Monday, May 30, 2016

How to change default keystore password on WSO2 servers



Sometimes, you may require to change default key store password in WSO2 prodcuts due to security reasons.

Here are the steps when changing keystore passwords:

Step 1:
Navigate to wso2 server location:
ex: cd $wso2_server/repository/resources/security

Step 2:
Change keystore password:
keytool -storepasswd -new [new password] -keystore [keystore name]
ex: keytool -storepasswd -new simplenewpassword -keystore wso2carbon.jks

Step 3:
Change Private Key password
keytool -keypasswd -alias wso2carbon -keystore wso2carbon.jks  
 Enter keystore password: <simplenewpassword>  
 Enter key password for <wso2carbon> wso2carbon  
 New key password for <wso2carbon>: <simplenewpassword>  
 Re-enter new key password for <wso2carbon>: <simplenewpassword>  

Both keystore and private key password must be the same in some cases like WSO2 BAM. Specially, in Thrift, we need to configure to use one password for both.


Step 4:
Configure wso2 server (example taken here as WSO2 BAM)

  • Change carbon.xml at @wso2_server/repository/conf

<KeyStore>  
      <!-- Keystore file location-->  
      <Location>${carbon.home}/repository/resources/security/wso2carbon.jks</Location>  
      <!-- Keystore type (JKS/PKCS12 etc.)-->  
      <Type>JKS</Type>  
      <!-- Keystore password-->  
      <Password>simplenewpassword</Password>  
      <!-- Private Key alias-->  
      <KeyAlias>wso2carbon</KeyAlias>  
      <!-- Private Key password-->  
      <KeyPassword>simplenewpassword</KeyPassword>  
 </KeyStore>  
 <RegistryKeyStore>  
      <!-- Keystore file location-->  
      <Location>${carbon.home}/repository/resources/security/wso2carbon.jks</Location>  
      <!-- Keystore type (JKS/PKCS12 etc.)-->  
      <Type>JKS</Type>  
      <!-- Keystore password-->  
      <Password>simplenewpassword</Password>  
      <!-- Private Key alias-->  
      <KeyAlias>wso2carbon</KeyAlias>  
      <!-- Private Key password-->  
      <KeyPassword>simplenewpassword</KeyPassword>  
 </RegistryKeyStore>  

  • Change identtity.xml at @wso2_server/repository/conf
 <ThirftBasedEntitlementConfig>  
      <EnableThriftService>true</EnableThriftService>  
      <ReceivePort>${Ports.ThriftEntitlementReceivePort}</ReceivePort>          <ClientTimeout>10000</ClientTimeout>  
      <KeyStore>  
           <Location>${carbon.home}/repository/resources/security/wso2carbon.jks</Location>               <Password>simplenewpassword</Password>  
      </KeyStore>  
 </ThirftBasedEntitlementConfig>  



Thursday, May 26, 2016

How to resolve "File Upload Failure" when importing a schema with dependany in WSO2 GREG


Schema is one of the main asset model used in WSO2 GREG and you can find more information on https://docs.wso2.com/display/Governance520/Adding+a+Schema.

There can be situations where you want to import a schema to GREG which imports another schema (It has a dependency)

1. Lets say you have a schema file.
example: original.xsd
 <?xml version="1.0" encoding="UTF-8"?>  
 <xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema" targetNamespace="urn:listing1">  
   <xsd:complexType name="Phone1">  
     <xsd:sequence>  
       <xsd:element name="areaCode1" type="xsd:int"/>  
       <xsd:element name="exchange1" type="xsd:int"/>  
       <xsd:element name="number1" type="xsd:int"/>  
     </xsd:sequence>  
   </xsd:complexType>  
 </xsd:schema>

2. Import above schema on publisher as per the instructions given on https://docs.wso2.com/display/Governance520/Adding+a+Schema.

3. Now, you need to import another schema which import/ has reference to previous schema
example: link.xsd
<?xml version="1.0" encoding="UTF-8"?>  
 <xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema" targetNamespace="urn:listing">  
   <xsd:import namespace="urn:listing1"  
         schemaLocation="original.xsd"/>  
   <xsd:complexType name="Phone">  
     <xsd:sequence>  
       <xsd:element name="areaCode" type="xsd:int"/>  
       <xsd:element name="exchange" type="xsd:int"/>  
       <xsd:element name="number" type="xsd:int"/>  
     </xsd:sequence>  
   </xsd:complexType>  
 </xsd:schema>  

Issue: You may encounter an error similar to following:
ERROR {org.wso2.carbon.registry.extensions.handlers.utils.SchemaProcessor} - Could not read the XML Schema Definition file. this.schema.needs  
 org.apache.ws.commons.schema.XmlSchemaException: Could not evaluate Schema Definition. This Schema contains Schema Includes that were not resolved  
      at org.apache.ws.commons.schema.SchemaBuilder.handleInclude(SchemaBuilder.java:1676)  
      at org.apache.ws.commons.schema.SchemaBuilder.handleXmlSchemaElement(SchemaBuilder.java:221)  
      at org.apache.ws.commons.schema.SchemaBuilder.build(SchemaBuilder.java:121)  
      at org.apache.ws.commons.schema.XmlSchemaCollection.read(XmlSchemaCollection.java:512)  
      at org.apache.ws.commons.schema.XmlSchemaCollection.read(XmlSchemaCollection.java:385)  
      at org.apache.ws.commons.schema.XmlSchemaCollection.read(XmlSchemaCollection.java:425)  
 ....................  
 Caused by: org.wso2.carbon.registry.core.exceptions.RegistryException: Could not read the XML Schema Definition file. this.schema.needs  
      at org.wso2.carbon.registry.extensions.handlers.utils.SchemaProcessor.putSchemaToRegistry(SchemaProcessor.java:137)  
      at org.wso2.carbon.registry.extensions.handlers.XSDMediaTypeHandler.processSchemaUpload(XSDMediaTypeHandler.java:263)  
      at org.wso2.carbon.registry.extensions.handlers.XSDMediaTypeHandler.put(XSDMediaTypeHandler.java:186)  
      at org.wso2.carbon.registry.core.jdbc.handlers.HandlerManager.put(HandlerManager.java:2503)  
      at org.wso2.carbon.registry.core.jdbc.handlers.HandlerLifecycleManager.put(HandlerLifecycleManager.java:957)  
      at org.wso2.carbon.registry.core.jdbc.EmbeddedRegistry.put(EmbeddedRegistry.java:697)  
      at org.wso2.carbon.registry.core.caching.CacheBackedRegistry.put(CacheBackedRegistry.java:550)  
      at org.wso2.carbon.registry.core.session.UserRegistry.putInternal(UserRegistry.java:827)  
      at org.wso2.carbon.registry.core.session.UserRegistry.access$1000(UserRegistry.java:60)  
      at org.wso2.carbon.registry.core.session.UserRegistry$11.run(UserRegistry.java:803)  
      at org.wso2.carbon.registry.core.session.UserRegistry$11.run(UserRegistry.java:800)  
      at java.security.AccessController.doPrivileged(Native Method)  
      at org.wso2.carbon.registry.core.session.UserRegistry.put(UserRegistry.java:800)  
      at org.wso2.carbon.registry.resource.services.utils.AddResourceUtil.addResource(AddResourceUtil.java:88)  

Solution 1:
Zip all schemas together and upload

Solution 2:
Specify the absolute path for dependent schema file:
example:
 <xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema" targetNamespace="urn:listing">  
   <xsd:import namespace="urn:listing1"  
         schemaLocation="http://www.example.com/schema/original.xsd"/>   





Sunday, February 23, 2014

How jmeter scripts be executed over specific time period.

Think that you need to execute performance test for 1 hour.

Steps:

One possible way is use “Scheduler” in thread group.


Once you tick on “scheduler”, start time and end time can be given.
For example:
Start time: 2014/02/20 09:00:00
End Time: 2014/02/20 10:00:00

However, using scheduler is a overhead when you have to repeat the test several times, it should be edited again and again.

There is another way to execute jmeter scripts over particular time period by overcoming modification overhead.

Use "Ultimate thread group".
For that use have to download additional plug-in called “JMeterPlugins-Standard-1.1.3” and place it in lib/ext folder.
  1. Download stnadard plu-in (JMeterPlugins-Standard-1.1.3.zip) from http://jmeter-plugins.org/downloads/all/
  2. Unzip the downloaded file
  3. Navigate to lib/ext and copy “JmeterPlugins-Standard.jar” and place it on jmeter distribution lib/ext folder
  4. restart jmeter if it already started.
  5. On the jmeter UI, now you can add “ultimate thread group”
  6. Click on “Add Row”
Now you can define how long the test should be executed by using the “Hold Load for, sec” option.

For one hour test explained above you can use the below settings:



Note: No need to modify this script over and over again when you want to run it for several times. 















View Jmeter summary in non-GUI mode


I recently had to execute jmeter scripts on non GUI mode and wanted to view results while the test is executing.

Usually, on UI mode we can view the summary from “Summary Report” option.


But, when the test is executing through non GUI mode, usually we can not view the result rather waiting until the results written to particular file.

Below example shows how the jmeter scripts execute on non GUI mode.

 ./bin/jmeter.sh -n -t ~/jmeter/scripts/test1.jmx -l ~/jmeter/results/results1.jtl  

Note: test1.jmx file is the jmeter test plan. Result1.jtl is the result file generated.

When the test execution happening over long time and we need to view results during that period. For that we can use “Summariser” option.

Summariser is a special listener that only applies to non GUI mode. 
This option is provided in jmeter.properties file. (Actually $jmeter_home/bin).

jmeter.propertie contains special section for summariser options

 #---------------------------------------------------------------------------  
 # Summariser - Generate Summary Results - configuration (mainly applies to non-GUI mode)  
 #---------------------------------------------------------------------------  
 #  
 # Define the following property to automatically start a summariser with that name  
 # (applies to non-GUI mode only)  
 #summariser.name=summary  
 #  
 # interval between summaries (in seconds) default 3 minutes  
 #summariser.interval=180  
 #  
 # Write messages to log file  
 #summariser.log=true  
 #  
 # Write messages to System.out  
 #summariser.out=true  

What you need to do is uncomment the 4 options.

summariser.name=summary
summariser.interval=180 : Here you can define any time interval to display the results.
summariser.log=true

summariser.out=true

Now execute the same command and see the summary during test execution.

 ./bin/jmeter.sh -n -t ~/jmeter/scripts/test1.jmx -l ~/jmeter/results/results1.jtl  

Summary will be printed on the jmeter console:

 Creating summariser <summary>  
 Created the tree successfully using /home/ubuntu/jmeter/scripts/test1 .jmx  
 Starting the test @ Thu Feb 20 10:25:14 UTC 2014 (1392891914636)  
 Waiting for possible shutdown message on port 4445  
 summary + 99960 in  104s = 961.9/s Avg:  26 Min:   3 Max:  806 Err:   0 (0.00%) Active: 30 Started: 30 Finished: 0  
 summary + 306897 in  180s = 1704.5/s Avg:  17 Min:   3 Max:  297 Err:   0 (0.00%) Active: 30 Started: 30 Finished: 0  
 summary = 406857 in  284s = 1433.0/s Avg:  19 Min:   3 Max:  806 Err:   0 (0.00%)  
 summary + 298083 in  180s = 1655.7/s Avg:  17 Min:   3 Max:  322 Err:   0 (0.00%) Active: 30 Started: 30 Finished: 0  
 summary = 704940 in  464s = 1519.5/s Avg:  18 Min:   3 Max:  806 Err:   0 (0.00%)  
 summary + 264542 in  155s = 1704.9/s Avg:  16 Min:   3 Max:  304 Err:   0 (0.00%) Active: 0 Started: 30 Finished: 30  
 summary = 969482 in  619s = 1566.2/s Avg:  18 Min:   3 Max:  806 Err:   0 (0.00%)  
 Tidying up ...  @ Thu Feb 20 10:35:35 UTC 2014 (1392892535107)  

The main advantage of this is you can see what is happening during long running test. 











Wednesday, February 19, 2014

WSO2 ESB becomes fastest ESB in the space


It is very exited to see WSO2 ESB becomes world fastest ESB. This has been clearly proved by recent analysis of performance round: WSO2ESB Performance Round 7.5”. It has compared with WSO2 ESB newest release: ESB 4.8.1 and other leading open source ESBs.

Summary of the result as follows:











Sunday, February 9, 2014

XML to JSON conversion when multiple attributes and elements exists

There are situations that we need to convert xml payloads into JSON. WSO2 ESB provides this support and refer http://docs.wso2.org/display/ESB481/JSON+Support for more details.

To convert an XML payload into JSON, we have to set the messageType property to application/json in synapse configuration.

Here I discuss about XML to JSON conversion when multiple attributes and elements available in the payload.
You may receive a soap request as follows:

SOAP Request:
 <soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:m0="http://services.samples" xmlns:xsd="http://services.samples/xsd">  
 <soapenv:Header/>  
 <soapenv:Body>  
 <m0:getQuote xmlns:m0="http://services.samples" id="12345">  
 <person sex="female" fn:target="urn:getQuote" xmlns:fn="abcdef" id="12345">  
 <firstname>Anna</firstname>  
 <lastname id="12345678">Smith</lastname>  
 </person>  
 <m0:request>  
 <m0:symbol>A</m0:symbol>  
 </m0:request>  
 </m0:getQuote>  
 </soapenv:Body>  
 </soapenv:Envelope>   

Person element contains multiple attributes sex, target, namespace and id.
i.e:  <person sex="female" fn:target="urn:getQuote" xmlns:fn="abcdef" id="12345">  

Also, lastnname is a sub element of person and it contains attribute as id and text content as "Smith"
i.e: <lastname id="12345678">Smith</lastname>

We will see how to covert such payload into json and its how the response looks like.

In ESB create a proxy service with SimpleStockQuote endpoint.

Proxy Service Configuration:
 <?xml version="1.0" encoding="UTF-8"?>  
 <proxy xmlns="http://ws.apache.org/ns/synapse"  
 name="XMLtoJSON"  
 transports="https,http"  
 statistics="disable"  
 trace="disable"  
 startOnLoad="true">  
 <target>  
 <inSequence>  
 <property name="messageType" value="application/json" scope="axis2"/>  
 <log level="full"/>  
 <respond/>  
 </inSequence>  
 <outSequence>  
 <send/>  
 </outSequence>  
 <endpoint>  
 <address uri="http://localhost:9000/services/SimpleStockQuoteService/"/>  
 </endpoint>  
 </target>  
 <description/>  
 </proxy>   


Note: 
For conversion, use "<property name="messageType" value="application/json" scope="axis2"/>" in the configuration as discussed above.

1. You have to start sample backend to receove response which is provided with WSO2 ESB. (Start axis2Service @ESB_HOME/samples/axis2Server)
2. Built SimpleStockQuote Service @ESB_HOME/samples/axis2Server/src/SimpleStockQuoteService by running "ant" command.
3. Send the SOAP request to proxy service using SOAP UI.


Response should be as follows:

 HTTP/1.1 200 OK  
 Host: shashi-ThinkPad-T530:8280  
 SOAPAction: "urn:getQuote"  
 Accept-Encoding: gzip,deflate  
 Content-Type: application/json  
 Date: Fri, 24 Jan 2014 06:00:54 GMT  
 Server: WSO2-PassThrough-HTTP  
 Transfer-Encoding: chunked  
 Connection: Keep-Alive  
 {"getQuote":{"@id":"12345","person":{"@id":"12345","@sex":"female","@target":"urn:getQuote","firstname":"Anna","lastname":{"@id":"12345678","$":"Smith"}},"request":{"symbol":"A"}}}  


Points to focus in response:

1. Content-Type should be 'application/json'
2. XML: 
<person sex="female" fn:target="urn:getQuote" xmlns:fn="abcdef" id="12345">  

JSON:
"person":{"@id":"12345","@sex":"female","@target":"urn:getQuote"

*** Attributes displayed with prefix '@' in JSON conversion. ("@id":"12345")
When nodes has text content as well as attributes, that text content is stored in a key with “$”

XML:
 <lastname id="12345678">Smith</lastname>  

JSON:
"lastname":{"@id":"12345678","$":"Smith"}

If a node has multiple children with the same tag name, they are converted into a numerically indexed array e.g. “person”
XML
 <person>Anvar</person>  
 <person>Porter</person>  
 <person>Raj</person>  

JSON
"person":["Anvar","Porter","Raj"]


SOAP request:
 <soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:m0="http://services.samples" xmlns:xsd="http://services.samples/xsd">  
 <soapenv:Header/>  
 <soapenv:Body>  
 <m0:getQuote xmlns:m0="http://services.samples" id="12345">  
 <person>Anvar</person>  
 <person>Porter</person>  
 <person>Raj</person>  
 <m0:request>  
 <m0:symbol>A</m0:symbol>  
 </m0:request>  
 </m0:getQuote>  
 </soapenv:Body>  
 </soapenv:Envelope>  


Response:
 HTTP/1.1 200 OK  
 Host: shashi-ThinkPad-T530:8280  
 SOAPAction: "urn:mediate"  
 Accept-Encoding: gzip,deflate  
 Content-Type: application/json  
 Date: Sun, 09 Feb 2014 02:49:07 GMT  
 Server: WSO2-PassThrough-HTTP  
 Transfer-Encoding: chunked  
 Connection: Keep-Alive  
 {"getQuote":{"@id":"12345","person":["Anvar","Porter","Raj"],"request":{"symbol":"A"}}}  

Friday, January 3, 2014

Working with WSO2 ESB Tasks with 'injectTo' property

WSO2 ESB Tasks allows to run scheduled jobs at specified intervals which is triggered by a timer. In this blog post I discuss about how to use 'injectTo' property with tasks.

Injecting the message to a proxy service:

Basic structure as follows:
<property xmlns:task="http://www.wso2.org/products/wso2commons/tasks"
name="injectTo"
value="proxy"/>
.......................
<property xmlns:task="http://www.wso2.org/products/wso2commons/tasks"
name="proxyName"
value="SampleProxy"/>

  1. Use the configuration below
  2. Start inbuilt backend service 'axis2serever' at $ESB_HOME/samples/axis2Server
  3. Here I use SimplestockQuoteService and you need to built it by running ant command at $ESB_HOME/samples/axis2Server/src/SimpleStockQuoteService
  4. Retart ESB and see task triggered 2 times withing 5ms as per below example:
    <trigger count="2" interval="5"/> 

 <?xml version="1.0" encoding="UTF-8"?>  
 <definitions xmlns="http://ws.apache.org/ns/synapse">  
   <registry provider="org.wso2.carbon.mediation.registry.WSO2Registry">  
    <parameter name="cachableDuration">15000</parameter>  
   </registry>  
   <proxy name="SampleProxy"  
      transports="https http"  
      startOnLoad="true"  
      trace="disable">  
    <description/>  
    <target endpoint="A">  
      <inSequence>  
       <log>  
         <property name="LOG"  
              value="======================================================="/>  
       </log>  
      </inSequence>  
      <outSequence>  
       <log>  
         <property name="LOG" value="******************************************"/>  
       </log>  
      </outSequence>  
    </target>  
   </proxy>  
   <endpoint name="A">  
    <address uri="http://localhost:9000/services/SimpleStockQuoteService"/>  
   </endpoint>  
   <sequence name="fault">  
    <log level="full">  
      <property name="MESSAGE" value="Executing default 'fault' sequence"/>  
      <property name="ERROR_CODE" expression="get-property('ERROR_CODE')"/>  
      <property name="ERROR_MESSAGE" expression="get-property('ERROR_MESSAGE')"/>  
    </log>  
    <drop/>  
   </sequence>  
   <sequence name="main">  
    <in>  
      <log level="full"/>  
      <filter source="get-property('To')" regex="http://localhost:9000.*">  
       <send/>  
      </filter>  
    </in>  
    <out>  
      <send/>  
    </out>  
    <description>The main sequence for the message mediation</description>  
   </sequence>  
   <task name="SampleInjectToSequenceTask"  
      class="org.apache.synapse.startup.tasks.MessageInjector"  
      group="synapse.simple.quartz">  
    <trigger count="2" interval="5"/>  
    <property xmlns:task="http://www.wso2.org/products/wso2commons/tasks" name="message">  
      <m0:getQuote xmlns:m0="http://services.samples">  
       <m0:request>  
         <m0:symbol>IBM</m0:symbol>  
       </m0:request>  
      </m0:getQuote>  
    </property>  
    <property xmlns:task="http://www.wso2.org/products/wso2commons/tasks"  
         name="proxyName"  
         value="SampleProxy"/>  
    <property xmlns:task="http://www.wso2.org/products/wso2commons/tasks"  
         name="injectTo"  
         value="proxy"/>  
   </task>  
 </definitions>  




Injecting the message to a proxy service:


Basic structure as follows:
<property xmlns:task="http://www.wso2.org/products/wso2commons/tasks"
name="injectTo"
value="sequence"/>
.......................
<property xmlns:task="http://www.wso2.org/products/wso2commons/tasks"
name="sequenceName"
value="SampleSequence"/>

  1. Use the configuration below.
  2. Same axis2service and SimpleStokQuote service can be used as per above
  3. Retart ESB and see task triggered 3 times withing 10ms as per below example:
    <trigger count="3" interval="10"/>
 <?xml version="1.0" encoding="UTF-8"?>  
 <definitions xmlns="http://ws.apache.org/ns/synapse">  
   <registry provider="org.wso2.carbon.mediation.registry.WSO2Registry">  
    <parameter name="cachableDuration">15000</parameter>  
   </registry>  
   <proxy name="SampleProxy"  
      transports="https http"  
      startOnLoad="true"  
      trace="disable">  
    <description/>  
    <target endpoint="A">  
      <inSequence>  
       <log>  
         <property name="LOG"  
              value="======================================================="/>  
       </log>  
      </inSequence>  
      <outSequence>  
       <log>  
         <property name="LOG" value="******************************************"/>  
       </log>  
      </outSequence>  
    </target>  
   </proxy>  
   <endpoint name="A">  
    <address uri="http://localhost:9000/services/SimpleStockQuoteService"/>  
   </endpoint>  
   <sequence name="fault">  
    <log level="full">  
      <property name="MESSAGE" value="Executing default 'fault' sequence"/>  
      <property name="ERROR_CODE" expression="get-property('ERROR_CODE')"/>  
      <property name="ERROR_MESSAGE" expression="get-property('ERROR_MESSAGE')"/>  
    </log>  
    <drop/>  
   </sequence>  
   <sequence name="recSeq">  
    <log level="full">  
      <property name="MSG" value="===== RESPONSE ====="/>  
    </log>  
    <drop/>  
   </sequence>  
   <sequence name="SampleSequence">  
    <send receive="recSeq">  
      <endpoint>  
       <address uri="http://localhost:9000/services/SimpleStockQuoteService"/>  
      </endpoint>  
    </send>  
   </sequence>  
   <sequence name="main">  
    <in>  
      <log level="full"/>  
      <filter source="get-property('To')" regex="http://localhost:9000.*">  
       <send/>  
      </filter>  
    </in>  
    <out>  
      <send/>  
    </out>  
    <description>The main sequence for the message mediation</description>  
   </sequence>  
   <task name="SampleInjectToSequenceTask"  
      class="org.apache.synapse.startup.tasks.MessageInjector"  
      group="synapse.simple.quartz">  
    <trigger count="3" interval="10"/>  
    <property xmlns:task="http://www.wso2.org/products/wso2commons/tasks"  
         name="injectTo"  
         value="sequence"/>  
    <property xmlns:task="http://www.wso2.org/products/wso2commons/tasks" name="message">  
      <m0:getQuote xmlns:m0="http://services.samples">  
       <m0:request>  
         <m0:symbol>IBM</m0:symbol>  
       </m0:request>  
      </m0:getQuote>  
    </property>  
    <property xmlns:task="http://www.wso2.org/products/wso2commons/tasks"  
         name="sequenceName"  
         value="SampleSequence"/>  
   </task>  
 </definitions>