Thilina Madumal*
>>> *Software Engineer | **WSO2*
>>> Email: thilina...@wso2.com
>>> Mobile: *+ <+94%2077%20767%201807>94 774553167*
>>> Web:  http://wso2.com
>>>
>>> 
>>>
>>>
>>
>>
>> --
>> Thanks & Regards,
>>
>> *Johann Dilantha Nallathamby*
>> Senior Lead Solutions Engineer
>> WSO2, Inc.
>> lean.enterprise.middleware
>>
>> Mobile - *+9476950*
>> Blog - *http://nallaa.wordpress.com

Re: [Dev] Custom API handler gets ClassNotFoundException

[Harsha Kumara]

Hi Todd,

Yes your observation is correct, Jars placed in lib converts to OSGi
bundles and copied to the dropins folder. We might need to debug this
further with OSGi console as I don't see any issue with the both versions.
However, you can follow the resources in provided link to get rid of this.
Let us know if you couldn't able to sort out this issue.

Thanks,
Harsha

On Mon, Sep 4, 2017 at 11:08 PM, Todd Hill  wrote:

> Thanks, Harsha, that might prove useful, but the bigger question to me is
> why even bother with the bundle part ...
>
> When I worked on the 4.8.0 ESB version, I just had to put the .jar file
> into /repository/components/lib and the wso2 framework took
> care of bundling it and moving it to the dropins directory (along with
> whatever bundling needs are required).
>
> The APIM also seems to do the same thing (i.e., put it in the
> /repository/components/lib directory and, again, the framework
> does the bundling and putting it in the dropins directory).
>
> There isn't much difference in the wso2-framework generated MANIFEST.MF
> file between the two. And yet I get ClassNotFoundExceptions in the APIM
> version.
>
> TO COMPARE:
>
> generated MANIFEST.MF - 4.8.0 version of ESB:
> Manifest-Version: 1.0
> Export-Package: edu.wisc.services.esbpoc
> DynamicImport-Package: *
> Bundle-ClassPath: .,esb.poc-1.0-SNAPSHOT.jar
> Bundle-Version: 1.0.0
> Bundle-Name: esb.poc_1.0_SNAPSHOT
> Bundle-ManifestVersion: 2
> Bundle-SymbolicName: esb.poc_1.0_SNAPSHOT
>
> generated MANIFEST.MF - 2.1.0 API Manager version:
> Manifest-Version: 1.0
> Bundle-SymbolicName: esb.poc_1.0.0_SNAPSHOT
> Export-Package: edu.wisc.services.esbpoc
> Bundle-Name: esb.poc_1.0.0_SNAPSHOT
> Bundle-Version: 1.0.0
> Bundle-ClassPath: .,esb.poc-1.0.0-SNAPSHOT.jar
> Bundle-ManifestVersion: 2
> DynamicImport-Package: *
>
> On Mon, Sep 4, 2017 at 12:12 PM Harsha Kumara  wrote:
>
>> Hi Todd,
>>
>> Resource in [1] may be a good reference for you.
>>
>> [1] https://github.com/R-Rajkumar/samples/blob/master/
>> message-builder-handler/pom.xml
>>
>> Thanks,
>> Harsha
>>
>> On Mon, Sep 4, 2017 at 10:16 PM, Todd Hill  wrote:
>>
>>> meant to send it to the DEV list too.
>>>
>>>
>>> -- Forwarded message -
>>> From: Todd Hill 
>>> Date: Mon, Sep 4, 2017 at 11:38 AM
>>> Subject: Re: [Dev] Custom API handler gets ClassNotFoundException
>>> To: Harsha Kumara 
>>>
>>>
>>> The profile I'm using is 'apim' (as opposed to the 'esb' profile). The
>>> bundle is comment out because I wasn't able to get
>>> that working either.
>>>
>>>
>>> On Mon, Sep 4, 2017 at 11:35 AM Harsha Kumara  wrote:
>>>
 Hi Todd,

 Can you attach the pom.xml of your custom handler?

 Thanks,
 Harsha

 On Mon, Sep 4, 2017 at 9:58 PM, Todd Hill  wrote:

> Sorry if this is not the right place to send questions about writing a
> custom Handler for WSO2 API Manager 2.1.0, but I don't see any other 
> places
> listed.
>
> I have written a custom handler that worked well with WSO2 ESB 4.8.0.
> We are migrating to using the API Manager v2.1.0, so I updated the maven
> dependencies, but now after I put the jar into 
> /repository/components/lib
> and restart the API Manager, I get this when my Handler class is invoked:
>
> Caused by: java.lang.ClassNotFoundException:
> org.apache.synapse.core.axis2.Axis2MessageContext cannot be found by
> esb.poc_1.0_SNAPSHOT_1.0.0
> at org.eclipse.osgi.internal.loader.BundleLoader.findClassInternal(
> BundleLoader.java:501)
> at org.eclipse.osgi.internal.loader.BundleLoader.findClass(
> BundleLoader.java:421)
> at org.eclipse.osgi.internal.loader.BundleLoader.findClass(
> BundleLoader.java:412)
> at org.eclipse.osgi.internal.baseadaptor.DefaultClassLoader.loadClass(
> DefaultClassLoader.java:107)
> at java.lang.ClassLoader.loadClass(ClassLoader.java:357)
>
>
> Here is the method in the handler:
>
> private void processPayload(CaosDecisionMakingData
> decisionMakingData, MessageContext mc){
> try {
> RelayUtils.buildMessage(((Axis2MessageContext)
> mc).getAxis2MessageContext());
> } catch (IOException e) {
> throw new RuntimeException(e);
> } catch (XMLStreamException e) {
> throw new RuntimeException(e);
> }
> OMElement restPayload = mc.getEnvelope().getBody().getFirstElement();
> if (restPayload != null) {
> decisionMakingData.setPostBodyElement(restPayload);
> }
> }
>
> The line with RelayUtils containing the cast is where the problem is.
>
>
> Thanks for any help or direction you can give.
>
> ___
> Dev mailing list
> Dev@wso2.org
> http://wso2.org/cgi-bin/mailman/listinfo/dev
>
>


 --
 Harsha Kumara
 Software Engineer, WSO2 Inc.
 Mobile: +94775505618 <+94%2077%20550%205618>
 Blog:harshcreationz.blogspot.com

>>>

[Dev] How to use aggregate and clone mediators?

[Thomas LEGRAND]

Hello,

I have a problem and the differents tutos do not seem to help me.

I am using three different connectors to retrieve data in JSON. Those data
should be aggregated to be sent back. Because I want to gain some process
time, I would like to call those three connectors in parallel. That is why
I try to use the clone mediator and the aggregate one.

But, during the process, it is like if it never goes to the outputSequence
whereas the tutos like this one in [1] does nothing to force the passage to
it.

Here is my sequence where I just use the clone for one connector for my
tests :

http://ws.apache.org/ns/synapse"; name="MergedComposition"
context="/merge">
   
  
 


 
 


 
 


 
 
 

   
  
  
 
  
  
 
 $1
 
 

 
  
  
 
  
   

 
  
  

 
  
 

   


   
  
  
   
   

 
  
  
   


>From this sequence, I can see in the logs the "AFTER" property showing
"AFTER" but I don't seen any "OUT"

Can you help me, please?

Regards,

Thomas

[1] https://dzone.com/articles/wso2-esb-cloning-and
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] Avoid Invoking REST endpoints from SSO login page

[Farasath Ahamed]

On Tue, Sep 5, 2017 at 12:39 PM, Pulasthi Mahawithana 
wrote:

>
>
> On Mon, Sep 4, 2017 at 2:44 PM, Hasintha Indrajee 
> wrote:
>
>> I think we must avoid this if this is just to check whether the endpoint
>> exists or not. This is anyway a costly operation. Head will only reduce the
>> transport cost. Otherwise when the head request reaches back end, it does
>> the relevant operation treating the request as a GET and avoid responding
>> with actual payload. In our case this is very costly because within these
>> calls, there are user store accesses and multiple other DB accesses.
>>
>
> We'll need that check (or some other way) to check whether the identity
> mgt webapp exists and deployed since some products don't ship it by
> default. And yes, we need to get rid of calling an endpoint which does any
> heavy work. So shall we do the HEAD to a page which does not do any heavy
> work? May be to "accountrecoveryendpoint/error.jsp"?
>

Wouldn't it be easier if we do this with a config.
ie. By default we do not show these links. If any product ships the account
recovery endpoint  and they want to show the recovery links for all service
provider logins, then they override this config at product level.

Another reason for this suggestion is that, upto IS 5.3.0 we only showed
the recovery related links when login into user dashboard only. So this is
essentially a change in the default behaviour of the product where we now
show the recovery links in the login page for all service providers (not
just the dashboard). So if someone wants to stick to the previous behaviour
they should have a way to do so (ie. maintain backward compatibility).


>
>
>>
>> On Fri, Aug 18, 2017 at 4:39 PM, Isura Karunaratne 
>> wrote:
>>
>>>
>>> On Fri, Aug 18, 2017 at 4:33 PM Malithi Edirisinghe 
>>> wrote:
>>>
 On Fri, Aug 18, 2017 at 4:02 PM, Isura Karunaratne 
 wrote:

> Hi Malithi,
>
> On Fri, Aug 18, 2017 at 3:41 PM, Malithi Edirisinghe <
> malit...@wso2.com> wrote:
>
>>
>>
>> On Fri, Aug 18, 2017 at 12:31 PM, Nuwandi Wickramasinghe <
>> nuwan...@wso2.com> wrote:
>>
>>> Looks like http calls are done to validate the endpoint url. Do we
>>> need this validation before showing the link?
>>>
>>> Shall we remove these calls and directly show the hyper link?
>>>
>>
>> So here the validation is done as we are invoking another webapp. So
>> that this check make sure a broken link is never to be shown in this 
>> login
>> page. Moreover, this is just a HEAD call so I don't think invoking that
>> impacts the login page performance, because the actual page is not 
>> getting
>> rendered here.
>> The other thing is these webapps are coming from two features, so
>> IMO, we cannot directly couple them together.
>>
>
> Is that working correctly?. I think HEAD operation returns 200 OK for
> any endpoint starting with https://localhost:9443.
>

 How can that happen ?

>>> Because carbon redirects invalid urls to main page.
>>>
>>
> This is because the http client follows the redirects by default. If we
> disable following redirects at the client this check should be possible,
> and it will return a 302 if identity mgt web app doesn't exist.
>
>>
>>>
>>> We call head on the URL right. Anyway, if it's not working we should
 fix.

>
> Thanks
> Isura.
>
>
>>> On Fri, Aug 18, 2017 at 11:54 AM, Farasath Ahamed <
>>> farasa...@wso2.com> wrote:
>>>

 There is another complication here. We are not honouring the
 hostname verification settings set by Kernel when doing the backend 
 call.
 Ideally, we should be using the common-http client if we are doing
 any backend https calls.


 Farasath Ahamed
 Software Engineer, WSO2 Inc.; http://wso2.com
 Mobile: +94777603866
 Blog: blog.farazath.com
 Twitter: @farazath619 
 



 On Fri, Aug 18, 2017 at 11:45 AM, Gayan Gunawardana >>> > wrote:

> In IS 5.4.0-m2 SSO login page we can see couple of hyper links for
> Forgot Password, Forgot Username, Register Now as below.
>
>
> ​
> Actually how it renders is
>
>  <%
> url = new URL(identityMgtEndpointContext +
> "/recoverpassword.do?callback=" + Encode.forHtmlAttribute
> (urlEncodedURL));
> httpURLConnection = (HttpURLConnection)
> url.openConnection();
> httpURLConnection.setRequestMethod("HEAD");
> httpURLConnection.connect();
> if (httpURLConnection.getResponseCode() ==
> HttpURLConnection.HTTP_OK) {
> %>
> Forgot
> Pass

Re: [Dev] Avoid Invoking REST endpoints from SSO login page

[Pulasthi Mahawithana]

On Mon, Sep 4, 2017 at 2:44 PM, Hasintha Indrajee  wrote:

> I think we must avoid this if this is just to check whether the endpoint
> exists or not. This is anyway a costly operation. Head will only reduce the
> transport cost. Otherwise when the head request reaches back end, it does
> the relevant operation treating the request as a GET and avoid responding
> with actual payload. In our case this is very costly because within these
> calls, there are user store accesses and multiple other DB accesses.
>

We'll need that check (or some other way) to check whether the identity mgt
webapp exists and deployed since some products don't ship it by default.
And yes, we need to get rid of calling an endpoint which does any heavy
work. So shall we do the HEAD to a page which does not do any heavy work?
May be to "accountrecoveryendpoint/error.jsp"?


>
> On Fri, Aug 18, 2017 at 4:39 PM, Isura Karunaratne  wrote:
>
>>
>> On Fri, Aug 18, 2017 at 4:33 PM Malithi Edirisinghe 
>> wrote:
>>
>>> On Fri, Aug 18, 2017 at 4:02 PM, Isura Karunaratne 
>>> wrote:
>>>
 Hi Malithi,

 On Fri, Aug 18, 2017 at 3:41 PM, Malithi Edirisinghe >>> > wrote:

>
>
> On Fri, Aug 18, 2017 at 12:31 PM, Nuwandi Wickramasinghe <
> nuwan...@wso2.com> wrote:
>
>> Looks like http calls are done to validate the endpoint url. Do we
>> need this validation before showing the link?
>>
>> Shall we remove these calls and directly show the hyper link?
>>
>
> So here the validation is done as we are invoking another webapp. So
> that this check make sure a broken link is never to be shown in this login
> page. Moreover, this is just a HEAD call so I don't think invoking that
> impacts the login page performance, because the actual page is not getting
> rendered here.
> The other thing is these webapps are coming from two features, so IMO,
> we cannot directly couple them together.
>

 Is that working correctly?. I think HEAD operation returns 200 OK for
 any endpoint starting with https://localhost:9443.

>>>
>>> How can that happen ?
>>>
>> Because carbon redirects invalid urls to main page.
>>
>
This is because the http client follows the redirects by default. If we
disable following redirects at the client this check should be possible,
and it will return a 302 if identity mgt web app doesn't exist.

>
>>
>> We call head on the URL right. Anyway, if it's not working we should fix.
>>>

 Thanks
 Isura.


>> On Fri, Aug 18, 2017 at 11:54 AM, Farasath Ahamed > > wrote:
>>
>>>
>>> There is another complication here. We are not honouring the
>>> hostname verification settings set by Kernel when doing the backend 
>>> call.
>>> Ideally, we should be using the common-http client if we are doing
>>> any backend https calls.
>>>
>>>
>>> Farasath Ahamed
>>> Software Engineer, WSO2 Inc.; http://wso2.com
>>> Mobile: +94777603866
>>> Blog: blog.farazath.com
>>> Twitter: @farazath619 
>>> 
>>>
>>>
>>>
>>> On Fri, Aug 18, 2017 at 11:45 AM, Gayan Gunawardana 
>>> wrote:
>>>
 In IS 5.4.0-m2 SSO login page we can see couple of hyper links for
 Forgot Password, Forgot Username, Register Now as below.


 ​
 Actually how it renders is

  <%
 url = new URL(identityMgtEndpointContext +
 "/recoverpassword.do?callback=" + Encode.forHtmlAttribute
 (urlEncodedURL));
 httpURLConnection = (HttpURLConnection)
 url.openConnection();
 httpURLConnection.setRequestMethod("HEAD");
 httpURLConnection.connect();
 if (httpURLConnection.getResponseCode() ==
 HttpURLConnection.HTTP_OK) {
 %>
 Forgot Password
 
 
 <%
 }

 So every time when user goes to SSO login page need to send 3 http
 requests to render 3 hyper links. Also if any of API raises back-end
 exception, bad stack trace will be printed as below.

 WARN {org.apache.cxf.phase.PhaseInterceptorChain} -  Application {
 http://endpoint.recovery.identity.carbon.wso2.org/}ClaimsApi has
 thrown exception, unwinding now
 org.apache.cxf.interceptor.Fault

  Is there a better way to handle this situation ?

 Thanks,
 Gayan

 --
 Gayan Gunawardana
 Senior Software Engineer; WSO2 Inc.; http://wso2.com/
 Email: ga...@wso2.com
 Mobile: +94 (71) 8020933

>>>
>>>
>>
>>
>> --
>>
>> Best Regards,
>>
>> Nuwandi Wickramasinghe
>>
>> Software Engineer
>>
>> WSO2 I