[Dev] Carbon Security Userstore JDBC 1.0.0 M1 Released !
*Carbon Security Userstore JDBC 1.0.0 M1 Released !* We are pleased to announce the $subject. This includes a JDBC based user store implementation for Carbon Security CAAS with authentication, authorization (read only) and user management (read only) support. *Installing as a Carbon Feature* You may install carbon-security-userstore-jdbc feature to your product with: org.wso2.carbon.security.userstore org.wso2.carbon.security.userstore.jdbc.feature 1.0.0-m1 zip Best Regards Identity Server Team *Jayanga Kaushalya* Software Engineer Mobile: +94777860160 WSO2 Inc. | http://wso2.com lean.enterprise.middleware ___ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev
Re: [Dev] [C5] Retrieving claim values with Claim Manager changes
Hi Himasha, This is fixed with https://github.com/wso2-extensions/carbon-security-user-store-jdbc/pull/28 Thanks! *Jayanga Kaushalya* Software Engineer Mobile: +94777860160 WSO2 Inc. | http://wso2.com lean.enterprise.middleware On Thu, May 26, 2016 at 10:26 AM, Himasha Guruge wrote: > Thanks for the quick response Thanuja. > > On Thu, May 26, 2016 at 10:24 AM, Thanuja Jayasinghe > wrote: > >> Hi Himasha, >> >> This is a known issue and Jayanga will provide a fix soon. >> >> Thanks, >> Thanuja >> >> On Thu, May 26, 2016 at 10:19 AM, Himasha Guruge >> wrote: >> >>> [1] >>> https://github.com/wso2-extensions/carbon-security-user-store-jdbc/blob/75d466dd4110ab55fb5dcb728b33611ec116bf63/feature/resources/database/WSO2CARBON_DB.sql >>> >>> [2] >>> https://github.com/wso2-extensions/carbon-security-user-store-jdbc/blob/master/tests/osgi-tests/src/test/resources/h2_test_data.sql >>> >>> On Thu, May 26, 2016 at 10:19 AM, Himasha Guruge >>> wrote: >>> >>>> Hi , >>>> >>>> With the latest Claim Manager changes in carbon-security, following >>>> test was done to retrieve user claim values for user admin. However, an >>>> empty claim list is returned for the following line. >>>> >>>> user.getClaims(claims); >>>> >>>> While debugging, following stack trace was identified. I have used [1] >>>> and [2] to create the database tables and test data values. Any idea on >>>> what could be the issue? User object contains the claim mappings , however >>>> the values are not retrieved. >>>> >>>> Given *Caused by: org.h2.jdbc.JdbcSQLException: Invalid value "3" for >>>> parameter "parameterIndex" [90008-191]* could it be an issue with the >>>> test data? >>>> >>>> org.wso2.carbon.bpmn[org.wso2.carbon.bpmn.core.integration.BPSUserIdentityManager] >>>> : Error retrieving user info by id for: 41dadd2aea6e11e59ce95e5517507c66 >>>> org.wso2.carbon.security.caas.user.core.exception.IdentityStoreException: >>>> Error occurred while retrieving user claims. >>>> at >>>> org.wso2.carbon.security.userstore.jdbc.connector.JDBCIdentityStoreConnector.getUserAttributeValues(JDBCIdentityStoreConnector.java:250) >>>> at >>>> org.wso2.carbon.security.caas.user.core.store.IdentityStore.getUserAttributeValues(IdentityStore.java:185) >>>> at >>>> org.wso2.carbon.security.caas.user.core.bean.User.getClaims(User.java:146) >>>> at >>>> org.wso2.carbon.bpmn.core.integration.BPSUserIdentityManager.findUserById(BPSUserIdentityManager.java:111) >>>> at >>>> org.wso2.carbon.bpmn.tests.osgi.BPMNClaimUserTaskTest.testInvokeClaimedUserTask(BPMNClaimUserTaskTest.java:144) >>>> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) >>>> at >>>> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) >>>> at >>>> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) >>>> at java.lang.reflect.Method.invoke(Method.java:483) >>>> at >>>> org.ops4j.pax.exam.raw.extender.intern.ProbeInvokerImpl.injectContextAndInvoke(ProbeInvokerImpl.java:125) >>>> at >>>> org.ops4j.pax.exam.raw.extender.intern.ProbeInvokerImpl.findAndInvoke(ProbeInvokerImpl.java:85) >>>> at >>>> org.ops4j.pax.exam.raw.extender.intern.ProbeInvokerImpl.call(ProbeInvokerImpl.java:73) >>>> at >>>> org.ops4j.pax.exam.nat.internal.NativeTestContainer.call(NativeTestContainer.java:112) >>>> at >>>> org.ops4j.pax.exam.spi.reactors.SingletonStagedReactor.invoke(SingletonStagedReactor.java:114) >>>> at >>>> org.ops4j.pax.exam.spi.reactors.PerSuiteStagedReactor.invoke(PerSuiteStagedReactor.java:47) >>>> at >>>> org.ops4j.pax.exam.testng.listener.PaxExam.runByDriver(PaxExam.java:458) >>>> at org.ops4j.pax.exam.testng.listener.PaxExam.run(PaxExam.java:308) >>>> at >>>> org.testng.internal.MethodInvocationHelper.invokeHookable(MethodInvocationHelper.java:212) >>>> at org.testng.internal.Invoker.invokeMethod(Invoker.java:652) >>>> at org.testng.internal.Invoker.invokeTestMethod(Invoker.java:845) >>>> at org.testng.internal.Invoker.invokeTestMethods(Invoker.java:1153) >>>> at >>>> org.testng.internal.TestMethodWorker.invokeTestMethods(
[Dev] [Carbon Caching] Caching won't work for objects from different bundles without dynamic imports
Hi, As per $subject if we want to cache a object from a different bundle other than carbon-caching, it will fail while giving a ClassNotFoundException in the deserialize() [1]. This can be overcome by enabling dynamic imports. [1] https://github.com/wso2/carbon-caching/blob/master/component/src/main/java/org/wso2/carbon/caching/internal/SerializingInternalConverter.java#L141 *Jayanga Kaushalya* Software Engineer Mobile: +94777860160 WSO2 Inc. | http://wso2.com lean.enterprise.middleware ___ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev
Re: [Dev] [Vote] Release WSO2 Carbon Kernel 5.1.0 RC1
Hi all, I have tested the carbon 5.1.0-RC1 with carbon-security-caas and didn't find any issues. [x] Stable - Go ahead and release. Thanks! *Jayanga Kaushalya* Software Engineer Mobile: +94777860160 WSO2 Inc. | http://wso2.com lean.enterprise.middleware On Fri, May 27, 2016 at 12:44 PM, Niranjan Karunanandham wrote: > Hi Devs, > > This is the 1st Release Candidate of WSO2 Carbon Kernel 5.1.0 > > This release fixed the following issues: > https://wso2.org/jira/issues/?filter=13077 > > Please download and test your products with Kernel 5.1.0 RC1 and vote. > > *Source and binary distribution files:* > > https://github.com/wso2/carbon-kernel/releases/download/v5.1.0-rc1/wso2carbon-kernel-5.1.0.zip > > *Maven Staging repository:* > https://maven.wso2.org/nexus/content/repositories/orgwso2carbon-1020/ > > *The tag to be voted upon:* > https://github.com/wso2/carbon-kernel/releases/tag/v5.1.0-rc1 > > [ ] Broken - do not releaes (explain why) > [ ] Stable - go ahead and release > > Thank you, > Carbon Team > > -- > > *Niranjan Karunanandham* > Senior Software Engineer - WSO2 Inc. > WSO2 Inc.: http://www.wso2.com > ___ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev
Re: [Dev] [Carbon Caching] Caching won't work for objects from different bundles without dynamic imports
Hi Azeez, I have tested the option 1 and as we discussed offline, it will be the most suitable option for us as it removes the requirement of serializing the object before caching. Thanks! *Jayanga Kaushalya* Software Engineer Mobile: +94777860160 WSO2 Inc. | http://wso2.com lean.enterprise.middleware On Tue, May 31, 2016 at 11:37 AM, Afkham Azeez wrote: > There are two options to resolve this without adding dynamic imports: > > 1. Use store by reference > 2. Use the following constructor in CacheManager and pass the classloader > public CarbonCacheManager(CarbonCachingProvider cachingProvider, URI uri, > > ClassLoader classLoader, Properties properties) > > > On Thu, May 26, 2016 at 8:28 PM, Jayanga Kaushalya > wrote: > >> Hi, >> >> As per $subject if we want to cache a object from a different bundle >> other than carbon-caching, it will fail while giving a >> ClassNotFoundException in the deserialize() [1]. This can be overcome by >> enabling dynamic imports. >> >> [1] >> https://github.com/wso2/carbon-caching/blob/master/component/src/main/java/org/wso2/carbon/caching/internal/SerializingInternalConverter.java#L141 >> >> *Jayanga Kaushalya* >> Software Engineer >> Mobile: +94777860160 >> WSO2 Inc. | http://wso2.com >> lean.enterprise.middleware >> > > > > -- > *Afkham Azeez* > Director of Architecture; WSO2, Inc.; http://wso2.com > Member; Apache Software Foundation; http://www.apache.org/ > * <http://www.apache.org/>* > *email: **az...@wso2.com* > * cell: +94 77 3320919 <%2B94%2077%203320919>blog: * > *http://blog.afkham.org* <http://blog.afkham.org> > *twitter: **http://twitter.com/afkham_azeez* > <http://twitter.com/afkham_azeez> > *linked-in: **http://lk.linkedin.com/in/afkhamazeez > <http://lk.linkedin.com/in/afkhamazeez>* > > *Lean . Enterprise . Middleware* > ___ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev
[Dev] Checking isDebugEnabled() for formatted debug logs
Hi,
Do we need to check whether the isDebugEnabled() for formatted debug logs
without any string concatenations? For example below code:
if (log.isDebugEnabled) {
log.debug("Test log with var: {} and var: {}", var1, var2);
}
If we have to check it is, what is the best way to check it? Assign it to a
final variable in the class header or check it every time where their is a
debug log like above code?
Thanks!
*Jayanga Kaushalya*
Software Engineer
Mobile: +94777860160
WSO2 Inc. | http://wso2.com
lean.enterprise.middleware
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev
[Dev] WSO2 Carbon Security CAAS 1.0.0-M2 Released
*WSO2 Carbon Security CAAS 1.0.0-M2 Released* The Identity Server team is pleased to announce the release of Carbon Security CAAS 1.0.0-M2. It is now available to download from here <https://github.com/wso2/carbon-security/releases/tag/v1.0.0-m2>. *Features* *https://wso2.org/jira/issues/?filter=13096 <https://wso2.org/jira/issues/?filter=13096>* *Installing as a Carbon Feature* You may install carbon-security-caas feature to your product with: org.wso2.carbon.security.caas org.wso2.carbon.security.caas.feature 1.0.0-m2 zip *How to Contribute* - WSO2 Carbon Security CAAS code is hosted in github. - The Git repository is *https://github.com/wso2/carbon-security <https://github.com/wso2/carbon-security>* - Carbon Security CAAS 1.0.0-m2 release tag is *https://github.com/wso2/carbon-security/releases/tag/v1.0.0-m <https://github.com/wso2/carbon-security/releases/tag/v1.0.0-m2>2* - Please report issues at Carbon Security Jira, *https://wso2.org/jira/browse/CSECURITY <https://wso2.org/jira/browse/CSECURITY>* *Contact Us * WSO2 Carbon developers can be contacted via following mailing lists: - WSO2 Developers List: dev@wso2.org - WSO2 Architecture List: architect...@wso2.org Thank you for your interest in WSO2 Carbon Security CAAS. Thanks! Identity Server Team *Jayanga Kaushalya* Software Engineer Mobile: +94777860160 WSO2 Inc. | http://wso2.com lean.enterprise.middleware ___ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev
[Dev] Carbon Security Userstore JDBC 1.0.0 M2 Released
*Carbon Security Userstore JDBC 1.0.0 M2 Released* We are pleased to announce the release of Carbon Security Userstore JDBC 1.0.0 M2. This includes a JDBC based user store implementation for Carbon Security CAAS with authentication, authorization and user management (read only) support. *Included features/bug fixes* https://wso2.org/jira/issues/?filter=13097 *Installing as a Carbon Feature* You may install carbon-security-userstore-jdbc feature to your product with: org.wso2.carbon.security.userstore org.wso2.carbon.security.userstore.jdbc.feature 1.0.0-m2 zip Best Regards Identity Server Team *Jayanga Kaushalya* Software Engineer Mobile: +94777860160 WSO2 Inc. | http://wso2.com lean.enterprise.middleware ___ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev
[Dev] [ESB] How to configure transports using the management console
Hi All, How to configure transports in ESB 4.8.1 using management console? The option menu is available in the 4.7.0 but can't find same in the 4.8.1. Thanks! -- *Jayanga Kaushalya* *Software Engineer* Mobile: +94777860160 WSO2 Inc. | http://wso2.com lean.enterprise.middleware ___ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev
[Dev] [ESB] Issue after adding basic scenario integrity security to an application.
Hi all, I have an unsecured web service which is secured by the ESB basic scenario integrity type security. But when I am receiving responses from the ESB, "org.apache.axis2.AxisFault: An invalid security token was provided (Bad TokenType "")" exception is occurring on the client side. I have captured the response from the ESB and below is the header. I am using ESB 4.8.1, Axis2 1.6.3 (Client and service) and jdk 1.7.0_79 for ESB. Thanks! http://www.w3.org/2003/05/soap-envelope "> http://www.w3.org/2005/08/addressing";> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"; soapenv:mustUnderstand="true"> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"; wsu:Id="Timestamp-4"> 2015-08-14T04:00:06.049Z 2015-08-14T04:05:06.049Z http://docs.oasis-open.org/wss/oasis-wss-wssecurity-secext-1.1.xsd"; xmlns:wsu=" http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"; Value="LTmJ0jPu/DcTGZmN0MIy+twqZB4=" wsu:Id="SigConf-5"> http://www.w3.org/2000/09/xmldsig#"; Id="Signature-6"> http://www.w3.org/2001/10/xml-exc-c14n#";> http://www.w3.org/2000/09/xmldsig#hmac-sha1";> http://www.w3.org/2001/10/xml-exc-c14n#";> http://www.w3.org/2000/09/xmldsig#sha1";> rqPRR6/8V79kdX3BrcnLyhvXNiE= http://www.w3.org/2001/10/xml-exc-c14n#";> http://www.w3.org/2000/09/xmldsig#sha1";> RUWwpwUOGdMxZ5jamH/+IdJPQKA= http://www.w3.org/2001/10/xml-exc-c14n#";> http://www.w3.org/2000/09/xmldsig#sha1";> D7n0pN2q+Nnuh5wXHLb59yqnCsY= WMrqkmbOCbpolhServlK7V2F2XU= http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"; wsu:Id="STRId-295CFB957FE117D42714395248060514"> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary"; ValueType=" http://docs.oasis-open.org/wss/oasis-wss-soap-message-security-1.1#EncryptedKeySHA1 ">inOQyK8FRll86txuLv/BtEivw+g= urn:uuid:ea79f47e-11d7-4a44-857d-f10ec14b9e66 urn:getOrderListResponse urn:uuid:8a4e2e4b-2680-4be3-ae5e-812aa8129246 -- *Jayanga Kaushalya* Software Engineer Mobile: +94777860160 WSO2 Inc. | http://wso2.com lean.enterprise.middleware ___ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev
Re: [Dev] [ESB] Issue after adding basic scenario integrity security to an application.
Below is my client policy. Is there a way I can resolve this issue? Thanks! http://schemas.xmlsoap.org/ws/2004/09/policy"; xmlns:wsu=" http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd " wsu:Id="EncrOnlyAnonymous"> http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";> http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Never";> http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";> http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";> http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";> http://ws.apache.org/rampart/policy";> service client com.wso2.training.orderprocessingclient.PWCBHandler JKS /home/WSO2/Order Processing Client/cert/client/client.jks 12345678 On Fri, Aug 14, 2015 at 10:11 AM, Jayanga Kaushalya wrote: > Hi all, > > I have an unsecured web service which is secured by the ESB basic scenario > integrity type security. But when I am receiving responses from the ESB, > "org.apache.axis2.AxisFault: An invalid security token was provided (Bad > TokenType "")" exception is occurring on the client side. I have captured > the response from the ESB and below is the header. > > I am using ESB 4.8.1, Axis2 1.6.3 (Client and service) and jdk 1.7.0_79 > for ESB. > > Thanks! > > >http://www.w3.org/2003/05/soap-envelope";> > http://www.w3.org/2005/08/addressing";> > http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"; > soapenv:mustUnderstand="true"> > http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"; > wsu:Id="Timestamp-4"> >2015-08-14T04:00:06.049Z >2015-08-14T04:05:06.049Z > > http://docs.oasis-open.org/wss/oasis-wss-wssecurity-secext-1.1.xsd"; > xmlns:wsu=" > http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"; > Value="LTmJ0jPu/DcTGZmN0MIy+twqZB4=" > wsu:Id="SigConf-5"> > http://www.w3.org/2000/09/xmldsig#"; > Id="Signature-6"> > > http://www.w3.org/2001/10/xml-exc-c14n#";> > http://www.w3.org/2000/09/xmldsig#hmac-sha1";> > > > http://www.w3.org/2001/10/xml-exc-c14n#";> > > http://www.w3.org/2000/09/xmldsig#sha1";> > > rqPRR6/8V79kdX3BrcnLyhvXNiE= > > > > http://www.w3.org/2001/10/xml-exc-c14n#";> > > http://www.w3.org/2000/09/xmldsig#sha1";> > > RUWwpwUOGdMxZ5jamH/+IdJPQKA= > > > > http://www.w3.org/2001/10/xml-exc-c14n#";> > > http://www.w3.org/2000/09/xmldsig#sha1";> > > D7n0pN2q+Nnuh5wXHLb59yqnCsY= > > > > WMrqkmbOCbpolhServlK7V2F2XU= > > http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"; > wsu:Id="STRId-295CFB957FE117D42714395248060514"> > http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary"; > ValueType=" > http://docs.oasis-open.org/wss/oasis-wss-soap-message-security-1.1#EncryptedKeySHA1 > ">inOQyK8FRll86txuLv/BtEivw+g= > > > > > > urn:uuid:ea79f47e-11d7-4a44-857d-f10ec14b9e66 > urn:getOrderListResponse > > urn:uuid:8a4e2e4b-2680-4be3-ae5e-812aa8129246 > > > -- > *Jayanga Kaushalya* > Software Engineer > Mobile: +94777860160 > WSO2 Inc. | http://wso2.com > lean.enterprise.middleware > -- *Jayanga Kaushalya* Software Engineer Mobile: +94777860160 WSO2 Inc. | http://wso2.com lean.enterprise.middleware ___ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev
Re: [Dev] travelocity doesn't work on WSO2 App server
Hi John In the doc page [1] for travelocity sample, there is separate section for deploying this in AS called "Click here to view vital information when running this sample in WSO2 Application Server". This section is collapsed by default and that's why may be you have missed it. Basically you have to do is, remove "log4j-over-slf4j-1.6.1.jar" file from "travelocity.com.war/WEB-INF/lib" directory and deploy in AS. [1] https://docs.wso2.com/display/IS500/Configuring+Single+Sign-On+with+SAML+2.0 <https://docs.wso2.com/display/IS500/Configuring+Single+Sign-On+with+SAML+2.0> Thanks! *Jayanga Kaushalya* Software Engineer Mobile: +94777860160 WSO2 Inc. | http://wso2.com lean.enterprise.middleware On Tue, Sep 8, 2015 at 3:53 PM, John Hawkins wrote: > Hi Folks, > > How come we don't support travelocity sample in our own WSO2 Appserver? > > It fails to deploy (with classloader issues). I don't see anyone who says > that they have deployed it in our appserver (and docs tell you to use raw > tomcat) - but it should right? > > > cheers, > John. > > > John Hawkins > Director: Solutions Architecture > > > ___ > Dev mailing list > Dev@wso2.org > http://wso2.org/cgi-bin/mailman/listinfo/dev > > ___ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev
Re: [Dev] [IS] - Getting Claims in Response for Google Aauthenticator Without Requesting Claims from Service Provider Side
Hi Nadeesha, There are some additional query parameters "scope=openid email profile" when registering Google authenticator. Did you keep these extra query parameters(Coming by default) when you are registering the authenticator ? Thanks! *Jayanga Kaushalya* Software Engineer Mobile: +94777860160 WSO2 Inc. | http://wso2.com lean.enterprise.middleware On Fri, Nov 13, 2015 at 12:30 PM, Nadeesha Meegoda wrote: > Hi all, > > I have setup the federated setup for IDP as Google and SP as SAML and I > have enabled the "Include Attributes in the Response Always" in SAML > configuration. I haven't added any custom claim mapping on Google IDP side > and I am not requesting any claims from SP side either. However I am > getting number of claims in response as follows : > > > http://wso2.org/claims/username"; > > NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic" > > > > http://wso2.org/claims/lastname"; > > NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic" > > > > http://wso2.org/claims/emailaddress"; > > NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic" > > > > http://wso2.org/claims/url"; > > NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic" > > > > http://wso2.org/claims/fullname"; > > NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic" > > > > http://wso2.org/claims/challengeQuestion1"; > > NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic" > > > > What is the actual reason for this? Is this the expected behavior? Please > refer the attachments for the configuration of SP side claims, IDP side > claims. Basically haven't configured them. > > Thanks > -- > *Nadeesha Meegoda* > Software Engineer - QA > WSO2 Inc.; http://wso2.com > lean.enterprise.middleware > email : nadees...@wso2.com > mobile: +94783639540 > <%2B94%2077%202273555> > > ___ > Dev mailing list > Dev@wso2.org > http://wso2.org/cgi-bin/mailman/listinfo/dev > > ___ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev
Re: [Dev] [IS] - Getting Claims in Response for Google Aauthenticator Without Requesting Claims from Service Provider Side
Hi Nadeesha, This is the expected behavior of the Google authenticator. These claims are coming with the ID Token as metadata. Thanks! *Jayanga Kaushalya* Software Engineer Mobile: +94777860160 WSO2 Inc. | http://wso2.com lean.enterprise.middleware On Fri, Nov 13, 2015 at 1:10 PM, Nadeesha Meegoda wrote: > Hi Jayanga, > > Yes. I didn't change the default query params. Left them as they were. > Please refer the attachment. > > On Fri, Nov 13, 2015 at 1:03 PM, Jayanga Kaushalya > wrote: > >> Hi Nadeesha, >> >> There are some additional query parameters "scope=openid email profile" >> when registering Google authenticator. >> Did you keep these extra query parameters(Coming by default) when you are >> registering the authenticator ? >> >> Thanks! >> >> *Jayanga Kaushalya* >> Software Engineer >> Mobile: +94777860160 >> WSO2 Inc. | http://wso2.com >> lean.enterprise.middleware >> >> On Fri, Nov 13, 2015 at 12:30 PM, Nadeesha Meegoda >> wrote: >> >>> Hi all, >>> >>> I have setup the federated setup for IDP as Google and SP as SAML and I >>> have enabled the "Include Attributes in the Response Always" in SAML >>> configuration. I haven't added any custom claim mapping on Google IDP side >>> and I am not requesting any claims from SP side either. However I am >>> getting number of claims in response as follows : >>> >>> >>> http://wso2.org/claims/username"; >>> >>> NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic" >>> > >>> >>> http://wso2.org/claims/lastname"; >>> >>> NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic" >>> > >>> >>> http://wso2.org/claims/emailaddress"; >>> >>> NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic" >>> > >>> >>> http://wso2.org/claims/url"; >>> >>> NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic" >>> > >>> >>> http://wso2.org/claims/fullname"; >>> >>> NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic" >>> > >>> >>> http://wso2.org/claims/challengeQuestion1"; >>> >>> NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic" >>> > >>> >>> What is the actual reason for this? Is this the expected behavior? >>> Please refer the attachments for the configuration of SP side claims, IDP >>> side claims. Basically haven't configured them. >>> >>> Thanks >>> -- >>> *Nadeesha Meegoda* >>> Software Engineer - QA >>> WSO2 Inc.; http://wso2.com >>> lean.enterprise.middleware >>> email : nadees...@wso2.com >>> mobile: +94783639540 >>> <%2B94%2077%202273555> >>> >>> ___ >>> Dev mailing list >>> Dev@wso2.org >>> http://wso2.org/cgi-bin/mailman/listinfo/dev >>> >>> >> > > > -- > *Nadeesha Meegoda* > Software Engineer - QA > WSO2 Inc.; http://wso2.com > lean.enterprise.middleware > email : nadees...@wso2.com > mobile: +94783639540 > <%2B94%2077%202273555> > ___ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev
Re: [Dev] ${carbon.management.port} evaluates to NIO port in APIM
Hi Lakmali,
This port is used in the Kernal and we have to check why it is returning
the NIO port. We are using the same code as in Kernal to get the value for
this. Will check with the Kernal team and inform further.
Thanks!
*Jayanga Kaushalya*
Software Engineer
Mobile: +94777860160
WSO2 Inc. | http://wso2.com
lean.enterprise.middleware
On Thu, Dec 3, 2015 at 10:55 AM, Lakmali Baminiwatta
wrote:
> Hi IS Team,
>
> The variable "${carbon.management.port}" used in identity.xml is getting
> evaluated to NIO port in APIM. We can see that IdentitUtil class[1]
> resolves this variable.
> I think instead of using your own variable here, we can use
> "mgt.transport.https.port" system variable which is already available. So
> you can just use System.getProperty("mgt.transport.https.port") and
> System.getProperty("mgt.transport.http.port") [2] , which will return the
> servlet HTTPS and HTTP ports.
>
> [1]
> https://github.com/wso2/carbon-identity/blame/master/components/identity-core/org.wso2.carbon.identity.core/src/main/java/org/wso2/carbon/identity/core/util/IdentityUtil.java
> [2]
> https://github.com/wso2/carbon-kernel/blob/4.4.x/core/org.wso2.carbon.tomcat.ext/src/main/java/org/wso2/carbon/tomcat/ext/transport/ServletTransportManager.java#L34
>
> Thanks,
> Lakmali
>
> --
> Lakmali Baminiwatta
> Senior Software Engineer
> WSO2, Inc.: http://wso2.com
> lean.enterprise.middleware
> mobile: +94 71 2335936
> blog : lakmali.com
>
>
> ___
> Dev mailing list
> Dev@wso2.org
> http://wso2.org/cgi-bin/mailman/listinfo/dev
>
>
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev
Re: [Dev] ${carbon.management.port} evaluates to NIO port in APIM
Hi All,
We have discussed with the Kernel team and they have also suggested not use
${carbon.management.port}. We'll change to support ${mgt.transport.https.port}
and ${mgt.transport.http.port} placeholders instead of ${
carbon.management.port}.
Thanks!
*Jayanga Kaushalya*
Software Engineer
Mobile: +94777860160
WSO2 Inc. | http://wso2.com
lean.enterprise.middleware
On Thu, Dec 3, 2015 at 12:10 PM, Nuwan Dias wrote:
> Since there is a parameter available in the kernel, can't we use the same
> thing rather than using a new one?
>
> BTW, this will be an issue for ESB and all other products having custom
> transports defined in the axis2.xml file when they try to use identity
> related features.
>
> Thanks,
> NuwanD.
>
> On Thu, Dec 3, 2015 at 11:23 AM, Jayanga Kaushalya
> wrote:
>
>> Hi Lakmali,
>>
>> This port is used in the Kernal and we have to check why it is returning
>> the NIO port. We are using the same code as in Kernal to get the value for
>> this. Will check with the Kernal team and inform further.
>>
>> Thanks!
>>
>> *Jayanga Kaushalya*
>> Software Engineer
>> Mobile: +94777860160
>> WSO2 Inc. | http://wso2.com
>> lean.enterprise.middleware
>>
>> On Thu, Dec 3, 2015 at 10:55 AM, Lakmali Baminiwatta
>> wrote:
>>
>>> Hi IS Team,
>>>
>>> The variable "${carbon.management.port}" used in identity.xml is getting
>>> evaluated to NIO port in APIM. We can see that IdentitUtil class[1]
>>> resolves this variable.
>>> I think instead of using your own variable here, we can use
>>> "mgt.transport.https.port" system variable which is already available. So
>>> you can just use System.getProperty("mgt.transport.https.port") and
>>> System.getProperty("mgt.transport.http.port") [2] , which will return the
>>> servlet HTTPS and HTTP ports.
>>>
>>> [1]
>>> https://github.com/wso2/carbon-identity/blame/master/components/identity-core/org.wso2.carbon.identity.core/src/main/java/org/wso2/carbon/identity/core/util/IdentityUtil.java
>>> [2]
>>> https://github.com/wso2/carbon-kernel/blob/4.4.x/core/org.wso2.carbon.tomcat.ext/src/main/java/org/wso2/carbon/tomcat/ext/transport/ServletTransportManager.java#L34
>>>
>>> Thanks,
>>> Lakmali
>>>
>>> --
>>> Lakmali Baminiwatta
>>> Senior Software Engineer
>>> WSO2, Inc.: http://wso2.com
>>> lean.enterprise.middleware
>>> mobile: +94 71 2335936
>>> blog : lakmali.com
>>>
>>>
>>> ___
>>> Dev mailing list
>>> Dev@wso2.org
>>> http://wso2.org/cgi-bin/mailman/listinfo/dev
>>>
>>>
>>
>> ___
>> Dev mailing list
>> Dev@wso2.org
>> http://wso2.org/cgi-bin/mailman/listinfo/dev
>>
>>
>
>
> --
> Nuwan Dias
>
> Technical Lead - WSO2, Inc. http://wso2.com
> email : nuw...@wso2.com
> Phone : +94 777 775 729
>
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev
Re: [Dev] [VOTE] Release WSO2 Identity Server 5.1.0 RC2
Hi Devs, I have tested following, 1. Federation with Yahoo (SAML/OIDC/OpenID) (Super Tenant/Tenant). 2. Federation with Live (SAML/OIDC/OpenID) (Super Tenant/Tenant). No issues found. [x] - Stable - Go ahead and release. Thanks! *Jayanga Kaushalya* Software Engineer Mobile: +94777860160 WSO2 Inc. | http://wso2.com lean.enterprise.middleware On Tue, Dec 22, 2015 at 3:32 PM, Damith Senanayake wrote: > Hi Devs, > I have tested the following : > > 1. user addition/deletion/update operations with super tenant + Primary > user store > 2 . user operations with super tenant + secondary userstore(JDBC+LDAP/AD) > . > 3. User operations with tenant + secondary + primary user stores. > > No issues found. > > My vote : [x] - Stable - Go ahead and release > > On Tue, Dec 22, 2015 at 11:44 AM, Isura Karunaratne > wrote: > >> Hi Devs, >> >> I tested following functionality in both super tenant and tenant mode >> >> >> ** Identity Management* >> >> >>1. Set security questions for tenant >>2. Set security questions for user >>3. Account Recovery - using notificaiton >>4. Account Recovery -using security questions >>5. Ask Password >>6. Account locking from wrong credentials >>7. Self User Registraiton >>8. User Identity Management Admin Service - lockUserAccount >>9. User Identity Management Admin Service - unlockUserAccount >>10. User Identity Management Admin Service - resetUserPassword >>11. User Identity Management Admin Service - changeUserPassword >>12. Password Patterns >> >> >> >> So here is my vote. >> [x] -Stable - go ahead and release >> >> Thanks >> Isura >> >> On Tue, Dec 22, 2015 at 5:24 AM, Prabath Siriwardana >> wrote: >> >>> Smoke tested local account mapping feature with.. >>> >>> 1. Multiple tenants >>> 2. Multiple user stores (LDAP and MySQL) >>> 3. Add/Delete user operations >>> 4. Activate/Deactivate tenant operations >>> 5. Activate/Deactivate user store operations >>> >>> All working fine except one minor issue ( >>> https://wso2.org/jira/browse/IDENTITY-4245 - reported as L3). >>> >>> Will test further on other features and update the status.. >>> >>> Thanks & regards, >>> -Prabath >>> >>> On Mon, Dec 21, 2015 at 4:59 AM, Hasintha Indrajee >>> wrote: >>> >>>> Hi Devs, >>>> >>>> This is the second release candidate of WSO2 Identity Server 5.1.0. >>>> >>>> This release fixes the following issues: >>>> https://wso2.org/jira/issues/?filter=12586 >>>> >>>> Please download, test and vote. >>>> >>>> Source & binary distribution files: >>>> https://github.com/wso2/product-is/releases/tag/v5.1.0-rc2 >>>> >>>> Maven staging repo: >>>> http://maven.wso2.org/nexus/content/repositories/orgwso2is-218/ >>>> >>>> The tag to be voted upon: >>>> https://github.com/wso2/product-is/tree/v5.1.0-rc2 >>>> >>>> >>>> [ ] Stable - go ahead and release >>>> [ ] Broken - do not release (explain why) >>>> >>>> Thanks and Regards, >>>> WSO2 Identity Server Team. >>>> >>>> -- >>>> Hasintha Indrajee >>>> Software Engineer >>>> WSO2, Inc. >>>> Mobile:+94 771892453 >>>> >>>> >>>> ___ >>>> Dev mailing list >>>> Dev@wso2.org >>>> http://wso2.org/cgi-bin/mailman/listinfo/dev >>>> >>>> >>> >>> >>> -- >>> Thanks & Regards, >>> Prabath >>> >>> Twitter : @prabath >>> LinkedIn : http://www.linkedin.com/in/prabathsiriwardena >>> >>> Mobile : +1 650 625 7950 >>> >>> http://blog.facilelogin.com >>> http://blog.api-security.org >>> >>> ___ >>> Dev mailing list >>> Dev@wso2.org >>> http://wso2.org/cgi-bin/mailman/listinfo/dev >>> >>> >> >> >> -- >> Isura Dilhara Karunaratne >> Senior Software Engineer >> >> Mob +94 772 254 810 >> >> >> ___ >> Dev mailing list >> Dev@wso2.org >> http://wso2.org/cgi-bin/mailman/listinfo/dev >> >> > > > -- > > > *-Damith Senanayake-*+94712205272 > > ___ > Dev mailing list > Dev@wso2.org > http://wso2.org/cgi-bin/mailman/listinfo/dev > > ___ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev
Re: [Dev] [Need Small Support] Safarifoneict
Hi Zakaria, It seems you have an answer in the Stackoverflow for this issue and if you have any followup questions, please feel free to ask on Stackoverflow or in this mail thread. Thanks! *Jayanga Kaushalya* Software Engineer Mobile: +94777860160 WSO2 Inc. | http://wso2.com lean.enterprise.middleware On Tue, Jan 12, 2016 at 2:59 PM, wrote: > > > HI wso2 Developers. > > > > I am Software Engineer in Safarfoneict <http://www.safarifone.com/>, and > their sent me to build their Central Authentication and Authorization > System using Open source Projects. > > > > I founded the Wso2 Is and then Wso2 Am, they was fascinating Products and > agree to give it my time to see how it works. > > I told the VP of this company to buy Wso2 support credit, and he agree in > one condition to show him in real working example how it will benefit us. > > I decided to implement It to our current working application. > > Every thing was going good until this issue stopped me see this > Stackoverflow link [ http://stackoverflow.com/questions/34738716 ] > > I attached the important configuration page and some configuration files. > The First five config file is for API Manager and other five is Identity > Server config files > > So I thing you gonna help me this issue to solve and get your credit > Support. > > > > Best Regards > > Zakaria.Ali > > > > > > ___ > Dev mailing list > Dev@wso2.org > http://wso2.org/cgi-bin/mailman/listinfo/dev > > ___ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev
Re: [Dev] Is it best practice to return null or an empty object from a method in DAO layer?
Hi,
In my opinion, returning an empty object is far better. It will reduce
unnecessary null checks and will stop the code from going on different
paths. And code quality wise also I think returning empty is cleaner.
For example:
*List list = getList();*
*for (Item item : list) {// Do logic.*
*// This will not execute if the list is empty.*
*}*
Is much cleaner than
*List list = getList();*
*if (list == null) {*
*// Handle the logic.*
*// Now this is a different code path.*
*}*
Thanks!
*Jayanga Kaushalya*
Software Engineer
Mobile: +94777860160
WSO2 Inc. | http://wso2.com
lean.enterprise.middleware
On Tue, Jul 12, 2016 at 10:05 AM, Sabra Ossen wrote:
> Hi Chamila,
>
> I checked from findbugs and it didn't return an error. Is returning an
> empty object a practice followed in WSO2?
>
> On Tue, Jul 12, 2016 at 9:25 AM, Chamila Wijayarathna <
> cdwijayarat...@gmail.com> wrote:
>
>> Hi Sabra,
>>
>> AFAIK when we return a null from a method, find bugs show it as an error
>> (please check this) and to fix this we use empty objects. So I think the
>> returning null is not something we should do.
>>
>> Thank You!
>>
>
>
>
> --
> *Sabra Ossen*
> *Software Engineer*
> Email: sa...@wso2.com
> Mobile: +94 767 837356
>
> ___
> Dev mailing list
> Dev@wso2.org
> http://wso2.org/cgi-bin/mailman/listinfo/dev
>
>
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev
Re: [Dev] [C5] [CAAS] On Authentication: Invoking loginContext.login() returns LoginException of CNF for UsernamePasswordLoginModule
Hi Rasika,
Is there any active connectors available for user stores? There should be
at least a single connector present for each store to activate the carbon
security successfully.
Thanks!
*Jayanga Kaushalya*
Software Engineer
Mobile: +94777860160
WSO2 Inc. | http://wso2.com
lean.enterprise.middleware
On Tue, Jul 26, 2016 at 11:04 PM, Rasika Perera wrote:
> Hi Thanuja,
>
> This issue got resolved by updating version into 1.0.0-m2. Now I am
> getting BundleContext is null exception.
>
> java.lang.IllegalStateException: BundleContext is null.
>> at
>> org.wso2.carbon.security.caas.internal.CarbonSecurityDataHolder.getBundleContext(CarbonSecurityDataHolder.java:125)
>> at
>> org.wso2.carbon.security.caas.api.util.CarbonSecurityUtils.getCallbackHandlers(CarbonSecurityUtils.java:39)
>> at
>> org.wso2.carbon.security.caas.api.ProxyCallbackHandler.handle(ProxyCallbackHandler.java:65)
>> at
>> javax.security.auth.login.LoginContext$SecureCallbackHandler$1.run(LoginContext.java:939)
>> at
>> javax.security.auth.login.LoginContext$SecureCallbackHandler$1.run(LoginContext.java:936)
>> at java.security.AccessController.doPrivileged(Native Method)
>> at
>> javax.security.auth.login.LoginContext$SecureCallbackHandler.handle(LoginContext.java:936)
>> at
>> org.wso2.carbon.security.caas.api.module.UsernamePasswordLoginModule.login(UsernamePasswordLoginModule.java:103)
>> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at
>> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
>> at
>> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
>> at java.lang.reflect.Method.invoke(Method.java:497)
>> at javax.security.auth.login.LoginContext.invoke(LoginContext.java:755)
>> at
>> javax.security.auth.login.LoginContext.access$000(LoginContext.java:195)
>> at javax.security.auth.login.LoginContext$4.run(LoginContext.java:682)
>> at javax.security.auth.login.LoginContext$4.run(LoginContext.java:680)
>> at java.security.AccessController.doPrivileged(Native Method)
>> at
>> javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680)
>> at javax.security.auth.login.LoginContext.login(LoginContext.java:587)
>> at
>> org.wso2.carbon.uuf.sample.simpleauth.bundle.SimpleAuthHandler.authenticateByCaas(SimpleAuthHandler.java:60)
>
>
> When debugging found that CarbonSecurityComponent's @Activate method[1]
> is not invoked by OSGi. Then checked bundles on osgi console, both
> fragment and bundle is Active.
>
>79|Active|4|org.wso2.carbon.security.caas (1.0.0.m2)
>>80|Resolved |1|org.wso2.carbon.security.caas.boot (1.0.0.m2)
>
>
> Any thoughts on resolving this issue?
>
> [1]
> https://github.com/wso2/carbon-security/blob/release-1.0.0-m2/components/org.wso2.carbon.security.caas/src/main/java/org/wso2/carbon/security/caas/internal/CarbonSecurityComponent.java#L80
>
> On Tue, Jul 26, 2016 at 6:18 PM, Thanuja Jayasinghe
> wrote:
>
>> Hi Rasika,
>>
>> This issue happens when 'carbon-security-caas' module does not activate
>> properly. Can you debug the code [1], and check whether activate method is
>> getting called.
>>
>> [1] -
>> https://github.com/wso2/carbon-security/blob/master/components/org.wso2.carbon.security.caas/src/main/java/org/wso2/carbon/security/caas/internal/CarbonSecurityComponent.java#L80
>>
>> Thanks,
>>
>> On Mon, Jul 25, 2016 at 7:09 PM, Rasika Perera wrote:
>>
>>> Hi All,
>>>
>>> I am trying to invoke basic authentication with CAAS. I have installed
>>> "org.wso2.carbon.security.caas.feature" and imported following packages;
>>>
>>> org.wso2.carbon.security.caas.api.*,
>>> org.wso2.carbon.kernel.context,
>>> org.wso2.carbon.messaging
>>>
>>> Further I have added config location into the startup script;
>>>
>>> -Djava.security.auth.login.config="$CARBON_HOME/conf/security/carbon-jaas.config"\
>>>
>>> My code snippet is as below (based on JAAS sample[1]);
>>>
>>> PrivilegedCarbonContext.destroyCurrentContext();
>>> CarbonMessage carbonMessage = new DefaultCarbonMessage();
>>> carbonMessage.setHeader("Authorization", "Basic " + Base64.getEncoder()
>>> .encodeToString("admin:admin".getBytes())
>>> );
>>>
>>> ProxyCallbackHandler callbackHandler = new
>>> ProxyCallbackHandler(carbonMessage);
>>> LoginContext loginContext = new LoginContext("CarbonSec
Re: [Dev] [C5] [CAAS] On Authentication: Invoking loginContext.login() returns LoginException of CNF for UsernamePasswordLoginModule
[Adding Sameera, Darshana]
On Wed, Jul 27, 2016 at 3:58 PM, Rasika Perera wrote:
> [Adding Niranjan, Sumedha, Manu]
>
> Hi Jayanga,
>
> When the user-store connector[1] feature is added carbon-security
> component is activated. It is true that Carbon-Security component will not
> up until it satisfy all connectors dependencies. But IMO we need to provide
> intuitive error message when at least one connector is not provided
> (definitely bundlecontext is null is not the correct error message).
> Implementation should demand it, rather than docs. And if you need all
> connectors to up before your Carbon-Security-Component; try
> Startup-Order-Resolver which is used in MSF4J (There's a blog[2] on this by
> Sameera).
>
There can be multiple connectors available for the CAAS at the run time but
it should only wait for the connectors that are specified in the
store-config.yml. Currently there is no feature in the startup resolver to
specifically wait until the dynamically given component is up. This feature
will be added into the startup resolver in future. Until that, we will add
startup resolver to wait until all of the required components to be active
and it will give a proper warning if there are missing components.
>
> When turning on default configuration on "jdbc-connector.yml". Now I am
> getting this error;
>
> [2016-07-27 15:47:01,178] ERROR
> {org.wso2.carbon.security.caas.internal.CarbonSecurityComponent} - Cannot
> create property=dataSource for
> JavaBean=org.wso2.carbon.security.caas.internal.config.StoreConnectorConfigEntry@12a09b44
> in 'reader', line 16, column 1:
> name: "jdbc-store-connector"
> ^
> Unable to find property 'dataSource' on class:
> org.wso2.carbon.security.caas.internal.config.StoreConnectorConfigEntry
> in 'reader', line 17, column 13:
> dataSource: "jdbc/WSO2CARBON_DB"
> ^
> Cannot create property=dataSource for
> JavaBean=org.wso2.carbon.security.caas.internal.config.StoreConnectorConfigEntry@12a09b44
> in 'reader', line 16, column 1:
> name: "jdbc-store-connector"
> ^
> Unable to find property 'dataSource' on class:
> org.wso2.carbon.security.caas.internal.config.StoreConnectorConfigEntry
> in 'reader', line 17, column 13:
> dataSource: "jdbc/WSO2CARBON_DB"
>
> Seems like configuration elements are not matched with the mapped object.
> What should be the correct configuration and any docs?i
>
What carbon-security-user-store-jdbc version are you using ? Please use the
configurations that are used in the latest version.
>
> When debugging this issue I also came across that carbon-security is
> owning configuration files space of "*-connector.yml" in [3]. Why do we
> need to introduce a new config file for each connector? Can't we use
> "connectors.yml" which will contains all connector configurations?
>
There are two ways to specify connectors related to the carbon security.
One method is to specify all of the connector details in the main
store-config.yml [1] and the other way is to specify them in a separate
configuration file for each connector. Reason for using a single
configuration file for each connector is that there can be multiple
connectors from the same type and there are future requirements where there
can be configurations that are specific to each connector. this will make
using a single file little bit messy. Connectors are extensions for the
CAAS and having the configuration file with the extension will make it is
to pack with.
>
> Thanks,
> Rasika
>
> [1] https://github.com/wso2-extensions/carbon-security-user-store-jdbc
> [2]
> https://medium.com/@sameera.jayasoma/resolving-startup-order-of-carbon-components-in-wso2-carbon-5-0-0-497fe3287e67#.uvmrvsl28
> [3]
> https://github.com/wso2/carbon-security/blob/master/components/org.wso2.carbon.security.caas/src/main/java/org/wso2/carbon/security/caas/internal/config/StoreConfigBuilder.java#L286
>
> [1]
https://github.com/wso2/carbon-security/blob/v1.0.0-m2/feature/resources/conf/store-config.yml
Thanks!
>
> On Wed, Jul 27, 2016 at 12:48 PM, Jayanga Kaushalya
> wrote:
>
>> Hi Rasika,
>>
>> Is there any active connectors available for user stores? There should be
>> at least a single connector present for each store to activate the carbon
>> security successfully.
>>
>> Thanks!
>>
>> *Jayanga Kaushalya*
>> Software Engineer
>> Mobile: +94777860160
>> WSO2 Inc. | http://wso2.com
>> lean.enterprise.middleware
>>
>> On Tue, Jul 26, 2016 at 11:04 PM, Rasika Perera wrote:
>>
>>> Hi Thanuja,
>>>
>&g
Re: [Dev] [C5] [CAAS] On Authentication: Invoking loginContext.login() returns LoginException of CNF for UsernamePasswordLoginModule
*Jayanga Kaushalya*
Software Engineer
Mobile: +94777860160
WSO2 Inc. | http://wso2.com
lean.enterprise.middleware
On Wed, Jul 27, 2016 at 10:10 PM, Rasika Perera wrote:
> Hi Jayanga and All,
>
>>
>> Thanks for the clarification. Would that mean foo-connector.yml will define
>> the connector type configuration and store-config.yml will
> be referred foo-connector for different store-connector instances ? Or are we
> repeating same configuration on both files?
>
> Yes, you need to refer connectors that you need to use, in the
store-config.yml (As a comma separated list). You can define connector
specific configurations in the specific foo-connector.yml or in the
store-config.yml. No need to repeat in both locations.
> I am using following versions
> carbon.security.caas.version: 1.0.0-m2
> and c
> arbon.security.userstore.jdbc.version: 1.0.0-m2
> .
> And jdbc-connector.yml contains this
> (just uncommented defaults)
> ;
>
> name: "jdbc-store-connector"
> dataSource: "jdbc/WSO2CARBON_DB"
>
>
If both CAAS and the userstore.jdbc are in the m2 version, then no need to
un-comment those configurations. m2 version is defaulted to use the JDBC
connector so the relevant configurations will be available in the
store-config.yml. Please comment those configurations and use. If you need
to use connector specific configurations, then please use the latest format
[1] that is available.
> Thanks,
> Rasika
>
> [1]
https://github.com/wso2-extensions/carbon-security-user-store-jdbc/blob/master/feature/resources/conf/jdbc-authorization-connector.yml
Thanks!
>
> On Wed, Jul 27, 2016 at 6:11 PM, Jayanga Kaushalya
> wrote:
>
>> [Adding Sameera, Darshana]
>>
>> On Wed, Jul 27, 2016 at 3:58 PM, Rasika Perera wrote:
>>
>>> [Adding Niranjan, Sumedha, Manu]
>>>
>>> Hi Jayanga,
>>>
>>> When the user-store connector[1] feature is added carbon-security
>>> component is activated. It is true that Carbon-Security component will not
>>> up until it satisfy all connectors dependencies. But IMO we need to provide
>>> intuitive error message when at least one connector is not provided
>>> (definitely bundlecontext is null is not the correct error message).
>>> Implementation should demand it, rather than docs. And if you need all
>>> connectors to up before your Carbon-Security-Component; try
>>> Startup-Order-Resolver which is used in MSF4J (There's a blog[2] on this by
>>> Sameera).
>>>
>>
>> There can be multiple connectors available for the CAAS at the run time
>> but it should only wait for the connectors that are specified in the
>> store-config.yml. Currently there is no feature in the startup resolver to
>> specifically wait until the dynamically given component is up. This feature
>> will be added into the startup resolver in future. Until that, we will add
>> startup resolver to wait until all of the required components to be active
>> and it will give a proper warning if there are missing components.
>>
>>>
>>> When turning on default configuration on "jdbc-connector.yml". Now I am
>>> getting this error;
>>>
>>> [2016-07-27 15:47:01,178] ERROR
>>> {org.wso2.carbon.security.caas.internal.CarbonSecurityComponent} - Cannot
>>> create property=dataSource for
>>> JavaBean=org.wso2.carbon.security.caas.internal.config.StoreConnectorConfigEntry@12a09b44
>>> in 'reader', line 16, column 1:
>>> name: "jdbc-store-connector"
>>> ^
>>> Unable to find property 'dataSource' on class:
>>> org.wso2.carbon.security.caas.internal.config.StoreConnectorConfigEntry
>>> in 'reader', line 17, column 13:
>>> dataSource: "jdbc/WSO2CARBON_DB"
>>> ^
>>> Cannot create property=dataSource for
>>> JavaBean=org.wso2.carbon.security.caas.internal.config.StoreConnectorConfigEntry@12a09b44
>>> in 'reader', line 16, column 1:
>>> name: "jdbc-store-connector"
>>> ^
>>> Unable to find property 'dataSource' on class:
>>> org.wso2.carbon.security.caas.internal.config.StoreConnectorConfigEntry
>>> in 'reader', line 17, column 13:
>>> dataSource: "jdbc/WSO2CARBON_DB"
>>>
>>> Seems like configuration elements are not matched with the mapped
>>> object. What should be the correct configuration and any docs?i
>>>
>>
>> What carbon-security-user-store-jdbc version are you using ? Please use
>> the
Re: [Dev] [C5][CAAS] How to get authorizationStoreID when creating a role?
Hi Sajini, At the current implementation, when adding a new role, which authorization store to use should be decided by the external component. But as it is a burden for the external component to find the authorization store, we will provide a API which is independent from the authorization store. Thanks! *Jayanga Kaushalya* Software Engineer Mobile: +94777860160 WSO2 Inc. | http://wso2.com lean.enterprise.middleware On Tue, Aug 9, 2016 at 2:17 PM, Sajini De Silva wrote: > Hi IS team, > > While I was implementing authorization model for MB I have a requirement > to add a Role a assign some permissions to it. Is there any API in CAAS to > get this authorization store ID? > > Thanks, > Sajini > > -- > Sajini De SIlva > Senior Software Engineer; WSO2 Inc.; http://wso2.com , > Email: saj...@wso2.com > Blog: http://sajinid.blogspot.com/ > Git hub profile: https://github.com/sajinidesilva > > Phone: +94 712797729 > > ___ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev
Re: [Dev] Clarification on C5 permission model
On Wed, Aug 10, 2016 at 5:56 PM, Prabushi Samarakoon wrote: > > Hi All, > > 1. Is there an API method to get all the resources permitted to a > particular user or a role? > Yes. You can use the method getPermissions(Action action) [1] in User to retrieve all the permissions assigned to that particular user filtered by the action. Permission is a resource + action. So permissions filtered by the action is a list of permitted resources. > > 2. With this permission model, are we going to introduce the email based > authentication for the products, or remain with the username model? > > 3. In our current management console, we have one view to create the user, > and another view to create the user profile according to the given > http://wso2.org/claims. Is there a particular reason to have the user > profile in a separate view? Do we need to have two views for user creation > and profile in C5 model also? > > Any clarification on above matters is appreciated. > > Thanks and Regards, > Prabushi > > -- > *Prabushi Samarakoon* > Software Engineer > Mobile: +94715434580 > Email: prabus...@wso2.com > [1] https://github.com/wso2/carbon-security/blob/master/components/org.wso2.carbon.security.caas/src/main/java/org/wso2/carbon/security/caas/user/core/bean/User.java#L188 Thanks! ___ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev
Re: [Dev] Clarification on C5 permission model
Hi Prabushi, Actually there will be no permissions that directly assigned to the user. All permissions are assigned through roles. By calling the above method in user will indirectly get all permissions through roles which are assigned to that particular user. If you need to get permissions for specific role, then you can use the same method in role. Thanks! *Jayanga Kaushalya* Software Engineer Mobile: +94777860160 WSO2 Inc. | http://wso2.com lean.enterprise.middleware On Wed, Aug 10, 2016 at 10:31 PM, Prabushi Samarakoon wrote: > Hi, > > Thank you for the clarifications Darshana and Jayanga. > > On Wed, Aug 10, 2016 at 8:08 PM, Jayanga Kaushalya > wrote: > >> On Wed, Aug 10, 2016 at 5:56 PM, Prabushi Samarakoon >> wrote: >> >>> >>> Hi All, >>> >>> 1. Is there an API method to get all the resources permitted to a >>> particular user or a role? >>> >> >> Yes. You can use the method getPermissions(Action action) [1] in User to >> retrieve all the permissions assigned to that particular user filtered by >> the action. Permission is a resource + action. So permissions filtered by >> the action is a list of permitted resources. >> > > Ah great, now I understood that part. Can we use the same way for a role > also? But in that case we might get duplicates of the resources right? > >> >>> 2. With this permission model, are we going to introduce the email based >>> authentication for the products, or remain with the username model? >>> >>> 3. In our current management console, we have one view to create the >>> user, and another view to create the user profile according to the given >>> http://wso2.org/claims. Is there a particular reason to have the user >>> profile in a separate view? Do we need to have two views for user creation >>> and profile in C5 model also? >>> >>> Any clarification on above matters is appreciated. >>> >>> Thanks and Regards, >>> Prabushi >>> >>> -- >>> *Prabushi Samarakoon* >>> Software Engineer >>> Mobile: +94715434580 >>> Email: prabus...@wso2.com >>> >> >> [1] https://github.com/wso2/carbon-security/blob/master/comp >> onents/org.wso2.carbon.security.caas/src/main/java/org/wso2/ >> carbon/security/caas/user/core/bean/User.java#L188 >> >> Thanks! >> > > > Thanks and Regards. > -- > *Prabushi Samarakoon* > Software Engineer > Mobile: +94715434580 > Email: prabus...@wso2.com > ___ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev
Re: [Dev] Clarification on C5 permission model
[Adding Thanuja]
*Jayanga Kaushalya*
Software Engineer
Mobile: +94777860160
WSO2 Inc. | http://wso2.com
lean.enterprise.middleware
On Fri, Aug 12, 2016 at 10:26 AM, Vinod Kavinda wrote:
> Hi Jayanga,
> I'm trying to authorize the current user with a particular action. I have
> used the following code snippet, Is this correct?
>
> public static boolean isUserAuthorized(String resource, String action) {
> CarbonPermission carbonPermission = new CarbonPermission(resource,
> action);
> return ((CarbonPrincipal) PrivilegedCarbonContext.getCurrentContext().
> getUserPrincipal())
> .isAuthorized(carbonPermission);
> }
>
> Further, how do we define a set of Resources and Actions for them? Any
> documentation on this?
>
> Regards,
> Vinod
>
> On Wed, Aug 10, 2016 at 10:46 PM, Jayanga Kaushalya
> wrote:
>
>> Hi Prabushi,
>>
>> Actually there will be no permissions that directly assigned to the user.
>> All permissions are assigned through roles. By calling the above method in
>> user will indirectly get all permissions through roles which are assigned
>> to that particular user. If you need to get permissions for specific role,
>> then you can use the same method in role.
>>
>> Thanks!
>>
>> *Jayanga Kaushalya*
>> Software Engineer
>> Mobile: +94777860160
>> WSO2 Inc. | http://wso2.com
>> lean.enterprise.middleware
>>
>> On Wed, Aug 10, 2016 at 10:31 PM, Prabushi Samarakoon > > wrote:
>>
>>> Hi,
>>>
>>> Thank you for the clarifications Darshana and Jayanga.
>>>
>>> On Wed, Aug 10, 2016 at 8:08 PM, Jayanga Kaushalya
>>> wrote:
>>>
>>>> On Wed, Aug 10, 2016 at 5:56 PM, Prabushi Samarakoon <
>>>> prabus...@wso2.com> wrote:
>>>>
>>>>>
>>>>> Hi All,
>>>>>
>>>>> 1. Is there an API method to get all the resources permitted to a
>>>>> particular user or a role?
>>>>>
>>>>
>>>> Yes. You can use the method getPermissions(Action action) [1] in User
>>>> to retrieve all the permissions assigned to that particular user filtered
>>>> by the action. Permission is a resource + action. So permissions filtered
>>>> by the action is a list of permitted resources.
>>>>
>>>
>>> Ah great, now I understood that part. Can we use the same way for a
>>> role also? But in that case we might get duplicates of the resources right?
>>>
>>>>
>>>>> 2. With this permission model, are we going to introduce the email
>>>>> based authentication for the products, or remain with the username model?
>>>>>
>>>>> 3. In our current management console, we have one view to create the
>>>>> user, and another view to create the user profile according to the given
>>>>> http://wso2.org/claims. Is there a particular reason to have the user
>>>>> profile in a separate view? Do we need to have two views for user creation
>>>>> and profile in C5 model also?
>>>>>
>>>>> Any clarification on above matters is appreciated.
>>>>>
>>>>> Thanks and Regards,
>>>>> Prabushi
>>>>>
>>>>> --
>>>>> *Prabushi Samarakoon*
>>>>> Software Engineer
>>>>> Mobile: +94715434580
>>>>> Email: prabus...@wso2.com
>>>>>
>>>>
>>>> [1] https://github.com/wso2/carbon-security/blob/master/comp
>>>> onents/org.wso2.carbon.security.caas/src/main/java/org/wso2/
>>>> carbon/security/caas/user/core/bean/User.java#L188
>>>>
>>>> Thanks!
>>>>
>>>
>>>
>>> Thanks and Regards.
>>> --
>>> *Prabushi Samarakoon*
>>> Software Engineer
>>> Mobile: +94715434580
>>> Email: prabus...@wso2.com
>>>
>>
>>
>> ___
>> Dev mailing list
>> Dev@wso2.org
>> http://wso2.org/cgi-bin/mailman/listinfo/dev
>>
>>
>
>
> --
> Vinod Kavinda
> Software Engineer
> *WSO2 Inc. - lean . enterprise . middleware <http://www.wso2.com>.*
> Mobile : +94 (0) 712 415544
> Blog : http://soatechflicks.blogspot.com/
> [image: http://wso2.com/signature]
> <http://wso2.com/signature>
>
>
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev
Re: [Dev] Possible bottleneck in the updatePermissionTree() method of user.core.authorization.PermissionTree class
Hi Chalitha,
Thanks for checking up on this. It's great if you can send a PR for
carbon-kernel 4.4.x branch on this.
Thanks!
*Jayanga Kaushalya*
Software Engineer
Mobile: +94777860160
WSO2 Inc. | http://wso2.com
lean.enterprise.middleware
On Fri, Jun 24, 2016 at 2:00 PM, Chalitha Kulathunga
wrote:
> + IS team members
>
> On Fri, Jun 24, 2016 at 1:37 PM, Chalitha Kulathunga
> wrote:
>
>> Hi kernal team,
>>
>> When multiple threads access updatePermissionTree() method for the first
>> time, they all will end up in the else block. Those threads will call the
>> updatePermissionTreeFromDB() method one by one. Seems like this is creating
>> a bottleneck in the execution flow.
>>
>> void updatePermissionTree() throws UserStoreException {
>> PermissionTreeCacheKey cacheKey = new
>> PermissionTreeCacheKey(cacheIdentifier, tenantId);
>> GhostResource cacheEntry = (GhostResource)
>> permissionCache.get(cacheKey);
>> if (permissionCache.containsKey(cacheKey)) {
>> if (cacheEntry.getResource() == null) {
>> synchronized (this) {
>> cacheEntry = (GhostResource)
>> permissionCache.get(cacheKey);
>> if (cacheEntry.getResource() == null) {
>> updatePermissionTreeFromDB();
>> cacheEntry.setResource(root);
>> if (log.isDebugEnabled()) {
>> log.debug("Set resource to true");
>> }
>> }
>> }
>> }
>> } else {
>> synchronized (this) {
>> updatePermissionTreeFromDB();
>> cacheKey = new PermissionTreeCacheKey(cacheIdentifier, tenantId);
>> cacheEntry = new GhostResource(root);
>> permissionCache.put(cacheKey, cacheEntry);
>> if (log.isDebugEnabled()) {
>> log.debug("Loaded from database");
>> }
>> }
>> }
>> }
>>
>>
>> Can this be modified as follows to avoid the above mentioned issue?
>>
>> void updatePermissionTree() throws UserStoreException {
>> PermissionTreeCacheKey cacheKey = new
>> PermissionTreeCacheKey(cacheIdentifier, tenantId);
>> GhostResource cacheEntry = (GhostResource)
>> permissionCache.get(cacheKey);
>> if (cacheEntry != null && cacheEntry.getResource() != null) {
>> return;
>> }
>> synchronized (this) {
>> if (cacheEntry != null && cacheEntry.getResource() != null) {
>> return;
>> }
>> if (cacheEntry == null) {
>> cacheEntry = new GhostResource(null);
>> permissionCache.put(cacheKey, cacheEntry);
>> }
>> if (cacheEntry.getResource() == null) {
>> updatePermissionTreeFromDB();
>> cacheEntry.setResource(root);
>> if (log.isDebugEnabled()) {
>> log.debug("Resource Loaded from database for cachekey: " +
>> cacheEntry);
>> }
>> }
>> }
>> }
>>
>>
>> Thanks,
>> Chalitha
>>
>>
>> --
>> *Chalitha Sanyuja Kulathunga*
>> *Software Engineer*
>> WSO2 Inc.; http://wso2.com
>> email: chalit...@wso2.com cell: +94 77 5927581 <%2B94%2077%207779495>
>>
>
>
>
> --
> *Chalitha Sanyuja Kulathunga*
> *Software Engineer*
> WSO2 Inc.; http://wso2.com
> email: chalit...@wso2.com cell: +94 77 5927581 <%2B94%2077%207779495>
>
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev
Re: [Dev] WSO2 5.3.0 carbon repo
Hi Hanen, We don't have a IS 5.3.0 Alpha 3 yet. Its in Alpha 2 [1]. By saying compatible carbon repository, do you mean carbon-kernel repository? It is carbon-kernel v4.4.10 [2]. [1] https://github.com/wso2/product-is/tree/v5.3.0-alpha2 [2] https://github.com/wso2/carbon-kernel/tree/v4.4.10 Thanks! *Jayanga Kaushalya* Software Engineer Mobile: +94777860160 WSO2 Inc. | http://wso2.com lean.enterprise.middleware On Mon, Nov 28, 2016 at 7:51 PM, Hanen Ben Rhouma wrote: > Hello, > > What's the carbon repository compatible with WSO2 IS 5.3.0 Alpha3 ? > > > Regards, > Hanen > > ___ > Dev mailing list > Dev@wso2.org > http://wso2.org/cgi-bin/mailman/listinfo/dev > > ___ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev
Re: [Dev] [VOTE] Release WSO2 Identity Server 5.3.0- RC3
Tested the OAuth 2 Form Post response mode with an OWIN client in Windows 2012. No issues found. [+] Stable - Go ahead and release. Thanks! *Jayanga Kaushalya* Software Engineer Mobile: +94777860160 WSO2 Inc. | http://wso2.com lean.enterprise.middleware ___ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev
[Dev] WSO2 Identity Server 6.0.0-M1 Released !!
The WSO2 Identity Server team is pleased to announce the release of Identity Server 6.0.0-M1. It is now available to download. *Distribution* - https://github.com/wso2/product-is/releases/tag/v6.0.0-m1 *Documentation* - https://docs.wso2.com/display/IS600/WSO2+Identity+Server Following list contains all the features, improvements and bug fixes available with this milestone. *Bug* - [IDENTITY-5614 <https://wso2.org/jira/browse/IDENTITY-5614>] - Change identity-commons version to 1.0.0-SNAPSHOT - [IDENTITY-5615 <https://wso2.org/jira/browse/IDENTITY-5615>] - Make profile image scale according to the image container size - [IDENTITY-5617 <https://wso2.org/jira/browse/IDENTITY-5617>] - Add clickable links to breadcrumb navigation - [IDENTITY-5620 <https://wso2.org/jira/browse/IDENTITY-5620>] - Uploaded profile picture is not centered properly in User profile - [IDENTITY-5628 <https://wso2.org/jira/browse/IDENTITY-5628>] - "User Name" should be one word in the Sign up page - [IDENTITY-5632 <https://wso2.org/jira/browse/IDENTITY-5632>] - Special characters are allowed in the first & last name fields - [IDENTITY-5633 <https://wso2.org/jira/browse/IDENTITY-5633>] - Add Account setting update password validations - [IDENTITY-5639 <https://wso2.org/jira/browse/IDENTITY-5639>] - Query parameters not been removed from URL when tab switch Task - [IDENTITY-5588 <https://wso2.org/jira/browse/IDENTITY-5588>] - Bring automation coverage to 65% for identity-governance repo - [IDENTITY-5589 <https://wso2.org/jira/browse/IDENTITY-5589>] - Remove HTTP Transport - [IDENTITY-5590 <https://wso2.org/jira/browse/IDENTITY-5590>] - Merge Jacoco coverages together - [IDENTITY-5594 <https://wso2.org/jira/browse/IDENTITY-5594>] - Comment the org.wso2.carbon.identity.keystore module - [IDENTITY-5598 <https://wso2.org/jira/browse/IDENTITY-5598>] - Update UUF version - [IDENTITY-5601 <https://wso2.org/jira/browse/IDENTITY-5601>] - Fix LICENSE, README, - [IDENTITY-5605 <https://wso2.org/jira/browse/IDENTITY-5605>] - IS 6 M1 has some unsatisfied components - [IDENTITY-5606 <https://wso2.org/jira/browse/IDENTITY-5606>] - Remove Remember Me option from UI since it is not supported yet. - [IDENTITY-5610 <https://wso2.org/jira/browse/IDENTITY-5610>] - Cleanup carbon-security repo - [IDENTITY-5623 <https://wso2.org/jira/browse/IDENTITY-5623>] - Cleanup Product IS pom.xml. (Group dependencies, etc) - [IDENTITY-5624 <https://wso2.org/jira/browse/IDENTITY-5624>] - Integrate tests to Identity Commons repo - [IDENTITY-5625 <https://wso2.org/jira/browse/IDENTITY-5625>] - Merge product IS 6.0.x branch to master - [IDENTITY-5626 <https://wso2.org/jira/browse/IDENTITY-5626>] - Hide account settings association section for 6.0.0-M1 - [IDENTITY-5627 <https://wso2.org/jira/browse/IDENTITY-5627>] - Add licence header to user portal files Improvement - [IDENTITY-5585 <https://wso2.org/jira/browse/IDENTITY-5585>] - Provide support to add UI-specific profiles to profile-config.yaml. - [IDENTITY-5586 <https://wso2.org/jira/browse/IDENTITY-5586>] - Show the Picture in the View Profile page in User Portal - [IDENTITY-5587 <https://wso2.org/jira/browse/IDENTITY-5587>] - Add self-signup profile into profile-mapping.yaml - [IDENTITY-5621 <https://wso2.org/jira/browse/IDENTITY-5621>] - Add placeholder text to input fields - [IDENTITY-5622 <https://wso2.org/jira/browse/IDENTITY-5622>] - Add Username validation in user portal - [IDENTITY-5634 <https://wso2.org/jira/browse/IDENTITY-5634>] - Adding editable field indications to input fields *Test Coverage Statistics* 1. https://github.com/wso2/product-is/tree/v6.0.0-m1 - 61% 2. https://github.com/wso2/carbon-identity-mgt/tree/v0.1.1 - 50% 3. https://github.com/wso2-extensions/carbon-security-user-store-jdbc/tree/v0.1.1 - 69% *How To Contribute* Your feedback are most welcome! Mailing Lists Join our mailing list and correspond with the developers directly. - Developer List : dev@wso2.org | Subscribe | Mail Archive <http://wso2.org/mailarchive/dev/> - User Forum : StackOverflow <http://stackoverflow.com/questions/tagged/wso2is> Reporting Issues We encourage you to report issues, improvements and feature requests regarding WSO2 Identity Server through public WSO2 Identity Server JIRA <https://wso2.org/jira/browse/IDENTITY>. ~ The WSO2 Identity Server Team ~ *Jayanga Kaushalya* Software Engineer Mobile: +94777860160 <+94%2077%20786%200160> WSO2 Inc. | http://wso2.com lean.enterprise.middleware ___ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev
Re: [Dev] Fwd: Security questions are encoded
Hi Manuranga, This is not because of a security reason. The security question set id may contains html special characters. So the set id is sent to the UI after encoding to Base64. Thanks! *Jayanga Kaushalya* Software Engineer Mobile: +94777860160 <+94%2077%20786%200160> WSO2 Inc. | http://wso2.com lean.enterprise.middleware On Tue, Jan 31, 2017 at 10:42 PM, Manuranga Perera wrote: > > -- Forwarded message -- > From: Manuranga Perera > Date: Tue, Jan 31, 2017 at 5:11 PM > Subject: Security questions are encoded > To: Johann Nallathamby , Jayanga Kaushalya < > jayan...@wso2.com>, Isura Karunaratne > > > Security questions are base64 encoded [1]. If they are encrypted (eg: RSA) > or hashed (eg SHA) I can understand that it's for security reasons. All > this does is obfuscation, poorly even at that, since base64 can be easily > decoded. > > Or is it done for non-security reasons, like escaping special characters? > > [1] https://github.com/wso2/product-is/blob/6.0.x-C5_m3/portal/o > sgi-services/org.wso2.is.portal.user.client.api/src/main/ > java/org/wso2/is/portal/user/client/api/ChallengeQuestionMa > nagerClientServiceImpl.java#L113 > > -- > With regards, > *Manu*ranga Perera. > > phone : 071 7 70 20 50 > mail : m...@wso2.com > > > > -- > With regards, > *Manu*ranga Perera. > > phone : 071 7 70 20 50 > mail : m...@wso2.com > > ___ > Dev mailing list > Dev@wso2.org > http://wso2.org/cgi-bin/mailman/listinfo/dev > > ___ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev
Re: [Dev] Unit Test for AS400 PCML Connector
Hi Janani,
@RunWith is a JUnit annotation. AFAIK we are using TestNG right? So no need
to use that.
Thanks!
*Jayanga Kaushalya*
Software Engineer
Mobile: +94777860160
WSO2 Inc. | http://wso2.com
lean.enterprise.middleware
On Tue, Oct 17, 2017 at 1:07 AM, Janani Thangavel wrote:
> Hi Mushthaq,
>
> I tried with @Runwith(PowerMockRunner.class) but I faced the same issue.
> When I changed the dependency order It worked.
>
> Regards,
>
> Janani Thangavel
> Associate Software Engineer
> WSO2 Inc : http://wso2.org
> <http://www.google.com/url?q=http%3A%2F%2Fwso2.org&sa=D&sntz=1&usg=AFQjCNE_eTDfyl2ibPcq0hcXvRDNVuQmMg>
> Mobile : +94771856427 <+94%2077%20185%206427>
>
> On Tue, Oct 17, 2017 at 10:48 AM, Mushthaq Rumy wrote:
>
>> Hi Janani,
>>
>> Were you able to solve this? Have you tried adding
>> @Runwith(PowerMockRunner.class) at the top of your test case class
>> (AS400CallProgramUnitTest).
>>
>> It should something like this.
>>
>> @Runwith(PowerMockRunner.class)
>> @PrepareForTest(AS400CallProgram.class)
>> public class AS400CallProgramUnitTest {
>> }
>>
>> Thanks & Regards,
>> Mushthaq
>>
>>
>> On Wed, Oct 11, 2017 at 6:34 PM, Janani Thangavel
>> wrote:
>>
>>> Hi,
>>>
>>> Actually the error [1] is happened when create the object for
>>> ProgramCallDocument
>>> [2], even though I mocked [3] . Based on the offline discussion with
>>> Hemika, It's seems like the mocking is not working. Can any one please
>>> advise me on this?
>>>
>>> [1]org.apache.synapse.SynapseException: Unable to connect to AS400
>>> server: A parse error occurred.
>>>
>>> at org.apache.synapse.mediators.AbstractMediator.handleExceptio
>>> n(AbstractMediator.java:325)
>>> at org.wso2.carbon.connector.pcml.AS400CallProgram.connect(AS40
>>> 0CallProgram.java:158)
>>> at org.wso2.carbon.connector.pcml.test.unit.AS400CallProgramUni
>>> tTest.testAS400CallProgram(AS400CallProgramUnitTest.java:86)
>>> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
>>> at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAcce
>>> ssorImpl.java:62)
>>> at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMe
>>> thodAccessorImpl.java:43)
>>> at java.lang.reflect.Method.invoke(Method.java:498)
>>> at org.testng.internal.MethodInvocationHelper.invokeMethod(Meth
>>> odInvocationHelper.java:80)
>>> at org.testng.internal.Invoker.invokeMethod(Invoker.java:673)
>>> at org.testng.internal.Invoker.invokeTestMethod(Invoker.java:842)
>>> at org.testng.internal.Invoker.invokeTestMethods(Invoker.java:1166)
>>> at org.testng.internal.TestMethodWorker.invokeTestMethods(TestM
>>> ethodWorker.java:125)
>>> at org.testng.internal.TestMethodWorker.run(TestMethodWorker.java:109)
>>> at org.testng.TestRunner.runWorkers(TestRunner.java:1178)
>>> at org.testng.TestRunner.privateRun(TestRunner.java:757)
>>> at org.testng.TestRunner.run(TestRunner.java:608)
>>> at org.testng.SuiteRunner.runTest(SuiteRunner.java:334)
>>> at org.testng.SuiteRunner.runSequentially(SuiteRunner.java:329)
>>> at org.testng.SuiteRunner.privateRun(SuiteRunner.java:291)
>>> at org.testng.SuiteRunner.run(SuiteRunner.java:240)
>>> at org.testng.SuiteRunnerWorker.runSuite(SuiteRunnerWorker.java:52)
>>> at org.testng.SuiteRunnerWorker.run(SuiteRunnerWorker.java:86)
>>> at org.testng.TestNG.runSuitesSequentially(TestNG.java:1158)
>>> at org.testng.TestNG.runSuitesLocally(TestNG.java:1083)
>>> at org.testng.TestNG.run(TestNG.java:999)
>>> at org.testng.IDEARemoteTestNG.run(IDEARemoteTestNG.java:72)
>>> at org.testng.RemoteTestNGStarter.main(RemoteTestNGStarter.java:127)
>>> Caused by: com.ibm.as400.data.PcmlException: A parse error occurred.
>>> at com.ibm.as400.data.ProgramCallDocument.loadSourcePcmlDocumen
>>> tFromStream(ProgramCallDocument.java:1435)
>>> at com.ibm.as400.data.ProgramCallDocument.(ProgramCallDoc
>>> ument.java:265)
>>> at org.wso2.carbon.connector.pcml.AS400CallProgram.connect(AS40
>>> 0CallProgram.java:92)
>>> ... 25 more
>>> Caused by: com.ibm.as400.data.ParseException: Premature end of file.
>>> 1 error detected parsing pcml document.
>>>
>>> at com.ibm.as400.data.PcmlSAXParser.(PcmlSAXParser.java:231)
>>> at com.ibm.as400.data.ProgramCallDocument.loadSourcePcmlDocumen
>>> tFromStream(ProgramCallDocument.java:1427)
>>> ... 27 m
[Dev] WSO2 Identity Server 5.4.0 Alpha 7 Released!
The WSO2 Identity and Access Management team is pleased to announce the release of WSO2 Identity Server 5.4.0 Alpha 7. You can build the distribution from the source tag https://github.com/wso2/product-is/releases/tag/v5.4.0-alpha <https://github.com/wso2/product-is/releases/tag/v5.4.0-alpha6>7 following the steps below. *Building from the source* 1. Install Java7 or above 2. Install Apache Maven 3.x.x(https://maven.apache.org/download.cgi#) 3. Get a clone from https://github.com/wso2/product-is.git and checkout to v5.4.0-alpha7 tag or you can directly download the source for the tag from https://github.com/wso2/product-is/releases/tag/v5.4.0-alpha <https://github.com/wso2/product-is/releases/tag/v5.4.0-alpha6>7 4. Run the one of the below maven commands from product-is directory, - *mvn** clean install* (To build the binary and source distributions with the tests) - *mvn** clean install -Dmaven.test.skip=true* (To build the binary and source distributions, without running any of the unit/integration tests) 5. You can find the wso2is-5.4.0-alpha7.zip binary distribution in product-is/modules/distribution/target directory. The following list contains all the features, improvements, and bug fixes available with the WSO2 Identity Server 5.4.0 Alpha 7 release. Bug - [IDENTITY-4897 <https://wso2.org/jira/browse/IDENTITY-4897>] - Narrower scopes using refresh token - [IDENTITY-6840 <https://wso2.org/jira/browse/IDENTITY-6840>] - TOTP is not working with WUM updated IS-KM 5.3.0 pack Improvement - [IDENTITY-6473 <https://wso2.org/jira/browse/IDENTITY-6473>] - UI Improvements in Users screens - [IDENTITY-6474 <https://wso2.org/jira/browse/IDENTITY-6474>] - UI improvements in 'Roles' screens - [IDENTITY-6476 <https://wso2.org/jira/browse/IDENTITY-6476>] - Common UI Improvements in mgt console - [IDENTITY-6837 <https://wso2.org/jira/browse/IDENTITY-6837>] - Service provider specific custom pages cannot be defined for claims.do servlet context - [IDENTITY-6839 <https://wso2.org/jira/browse/IDENTITY-6839>] - When the refresh token is expired, it sends "invalid_request" error to the client instead of "inavlid_grant" *Contribute to WSO2 Identity Server* *Mailing Lists* Join our mailing lists and correspond with the developers directly. We also encourage you to take part in discussions related to the product in the architecture mailing list. If you have any questions regarding the product you can use our StackOverflow forum to raise them as well. - Developer List: dev@wso2.org - Architecture List: architect...@wso2.org - User Forum: StackOverflow <http://stackoverflow.com/questions/tagged/wso2is> Reporting Issues We encourage you to report issues, improvements, and feature requests regarding WSO2 Identity Server through our public WSO2 Identity Server JIRA <https://wso2.org/jira/projects/IDENTITY/issues>. ~ The WSO2 Identity and Access Management Team ~ *Jayanga Kaushalya* Software Engineer Mobile: +94777860160 WSO2 Inc. | http://wso2.com lean.enterprise.middleware ___ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev
[Dev] WSO2 Identity Server 5.4.0 Alpha 8 Released !!!
The WSO2 Identity and Access Management team is pleased to announce the release of WSO2 Identity Server 5.4.0 Alpha 8. You can build the distribution from the source tag https://github.com/wso2/product-is/releases/tag/v5.4.0-alpha8 following the steps below. *Building from the source* 1. Install Java8 or above 2. Install Apache Maven 3.x.x(https://maven.apache.org/download.cgi#) 3. Get a clone from https://github.com/wso2/product-is.git and checkout to v5.4.0-alpha8 tag or you can directly download the source for the tag from https://github.com/wso2/product-is/releases/tag/v5.4.0-alpha8 4. Run the one of the below maven commands from product-is directory, - *mvn** clean install* (To build the binary and source distributions with the tests) - *mvn** clean install -Dmaven.test.skip=true* (To build the binary and source distributions, without running any of the unit/integration tests) 5. You can find the wso2is-5.4.0-alpha8.zip binary distribution in product-is/modules/distribution/target directory. The following list contains all the features, improvements, and bug fixes available with the WSO2 Identity Server 5.4.0 Alpha 8 release. Patch - [IDENTITY-6883 <https://wso2.org/jira/browse/IDENTITY-6883>] - MalformedURLException when wreply urls has a improper url value. Bug - [IDENTITY-6307 <https://wso2.org/jira/browse/IDENTITY-6307>] - Auth_time is changing to session updated time - [IDENTITY-6875 <https://wso2.org/jira/browse/IDENTITY-6875>] - role claim is missing with request path authentication for saml sp configuration Improvement - [IDENTITY-6239 <https://wso2.org/jira/browse/IDENTITY-6239>] - Improve Facebook\Google authenticators to handle claim transformation using a dedicated claim dialect *Contribute to WSO2 Identity Server* *Mailing Lists* Join our mailing lists and correspond with the developers directly. We also encourage you to take part in discussions related to the product in the architecture mailing list. If you have any questions regarding the product you can use our StackOverflow forum to raise them as well. - Developer List: dev@wso2.org - Architecture List: architect...@wso2.org - User Forum: StackOverflow <http://stackoverflow.com/questions/tagged/wso2is> Reporting Issues We encourage you to report issues, improvements, and feature requests regarding WSO2 Identity Server through our public WSO2 Identity Server JIRA <https://wso2.org/jira/projects/IDENTITY/issues>. ~ The WSO2 Identity and Access Management Team ~ *Jayanga Kaushalya* Software Engineer Mobile: +94777860160 WSO2 Inc. | http://wso2.com lean.enterprise.middleware ___ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev
[Dev] WSO2 Identity Server 5.4.0 Alpha 10 Released !!!
uth Client Secret gets corrupted or disappeared after TokenPersistenceProcessor is set to EncryptionDecryptionPersistenceProcessor - [IDENTITY-6765 <https://wso2.org/jira/browse/IDENTITY-6765>] - check_session_iframe and end_session_endpoint do not appear in the configuration documentation in OpenID Connect Session Management Support - [IDENTITY-6828 <https://wso2.org/jira/browse/IDENTITY-6828>] - scim id returned after creating the user is not equal to the scim id actually stored in the user store - [IDENTITY-6834 <https://wso2.org/jira/browse/IDENTITY-6834>] - Invalid response when in token request, the authorization code is in invalid format - [IDENTITY-6917 <https://wso2.org/jira/browse/IDENTITY-6917>] - SQL error when JWT token issuer is configured to issue self contained access tokens - [IDENTITY-6937 <https://wso2.org/jira/browse/IDENTITY-6937>] - OAuth apps created with DCR requests show invalid (0s) expiry times in UI - [IDENTITY-6939 <https://wso2.org/jira/browse/IDENTITY-6939>] - OIDC DCR Request with an unknown parameter throws 500 - [IDENTITY-6940 <https://wso2.org/jira/browse/IDENTITY-6940>] - OIDC DCR request with no redirect_uri responds with invalid redirect uri values - [IDENTITY-6944 <https://wso2.org/jira/browse/IDENTITY-6944>] - Role based provisioning fails when group endpoint is not configured for SCIM outbound connector Task - [IDENTITY-5561 <https://wso2.org/jira/browse/IDENTITY-5561>] - Debug log message can cause java.lang.IllegalArgumentException - [IDENTITY-6948 <https://wso2.org/jira/browse/IDENTITY-6948>] - Remove unnecessary cache configs which are not used from identity.xml file Improvement - [IDENTITY-6450 <https://wso2.org/jira/browse/IDENTITY-6450>] - Add a field to playground to get input for response_type - [IDENTITY-6509 <https://wso2.org/jira/browse/IDENTITY-6509>] - Properly validate recovery endpoint webapp url before showing the recovery links in login page - [IDENTITY-6774 <https://wso2.org/jira/browse/IDENTITY-6774>] - Authorization Code Grant type tightly coupled to client_id, client_secret authentication - [IDENTITY-6899 <https://wso2.org/jira/browse/IDENTITY-6899>] - Provide an extension to change the OIDC Claim filtering logic - [IDENTITY-6902 <https://wso2.org/jira/browse/IDENTITY-6902>] - Refactor UserInfoResponseBuilder implementations to avoid code duplication. - [IDENTITY-6942 <https://wso2.org/jira/browse/IDENTITY-6942>] - Improve debug logs of the ProvisioningClient used with SCIM outbound connector *Contribute to WSO2 Identity Server* *Mailing Lists* Join our mailing lists and correspond with the developers directly. We also encourage you to take part in discussions related to the product in the architecture mailing list. If you have any questions regarding the product you can use our StackOverflow forum to raise them as well. - Developer List: dev@wso2.org - Architecture List: architect...@wso2.org - User Forum: StackOverflow <http://stackoverflow.com/questions/tagged/wso2is> Reporting Issues We encourage you to report issues, improvements, and feature requests regarding WSO2 Identity Server through our public WSO2 Identity Server JIRA <https://wso2.org/jira/projects/IDENTITY/issues>. ~ The WSO2 Identity and Access Management Team ~ *Jayanga Kaushalya* Software Engineer Mobile: +94777860160 <+94%2077%20786%200160> WSO2 Inc. | http://wso2.com lean.enterprise.middleware ___ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev
[Dev] WSO2 Identity Server 5.4.0 Beta Released !!!
d IDP session - [IDENTITY-5861 <https://wso2.org/jira/browse/IDENTITY-5861>] - SAML2 AuthnContextClassRef returned from the Federated IDP should return to the applications. - [IDENTITY-6077 <https://wso2.org/jira/browse/IDENTITY-6077>] - Create JWT access token in Identity Server - [IDENTITY-6512 <https://wso2.org/jira/browse/IDENTITY-6512>] - [Workflows] Cannot edit other attributes of the workflow without editing the workflow name - [IDENTITY-6589 <https://wso2.org/jira/browse/IDENTITY-6589>] - Supplementary OSGi service for adding new claims to ID token - [IDENTITY-6801 <https://wso2.org/jira/browse/IDENTITY-6801>] - Proper UI indication needed where there are no service providers to list - [IDENTITY-6966 <https://wso2.org/jira/browse/IDENTITY-6966>] - Implemented Self contained access token validator - [IDENTITY-6980 <https://wso2.org/jira/browse/IDENTITY-6980>] - Add wildcard * support for scim group name filtering *Contribute to WSO2 Identity Server* *Mailing Lists* Join our mailing lists and correspond with the developers directly. We also encourage you to take part in discussions related to the product in the architecture mailing list. If you have any questions regarding the product you can use our StackOverflow forum to raise them as well. - Developer List: dev@wso2.org - Architecture List: architect...@wso2.org - User Forum: StackOverflow <http://stackoverflow.com/questions/tagged/wso2is> Reporting Issues We encourage you to report issues, improvements, and feature requests regarding WSO2 Identity Server through our public WSO2 Identity Server JIRA <https://wso2.org/jira/projects/IDENTITY/issues>. ~ The WSO2 Identity and Access Management Team ~ *Jayanga Kaushalya* Senior Software Engineer Mobile: +94777860160 <+94%2077%20786%200160> WSO2 Inc. | http://wso2.com lean.enterprise.middleware ___ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev
[Dev] WSO2 Identity Server 5.4.0 Released!
WSO2 Identity Server 5.4.0 Released! WSO2 Identity Server team is pleased to announce the release of version 5.4.0 of the WSO2 Identity Server. WSO2 Identity Server is an open source Identity and Entitlement Management server. It supports a wide array of authentication protocols such as SAML 2.0 Web SSO, OAuth 2.0/1.0a, OpenID Connect and WS-Federation Passive. It supports role based authorization and fine grained authorization with XACML 2.0/3.0 while inbound/outbound provisioning is supported through SCIM and SPML. WSO2 Identity Server is developed on top of the revolutionary WSO2 Carbon platform, an OSGi based framework that provides seamless modularity to your SOA solution via componentization. All the major features have been developed as pluggable Carbon components. You can download this distribution from http://wso2.com/products/ident ity-server/. Online documentation is available at http://docs.wso2.org/wiki/disp lay/IS540/WSO2+Identity+Server+Documentation. How to Run 1. Extract the downloaded zip 2. Go to the bin directory in the extracted folder 3. Run the wso2server.sh or wso2server.bat files as appropriate 4. If you need to start the OSGi console with the server, use the property -DosgiConsole when starting the server. New Features in this Release - SCIM 2 Inbound Provisioning Support (RFC 7643 <https://tools.ietf.org/html/rfc7643> and RFC 7644 <https://tools.ietf.org/html/rfc7644>) - Dynamic Client Registration Management Support (RFC 7592 <https://tools.ietf.org/html/rfc7592>) - Service Provider wise Token Expiration: Now an application owner can decide the token (access token and refresh token) expiration time for each service provider. - Support for self-contained access tokens: This will allow users to generate access tokens as self contained, self signed JWT tokens with user claims. - Support for OIDC Request Object. (http://openid.net/specs/openi d-connect-core-1_0.html#RequestObject <http://openid.net/specs/openid-connect-core-1_0.html#RequestObject>) - Service Provider wise SAML Encryption Algorithm configuration. This release includes functional improvements, and fixes to the product. Complete list of improvements and bug fixes available with the release can be found at following locations: - IS Runtime <https://wso2.org/jira/issues/?filter=14457> - IS Analytics <https://wso2.org/jira/issues/?filter=14459> Known Issues All the open issues pertaining to WSO2 Identity Server are reported at the following locations: - IS Runtime <https://wso2.org/jira/issues/?filter=14458> - IS Analytics <https://wso2.org/jira/issues/?filter=14460> How You Can Contribute *Mailing Lists* Join our mailing list and correspond with the developers directly. Developer list : dev@wso2.org | Subscribe | Mail Archive <http://mail.wso2.org/mailarchive/dev/> User forum : StackOverflow <http://stackoverflow.com/questions/tagged/wso2is> *Reporting Issues* We encourage you to report issues, documentation faults and feature requests regarding WSO2 Identity Server or in the Carbon base framework through the public WSO2 Identity Server JIRA <https://wso2.org/jira/browse/IDENTITY>. *Support* We are committed to ensure your enterprise middleware deployment is completely supported from evaluation to production. Our unique approach ensures that all support leverages our open development methodology and is provided by the very same engineers who build the technology. For more details and to take advantage of this unique opportunity, visit http://wso2.com/support/ For more information about WSO2 Identity Server, please see http://wso2.com/products/identity-server or visit the WSO2 Oxygen Tank <http://wso2.com/library/> developer portal for additional resources. Thank you for your interest in WSO2 Identity Server. The WSO2 Identity and Access Management Team. *Jayanga Kaushalya* Senior Software Engineer Mobile: +94777860160 WSO2 Inc. | http://wso2.com lean.enterprise.middleware ___ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev
[Dev] Insulating Privacy in User Operations
Hi all, To cater the requirements related to [1], we are planing to implement a set of utility classes to mange privacy of privacy concerned objects (Eg: User). All the objects that are with privacy concerned attributes will be wrapped inside a privacy insulator object. Duty of the privacy insulator is to prevent the misuse of privacy related attributes. It will hide the attributes that are related to object's privacy and provide a hash or id as a pseudonym to represent the attribute instead of the real value. Furthermore, classes can be marked as confidential as well. All confidential classes should provide the pseudonym to represent there privacy concerned attribute. So whenever using a confidential object, pseudonym will be used instead of the underlying real value. There will be separate ID manager to map the related ID with the underlying actual value. So wherever the actual value should be needed, (Eg: Display the users username in a UI) ID manager can retrieve it and used. But this should be used only in places where pseudonym can't be used. Please provide your thoughts. [1] [Architecture] GDPR - Pseudonyms For Username *Jayanga Kaushalya* Senior Software Engineer Mobile: +94777860160 WSO2 Inc. | http://wso2.com lean.enterprise.middleware ___ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev
Re: [Dev] Insulating Privacy in User Operations
Hi Awanthika, There aren't any predefined set of attributes and here we are mainly concerning about user's username. All claims that are related with user information are classified as privacy concerned attributes and we do not log or misuse them earlier as well. Idea for this privacy insulator is to extend this to a level much similar like Java security manager in future and use policies to manage the privacy concerns. As "places where pseudonyms can't be used" I meant the places where end user directly access and should have the meaning of that attribute. For an example, In a user dashboard if there is a section where we need to display the username in the UI, it is not user friendly to show the pseudonym and instead we should show the real value. Thanks! *Jayanga Kaushalya* Senior Software Engineer Mobile: +94777860160 WSO2 Inc. | http://wso2.com lean.enterprise.middleware On Fri, Jan 12, 2018 at 2:04 AM, Awanthika Senarath < awanthikarasanjaleesenar...@gmail.com> wrote: > Hello Jayanga, > > This looks interesting and timely, however, two questions. How do you plan > to identify the "privacy concerned attributes" for a particular person? > From your email, it appears as the identification of the "privacy concerned > attributes" is straightforward or you are having a predefined list of > attributes that you believe to be privacy concerned. > > The other question is what are the "places where pseudonyms can't be used > "? > > Regards > Awanthika Senarath > PhD Research Student > Australian Centre for Cyber Security > Australian Defence Force Academy > The University of New South Wales (UNSW Canberra) > > > On Thu, Jan 11, 2018 at 5:21 AM, Jayanga Kaushalya > wrote: > >> Hi all, >> >> To cater the requirements related to [1], we are planing to implement a >> set of utility classes to mange privacy of privacy concerned objects (Eg: >> User). >> >> All the objects that are with privacy concerned attributes will be >> wrapped inside a privacy insulator object. Duty of the privacy insulator is >> to prevent the misuse of privacy related attributes. It will hide the >> attributes that are related to object's privacy and provide a hash or id as >> a pseudonym to represent the attribute instead of the real value. >> Furthermore, classes can be marked as confidential as well. All >> confidential classes should provide the pseudonym to represent there >> privacy concerned attribute. So whenever using a confidential object, >> pseudonym will be used instead of the underlying real value. >> >> There will be separate ID manager to map the related ID with the >> underlying actual value. So wherever the actual value should be needed, >> (Eg: Display the users username in a UI) ID manager can retrieve it and >> used. But this should be used only in places where pseudonym can't be used. >> >> Please provide your thoughts. >> >> [1] [Architecture] GDPR - Pseudonyms For Username >> >> *Jayanga Kaushalya* >> Senior Software Engineer >> Mobile: +94777860160 <+94%2077%20786%200160> >> WSO2 Inc. | http://wso2.com >> lean.enterprise.middleware >> >> >> >> ___ >> Dev mailing list >> Dev@wso2.org >> http://wso2.org/cgi-bin/mailman/listinfo/dev >> >> > > > ___ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev
[Dev] WSO2 Identity Server 5.4.0 is now OIDC Certified
Hi all, We were able to receive the OIDC certification for IS 5.4.0 (For basic and implicit profiles). Now we are listed under [1]. Thanks Hasini (https://github.com/hasinidilanka) and Nipuni ( https://github.com/NipuniBhagya) for taking the responsibility and carrying this out. [1] http://openid.net/certification/ Thanks! *Jayanga Kaushalya* Senior Software Engineer Mobile: +94777860160 WSO2 Inc. | http://wso2.com lean.enterprise.middleware ___ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev
[Dev] Common Parent for AbstractUserStoreManger, JDBCAuthorizationManager and HybridRoleManager
Hi all, We have identified there are few common methods(callSecure(), initUserRolesCache(), etc..) in $subject mentioned classes in UserCore[1]. So we have decided to create a common parent(AbstractSecuredEntityManager) for those classes to minimize the code duplication. Please provide your thoughts. [1] https://github.com/wso2/carbon-kernel/tree/4.4.x/core/org.wso2.carbon.user.core Thanks! *Jayanga Kaushalya* Senior Software Engineer Mobile: +94777860160 WSO2 Inc. | http://wso2.com lean.enterprise.middleware ___ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev
[Dev] Upgrading Bundle Plugin Version in Kernel to 3.0.1
Hi all, While compiling the user core in Java 8 I have encountered the following issue [1]. Upgrading the version to 3.0.1 will fix the issue. Will there be any issue by upgrading the bundle plugin ? Please provide your thoughts. [1] https://issues.apache.org/jira/browse/FELIX-4005 Thanks! *Jayanga Kaushalya* Senior Software Engineer Mobile: +94777860160 WSO2 Inc. | http://wso2.com lean.enterprise.middleware ___ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev
[Dev] Disabling JNDI Binding in Carbon Datsources SPI On Demand
Hi all, Carbon Datasources [1] currently do not support JNDI binding in non-osgi mode. But it'll try to bind JNDI if there is a JNDI tag presents in the datasources.xml. But if we remove or comment the JNDI tags, it'll ignore the JNDI bindings as continue with the data source name. It is better if we can disable the JNDI binding explicitly by providing a external configuration even though JNDI tags are present in the datasources.xml. WDYT ? [1] https://github.com/wso2/carbon-datasources Thanks! *Jayanga Kaushalya* Senior Software Engineer Mobile: +94777860160 WSO2 Inc. | http://wso2.com lean.enterprise.middleware ___ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev
Re: [Dev] User Management related audit logs are not working in IS latest pack.
Thanks Megala. PR merged. Thanks! *Jayanga Kaushalya* Senior Software Engineer Mobile: +94777860160 WSO2 Inc. | http://wso2.com lean.enterprise.middleware On Tue, Mar 13, 2018 at 12:00 PM, Megala Uthayakumar wrote: > Hi All, > > In the latest IS 5.5.0-SNAPSHOT pack, user management related audit logs > are not working. When analyzing, it was identified, > UserDeletionEventListener is not overriding the getExecutionOrderId method > and due to that order id is being picked up as 0, which in-turns conflicts > with UserMgtAuditLogger's order id. > > Relevant issue can be found at [1] and PR with the fix can be found at > [2]. Appreciate if this can be reviewed and merged. > > [1] https://github.com/wso2/product-is/issues/2916 > [2] https://github.com/wso2/carbon-identity-framework/pull/1476 > > Thanks. > > Regards, > Megala > -- > Megala Uthayakumar > > Senior Software Engineer > Mobile : 0779967122 > ___ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev
Re: [Dev] [Architecture] [VOTE] Release WSO2 Identity Server 5.5.0 RC1
Hi Sagara, Yes I have suggested other teams also to follow the IS convention in [1]. APIM team told me offline that they already changed. Hope others will do the same. [1] [GDPR] Anonymization Tool default configurations/references are differed over the Products Thanks! *Jayanga Kaushalya* Senior Software Engineer Mobile: +94777860160 WSO2 Inc. | http://wso2.com lean.enterprise.middleware On Wed, Mar 14, 2018 at 7:37 PM, Sagara Gunathunga wrote: > > > On Wed, Mar 14, 2018 at 7:27 PM, Sathya Bandara wrote: > >> Hi all, >> >> We are calling-off this vote as we have found an issue, >> >>- for user-mgt ui component in EI product >>- in Windows environment >> >> Since we want to align same component versions among EI & IS, we will fix >> this and update versions in IS as well. Additionally we will fix the issue >> in README.txt along with this. >> > Ruwan/Jayanga, shall we also look into the suggestion made by Lanka in the > "GDPR compliance for WSO2 products" thread ? > > Thanks ! > >> We will do a RC2 and call for a vote soon. >> >> [1] https://github.com/wso2/product-ei/issues/2004 >> >> On Wed, Mar 14, 2018 at 6:29 PM, Nilasini Thirunavukkarasu < >> nilas...@wso2.com> wrote: >> >>> Hi, >>> >>> I have tested the following flows in mysql. >>> >>>- User management, role management (Primary + Secondary user store) >>>- OIDC flow (password grant, authorization code)(Primary + Secondary >>>user store) >>>- consent management with SAML SSO for primary and secondary users. >>>- SAML assertion encryption and response signing. >>> >>> >>> I have tested the following flow with h2 >>> >>>- federated scenario with two IS >>> >>> +1 to go ahead and release >>> >>> >>> Thanks, >>> Nila. >>> >>> >>> On Wed, Mar 14, 2018 at 6:15 PM, Darshana Gunawardana >> > wrote: >>> >>>> Hi Dilini, >>>> >>>> We will fix this, if we noted any blocker for RC1 release.. If not, >>>> let's continue on the vote considering this is a known issue.. >>>> >>>> Thanks, >>>> >>>> On Wed, Mar 14, 2018 at 6:05 PM, Dilini Gunatilake >>>> wrote: >>>> >>>>> Hi, >>>>> >>>>> The README .txt contains references to old documentation and few other >>>>> issues which is reported in [1]. Better if we can fix those. WDUT? >>>>> >>>>> [1] https://github.com/wso2/product-is/issues/2945 >>>>> >>>>> Regards, >>>>> Dilini >>>>> >>>>> >>>>> >>>>> On Wed, Mar 14, 2018 at 5:23 PM, Farasath Ahamed >>>>> wrote: >>>>> >>>>>> >>>>>> Tested Below scenario on the IS 5.5.0-RC1 pack with MSSQL database >>>>>> >>>>>>- Create an OAuth app using Dynamic Client Registration endpoint >>>>>>- Configured mandatory claims for the service provider >>>>>>- Tested OIDC Implicit flow with user consent management enabled >>>>>>- Verified that the user claims sent in the id_token are filtered >>>>>>based on user consent. >>>>>> >>>>>> +1 to go ahead and release >>>>>> >>>>>> >>>>>> On Wed, Mar 14, 2018 at 11:16 AM, Sathya Bandara >>>>>> wrote: >>>>>> >>>>>>> Hi all, >>>>>>> >>>>>>> We are pleased to announce the first release candidate of WSO2 >>>>>>> Identity Server 5.5.0. >>>>>>> >>>>>>> This is the first release candidate (RC) of the WSO2 Identity Server >>>>>>> 5.5.0 release. >>>>>>> >>>>>>> >>>>>>> This release fixes the following issues >>>>>>> >>>>>>>- 5.5.0-RC1 fixes >>>>>>> >>>>>>> <https://github.com/wso2/product-is/issues?q=is%3Aclosed+milestone%3A5.5.0-RC1> >>>>>>>- 5.5.0-Beta fixes >>>>>>> >>>>>>> <https://github.com/wso2/product-is/issues?q=is%3Aclosed+milestone%3A5.5.0-beta> >>>>>>>- 5.5.0-Alpha3 fixes >>>>>>
Re: [Dev] [Architecture] [VOTE] Release WSO2 Identity Server 5.5.0 RC2
Hi all, I have tested the following, 1. Forget-me tool in IS RC2 pack. 2. Forget-me tool in IS Analytics RC2 pack. No blocking issues found. [+] Go ahead and release. Thanks! *Jayanga Kaushalya* Senior Software Engineer Mobile: +94777860160 <+94%2077%20786%200160> WSO2 Inc. | http://wso2.com lean.enterprise.middleware On Thu, Mar 15, 2018 at 1:26 PM, Ishara Karunarathna wrote: > HI, > > Tested the consent mgt feature with SAML SSO. and basic user mgt features. > No blocking issues found. > > [+] Stable - Go ahead and release > > -Ishara > > On Thu, Mar 15, 2018 at 1:08 PM, Pulasthi Mahawithana > wrote: > >> Tested below scenarios and no blocking issues found., >> >>- Adding multi-Step workflow definitions >>- Adding workflow associations and Multi step approval for user add >>operation >>- Federation with twitter >>- Login analytics >>- Session Analytics >> >> No blocking issues found. >> >> [+] Stable - Go ahead and release >> >> On Thu, Mar 15, 2018 at 12:33 PM, Hasintha Indrajee >> wrote: >> >>> Tested below scenarios with MySQL database >>> >>> Authentication data publishing. >>> Custom OAuth client authenticators (Private key JWT client >>> authenticator.) >>> >>> Self registration with consents (for super and non super tenants) >>> SSO with missing mandatory claims and consents for SaaS apps. (SAML, >>> with and without mandatory claims) >>> Updating and revoking consents through dashboard for super tenant and >>> non super tenant users. >>> Consent erasure while apps (for SaaS scenarios) are deleted and users >>> are deleted. >>> >>> No blocking issues found and +1 to proceed with release. >>> >>> >>> On Thu, Mar 15, 2018 at 5:19 AM, Darshana Gunawardana >> > wrote: >>> >>>> Hi all, >>>> >>>> We are pleased to announce the second release candidate of WSO2 >>>> Identity Server 5.5.0. >>>> >>>> This release fixes the following issues, >>>> >>>>- >>>>- 5.5.0-RC2 fixes >>>> >>>> <https://github.com/wso2/product-is/issues?q=is%3Aclosed+milestone%3A5.5.0-RC2> >>>>- 5.5.0-RC1 fixes >>>> >>>> <https://github.com/wso2/product-is/issues?q=is%3Aclosed+milestone%3A5.5.0-RC1> >>>>- 5.5.0-Beta fixes >>>> >>>> <https://github.com/wso2/product-is/issues?q=is%3Aclosed+milestone%3A5.5.0-beta> >>>>- 5.5.0-Alpha3 fixes >>>> >>>> <https://github.com/wso2/product-is/issues?q=is%3Aclosed+milestone%3A5.5.0-alpha3> >>>>- 5.5.0-Alpha2 fixes >>>> >>>> <https://github.com/wso2/product-is/issues?q=is%3Aclosed+milestone%3A5.5.0-alpha2> >>>>- 5.5.0-Alpha fixes >>>> >>>> <https://github.com/wso2/product-is/issues?q=is%3Aclosed+milestone%3A5.5.0-alpha> >>>>- 5.5.0-M4 fixes >>>> >>>> <https://github.com/wso2/product-is/issues?q=is%3Aclosed+milestone%3A5.5.0-M4> >>>>- 5.5.0-M3 fixes >>>> >>>> <https://github.com/wso2/product-is/issues?q=is%3Aclosed+milestone%3A5.5.0-M3> >>>>- 5.5.0-M2 fixes >>>> >>>> <https://github.com/wso2/product-is/issues?q=is%3Aclosed+milestone%3A5.5.0-M2> >>>>- 5.5.0-M1 fixes >>>> >>>> <https://github.com/wso2/product-is/issues?q=is%3Aclosed+milestone%3A5.5.0-M1> >>>> >>>> >>>> Source and distribution >>>> >>>> Runtime - https://github.com/wso2/product-is/releases/v5.5.0-rc2 >>>> Analytics - https://github.com/wso2/anal >>>> ytics-is/releases/v5.5.0-rc2 >>>> >>>> >>>> Please download, test the product and vote. >>>> >>>> [+] Stable - go ahead and release >>>> [-] Broken - do not release (explain why) >>>> >>>> >>>> Thanks, >>>> - WSO2 Identity and Access Management Team - >>>> >>>> -- >>>> Regards, >>>> >>>> >>>> *Darshana Gunawardana*Technical Lead >>>> WSO2 Inc.; http://wso2.com >>>> >>>> *E-mail: darsh...@wso2.com * >>>> *Mobile: +94718566859 <071%20856%206859>*Lean . Enterprise . Middleware >>>> >>> >>> >>> >>> -- >>> Hasintha Indrajee >>> WSO2, Inc. >>> Mobile:+94 771892453 <+94%2077%20189%202453> >>> >>> >>> ___ >>> Architecture mailing list >>> architect...@wso2.org >>> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture >>> >>> >> >> >> -- >> *Pulasthi Mahawithana* >> Associate Technical Lead >> WSO2 Inc., http://wso2.com/ >> Mobile: +94-71-5179022 <+94%2071%20517%209022> >> Blog: https://medium.com/@pulasthi7/ >> >> <https://wso2.com/signature> >> >> ___ >> Dev mailing list >> Dev@wso2.org >> http://wso2.org/cgi-bin/mailman/listinfo/dev >> >> > > > -- > Ishara Karunarathna > Technical Lead > WSO2 Inc. - lean . enterprise . middleware | wso2.com > > email: isha...@wso2.com, blog: isharaaruna.blogspot.com, mobile: > +94717996791 <+94%2071%20799%206791> > > > > ___ > Architecture mailing list > architect...@wso2.org > https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture > > ___ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev
[Dev] Documentation related to Session Management Service
Hi, Is there any documentation related to the [1]. If so, can someone please point me. I have searched [2] but didn't able to find any. [1] https://github.com/wso2/carbon-identity-framework/blob/master/components/authentication-framework/org.wso2.carbon.identity.application.authentication.framework/src/main/java/org/wso2/carbon/identity/application/authentication/framework/services/SessionManagementService.java [2] https://docs.wso2.com/display/IS550/SOAP+APIs Thanks! *Jayanga Kaushalya* Senior Software Engineer Mobile: +94777860160 WSO2 Inc. | http://wso2.com lean.enterprise.middleware ___ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev
Re: [Dev] Workaround for findbug exception - Maven 3.6
On Wed, Jul 17, 2019 at 5:23 PM Nipuni Paaris wrote:
> Hi all,
>
> The org.codehaus.mojo:findbugs-maven-plugin appears to have a bug and when
> trying to execute the mvn clean install command it tends to throw the
> following error.
>
> Failed to execute goal
>> org.codehaus.mojo:findbugs-maven-plugin:3.0.3:findbugs (findbugs) on
>> project identity-apps: Unable to parse configuration of mojo
>> org.codehaus.mojo:findbugs-maven-plugin:3.0.3:findbugs for parameter
>> pluginArtifacts: Cannot assign configuration entry 'pluginArtifacts' with
>> value '${plugin.artifacts}' of type
>> java.util.Collections.UnmodifiableRandomAccessList to property of type
>> java.util.ArrayList
>
>
> However, the issue seems to be fixed from findbugs version 3.0.4 onwards.
> Therefore we were able to overcome the above-mentioned problem by *updating
> the
> findbugs plugin version to 3.0.4 in component's root pom.xml. *We could
> also fix this by *downgrading the maven version to 3.5.* *in our machines
> as an alternative.
>
Downgrading should not be an option.
>
> So will it be possible to upgrade the findbugs plugin version in [1]
> to
> 3.0.4, since it'll be more convenient for all the users rather than having
> to downgrade maven locally or to upgrade the findbugs version in each
> repository?
>
Since it is a patch version upgrade, it should be fine. (Better to test it
locally). So +1 to upgrade.
By the way, since 3.0.5 is the latest version, shall we try to upgrde to
that version? (Any issues in that?)
>
> Your comments and suggestions on this would be highly appreciated.
>
> [1] -
> https://github.com/wso2/carbon-parent/blob/carbon-parent-5/pom.xml#L570
>
>
> Thank you.
>
> Kind regards,
> --
> Nipuni Paaris | Software Engineer | WSO2 Inc.
> (m) +94 077 9028904 | (w) +94 011 2145345 | Email: nipu...@wso2.com
> [image: https://wso2.com/signature]
>
>
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev
Re: [Dev] [VOTE] Release WSO2 Carbon Kernel 4.5.0 RC2
Hi All, Tested with the Identity Server distribution. No blockers found. [+] Stable - go ahead and release Thanks! *Jayanga Kaushalya* | Associate Technical Lead | WSO2 Inc. (m) +94 777 860 160 | (w) +94 11 743 5800 | (e) jayan...@wso2.com GET INTEGRATION AGILE Integration Agility for Digitally Driven Business On Thu, Sep 12, 2019 at 11:38 AM Nalaka Senarathna wrote: > Hi All, > We have tested with API Manager distribution.No blocker issues found. +1 > to proceed. > > Thanks, > Nalaka. > > On Thu, Sep 12, 2019 at 11:17 AM Mathuriga Thavarajah > wrote: > >> Hi All, >> >> Security Scanning report (Static) was analyzed and reviewed. Hence +1 >> from the Platform Security Team for proceeding with the release. >> >> Thanks. >> >> Regards, >> Mathuriga. >> >> >> On Wed, Sep 11, 2019 at 7:29 PM Malaka Gangananda >> wrote: >> >>> Hi All, >>> >>> We have tested the broker, bps and integration profile with the kernel >>> 4.5.0-RC2. No blocker issues found. +1 to proceed. >>> >>> Thanks, >>> >>> On Wed, Sep 11, 2019 at 5:27 PM Sameera Gunarathne >>> wrote: >>> >>>> Hi, >>>> >>>> We have tested the EI-6.6.0 distribution with the kernel 4.5.0-RC2. No >>>> blocker issues found. +1 to proceed. >>>> >>>> Thanks, >>>> Sameera. >>>> >>>> On Mon, Sep 9, 2019 at 2:58 PM Senthalan Kanagalingam < >>>> sentha...@wso2.com> wrote: >>>> >>>>> Hi all, >>>>> >>>>> Please find the Maven staging repository: >>>>> >>>>> https://maven.wso2.org/nexus/content/repositories/orgwso2carbon-1388 >>>>> <https://www.google.com/url?q=https://maven.wso2.org/nexus/content/repositories/orgwso2carbon-1388&sa=D&source=hangouts&ust=156810467757&usg=AFQjCNHJuoOSSUlqAyCKj73PUIKLWqhDSw> >>>>> >>>>> On Mon, Sep 9, 2019 at 2:42 PM Senthalan Kanagalingam < >>>>> sentha...@wso2.com> wrote: >>>>> >>>>>> Hi Devs, >>>>>> >>>>>> WSO2 Carbon Kernel 4.5.0 RC2 Release Vote. >>>>>> >>>>>> This release fixes the following issues: >>>>>> https://github.com/wso2/carbon-kernel/milestone/22?closed=1 >>>>>> >>>>>> Please download and test your products with kernel 4.5.0 RC2 and >>>>>> vote. The vote will be open for 72 hours or longer as needed. >>>>>> >>>>>> Maven staging repository: >>>>>> https://github.com/wso2/carbon-kernel/releases/tag/v4.5.0-rc2 >>>>>> >>>>>> The tag to be voted upon: >>>>>> https://github.com/wso2/carbon-kernel/tree/v4.5.0-rc2 >>>>>> >>>>>> [- ] Broken - do not release (explain why) >>>>>> [+] Stable - go ahead and release >>>>>> >>>>>> >>>>>> Thank you >>>>>> WSO2 Engineering Team >>>>>> -- >>>>>> Senthalan Kanagalingam | Senior Software Engineer | WSO2 Inc. >>>>>> (m) +94 (0) 77 18 77 466 | (w) +94117435800 | (e) sentha...@wso2.com >>>>>> >>>>>> <http://wso2.com/signature> >>>>>> >>>>>> >>>>> >>>>> -- >>>>> Senthalan Kanagalingam | Senior Software Engineer | WSO2 Inc. >>>>> (m) +94 (0) 77 18 77 466 | (w) +94117435800 | (e) sentha...@wso2.com >>>>> >>>>> <http://wso2.com/signature> >>>>> >>>>> ___ >>>>> Dev mailing list >>>>> Dev@wso2.org >>>>> http://wso2.org/cgi-bin/mailman/listinfo/dev >>>>> >>>> >>>> >>>> -- >>>> Sameera Gunarathne >>>> Senior Software Engineer, WSO2 Inc. http://wso2.com >>>> <http://l.facebook.com/l.php?u=http%3A%2F%2Fwso2.com&h=gAQEswASa> >>>> Email: samee...@wso2.com >>>> Mobile: +94714155561 >>>> ___ >>>> Dev mailing list >>>> Dev@wso2.org >>>> http://wso2.org/cgi-bin/mailman/listinfo/dev >>>> >>> >>> >>> -- >>> Malaka. >>> -- >>> Malaka Gangananda - Senior Software Engineer | WSO2 >>> Email : mala...@wso2.com >>> Mobile : +94713564340 >>> Web : http://wso2.com >>> <http://wso2.com/signature> >>> ___ >>> Dev mailing list >>> Dev@wso2.org >>> http://wso2.org/cgi-bin/mailman/listinfo/dev >>> >> >> >> -- >> >> *Mathuriga Thavarajah* >> Software Engineer >> WSO2 Inc. - http ://wso2.com >> >> Email : mathur...@wso2.com >> Mobile : +94778191300 >> >> >> >> *[image: http://wso2.com/signature] <http://wso2.com/signature>* >> ___ >> Dev mailing list >> Dev@wso2.org >> http://wso2.org/cgi-bin/mailman/listinfo/dev >> > > > -- > *Nalaka Senarathna* > *Email : nala...@wso2.com * > *Mobile : +94714118474* > *web : https://wso2.com <https://wso2.com>* > <https://wso2.com/signature> > > ___ > Dev mailing list > Dev@wso2.org > http://wso2.org/cgi-bin/mailman/listinfo/dev > ___ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev
[Dev] WSO2 Committers += Sarubi Thillainathan
Hi All, It's my pleasure to announce Sarubi Thillainathan as a WSO2 Committer. She has been a valuable contributor and enthusiast to the WSO2 IAM team. In recognition of her contribution, dedication, and commitment, she has been voted as a WSO2 committer. Congratulations Sarubi and keep up the good work...!!! Thanks! *Jayanga Kaushalya* | Associate Technical Lead | WSO2 Inc. (m) +94 777 860 160 | (w) +94 11 743 5800 | (e) jayan...@wso2.com GET INTEGRATION AGILE Integration Agility for Digitally Driven Business ___ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev
[Dev] WSO2 Committers += Sachini Wettasinghe
Hi All, It's my pleasure to announce Sachini Wettasinghe as a WSO2 Committer. She has been a valuable contributor and enthusiast to the WSO2 IAM team. In recognition of her contribution, dedication, and commitment, she has been voted as a WSO2 committer. Congratulations Sachini and keep up the good work...!!! Thanks! *Jayanga Kaushalya* | Associate Technical Lead | WSO2 Inc. (m) +94 777 860 160 | (w) +94 11 743 5800 | (e) jayan...@wso2.com GET INTEGRATION AGILE Integration Agility for Digitally Driven Business ___ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev
[Dev] WSO2 Committers += Gayashan Bombuwala
Hi All, It's my pleasure to announce Gayashan Bombuwala as a WSO2 Committer. He has been a valuable contributor and enthusiast to the WSO2 IAM team. In recognition of his contribution, dedication, and commitment, he has been voted as a WSO2 committer. Congratulations Gayashan and keep up the good work...!!! Thanks! *Jayanga Kaushalya* | Associate Technical Lead | WSO2 Inc. (m) +94 777 860 160 | (w) +94 11 743 5800 | (e) jayan...@wso2.com GET INTEGRATION AGILE Integration Agility for Digitally Driven Business ___ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev
[Dev] .NET Samples for WSO2 Identity Server v0.9.0 Released !
WSO2 Identity and Access Management Developer Community is pleased to announce, .NET Samples for WSO2 Identity Server - v0.9.0 Release What's in this release This release contains the following sample. - Pickup-Manager Desktop Application This is a Windows desktop application which is using WSO2 Identity Server for authentication. This application is written using WPF technologies and it uses the .NET OIDC SDK <https://github.com/wso2-extensions/identity-sdks-dotnet/tree/master/org.wso2.identity.sdk.oidc> for WSO2 Identity Server. How to runFollow the instruction in the release note <https://github.com/wso2-extensions/identity-samples-dotnet/releases/tag/v0.9.0> to install & run .NET Samples for WSO2 Identity Server.Install Pickup-Manager Desktop Application Run Pickup-Manager Desktop Application How to engage We encourage you to open git Issues <https://github.com/wso2-extensions/identity-samples-dotnet/issues> for any queries, issues, improvements and feature requests. Important: And please be advised that security issues must be reported to secur...@wso2.com, not as GitHub issues, in order to reach the proper audience. We strongly advise following the WSO2 Security Vulnerability Reporting Guidelines when reporting the security issues. ~ WSO2 Identity and Access Management Developer Community ~ *Jayanga Kaushalya* | Associate Technical Lead | WSO2 Inc. (m) +94 777 860 160 | (w) +94 11 743 5800 | (e) jayan...@wso2.com GET INTEGRATION AGILE Integration Agility for Digitally Driven Business ___ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev
[Dev] WSO2 Committers += Thumilan Mikunthan
Hi All, It's my pleasure to announce Thumilan Mikunthan as a WSO2 Committer. He has been a valuable contributor and enthusiast to the WSO2 Identity & Access Management Team. In recognition of his contribution, dedication, and commitment he has been voted as a WSO2 committer. Congratulations Thumilan and keep up the good work...!!! Thanks! *Jayanga Kaushalya* | Associate Technical Lead | WSO2 Inc. (m) +94 777 860 160 | (w) +94 11 743 5800 | (e) jayan...@wso2.com GET INTEGRATION AGILE Integration Agility for Digitally Driven Business ___ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev
