Sunday, June 30, 2013

http_access logs



http_access logs files are prefixed with “http_access_”. These files include access information for the server. We can get the access information for webapps also from this. These logs rotates on daily basis.

In Carbon 4.0.* based products, you can disable http access logs by removing the following entry from catalina-server.xml which is located in $CARBON_HOME/repository/conf/tomcat.
<valve classname="org.apache.catalina.valves.AccessLogValve" directory="${carbon.home}/repository/logs" prefix="http_access_" suffix=".log" pattern="combined"/>


For the products which uses nhttp transport (Ex. WSO2 ESB) you also have to define the below entry in log4j.properties file.
log4j.logger.org.apache.synapse.transport.nhttp.Access=WARN
log4j.properties file is located in $CARBON_HOME/repository/conf/

Pointing the correct jars to your classpath

Add relevant $CARBON_HOME/repository/lib jars to your classpath after running "ant" command in $CARBON_HOME/bin

Tuesday, June 18, 2013

Connecting to Active Directory in READ-ONLY mode

When connecting to AD in readOnly mode we need to use the configuration used for "External LDAP as the user store in READ ONLY mode", which is commented in usermgmt.xml by default.

We also need to set values for admin role to connect to Active Directory Server
 <AdminRole>admin</AdminRole>
                <AdminUser>
                     <UserName>support</UserName>
                     <Password>XXXXXX</Password>
                </AdminUser>

In here we need to specify a user who exists in our active directory server. He need not be the administrator user of the AD server. This user will be the admin user of the carbon server. We need not to specify the password here. It can be left as 'XXXX'.

This admin user must be in the user search base ("UserSearchBase") that is configured in user store manager configuration.

In the UserStore configuration also we need to update the properties to match the connecting active directory server.
        <UserStoreManager class="org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager">
            <Property name="ReadOnly">true</Property>
            <Property name="MaxUserNameListLength">100</Property>
            <Property name="ConnectionURL">ldap://10.100.3.131:389</Property>
            <Property name="ConnectionName">CN=Administrator,CN=Users,DC=wso2,DC=test</Property>
            <Property name="ConnectionPassword">pass#word1</Property>
            <Property name="passwordHashMethod">PLAIN_TEXT</Property>
            <Property name="UserSearchBase">CN=Users,DC=wso2,DC=test</Property>
            <Property name="UserNameListFilter">(objectClass=person)</Property>
            <Property name="UserNameAttribute">cn</Property>
            <Property name="ReadLDAPGroups">true</Property>
            <Property name="GroupSearchBase">CN=Users,DC=wso2,DC=test</Property>
            <Property name="GroupNameListFilter">(objectClass=groupOfNames)</Property>
            <Property name="GroupNameAttribute">cn</Property>
            <Property name="MembershipAttribute">member</Property>
            <Property name="UserRolesCacheEnabled">true</Property>
            <Property name="ReplaceEscapeCharactersAtUserLogin">true</Property>
           <Property name="maxFailedLoginAttempt">0</Property>   
           <Property name="Referral">throw</Property>
           <Property name="DomainName">wso2</Property>
        </UserStoreManager>UserRolesCacheEnabled

i) ConnectionURL
This should have the format of ldap://<AD host-ip>:<AD_listen_port>

In failing to connect to AD server you might get this error [E1]

If you need to validate the listen port you can use portqry utility which is a command-line tool troubleshoot TCP/IP connectivity issues.  Use following command to validate if the port is open and listening:
portqry -n <hostIP> -p udp -e 389
If it resolves the port to the LDAP service, it sends an unformatted user datagram to UDP port 389 on the target system. More Infor [1]


ii) ConnectionName 
This should specify an account that can browse and search your active directory user and group bases. Also this need to be given using relative distinguished names. For an example my ConnectionName is 'CN=Administrator,CN=Users,DC=wso2,DC=test'. How this was worked out is: DC is to demote DNS Name (prefixed as Domain Component). So my DNS name is wso2.test. This makes up DC=wso2,DC=test.

Then in my domain Component, Users directory resides in the root and I have 'Administrator' user in there. So the user account and the folder highrachy to reach it can be made up as: CN=Administrator,CN=Users

So this makes us: ConnectionName=CN=Administrator,CN=Users,DC=wso2,DC=test

You are most likely to get this error [E2] when there is a misconfiguration in this.

iii) ConnectionPassword 
Is the password of above user (Administrator's password in my case)

iv) UserSearchBase
This also should be specified using distinguished name. It should be the folder which should be searched for the users.

v) UserNameAttribute
The attribute used to name users

vi) GroupSearchBase
Distinguished name of the object that holds the groups. In my case it is 'Users'.

v) ReadLDAPGroups
- This property is related to <AdminRole> configurations.
1. If "ReadLDAPGroups" is set to true, This role can be a role from AD, If this role is in the group search based ("GroupSearchBase"). Then <AdminUser> must be assigned to this role from the AD level.

2. If "ReadLDAPGroups" is set to false. Then this role can be an internal role of Carbon.Then while starting server, role is created as internal role and assigned <AdminUser> to it. This mapping kept internally in the user mgt database


[1] - http://support.microsoft.com/kb/816103

[E1] -
[2013-06-18 13:54:18,002] ERROR {org.wso2.carbon.user.core.ldap.LDAPConnectionContext} -  Error obtaining connection for the second time10.100.3.131:10389
javax.naming.CommunicationException: 10.100.3.131:10389 [Root exception is java.net.ConnectException: Connection timed out]
    at com.sun.jndi.ldap.Connection.<init>(Connection.java:223)
    at com.sun.jndi.ldap.LdapClient.<init>(LdapClient.java:136)
    at com.sun.jndi.ldap.LdapClientFactory.createPooledConnection(LdapClientFactory.java:64)
    .
    .
    .
    .
    .
Caused by: java.net.ConnectException: Connection timed out
    at java.net.PlainSocketImpl.socketConnect(Native Method)
    at java.net.AbstractPlainSocketImpl.doConnect(AbstractPlainSocketImpl.java:337)
    at java.net.AbstractPlainSocketImpl.connectToAddress(AbstractPlainSocketImpl.java:198)
    at java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:180)
    at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:391)
    at java.net.Socket.connect(Socket.java:579)
    at java.net.Socket.connect(Socket.java:528)
    at java.net.Socket.<init>(Socket.java:425)
    at java.net.Socket.<init>(Socket.java:208)
    at com.sun.jndi.ldap.Connection.createSocket(Connection.java:365)
    at com.sun.jndi.ldap.Connection.<init>(Connection.java:200)
    ... 47 more



[2] -
2013-06-18 15:29:11,484] ERROR {org.wso2.carbon.user.core.ldap.LDAPConnectionContext} -  Error obtaining connection. [LDAP: error code 49 - 80090308: LdapErr: DSID-0C0903AA, comment: AcceptSecurityContext error, data 525, v1771]
javax.naming.AuthenticationException: [LDAP: error code 49 - 80090308: LdapErr: DSID-0C0903AA, comment: AcceptSecurityContext error, data 525, v1771]
    at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3087)
    at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:3033)
    .
    .

Saturday, June 15, 2013

How to enable wire level loggers/debug loggers.

Enable/set the following properties in ESB_HOME/repository/conf/log4j.properties to enable wire level loggers/debug loggers.

log4j.logger.org.apache.synapse.transport.nhttp.headers=DEBUG
log4j.logger.org.apache.synapse.transport.nhttp.wire=DEBUG
log4j.logger.org.apache.synapse.transport.passthru.headers=DEBUG
log4j.logger.org.apache.synapse.transport.passthru.wire=DEBUG
log4j.logger.org.apache.axis2.transport.mail=DEBUG

Wednesday, November 21, 2012

DevS administration within eclipse


This post is to tell bits about how to remove older versions of DevS from eclipse and get new once installed. Also how to patch an existing version.

Recently I wanted to use wso2-developer-studio-2.1.0 and in my eclipse IDE I had a previous version of the DevStudio already installed.

This is how I removed old plugins and added new ones.

1. In eclipse IDE, go to Help > Install New Software ...
2. you will get 'install' window and at the bottom of it, you will get a link to get already installed software.



3. When you click on this link, it will give you all the listed software. Simply select all WSO2 plugins from this and say uninstall.



4. Restart eclipse, get back to 'Install New software' option from 'Help' menu and add the new version. If not downloaded, you could take it from here.

5. This post explains how to add wso2 plugins to eclipse.


6. If you are to patch the existing version with a bug fix; Firstly you need to download the patch and read the instruction given in its README. You will need to copy patched jars to relevant location.

7. Then for the changes to get applied you need to start eclipse with -clean option.

./eclipse -clean

Thats it!

Friday, October 19, 2012

Use remap when you don't want to replace existing schema


You might be taking periodic backups of your database and might need to restore backups as well. In such situations, if you do not need to overwrite existing data remap command can be used with impdp.There are options only to restore a specific set of tables. In here I will show how to restore the whole schema without replacing the existing.

1. First it is required a directory to be created so that all the exports stored in that directory and all the import dumps also will be read from the same. 
Follow this to create the directories and grant access.

2. Then lets create a backup of an existing schema. I've explained the backing-up procedure here. Else you can use following.
EXPDP X/X SCHEMAS=SCHEMA(S)_TO_IMPORT DUMPFILE=DUMPFILE_TO_IMPORT_FROM

e.g
expdp spfix/spfix schemas=spfix dumpfile=spfix_030812.dmp 


3. Now, our plan is to restore the dump on a new schema. So lets create a new user and grant access.

SQL> Create user yumani identified by yumani account unlock;

User created.

SQL> grant create session, dba to yumani;

Grant succeeded.

SQL> grant connect to yumani;

Grant succeeded.


  3. Let's restore the backup

Use this command to restore the backup using the schema you created above,
IMPDP REMAP_SCHEMA=OLD_OWNER:NEW_OWNER  DUMPFILE=DUMFILE.DMP NOLOGFILE=Y 

e.g
impdp yumani/yumani@daniddb schemas=yumani remap_schema=yumani:yumani1 dumpfile=yumani_120812.dmp NOLOGFILE=Y



Sunday, August 19, 2012

Senior Software Engineers, Technical Leads and Architects !!!

WSO2 is on the look out for passionate Senior Software Engineers, Technical Leads and Architects!!

We are looking for experienced Senior Software Engineers, Technical Leads and Architects to join our dynamic team. Minimum 4+ years of work experience required. You will be working with a dynamic team in an innovative and fast-paced environment.

If interested please email jobs@wso2.com – Subject – Post of SSE/TL/Architect.

Tuesday, August 7, 2012

ORA-30036: unable to extend segment by 8 in undo tablespace 'UNDO'



Came across this error while executing an oracle script:

ORA-30036: unable to extend segment by 8 in undo tablespace 'UNDO'
ORA-06512: at line 13


Reason:
tablespace 'UNDO' is reaching limits

Tablespaces view from http://127.0.0.1:8080/apex/










Solution:
You should resize the UNDO tablespace size. Execute this as sysdba.
SQL> alter database datafile '/usr/lib/oracle/xe/app/oracle/product/10.2.0/server/dbs/bigtbs_f2.dat' 
      AUTOEXTEND ON MAXSIZE 10000M;


Also could add a datafile to UNDO tablespace if you have room. But I haven't tried this.


Monday, July 23, 2012

Setting-up email notifications for subsciptions made on resources/collections in WSO2 G-REG

In my last post I explained how to create a subscription. I also mentioned that there exists different types of notification and promised to explain them in proceeding posts.

So here as promised. Lets try out email notifications in this post.

1. As the first step we need to enable mail transport in axis2.xml. In latest carbon products this file is appearing in CARBON_HOME/repository/conf/axis2.

Open axis2.xml and uncomment mail transport receiver and sender like this.

 

    


 
        synapse.demo.1@gmail.com
        synapse.demo.1
        mailpassword
        smtp.gmail.com

        587
        true
        true
    




2. Restart the server after changing axis2.xml

3. Now login to Management Console, navigate to a resource that you need to subscribe for email notifications.

For the demonstration I am navigating to the same folder that I used in the previous example.

I am creating a child folder in it as am also going to show you how you would receive notifications on the changes\updates happened to child folders as well.

So here is my structure in registry.




4. Let's subscribe. In my scenario; I will subscribe to /_system/yumani_images/ to track LC creation. I will be having a hierarchical subscription. 



5. Having subscribed; Now lets test it. Let's add a life-cycle to a child within the collection "yumani_images". Below is a view from the 'Notifications' list.



After adding the life-cycle you should get an email to the mail id that you used while subscribing.

Since I had a hierarchical subscription I got a notification over an event (life-cycle inclusion) that happened to a child level resource.


 

Tuesday, July 17, 2012

Adding a subscritption to a resource\collection in WSO2 G-Reg

In WSO2 Governance registry you get a community feature which allows you to subscribe to any resource/collection to keep an eye on certain events that occur over the resource/collection. For these subscriptions you get a notification of your preferenced type as soon as the relevant event occurs.

Lets see how you subscribe and sign for a notification.

1. Extract WSO2 G-Reg if you already have it.  G-Reg 4.5.0 packs are being worked on these days and latest alpha2 packs are available at [1].

2. Start the server by running wso2server.sh in GREG_HOME/bin

3. Login to the admin console. Lets use default admin user/pass (admin/admin)

4. In the Admin Console, access to registry browser by navigating to Home>Resources>Browse




Now, if we recalled our purpose; we wanted to subscribe to a resource and have RESTful notifications on the changes that happen to the resource.

5. OK so lets create a resource or a collection to keep an eye on :D. I'm going to have a collection called yumani_images under /_system



6. Once the resource\collection is created you will be able to see the community features belonging to it.

7. You will also see "Subscriptions" panel as one of them.



8. Click on 'Add Subscription" link.

9. Select an event. It has many but self explanatory event types. Nevertheless heres a briefing too.
  • Check LC item -  Selecting an item from a life cycle state. You need to have a life cycle added to the resource\collection to achieve this.
  • Uncheck LC item - De-selecting an item from a life cycle state. You need to have a life cycle added to the resource\collection to achieve this.
  • Create Child - Creating a collection\resource inside the collection in concern.
  • Delete Child - - Creating a collection\resource inside the collection in concern.
  • Delete - Deleting the collection\resource in concern.
  • Create LC - Adding a life cycle to the resource\collection.
  • Delete LC - Removing an existing life cycle from the resource\collection
  • Change LC State - Promoting or demoting to a different stage in the life cycle which is associated to the resource\collection.
  • Update  - Any update to the resource\collection. This can be a version change, a community update such as a rating, comment etc.


 10. Then select the notification type. I will explain how each notification type is used, in my next posts.

11. Next is "Hierarchical subscription method. At the moment we have 3 levels of hierarchies.
  • Collection only
  • Collection and Children only
  • Collection, Children and Grand Children

12. Once this is saved you will have a subscription created for the resource\collection.



Like above we can create any number of subscriptions for different events that need to be tracked.

13. After the subscription is created you can manage it from Configure>Notifications. This page lists all the available subscriptions and allows you to add\edit\delete them.




 
Hope I was clear enough. Please await for more details in next posts !



[1] - https://svn.wso2.org/repos/wso2/people/ajith/greg-4.5.0/alpha-2/pack/



Wednesday, July 4, 2012

jaggeryjs.org/tryitview.jag

Today I am going to introduce http://jaggeryjs.org/tryitview tool.

Tryit tool has always been a part of  WSO2 products. It is a client application which lets you invoke and test a service after providing data to the payload that the tool itself is generating by looking at the service source.

http://jaggeryjs.org/tryitview is available in WSO2 Jaggery Runtime.  It is to test jaggery applications.  You need to simply paste the application source on the editor and invoke using tryit button. The results pane will display the outcome with any available HTML also rendered.

Now that we know what it is, lets have a tour (a technical tour :) )

  • Access tryit tool
    • You can do this by simply hitting  http://jaggeryjs.org/tryitview OR
    • By accessing jaggery run-time server. For this you need to;
      •  download WSO2 Jaggery alpha pack
      •  extract it
      •  run bin/server.sh.  
      •  access http://localhost:9763/tryitview.jag

  •  In the tryit view, paste your code and invoke using the 'tryit' button at the left corner.
  • Sample code segment is here


<%
 print('Hi, 

Jaggery

') var obj = {"name": "Madhuka", "company":"WSO2"}; print(obj); %>
  • In the above you don't have to pass any query params along with your request. But if you do, then you can use "Add Query String' option in the top.


  • Lets try this using following code. 
<% 

 var content = request.getParameter("cont");
 var to = request.getParameter("to");
 var subject = request.getParameter("sub");
 
 var email = require("email");
 //Add valid credentials
 var sender = new email.Sender("smtp.gmail.com", "25", "yumani@wso2.com", "ssfsdfsdfsdfd1");
 
 //Fill the correct information
 sender.from = "yumani@wso2.com";
 sender.to = to;
 sender.cc = to;
 sender.bcc = to;
 sender.subject = subject;
 sender.text = content;
 sender.send();
 
 print("email successfully sent to " + to); 
 %>


  • My query string for the source is - 
  • cont=xwww&to=yumani@wso2.com&sub=test  


    Guess you enjoyed !! You are open to try out various samples we have in  http://jaggeryjs.org/documentation.jag




    Monday, April 2, 2012

    Cheat-sheet : Starting WSO2-AS-4.2.1 with Activemq-5.2.2

    Start Activemq
    1. Download activemq from here

    2. Extract the binary

    3. Start activemq by going to ACTIVE_DIRECTORY_HOME/bin and issuing the command ./activemq console

    Configure WSO2 AppServer
    4. Download WSO2 AppServer from here

    5. Extract the binary

    6. Edit axis2.xml to enable JMS transport.
    1. Open CARBON_HOME/repository/conf/axis2.xml (CABRON_HOME is the location you extracted the AppServer distribution)
    2. Enable JMS transport by uncommenting follwing sections
     
       -
       -
       -
     
    
    AND
     
    

    7. Copy following jars from ACTIVEMQ_HOME/lib to CARBON_HOME/repository/components/lib
    1. activemq-core-5.4.2.jar
    2. geronimo-j2ee-management_1.1_spec-1.0.1.jar
    3. geronimo-jms_1.1_spec-1.1.1.jar
    8. Also copy the same to CARBON_HOME/lib/api

    9. Start the application server by issuing ./wso2server.sh at CARBON_HOME/bin.

    Featured

    Selenium - Page Object Model and Action Methods

      How we change this code to PageObjectModel and action classes. 1 2 3 driver . findElement ( By . id ( "userEmail" )). sendKeys (...

    Popular Posts