WSO2 Venus

Thilina GunarathneExperience with adapting a WS-BPEL runtime for eScience workflows

The paper I presented in the SC09 GCE workshop.

Abstract

"Scientists believe in the concept of collective intelligence and are increasingly collaborating with their peers, sharing data and simulation techniques. These collaborations are made possible by building eScience infrastructures. eScience infrastructures build and assemble various scientific workflow and data management tools which provide rich end user functionality while abstracting the complexities of many underlying technologies. For instance, workflow systems provide a means to execute complex sequence of tasks with or without intensive user intervention and in ways that support flexible reordering and reconfiguration of the workflow. As the workflow technologies continue to emerge, the need for interoperability and standardization clamorous. The Web Services Business Process Execution Language (WS-BPEL) provides one such standard way of defining workflows. WS-BPEL specification encompasses broad range of workflow composition and description capabilities that can be applied to both abstract as well as concrete executable components.

Scientific workflows with their agile characteristics present significant challenges in embracing WS-BPEL for eScience purposes. In this paper we discuss the experiences in adopting a WS-BPEL runtime within an eScience infrastructure with reference to an early implementation of a custom eScience motivated BPEL like workflow engine. Specifically the paper focuses on replacing the early adopter research system with a widely used open source WS-BPEL runtime, Apache ODE, while retaining the interoperable design to switch to any WS-BPEL compliant workflow runtime in future. The paper discusses the challenges encountered in extending a business motivated workflow engine for scientific workflow executions. Further, the paper presents performance benchmarks for the developed system."

Experience with adapting a WS-BPEL runtime for eScience workflows

Thilina GunarathneExperience with adapting a WS-BPEL runtime for eScience workflows

Check out this SlideShare Presentation:
Experience with adapting a WS-BPEL runtime for eScience workflows
View more presentations from Thilina Gunarathne.

Chintana WilamunaSublime tunes from heaven

Once in a while a band comes along with music that stick into you like a virus without a vaccine. It just wraps you in ways that's inexplicable in words. Words, being words will not do enough justice to make you feel the same way as one would forget about ...

Prabath SiriwardenaAdding DZone to iPhone / iPod Touch

I was looking for an aplication or an add-on to iPod/Safari where I could post a link to DZone - from the corresponding web site it self.

Failing to find one - I followed the following work-around - which worked perfectly for me - so, thought of sharng it for the benefit of others.

1. Open up Safari and go to http://www.dzone.com

2. Add a bookmark to it - and set the Title of the bookmark as - 'Submit to DZone'

3. Now - tap on the Bookmarks link, as in the image shown below - click 'Edit' and select 'Submit to DZone'.

4. Remove the current Address of the 'Submit to DZone' bookmark and set the following..
javascript:window.loaction='http://www.dzone.com/links/add.html?url='+escape(window.location)+'&title='+escape(document.title)+'&description='+escape(document.title)
5. Now - go to any web site you want - and to submit that link to DZone - just tap on the Bookmarks link on the bottom of the browser and select 'Submit to DZone'.

Chintana WilamunaWeb is the OS

... or is it? After seeing the official announcement I was kinda interested in trying it out. But Prabath beat me to it. With ubiquitous Internet access, making something like this can be advantageous to some. Everything being a web app is great if all of them work. Hulu for ...

Chintana WilamunaApache Asia Roadshow

Apache Asia Roadshow 2009 will be happening from 3rd to 5th December this year. It's scheduled with two days conference and one day unconference. It's packed with a great set of talks and um .. yours truly will be talking on the 3rd about Web services interoperability demoing the Apache ...

Ruwan LintonWSO2 Steps into Cloud

This week, WSO2 has announced there cloud offerings introducing the Cloud SOA platform. With this we (WSO2) enters into cloud computing...

Cloud platform that WSo2 provides mainly consists of three variations; which are;
  • Cloud Virtual Machines
  • Cloud Connectors
  • Cloud Services
First of all lets take a look at the Cloud Virtual Machines. They are basically hardened virtual machines pre configured to be run on the cloud with auto scaling to fit into your load. This will be very cost effective since you pay it as you go, but still providing the production support insurance.

You may try out those as Amazon EC2 images or may be you can run them on your own as VMware images or Linux KVM images.

You should have been at least worring once in your life being not able to provide a third party access the service running on your laptop, since you are under a NAT. Well the second solution that WSO2 provides addresses this issue with a Cloud Connector which is the Cloud Services Gateway which enables you to just expose the service running on WSAS or ESB instance on your personal desktop/laptop connected to the internet, even though the third party cannot access your machine.

Another Cloud Connector will accelarate the security processing by delegating that bit to a virtual machine optimized to perform security which is called the Cloud Service Accelarator.

The final option (for the time being) is the Cloud Services, you may have heard the term "as a Service" much more frequently these days. So WSO2 exposes its Governance solution as a service naming it GaaS (Governance as a Service).

It will be very interesting for you to try out GaaS online.

We are not done yet, stay tuned for the next step towards the cloud; As a hint I would say IdaaS is coming soon. Guess what it is.... :-)

All the above will form the WSO2 Cloud Middleware, whcih will be the onestop shop for all your cloud requirements... Stay tuned...


Want to know more and more, yeah! join Paul Fremantle for the free Webinar on Cloud and SOA: A revolution for the enterprise on Tuesday, November 24, 2009 from 09:00 AM to 10:00 AM (PST).

Prabath SiriwardenaFirst look at Google Chrome OS

First we need to download the Chrome OS VMWare image from here.

To run this - we need to have VMWare Workstation - a 7 days trial version availbale from here to download.

Now - you need to wait hours and hours to get the trial version license key from VMWare. Instead of that use this - M142T-1034J-M8280-0KA8H-A49PC. If you are curious about this - here is the news behind that.

All set - setup your image with the VMWare Workstaion - steps here.


That's it - now you can login with your GMail account to your OS :)


Not bad at all - how about using an OpenID instead...

Read this for more info - "11 Things You Need to Know About Google's Chrome OS".

Samisa AbeysingheSOA Governance as a Service

WSO2 Governance as a Service enables enterprises to configure their own SOA Governance Registry with no software set up at all. This multi-tenant, hosted version is completely self-serviced with each tenant or domain having its own theme, own logo and of course own users. While it can be managed by its own user community, tenants optionally can publish some data publicly, for example business-to-business service entries


With WSO2 Governance as a Service enterprises are able to instantly:

  • Store services, WSDLs, Schemas and policies and make their discovery easy
  • Manage service metadata and lifecycles
  • Maintain multiple versions of services
  • Keep track of dependencies and associations of WSDLs and Schemas
  • Subscribe for updates in resources and lifecycles
  • Mange users with proper permission settings

and much more. Since this is a service, the best way to learn is by trying the service out for yourself!

Samisa AbeysingheObama Never Used Twitter

Obama is in China. He as speaking to a group of Chinese students.

Obama was asked by a student, "Do you know about the great firewall and should we be able to use Twitter?" His reply: "I have never used Twitter but I'm an advocate of technology and not restricting internet access."

Shocking, given that his account with 2.6 million followers has even been "verified" by Twitter headquarters!

Read more here.

Denis WeerasiriFirst screen-cast : Mooshabaya


This simple screen-cast demonstrates the basic functionality of Mooshabaya , which is mashup generation via Mooshabaya to WSO2 Mashup server. There are some other basic functionalities like WSO2 Governance Registry integration and event monitoring for mashup script execution which are not demonstrated in here. We will publish more explanatory ones once we get the project more towards the completion.



 

Prabath Siriwardenahttp://RampartFAQ.COM

We started with http://RampartFAQ.COM few months back as an effort towards helping the open source community around axis2/rampart. This post summarises all the posts there, as of now.


Basics
1.What is Rampart?
2.How to configure Rampart in Axis2?
3.How to run Rampart samples with Apache Tomcat?
4.How to enable SSL on Tomcat?
5.How does the nonce and the timestamp get generated for hashed passwords in UsernameToken?
6.How to create wildcard certificates with java keytool?
7.How to import/export certificates using Java keytool?

Intermediate
1.How to use Axis2 Dynamic Client to invoke Secured Web Services?
2.How password Callback Handlers work in Rampart?
3.How to ask for a hashed password in security policy?
4.How identity delegation works with ActAs in WS-Trust 1.4?
5.How SOAP message encryption works?
6.What is Assymetric Binding?
7.Would timestamp validation fail when servers and clients running in different timezones?
8.How to secure a web service with UsernameToken + HTTPS?
9.How to enable SSL on WAMP?
10.How to dump out JKS private key?
11.How to create a Certificate Authority with OpenSSL on Windows?
12.How to secure web services with HTTP Basic Authentication?
13.How to do UsernameToken authentication for web services based on AD?
14.How to secure a web service with UsernameToken?
15.Can we have multiple private keys in a single JKS?
16.<ramp:user> vs <ramp:encryptionUser> vs <ramp:userCertAlias>

Advance
1.How to call web services having SSL mutual authentication enabled?
2.How to setup a secure conversation with an STS?
3.How to ceate a new JKS with an existing private key and a signed certificate?
4.Can we have per service, policy based results validators?
5.How to apply policies at binding hierarchy?
6.Can we avoid duplicating crypto info added to RampartConfig in different services.xml files?
7.How to enable NTLM authentication in Axis2 client?
8.What are the Rampart handlers in inflow and what do they do?
9.How to do proxy authenticaion at runtime - in Axis2 client or stub?
10.What are policy subjects and where goes security policy assertions?
11.How Token referencing works in WS-Security?
12.How to add a secured and a non secured end point to the same service?
13.How to enable security for JAX-WS services with Axis2/Rampart?
14.How to generate a non-secured response to a secured request?

Common Errors
1.org.apache.axis2.AxisFault: First Element must contain the local name, Envelope , but found html
2.java.security.UnrecoverableKeyException: Cannot recover key
3.org.apache.ws.security.WSSecurityException: An unsupported signature or encryption algorithm was used
4.[ERROR] Referenced security token could not be retrieved (Reference "#CertId-238146")
5.java.security.NoSuchAlgorithmException: Cannot find any provider supporting RSA/NONE/OAEPPADDING
6.org.apache.axis2.phaseresolver.PhaseException: Did not find the desired phase 'Security' while deploying handler 'PolicyBasedSecurityOutHandler'
7.java.security.InvalidKeyException: Illegal key size or default parameters
8.org.apache.rampart.RampartException: The timestamp could not be validated

Tyrell PereraApache Asia Roadshow 2009

I'll be talking about "Apache Shindig, from Server Side Portlets to Open Social Gadgets" along with Nuwan, on Friday the 4th. Hoping to see you all there.

Have a look at the rest of the line up here.

apacheasia2009 3rd and 4th December @ HNB Towers


Thilina BuddhikaWSO2 Identity Server 2.0.2 Released


The WSO2 Identity Server team is pleased to announce the release of
version 2.0.2 of the Open Source WSO2 Identity Server (IS).

IS 2.0.2 release is available for download at [1].

This is based on revolutionary the WSO2 Carbon [2] framework, Middleware
a la carte’.

All the major features have been developed as pluggable Carbon components.

New Features
—————

1. Various bug fixes and enhancements including architectural improvements to Apache Axis2, Apache Rampart, Apache Sandesha2 , WSO2 Carbon and other projects.
2. Equinox P2 based provisioning support –  extend your IS instance by installing new P2 features [5].

Other Key Features
———————
1. Entitlement Engine with XACML 2.0 support.
2. Claim based Security Token Service.
3. Extension points for SAML assertion handling.
4. OpenID Provider
5. Information Card Provider
6. SAML 2.0 Token Profile support
7. Passive STS

How to Run
——————
1. Extract the downloaded zip.
2. Go to the bin directory in the extracted folder.
3. Run the wso2server.sh or wso2server.bat as appropriate.
4. Point your browser to the URL https://localhost:9443/carbon
5. Use “admin”, “admin” as the user name and password.
6. If you need to start the OSGi console with the server use the
property -DosgiConsole when starting the server

Known issues
———————-
All the known issues have been filed here [3]. Please report any other
issues you find as JIRA entries.

Contact us
—————–
WSO2 Identity Server developers can be contacted via the mailing lists:
For Users: carbon-user@wso2.org
For Developers: carbon-dev@wso2.org

Alternatively, questions can also be raised in the Identity Server forum
at http://wso2.org/forum/308

Training
—————
WSO2 Inc. offers a variety of professional Training Programs, including
training on general Web services as well as WSO2 Identity Server,
Apache Axis2, Data Services and a number of other products. For
additional support information please refer to
http://wso2.com/training/course-catalog/

Support
————–
WSO2 Inc. offers a variety of development and production support
programs, ranging from Web-based support up through normal business
hours, to premium 24×7 phone support. For additional support information
please refer to http://wso2.com/support/

For more information on WSO2 Identity Server, visit the WSO2 Oxygen Tank[4].

Thank you for your interest in WSO2 Identity Server.

-The WSO2 Identity Server team

[1]: http://wso2.org/downloads/identity
[2]: http://wso2.org/projects/carbon
[3]: https://wso2.org/jira/browse/CARBON
[4]: http://wso2.org
[5]: https://wso2.org/wiki/display/carbon/p2-based-provisioning-support

Chintana WilamunaWindows Azure: Taking a peek

Windows Azure is another cloud platform that can be used to deploy applications to the cloud and not worry about rest of the duct tape that's required for smoother operation. Like many things from Microsoft, a killer feature is tight integration with Visual Studio. You can literally build and deploy ...

Paul FremantleSOA and Cloud

Following on from my post about our WSO2 Cloud announcements, I felt it was important to talk about how I see Cloud intersecting with SOA.

Before we talk about Cloud, I want to quickly review where SOA came from. Most of us who started our IT careers in the 80s and 90s will clearly remember the pre-web Enterprise environment. Of course, so will everyone else - because that legacy is still with us. The typical systems were monolithic, complex applications that were completely self-reliant. Any interfacing with other systems was done through batch dumps. Applications grew and grew and grew into monsters because the only option was to enlarge the application - inter-application connectivity was too complex and unreliable to envisage.

The web changed all that, didn't it? Well actually, no. Many web applications are actually inherently monolithic too. Of course there are plenty of web applications that do communicate well with other systems, but they are still in the minority.

How about Cloud systems? Unfortunately, as I look around at the harbingers of Cloud Computing, many of the applications I see are fundamentally built with very little concern for Enterprise Architecture. The focus has been on elasticity. Elasticity is a great feature, but for many applications it is overkill. However, connectivity, partitioning, separation of concerns, and loose coupling are all key to making applications live and grow. As I have blogged about before, the key to effective applications is to ensure that they are not static but can change and improve and re-focus as the business demands.

My strong belief is that Cloud based systems must be built on SOA and modern Enterprise Architecture principals if they are to be effective. In many ways the issue is this: today's cloud applications are often well-defined, clean, insular applications. That is because the typical messy, interconnected enterprise app simply cannot be built in the cloud today. The data isn't available and so companies looking to create cloud applications tend naturally to avoid those. But over time, as these cloud applications grow and more appear, the interconnectedness with each other and with internal data and applications will grow and we will end up with the twisted balls of spaghetti that we've spent the last 10 years unpicking in the Enterprise.

My advice? Don't do it! Start with a simple but clearly defined SOA/Enterprise Architecture for your Cloud applications and in three years time you can look smugly at your competitors as they struggle to do things you find easy.

Paul FremantleObituary

From the Southampton Press: Adam Fremantle.

Samisa AbeysingheCloud is Hot and Cloud has Reasons

It is in the peak of the hype curve, Cloud computing. While in hype's peak, every one jumps on it, so it becomes hot.

However, Cloud Computing also has its reasons for coming into being. And it will change the face of computing, with a lasting effect, in the years to come.

Cloud, as all other technical revolutions, is not going to solve world hunger. But it will help solve many business and IT problems. The most prominent are the pay as you go and use what you need models. You can kick start something, with little and with the hope of expanding, based on the demands. And it is leading computing to the services arena. We used to think about our systems deployments and stacks of hardware that supported the deployment as commodities. No more. Cloud enables us to look at those as services. This coupled with software, provides powerful service platforms. For example, now you can have any computing element, even something like middleware available as a service, thanks to the cloud.

SOA middleware deployed on the cloud can be used to expose your internal enterprise to your external world, including suppliers, customers and partners. The challenge is of course, to leverage the cloud, without compromising security and ensuring the integrity and confidentiality of the piles of enterprise data models. Hence, just for the sake of going with cloud, an organization cannot afford to put everything to run with the cloud. There are elements that you should expose to the cloud and there are elements that you should not.

What could be exposed with less risk? For example, your service interfaces and policies need to be shared with external parties. And those service meta data also has their own lifecycles that you need to monitor and manage closely. Sounds like SOA governance? Yes it is about Governance. Rather than managing your own SOA governance setup, what if you could use it as a service, with proper access control? If you could your CRM run with a software as a service (SaaS) model, why not leverage SOA Governance as a Service?

Piles of legacy data should not be exposed to he cloud, nor it is a good idea to move those to a SaaS model. However, the need to integrate and grant access to trusted parties is real. So how about exposing the internal services as proxies in the cloud and still keep the real services within the intranet, with the warm safe feeling of staying home? Yes that too can be done with a Cloud Services Gateway.


Dimuthu GamageWSO2 SOA Platform Enters in to the Cloud

WSO2 announced the launch of their SOA platform inside the Cloud earlier this week. With this launch, you can try out and use their comprehensive SOA platform inside the cloud.

WSO2 Cloud Platform consists of various products, including

Sanjiva WeerawaranaApache Asia Roadshow in Colombo, Sri Lanka - Dec 3-5th!

Its baaaaaaaaaaaaaack!


Still not registered? What are you waiting for??

Do it now.

Sanjiva WeerawaranaWSO2 cloud platform launched!

After a lot of hard work by a lot of people, we finally launched our cloud platform on Monday!



Check out Paul's blog for some info and of course the Web site. I will blog more later!

Isuru SuriarachchiHow to point to a separate Carbon OSGi Repository?


It’s a well-known fact that all Carbon based products can be deployed on top of other application servers like Tomcat, JBoss, Web Logic etc. For example, WSAS on tomcat, WSAS on Web Logic and ESB on tomcat. When deploying Carbon on a separate application server, we have to point to a Carbon home directory through the CARBON_HOME environment variable.

Some users may set up more than one instance of Carbon, pointing to the same Carbon home. In this case, everything under Carbon home directory is shared by these Carbon instances. That includes configuration files (CARBON_HOME/conf), Axis2 repository (CARBON_HOME/repository) and Carbon OSGi repository (CARBON_HOME/repository/components). Even though sharing of configurations and Axis2 repository is perfectly OK, Carbon OSGi repository can cause problems when it is shared by more than one instance of Carbon.

So this is where we want to point to a separate Carbon OSGi repository while sharing the other stuff. In Carbon 2.x, you can do that by using the CARBON_REPOSITORY environment variable. Set it to some folder and create a folder called ‘components’ inside that folder. Finally start the server.

Example: If your Carbon OSGi repository is at /carbonRepo, set CARBON_REPOSITORY=/carbonRepo and create a folder /carbonRepo/components. Now start the server.

Now your Carbon instance uses the above place as the OSGi repository. After starting the server, you can see lot of folders inside your components folder.

There is something important to remember here. Even though you separate the OSGi repository from CARBON_HOME, if you want to use components/lib folder or components/extensions folder, you have to use them inside CARBON_HOME.

Example : If you want the my-sql driver, you have to place it in CARBON_HOME/repository/components/lib folder. NOT in /carbonRepo/components/lib folder.

So If you are also trying to use the same CARBON_HOME for multiple Carbon instances, make sure you use separate Carbon OSGi repository for each and every instance as shown in the following diagram.

Chintana WilamunaCloud computing and SOA

If you've not already heard the term (gasp!) or don't have an idea about cloud computing you can look no further than the excellent, short presentation titled "Cloud Computing - Why IT matters" by Simon Wardley. Also, read a great paper about the subject "Above the Clouds: A Berkeley View ...

Samisa AbeysingheSOA in the Cloud


The WSO2 Cloud Platform is designed to make it easy for enterprises to take their middleware to the cloud. We address all aspects of SOA middleware and support all the different styles of cloud deployment that enterprises are exploring as they float into cloud computing.

The WSO2 Cloud platform is comprised of Cloud Virtual Machines, Cloud Connectors, Cloud Services and Cloud Middleware.


Paul FremantleWSO2 and Cloud

Today WSO2 is announcing our cloud initiatives. We are offering a set of capabilities - from being able to use and deploy our servers on a pure pay-as-you-use basis with Amazon EC2 to a new connector that integrates your cloud computing and partners with your internal services.

As of today, all of WSO2's products will be available in additional forms:
  • Firstly as Amazon EC2 images ready to go. With a ready-built, hardened Linux core, these "paid AMIs" are fully supported on a completly pay as you go model. You simply pay for them through Amazon - starting at $1/hour - and get production support included.
  • Secondly as VMWare images. Aimed at private clouds, these images are ready to deploy out-of-the-box.
  • Of course all our software is still available for download - and as easy as ever to unpack and get running.
The Cloud Service Gateway is probably the coolest announcement of the day: a simple plug-in to any of our Carbon Server runtimes that seamlessly and securely bridges between internal services and Cloud services. I'll be blogging more about that soon.

We are also offering our first initiative in Software as a Service: Governance. WSO2's Governance Registry is the leading Open Source governance tool. Now you can have your own instance of it, running in the cloud, for free. With just a simple online setup, you can provision users, manage security and start to capture your SOA domain information in a structured way. You can access it via remote systems or through the simple web interface. While the service is in beta, it will be free-to-use. After that there will still be a basic free offering and if you wish to expand beyond that there will be straightforward pay-as-you-use pricing.

I have a lot more to talk about regarding Cloud and WSO2 - so stayed tuned for some interesting blogging!

Tyrell PereraMashup technologies in real-world banking

Mashup technologies in real-world banking, an interesting blog post I came across today, illustrates a potential real world use for Mashups in banking.


Prabath SiriwardenaIntegrating Novell eDirectory with WSO2 Identity Server

You can download an evaluation copy of Novell eDirectory from here.

Then go through this blog post which explains - how to setup an LDAP based user store with Identity Server.


You need to follow exact the same steps - except - you need to have the settings from the above image while installing Novell eDirectory - for the Identity Server LDAP configuration as shown below.

Prabath SiriwardenaSetting up Apache Directory Server as the LDAP User Store

First we need to download Apache Directory Studio from here and install.

Start - Apache Directory Studio.

File --> New and select Apache DS Server





Window --> Show Views --> Other... select Servers



Right click on the 'wso2identity' server on the 'Servers' view and select 'Open Configuration'. Note that default port being set to 10389.



Window --> Show Views -->Connections and right click on the 'Connections' view to select 'New Connection...'.



Set hostname and port number of the server we just created.



Default password of admin is 'secret'.



Done. View the LDAP Browser. Now we are going to add a new user.Right click on 'ou=users' and select 'New Entry'.





Select 'inetOrgPerson' from left and add.



Set the attribute values for the user.





That's it - we are done.

Thilina BuddhikaUsing Axis2 Dynamic Client to invoke Secured Web Services


This post has been moved to : http://blog.thilinamb.com/2009/11/using-axis2-dynamic-client-to-invoke.html

Damitha KumarageSecuring Axis2/C Web Services with SSL

Axis2/C has strong support for message level web services security. It also provides wire level protection between web services and its clients. In this guide I do not detail basics of Axis2/C web services. You can refer for them else where. WSO2 Oxygen Tank is a good place for you to refer. Here are the [...]

Prabath SiriwardenaAmazon CloudFront with Blogger blogs as a Content Delivery Network

Web sites like CNN, Yahoo and many more with high traffic use a Content Delivery Network like Akamai - so end users have to spend less time waiting for the web page to load on their screens.



Amazon CloudFront delivers the content using a global network of edge locations. Requests for your objects are automatically routed to the nearest edge location, so content is delivered with the best possible performance.

This blog post explains how to setup Amazon CloudFront with your blog.

First you need to have an Amazon account and signed up for an S3 bucket.

This explains everything you need to know - to set that up.

Now - you have an S3 bucket - say facilelogin.

Then - we need to sign up for a CloudFront account.

Go to http://aws.amazon.com/cloudfront and sign up with the same Amazon credentials you used before.

Now - sign in to the CloudFront management console.

Click the link - Create Distribution.

Set Origin as the S3 bucket you created earlier.

Give a child domain of your blog as the CNAME [e.g. cache.facilelogin.com]

This will create a CloudFront for the set S3 bucket.

Once you highlight the distribution you created - you can see it's details on the bottom panel.

Note down following.

Domain Name : d2npqrbnybq989.cloudfront.net
CNAME : cache.facilelogin.com

Now - you need to add a CNAME record to your domain.

I got my domain from Yahoo - so to add a CNAME record there, first sign in here, and a CNAME record to your domain with,

Source : cache.facilelogin.com [Value corresponding to the Amazon distribution CNAME]
Destination : d2npqrbnybq989.cloudfront.net [Value corresponding to the Amazon distribution Domain Name]

That's it - give some time to get your CNAME updated.

Now - add whatever content you want to - the Amazon S3 bucket and refer to content from you blog as http://cache.facilelogin.com/[resource name].

The image shown in the post is loaded from the S3 bucket - managed by Amazon CloudFront.

Eran ChinthakaDivided We Fail and United We Prevail : Sri Lankan Politics and Our War Heroes

Yesterday heard the news that Sri Lankan army commander who led us to defeat LTTE got retired. It looked like a normal news, but once I looked at his resignation letter, it seemed lots of things had gone wrong for him.





Army Commander General Sarath Fonseka,President Mahinda Rajapaksha and Defense Secretary Gotabhaya Rajapaksha

We ended a 30 year war which hindered the prosperity and progress of our country. Every Sri Lankan was happy and then I thought now Sri Lanka is safer than even US. This couldn't have been possible without our president Mahinda Rajapaksha, Defense Secretary Gotabhaya Rajapaksha and our army commander Sarath Fonseka. Even with all the international pressure and various other forces, this trio proved the fact that we can win the war without any foreign support.

Sarath Fonseka, irrespective of his political intentions, if any, is still one of the heroes in the country. He fought for our country and on April 25, 2006 he even survived an assassination attempt when an LTTE suicide bomber attacked his motorcade (so did Gotabhaya Rajapaksha in December 2006).

But now it seems there is a friction between the president and the commander, making him even to resign and enter in to politics to compete with the president. This is very very bad for the unity of the country. Also I'm sure he still have death threats from LTTE supported and removing/reducing his security guards is not a prudent thing.

In some sense I liked Sarath Fonseka being the next presidential candidate from the opposition, because then we will see a real and heated election campaigns going on between the two parties (as you might probably know, the current opposition leader is way behind current president and must have lost more than 20 consecutive elections).

But the problem is

1. We will be divided once again. Every Sri Lankan loved our army commander and president for ending this war. But when these two are on two different sides what will happen to the people?
2. The opposition was trying to get in to power for a long time and this time they will take undue advantage of the commander, making Mr. Fonseka also become notorious for all the bad things they have done.

For once I thought everything is gonna be alright. But now I'm not feel good about that. Earlier we suffered because of the separatist terrorists. Now we will suffer because of our own people.

Prabath SiriwardenaHands on CLOUD while legs on EARTH

GlobeHands
1. Sign up for S3

Go to http://aws.amazon.com/s3/ and sign up for an Amazon S3 account.

Amazon S3 is storage on cloud.It provides a simple web services interface that can be used to store and retrieve any amount of data.

Read more on S3 from http://aws.amazon.com/s3/faqs/

2. Tools

Once you created the storage on cloud - there are tools which let you talk to the S3 iterface from your local computer.

CloudBerry Explorer is the one I use, it makes managing files in Amazon S3 storage EASY. By providing a user interface to Amazon S3 accounts, files, and buckets, CloudBerry lets you manage your files on cloud just as you would on your own local computer.

3. S3 with CloudBerry Explorer

Start CloudBerry Explorer --> File --> Amazon S3 Account --> New Account

Here you need to provide, an Access Key, a Secret Key and a Display. Make sure you tick the 'Use SSL' tick box.

To find your Access Key and the Secret Key - first you need to login to http://aws.amazon.com/account/ with your Amazon credentials and click on the link for 'Security Credentials'

Once you are there you can see both your Access Key ID and Secret Access Key listed under Access Keys.

Copy thoe keys from there and give those to CloudBerry Explorer.

Once you create the new account in CloudBerry Explorer - it will be listed under 'Source'.

Select your account from 'Source' - CloudBerry Explorer will talk to your S3 account and will display the buckets you created.

4. Buckets

Just like a bucket holds water, Amazon buckets are like a container for your files. You can name your buckets the way you like but it should be unique across the Amazon system.

To create a Bucket from CloudBerry - click the 'New Bucket' icon in blue on the top row.

Amazon S3 offers storage in the United States and in Europe (within the EU). You can specify where you want to store your data when you create your Amazon S3 buckets.

Keep in mind that the bucket namespace is shared by all users of the system. So the name you give needs to be unique accross the system.

Once you created the bucket - that will be displayed in the left pane of the CloudBerry Explorer.

Right click on the bucket and select 'Web URL' - that will show the web url to access your bucket [e.g. http://facilelogin.s3.amazonaws.com/]

Type that on a web browser and try to access it - you won't be.

Now you need to set the access control setting for your bucket.

Once again right click on the bucket and select ACL and then ACL Settings.

If yu want all the users to have read access to your bucket - then select 'All Users' and set 'Read' permission.

Now - try to access the link from the web browser.

To move data from your local machine to the S3 bucket in the cloud - just drag and drop the files from the right pane to the S3 bucket on the left pane.

5. Sign up for EC2

Amazon Elastic Compute Cloud (Amazon EC2) is a web service that provides resizable compute capacity in the cloud.

Just as Amazon Simple Storage Service (Amazon S3) enables storage in the cloud, Amazon EC2 enables “compute” in the cloud.

Go to http://aws.amazon.com/ec2/ and sign up for an EC2 acount. You can use same Amazon credentials you used to create the S3 accont.

Read more on EC2 from http://aws.amazon.com/ec2/faqs/

6. Amazon Management console

Now, go to htp://aws.amazon.com/console/ - select EC2 from right hand side combo box and 'Sign in to the AWS Console'.

The AWS Management Console gives you a quick, global picture of your cloud computing environment so that you can see what resources you’re operating and conveniently manage those resources

7. Starting an EC2 instance

Once you sign in to the Amazon Management console, you will see a dashboard.

To start using Amazon EC2 you will want to launch a virtual server, known as an Amazon EC2 instance.

Click on the link 'Launch Instances'.

Now - this will display a set of available AMI(Amazon Machine Image)s.

Select any AMI you want - I selected 'Basic Fedora Core 8'.

In the next screen - set the number of instances as - 1.

Select create new key pair.

Public/private key pairs allow you to securely connect to your instance after it launches. To create a key pair, enter a name and click Create & Download your Key Pair.

You will then be prompted to save the private key to your computer. Note, you only need to generate a key pair once — not each time you want to deploy an Amazon EC2 instance.

Let's also create a new security group - accept the default settings there only giving access to SSH port.

Security groups determine whether a network port is open or blocked on your instance(s).

Once you are done with all tha - you'll be back on the dashboard and under 'Instances' - you can see the instance you started now.

Click on that instance and you'll see all the details about it listed down - and copy the Public DNS value[e.g: ec2-75-101-193-101.compute-1.amazonaws.com]

Now - you have a Fedora instance running on the cloud.

Let's see how to login in to it from the local machine.

8. Putty

I am using Putty under Windows, to SSH in to my Fedora instance running on the cloud.

First we need to setup the private key with it. [Rember we download a key while launching the AMI].

Start Putty --> Session --> Set Host Name - the Public DNS of our running Fedora instance.

Go to Connection/SSH/Auth - set the private key file for authentication.

Here it requires the private key in PPK format - but what we downloaded is in PEM format.

Now we need to do a conversion - we can use puttygen for that.

Once done set the PPK file as the private key file for authentication in Putty.

Now, go to Connection/Data - set 'root' as the Auto-login user name.

Now - we are done - click on 'Open' to connect to your Fedora instance running on EC2.

9. Launching a Windows Instance

Hear we try to launch a Windows Instance and try to remote login in to it.

Before launching a Windows AMI - let's first create new Security Group.

From the main dashboard - you can select 'Security Groups' and then create a new secuirty group.

Once created - allow RDP connection for this security group - to allow windows remote login.

Now - in the same way we did before - launch a Windows AMI - but make sure you set it's security group - the one we just created with RDP connections allowed.

To get the Windows admin password to login through remote login - highlight the Windows instance from Dashboard/Instances - select Instance Actions/Windows Actions/Get Windows Admin Password.

Charitha KankanamgeRunning WSO2 Carbon based products on IBM JDK

The next minor release of WSO2 Carbon product platform (2.0.2) will be fully compatible with IBM JDK (IBM J9 VM 2.4). You simply need to update transports.xml as follows in order to run any of the WSO2 carbon based product on IBM JDK.

Open CARBON_HOME/transports.xml

Add the following parameter to HTTPS transport configuration

<parameter name="algorithm">IBMX509</parameter>

Now, restart carbon. Server will be started successfully on IBM JDK.

Carbon-2.0.2 product platform will be released within next week. Stay tuned..

Tyrell PereraPotato, potahto, Tomato, tomahto, Let's call the whole thing off ...

A really good cover of Louis Armstrong's Let's Call The Whole Thing Off. This was in my YouTube "Recommended for You" list. YouTube knows me so well ...  :)


Verse
Things have come to a pretty pass
Our romance is growing flat,
For you like this and the other
While I go for this and that,
Goodness knows what the end will be
Oh I don't know where I'm at
It looks as if we two will never be one
Something must be done:

Chorus - 1
You say either and I say either, You say neither and I say neither
Either, either Neither, neither, Let's call the whole thing off.

You like potato and I like potahto, You like tomato and I like tomahto
Potato, potahto, Tomato, tomahto, Let's call the whole thing off

But oh, if we call the whole thing off Then we must part
And oh, if we ever part, then that might break my heart

So if you like pyjamas and I like pyjahmas, I'll wear pyjamas and give up
pyajahmas
For we know we need each other so we , Better call the whole off off
Let's call the whole thing off.


Chorus - 2
You say laughter and I say larfter, You say after and I say arfter
Laughter, larfter after arfter, Let's call the whole thing off,

You like vanilla and I like vanella, You saspiralla, and I saspirella
Vanilla vanella chocolate strawberry, Let's call the whole thing off

But oh if we call the whole thing of then we must part
And oh, if we ever part, then that might break my heart

So if you go for oysters and I go for ersters, I'll order oysters and cancel
the ersters
For we know we need each other so we, Better call the calling off off,
Let's call the whole thing off.


Chorus - 3
I say father, and you say pater, I saw mother and you say mater
Pater, mater Uncle, auntie, let's call the whole thing off.

I like bananas and you like banahnahs, I say Havana and I get Havahnah
Bananas, banahnahs Havana, Havahnah, Go your way, I'll go mine

So if I go for scallops and you go for lobsters, So all right no contest we'll
order lobseter
For we know we need each other so we, Better call the calling off off,
Let's call the whole thing off.



Krishantha SamaraweeraHow to capture popup windows using selenium.

I am going to discuss on selenium popup handling specifically with selenium RC. I was searching though internet for a while to find a solution for processing of popups though selenium.But I was unable to find best fit answer for my test scenario. I wanted to capture pop-up window do some processing then close the popup and get back to parent window again.Anyway by following the reference guides and other available materials I was able to implement the the above mentioned test scenario.

As per my understanding selenium IDE supports capturing popup windows but get back to parent window is not supported. I tried several times and failed to set focus to parent window again. Selenium API doc says, in order to select parent window again, use selectWindow() methods with null parameter. But that didn't work for me. selenium RC was fail to select the parent window again. There are several API methods available in selenium to detect required references for popup windows. Those are

selenium.selectWindow();
selenium.getAllWindowIds();
selenium.getAllWindowNames();
selenium.windowFocus();
selenium.waitForPopUp();
selenium.close();

In my case,I have followed implementation give below to write the test scenarios in junit.

click the popup window link

selenium.click("link=Feed");

Get the pop up window ID.

String feedWinId = selenium.getEval("{var windowId; for(var x in selenium.browserbot.openedWindows ) {windowId=x;} }");

Select the popup window.In order to select it, you must somehow identify it. Various identification methods are available with selectWindow() function see http://release.seleniumhq.org/selenium-remote-control/0.9.0/doc/java/ for more details

selenium.selectWindow(feedWinId);

Set focus to popup window.

selenium.windowFocus();

//Then do some proccssing

close the popup

selenium.close();

select parent window again. You need to know the window title or name

String[] winFocus;
String winTitle;
winFocus = selenium.getAllWindowTitles();

If there is more than one open windows you have to iterate though winFocus array and find the correct window to set the focus.

winTitle = winFocus[0];

if (winTitle.equalsIgnoreCase("WSO2 Management Console")) {
selenium.selectWindow(winTitle);
}

If you need to wait for the popup then use

selenium.waitForPopUp(winID, time-ms);

I hope above instructions will help you in dealing with pop ups. Please feel free to comment and ask questions

Source code of the test : https://wso2.org/repos/wso2/branches/commons/qa/web-test-framework/2.0.2/registry/src/test/java/org/wso2/carbon/web/test/registry/FeedsTest.java

Prabath SiriwardenaHashing alone is NOT a life saver

Hashing is a one way - irreversible algorithm which is used to store passwords in databases.

So - nobody other than you know what your actual password is.

When you create your password - your password will go through the hashing algorithm and the hashed password will be stored in the database.

When you try to login - you enter your password in clear text - then the application will calculate the hash of the entered password and will match that with the hashed password already stored in the database. If matches, you will let in.

How does this make your password safe?

Say somebody hacked in to the database.But - still he cant see your password in clear text. So - he can't login to your account. Hacker will only get access to the hashed password - but not to the password in clear text. Keep in mind - you can't never login with the hashed password. That is bacause - what ever you enter as the password will go through a hashing algorithm and that hashed value will be matched with hashed password in the database. In case if you enter the value you found from the database - which is actually the hashed password - then that will be rehashed by tha application and try to match with the hashed password from the database - which will obviously fail.

But - is this safe enough ?

The hacker who has access to your database can still replace your hashed password with a hash he caculated with a clear text known to him. Then he can login to your account with the clear text known to him - because it will be evaluated against the hash value he replaced in the database.

That is; hashing alone is never safe.

Whenever you store anything in clear text as a hashed value - you need to store it as a salted hash.

In cryptography, a salt comprises random bits that are used as one of the inputs to a key derivation function. The other input is usually a password or passphrase in clear text. Output is the 'salt' value. Now - the application will caculate the hash value of password in clear text + the salt value and store that in the database.

Application will also store the salt value - but for best security, the salt value should be kept secret, separate from the password database.

When a user enters his password for login - the application will retreive the salt value and caculate the hash over both the salt and the entered password - and will match the result with the hash value stored in the password database.

In case a hacker having access to the database replaces the user's password with a hash value of a clear text known to him - still the password verification will fail - bacause now the hash is not just caculated with the password along - it's from both the password and the salt value. In this case if the hacker wants to access user account he should be able to gain access to the database which stores hash values as well.

So - the bottom line is - hashing along is never secure - salted hashing much secure - but all that will make it's hard to break - but never stop from breaking fully.

Although you store clear text passwords as salted hashes - it's never an alternative to not to secure access to the database.

Kaushalye KapurugeDr Kohana @ ABC lateline

More or less I have the same view on the issue. Dr. Kohana @ ABC - Lateline

Tyrell PereraTen Lessons from Military to markets By Dr. Uditha Liyanage

Source: Ministry of Defence - Sri Lanka | Official Defence News Provider
Who and where you want to be?" (Role and scope) are the twin questions that need to be answered, in depth. Then, only then, should you ask, "Where do you want to go and how do you get there?" (Goal and path)

Figuring out the competitor's thinking pattern and belief system or competitor ideology assessment (CIS) is often not attempted deliberately. An analysis of the competitor's response patterns, over time, in multiple situations, and a reading of the ideology and life styles of the competitors' key decision makers could make such an assessment possible.

Best read so far this week :)


Sanjiva WeerawaranaTalk on "State of Services" at EDGE APAC in Canberra, AU

I gave a keynote talk this morning at EDGE APAC in Canberra on the topic of SOA .. sort of a walk thru the history, what has been achieved and what the future is like. Yeah, all in 1hr.

State Of Services

Sanjiva WeerawaranaWSO2 practicing open development further

From the time we started WSO2, Paul and I have both been completely certain that we always wanted to be a truly open company. That is, not a proprietary/closed company which simply releases software under an open source license, but rather a company which is more like an open source project in terms of how it does its technical work. The reason for this is because we believe that being open will bring more people to participate in our work which will eventually help us do better than our less-open competitors. Nope, we are not about to share how we do are doing business :-).

That of course comes from our Apache legacy of having started so many different projects and watching many of them succeed beyond our wildest dreams. Apache SOAP, Apache Axis, Apache Axis2, Apache Synapse, Apache WSIF are some of the examples.

We of course started the WSO2 Oxygen Tank (http://wso2.org/) for exactly that purpose. ALL of our code is there and we had a ton of different mailing lists for all the different projects.

That’s where the problems first started – by having separate mailing lists for each project/product, it became cumbersome for us to keep track of all the lists and to participate properly in all of them. Also, as we moved towards unifying our products around a single framework (as we’ve now done with WSO2 Carbon), the separate lists meant that every conversation had to be cc’ed to multiple lists – very annoying when you’re on the receiving end via multiple lists.

The other part of the problem was that we also had to have some internal communication mechanism to discuss customer issues. So we set up an internal list called architecture@ which was meant to be ONLY for customer issues – stuff that we couldn’t discuss publicly because they involved specific customer issues. However, due to a variety of reasons, over time the architecture@ list became the place where we ended up discussing many of the core issues that we went through when making the transition to Carbon.

Not any more!

We have recently done a MAJOR re-org of all the @wso2.org lists and also done a major cleanup of all internal lists. Now on wso2.org we have:

  • 3 –dev lists: carbon-dev, wsf-dev and commons-dev. Carbon-dev is for all discussion related to all Carbon core stuff and every product built with it (ESB, WSAS, BAM etc.). WSF-dev is for discussion related to Web service frameworks – the low level stuff that provides WS-* functionality for Carbon. Commons-dev is to discuss all “other” projects in OxygenTank; stuff that’s common to various bits but not strictly a Carbon product or a WSF product.
  • Corresponding –issues and –svn lists: to separate user discussions, JIRA notifications and SVN notifications, respectively.
  • Per product –user lists and of course forums.
  • New public architecture@wso2.org list which is used for all architecture discussions. If you’re more of a high level person then that’s the most interesting list to participate in to understand what we’re doing, why we’re doing it, how we’re doing it and of course to be part of the process of deciding what/when/how we do it. Competitors are welcome, especially those that want to de-cloak ;-).

Internally, the architecture@ list is gone for good! Instead, we now have a support-dev list to discuss customer issues and ONLY customer issues. In addition, we have a strategy@ list to discuss how we plan to take over the world (;-)) and a few other lists which will become apparent soon! However, if the discussion is related to any architectural matters related to any of our products, it WILL happen on architecture@.

Want to be part of our [extended] family? Come join us on architecture@wso2.org. See: http://wso2.org/mail.

Prabath SiriwardenaInteroperability Through Community

Prabath SiriwardenaSecured SOA


Tyrell PereraWSO2 Mashup Server at Mashup Australia



Mashup Australia is an initiative by the Australian government to open up public data for broader consumption. It's similar to what they've done in Washington, but closer to home. So I decided to submit an entry on behalf of the WSO2 Mashup Server team.

The Mashup;
  1. Uses data provided by the Australian government (an Excel spreadsheet) regarding the country’s mines and exposes them as a Data Service (using WSO2 Data Services)
  2. The Mashup consumes this Data Service (just another SOAP Web Service), processes the data and publishes in a format easily palatable by the client side Javascript
  3. On the client side with Google Maps the data is displayed according to the geographical location of the Mines. Using the filters available, the Mines can be pin pointed based on the type of mineral(s) they harvest.
If you like this mashup, please don't forget to rate it!


Ayanthi AnandagodaGoogle Roams Australia for Street View Re-take


About time too!

Whoa, we just noticed property listings on maps.

HINT 1: Please update Werribee Center Link location. The last time I followed your advice  got almost copped frantically looking for Center Link down Princess Highway!

Hint 2: PointCook is not more the land with shepard and sheep. Apart from the most awesome looking newly built town center, there’s quite a few new townhouses that’s come up as well. And you no longer have to exit BoardWalk Bvd and come back in order to get to Forsyth road freeway exit. LOL.

And don’t forget to give us a call when you are around, we are the friendly neighbours :)

Sanjiva WeerawaranaAdam Fremantle (1934 to 2009)



The entire WSO2 family grieves for Paul and his entire family at this sad time.

Isuru SuriarachchiHow to invoke an Axis2 JAXWS service RESTfully?


Have you ever tried to invoke an Axis2 JAXWS service in RESTful manner? Was it successfull? If not, you will find the reason in this post. And also you will find how to do it.

Most of the time we write simple JAXWS services like this..

@WebService
public class JAXWSAARService {

@WebMethod (operationName = “echo”, action = “urn:echo”)
public String echo(String in) {
return in;
}

}

In this service, @BindingType annotation is not used and according to the JAXWS specification, the default is SOAP 11 binding. So the generated WSDL for the above service will only generate a SOAP 11 binding. That’s why we can’t invoke the service in RESTful manner. If you try it, it will give you the following error.

“Incoming message protocol does not match endpoint protocol.”

In order to invoke a service RESTfully, an HTTP binding is needed. Therefore in the above service, you have to use the @BindingType annotation and set it’s value to HTTP binding as follows.

@WebService
@BindingType(value= HTTPBinding.HTTP_BINDING)
public class JAXWSAARService {

}

Now the Axis2 JAXWS deployer will generate an HTTP binding for you. Now you can invoke the service RESTfully using the following URL.

http://localhost:8080/axis2/services/JaxwsAarService.JaxwsAarPort/echo?in=hello

 

 

Eran ChinthakaGetting Ubuntu 9.10 wireless working with HP laptop or Dell mini

I was really excited to install Ubuntu 9.10 on my laptop to dual boot with Windows 7.

After the smooth installation, all the hardware components were installed except wireless. But this was (sort of) an easy fix. This fix worked for my HP dv5-1235dx laptop and Dell mini 10 netbook.

For laptops with CD/DVD drives,
  • Insert Ubuntu installation CD in to your CD drive.
  • Goto System -> Administration -> Software Sources and click on "Ubuntu Software" tab.
  • Under the Installable from DVD section, make sure you select "CDROM with Ubuntu 9.10 ....." option is selected. Also select all the options under "Downloadable from the internet" is also selected.
  • Then go to System -> Administration -> Hardware Drivers. After the detection process, you should see "Broadcom STA wirless driver". Select that and press "Activate".
  • Once you are done, restart your computer. You should see your wireless working.
For laptops with no CD/DVD drives
  • Plug-in and mount your USB drive which you used for Ubuntu installation.
  • In USB Goto POOL->RESTRICTED->B->bcmwl.
  • Install the deb file inside it using "dpkg -i
  • Once you restart your computer, your wireless should be working.

Kalani RuwanpathiranaCode Plugin for Blogger - How to Install Syntaxhighlighter

I found a nice blog post explaining how to install Syntaxhighlighter code plugin to blogger. It is very simple and works great. Some additions 1. If your browser is Firefox, you should add the styles manually     * copy the stylesheet at the location http://syntaxhighlighter.googlecode.com/svn/trunk/Styles/SyntaxHighlighter.css     * Go to Layout --> Edit HTML     * Paste the stylesheet before ]

Sanjiva WeerawaranaAmerica takes the wrong side in anti-terror fight

Nope, not my title :-). Its an editorial by The Washington Times on October 28th.

Really worth reading – it talks about how stupid the US is being by challenging Sri Lanka with a war crimes charge about how the LTTE war was won.

Isuru SuriarachchiSri Lanka wins 2 Bronze medals and 3 Honourable Mentions in the 50th IMO


It was a great pleasure for me to know that Sri Lanka has won 2 bronze medals and 3 honourable mentions in the 50th International Mathematical Olympiad (IMO) competition held recently in Germany. Our students have scored 74 marks and become the 50th in the rankings out of 104 countries. This is a great achievement in the context of IMO.

I had the opportunity of representing Sri Lankan team in the 44th IMO which was held in Japan. Our team could score only few marks and we were among the lowest scorers in the rankings. It’s an extremely tough competition and normally other counties prepare students for IMO from their childhood.

Contestants must be below 20 years and must have not entered a university. Competition is held for 2 days and 3 problems are given each day. Time for a problem is 1.5 hours. Each problem carries 7 marks and the total is 42.

Mr. Chanakya J. Wijeratne who is a senior lecturer at the department of mathematics, university of Colombo, is the person who is behind this great success. He has been training students for IMO for more than 6 years now. We also were trained under him and he is doing a great job for our country.

I think our students can win more and more medals in IMO (even golds) if we can train them at least for one year. Definitely the required brains are there. What we lack is training. So well done boys.. Keep it up..

Isuru SuriarachchiSachin passes 17000 in style


Cricket is almost like a religion in India and Sachin is a god for Indian cricket fans. What a player he is.. Still hungry for runs, still scores centuries, still a match winner ans still improving.

sachin

The little master passed 17000 ODI runs with a huge century which almost took India home in the high scoring 5th ODI against Aussies. Who can break Sachin’s batting records? Actually I don’t see any one. And also I think there won’t be anyone for some time. 17000 ODI runs with 45 hundreds and 91 fifties. Almost 13000 test runs with 42 hundreds and 53 fifties. Oh.. unbelievable for a cricketer.

I always enjoy his batting when he’s not playing against Sri Lankans :) . It’s great to watch his beautiful cover drives, straight drives, cuts, pulls etc. with an excellent technique.

I think he will play until the 2011 world cup and will definitely produce more and more centuries for India. So Sachin, score tons of runs against all the counties other than Sri Lanka :) . Thanks for providing great entertainment for over 2 decades.. Keep going..

Tyrell PereraMid-Market CEOs Share Best Practices

Paths to Revenue: Mid-Market CEOs Share Best Practices - HBR Now - Harvard Business Review
a recent survey of approximately 50 mid-market CEOs revealed that what was keeping them up at night was figuring out how to optimize the sales channel. Basically, "Is there a better path to revenue and profit?"
Not surprising. Read on to see the authors suggestions ...


Eran ChinthakaApachecon 2009 Web services talks

Thought of putting out the talks I did in Apachecon.

First talk "Axis2 Landscape" gives an introduction to Apache Axis2 project and also provides some information on the architecture of Axis2.

In the second presentation, me and Afkham Azeez talked about some use-cases where Axis2 and Apache WS projects were used.

Nandika JayawardanaBetter Open Source Enterprise C++ Web Services-webinar

I will be doing a webinar on WSF/C++ on 10th November. If you are looking to incorporate native web services stack in your web services solution, this webinar will be of great value for you to evaluate WSF/C++ and get to know the capabilities and get started and what's more its free. This webinar will be a technical oriented one with covering lots of details on how you can use WSF/C++ framework.

wsf-c -banner-ot

Registration for webinar is now open. Looking forward to seeing lots of you turn-up for the webinar. :)

Damitha KumarageLogic

Of all Mathematics I learned at my undergraduate courses I value most the simple but powerful two logics which I consider are very useful in understanding the world. They are, 1. x ⇒ y (x implies y or if x then y) 2. x ⇔ y ( x if and only if y) These two logics apply in most [...]

Kalani RuwanpathiranaExtracting the Text from XML Documents for Indexing Purposes

In the process of creating an index for content searching I had to index XML document without XML tags. In simple terms I had to extract every text node from the document. I used the SAX API in doing this and it was just a matter of writing an event handler for character data. The following piece of code shows the way to do it. final StringBuffer sb = new StringBuffer(); try{ SAXParserFactory

Kalani RuwanpathiranaIndexing PDF Documents with Lucene

There is no built in support in Lucene to index PDF documents. Therefore the text should be extracted from the document before indexing. A tool which can be used for this purpose is PDFBox. PDFBox is an open source project under BSD license. Although there are many other PDF tools, I experianced that this perfectly fits with Lucene. The little extra thing need to be done here is extracting the

Kalani RuwanpathiranaHow to Index Microsoft Format Documents (Word, Excel, Powerpoint) - Lucene

As my previous post shows how to index PDF Documents, I thought that it would be worth to post how to index Microsoft format files too because those file types are very commonly used. Lucene always requires a String in order to index the content and therefore we need to extract the text from the document before giving it to Lucene for indexing. To parse the document we can use Apache POI which

Kalani RuwanpathiranaWriting a Simple Atompub Client Using Apache Abdera

The atom publishing protocol (similar to RSS but with an enhanced ability) is an application level protocol for editing and publishing web resources for periodically updated web sites, using HTTP. An atom document which adheres to the Atom syndication format spec, is used as an atom feed or entry. Apache Abdera implements this protocol and exposes a simple API to make the thing easy. The way to

Kalani RuwanpathiranaHow to Replace Strings in Java - Using java.util.regex package

Replacing a charater in a String is just a matter of adding a one line to the code. originalString.replace(oldChar, newChar) ex. String originalString = "This/is/my/string"; System.out.println(originalString.replace('/', '|')); Then the output will be "This|is|my|string" Anyway how can we replace a character or number of characters(a substring) with another string. This can be done using the

Kalani RuwanpathiranaAbdera Client - Using teardown()

I was working on a program which makes several requests to Abdera back end from the client. The client was designed to use a new AbderaClient per request and teardown method was not used on AbderaClient instance after using. This led to an exception when I run it concurrently (by using about 100 threads). AbderaClient uses HTTPClient and MultiThreadedHttpConnectionManager. Teardown method is the

Kalani RuwanpathiranaHow to Plot Moving Graphs Using Flot Library

Plotting a moving graph is nothing other than plotting an instance of a varying data set at each refresh. However, to get the moving effect you need to change the data set as stated below 1. Discard the leftmost Y value of the previous step 2. Shift the remaining Y values to the left 3. Add the new coming value as the rightmost Y value Flot is an opensource Javascript

Paul FremantleAdam Fremantle (1934-2009)

Isuru SuriarachchiCan we deploy additional web applications in Carbon??..


This is a very common question and most people are asking this again and again. Answer to this question is like “Yes and No” :) . So let me explain it in bit more details.

As you may already know, the standalone carbon server is build on top of an embedded Tomcat instance. Carbon is deployed within it as any other web application. In other words, Carbon itself is a web application. So it should be possible to deploy additional web apps in this embedded Tomcat instance and they should run in parallel with Carbon. But practically this is not the case.

We have done some customizations to this embedded Tomcat instance to support our OSGi based Carbon framework mounted on top of it. There are some additional libraries in CARBON_HOME/lib (equal to TOMCAT_HOME/lib) which are related to Carbon framework. Those jars can cause problems for your web application as Tomcat uses parent first class loading. And also, in Carbon we haven’t used all libraries which comes with a normal Tomcat instance. Therefore, some functionalities which are needed for full web application support may be not there.

Today, one user came up with a very good question. That is “If you have customised the embedded Tomcat instance to support Carbon, are we going to miss some functionalities when Carbon is deployed in some other Application server?”. The answer is “No”. So don’t worry about that :) . Those customizations are not directly related to product functionalities. All Carbon based products are tested on may application servers like Tomcat, WebLogic, WebSphere etc.

So in conclusion, we don’t recommend deploying other web apps inside any of our Carbon based products. But basic web apps will work. If you want to have your additional web apps in parallel with Carbon, the recommended approach is to deploy Carbon in some other application server and deploy the other web apps inside the same application server.

Denis WeerasiriMoFilm : Learn to Learn : UoM


Learning is something, students do, not something done to students. This mobile movie is directed and produced by a team of students from 06 batch-Faculty of Engineering, University of Moratuwa.
The project is an outcome of my digital video production course coordinated by Department of Computer Science and Engineering. Other team members are displayed at the end of this clip.


 

Denis WeerasiriProject Proposal-Association Rule Mining with Extended Vertical Format Data Mining


The goal of this research is to propose a better alternative to Apriori algorithm, and proving the efficiency enhancement by using a dataset. With the benchmarks of the datasets, the proposed algorithm will be tested along with the test parameters got from the Apriori Algorithm. The improvements on the performance and efficiency will be published based on the data gathered by the testing for the itemsets.



 

Denis WeerasiriProject Proposal-Association Rule Mining with Extended Vertical Format Data Mining

The goal of this research is to propose a better alternative to Apriori algorithm, and proving the efficiency enhancement by using a dataset. With the benchmarks of the datasets, the proposed algorithm will be tested along with the test parameters got from the Apriori Algorithm. The improvements on the performance and efficiency will be published based on the data gathered by the testing for the itemsets.


PROJECT PROPOSAL-Association Rule Mining with Extended Vertical Format Data Mining -

Charitha KankanamgeHow to configure persistent RM in WSO2 WSAS

WSO2 Web Services Application Server (WSAS) provides with a storage manager in which you can persist messages transmitted between RMS (reliable messaging source) and RMD (reliable messaging destination). By configuring persistent RM, you can prevent messages loses even if the server is down. This post guides you through the steps to configure persistent RM in the latest versions of WSO2 WSAS (WSAS-3.*). I assume you have a basic understanding about WS-RM, if not, please read http://www.infoq.com/articles/fremantle-wsrm-introduction first.
Pre-requisites
Download and install WSO2 WSAS-3.1.1

Persistent implementation of WS-RM will be supported in most of the popular DBMSs. However, I will use MySQL server 5.* in this demonstration. Therefore, install and configure MySQL.

Step 1
As the first step, we need to create the persistent storage which is going to be used in reliable message transmission. Lets create a data base and the necessary table as follows.

mysql>create database SANDESHA_DB;


mysql>use SANDESHA_DB;


mysql>create table wsrm_sender (
message_id varchar(255) not null,
message_context_ref_key varchar(255),
internal_sequence_id varchar(255),
sequence_id varchar(255),
to_address varchar(255),
inbound_sequence_id varchar(255),
send smallint,
sent_count integer,
message_number bigint,
resend smallint,
time_to_send bigint,
message_type integer,
last_message smallint,
inbound_message_number bigint,
transport_available smallint,
flags integer,
primary key (message_id)
);

mysql>create table wsrm_rmd (
sequence_id varchar(255) not null,
to_epr_addr varchar(255),
to_epr blob,
reply_to_epr_addr varchar(255),
reply_to_epr blob,
acks_to_epr_addr varchar(255),
acks_to_epr blob,
rm_version varchar(255),
security_token_data varchar(255),
last_activated_time bigint,
closed smallint,
terminated_flag smallint,
polling_mode smallint,
service_name varchar(255),
flags integer,
reference_message_key varchar(255),
highest_in_message_id varchar(255),
last_in_message_id varchar(255),
server_completed_messages blob,
outof_order_ranges blob,
to_address varchar(255),
outbound_internal_sequence varchar(255),
next_msgno_to_process bigint,
highest_in_message_number bigint,
rmd_flags integer,
primary key (sequence_id)
);

mysql>create table wsrm_rms (
create_seq_msg_id varchar(255) not null,
sequence_id varchar(255),
to_epr_addr varchar(255),
to_epr blob,
reply_to_epr_addr varchar(255),
reply_to_epr blob,
acks_to_epr_addr varchar(255),
acks_to_epr blob,
rm_version varchar(255),
security_token_data varchar(255),
last_activated_time BIGINT,
closed smallint,
terminated_flag smallint,
polling_mode smallint,
service_name varchar(255),
flags integer,
id bigint,
internal_sequence_id varchar(255),
create_sequence_msg_store_key varchar(255),
reference_msg_store_key varchar(255),
last_send_error blob,
highest_out_relates_to varchar(255),
client_completed_messages blob,
transport_to varchar(255),
offered_endpoint varchar(255),
offered_sequence varchar(255),
anonymous_uuid varchar(255),
last_send_error_timestamp bigint,
last_out_message bigint,
highest_out_message_number bigint,
next_message_number bigint,
terminate_added smallint,
timed_out smallint,
sequence_closed_client smallint,
expected_replies bigint,
soap_version integer,
termination_pauser_for_cs smallint,
avoid_auto_termination smallint,
rms_flags integer,
primary key (create_seq_msg_id)
);

mysql>create table wsrm_invoker (
message_context_ref_key varchar(255) not null,
sequence_id varchar(255),
context blob,
msg_no bigint,
flags integer,
PRIMARY KEY (message_context_ref_key)
);

mysql>create table wsrm_msgctx (
ctx_key varchar(255) not null,
ctx blob,
PRIMARY KEY (ctx_key)
);

Step 2

Since we are going to establish a JDBC connection to a MySQL DB, copy mysql jdbc driver to WSAS_HOME/repository/components/lib and restart WSAS
Log in to WSAS management console and click on modules -->list. Click on configure link of the sandesha2 module.
By default, WSO2 WSAS uses an inmemory implementation of WS-RM. You can change it to persistent by changing Storage Manager property. Configure the rest of the persistent storage details as follows.
Connection String - jdbc:mysql://localhost:3306/SANDESHA_DB
Driver Name - com.mysql.jdbc.Driver
Username - your mysql username 
Password - your mysql password



Step 3

Now, you have enabled persistent RM in WSO2 WSAS. However, due to a bug in the latest WSAS releases, you should update the following property in WSAS_HOME/conf/axis2.xml

<parameter name="Sandesha2StorageManager">persistent</parameter>

Make sure to restart WSAS after configuring the above element in axis2.xml

Step 4

Now, you are ready to send requests to a service hosted in WSAS through RM and verify persistent RM. In order to do that, engage sandesha2 module in a service and send series of requests (say 100 requests) using a RM client (I assume you are familiar with sending soap messages with RM headers. I will publish a separate post on complete RM client-server invocation soon). After transmitting 30 requests, shutdown WSAS and restart. You will notice that after the server is restarted, the message transmission will be resumed from the message no: 31

If you have any issues with the steps given above, please drop me a mail.

Saliya EkanayakeInternet Explorer 8: Replacement for Chrome

After installing Windows7 on my machine, I went on installing my usual set of software including Google Chrome. But, I wanted to test InternetExplorer 8, which is the default browser, as well. So why wait, I started using it. Wow! I have to admit that it's cooler than Chrome. Why I say this mostly because it has a nice set of customizable accelartors. Also so far it is reliable than Chrome in Windows7. Moreover, it's way better than IE 7, which I consider as a pretty bad version of IE.


Ajith RanabahuBlogging for ACM !

Thanks to the recommendation from Max, I've been given the opportunity to be an official blogger for CACM. My blogs appear at BLOG@CACM and the first post on the OOPSLA cloud workshops ,Taming the Clouds at OOPSLA, is available now.

Paul FremantleGrief

The Loch Ness Monster is like my grief,
sliding through waters unseen,
waters seemingly serene,
while underneath,
like a churning,
yearning,
serpent
ready to explode,
my sorrow slowly does unfold.

Nuwan BandaraThe Sparkling Graduation

Last night was the long awaited day, My graduation, We were suited up, dressed with black academic gowns and hats, Its all fancy and well, quite formal :D . There is alot to brag about, How Important this day is, The hard work we did to achieve it, but well I guess you all know the backdrop of a graduation. So without much words ill post some photos, of this important day of my life and Why I said its a SPARKLING Graduation is that I won Dr. Gamini Wickramasinghe Gold Medal for outstanding achievements. :) My parents were happy with tears in their eyes. Thank you guys, to all of you, in helping me to achieve greatness last night.

Lahiru SandakithAwait Ubuntu 9.10

Charitha KankanamgeKey factors for successful test automation

At WSO2, we have been making considerable progress in building a complete test automation solution. According to my experience on that effort, I think the followings are the key factors contributed to a successful test automation project.

  • Dedication to automation (Instead of treating it as a spare-time activity)
  • Commitment by the entire team (rather than just one or two testers),
  • Commitment to automation from the start (rather than trying to automate a manual process later)
  • Making use of correct tools/frameworks/technology
  • Allocating sufficient time and resources

Sanjiva WeerawaranaSOA Workshop in Santa Clara, CA on Nov 3rd

Following up from the highly popular free SOA Summer Camp series we ran this past summer, we'll be offering a one-day version of this in Santa Clara, CA in November. This is again meant to be a generic intro to SOA with WSO2 products being used for samples. Its not free but priced at just $75. Interested?

Sanjiva WeerawaranaSri Lanka’s path to peace

This is a great piece on Britain’s Guardian on what has happened in Sri Lanka and what is good for us going forward. In particular, the author touches on the misguided plan by the EU to cut off GSP+ trade concessions for Sri Lanka as a punishment for human rights violations.

One of these days I’ll blog about that topic … I need to calm down before I can write down what I really want to say about what I think of the world’s double standards :-).

Tyrell PereraGoogle Wave explained in 2 minutes

I for one, think there's too much hype around it to make a practical estimate of Google Wave's usefulness. But in the mean time, here's how one guy sees the wave (in 2 minutes). You can also go here if you have about one and a half hours to kill, to get the long version from Google :)


Tyrell PereraYour tweets and updates, coming soon to a google near you!!

Official Google Blog: RT @google: Tweets and updates and search, oh my!
"Given this new type of information and its value to search, we are very excited to announce that we have reached an agreement with Twitter to include their updates in our search results. We believe that our search results and user experience will greatly benefit from the inclusion of this up-to-the-minute data, and we look forward to having a product that showcases how tweets can make search better in the coming months."


Good news indeed. I wonder how page ranks will be handled ...


Krishantha SamaraweeraWSO2 SOA workshop - Santa Clara, CA | November 3rd 2009

Join us in Santa Clara, CA on the 3rd of November for a full-day interactive workshop on real world best practices for SOA. Learn how to map specific business requirements to concrete SOA development.

Tyrell PereraWSO2 SOA workshop - Santa Clara, CA | November 3rd 2009

Register Here


Yumani RanaweeraHow to deploy WSO2 Identity Server in IBM WebSphere Application Server 6.1

In this blog post I'll be putting together a deployment cheat-sheet for deploying WSO2 Identity Server 2.0.1 in IBM WebSphere Application Server 6.1.

In summary this deployment involves;
- Downloading IBM WebSphere Application Server 6.1, create a profile
- Downloading WSO2 Identity Server 2.0.1, and configuring it.
- Configuring IBM WAS


Lets move on to details...

1) Download an install WAS
Download the WebSphere Application Server from this location and install by executing .exe setup in your local machine.

2) Create a Profile
After installing create a profile using the 'Profile Management Tool'.

a) From the start menu go to All Programs > IBM WebSphere > Application Server V6.1 > Profile Management Tool.
b) In the 'Profile Management Tool' accept defaults until you select a 'Typical Profile Creation' as profile creation options and then give user name\password for your profile.
c) The last step of the profile creation will show you a summary of the profile. Note down the http\https ports from this. In my case its 9081\9444.


3) Download WSO2 Identity Server 2.0.1.
Download WSO2 IS 2.0.1 from here. Extract it to a location in your file system.


4) Create a war file
a) In the file system create a folder with .war extension. (e.g. is.war)
b) Copy IS_HOME\webapps\ROOT\WEB-INF folder into this.
c) Open command promt within is.war
d) Type jar -cvf is.war *


5) Create a repo in your file system.
 From the WSO2 IS distribution, copy the following folders in to 'WAS_repo'.
- IS_HOME\conf
- IS_HOME\database
- IS_HOME\repositoy
- IS_HOME\resources

6) Change the address and path details in configuration files as below;
a) WAS_repo\conf\axis2.xml;
Change HTTP and HTTPS ports within In Transports to 9081 and 9444.
< transportReceiver name="http" class="org.wso2.carbon.core.transports.http.HttpTransportListener">
    < parameter name="port">9081</parameter>  
    </transportReceiver>
    < transportReceiver name="https" class="org.wso2.carbon.core.transports.http.HttpsTransportListener">
        &lt parameter name="port">9444</parameter>
    </transportReceiver>

b) WAS_repo\conf\carbon.xml
Make to /is and change to contain the WAS port and the context.

< WebContextRoot>/is</WebContextRoot>
    < ServerURL>https://localhost:9444/is/services/</ServerURL>

c) WAS_repo\conf\registry.xml
Update the path to h2 database to the databse folder within the WAS_repo

< URL>jdbc:h2:D:/Testing/IS/2.0.1/WAS_repo/database/WSO2CARBON_DB</URL>

d) WAS_repo\conf\user-mgt.xml
Update the path to h2 database to the database folder within the WAS_repo

e) WAS_repo\conf\identity.xml
Update to contain the WAS port and the context.

< OpenIDServerUrl>https://localhost:9444/is/openidserver</OpenIDServerUrl>
    < OpenIDUserPattern>https://localhost:9444/is/openid/</OpenIDUserPattern>

7) Start WAS
a) From a command prompt go to WAS_HOME/profiles/AppSvr02/bin.
b) set CARBON_HOME to the WAS_repo we created above
c) type startServer.bat server1 to start the server

8) Configure WAS
a) Open WAS admin console from a browser (e.g. https://localhost:9044/ibm/console/logon.jsp)
b) Go to Security > SSL certificate and key management > Key stores and certificates > New
c) Give the name, path and password for the keystore files. For WSO2 IS you can use the details below.

name = anything (I'll put wso2carbon_cert)
path =  CARBON_HOME\resources\security\wso2carbon.jks (CARBON_HOME is the location of the 'WAS-repo' we created).
password = wso2carbon
type = jks

d) Go to Applications > Install New Application.
e) Give the path and the context root for the application. In our case;

path = path to the is.war we created
context root = /is

f) Go to Applications > Enterprise Applications 
g) Select the is_war that we deployed just now. Press 'start'.

9) Restart IBM Websphere Application Server by setting CARBON_HOME environment variable as before.

So now we are ready to access WSO2 Identity Server from IBM Websphere Application Server.

10) Open up a browser and type https://localhost:9444/is/carbon.

Yumani RanaweeraSOA Workshop in Santa Clara - Nov 3rd 2009




Who should attend this workshop?
Enterprise IT Architects
Software Developers

When?
November 3rd 2009 - 9:00 am to 5:00 pm
(Registration at 8:30 am) 

What is the cost?
$75 per person

Where?
Network Meeting Center at Techmart
5201 Great America Parkway
Santa Clara, California 95054


View Larger Map

What will I learn?

 Everything you want to know on implementing real world SAO solutions!
 More details - http://wso2.com/events/2009-us-soa-workshop/

Ayanthi AnandagodaBeautiful You Are, Always in My Eyes..


You came and you gave,
happiness..

You showed what love was,
Showed me a whole new world..

Will stand by you forever,
And never let go.

To my dearest darling daughter, with love – Mom.

Thilina BuddhikaHow to use SAML 2.0 Token Profile Support in Rampart 1.5


From 1.5 release onwards Apache Rampart supports SAML 2.0 Token Profile. With this new feature, it allows web service consumers to obtain SAML 2.0 tokens from Security Token Services(STS) and use those tokens to consume other services which impose the presence of a SAML 2.0 token in a SOAP request. In this post, I am explaining how to use a SAML 2.0 token using Apache Rampart in a WS Trust scenario.

1. As the first step you need to set up Apache Axis2 + Rampart. You can download Axis2 1.5 from here and Rampart 1.5 from here.(Since Rampart 1.5 is not released yet, I have hosted the binaries built from the 1.5 branch) I am using an Axis2 deployment on Apache Tomcat to host services in this post.

  • You can simply download Axis2 webapp and deploy it in Apache Tomcat. (I am referring the tomcat installation directory as TOMCAT_HOME from here onwards)
  • Copy the set of jars inside the lib directory of Rampart binary distribution into $TOMCAT_HOME/webapps/axis2/WEB-INF/lib and copy the rampart and rahas module archives(.mar) files into $TOMCAT_HOME/webapps/axis2/WEB-INF/modules directory. Rampart makes use of WSS4J for SAML token validation. Because WSS4J release with the SAML 2.0 token validation support is yet to be released, I am using a custom WSS4J implementation in this scenario. Please download wss4j-1.5.7.wso2v2.jar from here and replace the wss4j-1.5.8.jar which is shipped with Rampart.
  • To use SAML 2.0 support, it is required to endorse the default JAXP implementation of the JDK with Apache Xerces and Xalan. You can find more information on how to endorse the JDK in the README file of Rampart binary distribution. Since Tomcat uses its own endorsed directory, it is required to endorse the Tomcat deployment. You can copy the same set of jar files which is used to endorse the JDK to $TOMCAT_HOME/endorsed directory. For convenience, I have hosted the necessary endorsing jars here. You can download this set of jars and copy them to $JAVA_HOME/jre/lib/endorsed directory.

2. As the second step you need to set up the STS and the relying party service. I am using the SAML 1.1 sample shipped with Apache Rampart with some modifications to make it use SAML 2.0. We are using a service archive which contains both relying party service and configurations for STS. STS is implemented inside Rampart and it is sufficient to provide only the configuration. You can download the this service archive named “samlple05.aar” from here. This service archive will contain a service group where STS and Sample05 are the members of that service group.

  • It is possible to configure STS according to the user requirements. STS configuration of this sample can be found in services.xml file inside the META-INF directory of the extracted service archive. These configurations are available in the <parameter name=”saml-issuer-config”> element. Lets go through some of the important parameters of this configuration.
    • issuerName – This is used to identify the issuer, this could be the end point of the issuer or any other identifier used by the relying party services.
    • issuerKeyAlias – This is the alias of the certificate that STS will be using for signing SAML Assertions.
    • issuerKeyPassword – Private key password of the certificate of the STS
    • cryptoProperties – The child elements of this configuration element is used to identify the keystore which is used by the STS. Location of the keystore, keystore type and keystore password are specifed as child elements of this parameter.
    • timeToLive – Validity period of a SAML assertion(mentioned in seconds)
    • trusted-services – Under this parameter, you can specify the EPRs of the trusted relying party services for which users are obtaining SAML tokens. It is possible to specify a wildcard character, so that STS trusts any relying party service. In this sample, we have used a wildcard character. But in real world scenarios, it is recommended not to use this and mention the trusted services specifically.
  • STS is a web service, hence it is possible to publish its requirement as a policy. Please note that, it is better if STS can express its authentication requirements for the user in its policy. In this case, we are using a security policy which contains a Asymmetric Binding. So the X.509 certificate of the client is used to authenticate him.
  • Then it contains the policy and configuration required for the relying party service (sample05) which has a ‘echo’ operation. The security policy of the relying party service imposes the presence of a SAML 2.0 token in the SAML request.
<sp:SupportingTokens xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
                                <wsp:Policy>
       <sp:IssuedToken sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient">
           <Issuer xmlns="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
               <Address xmlns="http://www.w3.org/2005/08/addressing">https://kirillgdev04/Security_Federation_SecurityTokenService_Indigo/Symmetric.svc/Scenario_1_IssuedTokenOverTransport_UsernameOverTransport</Address>
           </Issuer>
           <sp:RequestSecurityTokenTemplate>
              <t:TokenType xmlns:t="http://schemas.xmlsoap.org/ws/2005/02/trust">urn:oasis:names:tc:SAML:2.0:assertion</t:TokenType>
              <t:KeyType xmlns:t="http://schemas.xmlsoap.org/ws/2005/02/trust">http://schemas.xmlsoap.org/ws/2005/02/trust/SymmetricKey</t:KeyType>
              <t:KeySize xmlns:t="http://schemas.xmlsoap.org/ws/2005/02/trust">256</t:KeySize>
           </sp:RequestSecurityTokenTemplate>
           <wsp:Policy>
             <sp:RequireInternalReference/>
           </wsp:Policy>
      </sp:IssuedToken>
   </wsp:Policy>
 </sp:SupportingTokens>

This policy assertion establishes the requirement for a SAML 2.0 assertion which uses a symmetric key with a length of 256 bit for SAML subject confirmation. These requirements are specified in the RequestSecurityTemplate policy assertion.

  • Then lets deploy this service archive in Axis2. You can simply copy sample05.aar file into $TOMCAT_HOME/webapps/axis2/WEB-INF/services/ directory and restart Tomcat if you haven’t enable hot deployment.

3. Now lets look at the client code.

package org.wso2.sts;                                                                            

import org.apache.axiom.om.OMAbstractFactory;
import org.apache.axiom.om.OMElement;
import org.apache.axiom.om.OMFactory;
import org.apache.axiom.om.OMNamespace;
import org.apache.axiom.om.impl.builder.StAXOMBuilder;
import org.apache.axiom.soap.SOAP12Constants;
import org.apache.axis2.addressing.AddressingConstants;
import org.apache.axis2.addressing.EndpointReference;
import org.apache.axis2.client.Options;
import org.apache.axis2.client.ServiceClient;
import org.apache.axis2.context.ConfigurationContext;
import org.apache.axis2.context.ConfigurationContextFactory;
import org.apache.neethi.Policy;
import org.apache.neethi.PolicyEngine;
import org.apache.rahas.RahasConstants;
import org.apache.rahas.Token;
import org.apache.rahas.TokenStorage;
import org.apache.rahas.TrustException;
import org.apache.rahas.TrustUtil;
import org.apache.rahas.client.STSClient;
import org.apache.rampart.RampartMessageData;
import org.apache.ws.secpolicy.SP11Constants;
import org.apache.ws.secpolicy.SPConstants;
import org.opensaml.XML;

import javax.xml.namespace.QName;

public class Client {

 public static void main(String[] args) throws Exception {

 //TODO : replace with the local paths in your machine
 String epr = "http://localhost:8081/axis2/services/sample05";
 String repo = "/path/to/repo";
 String servicePolicy = "/path/to/service-policy.xml";
 String stsPolicy = "/path/to/sts-policy.xml";

 ConfigurationContext ctx = ConfigurationContextFactory.createConfigurationContextFromFileSystem(repo, null);

 STSClient stsClient = new STSClient(ctx);

 stsClient.setRstTemplate(getRSTTemplate());
 stsClient.setVersion(RahasConstants.VERSION_05_12);
 String action = TrustUtil.getActionValue(RahasConstants.VERSION_05_02, RahasConstants.RST_ACTION_ISSUE);
 stsClient.setAction(action);

 //Obtain the token
 Token responseToken = stsClient.requestSecurityToken(loadPolicy(servicePolicy),
 "http://localhost:8081/axis2/services/STS", loadPolicy(stsPolicy), epr);

 System.out.println("\n------------------------------ Requested Token ---------------------------------------\n");
 System.out.println(responseToken.getToken().toString());

 TokenStorage store = TrustUtil.getTokenStore(ctx);
 store.add(responseToken);

 //Call the relying party service
 ServiceClient client = new ServiceClient(ctx, null);

 Options options = new Options();
 options.setAction("urn:echo");
 options.setTo(new EndpointReference(epr));
 options.setProperty(RampartMessageData.KEY_RAMPART_POLICY, loadPolicy(servicePolicy));
 options.setProperty(RampartMessageData.KEY_CUSTOM_ISSUED_TOKEN, responseToken.getId());
 client.setOptions(options);

 client.engageModule("addressing");
 client.engageModule("rampart");

 OMElement response = client.sendReceive(getPayload("Hello world1"));
 System.out.println("Response  : " + response);

 }

 private static Policy loadPolicy(String xmlPath) throws Exception {
 StAXOMBuilder builder = new StAXOMBuilder(xmlPath);
 return PolicyEngine.getPolicy(builder.getDocumentElement());
 }

 private static OMElement getPayload(String value) {
 OMFactory factory = OMAbstractFactory.getOMFactory();
 OMNamespace ns = factory.createOMNamespace("http://sample05.policy.samples.rampart.apache.org", "ns1");
 OMElement elem = factory.createOMElement("echo", ns);
 OMElement childElem = factory.createOMElement("param0", null);
 childElem.setText(value);
 elem.addChild(childElem);

 return elem;

 }

 private static OMElement getRSTTemplate() throws Exception {
 OMFactory fac = OMAbstractFactory.getOMFactory();
 OMElement elem = fac.createOMElement(SP11Constants.REQUEST_SECURITY_TOKEN_TEMPLATE);
 TrustUtil.createTokenTypeElement(RahasConstants.VERSION_05_12, elem).setText(RahasConstants.TOK_TYPE_SAML_20);
 TrustUtil.createKeyTypeElement(RahasConstants.VERSION_05_12, elem, RahasConstants.KEY_TYPE_SYMM_KEY);
 TrustUtil.createKeySizeElement(RahasConstants.VERSION_05_12, elem, 256);

 return elem;
 }
}

Above listing depicts the complete version of the Client code. In order to make this work, you need to make some changes in the paths to repos, policies etc. Modify the repo, epr, servicePolicy and stsPolicy accordingly. I am explaining some of the important code segments of the above code for the sake of completion.

  • After instantiating the STSClient object, we set its RSTTemplate. In this code, getRSTTemplate() method is used to create the RSTTemplate. The SAML version, key type and the key size are set to the RST(Request Security Token) inside this method. Following code snipped sets the SAML version, Key type and key length in RST.
 TrustUtil.createTokenTypeElement(RahasConstants.VERSION_05_12, elem).setText(RahasConstants.TOK_TYPE_SAML_20);
 TrustUtil.createKeyTypeElement(RahasConstants.VERSION_05_12, elem, RahasConstants.KEY_TYPE_SYMM_KEY);
 TrustUtil.createKeySizeElement(RahasConstants.VERSION_05_12, elem, 256);
  • Then we set the RST action. In this scenario, we are requesting a token from the STS. So the corresponding trust action is ISSUE.
 String action = TrustUtil.getActionValue(RahasConstants.VERSION_05_02, RahasConstants.RST_ACTION_ISSUE);
 stsClient.setAction(action);
  • Then the RST is sent to the STS. Here, we are passing the EPR of the RP service as a parameter. This is going to be checked against the set of trusted services we specified in the sts-configuration.
Token responseToken = stsClient.requestSecurityToken(loadPolicy(servicePolicy), "http://localhost:8081/axis2/services/STS", loadPolicy(stsPolicy), epr);
  • After obtaining the token, we are storing it in the trust store and then sending it to the RP service.

You can download the source code, policy files and client site key store from here. Please note that you have to change the rampart-config parameters in both policy files to reflect your local settings.

In this sample, we are using a password callback handler to load the passwords of the private keys. In the client’s end, we are using the following password callback handler.

package org.wso2.sts;

import org.apache.ws.security.WSPasswordCallback;

import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.UnsupportedCallbackException;
import java.io.IOException;

public class PWCBHandler  implements CallbackHandler{
    public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
         for (int i = 0; i < callbacks.length; i++) {
             WSPasswordCallback pwcb = (WSPasswordCallback)callbacks[i];
             String id = pwcb.getIdentifer();
             if("client".equals(id)) {
               pwcb.setPassword("apache");
             } else if("service".equals(id)) {
               pwcb.setPassword("apache");
            }
         }
   }
}

To get the client code up and running you need to add certain set of jars to your classpath. Most straight forward approach is adding the Axis2 ‘lib’ into your classpath. It contains all the jars required to compile and run this sample.

Following listing depicts the RST sent from Client to STS.

<wst:RequestSecurityToken xmlns:wst="http://docs.oasis-open.org/ws-sx/ws-trust/200512">
    <wst:RequestType>http://docs.oasis-open.org/ws-sx/ws-trust/200512/Issue</wst:RequestType>
    <wsp:AppliesTo xmlns:wsp="http://schemas.xmlsoap.o383rg/ws/2004/09/policy">
        <wsa:EndpointReference xmlns:wsa="http://schemas.xmlsoap.org/ws/2004/08/addressing">
            <wsa:Address>http://localhost:8081/axis2/services/sample05</wsa:Address>
        </wsa:EndpointReference>
    </wsp:AppliesTo>
    <wst:Lifetime>
        <wsu:Created>2009-10-20T13:15:51.739Z</wsu:Created>
        <wsu:Expires>2009-10-20T13:20:51.739Z</wsu:Expires>
    </wst:Lifetime>
    <wst:TokenType>http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0</wst:TokenType>
    <wst:KeyType>http://docs.oasis-open.org/ws-sx/ws-trust/200512/SymmetricKey</wst:KeyType>
    <wst:KeySize>256</wst:KeySize>
    <wst:Entropy>
        <wst:BinarySecret Type="http://docs.oasis-open.org/ws-sx/ws-trust/200512/Nonce">
            g5WVRpUl7bKno8LYFC9JUGLpe1NZpkZ/
        </wst:BinarySecret>
    </wst:Entropy>
    <wst:ComputedKeyAlgorithm>http://docs.oasis-open.org/ws-sx/ws-trust/200512/CK/PSHA1</wst:ComputedKeyAlgorithm>
</wst:RequestSecurityToken>

In this RST, RequestType is set to “http://docs.oasis-open.org/ws-sx/ws-trust/200512/Issue”. We have passed EPR of the RP service as a parameter when requesting the token. If you carefully observe  AppliesTo element, you will note the EPR we have passed has been set as the value of this element. Similarly the token type, key type and the key size are also appearing in the RST as we have set them in the RSTTemplate. The “Entopy” element is used pass a binary secret which is used to derive keys. I am not going into further details about key derivation is WS Trust. Plese refer to the WS Trust specification for further details.

Following is the resulting RSTR(Request Security Token Response) returned by the STS.

<wst:RequestSecurityTokenResponseCollection xmlns:wst="http://docs.oasis-open.org/ws-sx/ws-trust/200512">
    <wst:RequestSecurityTokenResponse>
        <wst:TokenType>http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0</wst:TokenType>
        <wst:KeySize>256</wst:KeySize>
        <wst:RequestedAttachedReference>
            <wsse:SecurityTokenReference
                    xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
                <wsse:Reference URI="#urn:uuid:84DE938F17D3C897711256051606027"
                                ValueType="http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0"/>
            </wsse:SecurityTokenReference>
        </wst:RequestedAttachedReference>
        <wst:RequestedUnattachedReference>
            <wsse:SecurityTokenReference
                    xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
                <wsse:Reference URI="urn:uuid:84DE938F17D3C897711256051606027"
                                ValueType="http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0"/>
            </wsse:SecurityTokenReference>
        </wst:RequestedUnattachedReference>
        <wsp:AppliesTo xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy">
            <wsa:EndpointReference xmlns:wsa="http://schemas.xmlsoap.org/ws/2004/08/addressing">
                <wsa:Address>http://localhost:8081/axis2/services/sample05</wsa:Address>
            </wsa:EndpointReference>
        </wsp:AppliesTo>
        <wst:Lifetime>
            <wsu:Created>2009-10-20T15:13:26.138Z</wsu:Created>
            <wsu:Expires>2009-10-20T15:13:56.138Z</wsu:Expires>
        </wst:Lifetime>
        <wst:RequestedSecurityToken>
            <saml:Assertion xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"
                            ID="urn:uuid:84DE938F17D3C897711256051606027" IssueInstant="2009-10-20T15:13:26.002Z"
                            Version="2.0">
                <saml:Issuer>SAMPLE_STS</saml:Issuer>
                    ...
               </saml:Assertion>
        </wst:RequestedSecurityToken>
        <wst:RequestedProofToken>
            <wst:ComputedKey>http://docs.oasis-open.org/ws-sx/ws-trust/200512/CK/PSHA1</wst:ComputedKey>
        </wst:RequestedProofToken>
        <wst:Entropy>
            <wst:BinarySecret Type="http://docs.oasis-open.org/ws-sx/ws-trust/200512/Nonce">
                r/JgXgGMFb4afwRQpggqky8q4TQm7pdXm8RQq9IgCzI=
            </wst:BinarySecret>
        </wst:Entropy>
    </wst:Reques66tSecurityTokenResponse>
</wst:RequestSecurityTokenResponseCollection>

SAML assertion contained in the RSTR is removed for brevity.

In this post, we have looked about the STS Configuration of Apache Rampart, how to obtain a SAML 2.0 Token, and how to use it to consume a web service. If you faced any issues, do not hesitate to post them here.

<wst:RequestSecurityToken xmlns:wst="http://docs.oasis-open.org/ws-sx/ws-trust/200512">
    <wst:RequestType>http://docs.oasis-open.org/ws-sx/ws-trust/200512/Issue</wst:RequestType>
    <wsp:AppliesTo xmlns:wsp="http://schemas.xmlsoap.o383rg/ws/2004/09/policy">
        <wsa:EndpointReference xmlns:wsa="http://schemas.xmlsoap.org/ws/2004/08/addressing">
            <wsa:Address>http://localhost:8081/axis2/services/sample05</wsa:Address>
        </wsa:EndpointReference>
    </wsp:AppliesTo>
    <wst:Lifetime>
        <wsu:Created>2009-10-20T13:15:51.739Z</wsu:Created>
        <wsu:Expires>2009-10-20T13:20:51.739Z</wsu:Expires>
    </wst:Lifetime>
    <wst:TokenType>http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV1.1</wst:TokenType>
    <wst:KeyType>http://docs.oasis-open.org/ws-sx/ws-trust/200512/SymmetricKey</wst:KeyType>
    <wst:KeySize>256</wst:KeySize>
    <wst:Entropy>
        <wst:BinarySecret Type="http://docs.oasis-open.org/ws-sx/ws-trust/200512/Nonce">
            g5WVRpUl7bKno8LYFC9JUGLpe1NZpkZ/
        </wst:BinarySecret>
    </wst:Entropy>
    <wst:ComputedKeyAlgorithm>http://docs.oasis-open.org/ws-sx/ws-trust/200512/CK/PSHA1</wst:ComputedKeyAlgorithm>
</wst:RequestSecurityToken>
<wst:RequestSecurityTokenResponseCollection xmlns:wst="http://docs.oasis-open.org/ws-sx/ws-trust/200512">
    <wst:RequestSecurityTokenResponse>
        <wst:TokenType>http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0</wst:TokenType>
        <wst:KeySize>256</wst:KeySize>
        <wst:RequestedAttachedReference>
            <wsse:SecurityTokenReference
                    xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
                <wsse:Reference URI="#urn:uuid:84DE938F17D3C897711256051606027"
                                ValueType="http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0"/>
            </wsse:SecurityTokenReference>
        </wst:RequestedAttachedReference>
        <wst:RequestedUnattachedReference>
            <wsse:SecurityTokenReference
                    xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
                <wsse:Reference URI="urn:uuid:84DE938F17D3C897711256051606027"
                                ValueType="http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0"/>
            </wsse:SecurityTokenReference>
        </wst:RequestedUnattachedReference>
        <wsp:AppliesTo xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy">
            <wsa:EndpointReference xmlns:wsa="http://schemas.xmlsoap.org/ws/2004/08/addressing">
                <wsa:Address>http://localhost:8081/axis2/services/sample05</wsa:Address>
            </wsa:EndpointReference>
        </wsp:AppliesTo>
        <wst:Lifetime>
            <wsu:Created>2009-10-20T15:13:26.138Z</wsu:Created>
            <wsu:Expires>2009-10-20T15:13:56.138Z</wsu:Expires>
        </wst:Lifetime>
        <wst:RequestedSecurityToken>
            <saml:Assertion xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"
                            ID="urn:uuid:84DE938F17D3C897711256051606027" IssueInstant="2009-10-20T15:13:26.002Z"
                            Version="2.0">
                <saml:Issuer>SAMPLE_STS</saml:Issuer>
                    ...
               </saml:Assertion>
        </wst:RequestedSecurityToken>
        <wst:RequestedProofToken>
            <wst:ComputedKey>http://docs.oasis-open.org/ws-sx/ws-trust/200512/CK/PSHA1</wst:ComputedKey>
        </wst:RequestedProofToken>
        <wst:Entropy>
            <wst:BinarySecret Type="http://docs.oasis-open.org/ws-sx/ws-trust/200512/Nonce">
                r/JgXgGMFb4afwRQpggqky8q4TQm7pdXm8RQq9IgCzI=
            </wst:BinarySecret>
        </wst:Entropy>
    </wst:Reques66tSecurityTokenResponse>
</wst:RequestSecurityTokenResponseCollection>

Yumani RanaweeraNew release of WSO2 product family !!!!

Its been a little more than a week now. But I need to make a note of it. WSO2 released new versions of five of its products on 09th Oct.

It include;
WSO2 WSAS 3.1.1
WSO2 Governance Registry 3.0.1
WSO2 ESB 2.1.1
WSO2 IS 2.0.1
WSO2 Mashup Server 2.0.0

The release notes of Mashup Server and Identity Server (the ones that I talk about most) are given below.

WSO2 Identity Server 2.0.1
The WSO2 Identity Server team is pleased to announce the release of version 2.0.1 of the Open Source WSO2 Identity Server (IS).

IS 2.0.1 release is available for download at [1].

This is based on revolutionary the WSO2 Carbon [2] framework, Middleware a la carte'.

All the major features have been developed as pluggable Carbon components.

New Features
-------------------
1. SAML 2.0 Token Profile support
2. Passive STS
3. Equinox P2 based provisioning support
4. Improved Support for deploying on top of WebSphere, WebLogic, and JBoss.
5. Various bug fixes and enhancements including architectural improvements to Apache Axis2, Apache Rampart, Apache Sandesha2, WSO2 Carbon and other projects

Other Key Features
---------------------------
1. Entitlement Engine with XACML 2.0 support.
2. Claim based Security Token Service.
3. Extension points for SAML assertion handling.
4. OpenID Provider
5. Information Card Provider

How to Run
-------------
1. Extract the downloaded zip.
2. Go to the bin directory in the extracted folder.
3. Run the wso2server.sh or wso2server.bat as appropriate.
4. Point your browser to the URL https://localhost:9443/carbon
5. Use "admin", "admin" as the user name and password.
6. If you need to start the OSGi console with the server use the property -DosgiConsole when starting the server

Known issues
---------------
All the known issues have been filed here [3]. Please report any other issues you find as JIRA entries.

Contact us
-----------
WSO2 Identity Server developers can be contacted via the mailing lists:
For Users: carbon-user@wso2.org
For Developers: carbon-dev@wso2.org

Alternatively, questions can also be raised in the Identity Server forum at http://wso2.org/forum/308

Training
---------
WSO2 Inc. offers a variety of professional Training Programs, including training on general Web services as well as WSO2 Identity Server,Apache Axis2, Data Services and a number of other products. For
additional support information please refer to http://wso2.com/training/course-catalog/


Support
--------
WSO2 Inc. offers a variety of development and production support
programs, ranging from Web-based support up through normal business
hours, to premium 24x7 phone support. For additional support information
please refer to http://wso2.com/support/


For more information on WSO2 Identity Server, visit the WSO2 Oxygen Tank[4].

Thank you for your interest in WSO2 Identity Server.

-The WSO2 Identity Server team

[1]: http://wso2.org/downloads/identity
[2]: http://wso2.org/projects/carbon
[3]: https://wso2.org/jira/browse/CARBON
[4]: http://wso2.org


WSO2 Mashup Server 2.0.0


The WSO2 Mashup Server team is pleased to announce the release of version 2.0.0 of the Open Source WSO2 Mashup Server.

Downloads are available at http://wso2.org/downloads/mashup

For a complete list of project resources including SVN, Mailing lists, Forums, JIRA and Tutorials visit http://wso2.org/projects/mashup

"Create, deploy, and consume Web services Mashups in the simplest fashion."

The WSO2 Mashup Server is a powerful yet simple and quick way to tailor Web-based information to the personal needs of individuals and organizations. It is a platform for acquiring data from a variety of sources including Web Services, HTML pages, feeds and data sources, and process and combine it with other data using JavaScript with E4X XML extensions. The result is then exposed as a new Web service with rich metadata and artifacts to simplify the creation of rich user interfaces


Key Features
---------------
* Hosting of mashup services written using JavaScript with E4X XML extension
    - Simple file based deployment model
* JavaScript annotations to configure the deployed services
* Auto generation of metadata and runtime resources for the deployed mashups
    - JavaScript stubs that simplify client access to the mashup service
    - Code templates for developing rich HTML or Google Gadget interfaces
    - TryIt functionality to invoke the mashup service through a web browser
    - WSDL 1.1/WSDL 2.0/XSD documents to describe the mashup service
    - API documentation
* Ability to bundle a custom user interface for the mashups
* Many useful Javascript Host objects that can be used when writing mashups
    - WSRequest: invoke Web services from mashup services
    - File: File storage/manipulation functionality
    - System: Set of system specific utility functions
    - Session: Ability to share objects across different service invocations
    - Scraper: Extract data from HTML pages and present in XML format
    - APPClient: Atom Publishing Protocol client to retrieve/publish Atom
                 feeds with APP servers
    - Feed: A generic set of host objects to transparently read and create
            Atom and RSS feeds
    - Request: Ability get information regarding a request received
* Support for recurring and longer-running tasks
* Support for service lifecycles
* Ability to secure hosted mashups using a set of commonly used security scenarios
* Management console to easily manage the mashups


New Features In This Release
------------------------------
The 2.0 version of the Mashup Server is built on top of the Award Winning WSO2 Carbon Platform. All the major features have been developed as pluggable Carbon components.


Installation & Running
-----------------------
1. extract the downloaded zip file
2. Run the wso2server.sh or wso2server.bat file in the bin directory
3. Once the server starts, point your Web browser to
   https://localhost:9443/carbon/

For more details, see the Installation Guide


System Requirements
----------------------
1. Minimum memory - 256MB
2. Processor      - Pentium 800MHz or equivalent at minimum
3. The Management Console requires full Javascript enablement of the Web browser
   NOTE: On Windows Server 2003, it is not allowed to go below the medium security level in Internet Explorer 6.x.

For more details see
http://wso2.org/wiki/display/carbon/System+Requirements


WSO2 Mashup Server Binary Distribution Directory Structure
---------------------------------------------------------------
  CARBON_HOME  
       |-bin      
       |-conf   
       |-database
       |-dbscripts
       |-docs     
       |-lib      
       |-logs
       |-repository     
       |---dataservices            
       |---scripts      
       |---services
       |-resources      
       |---security
       |-tmp      
       |-webapps      
       |-- LICENSE.txt
        |-- README.txt
        |-- INSTALL.txt
        |-- release-notes.html
   

   - bin
      Contains various scripts .sh & .bat scripts

    - conf
      Contains configuration files

   - database
     Contains the database

    - lib
      Contains the basic set of libraries required to startup WSO2 Mashup Server in standalone mode

    - logs
      Contains all log files created during execution

    - repository
      The repository where Carbon artifacts & Axis2 services and modules deployed in WSO2 Mashup Server are stored. In addition to this other custom deployers such as javascript, dataservices, axis1services and pojoservices are also stored.
     
            - dataservices
              Contains the Data Services hosted in the Mashup Server.
             
            - scripts
              Contains the Javascript Services (Mashups) hosted in the Mashup Server.
             
            - services
              Contains the Java Services hosted in the Mashup Server.

    - resources
      Contains additional resources that may be required

    - tmp
      Used for storing temporary files, and is pointed to by the java.io.tmpdir System property

    - webapps
      Contains the WSO2 Mashup Server webapp. Any other webapp also can be deployed in this directory

    - LICENSE.txt
      Apache License 2.0 under which WSO2 Mashup Server is distributed.

    - README.txt
      This document.

    - INSTALL.txt
          This document will contain information on installing WSO2 Mashup Server

    - release-notes.html
      Release information for WSO2 Mashup Server 2.0


Training
---------
WSO2 Inc. offers a variety of professional Training Programs, including training on general Web services as well as WSO2 Mashup Server, Apache Axis2, Data Services and a number of other products.

For additional support information please refer to http://wso2.com/training/course-catalog/


Support
---------
WSO2 Inc. offers a variety of development and production support programs, ranging from Web-based support up through normal business hours, to premium 24x7 phone support.

For additional support information please refer to http://wso2.com/support/

For more information on WSO2 Mashup Server, visit the WSO2 Oxygen Tank (http://wso2.org)


Enjoy the WSO2 Mashup Server,

The WSO2 Mashup Server Team ~~~~

Tyrell PereraDeploying WSO2 Mashup Server in Tomcat

  + 

For those of you interested in deploying the WSO2 Mashup Server 2.0 in Apache Tomcat, Sarasi has written a concise tutorial here. At the moment we do not provide a .war distribution. But, by following the above tutorial, you will be on your way in no time.


Nandika JayawardanaWSO2 WSF/C++ 2.1.0 Released

We are pleased to announce the release of WSO2 Web Services Framework for C++ 2.1.0 release.  With this 2.1 release comes some very useful usability enhancements in addition to many improvements to the framework.

Now the code generator tool is able to generate visual studio project files for the generated code. In addition, we have released an eclipse plug-in wizard alone with this release, which provides a comprehensive GUI interface to the code generator tool. This will allow the users who are working within eclipse IDE to generate code without having to leave the IDE.

We have done some work to improve the performance of the WSF/C framework within this period of time. In addition, the many shortcomings  in the code generation tool has been addressed from the previous release.New samples were added. Also some platform specific issues have been addressed in this release which allowed WSF/C++ to be complied in both MacOS as well as Solaris without having to do any changes.

You can download the 2.1 release from here.  Also download the Eclipse Codegen Wizard Plugin if your prefer to work in eclipse.

Here is the complete release note.

WSO2 Web Services Framework for C++ (WSO2 WSF/C++) 2.1.0 Released

=================================================================

WSO2 WSF/C++ team is pleased to announce the release of WSO2 WSF/C++ 2.1.0.

You can download this release from: http://wso2.org/downloads/wsf/cpp

WSO2 Web Services Framework for C++ (WSO2 WSF/C++) is a standards compliant, enterprise

grade, open source, C++ library for providing and consuming Web services in C++, based on the popular,

WSO2 WSF/C library.

Project home page:

http://wso2.org/projects/wsf/cpp

-------------

Key Features

=============

1. Client API to consume Web services

      * ServiceClient class with one-way and two-way service invocation support

        for SOAP 1.1, and SOAP 1.2.

      * Options class to facilitate configuring the client for both SOAP and REST options.

2. Service API to provide Web Services

      * ServiceSkeleton class to extend from to implement services.

2. Attachments with MTOM

      * Binary optimized

      * Non-optimized (Base64 binary)

      * Attachment Caching Support

3. WS-Addressing

      * Version 1.0

      * Submission

4. WSPolicy

5. WS-Security

      * Username Token

      * Timestamp Token

      *  Signing

      *  Encryption

      * WS-SecurityPolicy based configuration 

      * Reply detection

      * WS-Trust

      * WS-Secure Conversation  

6. Code generation Tool

      * By providing a wsdl and options, generate client stubs and service skeletons

        in C++ using the code generation tool.

      * A Code generation Eclipse plugin is also available with this release. The code generation tool

has been integrated into an eclipse plugin wizard which allows a user to conveniently

utilise the code generation tool while working within eclipse.

7. SSL enabled transport layer

8. WS-Reliable Messaging

9. Has all the capabilities available from WSF/C library.

--------------------------------

Major Changes Since Last Release

================================

1. Eclipse plugin for code generation tool added.

2. Visual Studio project file generation is added to the code generation tool.

3. Documentation Improved.

4. Many bugs fixed in the code generation tool.

5. Many memory leak fixes.

6. More samples have been added.

7. The Service API has been enhanced to allow users to extend from the generated skeleton classes.

-------------------

Known Issues

-------------------

There could be memory leaks in some scenarios.

-------------------

Reporting Problems

===================

Issues can be reported using the public JIRA available at:

https://wso2.org/jira/browse/WSFCPP

-----------

Contact Us

===========

Mailing Lists

-------------

Please subscribe to our user or developer mailing lists. For details on how

to subscribe please visit: http://wso2.org/mail

Discussion Forums

-----------------

Questions could be raised using the WSF/C++ forum.

http://wso2.org/forum/352

Training

========

WSO2 Inc. offers a variety of professional Training Programs which includes training on WSF/C++.

For additional information please refer to http://wso2.com/training/

Support

========

WSO2 Inc. offers a variety of development and production support programs, ranging from Web-based

support up through normal business hours, to premium 24x7 phone support.

For additional support information please refer to http://wso2.com/services/support/

We welcome your early feedback on this implementation.

Thank you for your interest in WSO2 WSF/C++.

-- WSO2 WSF/C++ Team --

Charith Dhanushka WickramarachchiSemaphores explained -- A Java approch

Semaphore can be considered as a variable or Data Structure that can be used to archive mutual exclusion in a Parallel Programming environment.

One good real life example to explain this is the tablet mechanism that is used in old railway system. Where when a train enters a Train Station it need to get a tablet from the Station master to proceed to the next station. When the train get the tablet that means there will be no other train in the railway track till it reaches the next station. When The train arrived to the next station it must give back the tablet to the station master so that he can signal the station that train has come from that line is cleared now (line is clear )

So getting a tablet is like acquiring a lock in the train line so that other trains that are in need of acquiring the line need to wait till the train reaches the next station and release the lock ( give the tablet back).

This signal system still in use in Sri Lanken Railway line in some parts where there is only one rail track between two stations.




Above explained situation is an example for the Binary Semaphore. where it supports two operations up() and down() . A binary semaphore can have only two values 0 and 1 .(NOTE that up() , down() operations are atomic operations )

when someone call a up on semaphore if its value is 0 then it increment it to one and return so that execution can proceed. But if its value is 1 then that up call block the process execution till some one make the semaphore value to 0 (wait till a down call);

In a down call if semaphore value is 1 it decrement it can return. If its 0 then the down call will block the process execution till the semaphore value set to one (wait till a up call).

This little idea is extended to an idea called Counting Semaphores there we can have more than two values for the semaphore. So that process can call multiple up s /down s till it get blocked.Which means more that one thread can pass the through before it blocked.

Now its time to look in to how this going help to solve a mutual exclusion problem.

Following is a famous problem in Concurrent programming text books lets see how we can solve it.

Bill and Ben work in a cafe that specialises in a soup and sandwich combination.

Bill makes two rounds of sandwiches while, at the same time, Ben makes two bowls of soup. When the sandwiches and soup are ready Bill and Ben each, they serve a soup and sandwich combination to a customer. These actions are repeated throughout the day.

[Note: Bill cannot serve until Ben has made the soup and Ben cannot serve until Bill has made the sandwiches.]

So as the Problem explained Before Serving sandwiches and soup Bill and Ben need to sync up.

Which means there can be no two customers in the shop at any time that has only served one item.(soup/sandwich)

If we model Bill and Ben as two processes that executes parallely it must be like follows

process Bill {

while (true) {

// Bill makes sandwiches //

SYNCH 1;

// Bill delivers //

}

}

process Ben {

while (true) {

// Ben makes soup //

SYNCH 2;

// Ben delivers //

}

}

To implement this Processes I'll be using the Java Language. Java has inbuilt semaphore implementation in java.util.concurrent.Semaphore

Its a counting Semaphore implementation. For this case since we only need a binery semaphore I'll will use it with permit value 1. which means only 1 thread is permitted to acquire it at a time.

I'll use the operations acquire and release operations which are smiler to up and down operations .

First lets look in to the code.



import java.util.concurrent.Semaphore;

public class Cafe {
private  final Semaphore bill = new Semaphore(1);
private  final Semaphore ben = new Semaphore(1);


public static void main(String[] args) throws InterruptedException {
  //Cafe opening
  new Cafe().openCafe();
 // Cant keep it open for long time.... :D
 Thread.sleep(1000);
 System.exit(0);
}


private void openCafe () throws InterruptedException {
  // allocating them to the work
  bill.acquire();
  ben.acquire();


  Thread benProcess = new Thread(new Ben());
  Thread billProcess = new Thread(new Bill());
  //work started
  benProcess.start();
  billProcess.start();


}
class Bill implements Runnable {

  public void run() {
      int i=0;
      while(true) {
          System.out.println("[Bill] finished making 1 sandwitch");
          System.out.println("[Bill] finished making 2 sandwitchs");

          try {

              //bill says i m done
              bill.release();
              // bill wait till ben done
              ben.acquire();
          } catch (InterruptedException e) {
              System.out.println("Process interrupted....");
          }

          System.out.println("[Bill Serves...Sandwitch to customer "+ ++i+" ]");
      }
  }
}

class Ben implements Runnable {

  public void run() {
      int i=0;
      while(true) {
          System.out.println("[Ben] finished making 1 Soup");
          System.out.println("[Ben] finished making 2 Soup");

          try {

              // ben says i m done
              ben.release();
              // ben waits till bill done
              bill.acquire();
          } catch (InterruptedException e) {
              System.out.println("Process interrupted....");
          }

          System.out.println("[Ben Serves... Soup to Customer "+ ++i+"]");
      }
  }
}
}
So if we looked in to the code Bill and Ben are implemented as two runnable s . At the start We create a Cafe allocate Ben and Bob work and tell them to start work.

If we look in to Bill Process what it does is it creates two Sandwiches and tell that I, m done by releasing bill semaphore and waits till Ben finished by trying to acquire the ben semaphore.

And Ben does other way around.

So it guarantees that Ben cant serve till Bill finish and Bill cant till Ben finishes.

So at the end when the processors executing parallely the condition of there can be no two customers in the shop at any time that has only served one item.(soup/sandwich) is satisfied.

Following is sample console out put I got

[Ben] finished making 1 Soup
[Ben] finished making 2 Soup
[Bill] finished making 1 sandwitch
[Bill] finished making 2 sandwitchs
[Ben Serves... Soup to Customer 1]
[Ben] finished making 1 Soup
[Ben] finished making 2 Soup
[Bill Serves...Sandwitch to customer 1 ]
[Bill] finished making 1 sandwitch
[Bill] finished making 2 sandwitchs
[Ben Serves... Soup to Customer 2]
[Ben] finished making 1 Soup
[Ben] finished making 2 Soup
[Bill Serves...Sandwitch to customer 2 ]
[Bill] finished making 1 sandwitch
[Bill] finished making 2 sandwitchs
[Ben Serves... Soup to Customer 3]
[Ben] finished making 1 Soup
[Ben] finished making 2 Soup
[Bill Serves...Sandwitch to customer 3 ]

......... goes on


You can see the condition is satisfied.
Hope this helps to improve your understanding on Semaphores...


Charitha KankanamgeHow to pass system properties to maven surefire plugin test run

While developing WSO2 QA test framework (which is based on selenium RC), we wanted to give users the choice of selecting test cases without running whole suite at once. Our plan was to pass a system property during maven test run. However, passing a system property directly through command line does not work since the surefire plugin is run under a different JVM instance that is launched by Maven.
In order to overcome this, maven surefire plugin can be configured as follows by specifying the required system property.

<systemProperties>
<property>
<name>test.suite</name>
<value>${test.suite}</value>
</property>
</systemProperties>

According to this example configuration, we can run test suite with passing a system property as follows.

'mvn clean install -Dtest.suite=test-case'

Prabath SiriwardenaWSO2 SOA Workshop - Santa Clara, California

wso2-soa1

ESBs and SOA

Most enterprises start with creating basic services and connecting them with an Enterprise Service Bus when first adopting SOA. This session will talk about the wider usage of an ESB in SOA infrastructure and the decoupling of communication layers.

SOA Security

As many businesses move ahead with SOA, security and identity management need to be made available as a service in the architecture in a consistent and reusable way across all applications. This session will focus on implementing key security standards and identity management for SOA.

Mashups and Business Process Management for SOA

This session will introduce Mashups as an enterprise integration tool and will demonstrate the various technologies in use for service compositions in SOAs. Focusing on both automated processes and looking at how BPM fits into people-based processes, this session will also examine Open Standards for BPM, how the BPMN and BPEL standards fit together.

SOA Governance

Governance is a vital part of any SOA, and has an impact on runtime as well as design-time. Some major components of SOA governance include a registry, policy, monitoring and testing procedures. This session will discuss some predefined patterns and recommendations along with service life-cycles, resource life-cycles, metadata storage, policies and validations.

SOA with C, C++, PHP and more

As C, C++ and other such languages have been around for many years, it is predominant in legacy systems. This session will explore how These languages can be used to implement and integrate systems that use SOA principles to provide great business value to enterprise applications.

SOA Enterprise Architecture Patterns

This session will provide in-depth knowledge on how to implement an SOA solution using the basic elements in an SOA infrastructure discussed in other sessions.

Samisa AbeysingheBAM Dashboard V 001 - Making business sense out of BAM

We are in the process of designing the WSO2 Business Activity Monitor's dashboards views, based on the data collected.

On the right hand side what you see is the initial design of the server - service - operation drill down view.

And one obvious question would be, how would just raw service invocation data might make any business sense? Well it does really make lot of business sense, thanks to the business-IT alignment in SOA. See the next image below.


In here I have expanded the data view for three operations for three services. These operations are, placeOrder from OrderBooking service, raiseInvoice from Billing service and receiveAdvice from Payment service.

If we compare the response counts for the operations, we can see our success funnel, from order booking, invoicing through to receipt of payment. 429 orders placed successfully, out of which only 264 reached billing stage and only 204 payments made so far. Hence in the current state, we have less than 50% success rate in making real business out of all the orders placed. The business person would naturally question, "what can be done to improve that".

That is only one use case for making business sense, out of only these three graphs . There can be many other cases, that can be modeled using only these three graphs. For e.g. why did 40 orders failed in the place order operation itself? Out of 429 successfully placed orders, why were only 264 invoiced; what happened to 165 orders along the way?

As you can see, if your SOA design is business sensitive, which is one of the guiding principles in SOA, the business-IT alignment, a simple business activity monitoring exercise can provide immense insight as to what the state of your business is.

Sameera JayasomaIt is one of the only times in the history of modern warfare

Just wanted to highlight the following.

The only nation that fits the bill is Sri Lanka. And the reason for that is a ruthless military campaign waged by President Mahinda Rajapaksa against a militarized Tamil death cult known as the Tamil Tigers. This conflict has taken nearly 100,000 lives since it began three decades ago. But Mr. Rajapaksa ended it definitively at one stroke, killing or capturing virtually the entire Tiger leadership. It is one of the only times in the history of modern warfare that a guerrilla/ terrorist movement has been utterly destroyed in such a fashion. Overnight, war became a stranger to Sri Lanka.

Sounds like a pretty good candidate for a "peace" prize, don't you think?

Read more: http://www.nationalpost.com/opinion/story.html?id=2088558&p=1

Samisa AbeysingheSOA Workshop

Supun KamburugamuvaA Rock Solid Release of WSO2 ESB 2.1.1

We did a very stable release of WSO2 ESB 2.1 some time ago. Now we have a more robust version of it available. This version has many bug fixes for app server deployment. Also quite a number of general bug fixes. We have changed the registry to support transactions. All the ESB features are very stable and ready to go in to production.

You can grab the latest release from

http://wso2.org/downloads/esb

Dimuthu GamageWSO2 SOA Workshop 2009, Santa Clara, CA

WSO2 is hosting a SOA Workshop in Santa Clara, California in November 3rd 2009. You will be able to attend to the following sessions covered by the industry leading experts in SOA.

  • ESBS and SOA
  • SOA Security
  • Mashups and Business Process Management for SOA
  • SOA Governance
  • SOA with C, C++, PHP
  • SOA Architecture Pattern

Visit here to find more details about the event, http://wso2.com/events/2009-us-soa-workshop/?soaotad=10072009

Tyrell PereraWSO2 Mashup Server 2.0

With the 2.0 version we are entering the WSO2 Carbon universe. This means that our users get all the goodies they are used to on top of a fully componentized SOA platform. We also did a bunch of bug fixes along with improvements to documentation. By the way, don't forget to have a look at the Wikipedia page. Feel free to improve it with content or external sources of information you come across about the WSO2 Mashup Server.



WSO2 Mashup Server 2.0 Release Notes

07 Oct 2009


"Create, deploy, and consume Web services Mashups in the simplest fashion."


The WSO2 Mashup Server is a powerful yet simple and quick way to tailor Web-based information to the personal needs of individuals and organizations. It is a platform for acquiring data from a variety of sources including Web Services, HTML pages, feeds and data sources, and process and combine it with other data using JavaScript with E4X XML extensions. The result is then exposed as a new Web service with rich metadata and artifacts to simplify the
creation of rich user interfaces.

WSO2 Mashup Server is released under the Apache License v2.0


Check out the project home page at http://www.wso2.org/projects/mashup for additional information.

Features List

  • Hosting of mashup services written using JavaScript with E4X XML extensions
    • Simple file based deployment model
  • JavaScript annotations to configure the deployed services
  • Auto generation of metadata and runtime resources for the deployed mashups
    • JavaScript stubs that simplify client access to the mashup service
    • Code templates for developing rich HTML or Google Gadget interfaces
    • TryIt functionality to invoke the mashup service through a web browser
    • WSDL 1.1/WSDL 2.0/XSD documents to describe the mashup service
    • API documentation
  • Ability to bundle a custom user interface for the mashups
  • Many useful Javascript Host objects that can be used when writing mashups
    • WSRequest: invoke Web services from mashup services
    • File: File storage/manipulation functionality
    • System: Set of system specific utility functions
    • Session: Ability to share objects across different service invocations
    • Scraper: Extract data from HTML pages and present in XML format
    • APPClient: Atom Publishing Protocol client to retrieve/publish Atom feeds with APP servers
    • Feed: A generic set of host objects to transparently read and create Atom and RSS feeds
    • Request: Ability get information regarding a request received
  • Support for recurring and longer-running tasks
  • Support for service lifecycles
  • Ability to secure hosted mashups using a set of commonly used security
    scenarios
  • Management console to easily manage the mashups

New in the 2.0 Release

The 2.0 version of the Mashup Server is built on top of the Award Winning WSO2 Carbon Platform. All the major features have been developed as pluggable Carbon components.

Future Directions

  • Improved tooling support.
  • An expanded toolkit of generic building-block services.
  • Lots more cool stuff...

Reporting Problems

Issues can be reported using the public JIRA available at https://wso2.org/jira/browse/MASHUP

Contact us

WSO2 Mashup Server developers can be contacted via mailing lists:


Questions can also be raised in this forum: http://www.wso2.org/forum/226.

Training

WSO2 Inc. offers a variety of professional Training Programs, including training on general Web services as well as WSO2 Mashup Server, WSO2 WSAS, WSO2 ESB, Apache Axis2, Data Services and a number of other products.

For additional support information please refer http://wso2.com/training/course-catalog/.

Support

WSO2 Inc. offers a variety of development and production support programs, ranging from Web-based support up through normal business hours, to premium 24x7 phone support. For additional support information please refer http://wso2.com/support/.



Enjoy the WSO2 Mashup Server!


- The WSO2 Mashup Server Team




Tyrell PereraThe Biz School Chronicles :: On Financial Leverage and Debt-Equity (Gearing) Ratios

The recent recession has given us enough real world examples of what happens when certain business theories are ignored for the sake of short term gains. This post from HBR, which appeared last week has excellent timing for two reasons. One; It's a nice case study practitioners can learn from (obviously). Two; It's useful for me in preparation for the semester exams, having just finished going through Financial Management. Theory around Degree of Leverage and Ratios sticks better when coupled with a real world example. Sadly, certain theories are well demonstrated by citing instances where companies failed due to ignoring them. Nevertheless, thank you Lehman Brothers (and others) for the case study on Overleverage.




Afkham AzeezSOA Workshop, Santa Clara, CA


I will be conducting the session on SOA Enterprise Architecture Patterns

Dimuthu GamageWSO2 Releases Goernance Registry 3.0.1, ESB 2.1.1, WSAS 3.1.1, IS 2.0.1 AND Mashup Server 2.0.0

WSO2 announced an another round of release of their famous SOA products.

Although the version numbers say this is minor patch release (Other than the Mashup Server which is shipping as a major release), in fact there are new features and improvements. Some basic new features shares among all of these products are

  1. Improved registry level transaction Support.
  2. Improved Support for deploying on top of Application Servers other than tomcat like WebSphere, WebLogic, and
    JBoss.
  3. Support for Eclipse P2 based provisioning. (Yes, you can add/remove features from these WSO2 products , see https://wso2.org/wiki/display/carbon/p2-based-provisioning-support for more details)
  4. Improved Remote Registry model

Danushka MenikkumburaWSO2 SOA Workshop in Santa Clara - 3rd Nov. 2009

us-soa-workshop-banner

Danushka MenikkumburaSOA Workshop - 3rd November, Santa Clara

soa-workshop-fb-img

Thilina BuddhikaWSO2 SOA Workshop – Santa Clara, CA


Are you ready to get beyond the hype surrounding Service Oriented Architecture, and learn how to actually implement a real SOA solution?

In this full-day interactive workshop, you will learn how to map specific business requirements to concrete SOA development patterns. If you’re ready to gain insight into real-world best practices for SOA, this session is for you.

us-soa-workshop-banner

Topics Covered

  • ESBs and SOA
  • SOA Security
  • Mashups and Business Process Management for SOA
  • SOA Governance
  • SOA with C, C++, PHP and more
  • SOA Enterprise Architecture Patterns

Date and Time

November 3 2009
9:00 am to 5:00 pm (Registration at 8:30 am)

Location

Network Meeting Center at Techmart
5201 Great America Parkway
Santa Clara, California 95054

Get registered today.

Sameera JayasomaWSO2 Carbon 2.0.1 family of products released!!!

WSO2 Carbon team is pleased to announce the release of WSO2 Carbon 2.0.1 and its family of products.
WSO2 Carbon is the base platform for all the above products. Based on OSGi, WSO2 Carbon gives unprecedented flexibility for users to develop customized SOA platforms.

WSO2 Web Services Application Server

WSO2 WSAS is an enterprise ready Web services engine powered by Apache Axis2. It is a lightweight, high performing platform for Service Oriented Architectures, enabling business logic and applications. Bringing together a number of Apache Web services projects, WSO2 WSAS provides a secure, transactional and reliable runtime for deploying and managing Web services.

New Features
  • Various bug fixes & enhancements to Apache Axis2, Apache Rampart, Apache Sandesha2 , WSO2 Carbon & other projects.
  • Equinox P2 based provisioning support to extend your WSAS instance by installin new P2 features. See https://wso2.org/wiki/display/carbon/p2-based-provisioning-support
  • Better integration with application servers such as WebLogic & WebSphere

WSO2 Enterprise Services Bus

WSO2 ESB is a lightweight and easy-to-use Open Source Enterprise Service Bus (ESB) available under the Apache Software License v2.0. WSO2 ESB allows administrators to simply and easily configure message routing, intermediation, transformation, logging, task scheduling, load balancing, failover routing, event brokering, etc.. The runtime has been designed to be completely asynchronous, non-blocking and streaming based on the Apache Synapse core.

WSO2 ESB 2.1.1 is developed on top of the revolutionary Carbon platform (Middleware a' la carte), and is based on the OSGi framework to achieve the better modularity for your SOA architecture. This also contains a lots of new features and many other optional components to customize the behavior of the server. Further, if you do not want any of the built in features, you can uninstall those features without any trouble. In other words, this ESB can be customized to your SOA needs.

New Features
  • This ESB release is based on the award winning WSO2 Carbon "Middleware a' la carte", an OSGi based SOA platform, version 2.0.1 by WSO2 Inc.
  • Rule based mediation via Drools
  • Fine grained autherization for services via the Entitlement mediator
  • Reliable-Messaging specification 1.1 support
  • Enhanced WS-Eventing support and Event Sources making it an even broker
  • Enhanced AJAX based sequence, endpoint and proxy service editors
  • Enhanced transport configuration management through the graphical console
  • Enhanced integrated registry and search functionalities with versionning, notifications, rating of resources, and commenting
  • Enhanced remote registry support
  • Default persistence to the registry for the configuration elements
  • Enhanced permission model with the user management
  • Enhanced REST/GET and other HTTP method support
  • P2 based OSGi feature support, for optional features like service management, runtime governance and so on..
Key Features
  • Proxy services - facilitating synchronous/asynchronous transport, interface (WSDL/Schema/Policy), message format (SOAP 1.1/1.2, POX/REST, Text, Binary), QoS (WS-Addressing/WS-Security/WS-RM) and optimization switching (MTOM/SwA).
  • Non-blocking HTTP/S transports based on Apache HttpCore for ultrafast execution and support for thousands of connections at high concurreny with constant memory usage.
  • Built in Registry/Repository, facilitating dynamic updating and reloading of the configuration and associated resources (e.g. XSLTs, XSD, WSDL, Policies, JS, Configurations ..)
  • Easily extendable via custom Java class (mediator and command)/Spring mediators, or BSF Scripting languages (Javascript, Ruby, Groovy, etc.)
  • Built in support for scheduling tasks using the Quartz scheduler.
  • Load-balancing (with or without sticky sessions)/Fail-over, and clustered Throttling and Caching support
  • WS-Security, WS-Reliable Messaging, Caching & Throttling configurable via (message/operation/service level) WS-Policies
  • Lightweight, XML and Web services centric messaging model
  • Support for industrial standards (Hessian binary web service protocol/ Financial Information eXchange protocol and optional Helth Level-7 protocol)
  • Enhanced support for the VFS(File/FTP/SFTP)/JMS/Mail transports with optional TCP/UDP transports and transport switching for any of the above transports
  • Support for message splitting & aggregation using the EIP and service callouts
  • Database lookup & store support with DBMediators with reusable database connection pools
  • WS-Eventing support with event sources and event brokering
  • Rule based mediation of the messages using the Drools rule engine
  • Transactions support via the JMS transport and Transaction mediator for database mediators
  • Internationalized GUI management console with user/permission management for configuration development and monitoring support with statistics, configurable logging and tracing
  • JMX monitoring support and JMX management capabilities like, Gracefull/Forcefull shutdown/restart

Bug Fixes and Enhancements
  • Endpoint management issues in clustered environments have been fixed (CARBON-5108)
  • Defects in DBReport, DBLookup mediator UIs have been corrected (CARBON-5084)
  • Script mediator UI has been improved to handle some exceptional scenarios (CARBON-5080)
  • XQuery mediator UI has been enhanced to handle some exceptional scenarios (CARBON-5078)
  • ESB management console has been enhanced to work properly on WebLogic application server
  • UI enhancements to support WebSphere application server
  • Sequence management UI has undergone some minor enhancements
  • Enhancements to support front end - back end separation of the server
  • Reported issues related to transaction mediator have been fixed (CARBON-4225)
  • Issues releated to task creation and management have been rectified
  • Many documentation updates and enhancements
WSO2 Governance Registry

WSO2 Governance Registry is a user-friendly, but comprehensive enterprise governance, registry and repository solution available underthe Apache Software License v2.0. It is pre-loaded with best practices to help users with governance adoption.

With the 3.0.1 release, WSO2 Governance Registry is fully integrated to the WSO2 Carbon platform. This allows WSO2 Governance Registry users to benefit from the flexibility and extensibility provided by the Carbon platform.

WSO2 Governance Registry can be either used as a complete product or used in combination with components of other WSO2 products. User specific components, extensions or UIs to the WSO2 Governance Registry can be easily added as Carbon components. We are striving for a simple and happy first time user experience as well as a satisfying experienced user experience with this release.

New Features
  • Improved transaction support.
  • Improved Support for deploying on top of WebSphere, WebLogic, and JBoss.
  • P2 based provisioning for WSO2 Carbon family of products.
  • Support for clustering.
  • Numerous bug fixes.
Key Features
  • Intuitive User Interface with an Ajax-based Web 2.0 interface
  • Dependency management - maintain relationships between dependent resources for impact analysis
  • Managing users and roles
  • Authentication and authorization on all resources and actions
  • Activity log and monitoring with filtering support for the activity logs
  • Subscribe to resources, collections, comments, tags, etc. with any standard feed reader (Bloglines, Google Reader, etc)
  • Storing and managing arbitrary resources and collections
  • Tagging, commenting and rating
  • Resource / collection versioning and rollback
  • Advanced search capabilities - tags, users, etc.
  • Built in media type support for common types (WSDL, XSD)
  • Pluggable media type handlers for handling custom media types
  • Atom Publishing Protocol (APP) support for reading/writing the data store remotely
  • Java client for remote access via APP
  • Based on the OSGi based WSO2 Carbon architecture. This is a unification of all Java based products from WSO2.
  • Advanced service governance through, discovery, impact analysis, versioning and automatically extraction of service meta data
  • Dashboard support with gadgets with design-time and run-time governance information
  • Advanced Life cycle management with checklists.
  • Validation policies. e.g. WSDL Validation, WS-I Validation and Schema Validation
  • Eventing and notifications
  • Supports remote links, symbolic links for resources
  • Attach remote WSO2 Governance Registry instances, providing oneinterface for many WSO2 Governance Registry instances
  • Support for processing custom URL patterns via pluggable URL handlers
  • Support for custom query languages via pluggable query processors
  • Import/export resources and collections
  • Enhanced admin UI
WSO2 Identity Server

WSO2 Identity Server is an open source identity and entitlement management server having Information Cards, OpenID and XACML support.

New Features
  • SAML 2.0 Token Profile support
  • Passive STS
  • Equinox P2 based provisioning support
  • Improved Support for deploying on top of WebSphere, WebLogic, and JBoss.
  • Various bug fixes and enhancements including architectural improvements to Apache Axis2, Apache Rampart, Apache Sandesha2, WSO2 Carbon and other projects
Key Features
  • Entitlement Engine with XACML 2.0 support.
  • Claim based Security Token Service.
  • Extension points for SAML assertion handling.
  • OpenID Provider
  • Information Card Provider
WSO2 Mashup Server

"Create, deploy, and consume Web services Mashups in the simplest fashion."

The WSO2 Mashup Server is a powerful yet simple and quick way to tailor Web-based information to the personal needs of individuals and organizations. It is a platform for acquiring data from a variety of sources including Web Services, HTML pages, feeds and data sources, and process and combine it with other data using JavaScript with E4X XML extensions. The result is then exposed as a new Web service with rich metadata and artifacts to simplify the creation of rich user interfaces.

Key Features
  • Hosting of mashup services written using JavaScript with E4X XML extension
  • - Simple file based deployment model
  • JavaScript annotations to configure the deployed services
  • Auto generation of metadata and runtime resources for the deployed mashups
  • - JavaScript stubs that simplify client access to the mashup service
  • - Code templates for developing rich HTML or Google Gadget interfaces
  • - TryIt functionality to invoke the mashup service through a web browser
  • - WSDL 1.1/WSDL 2.0/XSD documents to describe the mashup service
  • - API documentation
  • Ability to bundle a custom user interface for the mashups
  • Many useful Javascript Host objects that can be used when writing mashups
  • - WSRequest: invoke Web services from mashup services
  • - File: File storage/manipulation functionality
  • - System: Set of system specific utility functions
  • - Session: Ability to share objects across different service invocations
  • - Scraper: Extract data from HTML pages and present in XML format
  • - APPClient: Atom Publishing Protocol client to retrieve/publish Atom
  • feeds with APP servers
  • - Feed: A generic set of host objects to transparently read and create
  • Atom and RSS feeds
  • - Request: Ability get information regarding a request received
  • Support for recurring and longer-running tasks
  • Support for service lifecycles
  • Ability to secure hosted mashups using a set of commonly used security scenarios
  • Management console to easily manage the mashups
New Features
  • The 2.0 version of the Mashup Server is built on top of the Award Winning WSO2 Carbon Platform. All the major features have been developed as pluggable Carbon components.

How to run WSO2 Carbon family of products

  1. Extract the downloaded zip
  2. Go to the bin directory in the extracted folder
  3. Run the wso2server.sh or wso2server.bat as appropriate
  4. Point your browser to the URL https://localhost:9443/carbon
  5. Use "admin", "admin" as the username and password to login as an admin
  6. If you need to start the OSGi console with the server use the property -DosgiConsole when starting the server. The INSTALL.txt file found on the installation directory will give you a comprehensive set of options and properties that can be passed into the startup script
Mailing Lists

Join our mailing lists and correspond with the developers directly.

http://wso2.org/mail

Reporting Issues

WSO2 encourages you to report issues and your enhancement requests for the WSO2 Carbon family of products using the public Carbon JIRA. You can also watch how they are resolved, and comment on the progress..

http://wso2.org/jira/browse/CARBON

Training

WSO2 Inc. offers a variety of professional Training Programs, including training on general Web services as well as WSO2 Carbon family of Products, Apache Synapse, Apache Axis2 and number of other products.

For additional support information please refer to http://wso2.com/training

Support

WSO2 Inc. offers a variety of development and production support programs, ranging from Web-based support up through normal business hours, to premium 24x7 phone support.

For additional support information please refer to http://wso2.com/support/

For more information, visit the WSO2 Oxygen Tank (http://wso2.org)

We welcome your feedback on this implementation. Thank you for your interest in WSO2 Carbon.




Ruwan LintonWSO2 ESB 2.1.1 is Released!

So this time it is a bug fix release but with few enhancements as well called WSO2 ESB 2.1.1;

The WSO2 Enterprise Service Bus (ESB) 2.1.1 Released!

The WSO2 ESB team is pleased to announce the release of version 2.1.1 of the Open Source Enterprise Service Bus (ESB). This is an enhanced and improved release of the WSO2 ESB 2.1.0 which went out on July 2009.

WSO2 ESB is a lightweight and easy-to-use Open Source Enterprise Service Bus (ESB) available under the Apache Software License v2.0. WSO2 ESB allows administrators to simply and easily configure message routing, intermediation, transformation, logging, task scheduling, load balancing, failover routing, event brokering, etc.. The runtime has been designed to be completely asynchronous, non-blocking and streaming based on the Apache Synapse core.

WSO2 ESB 2.1.1 is developed on top of the revolutionary Carbon platform (Middleware a' la carte), and is based on the OSGi framework to achieve the better modularity for your SOA architecture. This also contains a lots of new features and many other optional components to customize the behavior of the server. Further, if you do not want any of the built in features, you can uninstall those features without any trouble. In other words, this ESB can be customized to your SOA needs.

You can download this distribution from http://wso2.org/downloads/esb and give it a try.

How to Run

  1. Extract the downloaded zip
  2. Go to the bin directory in the extracted folder
  3. Run the wso2server.sh or wso2server.bat as appropriate
  4. Point your browser to the URL https://localhost:9443/carbon
  5. Use "admin", "admin" as the username and password to login as an admin and create a user account
  6. Assign the required permissions to the user through a role
  7. If you need to start the OSGi console with the server use the property -DosgiConsole when starting the server. The INSTALL.txt file found on the installation directory will give you a comprehensive set of options and properties that can be passed into the startup script
  8. Samples configurations can be started by the wso2esb-samples script passing the sample number with the -sn option, please have a look at the samples guide for more information, on running samples

Key Features of WSO2 ESB

  • Proxy services - facilitating synchronous/asynchronous transport, interface (WSDL/Schema/Policy), message format (SOAP 1.1/1.2, POX/REST, Text, Binary), QoS (WS-Addressing/WS-Security/WS-RM) and optimization switching (MTOM/SwA).
  • Non-blocking HTTP/S transports based on Apache HttpCore for ultrafast execution and support for thousands of connections at high concurreny with constant memory usage.
  • Built in Registry/Repository, facilitating dynamic updating and reloading of the configuration and associated resources (e.g. XSLTs, XSD, WSDL, Policies, JS, Configurations ..)
  • Easily extendable via custom Java class (mediator and command)/Spring mediators, or BSF Scripting languages (Javascript, Ruby, Groovy, etc.)
  • Built in support for scheduling tasks using the Quartz scheduler.
  • Load-balancing (with or without sticky sessions)/Fail-over, and clustered Throttling and Caching support
  • WS-Security, WS-Reliable Messaging, Caching & Throttling configurable via (message/operation/service level) WS-Policies
  • Lightweight, XML and Web services centric messaging model
  • Support for industrial standards (Hessian binary web service protocol/ Financial Information eXchange protocol and optional Helth Level-7 protocol)
  • Enhanced support for the VFS(File/FTP/SFTP)/JMS/Mail transports with optional TCP/UDP transports and transport switching for any of the above transports
  • Support for message splitting & aggregation using the EIP and service callouts
  • Database lookup & store support with DBMediators with reusable database connection pools
  • WS-Eventing support with event sources and event brokering
  • Rule based mediation of the messages using the Drools rule engine
  • Transactions support via the JMS transport and Transaction mediator for database mediators
  • Internationalized GUI management console with user/permission management for configuration development and monitoring support with statistics, configurable logging and tracing
  • JMX monitoring support and JMX management capabilities like, Gracefull/Forcefull shutdown/restart

New Features of the WSO2 ESB 2.1.1

  • This ESB release is based on the award winning WSO2 Carbon "Middleware a' la carte", an OSGi based SOA platform, version 2.0.1 by WSO2 Inc.
  • Rule based mediation via Drools
  • Fine grained autherization for services via the Entitlement mediator
  • Reliable-Messaging specification 1.1 support
  • Enhanced WS-Eventing support and Event Sources making it an even broker
  • Enhanced AJAX based sequence, endpoint and proxy service editors
  • Enhanced transport configuration management through the graphical console
  • Enhanced integrated registry and search functionalities with versionning, notifications, rating of resources, and commenting
  • Enhanced remote registry support
  • Default persistence to the registry for the configuration elements
  • Enhanced permission model with the user management
  • Enhanced REST/GET and other HTTP method support
  • P2 based OSGi feature support, for optional features like service management, runtime governance and so on..

Bug Fixes and Enhancements

  • Endpoint management issues in clustered environments have been fixed (CARBON-5108)
  • Defects in DBReport, DBLookup mediator UIs have been corrected (CARBON-5084)
  • Script mediator UI has been improved to handle some exceptional scenarios (CARBON-5080)
  • XQuery mediator UI has been enhanced to handle some exceptional scenarios (CARBON-5078)
  • ESB management console has been enhanced to work properly on WebLogic application server
  • UI enhancements to support WebSphere application server
  • Sequence management UI has undergone some minor enhancements
  • Enhancements to support front end - back end separation of the server
  • Reported issues related to transaction mediator have been fixed (CARBON-4225)
  • Issues releated to task creation and management have been rectified
  • Many documentation updates and enhancements

How You Can Contribute

Mailing Lists

Join our mailing list and correspond with the developers directly.

Reporting Issues

WSO2 encourages you to report issues and your enhancement requests for the WSO2 ESB using the public JIRA.

You can also watch how they are resolved, and comment on the progress..

Discussion Forums

Alternatively, questions could be raised using the forums available.

WSO2 ESB Forum : Discussion forum for WSO2 ESB developers/users

Training

WSO2 Inc. offers a variety of professional Training Programs, including training on general Web services as well as WSO2 ESB, Apache Synapse, Apache Axis2 and number of other products.

For additional support information please refer to http://wso2.com/training/course-catalog/

Support

WSO2 Inc. offers a variety of development and production support programs, ranging from Web-based support up through normal business hours, to premium 24x7 phone support.

For additional support information please refer to http://wso2.com/support/

For more information on WSO2 ESB, visit the WSO2 Oxygen Tank (http://wso2.org)

We welcome your feedback on this implementation. Thank you for your interest in WSO2 ESB.

Denis WeerasiriConfession for the last three years at university


I passed O/L in 2002. Then A/L in 2005. Came to University of Moratuwa in 2006.
Since then, I lived on my own and I had only one ambition. It was "to do what I love, and to love what I do". And still it's same as it is. :)
Spent 1st year on studying different engineering aspects and engineering mathematics. Decided to specialize on Computer Science and Engineering field. Then spent 2nd and 3rd years at the Computer Science and Engineering department.
Then in the 2nd semester of the 3rd year we went for the industrial training. I chose WSO2 Inc. as the training place. And then I was selected to Google Summer of Code 2009.
After 10 months industrial training period we had 2 months vacation (not really :)).
So after one year of a non-academic period, the dawn of the next week is the start of the 4th academic year.
Last three years at university were awesome, and the 3rd year was AWESOME. 3rd year internship period was filled with life changing experiences. All of my colleagues would agree with me on it. As well all of us may remember how we worked hard when exams came near. :)
I became a huge fan of European, Hollywood and Sinhala movies and learned some stuffs on cinematography and still photography last year. No matter how much work I have on my back, I spend hours and hours on watching movies.

Anyway 43.5 credits to be earned and the Final year project to be completed in the next year and I'll be the same old me.
 

Charitha KankanamgeThe newest version (2.0.1) of WSO2 carbon family of prodcuts released!!

The latest version of WSO2 carbon based products were released yesterday. More info can be found at http://wso2.org/projects/carbon

New Features in This Release
----------------------------
* Improved transaction support.
* Improved Support for deploying on top of WebSphere, WebLogic, and
JBoss.
* P2 based provisioning for WSO2 Carbon family of products.
* Numerous bug fixes.

Afkham AzeezElectronic Fuel Injection (EFI) Engine Tuneup


For sometime now, I had been realizing that my vehicle's fuel economy as well as pulling power reducing. After trying out various things such as replacing all oils, filters, tuneups at the agent and so on, I was about to give up, when one of the members on the Autolanka forum, Viren, informed me about an engine tuneup garage called Bruce Motor Sports headed by Bruce Nigel, in Thalahena, Sri Lanka. My vehicle has a VVT (Variable Valve Timing) engine, which is notorious for engine sludge build up. Viren's vehicle had a VVT controller stuck at the retard position, which resulted in poor fuel economy. I suspected the same thing, and made an appoinment to have the vehicle inspected.

After removing the tappet cover, we noticed that there was no sludge buildup whatsoever, so the next thing was to connect the OBD II device to the vehicle's OBD (On Board Diagnostice) port and check the sensor data. The OBD II scanner was connected to a computer running the ScanTool software (there is a Linux version of this on SourceForge :)), while the engine was running. Bruce immediately detected that there was a problem with the injectors, and when the injectors were removed there was a thin coat of varnish like substance in the injectors. Apparently, this varnish is caused by poor fuel quality. Bruce also noticed that the engine was running rich by the reddish color of the spark plugs. Using special solvents, the injectors were cleaned and refitted. Then the throttle body, mass air floor sensor, PCV (Positive Crankcase Ventilation) valve, and the idle controller were cleaned. The fuel intake line was next hooked into the injection system cleaning machine. This machine has a 1 liter tank into which Wurth injector cleaning fluid as well as petrol was added. The engine was run at idle for a couple of hours, while the injector cleaning machine was running. The fuel filter was also checked.

Next came the thrill of taking the vehicle for a test drive down Millennium Drive, Malambe, while the OBD II diagnostics system was connected to the vehicle. Instantly, I noticed that the throttle response had improved. The engine & acceleration also felt smoother, and there was more power. We came back to the garage and replaced the spark plugs and did one more additional test drive. There was even more improvement with the new plugs. The OBD II sensor data indicated that everything was in order. The engine was well tuned!

Modern vehicles are so complicated. There are sensors everywhere, and the inputs from these sensors are fed into the ECU. The ECU decides on the amount of fuel, point at which gears are to be shifted, and everything else depending on these inputs! Apparently even the diameter of the vehicle's tires play a part in this decision making process. I was also told that the vehicle's exhaust should not be covered up with fancy exhaust tips, since that inhibits the exhaust flow, which messes up the equations!

All in all, I was a pretty satisfied customer and was also able to learn a lot by observing the process of doing an EFI engine tuneup.

Here are the details of Bruce Motor Sports.





Samisa AbeysingheFive New Products from WSO2

They are all lean. They are all open source.





Srinath PereraConfiguring Https in Axis2

If a client is connecting a https server, he has to trust the certificate of the server, and the developer has to provide the trusted certificates to the client. http://ws.apache.org/axis2/1_5/http-transport.html is the closest reference I found, which basically says look at httpclient configurations, and also thread http://www.opensubscriber.com/message/axis-dev@ws.apache.org/8077606.html discusses how to do this.

Basically Axis2 depends on commons http client security and it uses JSSE security. So setting following properties will do. However, httpclient also provides more deeper control.

System.setProperty("javax.net.ssl.trustStore",
     "/data/playground/ebay-sept30/wso2esb-2.1.0/resources/security/client-truststore.jks");
System.setProperty("javax.net.ssl.trustStorePassword","wso2carbon");

Thilina BuddhikaWSO2 Identity Server 2.0.1 Released


The WSO2 Identity Server team is pleased to announce the release of
version 2.0.1 of the Open Source WSO2 Identity Server (IS).

IS 2.0.1 release is available for download at [1].

This is based on revolutionary the WSO2 Carbon [2] framework, Middleware
a la carte’.

All the major features have been developed as pluggable Carbon components.

New Features
—————
1. SAML 2.0 Token Profile support
2. Passive STS
3. Equinox P2 based provisioning support
4. Improved Support for deploying on top of WebSphere, WebLogic, and
JBoss.
5. Various bug fixes and enhancements including architectural
improvements to Apache Axis2, Apache Rampart, Apache Sandesha2, WSO2
Carbon and other projects

Other Key Features
———————
1. Entitlement Engine with XACML 2.0 support.
2. Claim based Security Token Service.
3. Extension points for SAML assertion handling.
4. OpenID Provider
5. Information Card Provider

How to Run
——————
1. Extract the downloaded zip.
2. Go to the bin directory in the extracted folder.
3. Run the wso2server.sh or wso2server.bat as appropriate.
4. Point your browser to the URL https://localhost:9443/carbon
5. Use “admin”, “admin” as the user name and password.
6. If you need to start the OSGi console with the server use the
property -DosgiConsole when starting the server

Known issues
———————-
All the known issues have been filed here [3]. Please report any other
issues you find as JIRA entries.

Contact us
—————–
WSO2 Identity Server developers can be contacted via the mailing lists:
For Users: carbon-user@wso2.org
For Developers: carbon-dev@wso2.org

Alternatively, questions can also be raised in the Identity Server forum
at http://wso2.org/forum/308

Training
—————
WSO2 Inc. offers a variety of professional Training Programs, including
training on general Web services as well as WSO2 Identity Server,
Apache Axis2, Data Services and a number of other products. For
additional support information please refer to
http://wso2.com/training/course-catalog/

Support
————–
WSO2 Inc. offers a variety of development and production support
programs, ranging from Web-based support up through normal business
hours, to premium 24×7 phone support. For additional support information
please refer to http://wso2.com/support/

For more information on WSO2 Identity Server, visit the WSO2 Oxygen Tank[4].

Thank you for your interest in WSO2 Identity Server.

-The WSO2 Identity Server team

[1]: http://wso2.org/downloads/identity
[2]: http://wso2.org/projects/carbon
[3]: https://wso2.org/jira/browse/CARBON
[4]: http://wso2.org

Samisa AbeysingheBetter SOA Governance and ESB Integration

The latest SOA Platform release from WSO2 is made available today.

One of the key enhancements in this release is the seamless integration of the Governance Registry and the Enterprise Service Bus to facilitate smoother design time and runtime SOA governance.

This is yet another step towards strengthening the WSO2 SOA platform story.

We also have the latest Mashups Server release as part of this release, the first Carbon platform based Mashups release.

Danushka MenikkumburaWhat is an IDL?

IDL stands for Interface Definition Language or Interface Description Language. IDL is a specification language used to describe interfaces of software components in a language-neutral way enabling communication between software components that do not share a language. Two heterogeneous components can talk to each other with the aid of an IDL.

The best known IDL is WSDL (stands for Web Services Description Language) that is used in Web services. A WSDL enables a Web client written using WSO2 WSF/C++ talk to a Web service written using WSO2 WSAS. In the Web services world, interoperability is a major concern and WSDL is one of the key things that enable Web services interoperability.

MIDL is another well known text-based interface description language developed by Microsoft, based on DCE/RPC IDL. Its compiler is also called MIDL, that generates source files looking at a .idl file. The MIDL compiler and the components of the RPC development environment are installed when you install the Windows SDK.

Another IDL framework is Facebook's Thrift, an RPC framework developed at Facebook (now an open source project in the ASF Incubator) for efficient and reliable communication across programming languages. The implementation of Thrift is described in this paper.

Afkham Azeez1NZ-FE & 2NZ-FE Engines

Saliya EkanayakeJython Web Service Framework

My friend, Heshan, has done an interesting work to provide a framework extension to Axis2 which enables Jython based Web services and clients. Read more on his article (http://www.ibm.com/developerworks/web/library/wa-jython/)

Saliya EkanayakeRecord Scheme Sessions: Transcript

Ever wanted to save what you type in your Scheme interpreter? I wanted :). So after a small Google search I found these nice two commands.

To start recording type,
(transcript-on "filename")

To end recording type,
(transcript off)

That's it. Now your session is saved in the file given by you.

Eran ChinthakaWhat is your "real" IQ?

I installed one of the iPhone apps which tries to find out the IQ of a person. When answering those questions, I thought this is wrong. Why?
I think when we say a person is knowledgeable or intelligent that doesn't necessarily mean he should remember everything. No one can remember everything unless he is a maniac or some exceptional memorizer (Memorizers are not always intelligent). If some one knows the methods and has the proper tools, then getting relevant knowledge to do something using google and get things done is not a big deal. What is needed is the ability and the willingness which I think comes from experience too.
I think this is the same argument that was going on about open-book vs closed-book exams (for the record, I like open-book exams, because 1) I don't need to memorize things and 2) those exams challenges the wisdom since the lecturer has to be creative to set a good open-book exams)
Knowledge is out there and google is indexing most of them. Most people have access to internet thru laptops or thru their mobile devices, at any given time. When some one asks a question, if you don't know the answer or if you don't agree to an answer, how many times have you googled and found the right answer? Ability to find/search for the proper information and using or adapting those to solve current problems is when I call some one intelligent. This doesn't mean he should google to find the answer for 2 + 3, you know :)
This is the same reason why I like people who come for interviews and say "... I don't know about this technology X, but I strongly think I can learn it and do what you want". And also who says "... the method you suggested is good, but I found another way (on the internet or myself) and used that. These are the goods and bads"
Brainbench, IIRC, correctly tests the ability, but not the knowledge, which I think is very good.

Isuru SuriarachchiHow to use Axis2 JSON


Some time back, I implemented JSON support for Axis2 and I’ve explained about the architecture and usage of it here. But in addition to the details provided in this article, there is something that I’ve missed. I’m going to explain it in this post.

When I was implementing this feature for Axis2, the main objective was to make it easy and efficient to get the incoming JSON string from the service. That’s why I’ve used OMSourcedElementImpl with an OMDataSource. When a message comes in, JSONOMBuilder creates an OMSourcedElementImpl using JSONDataSource. So the OMElement is not built until someone forcefully do that and the JSON string can be directly accessed from the JSONDataSource without converting it to XML.

Due to this decision, the OMElement built from the incoming JSON message doesn’t know the namespace of the incoming payload. Therefore, if you try to dispatch a JSON message from the RPCMessageReceiver, it will be failed providing “namespace mismatch” error. Therefore, only the RawXMLInOutMessageReceiver can be used for JSON services. So you have to get an OMElement as the parameter for the method.

You can have a look at the JSONIntegrationTest to have an idea about this. All the other important steps are provided in the above article.

Afkham AzeezThe Anonymous Software Architect

A nice advertisement from WSO2 for recruiting software architects in Sri Lanka :)

Isuru SuriarachchiApache Axis2/Java Performance Results


Few days back, I did a performance test on Axis2/Java to compare performances of different kinds of services that can be created using Axis2. I used a service using ADB databinding, another service using Jaxbri databinding and another service using JAXWS. For simple scenarios, I tested for POJO services as well.

Test setup

* Services hosted on Tomcat 6
* Axis2 version : Trunk
* Apache bench
* Concurrency level : 30
* Measure : Requests per second
* JDK : 1.6
* OS : Ubuntu 9.04
* Memory : 8GB

Scenario 01 : Echo Integer

Five digit integer was used.

echo-int

Scenario 02 : Echo String

Length of the string was varied to create 1KB, 5KB and 10KB payloads.

echo-string

Scenario 03 : Echo complex type

An array of complex type objects were echoed. Class hierarchy consists of three levels. Tested for ADB, Jaxbri and JAXWS services using the same WSDL. Payload size was varied by increasing the number of elements in the array.

echo complex type

Footnotes