Day to Day Java

What is JAAS? The Java Authentication and Authorization Service (JAAS) is a integrated package comes with Java 2 SDK. Basically JAAS is designed to achieve two things, Authentication - determine who is executing the code Authorization - ensure user/code has access control right to perform an action  JAAS for Authentication JAAS modules related to authentication are connected in a pluggable manner. So it promotes the reuse of underline authentication technology with different applications. Following are the key classes we use in authentication process. LoginContext This is the start point of the authentication process. This class contains 3 methods as, login()  - authenticate user logout() - logout user getSubject() - get authenticated user When we initiate a LoginContext, we provide required configurations to handle authentication. So we can change underlying authentication technology from the configuration without updating the application logic. Config

This is a sample service client implementation for WSO2 Governance Registry 5.1.0 which traverse through a registry resource tree and copy all resources to a desired location. Also it can ignore specified paths in a resources tree while copying. Source and binary can be found in this location . Follow the instructions mentioned in the README.md file to run the client. You can modify following properties in the ' resources/ client.properties ' file to change the behaviour of this service client Property Name Description GREG.URL Services endpoint of the G-REG server URL (ex: https://localhost:9443/services/) GREG.USERNAME User name (This user must have read/write access to the registry) GREG.PASSWORD Password FROM.PATH Source location (ex: /_system/config) TO.PATH Destination (ex: /_system/config/dev) ESCAPE.PATHS Paths to skip while copying. Add paths here in a comma separated manner AXIS2.REPO Required to create axis2 configuration context AXIS2.CONF Axis2

If ESB directly receiving a request message from the source, you can use following properties to extract source IP related info, <log level="custom"> <property xmlns:ns=" http://org.apache. synapse/xsd " name="REMOTE_ADDR" expression="$axis2:REMOTE_ ADDR"></property> <property xmlns:ns=" http://org.apache. synapse/xsd " name=" REMOTE_HOST " expression="$axis2:REMOTE_ HOST"></property> </log> If you have a proxy server or load balancer in the middle, You can use following property to extract IP address of the request source, <log level="custom"> <property xmlns:ns=" http://org.apache. synapse/xsd " name=" X-Forwarded-For " expression=" $trp:X-Forwarded-For" "></property> </log>

Prerequisites Use following keytool command to extract public certificate from the wso2is-5.1.0/repository/resources/security/wso2carbon.jks file. (pw: wso2carbon) keytool -export -alias wso2carbon -file key.crt -keystore wso2carbon.jks Important : In production environment you must not use the default wso2carbon.jks which comes with the WSO2 Identity Server Use following command to print the extracted public certificate, openssl x509 -text -inform DER -in key.crt Ex: -----BEGIN CERTIFICATE----- MIICNTCCAZ6gAwIBAgIES343gjANBgkqhkiG9w0BAQUFADBVMQswCQYDVQQGEwJV UzELMAkGA1UECAwCQ0ExFjAUBgNVBAcMDU1vdW50YWluIFZpZXcxDTALBgNVBAoM BFdTTzIxEjAQBgNVBAMMCWxvY2FsaG9zdDAeFw0xMDAyMTkwNzAyMjZaFw0zNTAy MTMwNzAyMjZaMFUxCzAJBgNVBAYTAlVTMQswCQYDVQQIDAJDQTEWMBQGA1UEBwwN TW91bnRhaW4gVmlldzENMAsGA1UECgwEV1NPMjESMBAGA1UEAwwJbG9jYWxob3N0 MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCUp/oV1vWc8/TkQSiAvTousMzO M4asB2iltr2QKozni5aVFu818MpOLZIr8LMnTzWllJvvaA5RAAdpb