tag:blogger.com,1999:blog-24886214111598169042024-03-12T23:52:50.657-07:00Tips & TricksAnonymoushttp://www.blogger.com/profile/12349899888328230086noreply@blogger.comBlogger4125tag:blogger.com,1999:blog-2488621411159816904.post-62704505053297701672016-11-19T11:59:00.001-08:002016-11-19T11:59:49.016-08:00Authentication & Authorization Common Service Layer for WSO2 Carbon PlatformHere we are concerning about a common authentication & authorization layer in OSGi level. So in order to use it for REST APIs, we have introduce tomcat valves to intercept all the request that come to the wso2 product and use this service to authenticate and authorize the request.<br />
<br />
Following digram explain the service details. <br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj02ZDeQEWHk3CLSp7Hi23PQCdRR120V0GpL052AjVQhOVXL-8s5q0yCUMlvM1vENti1OsCKgchg0S_ZCLCmQfqwy5jhs4Z_Vz-fA3W0IChutudheQeDwVsmbcU5RSsM-ZStEgsq4eleWs/s1600/Untitled+drawing%25281%2529.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="244" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj02ZDeQEWHk3CLSp7Hi23PQCdRR120V0GpL052AjVQhOVXL-8s5q0yCUMlvM1vENti1OsCKgchg0S_ZCLCmQfqwy5jhs4Z_Vz-fA3W0IChutudheQeDwVsmbcU5RSsM-ZStEgsq4eleWs/s640/Untitled+drawing%25281%2529.jpg" width="640" /></a></div>
<br />
<br />
There are two OSGi services that provide the authentication and authorization service based on its own handlers. Anyone can write their own handlers for both and register in OSGi.<br />
OOB, we have three authentication handlers,<br />
<br />
1. OAuth2AccessTokenHandler<br />
2. ClientCertificateBasedAuthenticationHandler <br />
3. BasicAuthenticationHandler<br />
<br />
Authorization handler based on our permission store against the user role. But anyone can write their own authorization handlers as well.<br />
<br />
As an one of usage this services was to secure rest services in WSO2 IS itself. In order to do that, we have to intercept the request by using two valves,<br />
<br />
org.wso2.carbon.identity.auth.valve.AuthenticationValve<br />
org.wso2.carbon.identity.authz.valve.AuthorizationValve<br />
<br />
So if you open the catalina-server.xml , you can see the following content<br />
<br />
<Engine name="Catalina" defaultHost="localhost"><br /><br /> <!--Realm className="org.apache.catalina.realm.MemoryRealm" pathname="${carbon.home}/repository/conf/tomcat/tomcat-users.xml"/--><br /><br /> <Realm className="org.wso2.carbon.tomcat.ext.realms.CarbonTomcatRealm"/><br /><br /> <Host name="localhost" unpackWARs="true" deployOnStartup="false" autoDeploy="false"<br /> appBase="${carbon.home}/repository/deployment/server/webapps/"><br /><br /> <Valve className="org.wso2.carbon.tomcat.ext.valves.CarbonContextCreatorValve"/><br /> <Valve className="org.apache.catalina.valves.AccessLogValve" directory="${carbon.home}/repository/logs"<br /> prefix="http_access_" suffix=".log"<br /> pattern="combined"/><br /> <Valve className="org.wso2.carbon.tomcat.ext.valves.CarbonStuckThreadDetectionValve" threshold="600"/><br /> <Valve className="org.wso2.carbon.tomcat.ext.valves.CompositeValve"/><br /><br /> <b><!-- Authentication and Authorization valve for the rest apis and we can configure context for this in identity.xml --><br /> <!--Valve className="org.wso2.carbon.identity.auth.valve.AuthenticationValve"/><br /> <Valve className="org.wso2.carbon.identity.authz.valve.AuthorizationValve"/--></b><br /> </Host><br /> </Engine><br />
<br />
Here you can enable above valves to each service to intercept the request.<br />
<br />
Then you have to specify which resource that you want to secure. To do that, you have to put the details as follows in identity.xml file.<br />
<br />
<b><ResourceAccessControl><br /> <Resource context="/api/identity/*" secured="true" http-method="all"><br /> <Permissions>/permission/admin/login</Permissions><br /> </Resource><br /> </ResourceAccessControl></b><br />
<br />
<br />
As in here, you can define which resource context(relative to the root context) must be secure under which http-methods. You can define either "all" or "post,get" like wise. And you can enable /disable the security on this context.<br />
<br />
Then you can define which permission string should be under your role to authorize this resource by specifying Permission string in comma separated list.<br /><br />
<br />
<br />Anonymoushttp://www.blogger.com/profile/12349899888328230086noreply@blogger.com0tag:blogger.com,1999:blog-2488621411159816904.post-18427327405205613492013-08-06T10:45:00.001-07:002014-01-28T07:50:14.364-08:00Data Source create on WSO2 products in remote manner<div class="separator" style="clear: both; text-align: center;">
</div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiJzLPy1fT5_2pr2QZ9tszu19UJrOtZexp9snUl7LF705VvQosk8VobzgU1xPbKi2AgBb6BY0RBLYffIaB1i1ZsRFEeKooGP7rc13UebuEkxBIgBpaJZrs7iWO68NOStiZ5QqaAZ9CubTw/s1600/header-logo.gif.png" imageanchor="1" style="clear: right; float: right; margin-bottom: 1em; margin-left: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiJzLPy1fT5_2pr2QZ9tszu19UJrOtZexp9snUl7LF705VvQosk8VobzgU1xPbKi2AgBb6BY0RBLYffIaB1i1ZsRFEeKooGP7rc13UebuEkxBIgBpaJZrs7iWO68NOStiZ5QqaAZ9CubTw/s1600/header-logo.gif.png" height="32" width="200" /></a><i><b></b></i></div>
<br />
<br />
<br />
In WSO2 products , we can configured DataSources with lot of features. We can do it using Admin Console in those products.<br />
<br />
But sometimes we want to do it remotely like in automated deployment enlivenment. Then we can use a service to that provided by the Admin Services.<br />
<br />
Using curl command.<br />
<br />
<br />
<span style="color: #073763;"><span style="background-color: white;"><b><span style="color: black;">curl -k -u admin:admin -d @datasourceconfig.xml -H "Content-Type: application/xml action=addDataSource" https://hostname:9443/services/NDataSourceAdmin</span></b></span></span><i><span style="color: #999999;"></span></i><br />
<i><span style="color: #999999;"></span></i><br />
<i><span style="color: #999999;"><br /><span style="background-color: white;"><span style="background-color: white;">datasourceconfig.xml</span></span></span></i><br />
<span style="color: #073763;"><span style="background-color: white;"><span style="color: #073763;"><span style="background-color: white;"><b><span style="color: black;"><br /></span></b></span></span></span></span>
<span style="color: #073763;"><span style="background-color: white;"><span style="color: #073763;"><span style="background-color: white;"><b><span style="color: black;"> </span></b></span></span><xsd:addDataSource xmlns:xsd="http://org.apache.axis2/xsd"<br /> xmlns:xsd1="http://services.core.ndatasource.carbon.wso2.org/xsd"<br /> xmlns:xsd2="http://core.ndatasource.carbon.wso2.org/xsd"><br /> <xsd:dsmInfo><br /> <xsd1:definition><br /> <xsd1:dsXMLConfiguration><br /> <![CDATA[<configuration><br /> <url>jdbc:mysql://localhost:3306/dbname</url><br /> <username>root</username><br /> <password>root</password><br /> <driverClassName>com.mysql.jdbc.Driver</driverClassName><br /> <maxActive>50</maxActive><br /> <maxWait>60000</maxWait><br /> <testOnBorrow>true</testOnBorrow><br /> <validationQuery>SELECT 1</validationQuery><br /> <validationInterval>30000</validationInterval><br /> </configuration>]]><br /> </xsd1:dsXMLConfiguration><br /> <xsd1:type>RDBMS</xsd1:type><br /> </xsd1:definition><br /> <xsd1:description>description</xsd1:description><br /> <xsd1:jndiConfig><br /> <xsd2:name>... JNDI Name here ..</xsd2:name><br /> <xsd2:useDataSourceFactory>false</xsd2:useDataSourceFactory><br /> </xsd1:jndiConfig><br /> <xsd1:name>... DataSourceName Here ..</xsd1:name><br /> <xsd1:system>false</xsd1:system><br /> </xsd:dsmInfo><br /></xsd:addDataSource> </span></span><br />
<br />Anonymoushttp://www.blogger.com/profile/12349899888328230086noreply@blogger.com0Sri Lanka7.8730539999999989 80.7717969999999923.8497194999999991 75.608223 11.896388499999999 85.935370999999989tag:blogger.com,1999:blog-2488621411159816904.post-56824024896517532722013-08-05T22:44:00.003-07:002014-01-28T07:30:43.819-08:00Generic Queue & Consumer Implementation using Java<br />
Here I have implemented a generic queue and consumer using Java. <br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg0Ze3tB10q_oOX01afvNfhwvKbq-zKw0_JrnT6iCyzQQNKsrWCjZHWZdbxvucyGgjwpIBct18ZrtutF5BuNP2bJnVF9J-M5ePPH7QF8yx4KBS1u1TeTvgsDIrS8G0M0SprEhYeDvC24UQ/s1600/QueueDiagram.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg0Ze3tB10q_oOX01afvNfhwvKbq-zKw0_JrnT6iCyzQQNKsrWCjZHWZdbxvucyGgjwpIBct18ZrtutF5BuNP2bJnVF9J-M5ePPH7QF8yx4KBS1u1TeTvgsDIrS8G0M0SprEhYeDvC24UQ/s320/QueueDiagram.jpg" height="240" width="320" /></a></div>
Java Implementation Source Code<br />
<a href="https://github.com/harsha1979/lightweightqueue">https://github.com/harsha1979/lightweightqueue.git</a><br />
<br />
<br />
<b> //Create an ExecutionEngine and start.<br /><br />boolean isAutoStart = false ;<br />boolean isAutoRestart = false ;</b><br />
<b><br />//Time Delay in Millisecond<br />int timeDelay = 100 ;<br />int queueLength - 100 ;<br /><br />//ExecutorImpl is an implementation of the Executor to do the task when the executor do execute.<br /><br />Executor executor = new ExecutorImpl();<br /><br />ExecutionEngine executionEngine = new ExecutionEngine<CustomBean>(executor,isAutoStart, isAutoRestart,timeDelay,queueLength);<br /><br />executionEngine.startEngine();<br /><br />//Put an element to the queue<br />CustomBean customBean = new CustomBean();<br />executionEngine.getSynchQueue().put(customBean);</b>Anonymoushttp://www.blogger.com/profile/12349899888328230086noreply@blogger.com0tag:blogger.com,1999:blog-2488621411159816904.post-86803177573809218362013-08-05T20:53:00.003-07:002013-08-06T10:59:48.178-07:00VI Editor <h3>
<b>Few commands.</b> </h3>
vi file Invoke vi on file<br />
vi file1 file2 Invoke vi on files sequentially<br />
view file Invoke vi on file in read-only mode<br />
vi -R file Invoke vi on file in read-only mode<br />
vi -r file Recover file and recent edits after a<br />
crash<br />
vi -t tag Look up tag and start editing at its<br />
definition<br />
vi -w n Set the window size to n; useful over a<br />
slow connection<br />
vi + file Open file at last line<br />
vi +n file Open file directly at line number n<br />
vi -c command file Open file, execute command, which is<br />
usually a search command or line num-<br />
ber (POSIX)<br />
vi +/pattern file Open file directly at pattern<br />
ex file Invoke ex on file<br />
ex - file < script Invoke ex on file, taking commands<br />
from script; suppress informative mes-<br />
sages and prompts<br />
ex -s file < script Invoke ex on file, taking commands<br />
from script; suppress informative mes-<br />
sages and prompts (POSIX)Anonymoushttp://www.blogger.com/profile/12349899888328230086noreply@blogger.com0