Scanning through the WSO2 documentation and several blogs, I found three different type of registry mechanisms to add new claims to a Java PIP module:
By use of setup file calledentitlement.properties and by adding of Java static properties for each variable as described in the
sample case from the WSO2 manual, see: Writing a Custom Policy Info Point;
By use of supportedAttributesIds.add as described in link How to write a PIP point for WSO2 IS;
By use of a setter method: public Set getSupportedIds() { Set<String> ids = new HashSet<String>(); ids.add("http://kmarket.com/id/role"); return ids; } as described in the Stackoverflow post How To Add User Defined Attribute in PIP Attribute User Store
Please instruct which of the three options is the updated and recommended solution for adding new fields produced by the lookup of external data sources executed by the Balana PIP as an extension of the "AttributeFinderModule" class.
I've also tested the code posted in this example and compiled it with Java 6 JDK, see source reference
How To Add User Defined Attribute in PIP Attribute User Store
After the restart, the WSO2 server continues to display the following error:
Error while loading entitlement policies. Exception occurred while trying to invoke service method getAllPolicies
The following error details are available. Please refer logs for more details.
org.apache.axis2.AxisFault: Exception occurred while trying to invoke service method getAllPolicies
at org.wso2.carbon.identity.entitlement.ui.client.EntitlementPolicyAdminServiceClient.handleException(EntitlementPolicyAdminServiceClient.java:478)
at org.wso2.carbon.identity.entitlement.ui.client.EntitlementPolicyAdminServiceClient.getAllPolicies(EntitlementPolicyAdminServiceClient.java:81)
at org.apache.jsp.entitlement.index_jsp._jspService(org.apache.jsp.entitlement.index_jsp:183)
when adding the extended AttributeFinder Java extension. Is this a known bug in the WSO2 server?
The first way is configurable, you don't need to rebuild and deploy the PIP when you want to add new attibute. You just have to add them to entitlement.properties file. and restart the IS.
In other two ways, you have to rebuild the PIP module for each attribute changes.
But, If you are going to add and attribute, you have to implement the logic for that too, so in that case going for last two ways also make sense.
I've replaced the KmarketPIPAttributeFinder program module by the latest version from the svn source repository (see link below) and compiled it. This solved the problem under WSO2 Identity Server Version 5 and the routine started to register the PIP attributes, now visible at the PDP extensions.
Download the latest code from: https://svn.wso2.org/repos/wso2/carbon/platform/trunk/components/identity/org.wso2.carbon.identity.samples.entitlement.pip/src/main/java/org/wso2/carbon/identity/samples/entitlement/pip/KmarketPIPAttributeFinder.java
Related
I am trying to provide an HttpClient from the outside to my ktor server so that I can mock external services and write tests, however I get this exception when I run my test:
Please make sure that you use unique name for the plugin and don't install it twice. Conflicting application plugin is already installed with the same key as `Compression`
io.ktor.server.application.DuplicatePluginException: Please make sure that you use unique name for the plugin and don't install it twice. Conflicting application plugin is already installed with the same key as `Compression`
at app//io.ktor.server.application.ApplicationPluginKt.install(ApplicationPlugin.kt:112)
at app//com.example.plugins.HTTPKt.configureHTTP(HTTP.kt:13)
at app//com.example.ApplicationKt.module(Application.kt:14)
at app//com.example.ApplicationTest$expected to work$1$1.invoke(ApplicationTest.kt:39)
at app//com.example.ApplicationTest$expected to work$1$1.invoke(ApplicationTest.kt:38)
and thats a bit unexpected to me because I am not applying the Compression plugin twice as far as I can tell. If I run the server normally and manually call my endpoint with curl then it works as expected. What am I doing wrong?
I added a runnable sample project here with a failing test.
sample project
official ktor-documentation-sample project.
The problem is that you have the application.conf file and by default, the testApplication function tries to load modules which are enumerated there. Since you also explicitly load them in the application {} block the DuplicatePluginException occurs. To solve your problem you can explicitly load an empty configuration instead of the default one:
// ...
application {
module(client)
}
environment {
config = MapApplicationConfig()
}
// ...
I have created a new Serverless project in IntelliJ using a HelloWorld style template app.
This app I managed to build, deploy and run remotely in my AWS account. I even managed to integrate it with API gateway to make it accessible through the internet.
As the project is setup, it has 1 Lambda function called HelloWorldFunction. Its handler is called "helloworld.App::handleRequest" and I can see the configuration for this in the template.yaml file.
Now I want to create another Lambda function in the same application project. So, in IntelliJ, I follow these steps:
AWS Explorer > Lambda
Right-click on Lambda
Click "Create new AWS Lambda ..."
enter a function name (e.g. MyNewLambdaFunction)
enter the runtime (Java 8) and the S3 bucket and the IAM role (all is fine)
then I need to enter the name of the "Handler", and this is where my problem starts
I have tried different names here, such as "MyNewHandler", or "helloworld.App::handleRequest" (clearly this wouldn't work because it's already in use by the HelloWorldFunction), "helloworld.App2::handleRequest", .... and so on.
Each time I try another name or way to define the Handler, I get this error message:
Must be able to locate the handler in the project in order to deploy
to Lambda
Question:
Do I need to first configure the new Lambda function in the template.yaml file or what do I need to call the Handler so it will work?
I am sure this is just a noob-error but I have been Googling this and haven't found anyone who has run into the same problem. I also read up on AWS on handlers but it only describes it at a conceptual level and not in practice where there are multiple Lambdas.
thanks for any help!
Andy
My understanding is that you would need to add app2 class to the same package first:
click on the package name → new → Java Class → type app2
Navigate to the implementation of the App2 class and click on the lambda icon in the gutter. You will notice that "Create New AWS Lambda" is added to the dropdown:
When you select it, you will see that "Handler:" field has already been prepopulated correctly:
my understanding is that each handler must be placed in a separate class and the name of the handler handleRequest is standard and provided by the framework
I've had the same issues using pyCharm for Python.
I was able to solve it by using <file name without extension>.<function name> so my file is app.py and the function is lambda_handler so my handler was app.hello_world
It should be noted this is the same as what you see in the "Handler" field when using the AWS web management page.
Thius is how it looks in pycharm:
I got the same issue but solved in a different way;
Quit WebStorm
Delete ".aws-sam" and ".idea" folders
Open the project again.
"Update function code" run without "Must be able to locate the handler in the project in order to deploy to Lambda"
Validation framework which has been rolled up as part of the JEE6 spec (WL12). Both the WL10 and WL12 versions of our application were deployed with the following open source libraries:
JSR-303 / validation-api.jar (version 1.0)
Hibernate Validator (version 4.2.0)
However, the libraries are also bundled with WL 12 (modules directory). Note that the Hibernate Validator version is slightly different.
modules.javax.validation_1.0.0.jar
hibernate.validator_4.1.0.jar
With our WL12 run we are getting below exception:
javax.validation.ValidationException: Unable to get available provider
Attempted Solutions
Our next attempt was to use the WebLogic FilteringClassLoader to prefer the libraries from our application (APP-INF/lib directory) by specifying them in the weblogic-application.xml file (i.e. choose our versions over WebLogic’s). We were already doing this for several other open source libraries in WL10:
<prefer-application-packages>
<package-name>com.google.common.*</package-name>
<package-name>org.apache.commons.lang.*</package-name>
<package-name>org.apache.commons.logging.*</package-name>
<package-name>org.apache.commons.beanutils.*</package-name>
<package-name>org.apache.commons.collections.*</package-name>
<package-name>antlr.*</package-name>
<package-name>javax.validation.*</package-name>
<package-name>org.hibernate.validator.*</package-name>
</prefer-application-packages>
After making that change, our application experienced the following run-time error trying to process any request that makes use of the validation framework:
javax.validation.ValidationException: Unable to get available provider resolvers.
at javax.validation.Validation$GenericBootstrapImpl.configure(Validation.java:259)
at web20.hibernate.validation.ValidatorFactoryConfigurator.getValidatorFactory(ValidatorFactoryConfigurator.java:39)
at web20.hibernate.validation.ValidationHandlerImpl.handleHibernateValidations(ValidationHandlerImpl.java:180)
at web20.hibernate.validation.ValidationHandlerImpl.performValidation(ValidationHandlerImpl.java:255)
at web20.hibernate.validation.ValidationHandlerImpl.validateAndFormatMessages(ValidationHandlerImpl.java:302)
at web20.hibernate.validation.ValidationHandlerImpl.validateUsingHibernateGroups(ValidationHandlerImpl.java:113)
at service.serviceapp.performValidations(serviceapp.java:392)
at service.serviceapp.performValidations(serviceapp.java:379)
at service.TransactionalServiceImpl.search(TransactionalServiceImpl.java:300)
Given that Bean Validation is part of the EE standard, I assume there is some code Bean Validation integration code which causes the problem. I see two potential solutions:
Patch the WL instance and upgrade to the Validator version you want to use
Try writing your own ValidationProvider. Internally it could just delegate to the Hibernate Validator classes. If you then add a validation.xml to your application, specifying your custom provider, WL should bootstrap this one. TBH, I don't know whether this will work. There are many unknowns and I don't know enough about the integration of WL and Bean Validation.
Personally, I think I would just try to upgrade the Validator version used in WL.
I have a small application that uses the Attach API to modify some third party classes during runtime. Alas, I have run into a large problem: the Attach API only comes with the JDK. The necessary files I can copy from the JDK and add into my project, but the library responsible for this(attach.(dll|so)) I can't. This is because I would have to copy attach.lib from a resource inside jar, and put it in the JRE/lib directory.
An action that would not work if the user isn't root on a Linux machine, therefore losing compatibility to alot of users (as this app is supposed to run on a server, and most servers are Linux, and I can't be sure all are root)
I looked into all the classes responsible for the attach API (VirtualMachine, AttachProvider etc) but found no place where it is loading the library.
Is it possible to do this? I mean, can I use the Attach API outside of a JDK installation? If so, how?
You can do so by modifying java.library.path:
static void addToLibPath(String path) throws NoSuchFieldException,
SecurityException,
IllegalArgumentException,
IllegalAccessException
{
if (System.getProperty("java.library.path") != null) {
// If java.library.path is not empty, we will prepend our path
// Note that path.separator is ; on Windows and : on Unix-like,
// so we can't hard code it.
System.setProperty("java.library.path",
path + System.getProperty("path.separator")
+ System.getProperty("java.library.path"));
} else {
System.setProperty("java.library.path", path);
}
// Important: java.library.path is cached
// We will be using reflection to clear the cache
Field fieldSysPath = ClassLoader.class.getDeclaredField("sys_paths");
fieldSysPath.setAccessible(true);
fieldSysPath.set(null, null);
}
Call addToLibPath("path") will add "path" to java.library.path.
Please note that java.library.path is cached, and reflection is required to clear the cache.
As far as I know, you need to run the application looking to do the "attach" from within a JDK (not a JRE). By doing this, you don't need to worry about providing the Attach API or its dependencies - as they are all provided for and managed by the JDK. That said, you shouldn't have any "root" concerns with doing this - as you can extract and run/use a JDK as any user (it doesn't have to be installed / executed as "root"). That said, you'll just need to ensure that your program doing the attaching and the program being attached to are running as the same OS user as to not run into security restrictions.
Our experience is that there is no reliable way to use the attach API without a full JDK. This was particularly acute on Windows. You might get it to work, but you might want to look into plain old JMX instead.
I know that Mono supports the AjaxControlToolkit but I don't know how to integrate it into MonoDevelop. I added AjaxControlToolkit.dll, System.Web.Extensions.dll and System.Web.Extensions.Design.dll as References in the project but when I build the project I get the warning:
/Users/user1/Projects/FirstProject/Default.aspx(1,1): Warning: Parser failed with error The tag type 'ajaxToolkit:TabContainer' has not been registered.. CodeBehind members for this file will not be added. (FirstProject)
and I when I deploy it I get the error: Unknown server tag 'ajaxToolkit:TabContainer'.
How do I register the server tag in MonoDevelop?
You can use either the <%#Register directive, or add some lines to your Web.config. See here for instructions on either approach.
Using the Web.config mechanism has the advantage that you don't need to add a directive to every page where you want to use the controls.