Monday, April 2, 2012

Cheat-sheet : Starting WSO2-AS-4.2.1 with Activemq-5.2.2

Start Activemq
1. Download activemq from here

2. Extract the binary

3. Start activemq by going to ACTIVE_DIRECTORY_HOME/bin and issuing the command ./activemq console

Configure WSO2 AppServer
4. Download WSO2 AppServer from here

5. Extract the binary

6. Edit axis2.xml to enable JMS transport.
  1. Open CARBON_HOME/repository/conf/axis2.xml (CABRON_HOME is the location you extracted the AppServer distribution)
  2. Enable JMS transport by uncommenting follwing sections
 
   -
   -
   -
AND

7. Copy following jars from ACTIVEMQ_HOME/lib to CARBON_HOME/repository/components/lib
  1. activemq-core-5.4.2.jar
  2. geronimo-j2ee-management_1.1_spec-1.0.1.jar
  3. geronimo-jms_1.1_spec-1.1.1.jar
8. Also copy the same to CARBON_HOME/lib/api

9. Start the application server by issuing ./wso2server.sh at CARBON_HOME/bin.

By at No comments:
Labels: ,

Sunday, April 1, 2012

Hierarchical service deployment support in WSO2 AS

Hierarchical service deployment support have been enabled in WSO2 App Server-3.2.0. The advantages of this feature are; Mainly you don't need to stick to a flat structure. This means you can manage different versions of the same service, where if only the business logic of the service is changed you can keep versions. Also it lets you more efficiency in managing your content.

Following gives lot of useful details;
- Hierarchical service deployment support implementation
- Hierarchical service deployment support practical example
By at 1 comment:
Labels:

Monday, March 26, 2012

Came across log4j 1.2.15 dependancy problem

I was building a web application and in mid the build failed while downloading dependencies to log4j-1.2.15. The solution to overcome this was to exclude these dependencies. Here is how it was done.
My original pom.xml had this bit;

        
            log4j
            log4j
            1.2.15
        
        
            -
            -
            -
I added this within the dependency tag as exclusions. 

    
      javax.mail
      mail
    
    
      javax.jms
      jms
    
    
      com.sun.jdmk
      jmxtools
    
    
      com.sun.jmx
      jmxri
The reason for this problem and the solution was nicely described in here
By at No comments:
Labels: ,

Wednesday, February 8, 2012

Creating a dump and restoring an Oracle database

These days I am involved in testing a migration tool which demands in testing the application's migration against several databases. In the process it is very useful if a loaded database can be backed-up to restore later.

This is how you create a database dump of an oracle database and restore it.

1. First you need to connect to oracle as sysdba, create a user and grant him required privileges. Command line steps for creating a user and granting privileges are as below;
C:\app\Administrator\OraHome_1\BIN>sqlplus sys as sysdba;

SQL*Plus: Release 11.1.0.7.0 - Production on Tue Jan 10 17:28:47 2012

Copyright (c) 1982, 2008, Oracle.  All rights reserved.

Enter password:

Connected to:
Oracle Database 11g Enterprise Edition Release 11.1.0.7.0 - Production
With the Partitioning, OLAP, Data Mining and Real Application Testing options

SQL> drop user yumani cascade;

User dropped.

SQL> Create user yumani identified by yumani account unlock;

User created.

SQL> grant create session, dba to yumani;

Grant succeeded.

SQL> grant connect to yumani;

Grant succeeded.

SQL> exit

2.  Fill in your database with data.

3. Next, lets create a database dump. 
$ expdp yumani/yumani schemas=yumani dumpfile=yumani100112_1657.dmp
An oracle dump with the name yumani100112_1657.dmp will be created in the location that you ran the above command.

4. After backing-up if you need to restore the dump, do as below. 
$ impdp yumani/yumani schemas=yumani dumpfile=YUMANI100112_1640.DMP

By at 4 comments:

Tuesday, December 20, 2011

Adding a human readable media type to G-Reg

Adding a human readable media type is a new feature that will be available in the latest WSO2 G-Reg 4.1.1 packs.

The use of this feature comes in when you need to name you media types using something that is more readable than a technical term. For an example say we have media types such as image/x-coreldrawpattern with .pat extension and chemical/x-vamas-iso14976 with .vms extension or
application/vnd.symbian.install with .sis extension.  It is really hard to remember these names.

This difficulty can be eliminated using human readable  media types feature.

Following is how to configure this feature.

  1. Open G-Reg-HOME/repository/conf/mime.types file. This will show you all the supported the mime.types. 
  2. Select a mime type which you need to be mapped to a name of your choice.
  3. Open G-Reg-HOME/repository/conf/mime.mappings file. This is where we are going to add the new name that we are going to use for the given mime type.  The new name you add in this file will map the extension given in the mime.type file.
  4. In mime.mappings file, copy the mime-type wanted to change and tab 5 times and type the custom name. See below for an example: line 20
    #
# Copyright 2005-2011 WSO2, Inc. (http://wso2.com)
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#

# This file is to define the human readable media type for a mime type. 
# Eg:- 
# text/plain                                      txt text
application/wsdl+xml                                  mywsdl
  5. Save and close the file.
  6. Restart the server.
Lets follow these steps to witness the adjustment :)
  1. Login to G-Reg admin console
  2. Navigate to Resource > Browse
  3. Select to add a new resource.
  4. Add a new resource of the type that you adjusted above. When you select the resource you will see the media type that you gave appear in the 'media type' field. (see image below)




By at 3 comments:
Labels: , , ,

Tuesday, November 29, 2011

wso2.org article : Connecting WSO2 G-Reg to a secured & confidential external user store

The previous blog post on 'Connecting WSO2 G-Reg to a secured & confidential external user store' was made an article in wso2.org after elaborating some steps to more detail and also doing a good technical review.

Its available in here


By at No comments:

Friday, November 18, 2011

Connecting WSO2 G-Reg to a secured & confidential external user store

From Carbon 3.2.0 onwards we have an embeded LDAP user store which is accessible via port 10389 in default settings. The server also configurable to use LDAP to connect to an external user store. If we need this user store to be secured and confidential it need to be configured to connect via LDAPS.

In this post I will be demonstrating how to connect WSO2 G-REg 4.0.0 to an external user store which will be accessed via secured transport (where the tracffic is transmitted via secured transport).

As pre-requisites we will need WSO2 G-REG 4.0.0 installation which you can download from here. Also we need Apache Directory Server which, we will be using as the LDAP server. You should also have JDK 1.5 or above installed.

With pre-requisites ready, we simply have to follow the steps given below.

Step 1:
Firstly you need to install WSO2 G-Reg 4.0.0 which can be downloaded from here. Extract the .zip file to a location of your preference.

Step 2:
As I mentioned earlier also WSO2 G-Reg is already configured with an internal LDAP user store. In order to connect to an external user store we need to disconnet the existing connection. To achieve this we need to uncomment settings from usermgmt.xml and embedded-ldap.xml. These files reside in GREG_HOME/repository/conf folder.

Lets do these changes like this.
in usermgt.xml comment the default user store manager configuration which is given like below.

<UserStoreManager class="org.wso2.carbon.user.core.ldap.ApacheDSUserStoreManager">
            <Property name="ReadOnly">false</Property>
            <Property name="ConnectionURL">ldap://localhost:${Ports.EmbeddedLDAP.LDAPServerPort}</Property>
            <Property name="ConnectionName">uid=admin,ou=system</Property>
            <Property name="ConnectionPassword">admin</Property>
            <Property name="passwordHashMethod">SHA</Property>
            <Property name="UserNameListFilter">(objectClass=person)</Property>
            <Property name="UserEntryObjectClass">wso2Person</Property>
            <Property name="UserSearchBase">ou=Users,dc=wso2,dc=org</Property>
            <Property name="UserNameSearchFilter">(&amp;(objectClass=person)(uid=?))</Property>
            <Property name="UserNameAttribute">uid</Property>
            <Property name="PasswordJavaScriptRegEx">[\\S]{5,30}</Property>
            <Property name="UsernameJavaScriptRegEx">[\\S]{3,30}</Property>
            <Property name="UsernameJavaRegEx">^[^~!@#$;%^*+={}\\|\\\\&lt;&gt;]{3,30}$</Property>
            <Property name="RolenameJavaScriptRegEx">[\\S]{3,30}</Property>
            <Property name="RolenameJavaRegEx">^[^~!@#$;%^*+={}\\|\\\\&lt;&gt;]{3,30}$</Property>
            <Property name="ReadLDAPGroups">true</Property>
            <Property name="WriteLDAPGroups">true</Property>
            <Property name="EmptyRolesAllowed">true</Property>
            <Property name="GroupSearchBase">ou=Groups,dc=wso2,dc=org</Property>
            <Property name="GroupNameListFilter">(objectClass=groupOfNames)</Property>
            <Property name="GroupEntryObjectClass">groupOfNames</Property>
            <Property name="GroupNameSearchFilter">(&amp;(objectClass=groupOfNames)(cn=?))</Property>
            <Property name="GroupNameAttribute">cn</Property>
            <Property name="MembershipAttribute">member</Property>
        </UserStoreManager>


In embedded-ldap.xml you need to set "enabled" property in "EmbeddedLDAP" to false.
 <Property name="enable">true</Property>


Step 3:
Now we need to enable configurations for the externanal LDAP server. But lets wait until we configure our user store as we still don't have those details with us.

Step 4:
Now we need to install Apache Directry Studio. You can download the .zip ditribution, unzip and use it. The other choice is to use the binary installer. In my case I used the binary installer. I was taken through an installation wizard which prompted me to set locations for the inatalltion, instances and where to keep the startup, who is the default user etc.


Step 5:
Lets enable SSL in ADS. you need to navigate to ADS_INSTANCE_HOME/default/conf/ and open server.xml. Here search for 'tcpTransport address' and check if SSL is enabled. It is enabled by default. If not you need to update with this.


Step 6:
In this setup I am going to use a signed certificate to use in our LDAPS communitcation. I will be using keytool to generate the required keystore and certificates.

Since am going have my LDAP server setup with an SSL server certificate, I must obtain a signed certificate for the server. To achieve this I will be using java keytool and create a self signed certificate (a public/private key pair).

 keytool -genkey -alias carbon_server -keyalg RSA -keystore carbon_server.jks -storepass xxxxxx -validity 730


What is your first and last name?
  [Unknown]:  Yumani Ranaweera
What is the name of your organizational unit?
  [Unknown]:  QA
What is the name of your organization?
  [Unknown]:  WSO2
What is the name of your City or Locality?
  [Unknown]:  Colombo
What is the name of your State or Province?
  [Unknown]:  Western
What is the two-letter country code for this unit?
  [Unknown]:  SL
Is CN=Yumani Ranaweera, OU=QA, O=WSO2, L=Colombo, ST=Western, C=SL correct?
  [no]:  yes

Enter key password for <carbon_server>
    (RETURN if same as keystore password):  
Re-enter new password:


Step 7:
After this we need to update the LDAP server (apacheDS) configuration to use our keystore files. to do this navigate to ADS_INSTANCE_HOME/default/conf/ and open server.xml. Update "keystoreFile" in following segment;

<ldapServer id="ldapServer"

            allowAnonymousAccess="false"

            saslHost="ldap.example.com"

            saslPrincipal="ldap/ldap.example.com@EXAMPLE.COM"

            searchBaseDn="ou=users,ou=system"

            maxTimeLimit="15000"

            maxSizeLimit="1000"

            keystoreFile="/home/yumani/software/LDAP/apacheds-1.5.7_new/external_keystore/carbon_server.jks" 

            certificatePassword="secret">

After this restart Apache DS server. In my case will restart it via /etc/init.d (/etc/init.d/ldap restart;)

After the restart we can verify the connections using an LDAP browser. Lets use ApacheDirectoryStudio-linux-x86_64-1.5.2.v20091211.

Step 8:
WSO2 Carbon based products use Java Secure Socket Extension (JSSE) for SSL support. So we need to upgrade JAVA_HOME/jre/lib/security with JSSE provider.

To ensure G-Reg trusts the certificate used by the LDAP server we must install them in G-REGs trust store. So lets export the certificate using keystore.
keytool -export -keystore carbon_server.jks -alias carbon_server -file carbon_server.cer

Enter keystore password:  

Certificate stored in file <carbon_server.cer>

Then lets import this certificate to G-Reg's trust store like this:
 keytool -import -file carbon_server.cer -alias carbon_server -keystore /home/yumani/Documents/support/320/JPMDEVSPRT-31/wso2greg-4.0.0/repository/resources/security/client-truststore.jks -storepass wso2carbon

Owner: CN=yumani, OU=qa, O=wso2, L=col, ST=western, C=sl

Issuer: CN=yumani, OU=qa, O=wso2, L=col, ST=western, C=sl

Serial number: 4eba06d3

Valid from: Wed Nov 09 10:21:31 IST 2011 until: Tue Feb 07 10:21:31 IST 2012

Certificate fingerprints:

     MD5:  EB:23:58:74:3B:6A:1B:CC:26:D8:84:AE:D3:A5:AC:4D

     SHA1: 7F:73:3C:5B:BA:0B:B8:47:69:1E:12:5C:47:EB:D0:E9:C3:08:2E:AB

     Signature algorithm name: SHA1withRSA

     Version: 3

Trust this certificate? [no]:  yes

Certificate was added to keystore


Step 9:
Now that we have configured the LDAP server we need to setup and add user entries to the directory server. The guide (http://fusesource.com/docs/broker/5.3/security/LDAP-AddUserEntries.html) will show you how to complete this task.

Step 10:
Once the user store is setup we need to configure user manager in WSO2 G-Reg to connnect to it. This is how you do that:
Enable following block in G-REG_HOME/repository/conf/usermgt.xml.
        <!--UserStoreManager class="org.wso2.carbon.user.core.ldap.ApacheDSUserStoreManager">

            <Property name="ReadOnly">false</Property>

            <Property name="ConnectionURL">ldap://localhost:10389</Property>

            <Property name="ConnectionName">uid=admin,ou=system</Property>

            <Property name="ConnectionPassword">secret</Property>

            <Property name="passwordHashMethod">SHA</Property>

            <Property name="UserNameListFilter">(objectClass=person)</Property>

            <Property name="UserEntryObjectClass">inetOrgPerson</Property>

            <Property name="UserSearchBase">ou=system</Property>

            <Property name="UserNameSearchFilter">(&amp;(objectClass=person)(uid=?))</Property>

            <Property name="UserNameAttribute">uid</Property>

            <Property name="PasswordJavaScriptRegEx">[\\S]{5,30}</Property>

            <Property name="ReadLDAPGroups">true</Property>

            <Property name="WriteLDAPGroups">true</Property>

            <Property name="EmptyRolesAllowed">false</Property>

            <Property name="GroupSearchBase">ou=system</Property>

            <Property name="GroupNameListFilter">(objectClass=groupOfNames)</Property>

            <Property name="GroupEntryObjectClass">groupOfNames</Property>

            <Property name="GroupNameSearchFilter">(&amp;(objectClass=groupOfNames)(cn=?))</Property>

            <Property name="GroupNameAttribute">cn</Property>

            <Property name="MembershipAttribute">member</Property>

        </UserStoreManager-->

If you had user store configured as [1] you will need to update "UserSearchBase" property to include ou=users as well: 
     <Property name="UserSearchBase">ou=users,ou=system</Property>

 
Final step:
Alright we have everything set, lets start WSO2 G-Reg server and acces the user store.

Start carbon server as below;
wso2server.sh -Djavax.net.ssl.trustStore=/path/to/carbon/repository/resources/security/client-truststore.jks -Djavax.net.ssl.trustStorePassword=wso2carbon

Access G-Reg admin console from https://localhost:9443/


Login to the server using admin credentials (admin/admin) as specified in usermgmt.xml

You may navigate to Configure > Users and Roles > Users and see that the user store is connected!!!
By at No comments:
Labels: , ,
Location: Borupana Rd, Dehiwala-Mount Lavinia, Sri Lanka
Subscribe to: Posts (Atom)

Featured

Selenium - Page Object Model and Action Methods

  How we change this code to PageObjectModel and action classes. 1 2 3 driver . findElement ( By . id ( "userEmail" )). sendKeys (...

Popular Posts