Write a Simple BPEL Project with WSO2 Developer Studio and Deploy it in WSO2 BPS

Prerequisites:

• A simple up and running Webservice (Refer this post to if you want to learn how to write a simple Axis2 Webservice with Eclipse)
• WSO2 BPS
• WSO2 developer studio plug-in installed Eclipse
• Apache Tomcat 7.0.47
• Apache ODE war distribution
• JDK 1.7/1.6

Create New Server Runtime Environment for Apache ODE

1. Copy the ode.war to apache-tomcat-7.0.47/webapps directory and start the server. when you see the ode directory created under apache-tomcat-7.0.47/webapps directory, stop the server.

2. Configure the server runtime as follows:

Create BPEL Project

 1. Create a new BPEL project as follows:

2. In the next dialog, provide a project name and select the target runtime as Apache ODE. Click Finish.

3. Write click on the project and create a "New BPEL process file" (Same as step 1). Fill the dialog accordingly and make sure you select the Template to 'Synchronous BPEL Process' and click finish.

4. Copy the Hello.wsdl file inside bpelContent folder in Eclipse project.

Sample Hello.wsdl is attached.

5. Open the .bpel file design view. You should be able to see the Palette in the workspace with all the gadgets required to create the BPEL workflow.

6. Drag and drop two Assign actions and an Invoke action as follows:

7. Click on Invoke and rename it to 'invokeHelloService'

8. In the Properties Dialog, click on 'Details' tab.

9. Select 'Create Global Partner link' from Partner Link drop down. A popup will Open.

Provide a 'Partner Link Name' (any meaningful name is sufficient) and click Ok. Choose 'HelloPortType' as depicted below and click Ok.

Provide a 'Partner Link Type Name' (any meaningful name is sufficient) and click Next. Give a 'Role Name' and click Finish.

10. Under the Properties dialog there is a 'Quick Pick section'.

Select 'greetingInSinhala' from that and double click on it.

You will noticed that the Input/Output variables are generated as follows. Save the changes made.

 11. Now it is time to pass the input parameters to the Hello service. In order to do that we have to click on 'Assign' action. In Properties dialog click on 'Details' tab.

12. Click on New and do as depicted below and hit Save. You will be prompted for Initializer dialog. Click yes.

 Here you will assign the input for the Hello Webservice from BPEL input payload.

13. Likewise in 'Assign1' action do the same as follows and hit Save.You will be prompted for Initializer dialog. Click yes.

 Here you will assign the output received from Hello Webservice to BPEL output payload.

 14. Write click on the project and create new  'Apache ODE Deployment Descriptor'. Do the configuration as follows:

15. Create a ZIP archive as follows:

Now the BPEL is ready.

Deply BPEL Project in WSO2 BPS

1. Start the WSO2 BPS and access the carbon console (https://1localhost:9443/carbon/). Login as admin user with admin/admin credentials.

2. Under 'Manage' section click on 'Processes' -> 'Add'. Upload the Zip.

3. Now you can see the uploaded BPEL under 'Processes' -> 'List'.

4. Click on the 'Process ID'. You will see a dialog simillar to below:

5. Use try it and you will get a response as follows:

That is it. Happy Orchestration with BPEL :)

How to convert a simple Java class to a Webservice with Axis2 [Deploying POJOs]

It has never been this easy to convert your class into a Webservice in few steps with Apache Axis2.

Apache Axis2 is a SOAP processing engine and it is hand in hand with WSO2 SOA middleware platform.

Prerequsists:

WSO2 developer studio plug-in installed Eclipse

Axis2 war 1.6.2 distribution

Apache Tomcat 7.0.47

JDK 1.7/1.6

How to create Axis2 service

1. Create a new Axis2 service project in Eclipse

 

2. Tick 'Create new Axis2 Service ' and click Next

3. Provide Project Name, package name and Class name and click Finish.

As you can see the project structure will contain the services.xml file which contains the details of the exposed service.

4. Now you can add methods to the Class as follows:




package com.world.hello;

public class Hello{

   
    public String greetInSinhala(String name){
        return "Ayubowan "+ name;
    }
   
    public String greetInEnglish(String name){
        return "Hello "+ name;
    }
}

4. Now you can add methods to the Class as follows:
5. Now create the service archive file (*.aar extension) by right click on the project and select 'Export Project as Deployable Archive'.

 How to deploy *.aar file in Axis2 enabled Tomcat 

 1. Copy the axis2 war file to apache-tomcat-7.0.47/webapps directory and start the server.

You will see the axis2 directory under Tomcat webapps directory once the server is started.

2.Copy the HelloWorld.aar file to apache-tomcat-7.0.47/webapps/axis2/WEB-INF/services directory

3. Access below url and you should be able to see the deployed service and the available methods.

http://localhost:8080/axis2/services/listServices

That is the end of the story :)

SSO session timeouts when the applications are idle for 15 minutes [WSO2 IS 5.0.0]

In IS 5.0.0 there is a session cache which gets cleared every 15 minutes and it is not configurable at the moment.
But there is a workaround.
You have to enable remember me while sign-in to the system. Then even if the cache expires in 15 minutes, the session cookie will be retrieved from session data persistence. But this will keep your login active even if you close the browser and reopen it.
You can get rid of that by setting the "RememberMePeriod" under "SessionDataPersist" to -1 in identity.xml.
So every time you close the browser, you will have to login to the application again.

Downgrade Subversion 1.8 to 1.7 in Ubuntu 14.04

I ran into the below problem when I try to update my existing codebase after upgrading the operating system from ubuntu 12.04 to 14.04.

The working copy at '/home/punnadi/wso2/source/platform/turing'
is too old (format 29) to work with client version '1.8.8 (r1568071)' (expects format 31). You need to upgrade the working copy first.

The reason behind this error os Ubuntu 14.04 comes with subversion 1.8.x by default. So I had to downgrade the subversion version to 1.7.x in order to overcome this issue.

I did it with the help of following post (Check the Wauzl's answer).

http://askubuntu.com/questions/453717/i-need-downgrade-from-subversion-1-8-to-subversion-1-7

[java] Add or Delete CNAME Records with Amazon route 53 API

package com;

import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;

import javax.crypto.Mac;
import javax.crypto.spec.SecretKeySpec;

import org.apache.commons.codec.binary.Base64;
import org.apache.http.HttpEntity;
import org.apache.http.HttpResponse;
import org.apache.http.client.ClientProtocolException;
import org.apache.http.client.HttpClient;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.client.methods.HttpPost;
import org.apache.http.client.methods.HttpRequestBase;
import org.apache.http.entity.StringEntity;
import org.apache.http.impl.client.DefaultHttpClient;
import org.apache.http.util.EntityUtils;

public class Test {
    private static final String AWS_HOST = "route53.amazonaws.com";
    private static final String SECRECT_ACCESS_KEY = "xxxxxxxxxxxxxxxxxxxx";
    private static final String ACCESS_KEY_ID = "xxxxxxxxxxxxxxxxxxx";
    private static final String HMAC_SHA1_ALGORITHM = "HmacSHA1";
    private static final String HOSTED_ZONE_ID = "xxxxxxxxxxxxxxx";

    /**
     * Computes RFC 2104-compliant HMAC signature.
     * * @param data
     * The data to be signed.
     *
     * @param key
     *            The signing key.
     * @return
     *         The Base64-encoded RFC 2104-compliant HMAC signature.
     * @throws java.security.SignatureException
     *             when signature generation fails
     */
    public static String calculateRFC2104HMAC(String stringToSign, String secrectAccessKey) {

        // get an hmac_sha1 key from the raw key bytes
        SecretKeySpec signingKey =
                                   new SecretKeySpec(secrectAccessKey.getBytes(),
                                                     HMAC_SHA1_ALGORITHM);

        // get an hmac_sha1 Mac instance and initialize with the signing key
        Mac mac = null;
        try {
            mac = Mac.getInstance(HMAC_SHA1_ALGORITHM);
            mac.init(signingKey);
        } catch (NoSuchAlgorithmException e) {
            e.printStackTrace();
        } catch (InvalidKeyException e) {
            e.printStackTrace();
        }

        // compute the hmac on input data bytes
        byte[] rawHmac = mac.doFinal(stringToSign.getBytes());

        // base64-encode the hmac
        return new String(Base64.encodeBase64(rawHmac));

    }

    public static void main(String[] args) {
        String[] domainsAdd =
                              { "1.sample.cloudtest.com", "2.sample.cloudtest.com",
                               "3.sample.cloudtest.com", "4.sample.cloudtest.com",
                               "5.sample.cloudtest.com" };
        String name = "sample_pu.cloudtest.com";

        createResourceRecords(prepareCNAMERecordsReq("CREATE", name, domainsAdd));
        listResourceRecords();

        String[] domainsRemove = { "1.sample.cloudtest.com", "2.sample.cloudtest.com" };
        createResourceRecords(prepareCNAMERecordsReq("DELETE", name, domainsRemove));
        listResourceRecords();
    }

    private static void listResourceRecords() {
        // create a post request to addAPI.
        HttpClient httpclient = new DefaultHttpClient();
        String endPoint =
                          "https://route53.amazonaws.com/2013-04-01/hostedzone/" + HOSTED_ZONE_ID +
                                  "/rrset";
        HttpGet httpGet = new HttpGet(endPoint);
        try {
            authenticateAWS(httpGet);
        } catch (Exception e) {
            e.printStackTrace();
        }
        String responseString = null;
        try {
            HttpResponse response = httpclient.execute(httpGet);
            HttpEntity entity = response.getEntity();
            responseString = EntityUtils.toString(entity, "UTF-8");
        } catch (ClientProtocolException e) {
            e.printStackTrace();
        } catch (IOException e) {
            e.printStackTrace();
        }
        System.out.println(responseString);
    }

    private static void createResourceRecords(String request) {
        // create a post request to addAPI.
        HttpClient httpclient = new DefaultHttpClient();
        String endPoint =
                          "https://route53.amazonaws.com/2013-04-01/hostedzone/" + HOSTED_ZONE_ID +
                                  "/rrset";
        HttpPost httpAction = new HttpPost(endPoint);
        try {
            authenticateAWS(httpAction);

            httpAction.setEntity(new StringEntity(request, "UTF-8"));
        } catch (UnsupportedEncodingException e) {
            e.printStackTrace();
        } catch (Exception e) {
            e.printStackTrace();
        }

        String responseString = null;
        try {
            HttpResponse response = httpclient.execute(httpAction);
            HttpEntity entity = response.getEntity();
            responseString = EntityUtils.toString(entity, "UTF-8");
        } catch (ClientProtocolException e) {
            e.printStackTrace();
        } catch (IOException e) {
            e.printStackTrace();
        }
        System.out.println(responseString);
    }

    private static void authenticateAWS(HttpRequestBase httpAction) {

        String stringToSign = getGMTTime();
        httpAction.setHeader("Content-Type", "text/xml");
        httpAction.setHeader("Host", AWS_HOST);
        httpAction.setHeader("x-amz-date", stringToSign);
        String authHeaderval =
                               "AWS3-HTTPS AWSAccessKeyId=" + ACCESS_KEY_ID + ",Algorithm=" +
                                       HMAC_SHA1_ALGORITHM + ",Signature=" +
                                       calculateRFC2104HMAC(stringToSign, SECRECT_ACCESS_KEY);
        httpAction.setHeader("X-Amzn-Authorization", authHeaderval);

    }

    /*
     * Get the current date from the Amazon Route 53 server
     */
    private static String getGMTTime() {

        HttpClient httpclient = new DefaultHttpClient();
        HttpGet httpGet = new HttpGet("https://route53.amazonaws.com/date");

        HttpResponse response = null;
        try {
            response = httpclient.execute(httpGet);
        } catch (ClientProtocolException e) {
            e.printStackTrace();
        } catch (IOException e) {
            e.printStackTrace();
        }
        String date = response.getFirstHeader("Date").getValue();
        return date;

    }

    private static String prepareCNAMERecordsReq(String action, String name, String[] domains) {
        StringBuffer request =
                               new StringBuffer(
                                                "<ChangeResourceRecordSetsRequest xmlns=\"https://route53.amazonaws.com/doc/2013-04-01/\">"
                                                        + "<ChangeBatch>" + "<Changes>");
        for (int i = 0; i < domains.length; i++) {
            request.append("<Change><Action>" + action + "</Action>" + "<ResourceRecordSet>" +
                           "<Name>" + domains[i] + "</Name>" + "<Type>CNAME</Type>" +
                           "<TTL>100000</TTL>" + "<ResourceRecords>" + "<ResourceRecord>" +
                           "<Value>" + name + "</Value>" + "</ResourceRecord>" +
                           "</ResourceRecords>" + "</ResourceRecordSet>" + "</Change>");
        }
        request.append("</Changes>" + "</ChangeBatch>" + "</ChangeResourceRecordSetsRequest>");
        return request.toString();
    }

}

[java] Listing Resource Record Sets Using the Amazon Route 53 API

import java.io.IOException;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;

import javax.crypto.Mac;
import javax.crypto.spec.SecretKeySpec;

import org.apache.commons.codec.binary.Base64;
import org.apache.http.HttpEntity;
import org.apache.http.HttpResponse;
import org.apache.http.client.ClientProtocolException;
import org.apache.http.client.HttpClient;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.impl.client.DefaultHttpClient;
import org.apache.http.util.EntityUtils;

public class Test {
    private static final String AWS_HOST = "route53.amazonaws.com";
    private static final String SECRECT_ACCESS_KEY = "xxxxxxxxxxxxxxxxxxxx";
    private static final String ACCESS_KEY_ID = "xxxxxxxxxxxxxxx";
    private static final String HMAC_SHA1_ALGORITHM = "HmacSHA1";
    private static final String HOSTED_ZONE_ID = "xxxxxxxxxxxxxxxxxxx";

    /**
     * Computes RFC 2104-compliant HMAC signature.
     * * @param data
     * The data to be signed.
     *
     * @param key
     *            The signing key.
     * @return
     *         The Base64-encoded RFC 2104-compliant HMAC signature.
     * @throws java.security.SignatureException
     *             when signature generation fails
     */
    public static String calculateRFC2104HMAC(String stringToSign, String secrectAccessKey) {

        // get an hmac_sha1 key from the raw key bytes
        SecretKeySpec signingKey =
                                   new SecretKeySpec(secrectAccessKey.getBytes(),
                                                     HMAC_SHA1_ALGORITHM);

        // get an hmac_sha1 Mac instance and initialize with the signing key
        Mac mac = null;
        try {
            mac = Mac.getInstance(HMAC_SHA1_ALGORITHM);
            mac.init(signingKey);
        } catch (NoSuchAlgorithmException e) {
            e.printStackTrace();
        } catch (InvalidKeyException e) {
            e.printStackTrace();
        }

        // compute the hmac on input data bytes
        byte[] rawHmac = mac.doFinal(stringToSign.getBytes());

        // base64-encode the hmac
        return new String(Base64.encodeBase64(rawHmac));

    }

    public static void main(String[] args) {
        listResourceRecords();
    }

    private static void listResourceRecords() {
        // create a post request to addAPI.
        HttpClient httpclient = new DefaultHttpClient();
        String endPoint =
                          "https://route53.amazonaws.com/2013-04-01/hostedzone/" + HOSTED_ZONE_ID +
                                  "/rrset";
        HttpGet httpGet = new HttpGet(endPoint);
        try {
            authenticateAWS(httpGet);
        } catch (Exception e) {
            e.printStackTrace();
        }
        String responseString = null;
        try {
            HttpResponse response = httpclient.execute(httpGet);
            HttpEntity entity = response.getEntity();
            responseString = EntityUtils.toString(entity, "UTF-8");
        } catch (ClientProtocolException e) {
            e.printStackTrace();
        } catch (IOException e) {
            e.printStackTrace();
        }
        System.out.println(responseString);
    }

    private static void authenticateAWS(HttpGet httpGet) {

        String stringToSign = getGMTTime();
        httpGet.setHeader("Content-Type", "text/xml");
        httpGet.setHeader("Host", AWS_HOST);
        httpGet.setHeader("x-amz-date", stringToSign);
        String authHeaderval =
                               "AWS3-HTTPS AWSAccessKeyId=" + ACCESS_KEY_ID + ",Algorithm=" +
                                       HMAC_SHA1_ALGORITHM + ",Signature=" +
                                       calculateRFC2104HMAC(stringToSign, SECRECT_ACCESS_KEY);
        httpGet.setHeader("X-Amzn-Authorization", authHeaderval);

    }

    /*
     * Get the current date from the Amazon Route 53 server
     */
    private static String getGMTTime() {

        HttpClient httpclient = new DefaultHttpClient();
        HttpGet httpGet = new HttpGet("https://route53.amazonaws.com/date");

        HttpResponse response = null;
        try {
            response = httpclient.execute(httpGet);
        } catch (ClientProtocolException e) {
            e.printStackTrace();
        } catch (IOException e) {
            e.printStackTrace();
        }
        String date = response.getFirstHeader("Date").getValue();
        System.out.println(date);
        return date;

    }

}

How to refere a WAR module as dependency in Maven

You can add type tag as follows:

<dependency>
    <groupId>org.apache.stratos</groupId>
    <artifactId>org.apache.stratos.rest.endpoint</artifactId>
    <version>4.0.0-SNAPSHOT</version>
    <type>war</type>
</dependency>
 




How to secure the plain text password of NetworkAuthenticatorConfig element in carbon.xml with WSO2 Carbon Secure Vault

If you are familiar with Carbon servers you may have noticed that the passwords are set in plain text in configuration files. This is prone to security vulnerabilities. But with Secure Vault implementation you can get rid of plain text passwords.

Following blog posts provide through knowledge on how to work with  WSO2 Carbon Secure Vault.

[1] http://ajithvblogs.blogspot.com/2014/01/secure-custom-configuration-filexml.html
[2] http://pathberiya.blogspot.com/2012/08/secure-plain-text-passwords-in-wso2.html

In this post I am going to discuss how to secure the password field under 'NetworkAuthenticatorConfig' element defined in carbon.xml

This will require custom implementation as this password field is not supported out of the box. You can follow the 7 steps provided in Blog [1].

I will describe the Implementation details:

You need to modify setupAuthenticator method in https://svn.wso2.org/repos/wso2/carbon/kernel/branches/4.2.0/core/org.wso2.carbon.utils/4.2.0/src/main/java/org/wso2/carbon/context/internal/CarbonContextDataHolder.java class.
Note: The version 4.2.0 may vary depending on your carbon server release.

By default it reads the password value from carbon.xml. But after we use Secure Vault the actual password is not in carbon.xml. Therefore we have to implement the logic in such a way that it will get the decrypted secured password accordingly.

The modified method is as follows:

 private static void setupAuthenticator(CarbonAuthenticator authenticator) throws Exception {
        OMElement documentElement = XMLUtils.toOM(
                CarbonUtils.getServerConfiguration().getDocumentElement());
        OMElement authenticators = documentElement.getFirstChildWithName(
                new QName(ServerConstants.CARBON_SERVER_XML_NAMESPACE, "Security")).
                getFirstChildWithName(
                        new QName(ServerConstants.CARBON_SERVER_XML_NAMESPACE, "NetworkAuthenticatorConfig"));

        if (authenticators == null) {
            return;
        }

         String password = null;
         String secretAlias = "xxxxxxxxxxxxxxxxxxxxx: Set the entry key used in cipher-tool.properties/cipher-text.properties xxxxxxxxxxxxxxxxxxx";
         SecretResolver secretResolver = SecretResolverFactory.create(documentElement, false);

        for (Iterator iterator = authenticators.getChildElements(); iterator.hasNext(); ) {
            OMElement authenticatorElement = (OMElement) iterator.next();
            if (!authenticatorElement.getLocalName().equalsIgnoreCase("Credential")) {
                continue;
            }
            String pattern = authenticatorElement.getFirstChildWithName(
                    new QName(ServerConstants.CARBON_SERVER_XML_NAMESPACE, "Pattern")).getText();
            String type = authenticatorElement.getFirstChildWithName(
                    new QName(ServerConstants.CARBON_SERVER_XML_NAMESPACE, "Type")).getText();
            String username = authenticatorElement.getFirstChildWithName(
                    new QName(ServerConstants.CARBON_SERVER_XML_NAMESPACE, "Username")).getText();

            if (secretResolver != null && secretResolver.isInitialized()) {
            if (secretResolver.isTokenProtected(secretAlias)) {
                password = secretResolver.resolve(secretAlias);
            } else {
              password = authenticatorElement.getFirstChildWithName(
                    new QName(ServerConstants.CARBON_SERVER_XML_NAMESPACE, "Password")).getText();
            }
            }
            authenticator.addAuthenticator(type, pattern, username, password);
        }
    }




Patch process:

 - build the org.wso2.carbon.utils bundle with 'mvn clean install'
 - create a directory called patch000X (X can be a preferred number greater than the existing ones) in $PRODUCT_HOME/repository/components/patches/ directory.
 - place the built jar in patch000X directory
 - restart the server with "-DapplyPatches" as follows:

 ./wso2server.sh -DapplyPatches 

How to write a client to invoke WSO2 Carbon Admin Services

Background:
In WSO2 Carbon platform, there is a concept call admin services which are a set of secured SOAP web services used to handle administrative tasks. There are certain cases where you might want to directly interact with these services to get your work done.

How do you find the list of available Admin Services?
You can start the carbon product with -DosgiConsole option.  This is because all carbon products are based on OSGi.

./wso2server.sh -DosgiConsole

You can list the admin services with "listAdminServices" command in OSGi console.

By default the wsdl files are inaccessible via Management Console url. But you can set "HideAdminServices" value to false in carbon.xml to view these wsdl files easily as follows (If the port offset is set to 0 in carbon.xml the url is as follows).

https://localhost:9443/services/AuthenticationAdmin?wsdl 

Usecase:
Think that you have a requirement to get permission set for each role you have defined through Management Console. In order to full fill this requirement you can write a client with the help of "AuthenticationAdmin" and "UserAdmin" admin services.

Steps:

1. Get yourself authenticated with AuthenticationAdmin service and retrieve the session cookie
2. Using the session cookie access other services.

Sample Code:

I am using a maven project to write this client. The repositories and dependencies used in pom.xml are as follows:

<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
    <modelVersion>4.0.0</modelVersion>
    <groupId>Aloo</groupId>
    <artifactId>AdminServicesInvoker</artifactId>
    <version>0.0.1-SNAPSHOT</version>
    <repositories>
        <repository>
            <id>wso2-nexus</id>
            <name>WSO2 internal Repository</name>
            <url>http://maven.wso2.org/nexus/content/groups/wso2-public/</url>
            <releases>
                <enabled>true</enabled>
                <updatePolicy>daily</updatePolicy>
                <checksumPolicy>fail</checksumPolicy>
            </releases>
        </repository>
    </repositories>
    <dependencies>
        <dependency>
            <groupId>org.wso2.carbon</groupId>
            <artifactId>org.wso2.carbon.authenticator.stub</artifactId>
            <version>4.2.0</version>
        </dependency>
        <dependency>
            <groupId>org.wso2.carbon</groupId>
            <artifactId>org.wso2.carbon.user.mgt.stub</artifactId>
            <version>4.2.0</version>
        </dependency>
        <dependency>
            <groupId>org.apache.axis2.wso2</groupId>
            <artifactId>axis2-client</artifactId>
            <version>1.6.1.wso2v5</version>
        </dependency>
    </dependencies>
</project>

The below class has a implementation to invoke AuthenticationAdmin service and get the session cookie as follows:

<pre class="brush: csharp">

import java.rmi.RemoteException;

import org.apache.axis2.AxisFault;
import org.apache.axis2.context.ServiceContext;
import org.apache.axis2.transport.http.HTTPConstants;
import org.wso2.carbon.authenticator.stub.AuthenticationAdminStub;
import org.wso2.carbon.authenticator.stub.LoginAuthenticationExceptionException;
import org.wso2.carbon.authenticator.stub.LogoutAuthenticationExceptionException;

public class LoginAdminServiceClient {
    private final String serviceName = "AuthenticationAdmin";
    private AuthenticationAdminStub authenticationAdminStub;
    private String endPoint;

    public LoginAdminServiceClient(String backEndUrl) throws AxisFault {
        this.endPoint = backEndUrl + "/services/" + serviceName;
        authenticationAdminStub = new AuthenticationAdminStub(endPoint);
    }

    public String authenticate(String userName, String password)
            throws RemoteException, LoginAuthenticationExceptionException {

        String sessionCookie = null;

        if (authenticationAdminStub.login(userName, password, "localhost")) {
            System.out.println("Login Successful");

            ServiceContext serviceContext = authenticationAdminStub
                    ._getServiceClient().getLastOperationContext()
                    .getServiceContext();
            sessionCookie = (String) serviceContext
                    .getProperty(HTTPConstants.COOKIE_STRING);
            System.out.println(sessionCookie);
        }

        return sessionCookie;
    }

    public void logOut() throws RemoteException,
            LogoutAuthenticationExceptionException {
        authenticationAdminStub.logout();
    }

} 

</pre>

The below class has a implementation to invoke UserAdmin service and get set of permissions belongs to a given role:

<pre class="brush: csharp">

 import java.rmi.RemoteException;
import java.util.ArrayList;
import java.util.List;

import org.apache.axis2.AxisFault;
import org.apache.axis2.client.Options;
import org.apache.axis2.client.ServiceClient;
import org.wso2.carbon.user.mgt.stub.UserAdminStub;
import org.wso2.carbon.user.mgt.stub.UserAdminUserAdminException;
import org.wso2.carbon.user.mgt.stub.types.carbon.UIPermissionNode;

public class ServiceAdminClient {
    private final String serviceName = "UserAdmin";
    private UserAdminStub userAdminStub;
    private String endPoint;

    public ServiceAdminClient(String backEndUrl, String sessionCookie)
            throws AxisFault {
        this.endPoint = backEndUrl + "/services/" + serviceName;
        userAdminStub = new UserAdminStub(endPoint);
        // Authenticate Your stub from sessionCooke
        ServiceClient serviceClient;
        Options option;

        serviceClient = userAdminStub._getServiceClient();
        option = serviceClient.getOptions();
        option.setManageSession(true);
        option.setProperty(
                org.apache.axis2.transport.http.HTTPConstants.COOKIE_STRING,
                sessionCookie);
    }

    public void getRolePermissions(String role) throws RemoteException,
            UserAdminUserAdminException {
        List allowedPermissions = new ArrayList();
        UIPermissionNode uiPermissionNode = userAdminStub
                .getRolePermissions(role);
        getResourcePath(uiPermissionNode, allowedPermissions);
        System.out.println(allowedPermissions);
    }

    public void getResourcePath(UIPermissionNode uiPermissionNode,
            List allowedPermissions) {

        if (uiPermissionNode.getNodeList() != null) {
            UIPermissionNode[] uiPermissionNodes = uiPermissionNode
                    .getNodeList();
            for (int i = 0; i < uiPermissionNodes.length; i++) {
                UIPermissionNode uPermissionNode1 = uiPermissionNodes[i];
                if (uPermissionNode1.getSelected()) {
                    allowedPermissions.add(uPermissionNode1.getResourcePath());
                }
                getResourcePath(uPermissionNode1, allowedPermissions);
            }
        }
        return;
    }
}

</pre>

 

 The below class act as the invoker:

 Note: Change the path variable accordingly by pointing the certificate of your  carbon product.

<pre class="brush: csharp">

import java.rmi.RemoteException;

import org.wso2.carbon.authenticator.stub.LoginAuthenticationExceptionException;
import org.wso2.carbon.authenticator.stub.LogoutAuthenticationExceptionException;
import org.wso2.carbon.user.mgt.stub.UserAdminUserAdminException;

public class ServiceInvoker {
    public static void main(String[] args) throws RemoteException,
            LoginAuthenticationExceptionException,
            LogoutAuthenticationExceptionException {
        String path = "/home/punnadi/wso2is-4.5.0/repository/resources/security/"
                + "wso2carbon.jks";
        System.setProperty("javax.net.ssl.trustStore", path);
        System.setProperty("javax.net.ssl.trustStorePassword", "wso2carbon");
        String backEndUrl = "https://localhost:9443";

        LoginAdminServiceClient login = new LoginAdminServiceClient(backEndUrl);
        String sessionCookie = login.authenticate("admin", "admin");
        ServiceAdminClient serviceAdminClient = new ServiceAdminClient(
                backEndUrl, sessionCookie);

        try {
            serviceAdminClient.getRolePermissions("admin");
        } catch (UserAdminUserAdminException e) {
            // TODO Auto-generated catch block
            e.printStackTrace();
        }

        login.logOut();

    }
}

</pre>

 

Before invoking the above code you will have to start the carbon server on port 9443.

Adding a MySQL datasource to JBoss AS 7.1.1

Prerequisites:
JBoss AS 7.1.1
mysql-connector-java-your_version-bin.jar

My Environment:
Ubuntu 12.04
java version "1.6.0_45"

1. Extract the JBoss server and I call it "JBOSS_HOME" here onwards.
2. Create "com/mysql/main" directory structure in JBOSS_HOME/modules directory.
3. Copy mysql-connector-java--bin.jar to the above created directory.
4. Create a file called module.xml which has following content in the same directory. Update the jar version accordingly.

<?xml version="1.0" encoding="UTF-8"?>
<module xmlns="urn:jboss:module:1.1" name="com.mysql">
    <resources>
        <resource-root path="mysql-connector-java-5.1.27-bin.jar"/>
    </resources>
    <dependencies>
        <module name="javax.api"/>
        <module name="javax.transaction.api"/>
        <module name="javax.servlet.api" optional="true"/>
    </dependencies>
</module>

The created directory structure including files is as depicted above.

5. Modify JBOSS_HOME/standalone/configuration/standalone.xml as follows:
    Add mysql datasource and the driver configs as given below under datasources tag.

<datasources>
<datasource jndi-name="java:jboss/datasources/ExampleDS" pool-name="ExampleDS" enabled="true" use-java-context="true">
    <connection-url>jdbc:h2:mem:test;DB_CLOSE_DELAY=-1</connection-url>
    <driver>h2</driver>
    <security>
        <user-name>sa</user-name>
        <password>sa</password>
    </security>
</datasource>
<datasource jta="true" jndi-name="java:/jboss/datasources/dsJaasProject" pool-name="my_pool" enabled="true" use-java-context="true" use-ccm="true">
    <connection-url>jdbc:mysql://localhost:3306/jaasProject</connection-url>
    <driver>mysql</driver>
    <security>
        <user-name>root</user-name>
        <password>root</password>
    </security>
    <statement>
        <prepared-statement-cache-size>100</prepared-statement-cache-size>
        <share-prepared-statements>true</share-prepared-statements>
    </statement>
</datasource>
<drivers>
    <driver name="mysql" module="com.mysql">
        <xa-datasource-class>com.mysql.jdbc.jdbc2.optional.MysqlXADataSource</xa-datasource-class>
    </driver>
    <driver name="h2" module="com.h2database.h2">
        <xa-datasource-class>org.h2.jdbcx.JdbcDataSource</xa-datasource-class>
    </driver>
</drivers>
</datasources>
                   
 6. Now start the server from JBOSS_HOME/bin directory as follows:
             ./standalone.sh

You would notice that there will be a file called "mysql-connector-java-your_version-bin.jar.index" generated inside JBOSS_HOME/module/com/mysql/main directory.

transport error 202: gethostbyname: unknown host in Eclipse while debugging

FATAL ERROR in native method: JDWP No transports initialized, jvmtiError=AGENT_ERROR_TRANSPORT_INIT(197)
ERROR: transport error 202: gethostbyname: unknown host
ERROR: JDWP Transport dt_socket failed to initialize, TRANSPORT_INIT(510)
JDWP exit error AGENT_ERROR_TRANSPORT_INIT(197): No transports initialized [../../../src/share/back/debugInit.c:690]

If you come across this error while you trying to debug code from Eclipse check your /etc/hosts file and add below entry. Issue will go away.

127.0.0.1    localhost