Skip to main content

Me at WSO2Con 2011-Day 1


This blog will provide you my experience at WSO2Con 2011, as one of the witness from the large crowd participated in such a successful and valuable open-source programming conference.

Location- Colombo,Sri Lanka
Date- 12th Sep-16th Sep 2011

The key reason for blogging about this event is NOT due to I'm a member of the WSO2 team,but I want to share the value added knowledge and experience I was gained from the conference.The event continued with two tutorials days with three days of main conference.It's not only covered the technical stuff,but also cultural aspects with highlighting Sri Lankan signature in each of the conference day evenings.

The agenda can be found from here

Following is the summary what I learnt from some of the sessions out from the all sessions which I was able to participated in the conference.I'll  present the details of those sessions as linked multiple posts.

Day 1-      12th of September 2011

Tutorial 1-Practical SOA for the Solution Architect

Presenter-Ganesh  Prasad,Independent Consultant.


Summary of what I learnt

SOA[Service oriented architecture]-in a simple way which means eliminating all the unnecassary dependencies among components in a system while keeping the required dependencies in  a specified way.
Solution architects has to concern two different aspects of SOA,if they are going to develop SOA based solutions;.

1.Technology Layer-This layer contains three components as Service Container,Broker and Process Co-ordinator.Service container is used to keep logic code if required while connect with a service.Broker is used to function as a mediator/adapter/etc,which can be used to connect with legacy systems.Process co-ordinator can be used to handle and process different functions in a system.The presenter highlighted that mis-use of the broker.That's most of the people try to use one andonly broker for whole system.But then it reduces availability and performance of the system.

2.Data Layer-SOA Data Layer has set of principles which we need to follow-up when we going to develop SOA based solutions.

  •   Identify dependencies[implicit & explicit]
  •   Make all implicit dependencies as explicit.
  •   Eliminate unnecassary dependencies.
  •  Map domain data to message data[Don't derive/generate one from other] eg:-Do a person need to know motor engineering[as domain data] just for learning car-driving[as message data].

Above points are the reminded data which I have,but the presenter described more than above with the most important aspect.That was presenter gave three real world examples to the audience for trying SOA based solutions for them.
  
Tutorial 2-Introduction to Web and SOA Security
Presenters-Thilina Buddhika; Amila Jayasekara,WSO2

Summary of what I learnt

SOA security is mostly dealing with xml security.It focused on ensuring confidentiality[xml encryption] and intergrity[xml signature] of xml docs.

Web services security uses existing xml security to secure SOAP messsages.

Adding to above presenters explain about cryptography,SSL[Secure Socket Layer],TLS[Transport Layer Security],Single sign on methods[OpenID,SAML],STS[Security Token Service],authentication aspects as encryption,authorization aspects[either role based or attributes based] as XACML[attributes based authorization],WS-security policies,Practical solutions from WSO2 Identity Server for above security aspects and real world scenarios implemented using WSO2 Identity Server.



Comments

Popular posts from this blog

Convert an InputStream to XML

For that we can use DocumentBuilder class in java. By using the method parse(InputStream) ; A new DOM Document object will return. InputStream input; DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance(); DocumentBuilder parser = factory.newDocumentBuilder(); Document dc= parser.parse(input); In the above code segment,by using the created Document object,the corresponding XML file for the inputStream can be accessed. References: http://www.w3schools.com/dom/dom_intro.asp http:// download.oracle.com/javase/1.4.2/docs/api/javax/xml/parsers/DocumentBuilder.html

CORS support from WSO2 API Manager 2.0.0

Cross-origin resource sharing (CORS) is a mechanism that allows restricted resources  on a web page to be requested from another domain outside the domain from which the first restricted resource was served. For example, an HTML page of a web application served from http://domain-a.com makes an <img src >  request for a different domain as 'domain-b.com' to get an image via an API request.  For security reasons, browsers restrict cross-origin HTTP requests initiated from within scripts as in above example and only allows to make HTTP requests to its own domain. To avoid this limitation modern browsers have been used CORS standard to allow cross domain requests. Modern browsers use CORS in an API container - such as  XMLHttpRequest  or Fetch - to mitigate risks of cross-origin HTTP requests.Thing to  note is it's not only sufficient that the browsers handle client side of cross-origin sharing,but also the servers from which these resources getting need to handl

[WSO2 AM] APIStore User Signup as an approval process

In previous versions of WSO2 APIManager before 1.6.0, it was allowed any user who's accessible the running APIStore come and register to the app.But there will be requirement like,without allowing any user to signup by him/her self alone,first get an approve by a privileged user and then allow to complete app registration.Same requirement can be apply to application creation and subscription creation as well.To fulfill that,we have introduced workflow extension support for  WSO2 APIManager  and you can find the introductory post on this feature from my previous blog post on " workflow-extentions-with-wso2-am-160 " . From this blog-post,I'll explain how to achieve simple workflow integration with default shipped resources with  WSO2 APIManager 1.6.0 and WSO2 Business Process Server 3.1.0 with targeting "user-signup" process. Steps First download the WSO2 APIManager 1.6.0[AM] binary pack from product download page . Extract it and navigate to