Wednesday, December 15, 2010

Installing multi-tenancy support for WSO2 Identity Server

Multi-tenancy is a characteristic of a cloud native platform. WSO2 stratos provides multi-tenancy. In brief, multi-tenancy is to have one instance but customizable service for each tenant isolated from one another. If you want to know more about multi-tenancy, visit which has many resources for learning.

Thanks to the modularity of OSGI; tenant management specific components in WSO2-stratos could be installed in WSO2-carbon based products-Identity Server in this case, and provide it with the multi-tenancy support.

In this blog post, I will explain how I could install multi-tenancy support in WSO2 Identity Server.
  1. Get the Identity Server (IS) binary distribution. Either building from source or downloading binaries from here.
  2. Get the stratos-tenant management specific bundles. We can either build from the source or extract them from the binary packages. Lets go for the latter option here for the convinience. Get the Stratos released packages of from here. Download wso2stratos-manager and wso2stratos-is.
  3. Place following components from the above two packages, into Identity Server-home/repository/ components/dropins:
    • org.wso2.stratos.tenant.mgt-1.0.0.jar
    • org.wso2.stratos.tenant.mgt.ui-1.0.0.jar
    • kaptcha-2.3.0.wso2v1.jar ---these three components will install tenant management feature. But we need other components as well, in getting it fully functioning.
    • org.wso2.stratos.account.mgt.ui-1.0.0.jar
    • org.wso2.stratos.account.mgt-1.0.0.jar ---these two are related to tenant's account management.
    • ---these three will handle notifying tenant admin and e-mail verification after a tenant is registered.
    • org.wso2.stratos.register.ui-1.0.0.jar ---is needed to show the registration complete page after e-mail verification. (Also, it is the ui component which is used in self-tenant registration.)
    • org.wso2.stratos.identity.dashboard.ui-1.0.0.jar
    • org.wso2.stratos.identity.login.ui-1.0.0.jar ---Identity Server's UI s are replaced by these.
    • org.wso2.stratos.redirector.servlet.ui-1.0.0.jar
    • org.wso2.stratos.redirector.servlet-1.0.0.jar ---each tenant will get a url with /t/domain name. In order to handle that redirection, these two are needed.
    • ---services are activated for tenants from stratos-manager. IS and G-Reg services are activated by default.
    • org.wso2.stratos.common-1.0.0.jar
    • org.wso2.stratos.activation-1.0.0.jar
    • org.wso2.stratos.service.activation-1.0.0.jar
    • org.wso2.stratos.theme.mgt.ui-1.0.0.jar
    • org.wso2.stratos.theme.mgt-1.0.0.jar ---These handles tenant's theme management, you also need to copy stratos/services/manager/distribution/resources/allThemes to IS/resources.
            4.  Change the following in configuration files:
    • add following two properties to the UserStoreManager element of user-mgt.xml in IS home/repository/conf folder:
    • false
    • Change the carbon.xml in IS home/repository/conf to contain “WSO2 Stratos Identity” as the product name. This is because, in activating default identity service, service name is given as “WSO2 Stratos Identity”, And when checking whether a service is activated for a particular tenant, the service name is read from the carbon.xml. 
    • Give smtp server information in smtp transport sender section of axis2.xml, found in IS home/repository/conf, in order to actually send e-mail notifications upon registration of tenants by the super admin.
        5.  Copy the following configuration files from stratos-manager home/repository/conf to IS-home/repository/conf:
    • cloud-services-desc.xml
    • email-registration.xml
    • email-registration-complete.xml
    • email-update.xml
That's we are done. Start IS-->log in as super admin with "admin", "admin" credentials and create tenants. Tenant admins of those tenants will be able to log in to their tenants and create users and use other functionalities provided by IS independent of other tenants registered.

I will add some screenshots to illustrate the installed multi-tenancy support in IS stand alone product.
As shown circled in the left panel of following image, multi-tenancy feature is installed in IS.

Following image shows the list of sample tenants accounts that I created for testing purposes of the functionality.

Following image shows the console of IS when user 'hasini' of tenant: '' has signed into the IS. Notice the url circled with the part '../t/' which is specific to that particular tenant.

When multi-tenancy/tenant management feature is installed in IS, either JDBC or embedded-ldap user-store could be used. I will explain in a future post how to configure it to use tenant aware-embedded-ldap as the user store in tenant management.

Sunday, December 5, 2010

Starting code reviews with Crucible

Crucible is an Atlassian product which makes code reviewing process easy.

Here I describe the steps I learned in creating a code review in Crucible. Hope this helps some one who is new to Crucible like me.

Step 1: Login to your crucible account in the hosted crucible server instance.
Step 2: Start creating a review by:
    - Clicking 'Dashboard' on the menu bar on top-> click 'create review' on left hand pane.
    - OR clicking 'Tools' on top right corner and select 'create review'.
Step 3: Select a project for the review by the drop down list.

Here, in the drop down list, you may or may not find the project that include source files that you are going to review. You will find it in the drop down list only if some one had already added that project before for a code review. 

If you find it in here, then your life will be easier. Just follow the rest of the steps mentioned here to complete creating the code review.

If you did not find the project that you want to review on the aforementioned list, then you have to create a project by going to the administration panel.

i. Click on the drop down icon next to your name on top right corner and select 'Administration' .
ii. Login with the administration credentials.
iii. In the Admin menu (on the left) select 'new' under 'Project Settings'.
iv. You will have to enter the details of the project that you are going to create here. Under the Default Repository, you need to select the repository location of the project that you are going to create for the review.
v. If the repository is not already added, you can create a repository by selecting 'new' under Repository settings on the Admin menu.

You have to be little careful about filling the repository details, for the 'svn url' you need to give the root svn location and under 'svn path', you need to give the specific path to the location of the files of your project.

For an example, if you are going to review the code located in:,
svn url is:
svn path is: trunk/carbon/components/apacheds-server/

I got the following error when creating the repository because of not setting above two values correctly.
Repository paused due to error - class com.cenqua.fisheye.rep.DbException: Problem getting diff information...
There fore make sure to fill them correctly.

After creating the repository, go back to step iv above and complete the project creation step.

Now go to your account's dashboard again, and in the Step 3 above, now you will see the project you created in the drop down menu. So you can continue with creating the review.

Atlassian has developed plug-ins to integrate crucible with Intellij-IDEA so that you can participate in code reviews and perform all the actions with in your favorite IDE.
Find how to install the plug-in here
Find how to configure the plug-in for your project and IDE from here.
Then find how to use Intellij IDEA for code reviews here.

Happy code reviewing..! :)