Wednesday, September 30, 2009

SOA Governance and Monitoring Dashboards

0 comments

Written by Sami

When you are driving your care, the most important indicators on your dashboard are the fuel level indicator and the current speed indicator. While you drive, you look at them, at least once in a while, to get a gauge of how it is going.
Now you can do the same with your SOA governance set ip. Rea more on how dashboards can help monitor SOA governance health.

See original post

Tuesday, September 29, 2009

SOA Platform Ecosystem

0 comments

Written by Sami

See where the WSO2 SOA Platform is heading.

And expect more in the next release to be done in few days.

See original post

Realizing The Platfrom for your SOA

0 comments
When you design your SOA, the platform that you build on top can have a greater impact on your success.

Often, integration and seamless inter operation is a nice little bed time fairy tale. The moment you wake up, the dream world is lost.

However, the ability of getting a bunch of diverse SOA tools, work as a single platform would not be that much of a dream with WSO2 SOA platform. It is not a fairy tale. We spent almost an year, getting the platform design right, whole of 2008, and another year to stabilize it, whole of 2009. And, as we all know, the reality of software is that, there are bugs which makes the advertised features, such as seamless integration, found to be broken. However, thanks to our agile open source development model, we can fix those in no time, one key aspect that keeps us ahead of the rest in this business.

It is simply impressive how, the Enterprise Service Bus, the Governance Registry, the Web Services Application Server with data services capabilities, Identity Server and Business Process Server, all come into a single SOA platform ecosystem. The next releases that are being tested now, based on the SOA platform architecture will be leaps and bounds better and stable than the previous releases, as always. And the good news is, WSO2 is not done yet...

Wednesday, September 23, 2009

WSO2 100% open source SOA platform

0 comments

Written by Sanjiva Weerawarana

We've been doing a bunch of calls with customers giving them a technical update on our product platform. If you want to get a quick introduction to our 100% open source SOA product portfolio and our technical vision take a look!

If you want to talk to us of course you can contact us via http://wso2.com/contact/.

See original post

Monday, September 14, 2009

WSO2 Releases Web Service Framework For C++

0 comments

WSO2 announced the release of the Web Services Framework for C++ (WSF/C++) version 2.0.0. Similar to WSF/PHP which is really popular among the PHP community, WSF/CPP is the C++ language binding for the Apache Axis2/C and the other supporting web services projects like Apache Sandesha/C, Apache Rampart/C.


With this release C++ developers will be able to write web services and web service clients to inter-op with .NET/Java/PHP or any other platform built-on web service standards. The release is shiped with a code generation tool that will be used to generate the code for skeletons and stubs from a WSDL, so developers only need to concentrate on their business logic as the generated code will take care of building or parsing xmls and running them on top of the framework.

Here are the key features of the new release.



  1. Support core web service standards like SOAP 1.1, SOAP 1.2, WSDL 1.1, WSDL 2.0, REST

  2. Support for web services QoS specifications.

    • WS-Addressing

    • WS-Security

    • WS-Policy

    • WS-Security-Policy

    • WS-Reliable-Messaging



  3. Support binary attachment with MTOM and SWA (With the Support for large binaries)

  4. Code generation tool.

  5. Proven interoperability with .NET.


As a side note, you will be able to participate to a free summer school training session on the WSF/CPP conducted by Nandika Jayawardane who is the project lead of both WSF/CPP and WSF/PHP on 30th July. You can register to it (for free) from here.

See original post

Effective SOA Governance with the WSO2 Governance Registry

0 comments

Written by Tyrell



Tuesday, August 4, 2009 9:00 AM - 10:00 AM PDT

Registrations are now open!!
Governance has become the hot topic in SOA over the past year. As companies SOA usage becomes real, widespread and line-of-business, the requirement to ensure that the systems are properly governed has emerged as the number one concern for SOA adopters.
In this webinar, Paul Fremantle, CTO and Co-founder of WSO2, will explain the challenges of SOA governance and show a clear and simple approach that demystifies this complex topic.



See original post

WSO2 is 4 years old

0 comments

Written by Sanjiva Weerawarana

Today is our "unofficial" official birthday - and today we celebrate 4 years of life!


Actually there's no one start date .. there was the day we incorporated the US company, the day the Sri Lankan company was incorporated, the UK company, the day we closed the funding (after changing name to WSO2 from Serendib Systems because James refused to invest without that change!), the day the US company bought the LK company, then the UK company, etc. etc. etc.. However, August 4th is around the center of all of that - which happened between July and September basically. Plus it happens to be a (chance) choice day for me .. so I was a bit selfish in declaring August 4th as our birthday ;-).

Its pretty cool to see how far we've come since the old days. Check out our Web site as of Sept. 24th, 2005 (for some reason the banner image at the top of the page is missing though). Compare that to our current site and, um, yeah we have a few more things to offer!

Its been a fun, challenging, entertaining, interesting and everything 4 years. I have no regrets whatsoever in leaving IBM to start WSO2. IBM was an awesome place, but this experience has been several notches better :-).

Working with Paul as my co-founder (going back to a "secret" meeting he, myself and one other person [who ended up not joining but who I hope to bring into WSO2 one of these days] had at his mom's place in London back in December 2004 while all three of us were still in IBM) has been the single most fun thing out of everything in WSO2. Paul and I are a team in every sense - we challenge each other to excel and there's no doubt that everything we've achieved is due to that superb teamwork. Paul's stubbornness combined (and equaled or maybe exceeded!) with mine has made us a potent team ;-). The beauty is that while we're both stubborn we also compromise and do it with no baggage. We believe in challenging ourselves and everyone to make real, pragmatic, hard-nosed, concrete decisions - we don't lie to ourselves about our capabilities or software or customers or anything.

Oh yes, its not been just 2 people who got us here. And that's the really really special gift WSO2 has given me- the chance to work with an amazing set of young and not-so-young people primarily in Sri Lanka but also in the US (with Jonathan and Katie now) and see everyone grow to becoming global personalities. We're now more than 70 strong and have an amazing group of talented, passionate, hard-working and committed people working on making WSO2 become the global success we all believe we will be.

We have people who've been with us nearly the entire 4 years and several of them are now the key leaders in various aspects: Samisa (now Director of Engineering), Hasmin (now Senior Manager of Communications), and Azeez (Architect of Carbon) being some of the key players.

I think more than 20 people have left WSO2 to join various grad schools all over the world to do PhDs in CS and related areas. I expect probably half of our current team (of more than 70) to leave for higher studies over the near few years as well. In fact, from the original group of people who joined WSO2 right at the inception, only Paul, myself and Flora (our office assistant here in Sri Lanka) are left - almost everyone else has gone to grad school!

We're a very R&D oriented company and group of people - we believe in continuous learning, graduate school and every possible way of learning as ways to continually innovate. Its hard to understand the culture of WSO2 from outside but its quite unusual :).

In summary, I will just say to every one of my WSO2 family members: Thank you.

And to our customers: Thank you for placing your trust in us and for giving us the opportunity to show you that the disgustingly corrupt software industry and the complex software it produces are not the only way.

And to our competitors: better buckle up - its gonna be a rough ride. We've only just begun.

See original post

[WSO2-ESB-FAQ-001] Per-service logs in WSO2 ESB

0 comments

Written by Ruwan Linton

Now, that WSO2 ESB is getting the attraction of the community I thought of sharing a piece of useful information through my Blog. I thought I am going to blog about the features of the WSO2 ESB one by one and at the next release we will be including them all in the ESB documentation as FAQ's :-)

So first of all lets focus on the requirement, my requirement is to configure the logs of a particular service (to be more specific a proxy service) to be logged into a given log file. The advantage of having per-service log files is that it is very easy to analyse/monitor what went wrong in this particular proxy service by looking at the service log. Enabling this feature will not terminate the wso2-esb.log file being keeping the logs about this service, the complete log is a complete log and will contain every log statement including the service logs that you have configured to be logged into a different log file. In other words the service log is an additional log file which will contain a copy of the logs to that particular service.

Then, how can you configure this in the WSO2 ESB. So, lets assume that we are referring to the sample 150 of the WSO2 ESB, which has a proxy service named StockQuoteProxy. Now we need to configure log4j to log the service specific logs to a file called stock-quote-proxy-service.log in the logs directory of the ESB installation directory. Open up the log4j.properties file found at the lib directory of the WSO2 ESB installation directory using your favourite text editor and add the following section to the end of the file starting in a new line;
 log4j.category.SERVICE_LOGGER.StockQuoteProxy=DEBUG, SQ_PROXY_APPENDER
log4j.additivity.SERVICE_LOGGER.StockQuoteProxy=false
log4j.appender.SQ_PROXY_APPENDER=org.apache.log4j.DailyRollingFileAppender
log4j.appender.SQ_PROXY_APPENDER.File=logs/stock-quote-proxy-service.log
log4j.appender.SQ_PROXY_APPENDER.datePattern='.'yyyy-MM-dd-HH-mm
log4j.appender.SQ_PROXY_APPENDER.layout=org.apache.log4j.PatternLayout
log4j.appender.SQ_PROXY_APPENDER.layout.ConversionPattern=%d{ISO8601} [%X{ip}-%X{host}] [%t] %5p %c{1} %m%n
Well, save the file and you are done with the configuration, and now it is time to try it out. By default the sample 150 configuration doesn't do any logging at run time. So go ahead and configure the proxy service in-sequence to contain a log mediator to log the message at "Full" log level.

Execute the sample client after starting the ESB with the sample 150;
  $ESB_HOME/bin/wso2esb-samples.sh -sn 150
and the sample axis2 server with SimpleStockQuote service deployed on it as per stated in the sample documentation.

Inspect the logs directory of the ESB installation directory to see the stock-quote-proxy-service.log file, further to demonstrate the log file rotation I have configured this particular logger to rotate the file in each minute when ever there is a log going into the service log, so if you execute the sample client once again after 1 minute you will be able to see the service log file rotation as well.

See original post

Best of SOA Summer School

0 comments

During this entire summer, WSO2 conducted a series of trainings on SOA best practices, How-Tos and trends, titled “SOA Summer School“. With the dawn of the autumn the series of online summer classes came to an end. With the popular demand, a 3 hour session is going to be held tomorrow the 13th August summarizing the 8 weeks of lessons and highlighting their key areas.





Untitled


for a better insight I have attached tomorrow’s agenda, and it is conducted by Samisa Abeysinghe, Ruwan Linton, Prabath Siriwardena, Keith Chapman and Nandika Jayawardena. The online trainings are totally free and any one who is interested in SOA and EA can gain a good knowledge of its dynamics.

See original post

How to patch WSO2 Carbon

0 comments

Written by Afkham Azeez


WSO2 Carbon allows patching of the server. We provide patches to customers, and these patches deal with issues that crop up on production servers. Patching a Carbon server can be done at two levels.




  1. The sever bootstrap runtime patching is done by placing the patches in the CARBON_HOME/lib/patches directory. Here we are patching regular jar files. You will need to do this only if you are running Carbon in stanadlone mode. If you are running Carbon on top of another app server such as WebLogic, Websphere AS (WAS), Tomcat or JBoss AS, you need not patch the bootstrap libraries since the bootstrapping is the responsibility of the respective JavaEE application server.


  2. Patching the server features are done by placing the patches in CARBON_HOME/webapps/ROOT/WEB-INF/patches. This can be done when Carbon in running in standalone mode as well as when it is running on top of a JavaEE application server. In this case we are actually 'patching' the Carbon OSGi bundles.



After patching the server, you need to restart it as follows:



./wso2server.sh -cleanCache; in the case of standalone mode execution. In the case of running within a JavaEE server, you need to delete the CARBON_HOME/repository/components/plugins directory, and restart the app server.

See original post

Writing custom queries to retrieve data from WSO2 Governance Registry

0 comments

WSO2 Governance Registry is a big part of wso2 governance product stack. Even though it is primarily aimed at managing, versioning, rating, and commenting on SOA artifacts it can also be used as a simple data store. with the 3.0 version the G-Reg gave support to custom query execution from the client side. This feature helps immensely when you use the registry for non-standard tasks. For me I had to do some pagination work for the comments that belongs to a particular resource, hence my approach was to write few custom quires to get the job done. The code is as follows.


	/**
* Returns a chunk of comments
*
* @param resPath Path to the comment
* @param start The beginning index
* @param size Size of the chunk
* @return an array of comments
*/
public Comment[] getCommentSet(String resPath, int start, int size) {
Registry registry = null;
try {
registry = ; // get an instance of the registry

Resource comQuery = registry.newResource();

// The Sql Statement
String sql = "SELECT REG_COMMENT_ID FROM REG_RESOURCE_COMMENT RC, REG_RESOURCE R, REG_PATH P WHERE "
+ "RC.REG_VERSION=R.REG_VERSION AND "
+ "R.REG_NAME=? AND "
+ "P.REG_PATH_VALUE=? AND "
+ "P.REG_PATH_ID=R.REG_PATH_ID LIMIT ?, ?";

// Set SQL statement as the resource content
comQuery.setContent(sql);

// Setting the media type and properties
comQuery.setMediaType(RegistryConstants.SQL_QUERY_MEDIA_TYPE);
comQuery.addProperty(RegistryConstants.RESULT_TYPE_PROPERTY_NAME, RegistryConstants.COMMENTS_RESULT_TYPE);

registry.put("system/myQueries/query", comQuery);
String resourceName = "testResource";
String pathToResource = "/system/myResources"

Map params = new HashMap();

//Setting the parameters
params.put("1", resourceName);
params.put("2", pathToResource);
params.put("3", start);
params.put("4", size);

// Executing the SQL statement
Collection qResults = registry.executeQuery("system/myQueries/query", params);

String[] qPaths = (String[]) qResults.getContent();

Comment[] comments = new Comment[qPaths.length];
// Loading the comment data to comment object array
for (int i = 0; i < qPaths.length; i++) {
if (registry.resourceExists(qPaths[i])) {
comments[i] = (Comment) registry.get(qPaths[i]);
}
}

return comments;

} catch (Exception e) {
String errorMsg = "Backend server error - could not get comment set";
log.error(new MyTestException(errorMsg, e));
return null;
}

}

Yeah simple as that you get your resources set without much effort. A big thank goes to Dimuthu

See original post

WSO2 Governance Registry 3.0.0 installation on Jboss 5.0 with Oracle 10g

0 comments

Written by Krishantha

WSO2 G-Reg, one of the leading open source SOA governance solution available. The latest release of the WSO2 G-Reg support multiple application servers along with most common production databases.This post list down the steps to deploy G-Reg 3.0.0 on Jboss 5.0 GA using oracle 10g.

Step 1
Download WSO2 G-Reg-3.0.0 from here. Extract the downloaded zip into a directory. Copy conf, database, repository and resources directories in to a new folder. Here after, we will refer it is greg-repo (i.e:- /home/krishatha/greg-repo)

Step 2
Lets refer to your jboss installation directory, JBOSS_HOME. Go to JBOSS_HOME/server/default/deploy directory and create a new folder, wso2greg.war.Now, copy wso2greg-3.0.0/webapps/ROOT/WEB-INF to JBOSS_HOME/server/default/deploy/wso2greg.war

Step3
Now configuring jboss ssl connector as given below.

a. First up, you should probably shut down the JBoss server as you do this step.
In the JBoss directory, there should be a file called server.xml:

JBOSS_HOME/server/default/deploy/jbossweb.sar/server.xml


This file includes information about what web features to turn on when the server starts up.Inside this file, there should be a part that looks like this

<!--<Connector protocol="HTTP/1.1" SSLEnabled="true"
port="8443" address="${jboss.bind.address}"
scheme="https" secure="true" clientAuth="false"
keystoreFile="${jboss.server.home.dir}/conf/chap8.keystore"
keystorePass="rmi+ssl" sslProtocol = "TLS" />-->


b. Make the following changes:

i. Uncomment the block
ii. Change the port to 8443
iii. Change the keystore password to the password used.

The end result should look something like this:

<!-- SSL/TLS Connector configuration using the admin devl guide keystore-->
<Connector protocol="HTTP/1.1" SSLEnabled="true"
port="8443" address="${jboss.bind.address}"
scheme="https" secure="true" clientAuth="false"
keystoreFile="/home/krishatha/greg-repo/resources/security /wso2carbon.jks"
keystorePass="wso2carbon" sslProtocol = "TLS" />


Make sure to give the exact location of wso2carbon.jks as highlighted above.
Note: you can use your own keystore file if required.

Step 4
Now we must do the necessary configurations in a set of config files shipped with WSO2 G-Reg. We will update carbon.xml, axis2.xml, registry.xml, transports.xml and user-mgt.xml which can be found at greg-repo\conf directory.

a. Edit the carbon.xml in greg-repo/conf and set backend sever URL as below.

<ServerURL>https://IP:8443/wso2greg/services/</ServerURL>


it is recommended to use your IP rather than using localhost or hostname.
Note that we have configured JBoss to run on 8443 port.

b. Edit the same carbon.xml and put /wso2greg as the WebContextRoot

<WebContextRoot>/wso2greg</WebContextRoot>


the webcontextroot will be the name you used to create war distribution in JBOSS_HOME/server /default/deploy/wso2greg.war/

c. Then open axis2.xml, We must change the http and https ports in In Transports section of axis2.xml as follows.

<transportReceiver name="http"
class="org.wso2.carbon.core.transports.http.HttpTransportListener">
<parameter name="port">8080</parameter>



</transportReceiver>
<transportReceiver name="https"
class="org.wso2.carbon.core.transports.http.HttpsTransportListener">
<parameter name="port">8443</parameter>
</transportReceiver>


d. Edit the transports.xml as follows. https and http ports of the transport section can be changed as follows.

<transport name="http" class="org.wso2.carbon.server.transports.http.HttpTransport">
<parameter name="port">8080</parameter>



<transport name="https" class="org.wso2.carbon.server.transports.http.HttpsTransport">
<parameter name="port">8443</parameter>


e. Open registry.xml and update DB configurations as follows.

<dbconfig name="wso2registry">
<url>jdbc:oracle:thin:@hostname:1521:SID</url>
<userName>wso2</userName>
<password>wso2</password>
<driverName>oracle.jdbc.driver.OracleDriver</driverName>
<maxActive>80</maxActive>
<maxWait>60000</maxWait>
<minIdle>5</minIdle>
</dbconfig>


Note that the DB configuration used here is for oracle and you can set the DB configuration to any other supported DB accordingly.

f. Open user-mgt.xml and update DB configurations as follows.

<Database>
<URL>jdbc:oracle:thin:@hostname:1521:SID</URL>
<UserName>wso2</UserName>
<Password>wso2</Password>
<Dialect>oracle</Dialect>
<Driver>oracle.jdbc.driver.OracleDriver</Driver>
<maxActive>30</maxActive>
<maxWait>60000</maxWait>
<minIdle>5</minIdle>
</Database>

Note that the DB configuration used here is for oracle and you can set the DB configuration to any other supported DB accordingly.now you have done with configuration changes.

More details on setting up G-Reg with oracle can be found from here.

Step 5
Now you need to copy oracle driver class to the correct location. In my case I have used ojdbc14.jar.


copy ojdbc14.jar into greg-repo/repository/components/extensions


step 6
You also need to copy the wso2greg-3.0.0/lib/log4j.properties file into JBOSS_HOME/server/default/deploy/wso2greg.war/WEB-INF/classes, and JBOSS_HOME/common/lib/log4j.jar to JBOSS_HOME/server/default/deploy/wso2greg.war/WEB-INF/lib

step7
We have completed the required configurations. Now, open a new command window and change the directory to JBOSS_HOME/bin.Define an environment variable called CARBON_HOME and set the path to your greg-repo directory.


In windows; set CARBON_HOME=C:\greg\greg-repo
In linux; export CARBON_HOME=\home\user\greg\greg-repo


Start JBoss from the same command window/shell. To start JBoss with the "-b [IP]" option use the following commands.

ex:- run.bat -b 12.34.56.78 OR
./run.sh -b 12.34.56.78


WSO2 G-Reg will be started successfully. You can access the management console using https:\\IP:8443\wso2greg\carbon

Related posts: How to deploy WSO2 WSAS-3.* on JBoss

See original post

How does the SOAP Message Encryption work?

0 comments

WS Security Specification describes enhancements to SOAP messaging to provide message integrity, confidentiality, non-repudiation etc. It does not introduce new information security concepts, rather it is based on the existing security concepts like XML encryption, XML signatures, etc. It sets the foundation to secure web services by adapting these existing technologies accordingly.


This post is intended to provide a simplified explanation on how XML encryption works with SOAP messages as per the WS Security Specification.


WS Security Specification recommends to use symmetric keys for encryption. This is mainly due to the low performance factor of asymmetric key based encryption. Even if the asymmetric binding is used, it is advised to use symmetric keys for encryption. In such scenarios, the PKI is used to establish the symmetric keys. Initiator can come up with the symmetric and encrypt it using the public key of the recipient. Then the recipient can decrypt this key and find out the symmetric key which is used for encryption.


It is possible to encrypt the whole XML element or  just the content of it. WS Security Specification enforces not to encrypt <S11:Header>, <S12:Header>, <S11:Envelope>, <S12:Envelope>,or <S11:Body>, <S12:Body> elements. But encrypting the sub elements of those elements are allowed.


If a particular element or content of it is supposed to be encrypted, then that element should be replaced by the <xenc:EncryptedData> element which is the result of encrypting the original element.


Ex :


<xenc:EncryptedData Id="EncDataId-3" Type="http://www.w3.org/2001/04/xmlenc#Content">...</xenc:EncryptedData>

Symmetric keys used for the encryption operations should be embedded inside <xenc:EncryptedKey> elements. Each <xenc:EncryptedKey> element should contain a <ds:KeyInfo> element that contains information about the key used to encrypt the symmetric key. Then there can be a <xenc:ReferenceList> which is the manifest of the elements which are encrypted. If a <xenc:ReferenceList> element is appearing inside a <xenc:EncryptedKey> element, it implies that the symmetric key resulted by decrypting the cipher value of the <xenc:EncryptedKey> element should be used decrypt the elements specified in that refernce list. <xenc:ReferenceList> is comprised of a list of <xenc:DataReference> elements which contains refernces to the elements which are encrypted using this key. If we put this in a simplified manner, <xenc:ReferenceList> inside a <xenc:EncryptedKey> element refers to all the <xenc:EncryptedData> elements which are encrypted using the symmetric key contained in that  <xenc:EncryptedKey> element. Each <xenc:EncryptedData> element should be referred using <xenc:DataReference> element.


Ex :


          <xenc:EncryptedKey Id="EncKeyId-E296581B23458CA12512507910022225">
<xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"/>
<ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<wsse:SecurityTokenReference>
<wsse:KeyIdentifier
EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary"
ValueType="http://docs.oasis-open.org/wss/oasis-wss-soap-message-security-1.1#ThumbprintSHA1">
HYL371NzoOs2+IA24VDkBGcUFQM=
</wsse:KeyIdentifier>
</wsse:SecurityTokenReference>
</ds:KeyInfo>
<xenc:CipherData>
<xenc:CipherValue>
H9l+f1lqTvi4W3vaHwXMhhdfOT8t2t75fzgCkUvjX7ae9FLMEm7/hoQCEurJE4SOmPRXUvLV3MSI21Fcr3HW2OFc1SEpAZQwxma03/iG0jlSyAOOO/j9jitTnmvhtMGI9HShrM0cP77U0GDBTIoXqMSOrzMKbSQ8iz7wl5dG+TY=
</xenc:CipherValue>
</xenc:CipherData>
<xenc:ReferenceList>
<xenc:DataReference URI="#EncDataId-3"/>
</xenc:ReferenceList>
</xenc:EncryptedKey>

Lets come back to the <xenc:EncryptedData> element. Earlier we said that all the elements which should be encrypted must be replaced by a <xenc:EncryptedData> elements. This element might contain a <ds:KeyInfo> element which points to another <ds:KeyInfo> element or an attached security token. But it is not mandatory to have such <ds:KeyInfo> element, if that <xenc:EncryptedData> element is listed in a <xenc:ReferenceList> of a particuar <xenc:EncryptedKey>. It should contain a </xenc:CipherData> element, which contains the cipher data.


Ex :


      <xenc:EncryptedData Id="EncDataId-3" Type="http://www.w3.org/2001/04/xmlenc#Content">
<xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/>
<ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<wsse:SecurityTokenReference
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<wsse:Reference URI="#EncKeyId-E296581B23458CA12512507910022225"/>
</wsse:SecurityTokenReference>
</ds:KeyInfo>
<xenc:CipherData>
<xenc:CipherValue>HTnMneoskQeLew99eIqCLh+8kUAvKozGjsLMfBN8Ji2QDx64Rl53vKqXYybDQeGidWHn9L7OFSEW
6kWuSsDqB+AWQezNgoACcxrNfn7vGwQidD3Kl6aviSaFALzJJkphk29Cip7vSOFmxJn3qIaA82AD
rrnPYT57uyPh03XELwrv1Wret3q1uNZ0pnjk6xjYjsQzkAgADUeE/MfWSMdjvpZ6eQ4wwTOmemeh
HtVLEdIsKoCyXRBMC9Etiu3KoymArNWRAMgQHvSzBmGxuWCALOHYru8OJpmetZacz5KVqWHifRhP
wXFsWOQF3zfBQhJmf4fRiAXkeJ4ZXn3BjT4dz/BVoDaHJFEwK5KY9GRtg0U7Eu3l5k6RNM3ds56N
PGP/DhvKJfcFCh4qKVfbWFDVLdeqcRzrHXWuiHTu6BoiwJgzFoQ8vjP6Bw==
</xenc:CipherValue>
</xenc:CipherData>
</xenc:EncryptedData>

Having said about the optional <ds:KeyInfo> element inside a <xenc:EncryptedData> element, now it is possible to take the <xenc:ReferenceList> element out of the <xenc:EncryptedKey> element if required. In such scenarios, <xenc:EncryptedData> elements should contain the <ds:KeyInfo> elements pointing to the keys that are used for the encryption. With this option, it is possible to use multiple keys for encrypting the elements in the same SOAP message.


So lets bring all the bits and pieces together. Following listing depicts a SOAP message with an encrypted soap body.


<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
<soapenv:Header xmlns:wsa="http://www.w3.org/2005/08/addressing">
<wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
soapenv:mustUnderstand="1">
<xenc:EncryptedKey Id="EncKeyId-E296581B23458CA12512507910022225">
<xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"/>
<ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<wsse:SecurityTokenReference>
<wsse:KeyIdentifier
EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary"
ValueType="http://docs.oasis-open.org/wss/oasis-wss-soap-message-security-1.1#ThumbprintSHA1">
HYL371NzoOs2+IA24VDkBGcUFQM=
</wsse:KeyIdentifier>
</wsse:SecurityTokenReference>
</ds:KeyInfo>
<xenc:CipherData>
<xenc:CipherValue>
H9l+f1lqTvi4W3vaHwXMhhdfOT8t2t75fzgCkUvjX7ae9FLMEm7/hoQCEurJE4SOmPRXUvLV3MSI21Fcr3HW2OFc1SEpAZQwxma03/iG0jlSyAOOO/j9jitTnmvhtMGI9HShrM0cP77U0GDBTIoXqMSOrzMKbSQ8iz7wl5dG+TY=
</xenc:CipherValue>
</xenc:CipherData>
<xenc:ReferenceList>
<xenc:DataReference URI="#EncDataId-3"/>
</xenc:ReferenceList>
</xenc:EncryptedKey>
</wsse:Security>
<wsa:To>http://localhost:8081/axis2/services/sample03</wsa:To>
<wsa:MessageID>urn:uuid:EE5C34B1DCEF6DBA991250791000372</wsa:MessageID>
<wsa:Action>urn:echo</wsa:Action>
</soapenv:Header>
<soapenv:Body xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
wsu:Id="Id-14900151">
<xenc:EncryptedData Id="EncDataId-3" Type="http://www.w3.org/2001/04/xmlenc#Content">
<xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/>
<ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<wsse:SecurityTokenReference
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<wsse:Reference URI="#EncKeyId-E296581B23458CA12512507910022225"/>
</wsse:SecurityTokenReference>
</ds:KeyInfo>
<xenc:CipherData>
<xenc:CipherValue>HTnMneoskQeLew99eIqCLh+8kUAvKozGjsLMfBN8Ji2QDx64Rl53vKqXYybDQeGidWHn9L7OFSEW
6kWuSsDqB+AWQezNgoACcxrNfn7vGwQidD3Kl6aviSaFALzJJkphk29Cip7vSOFmxJn3qIaA82AD
rrnPYT57uyPh03XELwrv1Wret3q1uNZ0pnjk6xjYjsQzkAgADUeE/MfWSMdjvpZ6eQ4wwTOmemeh
HtVLEdIsKoCyXRBMC9Etiu3KoymArNWRAMgQHvSzBmGxuWCALOHYru8OJpmetZacz5KVqWHifRhP
wXFsWOQF3zfBQhJmf4fRiAXkeJ4ZXn3BjT4dz/BVoDaHJFEwK5KY9GRtg0U7Eu3l5k6RNM3ds56N
PGP/DhvKJfcFCh4qKVfbWFDVLdeqcRzrHXWuiHTu6BoiwJgzFoQ8vjP6Bw==
</xenc:CipherValue>
</xenc:CipherData>
</xenc:EncryptedData>
</soapenv:Body>
</soapenv:Envelope>

An asymmetric key is used for encrption. <xenc:EncryptedKey> element contains a <ds:KeyInfo> element which can be used by the recipient to locate the correct private key from his keystore to decrypt the symmetric key. <wsse:SecurityTokenReference> element inside that <ds:KeyInfo> element specifies a ThumbprintSHA1 value that can be used as a key identifier. Then it contains a <xenc:CipherData> which contains the cipher text of the symmetric key. Decrypting this cipher text using the private key of the recipient with result with the symmetric key.


Then it has the <xenc:ReferenceList> with a single <xenc:DataReference> element. That <xenc:DataReference> element refers to an element using the URI fragment #EncDataId-3. If you carefully observe, you will note that, this URI fragment is the ID of the <xenc:EncryptedData> which is the child element of the soap body. That <xenc:EncryptedData> element contains a <ds:KeyInfo> element which points to the <xenc:EncryptedKey> element mentioned above using a SecurityToken Reference. <xenc:CipherValue> contains the encrypted content of the soap body, which should be decrypted using the symmetric key.


I did not discussed about encrypting SOAP headers, to keep this note short as much as possible.


Refer to WS Security Specification for a comprehensive description about the SOAP message encryption.


<soapenv:Envelope xmlns:soapenv=”http://schemas.xmlsoap.org/soap/envelope/”

xmlns:xenc=”http://www.w3.org/2001/04/xmlenc#”>

<soapenv:Header xmlns:wsa=”http://www.w3.org/2005/08/addressing”>

<wsse:Security xmlns:wsse=”http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd”

soapenv:mustUnderstand=”1″>

<xenc:EncryptedKey Id=”EncKeyId-E296581B23458CA12512507910022225″>

<xenc:EncryptionMethod Algorithm=”http://www.w3.org/2001/04/xmlenc#rsa-1_5″/>

<ds:KeyInfo xmlns:ds=”http://www.w3.org/2000/09/xmldsig#”>

<wsse:SecurityTokenReference>

<wsse:KeyIdentifier

EncodingType=”http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary”

ValueType=”http://docs.oasis-open.org/wss/oasis-wss-soap-message-security-1.1#ThumbprintSHA1″>

HYL371NzoOs2+IA24VDkBGcUFQM=

</wsse:KeyIdentifier>

</wsse:SecurityTokenReference>

</ds:KeyInfo>

<xenc:CipherData>

<xenc:CipherValue>

H9l+f1lqTvi4W3vaHwXMhhdfOT8t2t75fzgCkUvjX7ae9FLMEm7/hoQCEurJE4SOmPRXUvLV3MSI21Fcr3HW2OFc1SEpAZQwxma03/iG0jlSyAOOO/j9jitTnmvhtMGI9HShrM0cP77U0GDBTIoXqMSOrzMKbSQ8iz7wl5dG+TY=

</xenc:CipherValue>

</xenc:CipherData>

<xenc:ReferenceList>

<xenc:DataReference URI=”#EncDataId-3″/>

</xenc:ReferenceList>

</xenc:EncryptedKey>

</wsse:Security>

<wsa:To>http://localhost:8081/axis2/services/sample03</wsa:To>

<wsa:MessageID>urn:uuid:EE5C34B1DCEF6DBA991250791000372</wsa:MessageID>

<wsa:Action>urn:echo</wsa:Action>

</soapenv:Header>

<soapenv:Body xmlns:wsu=”http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd”

wsu:Id=”Id-14900151″>

<xenc:EncryptedData Id=”EncDataId-3″ Type=”http://www.w3.org/2001/04/xmlenc#Content”>

<xenc:EncryptionMethod Algorithm=”http://www.w3.org/2001/04/xmlenc#tripledes-cbc”/>

<ds:KeyInfo xmlns:ds=”http://www.w3.org/2000/09/xmldsig#”>

<wsse:SecurityTokenReference

xmlns:wsse=”http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd”>

<wsse:Reference URI=”#EncKeyId-E296581B23458CA12512507910022225″/>

</wsse:SecurityTokenReference>

</ds:KeyInfo>

<xenc:CipherData>

<xenc:CipherValue>HTnMneoskQeLew99eIqCLh+8kUAvKozGjsLMfBN8Ji2QDx64Rl53vKqXYybDQeGidWHn9L7OFSEW

6kWuSsDqB+AWQezNgoACcxrNfn7vGwQidD3Kl6aviSaFALzJJkphk29Cip7vSOFmxJn3qIaA82AD

rrnPYT57uyPh03XELwrv1Wret3q1uNZ0pnjk6xjYjsQzkAgADUeE/MfWSMdjvpZ6eQ4wwTOmemeh

HtVLEdIsKoCyXRBMC9Etiu3KoymArNWRAMgQHvSzBmGxuWCALOHYru8OJpmetZacz5KVqWHifRhP

wXFsWOQF3zfBQhJmf4fRiAXkeJ4ZXn3BjT4dz/BVoDaHJFEwK5KY9GRtg0U7Eu3l5k6RNM3ds56N

PGP/DhvKJfcFCh4qKVfbWFDVLdeqcRzrHXWuiHTu6BoiwJgzFoQ8vjP6Bw==

</xenc:CipherValue>

</xenc:CipherData>

</xenc:EncryptedData>

</soapenv:Body>

</soapenv:Envelope>

See original post

Enterprise Web Service Deployments with WSAS

0 comments

Written by Afkham Azeez

See original post

WSO2 Releases Eclipse IDE Tooling for WSAS and BPS

0 comments

Saminda Wijerathna the lead of the WSO2 tooling team, announced the release of a new version of IDE tools for WSO2 WSAS and BPS. These tools will help you to write web services or web service clients and test them within your Eclipse IDE.


You can download the tools and the related documentation from http://wso2.org/downloads/tools/eclipse.


Here are the key features of the set of IDE tools,



  • Create Web services

  • Create web service client

  • Convert WSDL 1.1 to 2.0

  • Module and service validators

  • Creating wsdl from a java class

  • Create Axis2 archives

  • Hot update a Web service

  • Debug Web services

  • Test Web services

  • Conversion of WSDL 1.1 to 2.0 can now be done vice versa as well.

  • Creating Bpel archives for deploy

  • Start WSAS 3.0.x inside Eclipse

  • Run multiple instances of WSAS inside eclipse

See original post

Enterprise Integration Made Easy with the WSO2 ESB

0 comments

Written by Ruwan Linton

So this is about a webinar that I am planning to do on 1st of September 2009 about the WSO2 ESB 2.1 release.


"Enterprise integration can be a real drag for developers. Even though the advent of SOA has made the need for hard-coded integration between each application obsolete, it can be frustrating and time-consuming to get your middleware tools set up to build, mediate and connect services."

You can read the full story at WSO2.org

It is free, and has a limited number of seats ;-) so be hurry, Register Now.

I will be covering the WSO2 ESB focusing on the;
  • An overview of the new OSGi-based architecture
  • The provisioning model to seamlessly add or remove components and custom features to your ESB deployment
  • Better mediation and routing with the new business rules support, powered by Drools
  • How the WSO2 ESB automatically protects your integration development efforts by storing your configuration in a built-in registry
  • Additional enhancements to performance, eventing support, scheduled tasks and REST support
  • Streaming and non blocking HTTP transport and other supported transports, interfaces and protocols
Once again be hurry!

See original post

WSO2 Carbon @ InfoWorld's 2009 Bossie Awards

0 comments

Written by Tyrell

Best of open source platforms and middleware | Open Source - InfoWorld
WSO2 Carbon is the foundation of WSO2's componentized SOA platform. Carbon provides the framework for all of the core functionality -- data services, ESB/routing, process management, registry, monitoring, and security - allowing you to plug in these components as necessary. The ESB and additional modules for governance and identity are good, and the process server is also decent, and with Carbon the whole is greater than the sum of the parts.





See original post

SOA Governance - Introduction

0 comments

Written by Sami

SOA Governance is something that you have to built to make sure that you are in control of what your SOA is all about. SOA brings so much flexibility that it becomes too much flexible at times that anyone could do whatever they wish. And we all know what it means when everyone cooks.

Services, ready to be used out of the box, will result in a mesh of complexity after some time. People will struggle with figuring out what to use, when to use, and how to use services when solving their own problems.

Missing SOA governance is one of the main reasons for SOA projects to fail. Governance is not something that is optional in your SOA adoption.

The key ingredients of SOA governance includes service registry and policy enforcement. Policies are to be enforced thought the life cycle of a service. Both business as well as IT goals are to be facilitated through these policies. The service registry helps us store and retrieve meta data related to services, and maintain those meta data in a useful manner. Associating various service meta data artifacts, defining dependencies among those and maintaining multiple versions are some of the most sought after features in a service registry.


See original post

3Ps of SOA Governance

0 comments

Written by Sami

The three Ps of SOA Governance are... People, Processes and Policies.

People - Who are the owners of the services. Who are the business owners, and who are the technical owners. And who have access to it, when and for what reasons?

Processes - How are people going to go about using the services. What are the activities involved. What are the operations offered by the services and what are their inter relationsips. What are the dependancies between a given set of services? What is the activity flow whithin which various service operations are invoked to achieve a business process? That is the runtime view. In design time view, what are the steps involved in managing a service throug its life-cycle, from design, to retirement. What are the checklists involved, at each step of the service life cycle and who are responsible for each cheklist item. What are the steps involved in promoting or demoting a service throug the stages of its lifecycle?

Policies - What policies govern the use of services. What are the security implications? What about reliability? What policies are to be adhered to when granting access to a service at various life cycle stages of a service. Who would define the policies and who would enforce the policies? How to ensure that policies are adhered to?


See original post

Sunday, September 13, 2009

WSO2 Releases Eclipse IDE Tooling for WSAS and BPS

0 comments

Saminda Wijerathna the lead of the WSO2 tooling team, announced the release of a new version of IDE tools for WSO2 WSAS and BPS. These tools will help you to write web services or web service clients and test them within your Eclipse IDE.


You can download the tools and the related documentation from http://wso2.org/downloads/tools/eclipse.


Here are the key features of the set of IDE tools,



  • Create Web services

  • Create web service client

  • Convert WSDL 1.1 to 2.0

  • Module and service validators

  • Creating wsdl from a java class

  • Create Axis2 archives

  • Hot update a Web service

  • Debug Web services

  • Test Web services

  • Conversion of WSDL 1.1 to 2.0 can now be done vice versa as well.

  • Creating Bpel archives for deploy

  • Start WSAS 3.0.x inside Eclipse

  • Run multiple instances of WSAS inside eclipse

See original post

Enterprise Integration Made Easy with the WSO2 ESB

0 comments

Written by Ruwan Linton

So this is about a webinar that I am planning to do on 1st of September 2009 about the WSO2 ESB 2.1 release.


"Enterprise integration can be a real drag for developers. Even though the advent of SOA has made the need for hard-coded integration between each application obsolete, it can be frustrating and time-consuming to get your middleware tools set up to build, mediate and connect services."

You can read the full story at WSO2.org

It is free, and has a limited number of seats ;-) so be hurry, Register Now.

I will be covering the WSO2 ESB focusing on the;
  • An overview of the new OSGi-based architecture
  • The provisioning model to seamlessly add or remove components and custom features to your ESB deployment
  • Better mediation and routing with the new business rules support, powered by Drools
  • How the WSO2 ESB automatically protects your integration development efforts by storing your configuration in a built-in registry
  • Additional enhancements to performance, eventing support, scheduled tasks and REST support
  • Streaming and non blocking HTTP transport and other supported transports, interfaces and protocols
Once again be hurry!

See original post

WSO2 Carbon @ InfoWorld's 2009 Bossie Awards

0 comments

Written by Tyrell

Best of open source platforms and middleware | Open Source - InfoWorld
WSO2 Carbon is the foundation of WSO2's componentized SOA platform. Carbon provides the framework for all of the core functionality -- data services, ESB/routing, process management, registry, monitoring, and security - allowing you to plug in these components as necessary. The ESB and additional modules for governance and identity are good, and the process server is also decent, and with Carbon the whole is greater than the sum of the parts.





See original post

SOA Governance - Introduction

0 comments

Written by Sami

SOA Governance is something that you have to built to make sure that you are in control of what your SOA is all about. SOA brings so much flexibility that it becomes too much flexible at times that anyone could do whatever they wish. And we all know what it means when everyone cooks.

Services, ready to be used out of the box, will result in a mesh of complexity after some time. People will struggle with figuring out what to use, when to use, and how to use services when solving their own problems.

Missing SOA governance is one of the main reasons for SOA projects to fail. Governance is not something that is optional in your SOA adoption.

The key ingredients of SOA governance includes service registry and policy enforcement. Policies are to be enforced thought the life cycle of a service. Both business as well as IT goals are to be facilitated through these policies. The service registry helps us store and retrieve meta data related to services, and maintain those meta data in a useful manner. Associating various service meta data artifacts, defining dependencies among those and maintaining multiple versions are some of the most sought after features in a service registry.


See original post

3Ps of SOA Governance

0 comments

Written by Sami

The three Ps of SOA Governance are... People, Processes and Policies.

People - Who are the owners of the services. Who are the business owners, and who are the technical owners. And who have access to it, when and for what reasons?

Processes - How are people going to go about using the services. What are the activities involved. What are the operations offered by the services and what are their inter relationsips. What are the dependancies between a given set of services? What is the activity flow whithin which various service operations are invoked to achieve a business process? That is the runtime view. In design time view, what are the steps involved in managing a service throug its life-cycle, from design, to retirement. What are the checklists involved, at each step of the service life cycle and who are responsible for each cheklist item. What are the steps involved in promoting or demoting a service throug the stages of its lifecycle?

Policies - What policies govern the use of services. What are the security implications? What about reliability? What policies are to be adhered to when granting access to a service at various life cycle stages of a service. Who would define the policies and who would enforce the policies? How to ensure that policies are adhered to?


See original post

WSO2 Releases Web Service Framework For C++

0 comments

WSO2 announced the release of the Web Services Framework for C++ (WSF/C++) version 2.0.0. Similar to WSF/PHP which is really popular among the PHP community, WSF/CPP is the C++ language binding for the Apache Axis2/C and the other supporting web services projects like Apache Sandesha/C, Apache Rampart/C.


With this release C++ developers will be able to write web services and web service clients to inter-op with .NET/Java/PHP or any other platform built-on web service standards. The release is shiped with a code generation tool that will be used to generate the code for skeletons and stubs from a WSDL, so developers only need to concentrate on their business logic as the generated code will take care of building or parsing xmls and running them on top of the framework.

Here are the key features of the new release.



  1. Support core web service standards like SOAP 1.1, SOAP 1.2, WSDL 1.1, WSDL 2.0, REST

  2. Support for web services QoS specifications.

    • WS-Addressing

    • WS-Security

    • WS-Policy

    • WS-Security-Policy

    • WS-Reliable-Messaging



  3. Support binary attachment with MTOM and SWA (With the Support for large binaries)

  4. Code generation tool.

  5. Proven interoperability with .NET.


As a side note, you will be able to participate to a free summer school training session on the WSF/CPP conducted by Nandika Jayawardane who is the project lead of both WSF/CPP and WSF/PHP on 30th July. You can register to it (for free) from here.

See original post

Effective SOA Governance with the WSO2 Governance Registry

0 comments

Written by Tyrell



Tuesday, August 4, 2009 9:00 AM - 10:00 AM PDT

Registrations are now open!!
Governance has become the hot topic in SOA over the past year. As companies SOA usage becomes real, widespread and line-of-business, the requirement to ensure that the systems are properly governed has emerged as the number one concern for SOA adopters.
In this webinar, Paul Fremantle, CTO and Co-founder of WSO2, will explain the challenges of SOA governance and show a clear and simple approach that demystifies this complex topic.



See original post

WSO2 is 4 years old

0 comments

Written by Sanjiva Weerawarana

Today is our "unofficial" official birthday - and today we celebrate 4 years of life!


Actually there's no one start date .. there was the day we incorporated the US company, the day the Sri Lankan company was incorporated, the UK company, the day we closed the funding (after changing name to WSO2 from Serendib Systems because James refused to invest without that change!), the day the US company bought the LK company, then the UK company, etc. etc. etc.. However, August 4th is around the center of all of that - which happened between July and September basically. Plus it happens to be a (chance) choice day for me .. so I was a bit selfish in declaring August 4th as our birthday ;-).

Its pretty cool to see how far we've come since the old days. Check out our Web site as of Sept. 24th, 2005 (for some reason the banner image at the top of the page is missing though). Compare that to our current site and, um, yeah we have a few more things to offer!

Its been a fun, challenging, entertaining, interesting and everything 4 years. I have no regrets whatsoever in leaving IBM to start WSO2. IBM was an awesome place, but this experience has been several notches better :-).

Working with Paul as my co-founder (going back to a "secret" meeting he, myself and one other person [who ended up not joining but who I hope to bring into WSO2 one of these days] had at his mom's place in London back in December 2004 while all three of us were still in IBM) has been the single most fun thing out of everything in WSO2. Paul and I are a team in every sense - we challenge each other to excel and there's no doubt that everything we've achieved is due to that superb teamwork. Paul's stubbornness combined (and equaled or maybe exceeded!) with mine has made us a potent team ;-). The beauty is that while we're both stubborn we also compromise and do it with no baggage. We believe in challenging ourselves and everyone to make real, pragmatic, hard-nosed, concrete decisions - we don't lie to ourselves about our capabilities or software or customers or anything.

Oh yes, its not been just 2 people who got us here. And that's the really really special gift WSO2 has given me- the chance to work with an amazing set of young and not-so-young people primarily in Sri Lanka but also in the US (with Jonathan and Katie now) and see everyone grow to becoming global personalities. We're now more than 70 strong and have an amazing group of talented, passionate, hard-working and committed people working on making WSO2 become the global success we all believe we will be.

We have people who've been with us nearly the entire 4 years and several of them are now the key leaders in various aspects: Samisa (now Director of Engineering), Hasmin (now Senior Manager of Communications), and Azeez (Architect of Carbon) being some of the key players.

I think more than 20 people have left WSO2 to join various grad schools all over the world to do PhDs in CS and related areas. I expect probably half of our current team (of more than 70) to leave for higher studies over the near few years as well. In fact, from the original group of people who joined WSO2 right at the inception, only Paul, myself and Flora (our office assistant here in Sri Lanka) are left - almost everyone else has gone to grad school!

We're a very R&D oriented company and group of people - we believe in continuous learning, graduate school and every possible way of learning as ways to continually innovate. Its hard to understand the culture of WSO2 from outside but its quite unusual :).

In summary, I will just say to every one of my WSO2 family members: Thank you.

And to our customers: Thank you for placing your trust in us and for giving us the opportunity to show you that the disgustingly corrupt software industry and the complex software it produces are not the only way.

And to our competitors: better buckle up - its gonna be a rough ride. We've only just begun.

See original post

[WSO2-ESB-FAQ-001] Per-service logs in WSO2 ESB

0 comments

Written by Ruwan Linton

Now, that WSO2 ESB is getting the attraction of the community I thought of sharing a piece of useful information through my Blog. I thought I am going to blog about the features of the WSO2 ESB one by one and at the next release we will be including them all in the ESB documentation as FAQ's :-)

So first of all lets focus on the requirement, my requirement is to configure the logs of a particular service (to be more specific a proxy service) to be logged into a given log file. The advantage of having per-service log files is that it is very easy to analyse/monitor what went wrong in this particular proxy service by looking at the service log. Enabling this feature will not terminate the wso2-esb.log file being keeping the logs about this service, the complete log is a complete log and will contain every log statement including the service logs that you have configured to be logged into a different log file. In other words the service log is an additional log file which will contain a copy of the logs to that particular service.

Then, how can you configure this in the WSO2 ESB. So, lets assume that we are referring to the sample 150 of the WSO2 ESB, which has a proxy service named StockQuoteProxy. Now we need to configure log4j to log the service specific logs to a file called stock-quote-proxy-service.log in the logs directory of the ESB installation directory. Open up the log4j.properties file found at the lib directory of the WSO2 ESB installation directory using your favourite text editor and add the following section to the end of the file starting in a new line;
 log4j.category.SERVICE_LOGGER.StockQuoteProxy=DEBUG, SQ_PROXY_APPENDER
log4j.additivity.SERVICE_LOGGER.StockQuoteProxy=false
log4j.appender.SQ_PROXY_APPENDER=org.apache.log4j.DailyRollingFileAppender
log4j.appender.SQ_PROXY_APPENDER.File=logs/stock-quote-proxy-service.log
log4j.appender.SQ_PROXY_APPENDER.datePattern='.'yyyy-MM-dd-HH-mm
log4j.appender.SQ_PROXY_APPENDER.layout=org.apache.log4j.PatternLayout
log4j.appender.SQ_PROXY_APPENDER.layout.ConversionPattern=%d{ISO8601} [%X{ip}-%X{host}] [%t] %5p %c{1} %m%n
Well, save the file and you are done with the configuration, and now it is time to try it out. By default the sample 150 configuration doesn't do any logging at run time. So go ahead and configure the proxy service in-sequence to contain a log mediator to log the message at "Full" log level.

Execute the sample client after starting the ESB with the sample 150;
  $ESB_HOME/bin/wso2esb-samples.sh -sn 150
and the sample axis2 server with SimpleStockQuote service deployed on it as per stated in the sample documentation.

Inspect the logs directory of the ESB installation directory to see the stock-quote-proxy-service.log file, further to demonstrate the log file rotation I have configured this particular logger to rotate the file in each minute when ever there is a log going into the service log, so if you execute the sample client once again after 1 minute you will be able to see the service log file rotation as well.

See original post

Best of SOA Summer School

0 comments

During this entire summer, WSO2 conducted a series of trainings on SOA best practices, How-Tos and trends, titled “SOA Summer School“. With the dawn of the autumn the series of online summer classes came to an end. With the popular demand, a 3 hour session is going to be held tomorrow the 13th August summarizing the 8 weeks of lessons and highlighting their key areas.





Untitled


for a better insight I have attached tomorrow’s agenda, and it is conducted by Samisa Abeysinghe, Ruwan Linton, Prabath Siriwardena, Keith Chapman and Nandika Jayawardena. The online trainings are totally free and any one who is interested in SOA and EA can gain a good knowledge of its dynamics.

See original post

 

Copyright 2009 All Rights Reserved Revolution Two Church theme modified by Milinda Pathirage