Maven Build Lifecycle in a nutshell

Maven is a build automation tool mainly used in java projects.When it comes to maven, Build lifecycles are very important topic.
There are 3 out of the box maven lifecycles know as default, clean and site. Out of these three, most of the time we are using default and clean.
A build lifecycle is made up of number of predefined phases or in other words stages.
A Phase is made up of goals. A goal represents a specif task and they are defined within associated plugin.
These plugin goals can explicitly execute with mvn.
A goal doesn't always need to be associated with a phase. Therefore a goal not bound to any build phase could be executed via direct invocation.

For the clear understanding please find the mvn command provided below:
mvn clean dependency:copy-dependency

• clean - build phase (Once you execute this command all the build phases up to this build phase will get invoked. In other words, pre-clean and clean will get executed)

See Lifecycle references for more details.

• dependency:copy-dependency - the goal 'copy-dependency' in 'maven-dependency-plugin' plugin.

There are 2 ways of using these build lifecycles.

1. Packaging (e.g.: war/jar/ear)
The packaging type defined in pom.xml will cause to run list of predefined goals bound to build phases of default lifecycle.
See Plugin Bindings for more details.

2. Plugin
By specifying plugins explicitly in your pom file, you can incorporate goals to specific phases of a build lifecycle.
- A plugin can have one or more goals.
- Each goal can be invoked in multiple phases.
Goal is bound to a lifecycle phase and if there are multiple goals bound to a particular phase, they will be invoked according to the oder in which they have defined.  

mojo - Maven + Pojo
- Mojo is an executable goal in maven.

Reference: https://maven.apache.org/guides/introduction/introduction-to-the-lifecycle.html

localhost/127.0.0.1:7000 is in use by another process. Change listen_address:storage_port in cassandra.yaml to values that do not conflict with other services

If you ever get this error in your wso2 server, please check if there is any other wso2 server running on the same machine and check it's port offset in carbon.xml and change the other server's port offset accordingly.

Sending attachements with with WSO2 ESB via MTOM

Prerequisites:

WSO2 ESB 4.8.1
WSO2 ESB 4.8.1 service pack1 (This is yet to release)
SoapUI 4.5.1

Environment:
Ubuntu
Java Runtime

Steps:

Enable backend service

1. Apply the sp1 to ESB 4.8.1
2. Go to /samples/axis2Server/src/MTOMSwASampleService and run 'ant'. Once it is build successfully, go to /samples/axis2Server and start the server as follows:
/axis2server.sh

3.Now you will be able to access the wsdl file of MTOMSwASampleService via below url:
http://localhost:9000/services/MTOMSwASampleService?wsdl

Configure ESB

3.1 Save the wsdl file as MTOMSwASampleService.wsdl and copy it to /repository/samples/resources/proxy directory.

4. Start ESB and login via console.
5. Create three dynamic sequences and save them in config regitry as follows:

Go to Manage->Service Bus->Sequences and click on Add Sequence.

•  InSeq

Sequence Name: InSeq
Click on Add Child->Core->Send and add a Send mediator.
Select Endpoint Type: Define Inline and click on Add button.
Create Address Endpoint.
Address: http://localhost:9000/services/MTOMSwASampleService

Show Advanced Options->Message Content
Optimize: MTOM
Hit 'Save & Close'.
Hit 'Update'.
Hit 'Save in Registry'.
Hit 'Save & Close'.

• OutSeq

Sequence Name: OutSeq
Click on Add Child->Core->Send and add a Send mediator.
Hit 'Update'.
Hit 'Save in Registry'.
Hit 'Save & Close'.

• ErrorSeq

Sequence Name:ErrorSeq
Hit 'Save in Registry'.
Hit 'Save & Close'.

6.  Go to Manage->Service Bus->Source View and paste the config
P.S: Ignore the names as they are dump values
Hit Update.

Setup SoapUI

7. Start SoapUI.
Click on 'New SoapUI project' and paste below wsdl url.
http://localhost:8280/services/StockQuoteProxy?wsdl

8. Click on 'uploadFileUsingMTOM' request in soap11 binding.
10. Edit current url as follows:
http://localhost:8280/services/StockQuoteProxy.StockQuoteProxyHttpSoap12Endpoint

9. Attach a image via attachment window. Click yes for  'cache attachment in request'.
10. Modify the request as depicted in the image below and change the value of image name according to your image name:

11. Now you can send the request. You will receive the attachment as the response as follows:

References:
https://axis.apache.org/axis2/java/core/docs/mtom-guide.html
https://docs.wso2.com/pages/viewpage.action?pageId=33136025

WSO2 Identity Server as a Federation Hub

Requirement:
Setup identity federation with two WSO2 IS instance with SAML2 Web SSO, one acts as a Federation hub (primary idp) and the other acts as the IDP (secondary idp).
These are fronted by nginx to hide the original characteristics and the existence of the Identity Servers.

 Prerequisits:
1. WSO2 IS 5.0.0 - two servers
2. Web Server to host Service Provide(s). e.g: Tomcat 7.0.x

Note: In this sample SAML request signing will be done only between primary idp and secondary idp as we already have self signed certificate, public/private key pairs available in WSO2 IS by default (Location:<carbon_home>/repository/resources).
If you want to create your own self signed certificate, refer this blog post.

Steps:

1. Configure nginx and modify /etc/nginx/sites-enabled/default file. You can refer the this blog post.

I have provided the configured file.

2. Use the following link to checkout and configure Service provider (travelocity application)
https://docs.wso2.com/display/IS460/Configuring+SAML2+SSO
(Refere the 'Configuring the web app' section only)
I have provided the configured travelocity.properties file.

3. Change the following configs in Primary IDP.
<carbon_home>/repository/conf/tomcat/catalina-server.xml add proxy port pointing load balancers port(i.e 443).
 <carbon_home>/repository/conf/carbon.xml change the hostname to identity-dev1.is.com 
4.Login to the Primary IDP console. 
5. Register a identity provider

• Identity Provider Name: Any meaningful name
• Identity Provider Public Certificate: Export the public certificate in pem format and upload it.

keytool -export -alias mycert -keystore wso2carbon.jks -storepass wso2carbon -file mycert.pem

• Alias will be auto generated as follows:

https://identity-dev1.is.com:443/oauth2/token/

5.1 Expand Federated Authenticators and configure SAML2 Web SSO Configuration.

• Tick Enable SAML2 Web SSO
• Identity Provider Entity Id: Any meaningful name
• Service Provider Entity Id: Any meaningful name (This value is required when registering service provider in Secondary IDP)
• Set the SSO URL to https://identity-dev2.is.com/samlsso/ 
• Tick Enable Authentication Request Signing
• Tick Enable Logout
• Tick Enable Logout Request Signing
• SAML2 Web SSO User ID Location: Tick User ID found in 'Name Identifier' 

Save the configurations.
6. Register a service provider

•  Service Provider Name: Any meaningful name

6.1 Expand Inbound Authentication Configuration and configure SAML2 Web SSO Configuration

• Issuer: travelocity.com (same value provided in travelocity.properties file for SAML.IssuerID)
• Assertion Consumer URL: http://localhost:8080/travelocity.com/samlsso-home.jsp (same value provided in travelocity.properties file for SAML.ConsumerUrl)
• Tick Use fully qualified username in the NameID
• Tick  Enable Single Logout
• Tick Enable Attribute Profile

Save the configurations.

6.2 Expand Local & Outbound Authentication Configuration and choose Authentication Type as Federated Authentication and select the identity provider created in step 5

 Save the configurations.

7.  Change the following configs in Secondary IDP.
 <carbon_home>/repository/conf/tomcat/catalina-server.xml add proxy port pointing load balancers port(i.e 443).
 <carbon_home>/repository/conf/carbon.xml change the hostname to identity-dev2.is.com and offset to 1
8. Login to Secondary IDP console
9. Register a service provider

•  Service Provider Name: Any meaningful name

9.1 Expand Inbound Authentication Configuration and configure SAML2 Web SSO Configuration

• Issuer: same value provided in 5.1 for Service Provider Entity Id
• Assertion Consumer URL: Any garbage value as signing SAML with CA certificate will skip this acs URL validation
• Tick Use fully qualified username in the NameID
• Tick  Enable Signature Validation in Authentication Requests and Logout Requests 
• Tick Enable Single Logout
• Tick Enable Attribute Profile

 Save the configurations.

 Now all the configurations are done.

10. You can access travelocity application with below url:

htttp://localhost:8080/travelocity.com

Note: If you are using firefox  install SSO tracer plugin to view decrypted SAML requests easily.