Does anyone know the details about how to evaluate the XACML Policy? Actually, I've written one policy like the following, but when I tried to evaluate with Trylt tool, it always failed with the "Indeterminate". This is my first time to write an XACML policy, I am not sure what's wrong with it? Could you do me a favor. Thanks a lot!
And I used Trylt tool like the following to evaluate my policy like the following:
Subject ="admin"
It always failed like:(It happends as well when using the sample policy on IS)
The error msg is "Indeterminate"
My environment is:
The version of IS is 4.1.0
When you created your policy's you enabled?
That error happens regularly when the IS can not associate the criteria provided in the tool Tray It with existing policies in the IS
I recommend reading the following blog
http://pushpalankajaya.blogspot.mx/2013/06/try-out-xacml-policies-with-wso2.html
I guess, it can be due to this [1]. New identity server has been release 4.5.0, i guess you could try out it. This issue has been fixed on it [2]
[1] https://wso2.org/jira/browse/IDENTITY-1393.
[2] http://xacmlinfo.org/2013/09/13/getting-start-with-wso2-identity-server-4-5-0/
Related
I have a pipeline I need to cancel if it runs for too long. It could look something like this:
So in case the work takes longer than 10000 seconds, the pipeline will fail and cancel itself. The thing is, I can't get the web activity to work. I've tried something like this:
https://learn.microsoft.com/es-es/rest/api/synapse/data-plane/pipeline-run/cancel-pipeline-run
But it doesn't even work using the 'Try it' thing. I get this error:
{"code": "InvalidTokenAuthenticationAudience", "message": "Token Authentication failed with SecurityTokenInvalidAudienceException - IDX10214: Audience validation failed. Audiences: '[PII is hidden]'. Did not match: validationParameters.ValidAudience: '[PII is hidden]' or validationParameters.ValidAudiences: '[PII is hidden]'."}
Using this URL:
POST
https://{workspacename}.dev.azuresynapse.net/pipelineruns/729345a-fh67-2344-908b-345dkd725668d/cancel?api-version=2020-12-01
Also, using ADF it seemed quite easy to do this:
https://cloudsafari.ca/2020/09/data-engineering/Azure-DataFactory-Cancel-Pipeline-Run
Including authentication using a Managed Identity, which in the case of Synapse I'm not too sure would resource should I use. Any idea on how to achieve what I want or if I'm doing something wrong?
Your URL is correct. Just check the following and then it should work:
Add the MSI of the workspace to the workspace resource itself with Role = Contributor
In the web activity, set the Resource to "https://dev.azuresynapse.net/" (without the quotes, obviously)
This was a bit buried in the docs, see last bullet of this section here: https://learn.microsoft.com/en-us/rest/api/synapse/#common-parameters-and-headers
NOTE: the REST API is unable to cancel pipelines run in DEBUG in Synapse (you'll get an error response saying pipeline with that ID is not found). This means for it to work, you have to first publish the pipelines and then trigger them.
I can access this API/WS through
http://localhost:8080/ode/processes/ProcessManagement?wsdl.
I would like to get the Process Info of a Process through this service and active it.
The serivce has the matching operations getProcessInfo and activate.
With listAllProcesses I get all Processes of a delpoyed package.
For getProcessInfo/activate I need the Process pid.
I get a <ns:pid>, using this gets me a load of Exceptions.
Using the name of the process and other stuff I receive earlier doesn't work either.
The pid is of type QName, perhaps thats the root of the problem.
However I don't now how to typecast here.
(Tried all with the eclipse Web Services Explorer and soapUI)
question: How does a proper request for both Operations look like?
When I try to consume the webservice with axi2 via eclipse, there is a undeclared variable local in the AnySimpleType class. I'm not keen on using the service this way.
But since I'm already writing a Client for the DeploymentService I thought about this approach.
question: How do I properly access the ProcessManagement?
EDIT: I have a simular problem with the DeploymentService and the undeploy Operation.
EDIT2: I figured the Problem with the DeploymentService undeploy out.
I had to get the Packagename as String. Then a made a javax.xml.namespace.QName out of it. Then I used the setPackageName of said undeploy operation.
Answer to question number 1:
soapUI with listAllProcesses returns
<ns:pid>{ode/bpel/unit-test}HelloWorld2-1</ns:pid>
getProcessInfo wants
<pmap:getProcessInfo>
<pid>?</pid>
</pmap:getProcessInfo>
Now I replaced <pid>?</pid> with
<pid xmlns:odetest="http://ode/bpel/unit-test">odetest:HelloWorld2-1</pid>
and it worked like a charm.
I remember that there was an issue with parameter ordering when using the Axis2 generated WSDL. Could you try if building a request against the original WSDL located at http://localhost:8080/ode/deployment/services/ProcessManagement works?
EDIT: Now that I got the question correctly, the problem is that ODE expects the QName to be serialized differently, i.e. in the XML way instead of the Java way. Thus, instead of <ns:pid>{ode/bpel/unit-test}HelloWorld2-1</ns:pid> the correct notation is <ns:pid xmlns:odetest="ode/bpel/unit-test">odetest:HelloWorld2-1</ns:pid>.
I have successfully created WLS 10.3.5 domains using offline WLST, along the lines of readTemplate(template); set("name","DomainName"); ...
One detail remains: I need to set the "Credential" of each domain to a common random value, across all domains, for "global trust". It's the setting that's behind Console / Domain / Security / General / Advanced / "Credential"
Question: I fail to find the property (or its location?) that one needs to set for this?
FWIW, I use post-processing on config.xml file level now to inject an encrypted common value string as <credential-encrypted> , but I'd rather just set this via WLST without tweaking the resulting XML.
Thanks in advance,
Matthias
I suggest you to use createDomain() command it will be much easy to work.
createDomain('/olddoamin/path/template.jar’,’domainPath’,’user’, ‘passwd’)
For more you can see the following link:
WLST by Examples: Domain migration made simple
As you told your navigation on the console, I found on WLST navigation property location it is having in the followingpath:
wls:/offline/mydomain/SecurityConfiguration/mydomain>ls()
-rw- CredentialEncrypted ????????
It is with -rw- so you can update it right?
Hope this will help you.
Right, this works. The key is to not work on the template, but to read the doman from its domain directory. Then it's just setting the attribute CredentialEncrypted:
readDomain(domain_dir)
cd('/SecurityConfiguration/' + 'domain_name)
set('CredentialEncrypted', encrypt(shared_credential,domain_dir))
updateDomain()
closeDomain()
shared_credential should be something random. I used a hex-encoded digest of the newly-created config.xml file, which contains enough randomness.
When ever I try to do soft ware updates through my Eclipse Galileo, I get the following error
Unable to connect to repository http://pydev.org/updates/content.xml
Connection timed out: connect
Please help!!
That's a redirect to: http://update-production-pydev.s3.amazonaws.com/pydev/updates (so, you can try that directly).
If it still fails, it means that amazon is having issues (which means you'll have to try later again).
Cheers,
Are you using (just) http://pydev.org/updates as the url? The "location" field should only have "http://pydev.org/updates", no content.xml. Seems to be working fine for me (with Helios).
Actually I checked what happens when you use "http://pydev.org/updates/content.xml", and it does seem to give the type of error you describe. (You would think it could give a slightly better error, but oh well.)
I am curious about the proper way to stop a user from activating my plugin if their system does not meet certain requirements. Doing the checks is easy and I don't need any help with that, I am more curious how to tell WordPress to exit and display an error message.
Currently I have tried both exit($error_message) and die($error_message) in the activation hook method. While my message is displayed and the plugin is not activated, a message saying Fatal Error is also displayed (see image below).
Does anyone know of a better way, that would display my message in a proper error box without displaying Fatal error, it just looks really bad for new users to see that.
Thanks for any help in advance.
This is a little undocumented, as you might have noticed. Instead of die(), do it like this:
$plugin = dirname(__FILE__) . '/functions.php';
deactivate_plugins($plugin);
wp_die('<p>The <strong>X</strong> plugin requires version WordPress 2.8 or greater.</p>','Plugin Activation Error',array('response'=>200,'back_link'=>TRUE));
The lines above wp_die() are to deactivate this plugin. Note that we use functions.php in this case because that's where I have my Plugin Name meta data comment declaration -- and if you use a different file, then change the code above. Note that the path is very specific for a match. So, if you want to see what your path would normally be, use print_r(get_option('active_plugins'));die(); to dump that out so that you know what path you need. Since I had a plugin_code.php where the rest of my plugin code was, and since it was in the same directory as functions.php, I merely had to do dirname(__FILE__) for the proper path.
Note that the end of the wp_die() statement is important because it provides a backlink and prevents an error 500 (which is the default Apache code for wp_die()).
It is only a idea though. Try checking the wordpress version and compare then use php to through custom exception/error. PHP 5.0 try catch can be a good way to do it. Here is some resources.
http://www.w3schools.com/php/php_exception.asp
http://php.net/manual/en/internals2.opcodes.throw.php
You can try the first link. It is pretty basic. Thanks! hope the information will be helpful.