Currently, We are using WSO2(v5.8) in our development environment. We have used all the soap request almost of WSO2 - tenant creation, service provider, user store, and claim as well. All the soap requests are working fine. But in case of Claim : the problem is , it created successfully and updated successfully using soap request without any error. When we are going to see the new added claim on wso2 console then the newly added claims are not displaying under claims. After sometime the claims are available, which means we are able to see the newly added claim and we can use it with service provider also.
But most of the time is not displaying. I think the claims are not synced properly in case of multiple instances running of WSO2. Somebody help highly appreciated
Historically WSO2 Identity Server used distributed caching to utilize the above-mentioned advantages as well as to minimize the coherence problem. However, in newer deployment patterns where the network is not tightly controlled, distributed caching fails in unexpected ways. Hence, we no longer recommend using distributed caching. Instead, it is recommended to have local caches.
Refer to this document to get further information about deployment patterns.
In order to enable localcaches, Please check whether you have enabled this property in /repository/conf/carbon.xml file
<ForceLocalCache>true</ForceLocalCache>
For clustered nodes, enabling this property enables local cache invalidations.
[update]
There is a similar issue already reported regarding claims are not listed or not synced properly in a clustered environment when forcelocalcache is enabled. You can refer to the git issue here. This issue is fixed with Identity Server 5.9.0
Related
I'm trying to setup multi-factor authentication in WSO2 Identity Server 5.5. As per instructions, I have installed and configured totp as a possible second factor. Within my service provider, I'm attempting to add multiple steps to the Advanced Authentication Configuration screen under the Local & Outbound Authentication Configuration section, and modifications are not saving when pressing Update.
I understand that some of the UI operations do not always operate as expected, so I was wondering if anyone knew how to fix this or perhaps could specify where the service provider config files are located so I can make these changes manually?
For my use case, I just want to have basic as the first step/factor and then totp as the second. Nothing seems to save on this screen.
Thanks.
screenshot-advanced configuration
I have recently inherited a Web API development that exposes key endpoints to a company that is hosting and running our website.
We use Octopus to deploy the API to our webserver.
I have duplicated the API and added the appropriate configuration variable to Octopus and deployed it to a secondary webserver (as a development API) for our 3rd party to use.
We are using identity server along with OpenID connect for authentication.
This has built and deployed however authentication is failing.
I know this is a vague description, but I am looking for pointers for an analysis path.
I have compared the logs of the current Api and the test Api and results are the same. (Stating authentication is successful)
Not really enough information to properly answer this question - but I would start by:
1) Checking all the log files you can find for a more detailed exception message. (application logs, IIS logs, event log)
2) Try to narrow down the issue. Does authentication fail for everyone/all the time? Or is this an issue intermittent? Does it work locally? For certain providers only?
3) Slowly start making the new website look like the old website. Comparing web.config files, copy/pasting the old website code onto the new server etc.
4) Check or restore old service accounts, firewall settings, database values, urls etc.
If all else fails - bring everything back to a working state and start changing one thing at a time until you have a little more experience with the application.
Halo everybody (maybe Asela? :),
Can anyone guide me how can I implement Oracle Coherence as a Cache provider with WSO2 Identity Server 5.0.0 clustered using with WSO2 ELB?
I found some very useful links on that topic, from which I consider this one as a good start: Clustering Identity Server
But I cannot find a way how to find solution for changing Hazelcast cache provider for any other provider.
I also realized, WSO2 is not using javax.caching implementation from JDK (since it was introduced in 1.7 and later), it is using its own based on JSR-107 (from which JSR I suppose Java JDK JCache is originated.
This article shows, that there is a way, how to somehow implement user JSR 107 JCache, but I don't see it configured for whole Identity Server:
WSO2 Multi-tenant Cache: JSR-107 (JCache)
I'm expecting answer which will guide me, what to change or add (for instance to carbon core) and where to setup / configure those changes, to make them global used within WSO2 Identity Server 5.0.0.
I hope it is relevant question and since this Carbon based platform is very rich and configurable, I hope this will be possible with some time invested.
Thank you in advance,
Josef
Coherence supports the real JCache APIs, so if WSO2 uses JCache, it should be easy to integrate Coherence!
We use WSO2 Registry Governance 4.5.3 and ask ourselves how to get information introduced (Resources, Users, LifeCycle ...) from one version to another. I saw that check-in can help.
Is it able to work with different versions of WSO2 Greg and will it take information other than resources, it seems that not.
But then how to transfer automatically these other infos from one version to another ? Is it possible through an API and which ?
Thank you in advance for your response.
Jean-Pierre Indot
I tried migrating a datasource configuration (a basic text resource) from WSO2 GReg 4.1.1 to GReg 4.5.3 using the check-in client. The migration was successful.
But there is a possibility of this approach not being adequate for migrating more complex resources. (E.g.: Resources containing data structures)
Could you please share the nature of the resources you're trying to migrate, so that we can try to provide you with a more subjective solution.
We are evaluating multiple ESB products currently (Mule, Fuse and WSO2), and one of our key requirements is to easily migrate services between multiple environments. I can see how this can be done in WSO2 with g-reg for the most part, but am struggling to see how we would parametrise the endpoint uris and maintain them separately in each environment? (This seems fairly trivial in Mule and Fuse).
The preferred way is:
Create/save ALL endpoints as registry resource (either using management console or Developer Studio)
Since the endpoints are saved in the registry, now the ESB configuration is totally independent of the environment. (We can create a Carbon Application out of this, which is basically can be deployed in any environment)
So, if you need to move the configuration from dev->qa, you can use the same .car file created