Tuesday, April 8, 2014

Error Recovery Mechanisms in WSO2 ESB with Store and Forward


 You may be in a situation where you need to send messages reliably to an endpoint. There are couple of ways you can achieve that. WSO2 ESB provides store/forward pattern with a higher level of reliability and error recovery mechanisms. This post aggregate some of the comprehensive articles into a single piece.





Thursday, July 18, 2013

How to get a user profile for OAuth Token using JWT headers


In this blog post lets discuss how you can retrieve user profile and view attributes of a user using only the OAuth token in WSO2 Identity server. I assume that reader is familiar with WSO2 identity server and if you need more help you can follow the documentation at http://docs.wso2.org/wiki/display/IS400/WSO2+Identity+Server+Documentation

1) Change the CARBON_HOME/repository/conf/identity.xml and make following attribute true. Then start the WSO2 Identity server.

   <AuthorizationContextTokenGeneration>
                        <Enabled>true</Enabled>
                        <TokenGeneratorImplClass>org.wso2.carbon.identity.oauth2.authcontext.JWTTokenGenerator</TokenGeneratorImplClass>
                        <ClaimsRetrieverImplClass>org.wso2.carbon.identity.oauth2.authcontext.DefaultClaimsRetriever</ClaimsRetrieverImplClass>
                        <ConsumerDialectURI>http://wso2.org/claims</ConsumerDialectURI>
                        <SignatureAlgorithm>SHA256withRSA</SignatureAlgorithm>
                        <AuthorizationContextTTL>15</AuthorizationContextTTL>
                </AuthorizationContextTokenGeneration>

2) Get the oauth Token ( you need to get the base64 encoded value for (client id:client secret) value.


You can use an online service for encoding such as http://www.base64encode.org/ and then issue following CURL command to obtain the access token. (make sure you have the correct port in the server URL)

curl -v -X POST -H "Authorization: Basic VE01enNFem9FZG9NRERjVEJjbXRBcWJGdTBFYTpYUU9URExINlBBOHJvUHJfSktrTHhUSTNseGNh" -H "Content-Type: application/x-www-form-urlencoded;charset=UTF-8" -k -d "grant_type=password&username=admin&password=admin" https://localhost:9443/oauth2endpoints/token



 3) Now you need to invoke and admin service in the Identity server. Please follow

http://charithaka.blogspot.com/2013/06/invoking-wso2-carbon-admin-services.html on how to invoke admin services using SOAP UI.

We shall now invoke the following service.
https://localhost:9443/services/OAuth2TokenValidationService

Request



Response



Now you will be getting the authorization context token which is encoded in base64 and delimited with "." values. Middle part will contain the user profile value and we can get it decoded using http://www.base64decode.org/

<ax2303:tokenString>eyJ0eXAiOiJKV1QiLCJhbGciOiJTSEEyNTZ3aXRoUlNBIiwieDV0IjoiTm1KbU9HVXhNelpsWWpNMlpEUmhOVFpsWVRBMVl6ZGhaVFJpT1dFME5XSTJNMkptT1RjMVpBPT0ifQ==.eyJpc3MiOiJodHRwOi8vd3NvMi5vcmcvZ2F0ZXdheSIsImV4cCI6MTM3NDE2NDYzMDE4MiwiaHR0cDovL3dzbzIub3JnL2dhdGV3YXkvc3Vic2NyaWJlciI6ImFkbWluIiwiaHR0cDovL3dzbzIub3JnL2dhdGV3YXkvYXBwbGljYXRpb25uYW1lIjoiTXlBcHBsaWNhdGlvbiIsImh0dHA6Ly93c28yLm9yZy9nYXRld2F5L2VuZHVzZXIiOiJhZG1pbiIsICJodHRwOi8vd3NvMi5vcmcvY2xhaW1zL2FjY291bnRMb2NrIjoiZmFsc2UiLCAiaHR0cDovL3dzbzIub3JnL2NsYWltcy9jaGFsbGVuZ2VRdWVzdGlvbjEiOiIxMjM0NDUiLCAiaHR0cDovL3dzbzIub3JnL2NsYWltcy9jaGFsbGVuZ2VRdWVzdGlvbjIiOiI0NTY3NTYiLCAiaHR0cDovL3dzbzIub3JnL2NsYWltcy9jaGFsbGVuZ2VRdWVzdGlvblVyaXMiOiJteVRva2VuMiIsICJodHRwOi8vd3NvMi5vcmcvY2xhaW1zL2VtYWlsYWRkcmVzcyI6ImFkbWluQHdzbzIuY29tIiwgImh0dHA6Ly93c28yLm9yZy9jbGFpbXMvZnVsbG5hbWUiOiJhZG1pbiIsICJodHRwOi8vd3NvMi5vcmcvY2xhaW1zL2dpdmVubmFtZSI6ImFkbWluIiwgImh0dHA6Ly93c28yLm9yZy9jbGFpbXMvbGFzdG5hbWUiOiJhZG1pbiIsICJodHRwOi8vd3NvMi5vcmcvY2xhaW1zL3JvbGUiOiJhZG1pbixldmVyeW9uZSJ9.IUpGsH149iJDcn/UWYdGBrAoTNOZiUdI3X7QMXqVt+ss5rOOlDeB5bgz0Q3Y4SKh+H4PBkvlLd0/WAlbuvTi9Zj/G/QupenQpqYKulOFihUMNHiWRUgFT5BvfATVMsvqO/023BFprhdDShuPlpI9pJAEeuvmUiRIBPVVeoj09Ec=</ax2303:tokenString>
               <ax2303:tokenType>JWT</ax2303:tokenType>

Following is the output of the decoded value which has the user profile details of the user who generated the OAuth access token.




Monday, April 22, 2013

How to disable automatic service creation with WSDL upload


When you upload a WSDL to WSO2 Governance Registry it will create a Service Artifact automatically for that WSDL. But in case you do not want that to be automated and need to add services differently this is how to disable that feature.

1) Open GREG_HOME/repository/conf/registry.xml

2) Search for 
<property name="createService">false</property>
and uncomment them.

There will be two locations generally for normal WSDL handler and for ZIP or archive based upload handler (Where you upload multiple WSDL files together).

Save registry.xml and restart your server. Now you can observe that it will not create Services automatically for WSDL uploads.

Tuesday, March 26, 2013

How to send CDATA inside your SOAP message payload

(Please note this a temporary workaround and this will be addressed properly in future releases)

If you need to send a SOAP message payload ever and if it resulted something like this.

&lt;task:customerSchema>&lt;ext:value>&amp;lt;maxStops>2&amp;lt;/maxStops>&lt;/ext:value>&lt;/task:customerSchema>

Because by default, a StAX parser must be in non coalescing mode (It overrides the default settings mandated by the StAX specification) and as a side effect of that parser coaelsce CDATA sections. [1]
You need to add the XMLInputFactory.properties file with the following entry to CARBON_HOME/ (root) folder.


javax.xml.stream.isCoalescing=false

For more information
[1] http://people.apache.org/~veithen/axiom/userguide/ch04.html#factory.properties

[2] http://wso2.org/forum/thread/10891

Saturday, February 16, 2013

Make a Torrent downloader with Raspberry Pi in 3 steps :)


If you are downloading torrents heavily with your highly capable machine, You are wasting a lot of resources. Why do not you use your Raspberry Pi to do it ;)

I recieved a Raspberry Pi @ wso2con 2013. I was really happy after seeing this as i was planning to get down a one anyway. This is my first project out of it. Need some time to go for a real big project. Yes i have a pieces of my old nookcolor including its LCD ;).

1st step

You need to configure your Raspberry pi with this tutorial.
http://www.raspberrypi.org/downloads

When you go to configuration screen make sure you enable ssh. So you can get rid of your monitor after that.

2nd Step

Install a remote viewer so you can view your Raspberry Pi desktop remotely.
http://www.jeremymorgan.com/tutorials/raspberry-pi/how-to-remote-desktop-raspberry-pi/

3rd Step

Install Transmission in Raspberry pi. 

sudo apt-get update
apt-get install transmission

So you can download torrents from Raspberry pi and SCP them to your local machine at anytime. There are few torrent clients available so you can try them if you do not like transmission.





Sunday, February 3, 2013

Application Governance with WSO2 GReg and Jenkins

This tutorial will show how you can automate the application Governance using WSO2 Governance Registry and Jenkins (for Build Automation).

Pre-Requisites 


Things to note

  • Jenkins or similar build automation tool should be used to build the artifact and deploy it to the specific Dev SVN location. 
  • There are three SVN locations required for Dev , QA and Production artifact deployment. 
  • User needs to specify the exact name of the artifact (without the extension) as Application Name when adding the application to WSO2 Governance Registry. 
  • This particular sample is tested with WSO2 Governance Registry 4.5.1. Therefore it is recommended to use the same version of the product.

Resource Location

Please download resources from following location.
https://svn.wso2.org/repos/wso2/scratch/application-governance/

Workflow




Configurations

n this workflow build automation is excluded and user needs to add the built artifact and first deploy to Dev SVN location. (Developer may use Jenkins to build and its plugin to add it to a SVN location)

1) Create the Registry Extension file for Applications as specified below. Deploy the Application RXT file to Governance Registry as described in http://docs.wso2.org/wiki/display/Governance450/Deploying+an+Extension+File


<artifactType type="application/vnd.wso2-application+xml"

shortName="applications" singularLabel="Application" pluralLabel="Applications" hasNamespace="false" iconSet="9">
    <storagePath>/applications/@{overview_name}</storagePath>
 <nameAttribute>overview_name</nameAttribute>
    <ui>
        <list>
            <column name="Name">
                <data type="path" value="overview_name" href="/applications/@{name}"/>
            </column>
            <column name="type">
                <data type="type" value="overview_type"/>
            </column>
        </list>
    </ui>
    <content>
        <table name="Overview">
            <field type="text" required="true">
                <name>Name</name>
            </field>
            <field type="options">
     <name>Type</name>
     <values>
      <value>car</value>
      <value>war</value>
     </values>
    </field>
            <field type="text-area">
                <name>Description</name>
            </field>
        </table>
    </content>
</artifactType>





2) Create an Application in Governance Registry.

Add→ Application


Specify Name of the car/war file. (This should be the exact name in the svn location without extension)
eg: myCapp


3) Add Svn Executor to Governance Registry Server.

  • Edit the svn-executor-1.0.jar’s svn.properties file and add your svn credentials and Jenkins URL.

  • Copy the svn-executor-1.0.jar and svnkit-bundle-1.0.0.jar (provided separately) to G-REG_HOME/repository/components/lib folder.

  • Copy svn-client-adapter-1.6.18.wso2v2.jar to G-REG_HOME/repository/components/dropins folder.



4) Add a new lifecycle in Governance Registry names AppLifeCycle by following the instructions provided in
http://docs.wso2.org/wiki/display/Governance450/Adding+Lifecycles. Use the lifecycle configuration specified below.

 <!--
 ~ Copyright (c) 2005-2010, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
 ~
 ~ WSO2 Inc. licenses this file to you under the Apache License,
 ~ Version 2.0 (the "License"); you may not use this file except
 ~ in compliance with the License.
 ~ You may obtain a copy of the License at
 ~
 ~    http://www.apache.org/licenses/LICENSE-2.0
 ~
 ~ Unless required by applicable law or agreed to in writing,
 ~ software distributed under the License is distributed on an
 ~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
 ~ KIND, either express or implied.  See the License for the
 ~ specific language governing permissions and limitations
 ~ under the License.
 -->
<aspect name="AppLifeCycle" class="org.wso2.carbon.governance.registry.extensions.aspects.DefaultLifeCycle">
    <configuration type="literal">
        <lifecycle>
            <scxml xmlns="http://www.w3.org/2005/07/scxml"
                   version="1.0"
                   initialstate="Development">
                <state id="Development">
                    <datamodel>
                        <data name="checkItems">
                            <item name="Code Completed" forEvent="">                            
                            </item>
                          
                            <item name="Added to SVN" forEvent="">
                            </item>
                        </data>

   <data name="transitionExecution">
                            <execution forEvent="Promote" class="org.wso2.carbon.executor.SvnDeploymentExecutor">
     <parameter name="currentEnvironment" value="https://svn.wso2.org/repos/wso2/scratch/greg-scm-test/dev"/>
                                <parameter name="targetEnvironment" value="https://svn.wso2.org/repos/wso2/scratch/greg-scm-test/qa"/>
                            </execution>   
                        </data>  
                    </datamodel>
                    <transition event="Promote" target="Testing"/>                  
                </state>
                <state id="Testing">
                    <datamodel>
                        <data name="checkItems">
                            <item name="Effective Inspection Completed" forEvent="">
                            </item>
                            <item name="Test Cases Passed" forEvent="">
                            </item>
                            <item name="Smoke Test Passed" forEvent="">
                            </item>
                        </data>
                         <data name="transitionExecution">
                            <execution forEvent="Promote" class="org.wso2.carbon.executor.SvnDeploymentExecutor">
                                <parameter name="currentEnvironment" value="https://svn.wso2.org/repos/wso2/scratch/greg-scm-test/qa"/>
                                <parameter name="targetEnvironment" value="https://svn.wso2.org/repos/wso2/scratch/greg-scm-test/prod"/>
                            </execution>

                            <execution forEvent="Demote" class="org.wso2.carbon.executor.SvnDeploymentExecutor">
                             <parameter name="currentEnvironment" value="https://svn.wso2.org/repos/wso2/scratch/greg-scm-test/qa"/>
                            </execution>
                        </data>
                           
   
                    </datamodel>
                    <transition event="Promote" target="Production"/>
                    <transition event="Demote" target="Development"/>
                </state>
                <state id="Production">  
                    <datamodel>
                        <data name="checkItems">
                            <item name="Verify No one using the application" forEvent="">
                            </item>
                        </data>
   <data name="transitionExecution">
                            <execution forEvent="Retire" class="org.wso2.carbon.executor.SvnDeploymentExecutor">
    <parameter name="currentEnvironment" value="https://svn.wso2.org/repos/wso2/scratch/greg-scm-test/qa"/>
                                <parameter name="targetEnvironment" value="https://svn.wso2.org/repos/wso2/scratch/greg-scm-test/prod"/>
                            </execution>   
                        </data>  
                    </datamodel>
                    <transition event="Retire" target="Retired"/>
                </state>  
                
                <state id="Retired">  
                    <datamodel>     
                    </datamodel>
                </state>
                              
            </scxml>
        </lifecycle>
    </configuration>
</aspect> 


In the above lifecycle configuration you need to change your svn locations that are used in promotions.

Eg:

From Dev to QA
<parameter name="currentEnvironment" value="https://svn.wso2.org/repos/wso2/scratch/greg-scm-test/dev"/>
  <parameter name="targetEnvironment" 
value="https://svn.wso2.org/repos/wso2/scratch/greg-scm-test/qa"/>

5) Attach the AppLifeCycle to your application.


6) Promote Application from Development to Testing.
This will copy external CApp from Dev environment to QA environment (in the relevant SVN locations)






7) Demote Application from Testing to Development back
This will remove the artifact from QA environment (QA SVN location)



Deployment Automation with Jenkins


1) Start Jenkins and add the URL to svn-executor-1.0.jar’s properties file.


2) Create two Build jobs with name “promote” and “demote”.


3) Apply “This build is parameterized” check box and add following parameters to each of the job separately .


  • name
  • svnUrl
  • state

4) Create a local repository (A folder in you local file system) to check out the artifacts.
eg: /home/user1/repository

5) for promote Build job add the following script ( Build → Add build step → execute shell). Please change the values appropriately to suit your environment

#!/bin/bash

if  [[ "${state}" == "Testing" ]] ;
then
##  repository location
cd /media/data/wso2/support/repository/

svn checkout $svnUrl


## svn checkout location (This will be repository url + ‘qa’ as
## QA artifact was store in our repository
## https://svn.wso2.org/repos/wso2/scratch/greg-scm-test/qa/


cd /media/data/wso2/support/repository/qa
cp -r ./$name 

## Location of the Testing server
/media/data/wso2/support/wso2qaesb-4.5.0/repository/carbonapps/0/
fi

if [[ "${state}" == "Production" ]] ;
then
cd /media/data/wso2/support/repository/
svn checkout $svnUrl

## svn checkout location (This will be repository url + ‘prod’ as
## Production artifact was store in our repository
## https://svn.wso2.org/repos/wso2/scratch/greg-scm-test/prod/

cd /media/data/wso2/support/repository/prod
cp -r ./$name 

## url of the Production server
/media/data/wso2/support/wso2prodesb-4.5.0/repository/carbonapps/0/
fi 

6) For demote Build job use the following action ( Build → Add build step → execute shell)

#!/bin/bash

if  [[ "${state}" == "Testing" ]] ;
then

## location of the local ‘QA’ artifacts are stored.
cd /media/data/wso2/support/repository/qa

svn update 

cd /media/data/wso2/support/wso2qaesb-4.5.0/repository/carbonapps/0

rm -rf ./$name
fi

7) When you promote as in the script it will deploy the artifact to Development server and when demote it will remove the Application from Carbon server which will respectively deploy/ undeploy

8) You need to have similar script for artifact deployment from initial project to developer location which is not covered in the sample.

Saturday, September 15, 2012

Create a proxy in WSO2 ESB using admin services.

Do you want to know how to create a proxy in WSO2 ESB without using UI. Here is a sample code
that will help you to understand how to use an admin service to achieve the task.
package org.wso2.test;

import org.apache.axis2.AxisFault;
import org.wso2.carbon.proxyadmin.stub.ProxyServiceAdminProxyAdminException;
import org.wso2.carbon.proxyadmin.stub.ProxyServiceAdminStub;
import org.wso2.carbon.proxyadmin.stub.types.carbon.ProxyData;
import org.wso2.carbon.utils.CarbonUtils;

import java.rmi.RemoteException;

public class TestProxy {

    public static void main(String[] args)
            throws RemoteException, ProxyServiceAdminProxyAdminException {

        String userName = "admin";
        String password = "admin";
        // Add the service URL
        String serviceEndPoint="http://localhost:8281/services/echo" ;
        // Proxy Admin service's endpoing URL
        String endPoint = "https://localhost:9444/services/" +"ProxyServiceAdmin";

        // Set client trust store
        System.setProperty("javax.net.ssl.trustStore", "/media/data/wso2/products/wso2/esb/" +
                                                       "wso2esb-4.5.0/repository/resources/security" +
                                                       "/client-truststore.jks");
        System.setProperty("javax.net.ssl.trustStorePassword", "wso2carbon");
        System.setProperty("javax.net.ssl.trustStoreType","JKS");

        ProxyServiceAdminStub proxyServiceAdminStub = new ProxyServiceAdminStub(endPoint);

        CarbonUtils.setBasicAccessSecurityHeaders(userName, password,
                                                  proxyServiceAdminStub._getServiceClient());

        //Set proxy configuration data
        String[] transport = {"http", "https"};
        ProxyData data = new ProxyData();
        data.setName("TestProxy2");
        data.setWsdlURI("http://localhost:8281/services/echo?wsdl");
        data.setTransports(transport);
        data.setStartOnLoad(true);
        data.setEndpointXML("<endpoint http:="http:" ns="ns" synapse="synapse" ws.apache.org="ws.apache.org" xmlns="\"><address serviceendpoint="serviceendpoint" uri="\">
</address>
</endpoint>");
        data.setEnableSecurity(true);

        proxyServiceAdminStub.addProxy(data);
    }
}


Download complete maven project here