I have one question about blueprint in OSGI Bundles. I bundle activiti in one, but there are some configurations that have to be made in the blueprint to get it work. i don't want to compile the bundle new for every time I change those settings. is it possible to store them out out the blueprint to change it needing only to restart the bundle?
<bean id="configuration" class="org.activiti.engine.impl.cfg.JtaProcessEngineConfiguration"
ext:field-injection="true">
<property name="databaseType" value="h2"/>
<property name="dataSource" ref="dataSource"/>
<property name="transactionManager" ref="transactionManager"/>
<property name="databaseSchemaUpdate" value="true"/>
<property name="transactionsExternallyManaged" value="true"/>
<property name="defaultCamelContext" value="defaultContext"/>
<property name="mailServerHost" value="smtp.googlemail.com"/>
<property name="mailServerUsername" value="xxxx"/>
<property name="mailServerPassword" value="xxxx"/>
<property name="mailServerPort" value="465"/>
<property name="useSSL" value="true" />
<property name="useTLS" value="true" />
<property name="mailServerDefaultFrom" value="senderadress"/>
</bean>
thank you so much!
In OSGi you use the configuration admin spec for your configs. In Apache Karaf it allows to store configs in files in the etc directory.
To inject them into blueprint you use the blueprint-cm namespace.
See this tutorial how to use it.
So I've been playing and toying with WSO2 Identity Server for a while and I have to say it hurts me more than it helps. Anyway, I have question on how to integrate with Active Directory. I've got to a point where I can see all my AD's Users and Groups in WSO2 IS. However, I encountered the following:
I can't login to WSO2 IS with any AD credential.
I can't configure domain (foo.com\) for AD users in WSO2.
When I login to WSO2 with admin, I see all AD users but they don't have any Roles (Groups). Somehow when WSO2 read these Users from AD, it doesn't read the AD Group the Users belong to.
My long and boring WSO2 IS configuration:
<UserManager>
<Realm>
<Configuration>
<AdminRole>admin</AdminRole>
<AdminUser>
<UserName>admin</UserName>
<Password>admin</Password>
</AdminUser>
<EveryOneRoleName>everyone</EveryOneRoleName>
<!-- By default users in this role sees the registry root -->
<Property name="dataSource">jdbc/WSO2CarbonDB</Property>
<Property name="MultiTenantRealmConfigBuilder">org.wso2.carbon.user.core.config.multitenancy.CommonLDAPRealmConfigBuilder</Property>
</Configuration>
<UserStoreManager class="org.wso2.carbon.user.core.ldap.ReadWriteLDAPUserStoreManager">
<Property name="defaultRealmName">WSO2.ORG</Property>
<Property name="kdcEnabled">false</Property>
<Property name="ConnectionURL">ldap://localhost:${Ports.EmbeddedLDAP.LDAPServerPort}</Property>
<Property name="ConnectionName">uid=admin,ou=system</Property>
<Property name="ConnectionPassword">admin</Property>
<Property name="passwordHashMethod">SHA</Property>
<Property name="UserNameListFilter">(objectClass=person)</Property>
<Property name="UserEntryObjectClass">identityPerson</Property>
<Property name="UserSearchBase">ou=Users,dc=wso2,dc=org</Property>
<Property name="UserNameSearchFilter">(&(objectClass=person)(uid=?))</Property>
<Property name="UserNameAttribute">uid</Property>
<Property name="PasswordJavaScriptRegEx">^[\\S]{5,30}$</Property>
<Property name="ServicePasswordJavaRegEx">^[\\S]{5,30}$</Property>
<Property name="ServiceNameJavaRegEx">^[\\S]{2,30}/[\\S]{2,30}$</Property>
<Property name="UsernameJavaScriptRegEx">^[\\S]{3,30}$</Property>
<Property name="UsernameJavaRegEx">[a-zA-Z0-9._-|//]{3,30}$</Property>
<Property name="RolenameJavaScriptRegEx">^[\\S]{3,30}$</Property>
<Property name="RolenameJavaRegEx">[a-zA-Z0-9._-|//]{3,30}$</Property>
<Property name="ReadLDAPGroups">true</Property>
<Property name="WriteLDAPGroups">true</Property>
<Property name="EmptyRolesAllowed">true</Property>
<Property name="GroupSearchBase">ou=Groups,dc=wso2,dc=org</Property>
<Property name="GroupNameListFilter">(objectClass=groupOfNames)</Property>
<Property name="GroupEntryObjectClass">groupOfNames</Property>
<Property name="GroupNameSearchFilter">(&(objectClass=groupOfNames)(cn=?))</Property>
<Property name="GroupNameAttribute">cn</Property>
<Property name="MembershipAttribute">member</Property>
<Property name="UserRolesCacheEnabled">true</Property>
<Property name="UserDNPattern">uid={0},ou=Users,dc=wso2,dc=org</Property>
<Property name="SCIMEnabled">true</Property>
<Property name="maxFailedLoginAttempt">0</Property>
</UserStoreManager>
<UserStoreManager class="org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager">
<Property name="ReadOnly">true</Property>
<Property name="MaxUserNameListLength">100</Property>
<Property name="ConnectionURL">ldap://10.10.10.72:389</Property>
<Property name="ConnectionName">CN=Firstname Lastname,OU=Users,OU=New York,OU=Offices,DC=foo,DC=bar,DC=com</Property>
<Property name="ConnectionPassword">Password1*</Property>
<Property name="passwordHashMethod">SHA</Property>
<Property name="UserSearchBase">ou=Users,dc=wso2,dc=org</Property>
<Property name="UserNameListFilter">(objectClass=person)</Property>
<Property name="UserNameAttribute">sAMAccountName</Property>
<Property name="ReadLDAPGroups">false</Property>
<Property name="GroupSearchBase">ou=Groups,dc=wso2,dc=org</Property>
<Property name="GroupNameListFilter">(objectClass=groupOfNames)</Property>
<Property name="GroupNameAttribute">cn</Property>
<Property name="MembershipAttribute">member</Property>
<Property name="UserRolesCacheEnabled">true</Property>
<Property name="ReplaceEscapeCharactersAtUserLogin">true</Property>
<Property name="maxFailedLoginAttempt">0</Property>
<!--Property name="DomainName">foo.com</Property-->
</UserStoreManager>
<UserStoreManager class="org.wso2.carbon.user.core.ldap.ActiveDirectoryUserStoreManager">
<Property name="defaultRealmName">NYSTSTest</Property>
<Property name="kdcEnabled">false</Property>
<Property name="ConnectionURL">ldap://10.10.10.72:389</Property>
<Property name="ConnectionName">CN=Firstname Lastname,OU=Users,OU=New York,OU=Offices,DC=foo,DC=bar,DC=com</Property>
<Property name="ConnectionPassword">Password1*</Property>
<Property name="passwordHashMethod">PLAIN_TEXT</Property>
<Property name="UserSearchBase">OU=Users,OU=New York,OU=Offices,DC=foo,DC=bar,DC=com</Property>
<Property name="UserEntryObjectClass">person</Property>
<Property name="UserNameAttribute">sAMAccountName</Property>
<Property name="isADLDSRole">false</Property>
<Property name="userAccountControl">512</Property>
<Property name="UserNameListFilter">(objectClass=person)</Property>
<Property name="UserNameSearchFilter">(&(objectClass=user)(cn=?))</Property>
<Property name="UsernameJavaRegEx">[a-zA-Z0-9._-|//]{3,30}$</Property>
<Property name="UsernameJavaScriptRegEx">^[\\S]{3,30}$</Property>
<Property name="PasswordJavaScriptRegEx">^[\\S]{5,30}$</Property>
<Property name="RolenameJavaScriptRegEx">^[\\S]{3,30}$</Property>
<Property name="RolenameJavaRegEx">[a-zA-Z0-9._-|//]{3,30}$</Property>
<Property name="ReadLDAPGroups">true</Property>
<Property name="WriteLDAPGroups">false</Property>
<Property name="EmptyRolesAllowed">true</Property>
<Property name="GroupSearchBase">OU=Groups,OU=New York,OU=Offices,DC=foo,DC=bar,DC=com</Property>
<Property name="GroupEntryObjectClass">group</Property>
<Property name="GroupNameAttribute">sAMAccountName</Property>
<Property name="MembershipAttribute">member</Property>
<Property name="GroupNameListFilter">(objectCategory=group)</Property>
<Property name="GroupNameSearchFilter">(&(objectClass=group)(cn=?))</Property>
<Property name="UserRolesCacheEnabled">true</Property>
<!--Property name="Referral">follow</Property-->
<Property name="BackLinksEnabled">false</Property>
<Property name="maxFailedLoginAttempt">0</Property>
<!--Property name="DomainName">foo.com</Property-->
</UserStoreManager>
<AuthorizationManager
class="org.wso2.carbon.user.core.authorization.JDBCAuthorizationManager">
<Property name="AdminRoleManagementPermissions">/permission</Property>
<Property name="AuthorizationCacheEnabled">true</Property>
</AuthorizationManager>
</Realm>
</UserManager>
It seems you have multiple user stores configured. In this case, you need to specify a domain name, using this property:
<!--Property name="DomainName">foo.com</Property-->
See: http://docs.wso2.org/wiki/display/IS400/Configuring+Multiple+User+Stores.
Hope this helps,
Isabelle.
This is resolved in newest WSO2 IS build, but still in Alpha.
I'am experiencing, what I believe to be, the exact same thing. Everything looks good when I look at the "roles" and I can see the users in that role. But when I go from the user and try to look at which roles it is assigned to, it says no roles assigned.
wso2 api manager 1.6.0 problems with User store management using ActiveDirectoryUserStoreManager
How did you get you setup working, and is it still working with API-manager 1.6.0?
I am trying to create an SSL connection to activemq (using Spring 3.1, ActiveMQ 5.5, and Camel 10.0). I'm getting the dreaded SSL handshake exception. I can connect with an openssl s_client using the certificate in the jks. Thus, I'm trying to figure out if there is a problem with my keystore (which seems to work in other situations - e.g. with tomcat) or a problem with my XML configuration. Does anyone have a good example, thoughts about other ways to test, or see what I'm doing wrong?
Please note, my config passes validation (in case you see a typo).
Thanks
-J
<bean id="myJmsRedeliverPolicy" class="org.apache.activemq.RedeliverPolicy">
<property name="maximumRedeliveries" value="500"/>
</bean>
<bean id="jmsSecureConnectionFactory" class="org.apache.activemq.ActiveMQSslConnectionFactory">
<property name="brokerURL" value="ssl://test.com:8100"/>
<property name="redeliverPolicy" ref="myJmsRedeliverPolicy"/>
<property name="keyStore" value="/usr/lib/mykeystore.jks"/>
<property name="keyStorePassword" value="mypass"/>
<property name="trustStore" value="/usr/lib/mycacerts"/>
<property name="trustStorePassword" value="changeit"/>
</bean>
<bean id="pooledSecureConnectionFactory" class="org.apache.activemq.pool.PooledConnectionFactory">
<property name="maxConnections" value="10"/>
<property name="connectionFactory" ref="jmsSecureConnectionFactory"/>
</bean>
<bean id="txSecureManager" class="org.springframework.jms.connection.JmsTransactionManager">
<property name="connectionFactory" ref="pooledSecureConnectionFactory" />
</bean>
<bean id="jmsSecureConfig" class="org.apache.camel.component.jms.JmsConfiguration">
<property name="connectionFactory" ref="pooledSecureConnectionFactory" />
<property name="testConnectionOnStartup" value="true"/>
<property name="transacted" value="true"/>
<property name="transactionManager" ref="txSecureManager"/>
</bean>
<bean id="activemqs" class="org.apache.activemq.camel.component.ActiveMQComponent">
<property name="configuration" ref="jmsSecureConfig" />
</bean>
Start your application with:
-Djavax.net.debug=ssl
to get further with your troubleshooting. Usually, that command provides printout that says pretty much exactly what's wrong.
I found this topic How do i exclude everything but text/html from a heritrix crawl?
I have changed bean to this
<property name="shouldProcessRule">
<bean class="org.archive.modules.deciderules.ContentTypeMatchesRegexDecideRule">
<property name="decision" value="ACCEPT" />
<property name="regex" value="^application/pdf.*"/>
</bean>
</property>
</bean>
But heritrix still saves every file to mirror dir.
I believe you are missing a reject rule above your accept rule. I have the following that works:
<property name="shouldProcessRule">
<bean class="org.archive.modules.deciderules.DecideRuleSequence">
<property name="rules">
<list>
<bean class="org.archive.modules.deciderules.RejectDecideRule">
</bean>
<bean class="org.archive.modules.deciderules.ContentTypeMatchesRegexDecideRule">
<property name="decision" value="ACCEPT" />
<property name="regex" value="^application/pdf.*"/>
</bean>
</list>
</property>
</bean>
</property>
This rejects everything, then accepts everything listed in the following rules.
My DAO integration tests are failing because entities created during the tests are still in the database at the start of the next test. The exact same behavior is seen from both MySQL 5 and H2.
The test classes are annotated with:
#Transactional
#RunWith(SpringJUnit4ClassRunner.class)
#ContextConfiguration( { "/testPersist-applicationContext.xml" })
The transaction bean configuration in the test application context is as follows:
<tx:annotation-driven />
<bean id="transactionManager"
class="org.springframework.transaction.jta.JtaTransactionManager">
<property name="transactionManager" ref="atomikosTransactionManager" />
<property name="userTransaction" ref="atomikosUserTransaction" />
</bean>
<bean id="atomikosTransactionManager" class="com.atomikos.icatch.jta.UserTransactionManager"
init-method="init" destroy-method="close">
<property name="forceShutdown" value="false" />
</bean>
<bean id="atomikosUserTransaction" class="com.atomikos.icatch.jta.UserTransactionImp">
<property name="transactionTimeout" value="300" />
</bean>
The entity manager is configured as follows:
<bean id="myappTestLocalEmf"
class="org.springframework.orm.jpa.LocalContainerEntityManagerFactoryBean">
<property name="persistenceUnitName" value="myapp" />
<property name="persistenceUnitPostProcessors">
<bean class="com.myapp.core.persist.util.JtaPersistenceUnitPostProcessor">
<property name="jtaDataSource" ref="myappPersistTestJdbcDataSource" />
</bean>
</property>
<property name="jpaVendorAdapter">
<bean class="org.springframework.orm.jpa.vendor.HibernateJpaVendorAdapter">
<property name="showSql" value="false" />
<property name="database" value="$DS{hibernate.database}" />
<property name="databasePlatform" value="$DS{hibernate.dialect}" />
</bean>
</property>
<property name="jpaProperties">
<props>
<prop key="hibernate.transaction.manager_lookup_class">com.atomikos.icatch.jta.hibernate3.TransactionManagerLookup
</prop>
<prop key="hibernate.format_sql">true"</prop>
<prop key="hibernate.use_sql_comments">true</prop>
</props>
</property>
</bean>
<context:annotation-config />
Everything in the log files seem to be fine...I can see messages from Spring about rollback and from Atomikos about rollback as well. But frankly, the logs are so huge and so complex, I could easily be missing something...
Yet the inserted test data remains! Any clues?
It turned out that my C3P0 JDBC data source was not XA aware and was therefore not participating in the transaction. Why I did not get an error, nor a warning in the log file, I do not know. Nonetheless, the reason you cannot use an XA aware data source is explained very nicely here. Note that the data source does not need to be XA capable...just XA aware.
Replacing the C3P0 data source with the following one solved the problem.
<bean id="myappJTANonXADataSource" class="com.atomikos.jdbc.nonxa.AtomikosNonXADataSourceBean">
<property name="uniqueResourceName" value="myappDatabase" />
<property name="driverClassName" value="$DS{hibernate.connection.driver_class}" />
<property name="url" value="$DS{hibernate.connection.url}" />
<property name="user" value="$DS{hibernate.connection.username}" />
<property name="password" value="$DS{hibernate.connection.password}" />
<property name="maxPoolSize" value="20" />
<property name="reapTimeout" value="300" />
</bean>
I think you will need to go through the logs in details. It could be that the rollbacks you are seeing are working, except that something else has executed a commit first. I also cannot see anything in your code which indicates automated rollback. And that it should occur at the end of each test. If you are depending on a timeout based rollback it could be that the second test is running before the timeout occurs, therefore it sees the data before it is rolled back.
Many options here there is :-)