WSO2 Venus

Samisa AbeysingheLong Live the Queen!

Tyrell PereraBill Gates No Longer World's Richest Man



India, China make mark on Forbes rich list / The Christian Science Monitor - CSMonitor.com
Eight Indians made Forbes magazine’s latest list of the top 100 billionaires, and two – energy tycoon Mukesh Ambani and steel mogul Lakshmi Mittal – sit in the top 5. Mr. Ambani is now the fourth richest person in the world, and the richest person in the Asia-Pacific region.


Danushka MenikkumburaWSO2 Web Services Framework (WSF) Admin M1 Released

WSO2 WSF/C team is pleased to announce the M1 release of WSO2 WSF Admin for Apache Axis2/C, WSO2 WSF/C and WSO2 WSF/C++.

WSO2 WSF Admin is a runtime management GUI for Apache Axis2/C, WSO2 Web Service Framework for C and WSO2 Web Services Framework for C++ that is powered by the WSO2 Carbon frontend, a Java based web UI. The management console backend is a collection of Axis2/C services and modules that are deployed within the framework itself. The communication between the frontend and backend is based on SOAP and REST.

Key Features
1. Configure Apache Axis2/C, WSO2 WSF/C and WSO2 WSF/C++ through a Web UI.
2. Ability to view service group, service, operation and module meta data.
3. Configure and apply/remove security on a service dynamically.
4. Policy Editor.
5. Monitor service usage statistics.

You can download this release from http://wso2.org/projects/wsf/c

Nandika JayawardanaWSO2 Carbon Based Admin Console for Axis2/C WSF/C and WSF/C++

http://wso2.org/projects/wsf/cppWith the availability of WSO2 WSF Admin, now users can manage their C and C++ Web Services Deployed in Axis2/C, WSF/C or WSF/C++ using the GUI interface of Carbon. At present, WSF Admin is at first milestone and supports following set of features.

Service Listing and Module Listing

Security Configuration

Policy Editing

Service Statistics

Following are some of the screen shots of New WSF Admin Console with WSF/C++.

Service Listing servicelisting

Engage Statistics Module to a service using the admin console and view the service usage statistics.

engage

stats

Configure Security

security

View and Edit Service Policies

policies

There are lots of other functionality in-addition to the once I have shown above.  WSF Admin is a set set of web services and modules implemented using WSO2 Web Services Framework, plus a Customized Carbon Instance. The Admin Console works by using web services interactions to the WSF/C Back End where the C Admin Services deployed. WSF Admin is also a demonstration of not only the interoperability of WSO2 products ( Between java based Carbon Platform and C/C++ based WSF Products ) but also the flexibility of WSO2 Carbon Platform. 

WSF Admin milestone 1 release does not have the persistence and hence the configuration changes you make will not be preserved once you shutdown your server. The next release of WSF Admin will be having the persistence capability.

Saliya Ekanayake.NET Naming Conventions

A good place to learn about .NET naming conventions.

Denis WeerasiriOverall view of the Mooshabaya project


Here I have come up with the mind map of the overall view of our final year project Mooshabaya.



For the full-screen mode
 

Paul FremantleAssume the world cannot spell

I'm "blessed" with an unusual name. There are Fremantles and  Freemantles. The one's with a double ee are a lot easier to find. In the days before computers it didn't matter. When I worked for IBM, IBM had a global directory called BluePages. No-one could find me in it. After a while I found a hack: there was a place where married women could put their maiden name and this was included in the search. I said my maiden name was Freemantle and suddenly people could find me.

Anyway, what's my point? Simple: don't register a web domain name without grabbing the common mispellings! As well as fremantle.org I now control freemantle.org, so when people email to paul@freemantle.org I still get it.

And finally! We have ws02.com!!! I've learnt the lesson. Until the next time.

PS the outstanding irony is I had a spelling mistake in this post - now corrected.  Thanks Chris

Tyrell PereraTHE NEW DORK - Entrepreneur State of Mind (Jay-Z ft Alicia Keys Spoof)

Nice lyrics!!


Samisa AbeysingheTime

It was the best of times, it was the worst of times, it was the age of wisdom, it was the age of foolishness, it was the epoch of belief, it was the epoch of incredulity, it was the season of Light, it was the season of Darkness, it was the spring of hope, it was the winter of despair, we had everything before us, we had nothing before us, we were all going direct to heaven, we were all going direct the other way - in short, the period was so far like the present period, that some of its noisiest authorities insisted on its being received, for good or for evil, in the superlative degree of comparison only.
Charles Dickens, A Tale of Two Cities
English novelist (1812 - 1870)





To everything there is a season, and
a time to every purpose under heaven:

A time to be born, and
a time to die;
a time to plant, and
a time to pluck up
that which is planted;

A time to kill, and
a time to heal;
a time to break down, and
a time to build up;

A time to weep, and
a time to laugh;
a time to mourn, and
a time to dance;

A time to cast away stones, and
a time to gather stones together;
a time to embrace, and
a time to refrain from embracing;

A time to get, and
a time to lose;
a time to keep, and
a time to cast away;

A time to rend, and
a time to sow;
a time to keep silence, and
a time to speak;

A time to love, and
a time to hate;
a time of war; and
a time of peace.

From The Holy Bible (King James Version)
Attributed to King Solomon
Ecclesiastes 3:1-8

Supun KamburugamuvaMy thoughts on WSO2 Carbon Registry Seperation

For the upcoming Carbon release (3.0.0) we are going to introduce a new registry separation model for all the carbon based applications. I feel there is something fundamentally wrong with this registry separation. But still I'm not clear why I got that feeling. So I thought of writing down my thoughts. This is not a structured post. I'm just writing down my thoughts.

Under the new Registry model there are three registries.

1. Local registry
2. Configuration registry
3. Governance registry

First lets look at the problem we are trying to solve using these three registries.

Every program needs configurations to run. These configurations can be coming from a file or can be coming from a UI. Also every program has a state. When we change some configurations or deploy a new component or enable something program state can be changed. A program usually saves its state transparently to the user. For example when we run a program like IntelliJ Idea or ecclipse we can specify some configurations like temp directory, using a configuration file . Some configurations like editing options are saved interanally by these applications and users doesn't know the format of the stored configuration information.

There is another type of information that a program require. They are application specific configurations. For example an IntelliJ Idea project may be using a JSP Tag Library. IntelliJ Idea has to know the location of this tag library in order to property render the JSP tags. An ESB may require a XSLT file for message transformation. This file has to be stored somewhere accessible from the ESB.

With a tool like intellij Idea configuration storage is always the file system. But with carbon configuraion storage is the WSO2 Governance Registry.

Carbon is another program that has all sorts of configurations. Also a carbon program can run in multiple topologies like Standalone mode with a remote registry. Clustered mode with a remote registry etc. From the carbon perspective it shouldn't matter weather it is running against a remote registry or a embedded registry. Standalone mode and clustering mode are very important.

There is a very very important concept when it comes to storage requirement of a program. There are only two types of storage requirements to a program.
  1. There is state information internal to a program that shouldn't be exposed to the user as it is.
  2. There are configurations specified by the user
If we agree to the above fundamental principle there can be two configuration areas to a program.
  1. Internal storage space used to store the state information
  2. Storage space to put user specified configurations
But Carbon introduces three configuration areas. But I think there should be only two configuration areas. A local registry that can be used to store internal stuff to carbon that shouldn't be exposed to the user and a general registry that can contain all sorts of user configurations.

Different components behave differently in different topologies. One of the ideas behind carbon is when a application runs in standalone mode it should be able to run in clustering mode without any changes. That is one of the fundamental reasons behind registry separation. But clustering and standalone modes are vary different and trying to design a application to run a standalone app in cluster mode can be a bad design decision.

Also carbon wants to start two clusters and share information among the two clusters using the registry. That is why we have the governance registry. But this is a feature that we could have simply achieve at the carbon level without over complicating the registry model.

For me registry is just a storage. It is like a file system or a database. A database provide a generic programming model so does the registry. It is the application level programmers responsibility to use the database properly. Also it is the carbon's responsibility to use the registry correctly to suite its needs. Changing the registry model to suite carbon's need is not a good idea.

I may be completely wrong. Every technical decision has its pros and cons.



Chanaka JayasenaGetting Flexy - Flex quick start project with Ant build script

download

Flex has open up endless possibilities to web designers and developers around the world. Since Flex has been around for a while now ,there are tremendous amount of resources available on the subject. Most of these guides and tutorials are base on Flex builder.

The above code is a starting point to your Flex project. It contains an Ant build file which will compile the source files to a swf file and create html wrappers for you. You have to edit the build.xml file inside the extracted "flexy" directory.



This is how the project is structured. The following image will give you a guild lines to edit the build files.





If you setup Ant, Flex Sdk and change the build.xml file you will be able to generate something like this.

Supun KamburugamuvaAmazon Prime, Amazing service

I've subscribed to Amazon prime shipping. It is free for the first month. I did not want to subscribe to it any longer than the first month because I'm not living in USA. But I forgot to cancel the prime membership after the first month. So Amazon continued with my prime membership and charged my credit card for the first year membership.

Amazing thing is I could cancel the prime membership with the total refund. The only condition is I shouldn't have bought anything after I pay for the prime membership. Isn't it a wonderful service?

I just did the cancellation and waiting for Amazon refund. Hope it will arrive as they said.


Saliya EkanayakeCommand Line: Relaxing Colors

I have been using a color theme for the command line in both Windows and Ubuntu for sometime now and it has been really comfortable for the eyes. So if you feel tired or bored using the white on black try these.

Background Color: #3A4237 (in RGB this is 58,66,55)
Text Color: White

It will give you this feeling of a good old chalk board. Here's a screen capture of how it looks.

Yumani RanaweeraCreating a MySQL database for WSO2 Carbon 3.x.x products

WSO2 Carbon products have an inbuilt H2 database. Additionally the Carbon framework allows you to switch to the databases such as Oracle, MSSQL,MySQL, Derby, DB2.

You can easily switch between these databases by;
- creating a database schema within the relevant RDBMS
- point the configuration scripts to that db
- copy the drivers
- start the server with -Dsetup
I will describe these steps in a separate post.

This post is about how you can manually configure the database. I will be using MySql in my illustration. And I will be using WSO2 Identity Server 3.0 -alpha releases for this.


Creating MySQL database for WSO2 Carbon
-----------------------------------------------------------------

1. Download a wso2 identity server 3.0 alpha release

2. Navigate to the location where you have the mysql script. i.e. CARBON_HOME/dbscripts

3. Open a command prompt from that location and login to mysql from cmd prompt
mysql -u root -p

4. Create a database. Create user and grant access
create database regdb;
GRANT ALL ON regdb.* TO regadmin@localhost IDENTIFIED BY "regadmin";

6. Run the mysql.sql script. This will configure the database.
use regdb;
source mysql.sql


7. Copy the database driver to CARBON_HOME\repository\components\lib. I used mysql-connector-java-5.1.7-bin.jar, which is the official JDBC driver for MySQL. It can be downloaded from here.



8. Configure usermanager and registry scripts, which reside in CARBON_HOME/repository/conf

registry.xml
<currentDBConfig>mysql-db</currentDBConfig>
<dbConfig name="mysql-db">
<url>jdbc:mysql://localhost:3306/regdb</url>
<userName>regadmin</userName>
<password>regadmin</password>
<driverName>com.mysql.jdbc.Driver</driverName>
<maxActive>80</maxActive>
<maxWait>6000</maxWait>
<minIdle>5</minIdle>
</dbConfig>

user-mgt.xml
<Database>
<URL>jdbc:mysql://localhost:3306/regdb</URL>
<UserName>regadmin</UserName>
<Password>regadmin</Password>
<Dialect>mysql</Dialect>
<Driver>com.mysql.jdbc.Driver</Driver>
</Database>

Afkham AzeezAutoscaling (Axis2) Web Services on Amazon EC2

Fault tolerance, high availability, & scalability are essential prerequisites for any enterprise application deployment. One of the major concerns of enterprise application architects is avoiding single points of failure. There is a high cost associated with achieving high availability & scalability. We will look at an economical approach towards automatically scaling Web service applications while maintaining the availability & scalability guarantees at an optimum economical cost. This approach, involving the Amazon EC2 cloud computing infrastructure, makes it unnecessary to invest in safety-net capacity & unnecessary redundancy.

The Web service application developer should only need to write the application once, and simply deploy it on the cloud. The scalability & availability guarantees should be provided automatically by the underlying infrastructure.

Autoscaling refers to the behavior where the system scales up when the load increases & scales down when the load decreases. Auto-healing refers to an approach where a specified minimum deployment configuration is maintained even in the event of failures. Such an approach is essential for cloud deployments such as Amazon EC2 where the charge is based on the actual computing power consumed. Ideally, from the clients' point of view, in an autoscaling system, the response time should be constant and the overall throughput of the system should increase.

We will describe in detail an economical approach towards building auto-scaling Apache Axis2 Web services on Amazon EC2. In the course of this thesis, we will introduce well-known address (WKA) based membership discovery for clustering deployments where multicast-based membership discovery is an impossibility.

We will also introduce an approach towards dynamic load balancing, where the load balancer itself uses group communication & group membership mechanisms to discover the domains across which the load is distributed. In a traditional setup, a single load balancer fronts a group of application nodes. In such a scenario, the load balancer can be a single point of failure. Traditionally, techniques such as Linux HA have been used to overcome this. However, such traditional schemes have quite a bit of overhead and also require the backup system to be in close proximity to the primary system. In case of catastrophic situations, this approach can result in complete failure of the system. We will introduce an auto-healing scheme in case of load balancer failure using Amazon Elastic IP addresses & a load balancer group, which can overcome these shortcomings.


Eran ChinthakaTips on Getting Back to Windows 7 from Ubuntu

With the impressive stability of Windows 7 (and also due to the nature of my current work), I decided to get back to Windows (once again!!). The question I had in my mind was mostly the availability compatible windows versions of some tools I used to use in Ubuntu . But after sometime I found alternatives and this blog lists some of the tools I found so far, in case if anyone is interested.

Research paper writing through Latex

TexMaker (thanks Ajith Ranabahu for introducing me to this) is a great tool which works both on Ubuntu and Windows. Here is the installation guide to get miktex and texmaker in your system.

presentations, documents and spreadsheets

I don’t think I missed open office when I moved to Windows. Microsoft Office suite is the best set of tools to edit documents. But in case if you want to get the open-office documents converted to word format, either convert them using open-office itself or use google docs. I use google docs extensively, so my document conversion was not that hard.

command line usage

This is the hardest thing for me in Windows, when I moved. All the commands are changed and didn’t have the powerful set of commands I had in to linux. But GnuWin32 packages is the solution. Install at least the core-utils. Download the package and extract it to a local folder. Then add the bin folder to your PATH variable and you are good to go.

messaging

What else? Pidgin.

secure communication with SSH

Use puttygen to convert your key to ppk file. Then use pageant as the key-agent. Instructions are here.
Also if you can get hold of SSH Secure Shell for Workstations, its a nice tool to access and transfer files to remote linux boxes.

subversion

Use tortoise svn. May be you might not need this if your IDE itself is supporting svn internally.

drawing diagrams and graphs

Use dia to draw diagrams and GnuPlot for graphs.

light-weight text editor

I noticed that notepad and wordpad are not simple anymore. I started using notepad++

other tools

Google Chrome (browser), VLC (media player), skype (VoIP), 7-zip (zipping), Intellij IDEA or Eclipse (development tools), JDK (java development), Adobe pdf viewer have their windows counterparts available to download.

If I miss anything, please let me know and I’m happy to update this list for everyone’s benefit.

Supun KamburugamuvaWriting a Load Balance algorithm for WSO2 ESB

Load balance algorithms are very interesting. They need to be fast and efficient. Otherwise we will spend most of our time trying to find the next route rather than doing the actual message sending.

Also load balancing algorithms involve lots of synchronization operations as well. So they should be coded with care.

The load balance algorithm I was interested in should have the benefits of Round Robin, Weighted and Least connection based algorithms. So it is a combination of all those three algorithms.

Round Robin is a pretty powerful algorithm mainly due to its simplicity. One assumption it made is all the servers are identical and has the exact same capacity. But in practice this may not be the case always.

Static Weighted algorithms assume machines have different capacities and based on those they are configured statically. Combined with round robin algorithms these can be pretty useful in some scenarios. But both these algorithms neglects the run-time behavior of servers.

Some times due to various reasons these servers can get slow or un-responsive. If we don't take these situations in to account, a Load balancer can effectively kill some of the already slow servers. This happens because the load balancer pumps the messages at the same rate even if the server gets slow.

Least connection can be used to some what overcome this problem. Least connection algorithms take the current number of connections in to account. More active connections than usual indicates a server saturation. At this point if the load balancer can reduce the number of messages send to this server, it can save the server from being killed.

So my goal was to write an algorithm that take all these three factors. I wrote the algorithm but still couldn't do enough testing. Also there are improvements in core ESB as well as the algorithm for this to work.

More on these later...


Kalani RuwanpathiranaHow to merge multiple images into one image - Java ImageIO

My previous post shows how to split an image into chunks. Now let's see how to merge multiple images into one image. Say we need to concatenate following four image chunks. I got these chunks by splitting the image in the right hans side, using the image splitter.   Following code shows how to concatenate the image chunks above into one image. int rows = 2; //we assume the no.

Deependra AriyadewaHow to Install xen-3.4 with latest kernel ( 2.6.31.12 )

Download the Latest Linux kernel #wget  http://www.kernel.org/pub/linux/kernel/v2.6/linux-2.6.31.12.tar.bz2 Download the latest xen patch set # wget  http://gentoo-xen-kernel.googlecode.com/files/xen-patches-2.6.31-10.tar.bz2 Apply the patch set Build and install the kernel Download the latest Xen source # hg clone http://xenbits.xensource.com/xen-3.4-testing.hg Build and install  Xen resources # make install-xen # make install-tools # make install-stubdom More xen building stuff

Srinath PereraESP vs CEP

From Kau's Blog: ESP vs CEP: "A nice an introductory level preso that explains ESP and CEP with examples. Usually these terms are used wrongfully. Mythbusters: Event Stream Processing v. Complex Event Processing

Samisa AbeysingheThe greatest of them all - Sachin Tendulkar

PlayerRunsBalls4s6sSRTeamOppositionGroundMatch DateScorecard
SR Tendulkar200*147253136.05Indiav South AfricaGwalior24 Feb 2010ODI # 2962
CK Coventry194*156167124.35Zimbabwev BangladeshBulawayo16 Aug 2009ODI # 2873
Saeed Anwar194146225132.87Pakistanv IndiaChennai21 May 1997ODI # 1209
IVA Richards189*170215111.17West Indiesv EnglandManchester31 May 1984ODI # 264
ST Jayasuriya189161214117.39Sri Lankav IndiaSharjah29 Oct 2000ODI # 1652
G Kirsten188*159134118.23South Africav U.A.E.Rawalpindi16 Feb 1996ODI # 1049
SR Tendulkar186*150203124.00Indiav New ZealandHyderabad (Deccan)8 Nov 1999ODI # 1523
MS Dhoni183*1451510126.20Indiav Sri LankaJaipur31 Oct 2005ODI # 2290
SC Ganguly183158177115.82Indiav Sri LankaTaunton26 May 1999ODI # 1463
ML Hayden181*1661110109.03Australiav New ZealandHamilton20 Feb 2007ODI # 2527
IVA Richards181125167144.80West Indiesv Sri LankaKarachi13 Oct 1987ODI # 45

Kalani RuwanpathiranaHow to Index Microsoft Format Documents (Word, Excel, Powerpoint) - Lucene

As my previous post shows how to index PDF Documents with Lucene, I thought that it would be worth to post how to index Microsoft format files too because those file types are very commonly used. Lucene always requires a String in order to index the content and therefore we need to extract the text from the document before giving it to Lucene for indexing. To parse the document we can use Apache

Kalani RuwanpathiranaHow to Index PDF Documents with Lucene

There is no built in support in Lucene to index PDF documents. Therefore the text should be extracted from the document before indexing. A tool which can be used for this purpose is PDFBox. PDFBox is an open source project under BSD license. Although there are many other PDF tools, I experienced that this perfectly fits with Lucene. The little extra thing need to be done here is extracting the

Kalani RuwanpathiranaExtracting the Text from XML Documents for Indexing Purposes

In the process of creating a Lucene index for content searching I had to index XML document without XML tags. In simple terms I had to extract every text node from the document. I used the SAX API in doing this and it was just a matter of writing an event handler for character data. The following piece of code shows the way to do it. final StringBuffer sb = new StringBuffer(); try{

Kalani RuwanpathiranaCreating Lucene search index in a database - Apache Lucene

My previous post, Indexing a database and searching the content using Lucene, shows how to index records (or stored files) in a database. In that case the index is created in the local file system. However in real scenarios most of the applications run on clustered environments. Then the problem comes where to create the search index. Creating the index in the local file system is not a solution

Kalani RuwanpathiranaLoading Lucene Index to the RAM and Flushing Lucene Updates Periodically - Apache Lucene

As my previous post, Creating Lucene Index in a Database, shows, storing lucene index in the database is a solution for applications run on clustered environments. But there is a performance hit as we read/write from/to the database when the index is updated. It is more time consuming. Therefore we can simply load the lucene index to the RAM (Lucene supports RAMDirectory) and flush the changes

Kalani RuwanpathiranaApache Lucene - Indexing a Database and Searching the Content

Here is a Java code sample of using Apache Lucene to create the index from a database. (I am using Lucene version 2.3.2 and MySQL) final File INDEX_DIR = new File("index"); try{ Class.forName("com.mysql.jdbc.Driver").newInstance(); Connection conn = DriverManager.getConnection("jdbc:mysql://localhost/test", "root", "password"); StandardAnalyzer analyzer = new StandardAnalyzer();

Srinath Perera"Why I Write" by George Orwell

In this famous essay, "Why I Write", George Orwell discusses reasons why people write, and I found the article rather interesting. He said that "All writers are vain, selfish, and lazy, and at the very bottom of their motives there lies a mystery", which is a phrase that is often quoted.

Kalani RuwanpathiranaHow to Split an Image into Chunks - Java ImageIO

Image splitting and concatenating and other image manipulation techniques are important in parallel computing. Say we are receiving small chunks of an Image which is being manipulated parallely. In such scenarios, we need to concatenate those chunks together and vice versa. There is a pretty straight forward way to split an image using Java imageio package. Say you need to split following image

Supun KamburugamuvaPriority Based Mediation for WSO2 ESB - Part 2

In the previous post I was talking about the requirements for priority based mediation. Now I'll explain how we have solved this within the WSO2 ESB.

We have implemented the priority based mediation in two levels. They are HTTP transport level and message mediation level. From the users perspective, key to any priority mediation is to determine the priority of an incoming message.

At the Message mediation layer this can be done using content filters. Tis means the full power of ESB configuration language is available to the user for determining the priority of a given message. For example a message may contain an element called priority and depending on its value the priority can be determined.

At the HTTP layer, user has access to HTTP headers, HTTP parameters and URL values. By looking at these values, user can determine the priority of a given message. We have come up with a configuration language to determine the priority at the HTTP level using these different HTTP param values.

Now lets go in to the actual details of how priority based mediation is implemented. The approach is based on Queues and ThreadPoolExecutors.

We are using the ThreadPoolExecutor provide by Java. ThreadPoolExecutor accepts a BlockingQueue implementation. We have implemented a custom blocking queue that can be used to order the jobs based on priority. ThreadPoolExecutor starts queuing only when the all the core threads are busy. So this suites our model perfectly. We believe, every message should get equal priority until all the core threads are used. This is a fair assumption in most cases.

Internally our custom BlockingQueue uses multiple queues for accepting jobs with different priorities. Once jobs are put in to the queue, it uses an pluggable algorithm for choosing the next job. The default algorithm chooses the jobs based on a priority based round robin algorithm. For example lets say we have two priorities, 10 and 1. This algorithm tries to fetch 10 items with priority 10 and then 1 item with the priority 1.

We have put the priority implementation in two levels due to following reasons. Some users would like to use the ESB as a pure router. In those cases it is better to determine the priority at the HTTP level.

Some users use ESB for heavy processing like XSLT and XQuery. For them it is better to have this at the mediation level.

I'll explain the configuration model in the next post.


Saliya EkanayakeSinhala Poems by My Wife

My wife, Kalani, has started a blog to post her Sinhala poems. It's nice to see her archive of poems are finally coming up online.

I am waiting to see the poem written for me :D

Thilina BuddhikaMitigate Risk, Simplify your SOA - SOA Workshop, NYC

Presented by Award Winning CTO Paul Fremantle and Leading Solutions Architect Asanka Abeysinghe.


Chintana WilamunaWhat the Buzz!

No wonder Google Buzz has created so many mixed reaction. Besides being one of the — if not the most — coolest and elegant social media service to date, it’s a good example of a non intrusive design. Integration with Gmail is one huge selling point to begin with. Connecting with a handful of other [...]

Afkham AzeezDiploma in Qur'anic Arabic


Course commencement: 23rd Feb 2010
Fee: Registration LKR 500, LKR 9000 per level (27,000 for 1.5 yrs)
Premises: 18A, Palmirah Avenue, Col-03, adjoining Ceramic Corp.

Time
Gents: every Tuesday 530PM-745PM
Ladies: every Tuesday 315PM-530PM

Thilina BuddhikaMoving Identity Management to Cloud - The all-new WSO2 Cloud Identity

WSO2 announced it's latest cloud solution today, WSO2 Cloud Identity. WSO2 Cloud Identity is built on top of open source WSO2 Identity Server by adding multi-tenancy capabilities.


With WSO2 Cloud Identity, organizations no longer need to undergo the pain of handling identity management by them selves. The cost involved in hardware, software, and maintenance is totally eliminated with this hosted cloud solution.

WSO2 Cloud Identity supports a set of open standards like OpenID, Cardspace authentication, XACML, SAML 2.0 and WS-Trust.

WSO2 Cloud Identity facilitates organizations to centralize their identity management to a single point and experience seamless integrations across multiple applications and services using OpenID and SAML based Single Sign-On.  They can use the Security Token Service to authenticate users for their web services. Not to forget XACML, the de facto standard for fine grained authorization, which is another cool feature of WSO2 Cloud Identity. 




This is ideal for small and medium size organizations who spend a significant percentage of their budget for identity management solutions.

Registering and starting using WSO2 Cloud Identity is just few clicks away.. Goto https://identity.cloud.wso2.com and register a domain. This blog by Prabath gives some guidelines to setup your domain. 

Add users or import existing users to your user store at WSO2 Cloud Identity. Dimuthu talks on this in detail in this article.

Now all the users in your domain are associated with an OpenID. Use this OpenID to access a large portion of web based resources who acts as OpenID relying parties. Learn more about configuring OpenIDs in your domain from this blog post by Prabath.

WSO2 Cloud Identity supports SAML 2.0 based single sign-on. Users can use their credentials at WSO2 Cloud Identity to access a range of online services. This article walks you through the steps required to integrate Google Apps with WSO2 Cloud Identity. 

Don't be late. Go and register your domain and let WSO2 Cloud Identity to take over the burden of identity management for your organization.

Danushka MenikkumburaTour de France Champion Accused of Data Hacking

A French judge has issued a national arrest warrant for US cyclist Floyd Landis in connection with a case of data hacking at a doping laboratory. After discovering the hacking, the lab has upgraded security to protect its computer systems from intruders. Read the full story here.

Sanjiva WeerawaranaWSO2 launches Cloud Identity service

Today we announced our second cloud service: Cloud Identity. See: http://wso2.com/cloud/services/identity and you can use it right now at http://identity.cloud.wso2.com/.

(We have a principle of not announcing vaporware!)

This is basically our WSO2 Identity Server product converted into a multi-tenant identity management system and hosted on Amazon EC2 for scalable and reliable deployment. Basically, within about 5 minutes you can register your domain, add your users and then have your own OpenID, Cardspace, SAML 2.0, WS-Trust STS for authentication and XACML and (very soon) OAuth for authorization. Translated to English, that means you can get  a single place to manage your users and give them access to Drupal, Liferay, Google Apps and a whole lot more. We will soon be adding LDAP to this list as well, which means you can even tie Windows, Unix login to it as well as other services like SVN.

Nothing like giving it a try to see how it works!

[UPDATE] Here are some additional references for you to get started with:

Happy identitying!

Samisa AbeysingheWSO2 Cloud Identity

WSO2 today announced the second SaaS offering, WSO2 Cloud Identity

Prabath, the lead security architect has blogged on getting started with cloud identity and also on using OpenID with cloud identity service.

WSO2 late last year announced the first SaaS, governance on the cloud.

Chintana WilamunaUnderstanding OpenNebula

OpenNebula is a platform providing the ability to manage a pool of virtual resources. You can create virtual machines and configure them as you would configure a physical machine connected your network. Difference between OpenNebula and Amazon EC2 (and other public cloud providers) is that Amazon EC2 is a public service. Amazon is having an [...]

Prabath SiriwardenaOpenIDs under your domain for your enterprise with WSO2 Cloud Identity

With WSO2 Cloud Identity - you can provide your employees OpenIDs fall under your own domain name to be used with widely popular OpenID relying parties.

1. Register your Organization - visit http://identity.cloud.wso2.com.

2. Say, the domain I registered is facilelogin.com and a user there is prabath.

3. By default - with ZERO configurations, all users are assigned with an OpenID which falls under identity.cloud.wso2.com.

Your OpenID will look like; https://identity.cloud.wso2.com/openid/prabath - under the format https://identity.cloud.wso2.com/openid/{user@domain}

4. Now, you want your users' OpenIDs to fall under your domain - to look like; https://identity.facilelogin.com/openid/{user@facilelogin.com}

5. To do that you need to go your domain controller and add CNAME, pointing to identity.cloud.wso2.com

To do that with GoDaddy domains - please refer this.

6. For Yahoo controlled domain here are the steps.

- First go to http://smallbusiness.yahoo.com/domains/ and login

- Sign In to Small Bisuiness

- Click on the "Domain Control Panel" link corresponding to your domain

- Click on 'Manage Advance DNS settings'


- Click on 'Add Record'


- Set source to 'identity' [or any sub domain name you want to have in your OpenID]

- Set destination to identity.cloud.wso2.com


That's it.. it will work now - allow some time for DNS propagation.

Prabath SiriwardenaGetting started with WSO2 Cloud Identity - The first step

1. Visit https://identity.cloud.wso2.com/

2. Clcik on 'Register' to register your organization.


3. Select a domain name for your organization.


4. At step-3, you can select, either to validate the domain or not to. If you select to confirm the domain later - then you can do it after login in and clicking Account Management tab.

5. At step-3, if you select tp validate now, then you can do it either by uploading the given file to your domain or setting a CNAME. To see how to setup CNAME's please follow the corresponding documentations provided by your domain controller.


6. Fill account information. If you didn't validate your domain in step-3, you will notice that '-trial' being added to your domain name.


7. Select a theme for your organization.


8. Now you will get an email under the subject "WSO2 Cloud Identity - Registration confirmation" - click the link there to activate your account.

Samisa AbeysingheOutsourcing

Client: “[Indian outsourcer] says he can do this site for $200. Why should I go with you?”

Me: “Has he done any work for you in the past?”

Client: Yeah! He did [Other Site] for me.

[I load the other site]

Me: “The entire site’s done in Flash.”

Client: “Huh?”

Me: “It’s a site for iPhone users.”

Client: “I know. Cool, huh?”

Me: “It’s a site for iPhone users… none of whom can see it…”

Client: “Huh?”

Me: “The iPhone doesn’t support Flash.”

Client: “Well it looks fine on my PC!”

Me: “Do you have an iPhone?”

Client: “No.”

Me: “…”

Client: “Tell you what, I’m just gonna go with [Indian outsourcer]. He seems like he knows what he’s doing and I’m not sure you do.”

Me: “Have fun.”

Source

Saliya EkanayakeSynergy: Share Keyboard and Mouse

I wanted to use two computers running separate OSs, yet use the same keyboard and mouse. After searching a bit I found Synergy (http://synergy2.sourceforge.net/index.html). I should say it's one of the most easy-to-use software I have ever encountered. Here are the quick steps (you can read more on their user's guide).

1. Install Synergy on both machines.
2. Setup one machine as the server.
3. Add the machines left, right, top, and bottom of the server (if any).
4. Start synergy as client on those other machines.

That's it and it's working. Only thing is that all machines should be in the same network.

One cool thing is that clipboards of all machines are shared. So copy from one machine and paste in the other is possible. Also it enables you to activate screen saver on all machines at once.

Samisa AbeysingheIridium - WSO2 Carbon 3.0.0

Iridium - that is the code name for the upcoming WSO2 Carbon 3.0.0 release.

We are quite busy working on the release.

I see people coding all over the place, breaking the svn build, fixing the build back again, reverting changes, making more changes, chatting about new features, fighting about new features, and so forth and so on.

Feature freeze is a week away. Will blog about the new exiting features soon.

Samisa AbeysingheIridium - Building M1

I am trying to build M1 for WSO2 Carbon 3.0.0

Looks an uphill task, given the amount of active development that is going on.

Building once, building twice, building thrice, still building.

It is a major undertaking to get this whole platform right.

The users are at ease, they get the luxury of a lean, robust platform.

But we the developers, the date leading to the feature freeze is a nightmare. Sometimes you have to credit the folks, who go through all this pain and still pull it and put this all together.

Samisa AbeysingheIridium - WSO2 Carbon 3.0.0 - M1 Builds available

The first milestone builds for WSO2 Carbon 3.0.0 - Iridium are available: http://builder.wso2.org/~carbon/releases/carbon/3.0.0/0M1/

Note that, these are preview packs.

The main objective was to get the build right.

These packs are not tested, and are made available for the sole purpose of review.

Samisa AbeysingheBusiness Activity Monitoring - An Introduction



The business activity monitoring (BAM) can be the source of informed decision making. BAM tools can reveal current trends based on the latest data as well as historical trends based on historical data, hence can be useful in both tactical as well as strategic decision making.

In the article, I explore how BAM can be used to make the enterprise agile.

Yumani RanaweeraAgile or waterfall?

Here's a short video which explains the difference between agile and waterfall models.

Kaushalye KapurugeESP vs CEP

A nice an introductory level preso that explains ESP and CEP with examples. Usually these terms are used wrongfully.

Paul FremantleSOA workshop, New York, February 25th

After successful runs in Colombo, Sri Lanka and Santa Clara, California, the WSO2 SOA Workshop is coming to New York City on Thursday 25th February 2010.

I will be presenting alongside my colleague, Asanka Abeysinghe, who is our Lead Solutions Architect. We will be covering the following topics during the day:
  • SOA and the Enterprise
  • Solution Patterns
  • Security
  • SOA and your business: Dashboards, Activity Monitoring and Process Management
  • Governance
  • SOA and the Cloud
So come join us at the Downtown Conference Center at Pace University. You can sign up here.
.

Tyrell PereraGoogle Buzz: revolution, evolution, or devolution?




HBRs Umair Haque takes an in depth look at Google Buzz. Quite frankly, after a few days as a user and the amount of privacy issues encountered with the lack of anything breathtakingly new, I have to agree.

Google Buzz and the Five Principles of Designing For Meaning - Umair Haque - Harvard Business Review
Tomorrow's products and services have to be designed not just for mere consumption, but "designed for meaning": they must yield lasting, shared, meaningful economic gains — or else. Or else we continue our voyage into a no-future future. That's the big picture that tomorrow's radical innovators must redraw. I think Google Buzz is actually really, really cool — it's just not yet a meaningful service. It lives in the shadow of yesterday's big picture, instead of redrawing it. Redrawing the big picture of prosperity, by going from Great to Good: that's today's fundamental challenge.


Supun KamburugamuvaPriority Based Mediation for WSO2 ESB

An ESB can be deployed as a front end for various services with a very high load passing through it. The traffic passing through it may be of different priorities and can have different load charasterisitcs. Also in some situations load of different types of messages can vary dramatically over time.

The goal is to serve high priority traffic when there are resources available in the system. The serving of different priority messages should be independent as much as possible. For example an ESB can be bombarded with very high volume of low priority traffic. Even in this case ESB should obey its contract to serve high priority traffic.

Usually a person deploying an ESB expects a certain guarantee of message deliverance from the ESB. ESB should be able to honor that.

Here is a possible scenario with a high volume of traffic.

Lets assume ESB is configured to serve two types of messages with different priorities. Message type m1 has the priority p1 and message type m2 has priority p2. p1 is about ten times the priority of p2. In a very high volume traffic scenario the services can afford to loose some amount of m2 messages. But it cannot afford to loose any of m1 messages.

In normal operation mode, volume of m2 is about twice as m1. But in some situations m1 can be higher and m2 can be low.

The expectation is to serve the m1 traffic no matter what the volume of m2 traffic is.

The problem is very interesting. I'll explain how we have solved this problem with next major release of WSO2 ESB (3.0) in the next post.


Chanaka JayasenaDrawing a cartoon character

I am using Inkscape to draw cartoon characters. You can easily draw cartoons even if you are not a born artist. It is not necessary to draw from start to end. You can using Bezier curve tool to draw layer by layer. One in top of the other one. Finally color them. Following is scren shots I got from a drawing sequence step by step until the final art.
















Charitha KankanamgeHow to invoke a secured web service without maintaining a policy at the client side

When we call a secure web service, the most common way of invocation is to use a policy which is compliant with the service policy at the client side. Usually, the client side policy is placed at the client file system. We have observed how this is done in few posts which published earlier.
However, there is a major drawback in this method, user has to change the client policy whenever the service policy is changed.
In order to overcome this limitation, we can use Axis2 DynamicClient to derive client policy by referring to the service WSDL which essentially keeps the service policy.

Lets see how this can be done using WSO2 WSAS-3.1.*

Pre-requisite:

Download and install WSO2 WSAS-3.1.*

Step 1

We are going to secure the default HelloService shipped with WSAS. We configure HelloService with "Sign and Encrypt - X509 Authentication" policy. In order to do that, first start WSO2 WSAS server by running wso2server.sh which is located at WSO2WSAS_HOME/bin directory.
Then, log in to the management console by accessing https://localhost:9443/carbon

Select the default HelloService and navigate to the service dashboard. Click on Security and configure Sign and Encrypt - X509 Authentication security scenario as shown below. Make sure to use wso2carbon.jks as trusted key store and private key store.



Thats all we have to do at the server side. Lets write a client to invoke the service.

Step 2

Here we are going to use Axis2 Dynamic Client which is an extension of the ServiceClient class.
First, instantiate a dynamicClient object using RPCServiceClient by passing ConfigurationContext, WSDL Url of the service, the QName of the service and the port name as parameters.

RPCServiceClient dynamicClient = new RPCServiceClient(null, new URL("http://localhost:9763/services/HelloService?wsdl"),
new QName("http://www.wso2.org/types", "HelloService"), "HelloServiceHttpSoap12Endpoint");

Then, we can engage rampart module as follows.
dynamicClient.engageModule("rampart");
Now we should update the client side policy with the rampart-config programatically.


RampartConfig rc = new RampartConfig();

rc.setUserCertAlias("wso2carbon");
rc.setEncryptionUser("wso2carbon");
rc.setPwCbClass(SecureClient.class.getName());

CryptoConfig sigCryptoConfig = new CryptoConfig();

sigCryptoConfig.setProvider("org.apache.ws.security.components.crypto.Merlin");

Properties prop1 = new Properties();
prop1.put("org.apache.ws.security.crypto.merlin.keystore.type", "JKS");
prop1.put("org.apache.ws.security.crypto.merlin.file", "/home/charitha/products/wsas/wso2wsas-3.1.3/resources/security/wso2carbon.jks");
prop1.put("org.apache.ws.security.crypto.merlin.keystore.password", "wso2carbon");
sigCryptoConfig.setProp(prop1);

CryptoConfig encrCryptoConfig = new CryptoConfig();
encrCryptoConfig.setProvider("org.apache.ws.security.components.crypto.Merlin");

Properties prop2 = new Properties();

prop2.put("org.apache.ws.security.crypto.merlin.keystore.type", "JKS");
prop2.put("org.apache.ws.security.crypto.merlin.file", "/home/charitha/products/wsas/wso2wsas-3.1.3/resources/security/wso2carbon.jks");
prop2.put("org.apache.ws.security.crypto.merlin.keystore.password", "wso2carbon");
encrCryptoConfig.setProp(prop2);

rc.setSigCryptoConfig(sigCryptoConfig);
rc.setEncrCryptoConfig(encrCryptoConfig);

Next, we can add the above rampartConfig to the service policy derived from the wsdl as follows.


Map endPoints = dynamicClient.getAxisService().getEndpoints();
AxisBinding axisBinding = ((AxisEndpoint) endPoints.values().iterator().next()).getBinding();
Policy policy = axisBinding.getEffectivePolicy();
policy.addAssertion(rc);
axisBinding.applyPolicy(policy);
Now, we can invoke the service using dynamicClient by passing the parameters as an object array and return types as an class array.


Object[] returnArray = dynamicClient.invokeBlocking(new QName("http://www.wso2.org/types", "greet"),
new Object[]{"hello"}, new Class[]{String.class});

System.out.println(returnArray[0]);


Thats all! To complete our scenario, make sure to have callback handler method similar to the one below.



public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {

WSPasswordCallback pwcb = (WSPasswordCallback) callbacks[0];
String id = pwcb.getIdentifer();
if ("wso2carbon".equals(id)) {
pwcb.setPassword("wso2carbon");
}

Denis Weerasiri3 Idiots and Five Point Someone


I recently watched the Bollywood comedy movie 3 Idiots directed by Rajkumar Hirani. This movie is heartbreaking as well wonderfully entertaining when it comes to the story. Though the movie is said to be an adaptation from the novel "Five Point Someone – What not to do at IIT" by Chetan Bhagat, I feel the book is quite different from the movie. But you may find the book is also interesting, and you may have the same kind of experiences which appear in the book. Yeah, that's the beauty of this story.


The book can be found here.
 

Isuru SuriarachchiCarbon Registry Separation


These days our folks at WSO2 are working hard for the next major release of Carbon, which is Carbon 3.0.0. It will be released end of March with lot of new features to enrich our SOA middleware platform. During last few days, I was working on this new concept of separating Registry to suite our platform story.

All our Carbon based products internally uses WSO2 Registry as a repository to persist data. For example, in WSAS all data about services, modules etc are stored in the Registry to make sure the same state is maintained even after restarting the server. And also, user is provided with a Registry browser and allowed to store whatever data he needs. This is model used in all our previous releases of Carbon.

In the upcoming 3.0.0 release, this Registry is separated out into three parts to perfectly suite our platform story.

  1. Local Data Repository – This Registry instance is internally used by the server to persist instance specific information. These can be logs, transport information etc.
  2. Configuration Registry – This Registry instance is shared across a cluster which contains several identical instances of Carbon. Data which should be shared by all nodes in the cluster are stored in this Registry. For example, in a WSAS cluster, data on services, modules etc. are stored here. In addition to that, all Carbon component specific information are also stored here.
  3. Governance Registry – This Registry instance is shared across the entire platform. In other words, a complete SOA setup can contain few clusters of different products which together form a SOA platform. So this Governance Registry instance is used completely by the user to centrally manage stuff. For example, WSDLs, policies etc. which should be shared across the platform. 

By default, all these 3 registries reside in the same physical registry instance. Local data repository is always an embedded registry instance. User is allowed to configure Config and Governance registry locations through the registry.xml file. In other words, those can be pointed to remote registry instances.

This feature is already completed in Carbon 3.0.0 and will be coming out in March. This will be a great advantage for the users who are developing complete SOA solutions.

Samisa AbeysingheSOA Governance in the Cloud

Does your organization have support for SOA Governance? Governance has become one of the major issues for companies, enterprises and organizations moving to SOA. Why? Newton's Third Law states that for every action there is an equal and opposite reaction.

The move to SOA has been an effort to de-centralize IT and allow departments more independence and freedom. However, there needs to be control as well as freedom - Governance provides this without removing the benefits of the empowered approach.

Of course, adding Governance to your SOA may seem like a daunting task: the analyst reports, complex and expensive products, together with concerns over vendor lock-in can all make this seem like too much to take on for many businesses. What is the solution? Governance "in the cloud". With WSO2's Cloud-based Governance approach, your company can have its own Governance Registry hosted securely as part of WSO2's cloud services. With all the features of WSO2's Governance Registry but with zero setup cost you can start managing your SOA instantly.

To find out more about WSO2's Cloud Governance approach join Paul Fremantle, CTO of WSO2, in the upcoming Webinar: "SOA Governance in the Cloud".

Chintana WilamunaOther minds problem

Reading about philosophy can be confusing at times. Every time I try to read some deep philosophical thing my mind ends up being confused and tangled in a complex mess of thoughts that I completely forget what was I reading in the first place. Need for deliberate practice aside, now you know when someone [...]

Chintana WilamunaUsing WSAS business service with .Net trader client

Stonehenge is an Apache project started to demonstrate interoperability between different Web services platforms. Until we get this into the Stonehenge documentation, this is to record how to configure .Net trader client (a web interface written in .Net and is operating in the presentation layer) to talk to business service written using Java and is [...]

Denis WeerasiriAssociation Rule Mining with Extended Vertical Format Data Mining


I and my final year project team members at Department of Computer Science and Engineering, University of Moratuwa conducted a research on better alternative to the Apriori algorithm, and proving the efficiency enhancement by using a dataset. Under the supervision of Dr. Shehan Perera, we analyzed the Apriori algorithm, and came up with a better implementation which is supposed to be more efficient than its predecessors.

Current databases are very large sizes, reaching Tera-bytes and Peta-bytes, and the trend towards further increase. With this explosion of growth of databases of particular importance is the question of scalability of data mining techniques. Therefore, to find association rules require efficient scalable algorithms that allow solving the problem with in a reasonable time.
Large companies for decades accumulated data on their customers, suppliers, products and services. Due to high rate of development of e-commerce working in Web start-ups can turn into a huge enterprise in a matter of months, rather than something those years. And, as a consequence, will grow rapidly and their databases. Data mining, which is also called knowledge discovery in databases provides organizations with the tools developed to analyze the large collection of information to find trends, patterns and relationships that can help in making strategic decisions.

Traditionally, that the algorithms of data analysis assumed that the input database containing a relatively small number of records. However, the size of modern databases is too large, which is why they can not be fully deployed in the main memory. Extracting data fro m your hard drive is considerably slower access to data located in memory. Therefore, to methods of data mining used to work with very large databases, to become effective, they must possess a significant level of scalability. The algorithm is called scalable, if sustained capacity of main memory with an increase in th e number of records in the input database, its execution time increases linearly.

Recently, researchers have focused their efforts on the study of scalable algorithms for data mining in very large data sets. Here it's described an efficient and scalable frequent item-set mining method with Apriori algorithm.

Apriori algorithm is proposed for mining frequent item sets for Boolean association rules. It operates on databases having transactions to learn the association rules. Apriori algorithm is a base algorithm proposed by R. Agrawal and R. Srikant in 1994, on which many researches are done, and improvements are suggested for the general case as well as a specific subset of the applicable data. Due to the huge amount of data that is mined in the present applications, even a small performance gain on the algorithm will result in a considerable amount of throughput gain. Some enhancements to Apriori algorithm sacrifice the accuracy for a better response time. Sampling is a simplest example, where accuracy is lost in favor of performance gain.

Hash-based technique, Transaction reduction, Partitioning, Dynamic itemset counting, and multilevel and multidimensional association rules are some of the other common enhancements proposed to improve the efficiency of Apriori algorithm.

Apriori algorithm generates candidate sets and tests them to find the frequent itemsets, significantly reducing the size of candidate sets. Algorithms such as Frequent-pattern growth (FP-Growth) mine frequent itemsets without candidate generation. Both the algorithm sets have their own advantages and disadvantages. Many hybrid algorithms have been proposed and still researched to suit the general case, or mostly a particular case specialized for a given dataset.


Related articles - Project proposal

 

Yumani RanaweeraAccessing a datafile through Selenium RC

In our testing most of us require to call data from a data storage and execute our tests to confirm various validations work as expected, different conditions are met etc.

Below is a code snippet that I used in calling data used in a .txt file in validating a simple test in user name password based sign-in process. I was on Selenium RC/JUnit/Java platform in this.

public class SignIn extends SeleneseTestCase {

public void setUp() throws Exception {
setUp("https://localhost:9443/carbon/", "*chrome");
}

public void testSignInValdation() throws Exception {
BufferedReader in = null;
InputStreamReader inputStream = null;

inputStream = new InputStreamReader(new FileInputStream("C:" + File.separator + "signin.txt"));
in = new BufferedReader(inputStream);
String line = null;

while ((line = in.readLine()) != null) {
System.out.println("password: " + line);
selenium.open("/carbon/admin/login.jsp");
selenium.waitForPageToLoad("30000");
selenium.type("txtUserName", "yumani");
selenium.type("txtPassword", line);
selenium.click("//input[@value='Sign-in']");
selenium.waitForPageToLoad("30000");
}
}
}

Charitha KankanamgeVisits to this blog - 2009 (significant increase of visitors)

I published a stat report about this blog in February 2009, which showed 30037 unique visitors during 2008-2009. Here is the StatCounter report for 2009-2010.




There were 55,839 unique visitors, 25000 increase compared to last year. I could not write much blog posts during the last year due to frequent project releases. However which did not seem to affect my user community. This blog was started to help novice users in SOA/Web Service space and Software Quality Assurance community to share my ideas, tips and specially How-Tos. I always refrained from posting any non-technical subject matter in here. I was able to reply most of the questions raised in blog posts, however there were situations that I could not follow the comments and reply. I will try my best to continue writing much more useful blog posts and help users.

Charitha KankanamgeWSO2 QA Test Framework - Fundamentals

WSO2 QA Test framework has been developed to replace repetitive manual test procedures followed during the release cycles. We identified the tests which provide much ROI with automation and used them for phase1 of the test framework development project.
With the introduction of WSO2 Carbon product platform in late 2008, all java based products are implemented using the base carbon platform. All products (9 all together) are released at the same day which is a very different experience specially for a QA team. All products are supposed to go through a set of common tests and a set of product specific tests. All are supposed to work on multiple application servers, multiple JVMs, multiple browsers, multiple operating systems, multiple DBMSs etc.. hell a lot of test combinations! The product count exceeded the number of people in test team. More products are expected to be introduced in near future. Therefore, the only viable solution to manage the QA process is to automating as more tests as possible.
So, we started implementing our automated test framework in 2009 March.
As I discussed in some previous posts, we chose selenium for automation. We used Selenium Remote Control Java client driver to drive selenium tests with Junit. However our tests were not restricted to web based selenium scripts. We have written numerous tests which used Axis2 ServiceClient API and some other API methods to invoke web services, sending messages via secure channels, reliable messaging, message mediation etc.
We derived our project structure which adheres to maven as given below. You can get a SVN checkout of 2.0.3 branch of the test framework (which is the most stable version at the moment) from https://wso2.org/repos/wso2/branches/commons/qa/web-test-framework/2.0.3

common
bps
registry
wsas
esb
gs
mashup
is
ds

Each project is built using its pom.xml at the root of the project directory. We used selenium maven plugin and surefire plugin to start selenium RC server and launch Junit tests respectively.
commons project is used to maintain tests which are used in all products. For example, org.wso2.carbon.web.test.common.RegistryBrowser is common for all products since all products have a common registry browser. We used svn:externals to link the common classes to relevant projects.
You can find all common classes at https://wso2.org/repos/wso2/branches/commons/qa/web-test-framework/2.0.3/commons/src/test/java/org/wso2/carbon/web/test/common/

In addition to that, commons project is used to store the test artifacts which are shared among multiple products. For example JDBC connector jars and keystores are used in all products and those are stored in commons/lib directory.

The other most important resource included in commons project is framework.properties configuration file. It is used to configure the test framework according to the test environment. Under the "global properties" section of the framework.properties file, you could find the following properties.

host.name=172.16.37.1
http.port=9763
https.port=9443
carbon.home=/home/charitha/products/wsas/wso2wsas-3.1.3
context.root=/wsas
browser.version=firefox
admin.username=admin
admin.password=admin
module.version=2.03

You must change these properties as per your test environment settings. http.port and https.port are the embedded tomcat servlet transport ports used in WSO2 Carbon products. (full explanation of these properties will be included in a future post)

Lets look at a product specific test suite. Go to wsas directory in your test framework checkout. This is the project used to run WSO2 WSAS specific tests. You will find the following files and directories at the root of this project.

lib
src
pom.xml
runAll.sh
runAll.rb
wsas_test_suites.txt

lib directory is used to store the test artifacts specific to WSAS such as axis2 services, jaxws services etc.
You can invoke tests using two different ways.

  • Direct maven invocation - you can run tests individually by passing a system property as follows
mvn clean install -Dtest.suite=usermanagement

  • Run tests through a shell script - You can run tests individually or as a whole suite or few tests at once using this way. Here, it is required to uncomment the selected tests in wsas_test_suites.txt. The runAll.sh shell script read the test names from wsas_test_suites.txt and invoke each test.
sh runAll.sh

In any of the above mechanisms, we call a central test suite class which takes care of calling the individual tests. For each project we have a separate AllTests.java class which extends junit.framework.TestSuite parent. In our example, org.wso2.carbon.web.test.wsas.AllTests.java is the TestSuite.

See https://wso2.org/repos/wso2/branches/commons/qa/web-test-framework/2.0.3/wsas/src/test/java/org/wso2/carbon/web/test/wsas/AllTests.java for more details about this class.

You will also notice in AllTests class that initBrowser() method of the BrowserInitializer class is called to launch the browser instance for a particular test as follows.

public synchronized static void initBrowser()throws Exception{


if (browser == null) {
browser = new DefaultSelenium("localhost", 4444, "*"+property.getProperty("browser.version"), "https://" + property.getProperty("host.name") + ":" + property.getProperty("https.port"));
browser.start();
browser.setSpeed("200");

}
}

You can easily try out WSO2 QA test framework once you download and start using any of WSO2 Carbon based product. This is not a detailed explanation of the all features available in our test framework. I will guide you through more information in future posts. If you encounter any issues while using the test framework, please drop us a mail - architecture@wso2.org

Stay tuned.. will post more on automation soon!

Sanjiva WeerawaranaThe myth of rogue states

The February 8th issue of the Newsweek (International) magazine has an absolutely great article titled “End of the Rogue”. The article is about how the concept of a “rogue state” (apparently created the cold war days) is no longer valid and how the US needs to get past it.

Not surprisingly many comments on the online edition don’t agree that the US approach needs to change. Living in Sri Lanka, however, and having observed the wrath of the US (and UK and EU) for the way the anti-LTTE war was conducted and ended, I can see what must be going on in “rogue” countries!

The most interesting quote I found in the article is this:

We don’t have the right to think other people should think like us.

If we all could live by that the entire world would be a better place!

Deepal JayasingheSetting default SSH shell to bash

I spent some times to figure out how to execute a remote command using “bash” and thought of sharing my findings (make your job easier).

An easy way is to go and edit ~/.profile and add the bash over there.

However above will not work if you try to remotely execute a script file, to solve that issues you need to edit

/etc/passwd

Find the entry corresponding to your logging and edit the last part of the entry for example; if the entry is like;

abc:x:13:13:abc:/bin:/bin/sh
then change that to
abc:x:13:13:abc:/bin:/bin/bash

You are in the business now…

Damitha KumarageOpensource software for Mathematics

It is a long time I’m back into Mathematics. Time has changed a lot. There are abundance of resources available for students of Mathematics out there in Internet which is almost unthinkable before a decade. Life is so easy. No need to run for the Library just to get familier with that Definition or Theorem. I [...]

Denis WeerasiriEnterprise mashups powered solutions for banking services


I came across an article about a real world implementation of mashup technology in banking services. Here it explains how enterprise mashups bridge the information gap in financial services.
 

Denis WeerasiriHappy new year Sri Lanka!


For the past four years, I usually spent the new year's eve at my boarding place with my colleagues as we get ready for exams in the upcoming month of January. (Though it's not official, January seems to be a month for the final semester exams in my university :)).
Though we were away from our homes, somehow we got the chance to celebrate the new year with few of traditional new year foods at our boarding place.


Normally for Sri Lanka , the new year falls on April 13th or 14th every year. Food is the essential part of New Year festivities in Sri Lanka. Sinhalese food is very rich in nutrition. They prepare sweet meats such as mung kavum, konda kavum and unduvel. There is also an old tradition of preparing Kiri Bhath (milk rice) with rice.
Even though Sri Lankans also celebrates new year's day on January 1st as well.
 

Paul FremantleBritish MPs hint at even worse behaviour

I don't normally blog about politics, but every once in a while they wind me up so much I can't help it!

4 British Politicians have been charged under the Theft Act for fiddling their expenses. They are saying that they are going to claim "parliamentary privelige" to avoid prosecution. Basically, under the 1689 Bill of Rights, MPs cannot be taken to court for things that happen within parliament. This is designed to protect them from libel and encourage free speech in Parliament. They are going to argue that this applies to their expense reports as well.

Whether or not they win that argument - this is really sinking to a new low. To pad your expenses is one thing. To claim that you are above the ordinary law - that you can avoid prosecution for fiddling your expenses just because you were a politician - that is the lowest of the low. If these MPs and Lords are truly innocent, let them prove it without claiming parliamentary privelige. 

To do anything else will be to sink to a new low - cowering under one of the most sacred of our parliamentary rules to hide their thievery.

Thilina BuddhikaWSO2 Identity Server 2.0.3 released..



The WSO2 Identity Server team is pleased to announce the release of version 2.0.3 of the open source WSO2 Identity Server (IS).



This is a bug fixed release.

IS 2.0.3 release is available for download at [1].
New Features
Various bug fixes - including security fixes & enhancements to Apache Axis2, Apache Rampart, Apache Sandesha2 , WSO2 Carbon [2]  & other projects.
- Hide quoted text -

How to Run

1. Extract the downloaded zip
2. Go to the bin directory in the extracted folder
3. Run the wso2server.sh or wso2server.bat as appropriate
4. Point you browser to the URL 
https://localhost:9443/carbon/
5. Use "admin", "admin" as the username and password.
6. If you need to start the OSGi console with the server use the property -DosgiConsole when starting the server

For more details, run, wso2server.sh (wso2server.bat) --help

Known issues

All known issues have been filed here [3]. Please report any issues you find as JIRA entries.

Reporting Problems

Issues can be reported using the public JIRA available at 
https://wso2.org/jira/browse/identity

Contact us

WSO2 IS developers can be contacted via the mailing lists:
For Users: 
identity-user@wso2.org
For Developers: 
carbon-dev@wso2.org
For details on subscriptions please see 
http://wso2.org/mail

Alternatively, questions can also be raised in the IS forum: 
http://wso2.org/forum/308

Support

We are committed to ensuring that your enterprise middleware deployment is completely supported from evaluation to production. Our unique approach ensures that all support leverages our open development methodology and is provided by the very same engineers who build the technology.

For more details and to take advantage of this unique opportunity please visit 
http://wso2.com/support/

For more information about WSO2 Identity Server please see 
http://wso2.com/products/identity-server/ or visit the WSO2 Oxygen Tank developer portal for addition resources.

Thank you

The WSO2 Identity Server Team

[1]. 
http://wso2.org/downloads/identity
[2]. 
http://wso2.org/projects/carbon
[3]. 
https://wso2.org/jira/browse/CARBON

Chintana WilamunaYahoo Traffic Server

Yahoo has donated the caching proxy server they use internally to Apache Foundation. This, apart from acting as a high performance proxy server has many other cool features. If you’re trying it out here’s the minimum required settings that you should set in order it to act as a caching proxy server. First you have to [...]

Yumani RanaweeraDeploying WSO2 Carbon 2.0.x in IBM WebSphere Application Server 6.1

I have converted one of the past blog posts into an article and its now published in WSO2 Oxygen Tank -Library.

Its titled as "Deploying WSO2 Carbon 2.0.x in IBM WebSphere Application Server 6.1". Is available here.

Tyrell PereraHaiti Is a Marketing Lesson

Haiti Is a Marketing Lesson - Dan Pallotta - Harvard Business Review
"The reason people are giving so much money to Haiti is simple: They are hearing about it. They are seeing and reading about the catastrophe over and over again on the front page, in prime time, and in viral web appeals 24 hours a day, seven days a week. This is not a singular occurrence: Every so often, for brief moments, disasters trigger the deluge of media for humanity as is enjoyed every day by the likes of Budweiser, BMW, and the iPod. If it had to be paid for, the media that is currently publicizing Haiti would cost many tens, if not hundreds, of millions of dollars. But alas, we would never let humanitarian organizations spend that kind of money on advertising, despite the fact that it might bring in many times more dollars than it costs."

Interesting read, considering the fact that even for-profit marketers seem to ignore these fundamentals sometimes.


Charitha KankanamgeGoogle Automation - Automated testing search engine


If you are looking for software test automation information, you will get the best results by using Google Automation search engine. It only searches the sites that matter most to automators.

Chanaka JayasenaNew Lost Season Rocks !!!!!


New Lost season started on ABC network last Tuesday. In last two seasons they introduced time travel. Now it seems they are talking about parallel universe theory. They say this is going to be there last season of the long running amazing TV show.
"The aftermath from the detonation of the hydrogen bomb is revealed."

Chanaka JayasenaSql queries result table column selecting javascript function

I was looking for a script which do the above. I couldn't find any. So I wrote a one. The following function takes a sql query string such as
"SELECT Persons.LastName, Persons.FirstName, Orders.OrderNo FROM Persons INNER JOIN Orders ON Persons.P_Id=Orders.P_Id ORDER BY Persons.LastName SELECT AVG(OrderPrice) AS OrderAverage FROM Orders" and returns a string array containing LastName,FirstName,OrderNo.


function brakeColumns(query) {
var columnList = new Array();
var patten1 = /^[\w\$][\w]*/i;
var patten2 = /^[\w\$][\w]*\.[\w\$][\w]*$/i;
var numEnd = query.search(/\sfrom\s/i);
var elems = (query.substring(6, numEnd)).split(",");
for (var i = 0; i < elems.length; i++) {
var elem = elems[i].toString();
elem = trim(elem);
var stPoint = "";
var wanted = "";
if (elem.search(/\sas\s/i) != -1) {
stPoint = elem.search(/\sas\s/i);
wanted = elem.substring(stPoint + 4);
wanted = trim(wanted);
if (patten1.test(wanted)) {
columnList.push(wanted);
}
} else if (patten2.test(elem)) { //check for tablename.column name pattern
stPoint = elem.search(/\./);
wanted = elem.substring(stPoint + 1);
wanted = trim(wanted);
if (patten1.test(wanted)) {
columnList.push(wanted);
}
} else { //check for straight column name like username,passsword etc
if (patten1.test(elem)) {
columnList.push(elem);
}
}
}
return(columnList);
}


function trim(stringToTrim) {
return stringToTrim.replace(/^\s+|\s+$/g, "");
}

Charitha KankanamgeHow to start WSO2 Carbon AMIs

The latest product versions of WSO2 SOA platform are available for download now. This release addresses various bug fixes and enhancements. In addition to the usual binary, source and document distributions, WSO2 products are now available as cloud virtual machines.
WSO2 cloud virtual machines provides you with the ability to implement your SOA infrastructure in private or public cloud. In this post, we will look at how AMIs of WSO2 Carbon family of products can be used.
I will use WSO2 ESB AMI for the demonstration, however you can follow the same steps to start any of the WSO2 Carbon AMI.

Pre-requisite:
You should have the necessary Amazon EC2 account ready for AMI administration. AMI EC2 API tools should be installed in your computer. You may refer to this tutorial in order to set up the infrastructure.

Step 1
Go to WSO2 ESB home page in Oxygen Tank. Click on WSO2 Cloud Service under the Download icon.
You will find WSO2 ESB cloud virtual machines in that page. Take a note of AMI ID given there (ami-878569ee)

Step2
Open a shell and issue the following command to start 64bit WSO2 ESB AMI instance.

ec2-run-instances ami-878569ee -k --instance-type m1.large

Replace with the name of your public/private keypair. Read http://docs.amazonwebservices.com/AmazonEC2/gsg/2006-06-26/running-an-instance.html if you do not know hot to generate a keypair.


Step 3

The above command starts up an AMI instance with a pre-configured WSO2 ESB server. Also, the above will return the ID of the started instance (instance-id).

e.g:-

INSTANCE i-c28093aa ami-878569ee pending charithakankanamgewso2-keypair 0 m1.large 2010-02-04T06:03:25+0000 us-east-1c aki-a3d737ca ari-7cb95a

After a few seconds, issue the following command to get the public DNS name of WSO2 ESB so that we can access ESB management console.

ec2-describe-instances

e.g:- ec2-describe-instances i-c28093aa

This will return the public DNS name as follows.

INSTANCE i-c28093aa ami-878569ee ec2-174-129-86-140.compute-1.amazonaws.com domU-12-31-39-0C-21-B2.compute-1.internal

Step 4

Open a browser and access URL, https://ec2-174-129-86-140.compute-1.amazonaws.com. You will be able to log in to WSO2 ESB management console.






Tyrell PereraLatest Releases of WSO2 Mashup and Gadget Servers



We announced the releases of WSO2 Mashup Server version 2.0.2 and WSO2 Gadget Server version 1.0.1 yesterday. These releases as usual include improvements and fixes and in case of the Mashup Server, a new Host Object in addition to the collection already available. So make sure you have a look at the brand new HttpClient Host Object once you download 2.0.2.

I'm really happy about the traction WSO2 Gadget Server is gaining since its initial release in December 2009. It not only fulfils the last mile of our SOA platform story by providing a presentation layer, but also uses the Google Gadgets Specification to make this presentation layer SOA centric and interoperable with other portals such as iGoogle. And the most encouraging part? The users get it. That is a great feeling.

Our next major set of releases will come in March 2010, code named Iridium and will have some major enhancements and features. We are also doing a great amount of work targeting the Cloud. The WSO2 Gadget Server will soon be available as a Service, with Mashup Server to follow.


Sanjiva WeerawaranaWSO2 platform overview

We recently posted a slide deck that gives an updated overview of the WSO2 platform. This covers both our downloadable products as well as our cloud offerings. Enjoy!

Chanaka JayasenaLegal identifier matching regex pattern

The following will match any legal identifier — an unlimited-length sequence of Unicode letters and digits, beginning with a letter, the dollar sign "$", or the underscore character

/^[a-zA-Z\$_][a-zA-Z0-9]*/


The following is a example in Javascript

alert(/^[a-zA-Z\$_][a-zA-Z0-9]*/.test("testVar"));

Yumani RanaweeraCloud and open source meet to test Web apps

Start-up Sauce Labs receives funding to support open-source Selenium project on-premise and in the cloud.

Blog post by Dave Rosenberg on Software, Interrupted.
http://news.cnet.com/8301-13846_3-10437699-62.html

Dimuthu GamageWebinar: WSO2 Business Activity Monitor for Agile Enterprises

Samisa Abeysinghe, the directory of engineering at WSO2 will present a webinar on Building an Agile Enterprise With Business Activity Monitoring today (3rd February 2010).

There he will provide an overview of WSO2 Business Activity Monitor (WSO2 BAM), the latest product from the WSO2 Carbon platform, including its built-in dashboard to view analytics , reports of past and present activities of the enterprise SOA infrastructure and how these information can be used in tactical and strategic decision making.

Chanaka JayasenaSimple way to converting html tags to display in web pages

I think every one has tried at least ones to put some html code in your blog post. I tried several ways but finally I ended up replacing special characters like "<" and ">" with &lt; and &gt;

Following is a solution that you can easily integrate in to your web page. Include this javascript method in your header section.
function putInsidePre(txt,toPre){
var preText = document.createTextNode(txt);
document.getElementById(toPre).appendChild(preText);
}

and put the following style class in your css or just include them in a new >style< tag.
.codeStyle {
background-color:#EAEFF1;
border:1px solid #88BFCE;
color:#325669;
display:block;
font-size:11px;
height:200px;
line-height:1.5em;
overflow:auto;
}


Then you can create a
 tag and give it a id and call "putInsidePre" method to populate it.

Here is a full working example.

<html>
<head>
<style>
.codeStyle {
background-color:#EAEFF1;
border:1px solid #88BFCE;
color:#325669;
display:block;
font-size:11px;
height:200px;
line-height:1.5em;
overflow:auto;
}
</style>
<script>
function putInsidePre(txt,toPre){
var preText = document.createTextNode(txt);
document.getElementById(toPre).appendChild(preText);
}
</script>
</head>
<body>

<pre class="codeStyle" id="codeBlock"></pre>
<script>
putInsidePre('<html><head></head><body>Content</body></html>',"codeBlock");
</script>
</body>
</html>

Charitha KankanamgeImportance of logging in QA testing

Recently James Bach posted a nice blog entry in which he identified logging as a good friend of an exploratory test team. I believe the comprehensive logging of AUT (application under test) is an extremely valuable asset to any tester regardless of the context of exploratory testing.
A detailed log will surely help to minimize the effort required to reproduction of issues. There are intermittent failures, random application crashes which are extermely hard to regenerate in successive attempts. If the AUT is written in a way in which all the major user events are logged, then the root causes of such random failures can be traced easily.
A comprehensive log is a useful test report. After a test run, you can store the log somewhere safely and use it as the test report. Specially, in agile test processes, test teams do not find sufficient time to record test results and maintain detailed test reports due to the short release cycles. If the AUT provides good set of logs, it will help testers to use them instead of maintaining separate test logs.

IMHO, comprehensive logging is a must have feature of any of the enterprise-scale application. At WSO2, this has been identified as a extremely important tool and the necessary modifications are in-progress to improve logging in WSO2 Carbon SOA middleware suite.

Chintana WilamunaWeb site lead generation pages

This article explains some worthy insights into making lead generation pages. An interesting idea that’s new to me was to make the page a dead-end. Having no links on the lead generation page that links back to the main site. Making it “harder” for the user to click something and navigate away from the lead [...]

Charitha KankanamgeHow to deploy WSAS-3.X on Oracle WebLogic 10.3

Once Azeez has written a 10 minute guide to installing WSO2 WSAS on Weblogic server. That guide explains the steps to deploy 2.X family of WSAS on weblogic. With the introduction of WSO2 Carbon platform in December 2008, WSO2 WSAS is no longer distributed as a separate war distribution. Hence, the instructions given in that document is not applicable when deploying WSO2 WSAS-3.X series on Oracle WebLogic server.
Since all WSO2 java products are built on Carbon platform, users can configure running WSO2 products on any application server using a set of components included in binary distributions. I have already explained the steps to deploy WSO2 BPS on tomcat and WSO2 WSAS-3.X on Jboss.

This post describes the steps to deploy WSO2 WSAS-3.X on WebLogic 10.3

Step1

Create a new weblogic domain by running config.sh {bat} located at WebLogic_HOME/wlserver_10.3/common/bin directory.
Lets assume the new domain is wsas.

Access your weblogic domain direcrtory and start weblogic (Go to WebLogic_HOME/user_projects/domains/wsas/bin and run startWebLogic.cmd)

Step 2
Download the latest version of WSO2 WSAS-3.X from here. Extract the downloaded zip into a directory. Copy conf, database, repository and resources directories in to a new folder. Here after, we will refer it is wsas-repo (i.e:- C:\wsas\wsas-repo)

Also, create a new directory, wso2wsas and copy the WEB-INF directory located at the webapps/ROOT directory of the downloaded WSO2 WSAS-3.X to wso2wsas directory. Now, your wsas-repo should have five sub directories - conf, database, repository, resources and wso2wsas.
wso2wsas will be used as the webapp root directory.

Step 3

We need to enable SSL in weblogic server. Log in to weblogic administration console (You should have configured username and password for admin console when creating your WebLogic domain) and go to Environment --> servers. Select AdminServer.
Click on KeyStores tab. Configure keystores as shown below.



Keystore = Custom Identity & Custom Trust


Custom Identity Keystore = C:\wsas\wsas-repo\resources\security\wso2carbon.jks

Custom Identity Keystore Type = JKS

Custom Identity Keystore Passphrase = wso2carbon

Confirm Custom Identity Keystore Passphrase = wso2carbon

Custom Trust Keystore = C:\wsas\wsas-repo\resources\security\wso2carbon.jks

Custom Trust Keystore Type = JKS

Custom Trust Keystore Passphrase = wso2carbon

Confirm Custom Trust Keystore Passphrase = wso2carbon

Now, select SSL tab and enter the following values.

Identity and trust locations = keystores

Private Key Alias = wso2carbon

Private Key Passphrase = wso2carbon

Confirm Private Key Passphrase = wso2carbon


Save the configuration and go to the General tab. Select the check box next to "SSL listen port enabled".

Now we have configured the necessary changes to enable SSL on weblogic. Lets continue with deploying WSO2 WSAS on weblogic.

Step 4

Now, we should update the set of config files shipped with WSO2 WSAS. We will update carbon.xml, axis2.xml, registry.xml and user-mgt.xml which can be found at the above wsas-repo\conf directory.
First, open carbon.xml and update the ServerURL element as follows.

<ServerURL>https://localhost:7002/wso2wsas/services/</ServerURL>

Note that we have configured weblogic to run on 7002 port.

Update WebContextRoot element as follows.

<WebContextRoot>/wso2wsas</WebContextRoot>

Save and close carbon.xml.

Open registry.xml and update DB URL as follows.

<url>jdbc:h2:C:\wsas\wsas-repo\database\WSO2CARBON_DB;create=true</url>

Now, open user-mgt.xml and update database URL as follows.

<url>jdbc:h2:C:\wsas\wsas-repo\database\WSO2CARBON_DB;create=true</url>

Make sure to specify the absolute path of the WSO2CARBON_DB in both of the above elements.

We must change the http and https ports in In Transports section of axis2.xml as follows.

<transportReceiver name="http"
class="org.wso2.carbon.core.transports.http.HttpTransportListener">
<parameter name="port">7001</parameter>

</transportReceiver>

<transportReceiver name="https"
class="org.wso2.carbon.core.transports.http.HttpsTransportListener">

<parameter name="port">7002</parameter>
</transportReceiver>

Step 5

We have completed the required configurations and we can deploy WSO2 WSAS on weblogic now.
First, shutdown the weblogic server instance if it is still running.
open a new command window and change the directory to WebLogic_HOME/user_projects/domains/wsas/bin.
Define an environment variable called CARBON_HOME and set the path to your wsas-repo directory.

In windows; set CARBON_HOME=C:\wsas\wsas-repo
In linux; export CARBON_HOME=\home\user\wsas\wsas-repo

Run startWebLogic.cmd

Once the server is started successfully, log in to weblogic administration console using https://localhost:7002/console
Then, go to the Summary of Deployments page and select Install.
Locate the deployment root by selecting C:\wsas\wsas-repo\wso2wsas directory. (web app root directory will be shown with a radio button option as follows.



Click on next to proceed through the wizard and continue with the default settings.
Once the deployment is successful, save the configuration and select start --> servicing all requests

Now, we are done with the deployment. You could access the management console using https:\\localhost:7002\wso2wsas\carbon

Note:-
1. In order to set the log4j logs, you may copy log4j.properties file in the extracted WSO2WSAS-3.X directory to wsas-repo\wso2wsas\WEB-INF\classes

2. If you want to deploy JaxWS services in WSAS/WebLogic platform, you should do the following configuration to avoid a class casting issue (https://wso2.org/jira/browse/CARBON-4835)

- Remove weblogic.jar/META-INF/services/com.sun.xml.ws.api.wsdl.writer.WSDLGeneratorExtension & restart Carbon

3. Also, Make sure to copy xalan-*.jar, xercesImpl-*.jar and xml-apis-*.jar from the lib/endorsed directory of the extracted WSAS binary distribution to weblogic endorsed directory before you start WSAS.




Chintana WilamunaBrowsers, browsers and more browsers

No matter how many browsers are out there I still haven’t found the one true browser that rule ‘em all. This has the awkward situation where there has to be multiple browser instances running at any given time. All the memory that these fellows eats up is not much of a bigger deal because memory [...]

Thilina BuddhikaHow to generate Self-Signed Certificates programmatically ?

The most common approach of generating a self-signed certificate is using the Java Keytool. But there may be situations where the requirement is to generate self-signed certificates programmatically.

It is possible to do this by programmatically invoking the keytool(using Runtime.exec) which is not a very promising approach. And also it is possible to use the Sun's proprietary classes used inside the Keytool to do this. But there is no documented API on these classes.

One clean approach of programmatically generating these self-signed certificates is through the Bouncy Castle API. I will walk you through the important steps of the above process.

To start with this, you need to have the Bouncy Castle jar in your classpath.(You can download it from here)

First you need to generate a key pair. We are using "RSA" public-key cryptography algorithm and a key size of 1024.

KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA");
keyPairGenerator.initialize(1024);
KeyPair KPair = keyPairGenerator.generateKeyPair();

Then instantiate an X.509 cert. generator.
X509V3CertificateGenerator v3CertGen = new X509V3CertificateGenerator();

Now start creating the certificate. Serial number, issuer, validity period and Subject are set here.
v3CertGen.setSerialNumber(BigInteger.valueOf(new SecureRandom().nextInt()));
v3CertGen.setIssuerDN(new X509Principal("CN=" + domainName + ", OU=None, O=None L=None, C=None"));
v3CertGen.setNotBefore(new Date(System.currentTimeMillis() - 1000L * 60 * 60 * 24 * 30));
v3CertGen.setNotAfter(new Date(System.currentTimeMillis() + (1000L * 60 * 60 * 24 * 365*10)));
v3CertGen.setSubjectDN(new X509Principal("CN=" + domainName + ", OU=None, O=None L=None, C=None"));

Then set the public key of the key pair and the signing algorithm to the cert generator.
v3CertGen.setPublicKey(KPair.getPublic());
v3CertGen.setSignatureAlgorithm("MD5WithRSAEncryption");

Now you can generate the certificate.
X509Certificate PKCertificate = v3CertGen.generateX509Certificate(KPair.getPrivate());

And store it in a file.
FileOutputStream fos = new FileOutputStream("/path/to/testCert.cert");
fos.write(PKCertificate.getEncoded());
fos.close();

You can view this cert using the keytool.
keytool -printcert -file /path/to/cert

Upto now we have created a key-pair and generated a X.509 certificate which contains the public key. Now we have to import the generated private key to a key store. Importing the private key to a key store is straight forward.

Load the key store to memory.

KeyStore privateKS = KeyStore.getInstance("JKS");
FileInputStream fis = new FileInputStream("/path/to/sample-key-store.jks");
privateKS.load(fis, "keyStorePass".toCharArray());

Import the private key to the key store.

privateKS.setKeyEntry("sample.alias", KPair.getPrivate(),
new char[]{'e', 'n', 't', 'r', 'y', 'p', 'a', 's', 's'},
new java.security.cert.Certificate[]{PKCertificate});

Write the key store back to disk.

privateKS.store( new FileOutputStream(keystoreFile), "keyStorePass".toCharArray());

You can try this with different parameters like key sizes, signing algorithms, etc.

Saliya EkanayakeSplit View in Firefox

After being able to split the Eclipse windows, I felt the need to split Firefox. Luckily I came across this add-on called "Split Browser", which simply does this for you. It enables you to split tabs both horizontally and vertically. Here's a screenshot of this.

Saliya EkanayakeSplit View in Eclipse

I really wanted the split view feature to be in Eclipse as with most of the other IDEs. In fact, Eclipse has this feature, but doesn't give a visible menu/tool option to do it. The simplest way is to drag the tab containing the source until you can see an arrow mark. Then it will split the view as soon as you let go of the mouse. Here's a nice video I found on how to do this.

http://addisu.taddese.com/blog/split-windowview-using-eclipse/

Here's a screenshot of how it looks.


Kaushalye KapurugeBlog Ideas

cartoon from www.weblogcartoons.com

Cartoon by Dave Walker. Find more cartoons you can freely re-use on your blog at We Blog Cartoons.

Nandika JayawardanaMaking the Skeleton Dance

This is a very interesting marketing strategy.  A guy walks into an into an interview and  highlights his negatives.

As I look over my copy of Thompson's application, I mentally reduce his chances from minuscule to nonexistent. I glance at my watch. I've got an early flight. I wonder how long it will take my compatriots to blow poor Thompson off.
"So why should we hire you, Mr. Thompson?" the area manager asks, starting with the question she usually finishes with.
Thompson smiles.
"I'm 53 years old," he says without hesitation. "I'm not pretty. I've been unemployed for almost five months—ever since my last company went belly-up. I've got no experience in your industry. If you take a look at my application you'll see that there's a checkmark next to the yes on that question about whether or not I've ever been convicted of a felony. I've applied for any number of other jobs and no one else will hire me." He looks at us each in turn while he's slowly ticking off these points on his fingers, as confidently as if he were explaining his Harvard MBA, his Olympic gold medals and his seven years as CEO of General Motors. "So let me tell you why I'm the best possible candidate you're ever going to find for this position."
And that's exactly what he proceeds to do—demonstrating the poise and assurance and experience he'd gained in those 53 years.
"If you hire me, I can't afford not to succeed!" he tells us with passion and conviction. "I don't have the option of being able to move on to greener pastures—or even brown pastures—when the job gets too grueling. I'm 100 percent committed. As locked into this position as I was locked into that jail cell 35 years ago. And if you'll notice that's where I earned the most of the credits for my college degree. I never wanted a Master's, so I've made sure I've never had to go back. But what I learned in that place—the formal and the informal training—has a lot to do with why I've been so successful at every job I've had since then."

Read the full article here.

http://www.evancarmichael.com/Sales/372/Making-the-Skeleton-Dance-Bragging-about-the-Negatives.html

Samisa AbeysingheNever Say Die


This photo shows the man that was pulled out of rubble, alive, after 14 days the 7.0 magnitude Haiti quake took place.

Samisa Abeysinghe2010 Presidential Election -Genaral Lost!

MR clearly won the election. By a margin that I did not expect.

SF lost.

It is an interesting question if it was really that MR won or SF lost.

Was the election free and fair? On the election day, it was. Leading to the election, it was not.

Government media was misused to the max. The election commissioner admitted this in his statement declaring the result. Unlike in the previous elections, private media was not that bad this time.
Obviously, since I did not like what was going on in the state media, I did not watch those. However, while private media runs with their earned money, state media runs with people's tax money. So they got to be more responsible.

The general was sunk in the mud with government media, and also filled peoples minds with FUD. The whole conspiracy theories and the stuff are total bullshit. I saw posters reminding people with 89-90 era photos, before the election day. These were government sponsored, and was targeted towards generating FUD against SF. However, anyone with bit of understanding on the uprising and the chaos in 89-90, would know that it was triggered by the unbalanced power that was given to UNP in 77. Seeing these posters, the feeling that I got was that I have to be concerned about my sons lives down another 10 to 15 years. What we are doing now is to over power the rulers, like in 77. Consequences will be felt down the line.

It is a reality that SF did at least something to win the war. And GR knew the value of SF in this context. Keep the politics aside, the suicide attack on SF and the follow up developments contributed a lot on the win of war. So more than SF or MR, I believe that it is GR who made it happen. Also, it is not MR, but GR that LTTE was looking to kill at that time. More than anyone, the terror outfit knew who was more threatening.

Looking at the way that SF was attacked, it was shocking for me to see how dirty the politics were. It was amazing how people overlooked, and people were directed to overlook, the services done by SF, and MR did the whole thing to win the war. It was more shocking that it boiled down to the question of weather SF or MR won the war, and those who really fought on the ground and those who got killed in bunches, even in the last minute, were largely forgotten. What would have happened if a solder, who was in the front, in the last battle, was a candidate in the presidential election? Would or would not that person have been attacked like SF?

And what if GR ran against MR? Who would have won?

The problem with SF to start with was that he joined camps with the wrong people. JVP and UNP were bankrupt. Also, I am not sure what the whole rationale of his statement to the Sunday Leader news paper. That alone lost his campaign. SF wanted to win. And that is why he lost. If he stood genuine, out of the dirty politics, did not stand with the bankrupt opposition and stood against the obvious government corruptions, and was not afraid to loose it, standing for the truth, he would have won much better.

But the truth is, you need money to run a campaign. Presidency is a big business here. Look at the marketing budget, the money spent on the ad campaign. Who would spend money if there is no return. So if you want to run the campaign, you need money. So SF had to find some money. The best source was UNP. I do not know where the money come from - some say from foreign powers, and some say, from Colombo business community. From wherever it is, they have money. So SF had to join forces with someone to get the money. And that very thing paved the way for him to be attacked the way MR camp attacked him. So he lost.

Bottom line. SF should not have contested the polls.

However, the real problems remain. Corruption is one of the key problems that I have. Corruption at the ground level in MR camp, because the people see no risk of loosing. There are numerous examples in the village that I live in.
There is no way that MR camp will loose the general election. MR camp will fight among them for preferential votes. There will be no risk of loosing hence, no need to worry about "serving people".
Also, I see no vision, no strategy. It is like the Dehiwala sky bridge. Government "sell" it. But it is a waste of money and increase of traffic. Electronics engineers do not have jobs. They come looking for QA jobs in IT. Because the government companies have outsourced all work to Chinese companies. But I see polling ads "sell" development. And I see on Facebook, that engineering students in the campus happily voting for MR. The government should not be obliged to provide jobs to all graduates, but they should also not prevent job opportunities due to cheap outsourcing. I see Chinese faced people near construction sites - bad new for civil engineering graduates.

Politics is easy money. This also must have played a role for SF to consider running.
In the process, he lost a lot of respect from lot of people.

MR won the first election without any support from minority parties. It was the Sinhala vote that made him president. Thondaman did not support MR in 2005. This time, minorities were with MR for couple of reasons. One for bargaining. Two because SF was army commander. People associated killing with SF and winning with MR. No war can be won without killing. The one who winds the war is the war hero. Now who is the real war hero, MR or SF? This whole logic is busted.

Bargaining possibilities still remains. Minorities will use this for the max in general election. The minorities who did not support MR to win in the first place, will get a bigger pie. They did not help win the war, but will reap the benefits of MR win. Who is loosing? I did vote for MR in 2005. Thondaman took away so many votes from MR in 2005. What am I getting today? What is Thondaman not getting today? What is SF getting today? Again, who won the war? Who helped win the war? Who is getting the benefit?

The General lost! I still respect him though, irrespective of what he said and done during the election, because of the role he played in winning the war in this country.

MR won!

I am keeping my eyes open, to see if it was a people win, if there will be something bright in the future.


Samisa AbeysingheSOA Skills - Seond Highest Paid

A recent salary survey has shown that employers place a premium on SOA related skills.

The leader is ABAP (Advanced Business Application Programming)

We have seen over the last year that people were increasingly looking for WSO2 skills, which is a good proof on the fact that SOA skills are premium and being sought after.

Samisa AbeysingheHaiti Quake Miracle after 14 Days

U.S. troops pulled a man alive from the rubble of a collapsed building in Haiti's destroyed capital on Tuesday, two weeks after a massive earthquake rattled the country.

The 35-year-old man, covered in dust and dressed only in underpants, was carried out from the ruins of a building in downtown Port-au-Prince and was driven off for medical treatment. He did not appear to have any serious injuries.

The rescue, exactly 14 days after the magnitude-7.0 earthquake killed as many as 200,000 people, came as the U.S.-led relief effort was focused on getting help to hundreds of thousands of survivors left homeless, hungry and injured.
Read more

Samisa AbeysingheNew Decade, New Portal - Slides

The WSO2 Gadget Server is a new kind of Enterprise Portal that is designed around SOA and pure Web technologies. The Gadget Server is based around the Google Gadget Specification, a lightweight open specification for web and AJAX portlets. Gadgets are already heavily used on the Web with Google's own iGoogle personalized homepage used by millions, and hundreds of available gadgets freely available on the web. In particular, the Gadget specification is based on well-known languages (just XML, HTML and JavaScript), meaning that the Gadget Server is effective technology for Java, .NET and LAMP approaches alike.

Samisa Abeysinghe2010 Presidential Election - Mahinda Winning!

MR is winning. That is not that surprising.

However, the margin he is winning by is very surprising.


Samisa Abeysinghe2010 Presidential Election - Peaceful

Peaceful, free and fair.

SF did not even vote. So if MR wins by 1 :P

I still do not understand why some of these people hang around the polling station after voting.
There were plenty of people around even at 3.55 pm, five minutes to finish the poll.

At least another four years of the country is decided by now.

Now to the next poll..who will be the president in another 4/6 years? BR? NR? or SR?

Samisa Abeysinghe2010 Presidential Election - People are Voting like Hell

Looks like the turnout going to be good.

I see long queues in all three polling stations that I saw, riding around. (No I am not an election observer ;) )

Good! Whatever the outcome is, let the majority decide.

And in our area, things are very calm.

Samisa Abeysinghe2010 Presidential Election - It is time to begin Change

Looking at 2005 results, it will be a very close one.

While it looks like MR will win, the divide will be very marginal.

Had MR done little bit to curb corruption, he would have won easily - but keeping people like the "Kudu Gamunu" he has done himself more harm than good.

To be frank, I have no idea what SF will do if he wins. But it does not matter much as it is very unlikely he would win. However, SF seems more genuine compared to the typical politician that MR is. The problem is the bunch of idiots around SF.

The real problem is, there is none out of the whole lot in this contest that is going to address the real problems, like the price of rice, like the debacle in education system. The whole campaign was based on FUD and mud. After all, we are a very high literate nation, but not an educated one or even not that thinking type for that matter. If you look at the ground level, even the educated ones are debating in two camps, MR vs SF, the the loyal and not-loyal, the purple and green+red. There is no third eye, there is no view in a direction outside these.

The question in the air is who will win, SF or MR. However, what about people? Will they win? What about the general public? The story goes, "every politician is corrupted; they will take commissions - 10% is standard". You cannot fix this system etc. etc. Today, 15 million will vote to select one, and few around him will eat up the whole thing. Then the 15 million will grumble and mumble till the next election and would do the same thing again. If we are to develop as a nation, this needs to change (change not like Obaba, though, which is NATO). Someone needs to take initiative.

Samisa AbeysingheBuilding an Agile Enterprise with Business Activity Monitoring

“Agility” is more than just a buzz word. The ability to be agile ensures enterprises to gain a competitive advantage. The right decisions made at the right time by the right people is the key to success. And both IT as well as business domain experts understand the need to respond to the latest trends in a proactive manner.

WSO2's new Business Activity Monitor - WSO2 BAM, is the ideal tool that is not only useful for business users but also IT personal to monitor key performance indicators that govern the success of their enterprise. The built in dashboards and reports along with analytical capabilities of historical data, empower users to make the right tactical and strategic decisions.

This webinar, will enlighten you on how to exercise business activity monitoring with your SOA deployments to implement a complete feedback life-cycle in your SOA.

Isuru SuriarachchiJAX-WS Service development with WSAS


I’ve started a series of articles on JAX-WS development with WSAS. The first one here, talks about the basics and fundamentals of JAX-WS development. I’ve written some areas of this topic in my previous posts in this blog. But this article brings all together and provides a very easy to follow approach to develop JAX-WS services with WSAS. There will be few more articles coming out on JAX-WS client side development, MTOM support, WS-Security etc. So stay tuned. I’ll post everything on this blog once those articles will be published.

Isuru SuriarachchiCode First or Contract First with WSAS?


“Code First or Contract First?”. This has been a hot topic in the Web services world for many years among the Web service developers. In one of my latest articles on WSO2 Oxygen Tank, I’ve discussed this topic in the context of WSO2 WSAS. In this article, you’ll find out how to select the most appropreate approach to be followed when developing your Web Service with WSAS.

Chintana WilamunaBill Gates’ vision

This is not about Bill Gates’ move into social media, twitter, the micro blogging craze for the cool kids. No. Nor this is about The Gates Notes where he write about his thoughts. After reading The Internet Tidal Wave [PDF] again, it’s fascinating to take a peek at Bill Gates vision for the company, 15 [...]

Footnotes