Category Archives: News

Honoring WSO2’s Long-Standing Customers by Helping Those in Need

Earlier this year at WSO2Con USA we celebrated our customers who’ve stuck with us through thick and thin for 10 long years — eBay, Kaiser Permanente, Trimble and Concur. In recognition of their long-standing relationship with us, we launched the WSO2 10-Year Customer Anniversary Undergraduate Scholarship Program — a program that offers a full undergraduate university scholarship to passionate students in Sri Lanka.

Standing by our commitment to education (we have over 100 alumni that have or are currently pursuing master’s degrees or PhDs), we figured there’s no better way to honor our customers than by helping those who need financial assistance in following their dreams of a quality education.

The fully-paid program enables the selected students to obtain a degree in Computer Science, awarded by the prestigious University of Westminster, London, UK, through Informatics Institute of Technology (IIT), Sri Lanka. The program also provides a monthly allowance paid by WSO2 to meet daily expenses and mentoring by WSO2 employees throughout their school tenure.

We partnered with IIT and began the search for the perfect candidates in early August. We received many applications from students from all walks of life but had to narrow it down to four (for the four customers). We selected the students based on their financial need, educational qualifications, and extra-curricular activities.

After a lot of deliberation, we announced the selected candidates last week! Our Congratulations go out to

  • Negeesha Divyanjalee Katulanda selected for the BSc (Hons) Computer Science course
  • Piyumi Hansika Madhubani Gamage selected for the BSc (Hons) Computer Science course
  • Chanuka Abeysinghe selected for the BEng (Hons) Software Engineering course
  • Jayasanka Buddhika Weerasinghe selected for the BSc (Hons) Computer Science course

We wish you all the best!

Why I Joined WSO2

On Tuesday, it was announced that I joined WSO2 as its CEO. This is an exciting and proud moment as it creates an opportunity to work with the (almost 500) geniuses employed by WSO2 and to engage our customers, partners, and competitors that are collectively contributing to making the massive and growing middleware segment better.

I joined WSO2 because I was inspired by the challenge to help us become a #1 provider in a competitive and technically challenging market.

My first experience with middleware was in the 90s while working at BEA, now owned by Oracle. It was an amazing experience to witness BEA’s transformation from C-based platform (Tuxedo) into the Internet, Java and JavaEE leader with Weblogic. Scott Dietzen, then the BEA CTO and recently the CEO that put Pure Storage (NYSE: PSTG) through its IPO, lead BEA’s transformational efforts to create a strategy that leapfrogged BEA ahead of alternatives.

Due to:

  1. The rapid rise of cloud, and;
  2. Rapidly changing consumption models for developers with containers, microservices, serverless, and APIs, and;
  3. The rising complexity from streaming and analytics of real-time event-driven architectures attached to exabyte architectures connected to millions of systems, and;
  4. Corporate core competencies tied to an ability to transform data into insights with machine learning,

we are on the precipice of witnessing a new wave of cloud-scale, cloud-native middleware emerging that will be as significant as the C to JavaEE transformation we witnessed in the 90s. Scott’s achievements are personally inspiring and have no small influence on my choice to undertake this mission.

Leading WSO2 through this transformation is an ambitious, challenging, and exciting opportunity that is something worthy and respectful to the ridiculous talent we have already assembled.

I led Toba Capital’s first investment into WSO2 in 2011 and have been on its board since. Through that time, it became apparent that WSO2’s innovation engine was world class and repetitively produced intellectual property that was faster, easier, and safer superior to alternatives. These advancements are a reflection of WSO2’s internal culture of constant improvement combined with its advanced talent development with university rotations where we now have 132 people (27%) that have or are currently pursuing multiple degrees, master’s degrees, or PhDs.

The rate of innovation combined with an open source business model, customer-first experience, and all delivery functions (support, consulting, training) delivered directly by our engineers has let us establish meaningful relationships with 400 world-class enterprises that represent amazing cross-sections of the global economy managing 5 trillion transactions each year with our technology. Impressively, 25% of our customers come from financial services like BNY Mellon, Credit Agricole, HSBC, and BNP Paribas who have stressed our technology stack to meet expectations imposed by a dizzying array of regulations, security, and performance requirements.

In spite of these achievements, we are the lesser known vendor. While we have near zero churn with our customers who shout our praise and have us as their strategic platform, most describe WSO2 as ‘unknown’, which is a polite way to imply ‘misunderstood’. WSO2 has not conformed to mainstream positioning, go to market, and delivery and most regard us different.
This non-conformance creates tremendous advantages WSO2 passes along to our customers, but not fully appreciated by the rest of the market:

  1. Our team-based, non-commission approach to sales ensures that our customers are always first placed ahead of compensation or the company’s bottom line;
  2. Our 100% open source platform ensures broad community participation leading to better performance, stability, and advancement;
  3. Our delivery through our engineers ensures that customers engage with experts that can fix anything instead of working through layers of management and support abstractions delaying resolution and satisfaction;
  4. We have an efficient operating model that does not depend upon cash from investors, debtors, or the public markets giving us freedom to grow in ways beneficial to our customer’s interests;
  5. Our no-politics and open culture have lead to an industry low employee turnover and rich diversity with 33% female employees and 34% of our leadership positions are held by women.

My most recent venture was Codenvy, which we sold to Red Hat in June. The people at Codenvy made it special and transformed us to the #1 vendor in a highly competitive cloud IDE space. The Codenvy journey was one where we rode the container and cloud-native wave, as the marriage between container-services and hosted developer workspaces were a combination that allowed the growth of cloud IDEs to effectively compete with desktop alternatives pushed by JetBrains and Microsoft.

Containers and cloud-native concepts are redefining the consumption models for how developers work with and deploy middleware. These technologies are causing a middleware rethink, especially in a world where orchestrators like Kubernetes and chaos monkeys scale and destroy unpredictably while the system maintains constant resiliency. For many vendors, talking cloud-native is great marketing fodder, but overlook the reality that their platform will require a reset. Our competitors with proprietary licenses and huge cash burn will struggle to demonstrate true innovation in this space.

With WSO2, we’ve been building a new cloud-native technology stack. Our open source projects include Ballerina (a programming language for integration), MSF4J (a low RAM microservice framework), Carbon (an instant boot server framework), and Siddhi (a streaming SQL framework). Collectively, they are compelling building blocks to create cloud-native middleware for integration, API management, analytics, identity and access management, and IoT.

If you are container-first, serverless, microservices, cloud-native, or developer-first … or you are an enemy to mega cloud lock-in and proprietary business models, then we will demonstrate to you middleware services that can run in any cloud, outperform any vendor, provide rock-solid stability, and backed by our customer-first, engineer-delivered business model. Please engage our team and discover why we are a hidden gem in middleware.

With the amazing people at WSO2 as the backbone, we can and will do with WSO2’s transformation that BEA did with Java.
And for those reasons?—?the people, the challenge, the technology, and the fun?—?is why I joined WSO2.

Time for a CEO Change in WSO2

Getting ready to dance with Ballerina and more with Tyler taking the lead

It is my pleasure to announce that effective today, I have stepped down from my job as CEO of WSO2 and that Tyler Jewell will be taking over. Nope; I am not going anywhere?—?I will remain as Chief Architect and will also become Chairman of the Board. Tyler will be joining the board too, of course.

Tyler Jewell, CEO of WSO2

Tyler is no stranger to WSO2 — he first reached out to me via a cold-call email in November 2010 while he was head of investments in Quest Software. Quest went on to make a $4M investment in May 2011 and Tyler joined our board at the time. After Quest was acquired by Dell, Tyler left and went to Oracle as VP of Cloud and later returned to become a partner in Toba Capital, the VC firm set up by the ex-Quest Chairman Vinny Smith after he completed the acquisition. Tyler re-joined our board then. Later, Toba acquired Dell’s investments including the WSO2 shares and became a larger shareholder. In 2013, after we fought off an acquisition offer, Toba bought the shares of Intel Capital (our first investor) and other shares and ended up as the largest shareholder of WSO2. Tyler remained on our board throughout and was a key part of surviving that acquisition challenge!

In 2013, Tyler also founded Codenvy, became its CEO and built it to become the leader in cloud IDEs and developer workspaces as a service. In June this year, he sold the company to RedHat. After successfully completing the transaction, Tyler left RedHat in August.

Was bringing Tyler on board initiated by our shareholders?

No. I reached out to Tyler, convinced him, then the board members and finally the shareholders that this is the right thing for WSO2.

I am handing WSO2 over to Tyler because I believe that this is absolutely the right thing to do for WSO2 and all its stakeholders; i.e., shareholders, employees, partners and of course our customers.

Why?

Paul and I (along with a 3rd person who’s long gone) started WSO2 more than 12 years ago. We’ve had a pretty good run in these years?—?we now have a 5-product portfolio that offers a superb digital transformation platform, 400+ customers, 490 employees, a recurring revenue business that’s growing really well and one that will be profitable this year. Yes, profitable.

Oh and Dr. Paul’s back as CTO too, after finishing his Ph.D. in IoT Security.

So we’re doing ok. OK, so why now then?

We also have a few additional rocket ships we’re building. However, let me first focus on Ballerina?—?the new programming language we’re creating.

Ballerina will end integration as we know it. It will also dramatically simplify writing microservices. Importantly, it will end the reign of configuration-over-code in enterprise app development and will make code great again. Yeah it’s a big deal.
Ballerina is what I’ve been focusing on for the last year and more. While my Ph.D. was not in programming languages, I have a long history of working on languages and really enjoy the power language creation gives to shape how people think. Ballerina embodies everything that I’ve learned in my nearly 30 years of being in the IT industry and absolutely embodies what WSO2 has learned in the last 12 years of its existence. Yeah it’s serious shit.

Um, again, why?

While I’m pretty good in technical stuff (if I may say so myself ;-)), taking such a rocket ship and positioning it to the market, driving its evangelization and making it win in the marketplace is not where I know I’m the best in the world at. I also know that a lot of that needs to happen in the US, the land where technology trends are created.

OTOH, Tyler is incredibly good at that stuff. (He’s actually pretty damned good (maybe even incredibly good) at technical stuff too .. but he really is incredibly good at that stuff.) Ballerina and WSO2 deserve to have the best in the world guiding its market leadership vision, strategy, plan and execution.

This is absolutely not just about Ballerina either. We have several other rocket ships in our portfolio and more on the way. Plus, our entire portfolio of products really is simply a hell of a lot better than anything else to digitally transform an enterprise. Tyler will, of course, own that too and will help improve the positioning, packaging and marketing of our digital transformation story to get it to market domination status. In other words, you ain’t seen nothing yet.

Tyler also understands that this is a massive long term opportunity that he’s taking on. We’re both not in a hurry?—?we have the legs and stamina to take on the market in a marathon and beat them.

That is why I’m leaving as CEO and giving control of WSO2 to Tyler.

What will I be doing?

I’m not going anywhere?—?I will be a having a ball putting 100% of my energy into my Chief Architect role, a title I gave myself a few years ago. In that role I will continue to nurture Ballerina and the rest of the WSO2 products’ overall design, architecture and scope.

At the board level I will be the chairman of the board as well.

Culture, values, Sri Lanka and all that kind of stuff

In the past twelve years I, and really all the people who’ve been part of the WSO2 journey, have built an awesome culture in WSO2 based on a set of core values that are all about doing the right thing for all stakeholders of our mission and oriented towards making the world a better place. Importantly, we’re also a culture that is always learning and always improving both at an individual level (for all involved) as well as at the company level.

It is silly to think that a change in CEO, especially the annoying, opinionated and (apparently, even though I don’t buy it) stubborn founding CEO, will not have some impact on how things will be done.

Culture is of course not a constant. Those of you have been subjected to my various preaching sessions in the last 12 years will remember this quote by Chamath Palihapitiya about culture that I’ve repeated often:

Fight for the culture the way it should be…not the way it was or the way it’s becoming.

So of course things will change, but will only change the way we all make it change.

. . .

I’ve always told people that if you want to be successful you must aim for the stars?—?and maybe you’ll at least land on the moon. The hard work of the last 12 years has us orbiting the moon, ready to slingshot off it and head for the stars.

As the founder of WSO2, I have always given it everything I had. I’m looking forward to continuing to do that and to “come home” to the technical world which I love, to help WSO2 slingshot off the moon and head for the stars.

. . .

It’s been a privilege and an honor to start a company and grow it from birth to a reasonable sized global business with operations in Sri Lanka, UK, US, and Brazil. I’ve learned a few things along the way (e.g., I’m finally able to read a P&L .. but not a balance sheet yet; it’s BS after all) and can safely say I lost no hair doing it.

I’m most thrilled, humbled and proud of the people I’ve worked with. There are so many people who’ve been here through the entire journey?—?basically never leaving after they joined. We have all grown, and not just in years, but in maturity, in smarts and just overall as human beings through the WSO2 journey.

Another aspect I’m very proud of is the more than 100 folks who’ve left WSO2 to go to graduate school. Of that, around 50 have now completed PhDs in Computer Science. I’m very bullish on people getting more and more education (and Ph.D. is hardly the end) and it’s great that so many have done that. And more are on the way?—?and many of the people who have worked in WSO2 for many years have earned PhDs of their own, even though we don’t call them doctor!

From the bottom of my heart, thank you to everyone who has made the last 12+ years amazing, awesome and incredibly educational for me.

. . .

I would be lying if I said I wasn’t feeling sad to give my baby over to someone else. From amongst all the people in the world, I believe Tyler Jewell will do a fantastic job taking this toddler and making it into a teenager!

So actually I’m not sad but excited instead. Excited at the potential we have in front of us. Excited by working with Tyler. Excited at the thought of having more time to be technical and write code again.

Exciting times ahead :-). Good luck Tyler!

Welcome Back Paul: Our old and new CTO!

Paul met Sanjiva back in 1998 (almost a lifetime ago for some!). Their shared vision for the future encouraged them to leave IBM and start up their own open source company — WSO2. They soon ramped up their first project, Apache Axis2, and became one of the most competitive middleware companies in the industry.

Paul has been with us for the most part of our journey but decided to take some time off to work on his Ph.D., something he had wanted to do for quite a while. He now comes back as Dr. Paul Fremantle, our newly reinstated CTO. “He is someone who will challenge you and expect you to challenge him back,” said Sanjiva. So we welcome you back with open arms and are looking forward to being challenged.

Here’s a little bit of what Paul has been doing over the last two and a half years. For his Ph.D. he focused on security for IoT devices. As he pointed out, we feel that buying a device gives us control over our data, but in reality, the control is with the companies that manufacture these devices. During his research and after going through a lot of painful mathematics, he was able to create a new architecture model, OAuthing, which

  • Provides a simple way for you to take ownership of the device through an improved federated identity approach for IoT
  • Creates an instance of the server that handles a device for each user (personal cloud middleware)
  • Enables pseudonymity by not having to share your identity by default

His research directly influenced the Internet Engineering Task Force (IETF) and was even partly used in our own WSO2 IoT Server!

Even with all of this going on, he managed to pick up the hobby of making musical instruments and has now leveled up from crafting ukuleles to mandolins and guitars. He says his current pet project of making a violin (one of the hardest yet) is the complete opposite of software development. In software development, if you make a mistake you can easily learn from it, iterate and fix it. But the smallest mistake in violin-making means you have to start right from the beginning all over again!

“I’ve been trying to learn patience, but I can’t seem to learn it quick enough,” jokes Paul. Glad to have you back Paul. We all look forward to working with you again.

We’re Celebrating Our People This Year!

We turned 12 last month and to celebrate this year we picked 12 amazing humans of WSO2 (by popular vote) and shared their stories. The people at WSO2 are our biggest asset and the drivers of our success. Here are some of those who have inspired us all:

Flora Ariyapala – Assistant Administration Officer

“I can’t pick the best memory. I’ve never had a bad day here. This is family. This is my home,” said Flora with a gleam in her eye while talking about her workplace — one she has been at for the past 12 years. Her stint at WSO2 is what she calls her first “proper” job. From being one of the first employees at WSO2 she has grown to be the person you look for in times of need, very similar to when you look for your mom at home. Be it having all the biscuit jars in our pantry filled, making sure you get a plaster for that scratch or looking after each and every employee like they were her own children (including the ones in their 30’s). Flora has played numerous roles in WSO2 and her unwavering dedication and affection towards the WSO2 family are admirable. We’re nothing but grateful for everything that Flora has done for us.

Nandika Jayawardana – Associate Director and Architect

You come to know a person for who they are when they are under stress or when they are in power. Nandika has been in both these situations at WSO2, mostly at the same time. Yet he’s calm and down-to-earth at all times and never projects his emotions, no matter how frustrated he is. “He’s a person who makes everyone laugh even when they’re panicking about emerging deadlines or in a “war room”,” said his team. As a starting member of the team, Nandika has proven to be a friendly, kind-hearted and knowledgeable person for the past 12 years. For a guy who’s as smart as he is, he’s surprisingly humble. He also knows what it means to be truly empathetic. When it comes to Nandika we’re told that “You surely know that you have enjoyed work life if you have worked with him.”. Thanks for being super cool, Nandika!

Jackie Wheeler – Vice President of Technical Content

Jackie is a thrill-seeker who has a wide spectrum of interests ranging from the Burning Man and bats to karaoke, skiing, and sailing. In addition to this, she’s a self-published author of four novels, a fantastic singer and a black belt in martial arts. Yes, she can kick your a** while singing about our documentation! That’s not all, she even put aside her fear of heights and went skydiving. When asked what her favorite thing at WSO2 was she said “The people. I’ve come to see Sri Lanka as a second home and the team as my extended family. We’ve had too many fun adventures and hilarious times, usually involving tuk tuks.” And we love her too; everyone raves about her leadership and writing skills. You’re a true rock star, Jackie!

Kapila Chandana – Assistant Administration Officer

Often found rushing to the scene of a faulty AC or making sure the lobby is equipped with music by The Chainsmokers or Daler Mehndi, Kapila a.k.a. KC is also a part-time comedian and Superman — in-house of course. Don’t be alarmed if you see him with a hammer or a sharp tool, this brave ex-soldier is your friendly fixer-upper for all things broken. He seems to have an ever-ready thumbs up or a salute and a Tennison Cooray-esque joke every time you greet him. He will gladly be your go-to-man when running an event or an executive business meeting, just to make sure nothing falls apart — it’s almost as if the words “no” or “can’t” don’t exist in his vocabulary. Kapila has nothing but undying love and affection towards WSO2, a place that he refers to as the “talent spot”. He’s even won the outstanding contribution award for 3 years in a row for the three and a half years he’s been here. KC, what a dude!

Asma Cader – Senior Marketing Officer

Asma Cader affectionately known as Aso exuberates confidence, isn’t afraid to speak her mind and stands up for both herself and others. Her bubbly personality is so lovable that people often overlook her constant insults. A lover of all things Disney and Pixar, she’s an avid collector of Minion merchandise and anything fluffy. She even went through a ‘Frozen’ phase where everyone had the pleasure of listening to her endlessly singing ‘Do you want to build a snowman’…for a year! But what she lacks in singing she makes up for in basketball. Her command of the sport makes her one of the best players at WSO2. She also thinks she’d be a suitable mascot for BallerinaLang and is dedicated to making it the most popular programming language out there. Thank you for being you, Aso!

Sumedha Rubasinghe – Director of IoT Architecture

Most of Sumedha’s stories can’t (and shouldn’t!) be shared in public. One that can be shared, however, is the time he convinced a team member to report his height and weight to HR, to attend a company trip! While Sumedha is famously known for his pranks, everyone agrees that he is one of the best mentors around. He identifies his team mates’ talents quickly and encourages them to work on their strengths. Sumedha is an all rounder — he’s a fantastic storyteller, an amazing singer, and conga player, a part-time banana cultivator and an IoT and API guru. The number of tools in his massive pickup truck show his enthusiasm in creating anything cool. Keep inspiring us all Sumedha!

Danesha Unantenne – Associate Lead in Administration

Danesha makes sure everyone at WSO2 is well fed and happy. Not only does she let us choose from fantastic lunch options, she hides in the pantry and eats them too…for testing purposes of course. Her inability to say no has roped her into many games of basketball, a sport she’s slowly warming up to. She recollects her favorite memory at WSO2 as the time she climbed Sanjiva’s (our CEO’s) desk to reach for chocolate stuck on the ceiling. “Fortunately he wasn’t there. He would have kicked me out,” said Danesha. She is the epitome of going the extra mile and is always willing to help you out. Her team overlooks (tries) her extraordinary gift of talking non-stop, loves her open-mindedness and considers her as a ‘machan’ (dude). We’re very lucky to have you Danesha!

Asela Pathberiya – Technical Lead

With multiple titles such as ‘one man army’, an ‘ambassador for the WSO2 security domain’, and ‘father of XACML’, Asela is an integral part of WSO2. He is a celebrity in his own right as the writer of one of the most popular blogs (http://xacmlinfo.org/) in the security space. He is also famously known for carrying a water bottle around whenever he’s overseas (not to drink, but because only toilet paper isn’t ideal). He is a mentor to many and generously shares his knowledge with everyone. Asela has been a devoted employee at WSO2 for the past 8 years and has made it his home. He has quite literally lived in each Sri Lankan WSO2 office (our snooze room and gym showers are very accommodating) and the popular belief is that had he not got married he would still be living at Palm Grove. “Although Asela worked remotely in Finland for a short period of time, he migrated back to Sri Lanka because of his attachment to the company and its people,” said a colleague. He even had a go bag with toiletries in his car whenever he had to work late. We really admire your dedication Asela!

Evanthika Amarasiri – Senior Technical Lead

Traveling from Kiribathgoda? Meet the owner of “(Evan)Thika travels”, a term coined by her colleagues who make use of her carpool service. Evanthika was born to be a mentor and has been a pseudo therapist at WSO2 for the past 10 years. She guides both newcomers and those who’ve been at WSO2 for a while. Her teammates call her their best friend and counselor and she’s known to be a hardcore techie fashionista — not a combo you see often. “The culture is what makes me love WSO2. Becoming the quality assurance lead here was pretty special too,” said Evanthika about her experience at WSO2. She’s always cheerful and is the first person to yell “I’m in” if there’s any fun activity. She gives people due credit and makes sure everyone around her is having a great time. Thank you for being a good sport, Evanthika!

Sriskandarajah Suhothayan – Associate Director and Architect

Suho is the kind of team player that hits home runs. So much so that even his intern project became a hugely successful product – WSO2 Siddhi (CEP engine) – that’s currently used by Uber. “That was pretty memorable,” recalled Suho. He’s well known for his leadership skills and intelligence and is also one of the friendliest guys with the best sense of humor. “Even though Suho’s a busy person, he always helps and advises team members on their problems,” said his colleagues. He often goes on walks where he falls into deep thinking — the faster he walks the more he thinks. Even when he sits down he starts shaking his leg to fuel his thought. Fidget spinners are clearly not for everyone. Despite his excellent work ethic, he’s rather a slob when it comes to his car, often waiting til it rains so the dirt washes off. That’s ok Suho, we get it. Thank you for prioritizing WSO2!

Dimuthu Leelarathne, Director – Solutions Architecture

“She’s one of the pillars of WSO2, is an exemplary lady and everything that WSO2 stands for. Everyone looks up to her, especially all the new female engineers” said one of Dimuthu’s team members. If there’s anyone in the team that has a “never say die” attitude, it’s Dimuthu. She wasn’t raised to be a quitter, which is evident in how she taught herself to swim…online! Dimuthu is a hard working, committed person who brings the best out of everyone she mentors. She’s fun loving and always enthusiastic about trying out new things. You can tell how much her team loves her by the song they wrote for her when she returned from maternity leave. Keep shining Dimuthu!

Sameera Jayasoma, Director – Platform Architecture

“Oka podi wadak (It’s a small job)”, Sameera said. Days into the project, everyone realizes it isn’t. It never is. We’re assuming he said the same about BallerinaLang. All stories about Sameera are R-rated and best kept a secret. We can probably talk about his talents as a cha cha dancer, but let’s not go there. The things he loves most in life can be ranked in this order: Leopards, photography (which he’s extremely talented at), table tennis and then perhaps his wife. He’s an excellent leader who drives his team while looking into every individual’s needs. His vast technical knowledge makes him a great problem solver too. But don’t expect a serious response from this brilliant mind when talking about life, he’ll most likely act dumb and avoid it. Thanks for being the cool smart you, Sameera!

We’d like to thank each and everyone — past, present and future — who have shaped and will shape WSO2 into an exciting place to work in.

Here’s to many more years of hard work and fun!

What Does WSO2 Identity Cloud Bring To The Table?

One of the things we spoke about at WSO2Con this year was the expansion of our  WSO2 public Cloud offerings. One of those offerings is WSO2 Identity Cloud, which provides the Identity and Access Management (IAM) solution from our well-known WSO2 Identity Server with the ease of use of a cloud service.

Our Initial offering is focused on providing Single Sign-On (SSO) solutions for organizations. Almost all organizations use different applications, either developed in-house or hosted applications like Salesforce and Concur. Having a centralized authentication system with SSO for all the applications increases the efficiency of maintaining systems, centralize monitoring and company security, while also making users’ lives easier.

What are the features offered by WSO2 Identity Cloud?

  • Single Sign-On support with authentication standards – SAML-2.0, OpenID Connect, and WS-Federation.
  • Admin portal provided for organization administrators to log in and configure security for applications. Pre-defined templates of security configurations are available by default for most popular SaaS apps. This list includes Salesforce, Concur, Zuora, GotoMeeting, Netsuite, AWS.
  • On-premise-user-store agent. Organizations can connect local LDAPs with Identity Cloud (without sharing LDAP credentials with Identity Cloud) and let users in the LDAP to access applications with SSO.
  • Identity Gateway.  Act as a simple application proxy that intercepts application requests and applies security checks.
  • User portal. Provides a central location for the users of an organization to log in and discover applications, while applications can be accessed with single sign-on.

Why you should go for a Cloud solution?

If you have following concerns, then a cloud solution is the best fit for you.

  • Facilitating infrastructure – you don’t have to spend money on additional infrastructure with the Cloud solution.
  • System maintenance difficulties – If you do an on-premise deployment, then there should be a dedicated team allocated to ensure the availability of the system and troubleshoot issues; with the Cloud solution, the  WSO2 Cloud team will take care of such things.
  • Timelines – Identity Cloud is tested, stable solution. This will cut down the deployment finalizing and testing times that you should spend on an on-premise deployment.

With all of this comes cost savings, especially because there’s no cost involved for infrastructure or maintenance with the cloud solution.

You can register for WSO2 Identity Cloud and try out for free – http://wso2.com/cloud/ and give us your feedback on bizdev@wso2.com or dev@wso2.org.

Introducing WSO2 Enterprise Integrator 6.0

WSO2 started out as a middleware company. Since then, we’ve realized – and championed the fact that our products enable not just technological infrastructure, but radically change how a company works.

All over the world, enterprises use our products to maximize revenue, create entirely new customer experiences and products, and interact with their employees in radically different ways. We call this digital transformation – the evolution of a company from one age to another, and our role in this has become more a technology partner than a simple software provider.

In this realization, we’ve announced WSO2 Enterprise Integrator (EI) 6.0. Enterprise Integrator brings together all of the products and technologies WSO2’s created for the enterprise integration domain – a single package of digital transformation tools closely connected together for ease of use.

When less is more

Those of you who are familiar with WSO2 products will know that we had more than 20 products across the entire middleware stack.

The rationale behind having such a wide array of products was to enable systems architects and developers to pick and choose the relevant bits that are required to build their solution architecture. These products were categorized into several broad areas such as integration, analytics, Internet of Things (IoT) and so on.

We realized that it was overwhelming for the architects and developers to figure out which products should be chosen. We also realized that digital transformation requires these products to be used in certain common patterns that mirrored five fields: Enterprise Integration, API Management, Internet of Things, Security and Smart Analytics.

In order to make things easier for everyone, we decided to match our offerings to how they’re used best. In Integration, this means we’ve combined the functionality of the WSO2 Enterprise Service Bus, Message Broker, Data Services Server and others; now, rather than including and setting up many many products to implement an enterprise integration solution you can simply download and run Enterprise Integrator 6 (EI 6.0).

What’s it got?

EI 6.0 contains service integration or service bus functionality. It has data integration, service, and app hosting, messaging, business processes, analytic and tooling. It also contains connectors which enable you to connect to external services and systems.



The package contains the following runtimes:

  1. Service Bus

Includes functionality from ESB, WSO2 Data Services Server (DSS) and WSO2 App Server (AS)

  1. Business Processes

Includes functionality of WSO2 Business Process Server (BPS).

  1. Message Broker

Includes the functionality of WSo2 Message Broker (MB). However, this is not to be used for purely message brokering solutions; this runtime is there for guaranteed delivery integration scenarios and Enterprise Integration Patterns (EIPs).

  1. Analytics

The analytics runtime for EI 6.0, useful for tracking performance, tracing mediation flows and more.

In order to provide a unified user experience, we’ve made some changes to the directory structure. This is what it looks like now:

The main runtime is the integrator or service bus runtime and all directories relevant to that runtime are at the top level.

This is very similar to the directory structure we use for other WSO2 products; the main difference is the WSO2 directory, under which the other runtimes are available.

Under the other runtimes, you find the same directory structure as the older releases of those products, as shown below.

One might ask why we’ve included multiple runtimes instead of putting everything in a single runtime. The reason for doing so is the separation of concerns. Short running, stateless integrations will be executed on the service bus runtime while long-running and possibly stateful integrations will be executed on the BPS runtime. We also have optional runtimes such as message broker and analytics which will be required only for certain integration scenarios and when analytics are required, respectively.

By leaving out unnecessary stuff, we can reduce the memory footprint and ensure that only what is required is loaded. In addition, when it comes to configuration files, only files related to a particular runtime will be available under the relevant runtime’s directory.

On the Management Console

There’s also been a change to the port that the management console uses. The 9443 servlet transport port is no longer accessible; we now use the 8243 HTTPS port. Integration services, web apps, data services and the management console are all accessible only on the passthrough transport port, which defaults to 8243.

Tooling

Eclipse-based tooling is available for the main integration and business process runtimes. For data integration, we recommend using the management console itself from the main integration runtime.


Why 6.0?

As the name implies, EI is an integration product. The most widely used product in the integration domain is the WSO2 Enterprise Service Bus (ESB), which in the industry is known to run billions of transactions per day. EI is in effect the evolution of WSO2 ESB 5.0, adding features coming from other products. Thus, it’s natural to dub this product 6.0 – the heart of it is still the same.

However, we’ve ensured that the user experience is largely similar to what it was in terms of the features of the previous generation of products.  The Carbon platform that underlies all of our products made it easy to achieve that goal.

Migration to EI 6.0

The migration cost from the older ESB, BPS, DSS and other related products to EI 6.0 is minimal. The same Synapse and Data Services languages, specifications and standards have been followed in EI 6.0. Minimal changes would be required for deploying automation scripts such as Puppet scripts -the directory structures are still very similar, and the configuration files haven’t changed.

Up Next: Enterprise Integrator 7.0

EI 6.0 is based on several languages – Synapse for mediation, BPMN and BPEL for business processes, DSS language for data integration.

A user who wants to implement an integration scenario involving mediation, business processes, and data integration has to learn several languages with different tooling. While it’s effective, we believe we can do better.

At WSO2Con 2017, we just unveiled Ballerina, an entirely new language for integration. EI 7.0 will be completely based on Ballerina – a single language and tooling experience. Now the integration developer can concentrate on the scenario, and implement it using a single language and tool with first level support for visual tooling using a sequence diagram paradigm to define integration scenarios.

However, 7.0 will come with a high migration cost. Customers who are already using WSO2 products in the integration domain can transition over to EI 6.0 – which we’ll be fully supporting – while planning on their 7.0 migration effort in the long term; the team will be working on tooling which will allow migration of major code to Ballerina.

WSO2 will continue to develop EI 6 and EI 7 in parallel. This means new features and fixes will be released as WUM updates and newer releases of the EI 6.0 family will be available over the next few years so that existing users are not forced to migrate to EI 7.0. This is analogous to how Tomcat continues to release 5.x, 6.x, 7.x and so on.


EI 6.0 is available for download at wso2.com/integration and on github.com/wso2/product-ei/releases. Try it out and let us know what you think – it’s entirely open source, so you can take a look under the hood if that takes your fancy. To report issues and make suggestions, head over to https://github.com/wso2/product-ei/issues.

Need more information? Looking to deploy WSO2 in an enterprise production environment? Contact us and we’ll get in touch with you.

 

Retailers optimize multichannel IT implementations

From the simple setup that involved using a TV and a domestic telephone line, e-commerce has greatly evolved since its introduction by Michael Aldrich in the late 1970s. Today it includes more innovative ways to shop online including mobile devices as well as connected stores.

In order to keep pace with the growing demands of today’s customers and partners, retail businesses need to deliver connected and personalized experiences across stores, the web, mobile and social channels. Becoming a connected enterprise helps to offer these experiences to consumers.

For the enterprise, a connected retail business will help to increase the reach of the business, explore and discover new business opportunities, and increase revenue. But that’s easier said than done. The complexity of the IT landscape, which consists of multiple disparate systems linked together and exposed through several interfaces and channels, pose many challenges.

Kasun Indrasiri, an architect at WSO2, authored the white paper “Connected Retail Reference Architecture,” that discusses the importance of creating a connected retail system today and explains how a complete middleware platform can help address these challenges and meet the demands of multichannel retail IT requirements.

Here are some insights from his white paper.

Among some of the key hurdles an enterprise would need to overcome to become connected is to develop transparent, collaborative, and real-time supply chains through seamless interaction with all systems to optimize underlying inventory stores. Managing multiple channels through which data and sales management are performed has also become extremely difficult due to its large scale.

To this end, a retail enterprise can adopt a comprehensive solution that will connect the dots and eventually facilitate the creation of a fully functional ecosystem. This ecosystem must contain various layers including an integration layer that allows merchandising, order management, supply chain, and distribution systems to communicate with each other. It should also have an API management layer that will be used to expose functionalities directly to customers and external users while business analytics in the analytics layer will be used to gather insightful information that’s key and relevant to the business.

Screen Shot 2016-04-26 at 3

A successful connected retail enterprise will seamlessly connect, manage and control its service layers, underlying web services, and all other business services.

An architecture such as this can help create a rich customer experience through fast delivery and checkout procedures, manage multiple channels through which data and sales management are performed, and seamlessly upload price updates so that it propagates to all parts of the retail ecosystem.

To learn more about how products within the comprehensive, open source WSO2 enterprise middleware platform can be used to meet a retail enterprise’s IT requirements, you can download Kasun’s whitepaper by visiting http://wso2.com/whitepapers/connected-retail-reference-architecture.  

 

What is new in WSO2 Identity Server 5.3.0?

Since its launch in 2007, WSO2 Identity Server (WSO2 IS) has become an industry leading product in the open source, on-premise IAM space. It’s trusted by both the government and private sectors for large scale deployments ranging up to millions of users.

Apart from the open standard support, WSO2 IS has a solid architecture to build a strong identity ecosystem around it. More than 40 connectors are now available for you to download from WSO2 Connector Store – including SMS OTP, Email OTP, TOTP (Google Authenticator), Duo Security, mePIN, RSA, FIDO U2F  – and many more. All these connectors are released under the same open source Apache 2.0 license, as of the product.

The focus of WSO2 Identity Server 5.3.0 is to build and enhance features around Identity/Account Administration and Access Governance. Here are the new features introduced in WSO2 Identity Server 5.3.0:

  • Identify and suspend user accounts that have been idle for a pre-configured amount of time. Prior to account suspension, the administrator can set up the notification system to notify the user with a warning that the account will be suspended.
    For instance, if a user has not logged in to his/her account for 90 days, the user will be notified that his account will be suspended within the next 7 days if there continues to be no activity, after which the account will be suspended.
  • A new REST API was introduced to recover a lost/forgotten password, i.e., by using email notifications or secret questions. It is also possible to recover the username if forgotten. This extends the functionality of the SOAP service WSO2 IS had before 5.3.0.
  • The administrator can trigger the password reset for a given user. This may be required if the user forgets the credentials and then makes a request to the administration to reset the password — and also in cases where the credentials get exposed to outsiders then the administrator can lock the account and enforce password reset.
  • Support for Google reCAPTCHA as a way of brute-force mitigation. The administrator can configure Google reCAPTCHA in the login, password/account recovery and sign up flows.
  • Maintain the history of the user’s passwords according to a pre-configured count. This prevents a user from using a password he/she has used in the recent past. For example, if you configure a count of 5, the user will be prevented from reusing his/her last 5 passwords as the current password.
  • The administrator can monitor all the login sessions — and can selectively terminate.
  • Enforce policies to control outbound user provisioning operations. For example, you can provision users having the salesteam role to Salesforce and anyone having an email address with the domain name foo.com to Google Apps.
  • Partition users by service providers. WSO2 IS had support for multiple user stores since its version 4.5.0. With this new feature, the administrator can specify against which user store the user should authenticate, by the service provider. For example, only the users in the foo user store will be able to access the foo service provider.
  • Enforce policies during the authentication flow. The administrator can, for example, enforce a policy which states only the users having the salesteam role can access Salesforce, and only during a weekday from 8 AM to 4 PM.
  • Improvements for the JIT provisioning flow. The administrator can now specify mandatory attribute requirements for JIT provisioning and if any of those are missing, WSO2 IS will prompt the user to enter the values for the missing attributes.
  • Improvements for identity analytics. With WSO2 IS 5.3.0 the identity administrator can get alerts for abnormal and suspicious login sessions.

In addition to the above set of features, WSO2 IS 5.3.0 also introduced a set of enhancements for its existing open standards.

  • SAML 2.0 Metadata Profile
  • SAML 2.0 Assertion Query/Request Profile
  • OpenID Connect Dynamic Client Registration
  • OAuth 2.0 Token Introspection
  • OpenID Connect Discovery
  • JSON/REST profile of XACML

WSO2 IS 5.3.0 is now the best it’s ever been. We hope you will find it quite useful to address your enterprise identity management requirements, and we’re more than happy to hear your feedback/suggestions — please feel free to post them to bizdev@wso2.com or dev@wso2.org.

Meet WSO2 EMM 2.2.0!

We’re excited to announce yet another landmark of our EMM story:  the latest version WSO2 EMM 2.2.0! WSO2 EMM comes with a host of device management, app management and analytics features that benefit IT admins as well as device owners themselves.

Let’s explore some of the new key features of this release.

Device Management

The latest release comes with improved APIs for better extensibility, advanced WiFi profiles and supports device restrictions available in Android 5.0 – Lollipop upwards.

Advanced WiFi Profiles

Some organizations prefer to configure enrolled devices over-the-air (OTA). The previous WSO2 EMM version supported only WEP (simple profile with only SSID and password input) and with 2.2.0 organizations will be able to configure enrolled devices with advanced WiFi profile types, such as EAP, WPA2 and enabling TLS/TTLS.

Device Restrictions

WSO2 EMM 2.2.0 supports all device restrictions (e.g. network configuration, VPN configuration, volume control) available from Android 5.0 – Lollipop upwards. For the complete list of supported devices restrictions, refer to our official documentation (Note: camera setting was delivered in a previous release).

App Catalog at Your Service

In the previous WSO2 EMM distribution, when a mobile application needs to be installed on a device either the admin will have to push applications to the mobile device via the WSO2 EMM Management Console or the device owner will have to be granted access to the Management Console, which is not a practical scenario.

With 2.2.0, WSO2 EMM will have a standalone mobile app called ‘App Catalog’. The App Catalog lists all mobile apps the device owner is permitted to install. Device owners will be facilitated to install mobile apps with just a click of a button and to uninstall and remove them as well.

Whitelisting and Blacklisting Apps

With this feature admins will able to whitelist and blacklist mobile apps already installed in the App Store, so that a specific set of mobile applications are provisioned to device owners. This will also enable fencing unknown malicious mobile apps from accessing corporate data.

Room to Grow – Let’s OEM

With this release WSO2 EMM unlocks a host of features capable of underpinning OEM efforts for organizations using custom Android devices as part of their business strategy (e.g. medical devices, point-of-sale devices, kiosks). Managing custom devices is two-fold; you can either maintain custom firmware or use custom apps signed by the device vendor (or by the firmware key provided by the device vendor). The 2.2.0 distribution comes with a system service app that can be installed on the device and thereby used to perform root operations on the device.

emm 2.2

Automatic Device Enrollment

With this, admins will be able initiate the device auto-enrollment by entering serial numbers via the Management Console for the required devices. Once corresponding devices are handed over to device owners, device owners will be facilitated to select the relevant serial number from the device and generate a one-time-token (OOT), which expires within a predefined duration. To complete the enrollment, you can either type in the OOT or simply scan the QR code.

This will increase the speed of enrolling a large number of devices with a few steps with less device user intervention.

Over-The-Air Firmware Upgrade

This feature will allow admins to upgrade device firmware (apps written to device ROM) via the WSO2 EMM Management Console to one/more devices in one go (e.g. a firmware upgrade to all COPE devices). Device owners, on the other hand, need not worry about manually obtaining the latest firmware, as upgrades will be auto-installed.

Silent App Installation, Update, and Removal

In the previous WSO2 EMM version, app installations would only take place subsequent to a user confirmation. With 2.2.0, apps can be installed, updated, or even removed from the device without the device owner’s consent.

Device Hard Lock

This enables admins to completely block a device user that can only be revoked by an admin. This will help organizations to screen out device users who breach organizational policies.

Device Reboot

This facilitates admins to remotely reboot Android devices via the Management Console.

How are my Devices Doing?

WSO2 EMM 2.2.0 offers an array of features to keep you up-to-date around your device portfolio.

Analytics Dashboard

The WSO2 EMM Device Monitoring Dashboard provides admins with insights into unmanaged and non-compliant devices, device distribution by platform, and BYOD/COPE ownership and connectivity.

Device Details

Admins can view both dynamic and static device related information via the WSO2 EMM Management Console. Viewable static data include memory, CPU details, and OS version. Viewable dynamic data include CPU/memory utilization, battery level, installed apps, connectivity strength, power status (i.e. on battery or plugged into a power source), and GPS location.

Alerts on Alerts

The previous WSO2 EMM Management Console facilitated admins to send alerts to Android devices; from WSO2 EMM 2.2 onwards, admins will be notified on the alert delivery and the device owner’s response to alerts as well, i.e. be notified on whether the alert was delivered, displayed, or dismissed. In addition, admins will be able to send custom alert types as well.

WSO2 Enterprise Mobility Manager (WSO2 EMM) is a 100% open source comprehensive platform supporting iOS, Android and Windows devices, which help organizations to deal with both corporate-owned, personally-enabled (COPE) devices and employee-owned devices with the bring your own device (BYOD) program.

You can download the product here and try it out for yourself. If you come across any issues please feel free to report them via the public JIRA.