Sunday, September 18, 2011

Me at WSO2Con 2011-Day 1

This blog will provide you my experience at WSO2Con 2011, as one of the witness from the large crowd participated in such a successful and valuable open-source programming conference.

Location- Colombo,Sri Lanka
Date- 12th Sep-16th Sep 2011

The key reason for blogging about this event is NOT due to I'm a member of the WSO2 team,but I want to share the value added knowledge and experience I was gained from the conference.The event continued with two tutorials days with three days of main conference.It's not only covered the technical stuff,but also cultural aspects with highlighting Sri Lankan signature in each of the conference day evenings.

The agenda can be found from here

Following is the summary what I learnt from some of the sessions out from the all sessions which I was able to participated in the conference.I'll  present the details of those sessions as linked multiple posts.

Day 1-      12th of September 2011

Tutorial 1-Practical SOA for the Solution Architect

Presenter-Ganesh  Prasad,Independent Consultant.

Summary of what I learnt

SOA[Service oriented architecture]-in a simple way which means eliminating all the unnecassary dependencies among components in a system while keeping the required dependencies in  a specified way.
Solution architects has to concern two different aspects of SOA,if they are going to develop SOA based solutions;.

1.Technology Layer-This layer contains three components as Service Container,Broker and Process Co-ordinator.Service container is used to keep logic code if required while connect with a service.Broker is used to function as a mediator/adapter/etc,which can be used to connect with legacy systems.Process co-ordinator can be used to handle and process different functions in a system.The presenter highlighted that mis-use of the broker.That's most of the people try to use one andonly broker for whole system.But then it reduces availability and performance of the system.

2.Data Layer-SOA Data Layer has set of principles which we need to follow-up when we going to develop SOA based solutions.

  •   Identify dependencies[implicit & explicit]
  •   Make all implicit dependencies as explicit.
  •   Eliminate unnecassary dependencies.
  •  Map domain data to message data[Don't derive/generate one from other] eg:-Do a person need to know motor engineering[as domain data] just for learning car-driving[as message data].

Above points are the reminded data which I have,but the presenter described more than above with the most important aspect.That was presenter gave three real world examples to the audience for trying SOA based solutions for them.
Tutorial 2-Introduction to Web and SOA Security
Presenters-Thilina Buddhika; Amila Jayasekara,WSO2

Summary of what I learnt

SOA security is mostly dealing with xml security.It focused on ensuring confidentiality[xml encryption] and intergrity[xml signature] of xml docs.

Web services security uses existing xml security to secure SOAP messsages.

Adding to above presenters explain about cryptography,SSL[Secure Socket Layer],TLS[Transport Layer Security],Single sign on methods[OpenID,SAML],STS[Security Token Service],authentication aspects as encryption,authorization aspects[either role based or attributes based] as XACML[attributes based authorization],WS-security policies,Practical solutions from WSO2 Identity Server for above security aspects and real world scenarios implemented using WSO2 Identity Server.