Day to Day Java

What is JAAS? The Java Authentication and Authorization Service (JAAS) is a integrated package comes with Java 2 SDK. Basically JAAS is designed to achieve two things, Authentication - determine who is executing the code Authorization - ensure user/code has access control right to perform an action  JAAS for Authentication JAAS modules related to authentication are connected in a pluggable manner. So it promotes the reuse of underline authentication technology with different applications. Following are the key classes we use in authentication process. LoginContext This is the start point of the authentication process. This class contains 3 methods as, login()  - authenticate user logout() - logout user getSubject() - get authenticated user When we initiate a LoginContext, we provide required configurations to handle authentication. So we can change underlying authentication technology from the configuration without updating the application logic....

This is a sample service client implementation for WSO2 Governance Registry 5.1.0 which traverse through a registry resource tree and copy all resources to a desired location. Also it can ignore specified paths in a resources tree while copying. Source and binary can be found in this location . Follow the instructions mentioned in the README.md file to run the client. You can modify following properties in the ' resources/ client.properties ' file to change the behaviour of this service client Property Name Description GREG.URL Services endpoint of the G-REG server URL (ex: https://localhost:9443/services/) GREG.USERNAME User name (This user must have read/write access to the registry) GREG.PASSWORD Password FROM.PATH Source location (ex: /_system/config) TO.PATH Destination (ex: /_system/config/dev) ESCAPE.PATHS Paths to skip while copying. Add paths here in a comma separated manner AXIS2.REPO Required to create axis2 configuration context AXIS2.CONF Axis2 ...

If ESB directly receiving a request message from the source, you can use following properties to extract source IP related info, <log level="custom"> <property xmlns:ns=" http://org.apache. synapse/xsd " name="REMOTE_ADDR" expression="$axis2:REMOTE_ ADDR"></property> <property xmlns:ns=" http://org.apache. synapse/xsd " name=" REMOTE_HOST " expression="$axis2:REMOTE_ HOST"></property> </log> If you have a proxy server or load balancer in the middle, You can use following property to extract IP address of the request source, <log level="custom"> <property xmlns:ns=" http://org.apache. synapse/xsd " name=" X-Forwarded-For " expression=" $trp:X-Forwarded-For" "></property> </log>

Prerequisites Use following keytool command to extract public certificate from the wso2is-5.1.0/repository/resources/security/wso2carbon.jks file. (pw: wso2carbon) keytool -export -alias wso2carbon -file key.crt -keystore wso2carbon.jks Important : In production environment you must not use the default wso2carbon.jks which comes with the WSO2 Identity Server Use following command to print the extracted public certificate, openssl x509 -text -inform DER -in key.crt Ex: -----BEGIN CERTIFICATE----- MIICNTCCAZ6gAwIBAgIES343gjANBgkqhkiG9w0BAQUFADBVMQswCQYDVQQGEwJV UzELMAkGA1UECAwCQ0ExFjAUBgNVBAcMDU1vdW50YWluIFZpZXcxDTALBgNVBAoM BFdTTzIxEjAQBgNVBAMMCWxvY2FsaG9zdDAeFw0xMDAyMTkwNzAyMjZaFw0zNTAy MTMwNzAyMjZaMFUxCzAJBgNVBAYTAlVTMQswCQYDVQQIDAJDQTEWMBQGA1UEBwwN TW91bnRhaW4gVmlldzENMAsGA1UECgwEV1NPMjESMBAGA1UEAwwJbG9jYWxob3N0 MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCUp/oV1vWc8/TkQSiAvTousMzO M4asB2iltr2QKozni5aVFu818MpOLZIr8LMnTzWllJvvaA5RAAdpb...

We can preserve CDATA blocks as follows, ESB 4.8.1 You need to apply patch0514 and copy this file to the <ESB_HOME> folder. Then restart the server ESB 4.9.0 Copy this file to the <ESB_HOME> folder and restart the server

There are use cases which we need to generate a UUID( universally unique identifier ) from the WSO2 ESB server for the back end services. There are two commonly used UUID types, Version 1 UUID or Time UUID A Version 1 UUID use a scheme relying only on timestamp and the MAC address of the computer on which it is generated Version 4 UUID Version 4 UUIDs use a scheme relying only on random numbers Getting a version 4 UUID is really easy in ESB, since we already have one in the message flow. So we can extract it like follows, <property name="MessageID" expression="fn:substring-after(get-property('MessageID'), 'urn:uuid:')"/> But in case of version 1 UUID or Time UUID, we have to use script mediator or class mediator to generate a UUID . Script mediator is slower compared to the class mediator.  A simple class mediator which can use for version 1 UUID generation can be found here . This class mediator uses this library to gene...

Manage User Account Associations In  WSO2 Identity Server(IS) 5.1.0 we can find a new feature called user account association feature. With this feature IS enables its users to merge their different accounts and switch between them after logged in to a merged account. Users can consume this feature in following ways, As an admin service As a gadget in the IS user dash board Admin Service You can access this admin service using the URL ' https://<HOST_NAME>:9443/services/UserAccountAssociationService?wsdl '.  Following actions can be performed using above admin service. Create a new user account association Delete an exciting user account association Get all associated user accounts of the logged in user Switch between associated user accounts without re-authenticate with the system Dashboard Gadget - Associated User Account In the user dashboard of IS 5.1.0 there is a new gadget called "Associated User Accounts" as follows, ...