WSO2 Governance and Certificates - wso2

Folks,
does anyone know if the WSO Governance software (version 4) supports SHA-2 certificates? If so, is there anything different to install vs SHA-1 certs?

I dont have a WSO2 Governance Registry 4.5.3 pack with me at the moment. I believe, you will be able to figure it out as follows.
All WSO2 products has tomcat embedded in them. Thats how the management console is presented. If you do a find for 'tomcat', you will find a jar in repository/components/plugins folder. I am not sure whether it is the embedded tomcat jar or the normal one (there is a difference in those two). As far as I know, earlier days it was the embedded tomcat jar and then WSO2 started using the normal one.
After you find the version of that jar (for example Governance Registry 4.6.0 uses tomcat 7.0.34), you should be able to do a search and find out whether that version of tomcat supports SHA2 or not.

Related

Accessing WSO2 BPS and ESB registry from code

I am trying to access the registry of WSO2 BPS and WSO2 ESB from Java in order to automatically fill the registry based on the data I provide.
I have already found a number of resources about the required Java code and dependencies, this being the most helpful one: [WSO2 Governance Registry]Using WSRegistryServiceClient. However, the approach described in these resources depends on the WSRegistryService service. This service is included in Governance Registry by default, but not in the other WSO2 products. I have verified that my code works for the Governance Registry. For any other WSO2 product on my machine, I get this error:
The service cannot be found for the endpoint reference (EPR) https://localhost:9445/services/WSRegistryService
I found an old thread suggesting that it should be possible to install the WSRegistryService on other WSO2 products as well, but I have not been able to find out how to do so. I can't seem to find it within the features I can install from the web console of the products. I have also tried manually copying the relevant jar from the plugins directory of Governance Registry into the plugins directory of other products, but that doesn't seem to be sufficient.
Note that my application for filling the registry will not be running on the carbon server whose registry I want to access, so using CarbonContext.getThreadLocalCarbonContext() (an approach I found in some other articles) is not an option.
I think your referring to how to install features to WSO2 products,
Please find this documentation.

Can a Jenkins image be used as base for installing WSO2 Identity Server?

I would like to try out the WSO2 Identity Server. It has a number of prerequisites (Apache Maven, Ant) as described here. Since a Bitnami Jenkins image satisfies these requirements (I think), can I just spin up one on Google Cloud and use it as a base for installing WSO2 IS?
If not, please suggest an alternative image that would be convenient for WSO2 IS requiring minimum amount of preparation in terms of additional installs.
The worst case is starting with a bare Ubuntu 14.04 image and going through the steps to install all the prerequisite packages.
You don't need Maven, Ant for installing and running the product. You need only JDK installed to run the product.
By default WSO2 Identity Server uses H2 database, but you can use any industry-standard RDBMS such as Oracle, PostgreSQL, MySQL, MS SQL, etc.
All WSO2 Carbon-based products are Java applications that can be run on any platform that is Oracle JDK 7/8 compliant. Also, we do not recommend or support OpenJDK
All WSO2 Carbon-based products are generally compatible with most common DBMSs. The embedded H2 database is suitable for development, testing, and some production environments. For most enterprise production environments, however, we recommend you use an industry-standard RDBMS such as Oracle, PostgreSQL, MySQL, MS SQL, etc. For more information, see Working with Databases. Additionally, we do not recommend the H2 database for use as a user store.
WSO2 Identity Server is shipped with a default embedded Apache DS. However, in a production environment, it is recommended to use an LDAP like OpenLDAP, due to scalability issues that exist with Apache DS.
You only need a JDK as a mandatory requirement for running WSO2 IS.
You can just use a bare Ubuntu instance with Java (Oracle JDK) and start WSO2 IS using the shell script.
You would need maven etc if you are to build the samples form source. Else, no need.

WSO2 Identity Server 5.0.0 clustering with Oracle Coherence

Halo everybody (maybe Asela? :),
Can anyone guide me how can I implement Oracle Coherence as a Cache provider with WSO2 Identity Server 5.0.0 clustered using with WSO2 ELB?
I found some very useful links on that topic, from which I consider this one as a good start: Clustering Identity Server
But I cannot find a way how to find solution for changing Hazelcast cache provider for any other provider.
I also realized, WSO2 is not using javax.caching implementation from JDK (since it was introduced in 1.7 and later), it is using its own based on JSR-107 (from which JSR I suppose Java JDK JCache is originated.
This article shows, that there is a way, how to somehow implement user JSR 107 JCache, but I don't see it configured for whole Identity Server:
WSO2 Multi-tenant Cache: JSR-107 (JCache)
I'm expecting answer which will guide me, what to change or add (for instance to carbon core) and where to setup / configure those changes, to make them global used within WSO2 Identity Server 5.0.0.
I hope it is relevant question and since this Carbon based platform is very rich and configurable, I hope this will be possible with some time invested.
Thank you in advance,
Josef
Coherence supports the real JCache APIs, so if WSO2 uses JCache, it should be easy to integrate Coherence!

Making WSO2 ESB Version 4.5.1 ready for production environment

I would like to know is the WSO2 ESB Version 4.5.1 installation out of the box production ready in terms of configuration, If no, can someone give me some hints, would like to know what to turn off in a production environment.
All the WSO2 products are production compatible out-of-the-box in general. But if you are using with distributed setup you may need to setup server in clusters with backend-frontend separation. And also you may need to use WSO2 Elastic Load Balancer. And the default embedded H2 database will not be efficient and you may need to change to MySQL.
Anyway if you are using a small setup in production all of them may not needed.

How do you install multiple WSO2 products?

The installation instructions are clear how to download a .zip for an individual product (e.g. ESB, Application Server, Mashup Server). But based on the OSGi component architecture, I thought it would be possible to, for example, add Mashup Server functionality to an existing install of the ESB. I've looked at the Feature Manager, and tried adding a repository (http://dist.wso2.org/p2/carbon/releases/3.2.4/), but have not had success.
Any guidance appreciated.
It's possible to install different features via the feature manager, but you have to determine the correct version of the feature compliant with the target server. For example, to install BPEL features to WSO2 ESB 4.0.2, first find the related WSO2 Carbon platform version. This can be determined by the version of $ESB-HOME/repository/components/plugins/org.wso2.carbon.core-x.x.x.jar. So if WSO2 ESB 4.0.2 is the target server, then the version of org.wso2.carbon.core jar would be 3.2.2. So the relevant BPEL feature version is 3.2.2.
You can read more about Installing+Features and How install the BPEL features via Feature Manager.
Please refer to WSO2 release matrix [1] in order to match the correct version
By looking at it, you can easily find the Carbon version of any product version.
For example ESB 4.0.2 has the carbon version 3.2.2
[1] http://wso2.com/products/carbon/release-matrix/