Wednesday, December 15, 2010

Installing multi-tenancy support for WSO2 Identity Server

Multi-tenancy is a characteristic of a cloud native platform. WSO2 stratos provides multi-tenancy. In brief, multi-tenancy is to have one instance but customizable service for each tenant isolated from one another. If you want to know more about multi-tenancy, visit wso2.org which has many resources for learning.

Thanks to the modularity of OSGI; tenant management specific components in WSO2-stratos could be installed in WSO2-carbon based products-Identity Server in this case, and provide it with the multi-tenancy support.

In this blog post, I will explain how I could install multi-tenancy support in WSO2 Identity Server.
  1. Get the Identity Server (IS) binary distribution. Either building from source or downloading binaries from here.
  2. Get the stratos-tenant management specific bundles. We can either build from the source or extract them from the binary packages. Lets go for the latter option here for the convinience. Get the Stratos released packages of from here. Download wso2stratos-manager and wso2stratos-is.
  3. Place following components from the above two packages, into Identity Server-home/repository/ components/dropins:
    • org.wso2.stratos.tenant.mgt-1.0.0.jar
    • org.wso2.stratos.tenant.mgt.ui-1.0.0.jar
    • kaptcha-2.3.0.wso2v1.jar ---these three components will install tenant management feature. But we need other components as well, in getting it fully functioning.
    • org.wso2.stratos.account.mgt.ui-1.0.0.jar
    • org.wso2.stratos.account.mgt-1.0.0.jar ---these two are related to tenant's account management.
    • org.wso2.carbon.email.verification.ui-3.1.0.jar
    • org.wso2.carbon.email.verification-3.1.0.jar
    • org.wso2.stratos.email.sender-1.0.0.jar ---these three will handle notifying tenant admin and e-mail verification after a tenant is registered.
    • org.wso2.stratos.register.ui-1.0.0.jar ---is needed to show the registration complete page after e-mail verification. (Also, it is the ui component which is used in self-tenant registration.)
    • org.wso2.stratos.identity.dashboard.ui-1.0.0.jar
    • org.wso2.stratos.identity.login.ui-1.0.0.jar ---Identity Server's UI s are replaced by these.
    • org.wso2.stratos.redirector.servlet.ui-1.0.0.jar
    • org.wso2.stratos.redirector.servlet-1.0.0.jar ---each tenant will get a url with /t/domain name. In order to handle that redirection, these two are needed.
    • org.wso2.stratos.manager.services.mgt-1.0.0.jar ---services are activated for tenants from stratos-manager. IS and G-Reg services are activated by default.
    • org.wso2.stratos.common-1.0.0.jar
    • org.wso2.stratos.activation-1.0.0.jar
    • org.wso2.stratos.service.activation-1.0.0.jar
    • org.wso2.stratos.theme.mgt.ui-1.0.0.jar
    • org.wso2.stratos.theme.mgt-1.0.0.jar ---These handles tenant's theme management, you also need to copy stratos/services/manager/distribution/resources/allThemes to IS/resources.
            4.  Change the following in configuration files:
    • add following two properties to the UserStoreManager element of user-mgt.xml in IS home/repository/conf folder:
    • false
      default
      
    • Change the carbon.xml in IS home/repository/conf to contain “WSO2 Stratos Identity” as the product name. This is because, in activating default identity service, service name is given as “WSO2 Stratos Identity”, And when checking whether a service is activated for a particular tenant, the service name is read from the carbon.xml. 
    • Give smtp server information in smtp transport sender section of axis2.xml, found in IS home/repository/conf, in order to actually send e-mail notifications upon registration of tenants by the super admin.
        5.  Copy the following configuration files from stratos-manager home/repository/conf to IS-home/repository/conf:
    • cloud-services-desc.xml
    • email-registration.xml
    • email-registration-complete.xml
    • email-update.xml
That's it...now we are done. Start IS-->log in as super admin with "admin", "admin" credentials and create tenants. Tenant admins of those tenants will be able to log in to their tenants and create users and use other functionalities provided by IS independent of other tenants registered.

I will add some screenshots to illustrate the installed multi-tenancy support in IS stand alone product.
As shown circled in the left panel of following image, multi-tenancy feature is installed in IS.

Following image shows the list of sample tenants accounts that I created for testing purposes of the functionality.

Following image shows the console of IS when user 'hasini' of tenant: 'uom.org' has signed into the IS. Notice the url circled with the part '../t/uom.org..' which is specific to that particular tenant.

When multi-tenancy/tenant management feature is installed in IS, either JDBC or embedded-ldap user-store could be used. I will explain in a future post how to configure it to use tenant aware-embedded-ldap as the user store in tenant management.

Sunday, December 5, 2010

Starting code reviews with Crucible

Crucible is an Atlassian product which makes code reviewing process easy.

Here I describe the steps I learned in creating a code review in Crucible. Hope this helps some one who is new to Crucible like me.

Step 1: Login to your crucible account in the hosted crucible server instance.
Step 2: Start creating a review by:
    - Clicking 'Dashboard' on the menu bar on top-> click 'create review' on left hand pane.
    - OR clicking 'Tools' on top right corner and select 'create review'.
Step 3: Select a project for the review by the drop down list.

Here, in the drop down list, you may or may not find the project that include source files that you are going to review. You will find it in the drop down list only if some one had already added that project before for a code review. 

If you find it in here, then your life will be easier. Just follow the rest of the steps mentioned here to complete creating the code review.

If you did not find the project that you want to review on the aforementioned list, then you have to create a project by going to the administration panel.

i. Click on the drop down icon next to your name on top right corner and select 'Administration' .
ii. Login with the administration credentials.
iii. In the Admin menu (on the left) select 'new' under 'Project Settings'.
iv. You will have to enter the details of the project that you are going to create here. Under the Default Repository, you need to select the repository location of the project that you are going to create for the review.
v. If the repository is not already added, you can create a repository by selecting 'new' under Repository settings on the Admin menu.

You have to be little careful about filling the repository details, for the 'svn url' you need to give the root svn location and under 'svn path', you need to give the specific path to the location of the files of your project.

For an example, if you are going to review the code located in: https://svn.wso2.org/repos/wso2/trunk/carbon/components/apacheds-server/,
svn url is: https://svn.wso2.org/repos/wso2/
svn path is: trunk/carbon/components/apacheds-server/

I got the following error when creating the repository because of not setting above two values correctly.
Repository paused due to error - class com.cenqua.fisheye.rep.DbException: Problem getting diff information...
There fore make sure to fill them correctly.

After creating the repository, go back to step iv above and complete the project creation step.

Now go to your account's dashboard again, and in the Step 3 above, now you will see the project you created in the drop down menu. So you can continue with creating the review.

Atlassian has developed plug-ins to integrate crucible with Intellij-IDEA so that you can participate in code reviews and perform all the actions with in your favorite IDE.
Find how to install the plug-in here
Find how to configure the plug-in for your project and IDE from here.
Then find how to use Intellij IDEA for code reviews here.

Happy code reviewing..! :)

Friday, November 19, 2010

Blogging Tips: Embed code segments in a blog post with SyntaxHighlighter

Have you ever wondered about how to include code segments in your blog post in a clear and neat manner like below? I did.
So I searched about how to achieve it and found that using SyntaxHighlighter is the secret.
public class HelloWorld {
    /**
     * @param args
     */
    public static void main(String[] args) {
        
        System.out.println("Hello World");
    }
}
(Note: Please wait the page is fully loaded to view the above code with syntaxhighlighter)

It takes just a few minutes of configuration to add that feature to your blog as well. I was able to do it using following two references which describes step by step how to add syntaxhighlighter to your blog. Without reposting the same steps, I will share these references with you.
1. http://pleasemakeanote.blogspot.com/2008/06/posting-source-code-in-blogger.html
2. http://timbroder.com/2007/07/howto-post-code.html

Enjoy blogging..!

Sunday, October 31, 2010

Configuring Java VM options to get rid of memory issues

When using applications such as Intellij IDEA or maven with projects those have a large code base such as WSO2 carbon, I have encountered these programs complaining about memory issues such as:

1. Exception in thread "main" java.lang.OutOfMemoryError: Java heap space
2. java.lang.OutOfMemoryError: PermGen space

The first error occurs when the allocated java heap size for that particular application is not enough, regardless of how much memory the machine has. In order to get rid of this,  you can resize the initial and maximum java heap sizes allocated for that particular application.
In Ubuntu, those values can be configured in mvn.sh file (usually found in /usr/bin) for maven and idea.vmoptions file (found in #idea installation directory/bin) for IDEA.
Xms is the parameter that defines the initial java heap size and Xmx is the parameter that defines maximum java heap size. In other words, the application starts with a java heap size as defined in Xms and grow until it reaches the size defined in Xmx. Therefore it is recommended to give two values with latter larger than the former.
Eg: for IDEA I would set: Xms512m and Xmx1024m

You get the second error when the space that holds the permanent generation is filled up. This permanent generation holds meta-data about user classes. (Garbage collector maintains objects in several generations. Read more about this from here)
You can get rid of this error by assigning proper values to -XX:PermSize and -XX:MaxPermSize parameters according to the requirement of your application usage.
For an example I would set it in maven as:
-XX:PermSize=256m -XX:MaxPermSize=512m
In Ubuntu, you can set it by editing the mvn.sh file to include this line under Optional ENV vars.:
export MAVEN_OPTS="-Xmx1024m -XX:PermSize=256m -XX:MaxPermSize=512m"

Sunday, October 24, 2010

Policy based access control-part 1

This is going to be my first post on this subject. I got interested in it after attending to an informative webinar on Policy based access control with XACML. I am also an amateur in this field and hope to post rich content in the future.

Identity management of organizations has been evolving over the past years. First the  authentication for different applications were managed separately. Then it became centralized identity management where many applications in the organization authenticated users from a central user store such as LDAP store. Requirement of allowing or restricting different users to access different resources based on organizational and business rules was also earlier achieved by project based solutions such as Role Based Access Control  .and Access Control Lists. Those mechanisms lack the interoperability and flexibility.

Policy based access control (PBAC) can be used instead which allows access rules to be defined as policies and easily updated as the rules change. When the organizations grow larger and when there are many large scale distributed applications accessing resources it is better to have these policies managed at a central location in order to preserve consistency and grant access to users from there. Policy based access control  with XACML is increasingly becoming popular as solution to address such requirements.

It is important to note that XACML is a flexible and powerful  authorization policy expression language, but not a policy model or concept of its own. PBAC solutions based on XACML has mainly three parts as follows:
  1. Reference Architecture
  2. Request/ Response protocol
  3. Policy Language.
I plan to discuss about each of the above in detail in my future posts on the subject.

Sunday, September 19, 2010

It's been transition time...

When looking back at the last two weeks of my life, it has been the most happening period of time and of course one of the most important periods where one chapter ended and another began.

Well..I finished my final exams in uni on 5th September which was all in all a quite tough exam that I faced in uni life. Without having some time to have a breath of relaxation, I had to prepare for the research paper presentation in CS&ES conference where the research paper of our final year project has been selected to be published, which of course an achievement to be happy of, since it was my first experience in writing a research paper. 9th of September was a special day where the CS&ES conference 2010 was held and the grand exhibition-ExMo organized by the faculty of Engineering-University of Moratuwa was commenced. 9th and 10th passed with the excitement and doing contribution towards the conference and exhibition and more importantly it was the time of saying sayonara to my university, department and the friends because those were the last couple of days we spent in uni as undergraduates. I just could not believe four years have passed so soon. With the feeling of gratitude towards all I met in my university life and who made my life more meaningful, I left the uni on 10th Sept evening.
Dawn of 13th Sept brought me a beginning of a new chapter where I first went to work  in WSO2 to start my professional career. It was a special time for the WSO2 team also, since the 5th year celebration and several other important occasions have been organized. Hence the first week at work was spent with valuable training programs and excitement of the 5th year celebration of our company.

So all in all it has indeed been a transition period of two weeks for me. :)

Monday, August 2, 2010

Making fruit juice from Watermelon

I am going to share with you a simple recipe of a tasty natural drink made of Watermelon. Watermelon is a fruit very well grown in dry zone of Sri Lanka and with its 92% content of water, it quenches our thirst even if we take it in slid form.
You can easily prepare juice out of this and serve your family and guests on warm days. It is a really good substitute for soft drinks.
Ingredients: (Adequate for 4 people)
Watermelon of 1kg
4 teaspoons of sugar
1/2 cup of water
Steps:
  1. Divide watermelon fruit into 4 parts.
  2. Remove all seeds carefully using a fork or a spoon.
  3. Scrape the content and put it into the blender.
  4. Add 1/2 cup of water and sugar to the blender. (Most of the times you do not need additional water since the water content in watermelon is quite adequate, add sugar according to your taste)
  5. Blend the juice well and, pour it into glasses and serve. 
Outcome looked like this when I made the juice from watermelon.

Sunday, August 1, 2010

The Hike - It is all about doing!

I went on  a trip with my batch mates on 25th and 26th of July 2010. Well..what is so special about it? On one hand it was our last batch trip as undergraduates. But the most interesting thing about it is that it is the most adventurous trip I have gone.

On the first day we visited Bambarakanda waterfall-the tallest waterfall in Sri Lanka. The path towards it, is full of scenic beauty. I loved the natural beauty I experienced in the environment. Though it is the tallest waterfall, it is very easy to go and bath at the very bottom of the waterfall, since the pool at the bottom of the waterfall is very shallow. I was unable to join my friends who had that rare experience though.

We stayed at Academy of Adventure (AOA) -Belihuloya which is a very echo friendly place for a perfect stay.You can either stay in tents--just like you go on camping or in Cabanas.

On the second day, we participated in a hike organized by AOA. We got divided in to teams of 15 in each and started climbing the mountain--so sad that I can not remember the name of the mountain. There was no visible path that we can take, we had to find the path and climb it, the path we took was full of obstacles like scary rocks, slippery slopes covered with dried Pinus leaves, muddy areas and strong winds at the cliffs. But the cool and fascinating water ways on the way did really snatched our eyes and mind and was a great soothing to our tiredness. Not only that, the magnificent view we had from the top of the mountain was awesome. We could view the "world's end" which is a famous tourists' attraction in Horton Place and "Samanala wewa"--a natural water tank built in the shape of a butterfly, from the top. Not only the hike, but also on the way we had to participate in team building and fun activities organized by AOA which added value to our hike and made it unique!. Whenever we went on a wrong track, the friendly instructors who were observing us from distance, helped us to get in to the correct path towards the destination. At the destination of the hike there was another fascinating waterfall where we all enjoyed to the max. I am not ashamed, but am happy to write that it was my first experience in life to get into and enjoyed the unknown waters at a waterfall.

Now let me explain what I got to my life from this special adventure.When it was informed that it was a 12Km hike, I was hesitated thinking whether I will be able to do it with my physical fitness. Since everyone was going to participate, I too did not have any other option. True, I slipped off and fell several times, but at each time, I got up on foot. Some very helpful friends in my team helped me to do the hike safely--in fact they saved my life!. Thank you Junda(Kasun) and Madhawa for the great help. In university, I could manage my work without relying on anyone but this particular experience convinced me that there are lot of other things in life that we can not manage alone and how much one's helpful nature can be a support to another one. 

One of my great teachers once have mentioned that you have to leave the safe waters and get into unknown waters to realize your true potential. It was once again proved to me in this adventurous hike. Thank you too Sir for that universal truth.

Saturday, June 12, 2010

The Monk Who Sold His Ferrari

This is an interesting and a valuable book that I have been reading these days. The tale in the book is developed around a lawyer who has run the race that everybody was running, has got tired of it and has learned the wisdom of a fulfilling and a meaningful life. Throughout the book, from all most every sentence, it pours wisdom of life into your mind. Amazing part of it is that it is the wisdom that we are aware of and that exist in this world, but was not appreciated or put into action in our lives. 
This is labled as a personal development book. But I would say it is not a traditional book that explains theories. Robin Sharma- the author of this book has made a successful effort in accompanying lot of examples and realistic techniques that we can practice to link that wisdom to our lives.
It was a really an eye opener to me, one of the best things I learned so far is to find happiness in the apparently simple things in life. 
This will be a useful handbook of life for someone with really good will power to put the wisdom brought to you in the book, into practice. Just thought of sharing... :)

Friday, June 4, 2010

Problem with Dynamic Disk

Yesterday I encountered a problem which resulted in my laptop being unable to boot from the internel hard  drive. It was mainly caused due to creation of a simple volume in the unallocated space of the disk through disk management of Windows 7. Below I describe the problem in detail, the cause of the problem and the solution I found. If any of you also ran in to the same problem, hope this will be helpful.
Probelm:
First I installed Windows 7 on a primary parition which was created at the installation time. Then after the installation was successful, I loged in as administeator and created another simple volume in the unallocated space by disk management utility in Windows 7. When creating that, I got a warning that the partition will be converted to a dynamic disk. At that time I did not know what dynamic disk is, so I searched in the internet and found out that it is not anything harmful. Therefore I accepted the creation of the new volume. Then ,when I restarted my laptop, it did not boot up. Then I again tried to boot from the DVD and it got booted. Then I noticed that all the partitions have turned in to dynamic disk. Therefore to convert the disk back to basic, I tried to delete the partitions in the reinstallation process of windows 7, but did not succeed.
Cause: 
Windows 7 allows only 4 primary partitions. During installation, when we create a partition to install the OS, it additionally creates one partition with a size of 100MB to store temporary . Now two primary partitions are created. Then I created another partition to install fedora. Now there are four partiotions including the unallocated space. But I prefered to have two more partitions to store my data in a more organized manner since I had enough disk space (300 GB altogether). The only option I had, to create more partitions, is to create simple volumes in the unallocated space with the help of disk management utility in Windows 7. But by doing that, it has turned the whole disk in to a dynamic disk. Therefore, a bootable disk could not be detected at the boot up stage and hence the system could not boot.
Solution:
While searching for a solution, I found out that the solution is to convert the dynamic disk back to a basic disk. It could have been done through the disk management of Windows 7, but since I could not boot the OS, that option was not applicable. Then I found a good article which described a work around for that. First, you have to obtain a command promt at boot up as described in this article.. I used the option 2 described there. Then you can follow the procedure starting from step 2, described under the option 2 in in this article.
This will lead to the recovery of your disk by converting it back to basic disk.
Caution:
I could simply use that procedure because I encountered the problem just after I made a clean installation and hence, I had no data stored in the hard drive. But if you have data which was not backed up in the hard drive, above procedure will delete that data. Therefore if it is the scenario, you should find a better work around to convert the disk back to basic without loosing your data. 


Thursday, June 3, 2010

True independence of Sri Lankans

This is to talk about a great endeavor  on its  one year celebration. True, it is late to write this post, but it is better late than never.  It was an incredible endeavour which was in action throughout one an half year's of time to save innocent civil citizens in my country from the terrorism.

Sri Lankans have been suffering from terrorism during 30 years of time where lots of valuable lives were lost and lots of properties were destroyed. By the time that Sri Lankan defence forces started this endeavour, the situation in Sri Lanka was such that bomb explosions have become an usual day to day incident and any one leaving home to work or to school are not guaranteed to return home. Everyone, specially mothers were living in a fire of fear till their loved ones return home without getting caught to a bomb explosion.

I personnally believe that the terrorism which was prevailing at that time was handled by a foreign hand putting the ethnic descrimination as a reason in the front. But such a descrimination did not exist in reality. We -Snhalese, Tamils, Muslims were living in harmony in non war zone areas without a problem (for an example: in the university we studied, there were lot of tamil friends and we shared all the resources eaqually and we studied together, went on trips together and they were also given eaqual priority in enetering the university.) There are lot of similar examples from world history (Kosovo, Korea, India and Pakistan etc) .

Fortunately, all Sri Lankans were lucky enough to get strong leaderships in politics and military in order to wipe out the terrorism which twisted the civilization in the country and  which brought misery to all the Sri Lankans for 30 years. Therefore I think we all got the true independence  when one and half year's of humanitarian operations in the north of the country were over on 18th of May 2009. We all should pay our grattitute to all the heros who gave their lives in that endeavor. Of course, killing of any kind is not a good thing at all . Everyone has the right to live. At the same time no body has the right to challenge the right of living of others. Any government who genuinely takes the responsibility of the citizens of the country, should protect the right of living of the citizens when that right is at risk.

I would like to conclude this by recalling a statement made by the President: "Hereafter no divisions among Sri Lankans based on races. The only two categories are: those who love the country and those two do not love the country". Therefore if we all think and work in the way that we all belong to the first category, no any non-seen forces will be able to divide our country by challenging the unity among Sri Lanakns.


Thursday, February 25, 2010

It is all about facing interviews...

Last of couple weeks I did face a number of interviews: mock interviews, real job interviews, technical interviews and non technical interviews. I gained quite a lot of experiences and thought of sharing it with you all.

Being a final year undergraduate of the field of Computer Science and Engineering, interviews that I faced were intended to select and appoint fresh graduates as Software Engineers.
Two main important things that I consider in facing an interview well, are: being prepared and being truthful.
No matter, how many good projects you have carried out or how much soft skills you think you have, if you have not organized them in mind the day before the interview, you surely are gonna miss the most important points you like to highlight.

In my opinion, you need even to prepare for the very first basic question: 'Describe about yourself'. Take some time and list down what are the points you would like most to tell about your self. And then organize them in a flow such that it gives an overall complete idea about yourself. Not too long and not too short. In general, it need not to be fully technical. Touch the aspects such as your family, education and interests as well. But be careful, in some technical interviews, they may specifically ask Tell about your education and your computing background. So be attentive!
It is really good if you can arrange a mock interview session before you face the real job interviews. Thanks to MBA students and the organizers, we got that opportunity.

Next, they would like to hear about the projects you involved and carried out. Go through the project documents and prepare an overall description of the projects you have mentioned in the CV and prepare them in an order such that you describe them starting from the most challenging project you have done or starting the from the most relevant project to the domain of that particular company. It is really good if you can explain them using diagrams you draw at the interview itself, if they permit. Trust me, most interviewers like that since that way of explaining is more comprehensive. Take papers with you or be ready to explain on the board which is usually there in a conference room.

Then comes the phase where your technical knowledge is tested. Those will include basics from OOP, Design Patterns, Database systems, Operating Systems, Data Structures and Algorithms. Prepare some examples to illustrate OOP concepts. Of course, it is quite hard to revise all the stuff, but given you have learnt them through out your course, you can brush them up quickly. A good way is to do a search on interview questions on: the subject and go through them, but be careful to refer only to trusted sources if you are reading the answer as well. When they ask to write a pseudo code, sometimes you may go wrong though it is a trivial thing. That may due to nervousness. You can avoid that by practice. Do not get panic when you are given a problem, or do not concentrate on the fact that interviewers are looking at what you write. Take the full time and try to construct an answer calmly. 
Describing my own experience, at the first interview, I was asked to write the pseudo code to get the factorial of n which I went wrong due to nervousness. But in a following interview, I could write the algorithms for printing all the permutations of a string and reversing a linked list although they are harder. And the difference of my performance at the latter case was due to practice.
And, be truthful in the interview, if you do not know or have not done that before, tell that frankly and if you think you can come up with an answer with what you know, let them know that and try to construct the answer. Also be truly passionate to learn new things and declare that in the interview where necessary.
Then comes the phase where you are asked some general questions such as why do you like to join us?,what are your future plans and any questions you need to ask? For those,  do your homework and see what those companies do and think of some good reasons why you want to join.

Good luck with your interviews!