Day to Day Java

We can preserve CDATA blocks as follows, ESB 4.8.1 You need to apply patch0514 and copy this file to the <ESB_HOME> folder. Then restart the server ESB 4.9.0 Copy this file to the <ESB_HOME> folder and restart the server

There are use cases which we need to generate a UUID( universally unique identifier ) from the WSO2 ESB server for the back end services. There are two commonly used UUID types, Version 1 UUID or Time UUID A Version 1 UUID use a scheme relying only on timestamp and the MAC address of the computer on which it is generated Version 4 UUID Version 4 UUIDs use a scheme relying only on random numbers Getting a version 4 UUID is really easy in ESB, since we already have one in the message flow. So we can extract it like follows, <property name="MessageID" expression="fn:substring-after(get-property('MessageID'), 'urn:uuid:')"/> But in case of version 1 UUID or Time UUID, we have to use script mediator or class mediator to generate a UUID . Script mediator is slower compared to the class mediator.  A simple class mediator which can use for version 1 UUID generation can be found here . This class mediator uses this library to gene

With this feature WSO2 Identity Server facilitates IdP initiated SAML2 single log out requests. In the SAML service provider configuration UI here is a new configuration called “Enable IdP Initiated SLO”. You can enable this feature using this checkbox. Also you can define redirect URL after the single log out using "Return to URL" under “Enable IdP Initiated SLO” option. Following parameters can be used with IdP initiated SLO request. Parameter Description slo This is a mandatory parameter and must have the value “true” to mark the request as an IdP initiated log out request. spEntityID This is an optional parameter. Value of the parameter should be the SAML issuer name as in “Issuer” field in the SAML service provider configuration UI. returnTo This is an optional parameter. Value of the parameter should be the URL which needs to be redirected to, after the log out. If this parameter is present

This feature enables to define multiple assertion consumer service URLs for a SAML2 service provider.  In the  SAML service provider configuration UI there is a new configuration called “Assertion Consumer URLs”. You can add multiple assertion consumer   URLs for the SAML2 service provider using the “Add” button. Since we have multiple assertion consumer URLs, we need to define a default assertion consumer URL in case we can’t retrieve it from the authentication request. Now SP initiated SSO and IdP initiated SSO flows behave as follows, In SP initiated SSO, If no AssertionConsumerServiceUrl is given in the <AuthnRequest>, IS will send the response to default ACS URL of the SP. (Whether request is signed or not)  If the AssertionConsumerServiceUrl in <AuthnRequest> matches with one of the registered URLs, IS will send the response to the matched one.  If the AssertionConsumerServiceUrl in <AuthnRequest> does not match with any of the registered AC

Manage User Account Associations In  WSO2 Identity Server(IS) 5.1.0 we can find a new feature called user account association feature. With this feature IS enables its users to merge their different accounts and switch between them after logged in to a merged account. Users can consume this feature in following ways, As an admin service As a gadget in the IS user dash board Admin Service You can access this admin service using the URL ' https://<HOST_NAME>:9443/services/UserAccountAssociationService?wsdl '.  Following actions can be performed using above admin service. Create a new user account association Delete an exciting user account association Get all associated user accounts of the logged in user Switch between associated user accounts without re-authenticate with the system Dashboard Gadget - Associated User Account In the user dashboard of IS 5.1.0 there is a new gadget called "Associated User Accounts" as follows,