Re: [Dev] Possible Issue with user.core AdminUser role assignment

[Ruwan Yatawara]

Yes Nuwan, in that case there would not be a problem. This happens only at
the point of automatic user creation.

Thanks and Regards,

Ruwan Yatawara

Technical Lead,
WSO2 Inc.

email : ruw...@wso2.com
mobile : +94 77 9110413
http://ruwansrants.blogspot.com/
https://500px.com/ruwan_ace
https://medium.com/@ruwanyatawara


On Tue, Mar 20, 2018 at 9:38 AM, Nuwan Dias  wrote:

> I guess this behavior is specific to attaching admin role to the admin
> user on startup right? If we create a user manually and assign him the
> admin role and then configure his username in the user-mgt.xml file, it
> should be fine right?
>
> On Tue, Mar 20, 2018 at 7:23 AM, Ruwan Yatawara  wrote:
>
>> Hi all,
>>
>> With the bump to kernel 4.4.26, noticed the following behaviour.
>>
>>- When a non-existent admin user is declared in user-mgt.xml, at
>>server boot up even though the user is created, said user is not assigned
>>the default "admin" role, as expected, instead when browsed via the carbon
>>console, user is seen to have internal/everyone role, only.
>>- When the admin role name is also changed along with the new admin
>>user, the new admin role is attached to the user account as expected.
>>- Amidst all this however, when enabled user.core debug logs, admin
>>role is attached to the role as per log :
>>   - DEBUG - JDBCAuthorizationManager abcd1 user is in role :  admin
>>
>> It appears there maybe an issue with getting the role list of a user /
>> user list of role for freshly created users, automatically created when
>> changing the user-mgt.xml.
>>
>> I believe this may have an impact on scope validation in api manager when
>> default admin user name is changed, as the ScopesIssuer class will refer
>> the role list attached to a particular user (in this case, when an admin
>> user requests for tokens), before granting a particular scope.
>>
>> I am investigating further in to this.
>>
>>
>> Thanks and Regards,
>>
>> Ruwan Yatawara
>>
>> Technical Lead,
>> WSO2 Inc.
>>
>> email : ruw...@wso2.com
>> mobile : +94 77 9110413
>> http://ruwansrants.blogspot.com/
>> https://500px.com/ruwan_ace
>> https://medium.com/@ruwanyatawara
>>
>>
>
>
> --
> Nuwan Dias
>
> Software Architect - WSO2, Inc. http://wso2.com
> email : nuw...@wso2.com
> Phone : +94 777 775 729 <077%20777%205729>
>
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] [Architecture] [IAM] eIDAS profile support for SAML

[Indunil Upeksha Rathnayake]

On Thu, Mar 15, 2018 at 6:55 AM, Harsha Thirimanna  wrote:

>
>
> On Mon, 12 Mar 2018, 13:48 Johann Nallathamby,  wrote:
>
>>
>>
>> On Mon, Mar 12, 2018 at 10:58 AM, Indunil Upeksha Rathnayake <
>> indu...@wso2.com> wrote:
>>
>>> Hi,
>>>
>>> In order to support eIDAS profile in IS, as per the 4 eIDAS
>>> specifications in [1], there are a set of requirements to be considered
>>> including message format, cryptographic requirements etc. Those
>>> requirements has been summarized in [2].
>>>
>>> This is regarding the handling and inclusion of attributes into
>>> exchanged messages in eIDAS network. As per the eIDAS SAML attribute
>>> profile specification, requesting user attributes MUST be carried out
>>> dynamically by including them in a . There are a set
>>> of mandatory and optional attributes according to the eIDAS minimum data
>>> sets for natural and legal persons (i.e. Natural person is one who can be
>>> identified, directly or indirectly, in particular by reference to an
>>> identifier such as a name [3]. A legal person is any human being, firm, or
>>> government agency that is recognized as having legal rights and
>>> obligations, such as having the ability to enter into contracts, to sue,
>>> and to be sued [4]).
>>>
>>> The eIDAS attribute profile support has been currently implemented as
>>> follows.
>>>
>>>1. Include eIDAS attribute profile support in travelocity sample for
>>>testing purposes.
>>>2. Process the eIDAS attributes in authentication request and send
>>>to the requested attributes to framework.
>>>3. Introduced a new dialect for "http://eidas.europa.eu/attributes";
>>>and configure it in the SP Claim Configuration as the SP Claim mapping
>>>Dialect. Include support for multiple SP dialects considering the support
>>>for multiple SAML attribute profiles as eIDAS.
>>>
>>> +1 for this. This is something we planned to have in IS 5.3.0, but
>> couldn't complete due to time constraints.
>>
>>>
>>>1.
>>>2. In order to get the user claims which are mapped to the SP
>>>dialect, in the framework side filter out based on the SP dialect to 
>>> local
>>>claim mappings, if SP claim dialect is configured.
>>>
>>> How would you choose which dialect to use in the runtime, if one SP can
>> have multiple dialects? Remember in our implementation claim is not unique.
>> Dialect + claim is unique. So if we don't have the dialect in the
>> authentication request, it might be not straightforward to map claims
>> between dialects.
>>
>
> Yes , this will not possible as Johan said.
>
> Because of internal data structure and the implementation, there can be
> same claim Uri in multiple dialect.
> But theoretically claim Uri is kind of a name space and dialect is just
> grouping of multiple claims. So the namespace should be unique in any
> place. Don't we need to enforce that in our documentation even we support
> it internally to have same claims in multiple dialect. Is that prcticle to
> have such a same claim in different dialect ?
>

This is been implemented as follows. Multiple SP dialects can be configured
from UI, so that "http://eidas.europa.eu/attributes/naturalperson"; and "
http://eidas.europa.eu/attributes/legalperson"; will be considered as two
dialects and all the eIDAS claims will be shipped by default in product. So
we will be configured them as full claim URIs with appended claim dialect.


>
>
>
>>>1. Process the response retrieved from the framework and send the
>>>response to eIDAS network, in appropriate format.
>>>
>>>
>>>
>>> Appreciate your comments and suggestions on above approach and please
>>> find the following concerns.
>>>
>>>- With the requested attributes in the authentication request, as
>>>per the specification, we may send the AttributeConsumingServiceIndex as
>>>well. Currently we have only the basic attribute profile support in SAML.
>>>So when filtering out the requested claims, we need to send both the
>>>requested claims in SP configuration and the claims in the request, if
>>>AttributeConsumingServiceIndex is retrieved. WDYT?
>>>
>>> I would rather prefer to have it like the following.
>> 1. If configured claim set is null and service provider is requesting
>> attributes, send those attributes.
>> 2. If at least one claim has been configured in service provider, send
>> the intersection of configured claims and requested claims.
>>
>> This will give us a way to control requested claims if needed. But also
>> not force the admins to always configure requested claims for each service
>> provider. I don't see any purpose in providing two ways (configuration and
>> request) to send back claims to the service provider, unless it is used to
>> control access.
>>
>>>
>>>-
>>>
>>>
>>>- As per the current implementation for eIDAS support, first we give
>>>priority to the SP configured claims set, if it's not available consider
>>>the requested claims in the request. With the oau

Re: [Dev] Subject : Smooks mediator XML TO CSV conversion. Please guide.

[Prabushi Samarakoon]

Hi Aditya,

It seems the error is coming from the smooks configuration. When I removed
the xml namespace from the smooksConfig as follows, I was able to retrieve
the csv content as a text output. "catalog" tag remains in the output,
since only the "book" tag is transformed according to the template.

*smooksConfig.xml*


http://www.milyn.org/xsd/smooks-1.1.xsd";
xmlns:ftl="http://www.milyn.org/xsd/smooks/freemarker-1.1.xsd";>

SAX
   
true


org.milyn.delivery.DomModelCreator





"
true
author,title,genre
,
CSV
input



*Output*

http://schemas.xmlsoap.org/soap/envelope/";>http://ws.apache.org/commons/ns/payload";>

 Gambardella Matthew,XML Developer's Guide,Computer


 Ralls Kim,Midnight Rain,Fantasy

 Gambardella Matthew,XML Developer's Guide,Computer


 Ralls Kim,Midnight Rain,Fantasy




Thanks,
Prabushi

On Thu, Mar 15, 2018 at 3:09 PM, aditya shivankar <
shivankar.adit...@gmail.com> wrote:

> Subject : Smooks mediator XML TO CSV conversion. Please guide.
>
> Respected Sir,
>
> I am reading a xml file using vfs, converting it into csv, then writing it
> to another file.
> Trying to use smooks mediator for converting xml data to csv.
> Using Smooks mediator as I am trying to process very large files.
>
> Sample Input :
>
> 
> 
>
>   Gambardella Matthew
>   XML Developer's Guide
>   Computer
>   44.95
>   2000-10-01
>   Epic1
>
>
>   Ralls Kim
>   Midnight Rain
>   Fantasy
>   5.95
>   2000-12-16
>   Epic2
>
> 
>   Gambardella Matthew
>   XML Developer's Guide
>   Computer
>   44.95
>   2000-10-01
>   Epic1
>
>
>   Ralls Kim
>   Midnight Rain
>   Fantasy
>   5.95
>   2000-12-16
>   Epic2
>
> 
>
> Expected output :
>
> author,id,title,genre,price,publish_date,description
> Gambardella Matthew,bk101,XML Developer's Guide,Computer,44.95,2000-10-
> 01,Epic1
> Ralls Kim,bk102,Midnight Rain,Fantasy,5.95,2000-12-16,Epic2
> Gambardella Matthew,bk101,XML Developer's Guide,Computer,44.95,2000-10-
> 01,Epic1
> Ralls Kim,bk102,Midnight Rain,Fantasy,5.95,2000-12-16,Epic2
> Number of Records :4, TotalPrice : 101.8
>
>
>
> smooksConfig I am trying :
>
> 
> http://www.milyn.org/xsd/smooks-1.1.xsd";
> xmlns:ftl="http://www.milyn.org/xsd/smooks/freemarker-1.1.xsd";>
> 
> SAX
>
> true
> 
> 
> org.milyn.delivery.DomModelCreator
> 
> 
> 
> 
> 
> "
> true
> author,title,genre
> ,
> CSV
> input
> 
> 
>
> Error I am getting :
>
> [2018-03-15 13:24:49,417] [EI-Core]  INFO - LogMediator property_name =
> "Inside FlatFile * "
> [2018-03-15 13:24:50,225] [EI-Core] ERROR - runtime
>
> Error on line 2, column 75 in free-marker-template
> Expecting a string, date or number here, Expression .vars["book"].author
> is instead a freemarker.ext.dom.NodeListModel
> The problematic instruction:
> --
> ==> ${.vars["book"].author} [on line 2, column 73 in free-marker-template]
> --
>
> Java backtrace for programmers:
> --
> freemarker.core.NonStringException: Error on line 2, column 75 in
> free-marker-template
> Expecting a string, date or number here, Expression .vars["book"].author
> is instead a freemarker.ext.dom.NodeListModel
>
> With Regards,
> Aditya
>
>
> ___
> Dev mailing list
> Dev@wso2.org
> http://wso2.org/cgi-bin/mailman/listinfo/dev
>
>


-- 
*Prabushi Samarakoon*
Software Engineer
Mobile: +94715434580
Email: prabus...@wso2.com
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] Possible Issue with user.core AdminUser role assignment

[Nuwan Dias]

I guess this behavior is specific to attaching admin role to the admin user
on startup right? If we create a user manually and assign him the admin
role and then configure his username in the user-mgt.xml file, it should be
fine right?

On Tue, Mar 20, 2018 at 7:23 AM, Ruwan Yatawara  wrote:

> Hi all,
>
> With the bump to kernel 4.4.26, noticed the following behaviour.
>
>- When a non-existent admin user is declared in user-mgt.xml, at
>server boot up even though the user is created, said user is not assigned
>the default "admin" role, as expected, instead when browsed via the carbon
>console, user is seen to have internal/everyone role, only.
>- When the admin role name is also changed along with the new admin
>user, the new admin role is attached to the user account as expected.
>- Amidst all this however, when enabled user.core debug logs, admin
>role is attached to the role as per log :
>   - DEBUG - JDBCAuthorizationManager abcd1 user is in role :  admin
>
> It appears there maybe an issue with getting the role list of a user /
> user list of role for freshly created users, automatically created when
> changing the user-mgt.xml.
>
> I believe this may have an impact on scope validation in api manager when
> default admin user name is changed, as the ScopesIssuer class will refer
> the role list attached to a particular user (in this case, when an admin
> user requests for tokens), before granting a particular scope.
>
> I am investigating further in to this.
>
>
> Thanks and Regards,
>
> Ruwan Yatawara
>
> Technical Lead,
> WSO2 Inc.
>
> email : ruw...@wso2.com
> mobile : +94 77 9110413
> http://ruwansrants.blogspot.com/
> https://500px.com/ruwan_ace
> https://medium.com/@ruwanyatawara
>
>


-- 
Nuwan Dias

Software Architect - WSO2, Inc. http://wso2.com
email : nuw...@wso2.com
Phone : +94 777 775 729
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

[Dev] Possible Issue with user.core AdminUser role assignment

[Ruwan Yatawara]

Hi all,

With the bump to kernel 4.4.26, noticed the following behaviour.

   - When a non-existent admin user is declared in user-mgt.xml, at server
   boot up even though the user is created, said user is not assigned the
   default "admin" role, as expected, instead when browsed via the carbon
   console, user is seen to have internal/everyone role, only.
   - When the admin role name is also changed along with the new admin
   user, the new admin role is attached to the user account as expected.
   - Amidst all this however, when enabled user.core debug logs, admin role
   is attached to the role as per log :
  - DEBUG - JDBCAuthorizationManager abcd1 user is in role :  admin

It appears there maybe an issue with getting the role list of a user / user
list of role for freshly created users, automatically created when changing
the user-mgt.xml.

I believe this may have an impact on scope validation in api manager when
default admin user name is changed, as the ScopesIssuer class will refer
the role list attached to a particular user (in this case, when an admin
user requests for tokens), before granting a particular scope.

I am investigating further in to this.


Thanks and Regards,

Ruwan Yatawara

Technical Lead,
WSO2 Inc.

email : ruw...@wso2.com
mobile : +94 77 9110413
http://ruwansrants.blogspot.com/
https://500px.com/ruwan_ace
https://medium.com/@ruwanyatawara
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

[Dev] API manager- Read-only LDAPS secondary userstore

[Francis Somers]

Hello,

with API Manager 2.1.0, offset 4 (port 9447), java 1.8.0_101

I added a secondary userstore connected to our LDAP directory 
(configuration file in 
/repository/deployment/server/userstores/oasis.xml)

It works very well with port 389.

   ldap:///ldapserver/.uclouvain.be:389


With port 636 (ldaps), any first connection fails with a timeout after 
30 seconds (Read timed out)


   ldaps:///ldapserver/.uclouvain.be:636

_Then there is no connection problem for a while (1 hour?).

_*ldaps SSL test* :_
_
_java -jar TestSSLServer.jar /ldapserver/.uclouvain.be 636
_

   Supported versions: SSLv3 TLSv1.0 TLSv1.1
   Deflate compression: no
   Supported cipher suites (ORDER IS NOT SIGNIFICANT):
  SSLv3
 RSA_WITH_RC4_128_MD5
 RSA_WITH_RC4_128_SHA
 RSA_WITH_3DES_EDE_CBC_SHA
  TLSv1.0
 RSA_WITH_RC4_128_MD5
 RSA_WITH_RC4_128_SHA
 RSA_WITH_3DES_EDE_CBC_SHA
 RSA_WITH_AES_128_CBC_SHA
 DHE_RSA_WITH_AES_128_CBC_SHA
 RSA_WITH_AES_256_CBC_SHA
 DHE_RSA_WITH_AES_256_CBC_SHA
 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
  (TLSv1.1: idem)
   --
   Server certificate(s):
  ***: CN=oasis.uclouvain.be, OU=SIPR, O=Université catholique de
   Louvain, L=Louvain-la-Neuve, ST=Ottignies-Louvain-la-Neuve, C=BE
   --
   Minimal encryption strength: strong encryption (96-bit or more)
   Achievable encryption strength:  strong encryption (96-bit or more)
   BEAST status: vulnerable
   CRIME status: protected


*log wso2carbon :*

TID: [-1] [] [2018-03-19 16:06:31,672]  INFO 
{org.wso2.andes.kernel.AndesRecoveryTask} -  Running DB sync task. 
{org.wso2.andes.kernel.AndesRecoveryTask}
TID: [-1] [] [2018-03-19 16:21:31,672]  INFO 
{org.wso2.andes.kernel.AndesRecoveryTask} -  Running DB sync task. 
{org.wso2.andes.kernel.AndesRecoveryTask}


I try ti connect with user oasis/somers (defined in the LDAP userstore)

TID: [-1234] [] [2018-03-19 16:27:39,694]  INFO 
{org.wso2.carbon.core.internal.permission.update.PermissionUpdater} -  
Permission cache updated for tenant -1234 
{org.wso2.carbon.core.internal.permission.update.PermissionUpdater}
TID: [-1234] [] [2018-03-19 16:28:09,721]  INFO 
{org.apache.axis2.transport.http.HTTPSender} -  Unable to sendViaPost to 
url[https://esb-test.sipr.ucl.ac.be:9447/services/AuthenticationAdmin] 
{org.apache.axis2.transport.http.HTTPSender}

java.net.SocketTimeoutException: Read timed out
    at java.net.SocketInputStream.socketRead0(Native Method)
    at java.net.SocketInputStream.socketRead(SocketInputStream.java:116)
    at java.net.SocketInputStream.read(SocketInputStream.java:170)
    at java.net.SocketInputStream.read(SocketInputStream.java:141)
    at sun.security.ssl.InputRecord.readFully(InputRecord.java:465)
    at sun.security.ssl.InputRecord.read(InputRecord.java:503)
    at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:973)
    at 
sun.security.ssl.SSLSocketImpl.readDataRecord(SSLSocketImpl.java:930)

    at sun.security.ssl.AppInputStream.read(AppInputStream.java:105)
    at java.io.BufferedInputStream.fill(BufferedInputStream.java:246)
    at java.io.BufferedInputStream.read(BufferedInputStream.java:265)
    at 
org.apache.commons.httpclient.HttpParser.readRawLine(HttpParser.java:78)
    at 
org.apache.commons.httpclient.HttpParser.readLine(HttpParser.java:106)
    at 
org.apache.commons.httpclient.HttpConnection.readLine(HttpConnection.java:1116)
    at 
org.apache.commons.httpclient.MultiThreadedHttpConnectionManager$HttpConnectionAdapter.readLine(MultiThreadedHttpConnectionManager.java:1413)
    at 
org.apache.commons.httpclient.HttpMethodBase.readStatusLine(HttpMethodBase.java:1973)
    at 
org.apache.commons.httpclient.HttpMethodBase.readResponse(HttpMethodBase.java:1735)
    at 
org.apache.commons.httpclient.HttpMethodBase.execute(HttpMethodBase.java:1098)
    at 
org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(HttpMethodDirector.java:398)
    at 
org.apache.commons.httpclient.HttpMethodDirector.executeMethod(HttpMethodDirector.java:171)
    at 
org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397)
    at 
org.apache.axis2.transport.http.AbstractHTTPSender.executeMethod(AbstractHTTPSender.java:659)
    at 
org.apache.axis2.transport.http.HTTPSender.sendViaPost(HTTPSender.java:195)

    at org.apache.axis2.transport.http.HTTPSender.send(HTTPSender.java:77)
    at 
org.apache.axis2.transport.http.CommonsHTTPTransportSender.writeMessageWithCommons(CommonsHTTPTransportSender.java:451)
    at 
org.apache.axis2.transport.http.CommonsHTTPTransportSender.invoke(CommonsHTTPTransportSender.java:278)

    at org.apache.axis2.engine.AxisEngine.send(AxisEngine.java:442)
    at 
org.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisOperation.java:430)
    at 
org.apache.axis2.description.OutInAxisOperationClient.executeImpl(OutInAxisOperation.java

Re: [Dev] Identity Server SCIM Implementation issue with PATCH request

[Tharindu Malawaraarachchi]

Hi Sathya,

Updating the attribute displayName works only when the displayName is
non-existing for the user. Otherwise, it will give a 500 Internal Server
error and remove that field.

Thanks and Regards,
TharinduM

On Sat, Mar 17, 2018 at 4:11 PM, Sathya Bandara  wrote:

> Hi Tharindu,
>
> I tested this scenario on 5.4.1 updated pack and this scenario was working
> properly. Please find the curl commands i executed below.
>
> *PATCH ADD request*
>
> curl -v -k --user admin:admin -X PATCH -d '{"schemas":["urn:ietf:params:
> scim:api:messages:2.0:PatchOp"],"Operations":[{"op":"add","
> value":{"displayName":"display"}}]}' --header "Content-Type:application/json"
> https://localhost:9443/scim2/Users/6a66ad20-3686-476c-a401-84cd47b05699
>
> *Response *
>
> 200 Ok
> {"emails":[{"type":"other","value":"sath...@wso2.com"},{"
> type":"home","value":"sat...@wso2.com"}],"meta":{"created":
> "2018-03-17T15:01:42Z","location":"https://localhost:
> 9443/scim2/Users/6a66ad20-3686-476c-a401-84cd47b05699","
> lastModified":"2018-03-17T15:27:00Z"},"displayName":"
> display","schemas":["urn:ietf:params:scim:schemas:core:2.0:
> User","urn:ietf:params:scim:schemas:extension:enterprise:
> 2.0:User"],"EnterpriseUser":{"manager":{"displayName":"
> display"}},"name":{"familyName":"jackson"},"id":"6a66ad20-3686-476c-a401-
> 84cd47b05699","userName":"kim3"}
>
> However this also updates enterprise schema User displayName attribute as
> both schemas:core:2.0:User and scim:schemas:extension:enterprise:2.0:User
> has a displayName attribute mapped to WSO2 local claim
> http://wso2.org/claims/displayName.
>
>
> I could reproduce the behavior explained by Tharindu when I tried to PATCH
> an existing attribute along with a non-existing attribute (both scenarios
> worked correctly when executed independently)  it failed with 500 Internal
> Server error giving below stack trace.
>
>
> Caused by: org.wso2.carbon.user.core.UserStoreException: One or more
> attributes you are trying to add/update are not supported by underlying
> LDAP for user : kim3
> at org.wso2.carbon.user.core.ldap.ReadWriteLDAPUserStoreManager.
> handleException(ReadWriteLDAPUserStoreManager.java:2126)
> at org.wso2.carbon.user.core.ldap.ReadWriteLDAPUserStoreManager.
> doDeleteUserClaimValue(ReadWriteLDAPUserStoreManager.java:1103)
> at org.wso2.carbon.user.core.common.AbstractUserStoreManager.
> deleteUserClaimValue(AbstractUserStoreManager.java:1497)
> ... 66 more
> Caused by: javax.naming.directory.NoSuchAttributeException: [LDAP: error
> code 16 - NO_SUCH_ATTRIBUTE: failed for Modify Request
> Object : 'uid=kim3,ou=Users,dc=wso2,dc=org'
> Modification[0]
> Operation :  delete
> Modification
> displayName: (null)
> : ERR_55 Trying to remove an non-existant attribute: ATTRIBUTE_TYPE (
> 2.16.840.1.113730.3.1.241
>  NAME 'displayName'
>  DESC RFC2798: preferred name to be used when displaying entries
>  EQUALITY caseIgnoreMatch
>  SUBSTR caseIgnoreSubstringsMatch
>  SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
>  SINGLE-VALUE
>  USAGE userApplications
>
>
> We need to investigate further to find out the exact cause. Created a
> github issue to track this [1]
>
> [1] https://github.com/wso2/product-is/issues/2978
>
> Thanks.
> Sathya
>
>
> On Fri, Mar 16, 2018 at 3:16 PM, Tharindu Malawaraarachchi <
> tharind...@wso2.com> wrote:
>
>> Hi all,
>>
>> I have been using SCIM 2.0 REST API of the wso2 Identity Server for
>> testing my Ballerina SCIM 2.0 connector and I encountered some issues in
>> the Identity Server SCIM implementation.
>>
>>
>>- When I try to update some of the attributes of Identity Server
>>resource User, it gives an internal server error and removes many of the
>>attributes of the specified user. Please refer the below case.
>>
>>
>> This is the existing User in the Identity Server User store.
>>
>>
>>
>> I try to update the displayName of this user by sending a PATCH request
>> to  https://localhost:9443/scim2/Users/1a3e769d-cbd3-475d-
>> abef-ce275ab22c4e
>>  
>> with
>> a json body.
>>
>>
>>
>> Ideally, this should update the relevant field but instead gives an error.
>>
>>
>> Further, it *removes many of the other fields from the specified User*
>> in the user store.
>> Now the specified User would look like below.
>>
>>
>> This same issue happens when for few other attributes like emails,
>> externalId, and userType when try to execute a PATCH request.
>> --
>> *Tharindu Malawaraarachchi*
>> Software Engineer | WSO2
>>
>> tharind...@wso2.com
>> +94 719340143 <+94%2071%20934%200143>
>> https://www.linkedin.com/in/tharindun/
>>
>>
>
>
> --
> Sathya Bandara
> Software Engineer
> WSO2 Inc. http://wso2.com
> Mobile: (+94) 715 360 421 <+94%2071%20411%205032>
>
> <+94%2071%20411%205032>
>



-- 
*Tharindu Malawaraarachchi*
Software Engineer | WSO2

tharind...@wso2.com
+94 719340143
https://www.linkedin.co

Re: [Dev] [Architecture] [VOTE] Release WSO2 Enterprise Integrator 6.2.0 RC2

[Prabushi Samarakoon]

Hi All,

EI 6.2.0-RC2 Tooling Installed Distributions are now available under the
GIT release tag [1]
.

Known issues : https://github.com/wso2/devstudio-tooling-ei/issues and ht
tps://github.com/wso2/product-ei/labels/EI%20Tooling

Thanks,
Prabushi

[1] - https://github.com/wso2/product-ei/releases/tag/v6.2.0-rc2

On Mon, Mar 19, 2018 at 8:03 AM, Himasha Guruge  wrote:

> Hi all,
>
> Thanks for testing WSO2 Enterprise Integrator 6.2.0 -RC2.
>
> Since this vote passed with 13 +1s and 0 -1s, we’re hereby closing this
> vote and proceeding with the Enterprise Integrator GA release.
>
> Thanks,
>
> Himasha
>
> On Sun, Mar 18, 2018 at 7:47 PM, Heshitha Hettihewa 
> wrote:
>
>> Hi All,
>>
>> I've tested the following,
>>
>>- Capp Deployment and deployment/undeployment order validation
>>- ESB Analytics component Data publishing and Dashboard
>>improvements
>>- Devstudio tooling BPMN Editor
>>- Devstudio tooling BPEL editor
>>- Devstudio tooling Humantask Editor
>>- Devstudio tooling Dataservice Editor and data service deployer
>>- Devstudio tooling EI server feature and artifact deployment
>>through dev studio
>>- Basic Devstudio tooling ESB functionalities
>>
>> No blockers found.
>>
>> [+] Stable - go ahead and release
>>
>> Thanks,
>> Heshitha.
>>
>> On Sun, Mar 18, 2018 at 7:24 PM, Sohani Weerasinghe 
>> wrote:
>>
>>> Hi All,
>>>
>>> Tested below in EI Tooling
>>>
>>>- Main p2 installation for kernel, platform and product plugins
>>>- Signing process with new certificate
>>>- Updater tool functionality in 620 and exiting 611 packs
>>>- New dashboard changes
>>>- Mediator project creation, Solutions project creation and MMM
>>>project creation
>>>- Proxy service preserve policy attribute
>>>- Sequence and template creation
>>>- Form editors for Endpoint, scheduleTask, MS and MP
>>>- API creation and version type property
>>>- JMS inbound EP polling suspension attributes
>>>- Tested enableCacheControl, includeAgeHeader and collector
>>>attribute in cache mediator
>>>- Nashron support for script mediator
>>>- Data service secret alias support
>>>- Data source creation
>>>- Apply securiy for data service
>>>- Smooks editor
>>>- WSpolicy creation
>>>- Bpel workflow creation
>>>- Apply security for bpel
>>>- Human task file creation
>>>- BPMN diagram creation
>>>- CAPP creation
>>>- EI server role in CAPP creation
>>>- EI 6.2.0 server option in adding a server
>>>
>>> [+] Stable - go ahead and release
>>>
>>>
>>> Thanks,
>>> Sohani Weerasinghe
>>> Senior Software Engineer
>>> WSO2, Inc: http://wso2.com
>>>
>>> Mobile  : +94 716439774 <+94%2071%20643%209774>
>>> Blog :http://christinetechtips.blogspot.com/
>>> Twitter  : https://twitter.com/sohanichristine
>>>
>>> On Sun, Mar 18, 2018 at 4:34 PM, Waruna Jayaweera 
>>> wrote:
>>>
 Hi All,

 Tested the following.

- Capp deployment sample API and proxy and test the APIs in ESB
profile.
- JMS publish/subscribe with proxy services of the ESB Profile with
Broker profile.
- Enable the ESB analytics and publish statistics.
- Analyse ESB statistics with analytics profile.
- Deploy and test sample BPEL, BPMN, and human-task process.
- BPMN explorer for basic functionalities.
- Humanatsk explorer with task actions.
- Add users, roles, and Tenants.
- View, add and delete registry resources.
- Check the readme files and release notes.


 [+] Stable - go ahead and release

 Regards,
 Waruna

 On Sat, Mar 17, 2018 at 2:50 AM, Himasha Guruge 
 wrote:

> Hi All,
>
> We are pleased to announce the second release candidate of WSO2
> Enterprise Integrator 6.2.0.
>
> *Known issues*: https://github.com/wso2/product-ei/issues
>
> *Source and binary distribution files*:
> *https://github.com/wso2/product-ei/releases/tag/v6.2.0-rc2
> *
>
> *The tag to be voted upon*: 
> *https://github.com/wso2/product-ei/tree/v6.2.0-rc2
> *
>
> Please vote as follows:
> [+] Stable - go ahead and release
> [-] Broken - do not release (explain why)
>
> ~The WSO2 Integration Team~
>
>
> --
> Himasha Guruge
> Senior Software Engineer
> WS*O2* *Inc.*
> Mobile: +94 777459299 <+94%2077%20745%209299>
> himas...@wso2.com
>
> ___
> Architecture mailing list
> architect...@wso2.org
> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
>
>


 --
 Regards,
>>