[IAM] User store does not behave as expected when it is created through admin services with only mandatory parameters

classic Classic list List threaded Threaded
12 messages Options
Reply | Threaded
Open this post in threaded view
|

[IAM] User store does not behave as expected when it is created through admin services with only mandatory parameters

Dilini Gunatilake
Hi IAM Team,

I need to create a JDBC secondary user store via admin services and I configured only the mandatory parameters and sent the request. The request was successful and the user store was created. However, when I tried to add a user to that user store, it says the password length is invalid and did not let me create a user.

Request:

<soap:Envelope xmlns:soap="http://www.w3.org/2003/05/soap-envelope" xmlns:xsd="http://org.apache.axis2/xsd" xmlns:xsd1="http://dto.configuration.store.user.identity.carbon.wso2.org/xsd">
   <soap:Header/>
   <soap:Body>
      <xsd:addUserStore>
         <!--Optional:-->
         <xsd:userStoreDTO>
            <!--Optional:-->
            <xsd1:className>org.wso2.carbon.user.core.jdbc.JDBCUserStoreManager</xsd1:className>
            <!--Optional:-->
            <xsd1:description>created with admin services</xsd1:description>
            <!--Optional:-->
            <xsd1:disabled>false</xsd1:disabled>
            <!--Optional:-->
            <xsd1:domainId>PRIMARY-JDBC780-ATTRIBUTE-STORE</xsd1:domainId>
            <!--Zero or more repetitions:-->
            <xsd1:properties>
               <xsd1:name>url</xsd1:name>
               <xsd1:value>jdbc:mysql://localhost:3306/is520user</xsd1:value>
            </xsd1:properties>
            <xsd1:properties>
               <xsd1:name>userName</xsd1:name>
               <xsd1:value>wso2carbonxxx</xsd1:value>
            </xsd1:properties>
            <xsd1:properties>
               <xsd1:name>password</xsd1:name>
               <xsd1:value>wso2carbonxxx</xsd1:value>
            </xsd1:properties>
            <xsd1:properties>
               <xsd1:name>driverName</xsd1:name>
               <xsd1:value>com.mysql.jdbc.Driver</xsd1:value>
            </xsd1:properties>       
            <xsd1:properties>
               <xsd1:name>CountRetrieverClass</xsd1:name>
               <xsd1:value>org.wso2.carbon.identity.user.store.count.jdbc.JDBCUserStoreCountRetriever</xsd1:value>
            </xsd1:properties>  
         </xsd:userStoreDTO>
      </xsd:addUserStore>
   </soap:Body>
</soap:Envelope>

This may be because I haven't configured the optional parameters such as username/password regex etc. in the request. But, IMO the request should work successfully with only mandatory parameters. 

If I do the same via management console, the additional parameters will be populated in the UI and saved in the xml when we save the configuration.

If a developer needs to create a user store via admin services, how can the developer achieve this? If the developer needs to configure optional parameters, there are around 100 parameters. What are the must have additional parameters the user needs to configure or what is the best way to handle this?

Thanks,
Dilini

--
Dilini Gunatilake
Software Engineer - QA Team

Mobile : +94771162518



_______________________________________________
Dev mailing list
[hidden email]
http://wso2.org/cgi-bin/mailman/listinfo/dev
Reply | Threaded
Open this post in threaded view
|

Re: [IAM] User store does not behave as expected when it is created through admin services with only mandatory parameters

Godwin Shrimal
Hi Dilini,

I think it makes sense to populate additional parameters in UI when adding user store from the management console. Yeah, when adding user store via admin services its bit hard to add those number of optional parameters. So I propose following solutions.

1. Improve our documentation and describe required optional parameters and add a sample request with optional parameters

2. Change backend to add default parameters (same as what we do in UI) if user is not sending additional parameters in request


Thanks
Godwin

On Wed, Dec 20, 2017 at 5:00 PM, Dilini Gunatilake <[hidden email]> wrote:
Hi IAM Team,

I need to create a JDBC secondary user store via admin services and I configured only the mandatory parameters and sent the request. The request was successful and the user store was created. However, when I tried to add a user to that user store, it says the password length is invalid and did not let me create a user.

Request:

<soap:Envelope xmlns:soap="http://www.w3.org/2003/05/soap-envelope" xmlns:xsd="http://org.apache.axis2/xsd" xmlns:xsd1="http://dto.configuration.store.user.identity.carbon.wso2.org/xsd">
   <soap:Header/>
   <soap:Body>
      <xsd:addUserStore>
         <!--Optional:-->
         <xsd:userStoreDTO>
            <!--Optional:-->
            <xsd1:className>org.wso2.carbon.user.core.jdbc.JDBCUserStoreManager</xsd1:className>
            <!--Optional:-->
            <xsd1:description>created with admin services</xsd1:description>
            <!--Optional:-->
            <xsd1:disabled>false</xsd1:disabled>
            <!--Optional:-->
            <xsd1:domainId>PRIMARY-JDBC780-ATTRIBUTE-STORE</xsd1:domainId>
            <!--Zero or more repetitions:-->
            <xsd1:properties>
               <xsd1:name>url</xsd1:name>
               <xsd1:value>jdbc:mysql://localhost:3306/is520user</xsd1:value>
            </xsd1:properties>
            <xsd1:properties>
               <xsd1:name>userName</xsd1:name>
               <xsd1:value>wso2carbonxxx</xsd1:value>
            </xsd1:properties>
            <xsd1:properties>
               <xsd1:name>password</xsd1:name>
               <xsd1:value>wso2carbonxxx</xsd1:value>
            </xsd1:properties>
            <xsd1:properties>
               <xsd1:name>driverName</xsd1:name>
               <xsd1:value>com.mysql.jdbc.Driver</xsd1:value>
            </xsd1:properties>       
            <xsd1:properties>
               <xsd1:name>CountRetrieverClass</xsd1:name>
               <xsd1:value>org.wso2.carbon.identity.user.store.count.jdbc.JDBCUserStoreCountRetriever</xsd1:value>
            </xsd1:properties>  
         </xsd:userStoreDTO>
      </xsd:addUserStore>
   </soap:Body>
</soap:Envelope>

This may be because I haven't configured the optional parameters such as username/password regex etc. in the request. But, IMO the request should work successfully with only mandatory parameters. 

If I do the same via management console, the additional parameters will be populated in the UI and saved in the xml when we save the configuration.

If a developer needs to create a user store via admin services, how can the developer achieve this? If the developer needs to configure optional parameters, there are around 100 parameters. What are the must have additional parameters the user needs to configure or what is the best way to handle this?

Thanks,
Dilini

--
Dilini Gunatilake
Software Engineer - QA Team

Mobile : <a href="tel:+94%2077%20116%202518" value="+94771162518" target="_blank">+94771162518





--
Godwin Amila Shrimal
Associate Technical Lead
WSO2 Inc.; http://wso2.com
lean.enterprise.middleware

mobile: +94772264165

_______________________________________________
Dev mailing list
[hidden email]
http://wso2.org/cgi-bin/mailman/listinfo/dev
Reply | Threaded
Open this post in threaded view
|

Re: [IAM] User store does not behave as expected when it is created through admin services with only mandatory parameters

Dilini Gunatilake
Thanks for the reply Godwin. Please see my comments inline.


On Wed, Dec 20, 2017 at 5:27 PM, Godwin Shrimal <[hidden email]> wrote:
Hi Dilini,

I think it makes sense to populate additional parameters in UI when adding user store from the management console.
Yes, this is handled correctly from the management console side as expected.
 
Yeah, when adding user store via admin services its bit hard to add those number of optional parameters. So I propose following solutions.

1. Improve our documentation and describe required optional parameters and add a sample request with optional parameters
In this case, every time the optional properties are changed the doc needs to be updated and the developer needs to update the request too.

2. Change backend to add default parameters (same as what we do in UI) if user is not sending additional parameters in request
+1 for this solution. Here, the developer does not need to worry about the 100 odd optional parameters at all. If he needs to change few parameters, he can change only the required ones.


Thanks
Godwin

On Wed, Dec 20, 2017 at 5:00 PM, Dilini Gunatilake <[hidden email]> wrote:
Hi IAM Team,

I need to create a JDBC secondary user store via admin services and I configured only the mandatory parameters and sent the request. The request was successful and the user store was created. However, when I tried to add a user to that user store, it says the password length is invalid and did not let me create a user.

Request:

<soap:Envelope xmlns:soap="http://www.w3.org/2003/05/soap-envelope" xmlns:xsd="http://org.apache.axis2/xsd" xmlns:xsd1="http://dto.configuration.store.user.identity.carbon.wso2.org/xsd">
   <soap:Header/>
   <soap:Body>
      <xsd:addUserStore>
         <!--Optional:-->
         <xsd:userStoreDTO>
            <!--Optional:-->
            <xsd1:className>org.wso2.carbon.user.core.jdbc.JDBCUserStoreManager</xsd1:className>
            <!--Optional:-->
            <xsd1:description>created with admin services</xsd1:description>
            <!--Optional:-->
            <xsd1:disabled>false</xsd1:disabled>
            <!--Optional:-->
            <xsd1:domainId>PRIMARY-JDBC780-ATTRIBUTE-STORE</xsd1:domainId>
            <!--Zero or more repetitions:-->
            <xsd1:properties>
               <xsd1:name>url</xsd1:name>
               <xsd1:value>jdbc:mysql://localhost:3306/is520user</xsd1:value>
            </xsd1:properties>
            <xsd1:properties>
               <xsd1:name>userName</xsd1:name>
               <xsd1:value>wso2carbonxxx</xsd1:value>
            </xsd1:properties>
            <xsd1:properties>
               <xsd1:name>password</xsd1:name>
               <xsd1:value>wso2carbonxxx</xsd1:value>
            </xsd1:properties>
            <xsd1:properties>
               <xsd1:name>driverName</xsd1:name>
               <xsd1:value>com.mysql.jdbc.Driver</xsd1:value>
            </xsd1:properties>       
            <xsd1:properties>
               <xsd1:name>CountRetrieverClass</xsd1:name>
               <xsd1:value>org.wso2.carbon.identity.user.store.count.jdbc.JDBCUserStoreCountRetriever</xsd1:value>
            </xsd1:properties>  
         </xsd:userStoreDTO>
      </xsd:addUserStore>
   </soap:Body>
</soap:Envelope>

This may be because I haven't configured the optional parameters such as username/password regex etc. in the request. But, IMO the request should work successfully with only mandatory parameters. 

If I do the same via management console, the additional parameters will be populated in the UI and saved in the xml when we save the configuration.

If a developer needs to create a user store via admin services, how can the developer achieve this? If the developer needs to configure optional parameters, there are around 100 parameters. What are the must have additional parameters the user needs to configure or what is the best way to handle this?

Thanks,
Dilini

--
Dilini Gunatilake
Software Engineer - QA Team

Mobile : <a href="tel:+94%2077%20116%202518" value="+94771162518" target="_blank">+94771162518





--
Godwin Amila Shrimal
Associate Technical Lead
WSO2 Inc.; http://wso2.com
lean.enterprise.middleware

mobile: +94772264165



--
Dilini Gunatilake
Software Engineer - QA Team

Mobile : +94771162518



_______________________________________________
Dev mailing list
[hidden email]
http://wso2.org/cgi-bin/mailman/listinfo/dev
Reply | Threaded
Open this post in threaded view
|

Re: [IAM] User store does not behave as expected when it is created through admin services with only mandatory parameters

Godwin Shrimal
Hi Dilini,

Please see my comments.

I think it makes sense to populate additional parameters in UI when adding user store from the management console.
Yes, this is handled correctly from the management console side as expected.
 
Yeah, when adding user store via admin services its bit hard to add those number of optional parameters. So I propose following solutions.

1. Improve our documentation and describe required optional parameters and add a sample request with optional parameters
In this case, every time the optional properties are changed the doc needs to be updated and the developer needs to update the request too.
I don't think optional parameters are changing frequently, it is something changing rearely when we need to introudce some feature to perticluar user store. And if optional parameters added newly, existing request should work as expected without breaking and not MUST to add that parameters to request.


2. Change backend to add default parameters (same as what we do in UI) if user is not sending additional parameters in request
+1 for this solution. Here, the developer does not need to worry about the 100 odd optional parameters at all. If he needs to change few parameters, he can change only the required ones.


Thanks
Godwin

On Wed, Dec 20, 2017 at 5:00 PM, Dilini Gunatilake <[hidden email]> wrote:
Hi IAM Team,

I need to create a JDBC secondary user store via admin services and I configured only the mandatory parameters and sent the request. The request was successful and the user store was created. However, when I tried to add a user to that user store, it says the password length is invalid and did not let me create a user.

Request:

<soap:Envelope xmlns:soap="http://www.w3.org/2003/05/soap-envelope" xmlns:xsd="http://org.apache.axis2/xsd" xmlns:xsd1="http://dto.configuration.store.user.identity.carbon.wso2.org/xsd">
   <soap:Header/>
   <soap:Body>
      <xsd:addUserStore>
         <!--Optional:-->
         <xsd:userStoreDTO>
            <!--Optional:-->
            <xsd1:className>org.wso2.carbon.user.core.jdbc.JDBCUserStoreManager</xsd1:className>
            <!--Optional:-->
            <xsd1:description>created with admin services</xsd1:description>
            <!--Optional:-->
            <xsd1:disabled>false</xsd1:disabled>
            <!--Optional:-->
            <xsd1:domainId>PRIMARY-JDBC780-ATTRIBUTE-STORE</xsd1:domainId>
            <!--Zero or more repetitions:-->
            <xsd1:properties>
               <xsd1:name>url</xsd1:name>
               <xsd1:value>jdbc:mysql://localhost:3306/is520user</xsd1:value>
            </xsd1:properties>
            <xsd1:properties>
               <xsd1:name>userName</xsd1:name>
               <xsd1:value>wso2carbonxxx</xsd1:value>
            </xsd1:properties>
            <xsd1:properties>
               <xsd1:name>password</xsd1:name>
               <xsd1:value>wso2carbonxxx</xsd1:value>
            </xsd1:properties>
            <xsd1:properties>
               <xsd1:name>driverName</xsd1:name>
               <xsd1:value>com.mysql.jdbc.Driver</xsd1:value>
            </xsd1:properties>       
            <xsd1:properties>
               <xsd1:name>CountRetrieverClass</xsd1:name>
               <xsd1:value>org.wso2.carbon.identity.user.store.count.jdbc.JDBCUserStoreCountRetriever</xsd1:value>
            </xsd1:properties>  
         </xsd:userStoreDTO>
      </xsd:addUserStore>
   </soap:Body>
</soap:Envelope>

This may be because I haven't configured the optional parameters such as username/password regex etc. in the request. But, IMO the request should work successfully with only mandatory parameters. 

If I do the same via management console, the additional parameters will be populated in the UI and saved in the xml when we save the configuration.

If a developer needs to create a user store via admin services, how can the developer achieve this? If the developer needs to configure optional parameters, there are around 100 parameters. What are the must have additional parameters the user needs to configure or what is the best way to handle this?

Thanks,
Dilini

--
Dilini Gunatilake
Software Engineer - QA Team

Mobile : <a href="tel:+94%2077%20116%202518" value="+94771162518" target="_blank">+94771162518





--
Godwin Amila Shrimal
Associate Technical Lead
WSO2 Inc.; http://wso2.com
lean.enterprise.middleware

mobile: +94772264165



--
Dilini Gunatilake
Software Engineer - QA Team

Mobile : <a href="tel:+94%2077%20116%202518" value="+94771162518" target="_blank">+94771162518





--
Godwin Amila Shrimal
Associate Technical Lead
WSO2 Inc.; http://wso2.com
lean.enterprise.middleware

mobile: +94772264165

_______________________________________________
Dev mailing list
[hidden email]
http://wso2.org/cgi-bin/mailman/listinfo/dev
Reply | Threaded
Open this post in threaded view
|

Re: [IAM] User store does not behave as expected when it is created through admin services with only mandatory parameters

Dilini Gunatilake
Hi Godwin,

Please see my comments inline.

On Wed, Dec 20, 2017 at 7:59 PM, Godwin Shrimal <[hidden email]> wrote:
Hi Dilini,

Please see my comments.

I think it makes sense to populate additional parameters in UI when adding user store from the management console.
Yes, this is handled correctly from the management console side as expected.
 
Yeah, when adding user store via admin services its bit hard to add those number of optional parameters. So I propose following solutions.

1. Improve our documentation and describe required optional parameters and add a sample request with optional parameters
In this case, every time the optional properties are changed the doc needs to be updated and the developer needs to update the request too.
I don't think optional parameters are changing frequently, it is something changing rearely when we need to introudce some feature to perticluar user store. And if optional parameters added newly, existing request should work as expected without breaking and not MUST to add that parameters to request.
But, in this case it is a must to add the optional parameters in the request which is wrong. This hinders the usability aspect from the user perspective. So, IMO we should document the full request as well as handle it as per solution 2.  


2. Change backend to add default parameters (same as what we do in UI) if user is not sending additional parameters in request
+1 for this solution. Here, the developer does not need to worry about the 100 odd optional parameters at all. If he needs to change few parameters, he can change only the required ones.


Thanks
Godwin

On Wed, Dec 20, 2017 at 5:00 PM, Dilini Gunatilake <[hidden email]> wrote:
Hi IAM Team,

I need to create a JDBC secondary user store via admin services and I configured only the mandatory parameters and sent the request. The request was successful and the user store was created. However, when I tried to add a user to that user store, it says the password length is invalid and did not let me create a user.

Request:

<soap:Envelope xmlns:soap="http://www.w3.org/2003/05/soap-envelope" xmlns:xsd="http://org.apache.axis2/xsd" xmlns:xsd1="http://dto.configuration.store.user.identity.carbon.wso2.org/xsd">
   <soap:Header/>
   <soap:Body>
      <xsd:addUserStore>
         <!--Optional:-->
         <xsd:userStoreDTO>
            <!--Optional:-->
            <xsd1:className>org.wso2.carbon.user.core.jdbc.JDBCUserStoreManager</xsd1:className>
            <!--Optional:-->
            <xsd1:description>created with admin services</xsd1:description>
            <!--Optional:-->
            <xsd1:disabled>false</xsd1:disabled>
            <!--Optional:-->
            <xsd1:domainId>PRIMARY-JDBC780-ATTRIBUTE-STORE</xsd1:domainId>
            <!--Zero or more repetitions:-->
            <xsd1:properties>
               <xsd1:name>url</xsd1:name>
               <xsd1:value>jdbc:mysql://localhost:3306/is520user</xsd1:value>
            </xsd1:properties>
            <xsd1:properties>
               <xsd1:name>userName</xsd1:name>
               <xsd1:value>wso2carbonxxx</xsd1:value>
            </xsd1:properties>
            <xsd1:properties>
               <xsd1:name>password</xsd1:name>
               <xsd1:value>wso2carbonxxx</xsd1:value>
            </xsd1:properties>
            <xsd1:properties>
               <xsd1:name>driverName</xsd1:name>
               <xsd1:value>com.mysql.jdbc.Driver</xsd1:value>
            </xsd1:properties>       
            <xsd1:properties>
               <xsd1:name>CountRetrieverClass</xsd1:name>
               <xsd1:value>org.wso2.carbon.identity.user.store.count.jdbc.JDBCUserStoreCountRetriever</xsd1:value>
            </xsd1:properties>  
         </xsd:userStoreDTO>
      </xsd:addUserStore>
   </soap:Body>
</soap:Envelope>

This may be because I haven't configured the optional parameters such as username/password regex etc. in the request. But, IMO the request should work successfully with only mandatory parameters. 

If I do the same via management console, the additional parameters will be populated in the UI and saved in the xml when we save the configuration.

If a developer needs to create a user store via admin services, how can the developer achieve this? If the developer needs to configure optional parameters, there are around 100 parameters. What are the must have additional parameters the user needs to configure or what is the best way to handle this?

Thanks,
Dilini

--
Dilini Gunatilake
Software Engineer - QA Team

Mobile : <a href="tel:+94%2077%20116%202518" value="+94771162518" target="_blank">+94771162518





--
Godwin Amila Shrimal
Associate Technical Lead
WSO2 Inc.; http://wso2.com
lean.enterprise.middleware

mobile: +94772264165



--
Dilini Gunatilake
Software Engineer - QA Team

Mobile : <a href="tel:+94%2077%20116%202518" value="+94771162518" target="_blank">+94771162518





--
Godwin Amila Shrimal
Associate Technical Lead
WSO2 Inc.; http://wso2.com
lean.enterprise.middleware

mobile: +94772264165



--
Dilini Gunatilake
Software Engineer - QA Team

Mobile : +94771162518



_______________________________________________
Dev mailing list
[hidden email]
http://wso2.org/cgi-bin/mailman/listinfo/dev
Reply | Threaded
Open this post in threaded view
|

Re: [IAM] User store does not behave as expected when it is created through admin services with only mandatory parameters

Godwin Shrimal
Hi Dilini,

Please see my comments.


I think it makes sense to populate additional parameters in UI when adding user store from the management console.
Yes, this is handled correctly from the management console side as expected.
 
Yeah, when adding user store via admin services its bit hard to add those number of optional parameters. So I propose following solutions.

1. Improve our documentation and describe required optional parameters and add a sample request with optional parameters
In this case, every time the optional properties are changed the doc needs to be updated and the developer needs to update the request too.
I don't think optional parameters are changing frequently, it is something changing rearely when we need to introudce some feature to perticluar user store. And if optional parameters added newly, existing request should work as expected without breaking and not MUST to add that parameters to request.
But, in this case it is a must to add the optional parameters in the request which is wrong. This hinders the usability aspect from the user perspective. So, IMO we should document the full request as well as handle it as per solution 2.  

As an API its not wrong not to send optional parameters, But yes. Its not working as expected if we not send them. Yes, we need to fully document the request with optional parameters as suggested in solution1 as an imidiate step. We may need implement the solution 2 in future. Lets wait and see the feedback from IAM team.


Thanks
Godwin

 


2. Change backend to add default parameters (same as what we do in UI) if user is not sending additional parameters in request
+1 for this solution. Here, the developer does not need to worry about the 100 odd optional parameters at all. If he needs to change few parameters, he can change only the required ones.


Thanks
Godwin

On Wed, Dec 20, 2017 at 5:00 PM, Dilini Gunatilake <[hidden email]> wrote:
Hi IAM Team,

I need to create a JDBC secondary user store via admin services and I configured only the mandatory parameters and sent the request. The request was successful and the user store was created. However, when I tried to add a user to that user store, it says the password length is invalid and did not let me create a user.

Request:

<soap:Envelope xmlns:soap="http://www.w3.org/2003/05/soap-envelope" xmlns:xsd="http://org.apache.axis2/xsd" xmlns:xsd1="http://dto.configuration.store.user.identity.carbon.wso2.org/xsd">
   <soap:Header/>
   <soap:Body>
      <xsd:addUserStore>
         <!--Optional:-->
         <xsd:userStoreDTO>
            <!--Optional:-->
            <xsd1:className>org.wso2.carbon.user.core.jdbc.JDBCUserStoreManager</xsd1:className>
            <!--Optional:-->
            <xsd1:description>created with admin services</xsd1:description>
            <!--Optional:-->
            <xsd1:disabled>false</xsd1:disabled>
            <!--Optional:-->
            <xsd1:domainId>PRIMARY-JDBC780-ATTRIBUTE-STORE</xsd1:domainId>
            <!--Zero or more repetitions:-->
            <xsd1:properties>
               <xsd1:name>url</xsd1:name>
               <xsd1:value>jdbc:mysql://localhost:3306/is520user</xsd1:value>
            </xsd1:properties>
            <xsd1:properties>
               <xsd1:name>userName</xsd1:name>
               <xsd1:value>wso2carbonxxx</xsd1:value>
            </xsd1:properties>
            <xsd1:properties>
               <xsd1:name>password</xsd1:name>
               <xsd1:value>wso2carbonxxx</xsd1:value>
            </xsd1:properties>
            <xsd1:properties>
               <xsd1:name>driverName</xsd1:name>
               <xsd1:value>com.mysql.jdbc.Driver</xsd1:value>
            </xsd1:properties>       
            <xsd1:properties>
               <xsd1:name>CountRetrieverClass</xsd1:name>
               <xsd1:value>org.wso2.carbon.identity.user.store.count.jdbc.JDBCUserStoreCountRetriever</xsd1:value>
            </xsd1:properties>  
         </xsd:userStoreDTO>
      </xsd:addUserStore>
   </soap:Body>
</soap:Envelope>

This may be because I haven't configured the optional parameters such as username/password regex etc. in the request. But, IMO the request should work successfully with only mandatory parameters. 

If I do the same via management console, the additional parameters will be populated in the UI and saved in the xml when we save the configuration.

If a developer needs to create a user store via admin services, how can the developer achieve this? If the developer needs to configure optional parameters, there are around 100 parameters. What are the must have additional parameters the user needs to configure or what is the best way to handle this?

Thanks,
Dilini

--
Dilini Gunatilake
Software Engineer - QA Team

Mobile : <a href="tel:+94%2077%20116%202518" value="+94771162518" target="_blank">+94771162518





--
Godwin Amila Shrimal
Associate Technical Lead
WSO2 Inc.; http://wso2.com
lean.enterprise.middleware

mobile: +94772264165



--
Dilini Gunatilake
Software Engineer - QA Team

Mobile : <a href="tel:+94%2077%20116%202518" value="+94771162518" target="_blank">+94771162518





--
Godwin Amila Shrimal
Associate Technical Lead
WSO2 Inc.; http://wso2.com
lean.enterprise.middleware

mobile: +94772264165



--
Dilini Gunatilake
Software Engineer - QA Team

Mobile : <a href="tel:+94%2077%20116%202518" value="+94771162518" target="_blank">+94771162518





--
Godwin Amila Shrimal
Associate Technical Lead
WSO2 Inc.; http://wso2.com
lean.enterprise.middleware

mobile: +94772264165

_______________________________________________
Dev mailing list
[hidden email]
http://wso2.org/cgi-bin/mailman/listinfo/dev
Reply | Threaded
Open this post in threaded view
|

Re: [IAM] User store does not behave as expected when it is created through admin services with only mandatory parameters

tharindue
Hi Dilini,

After adding the secondary userstore, you can find the config file related to that in repository/deployment/server/userstores/ location. Although you have not added the regex parameters when you created the userstore from the admin service, I believe it should have added some default regex there. You need to check the following two properties in the file.

PasswordJavaRegEx
PasswordJavaScriptRegEx

You can find more information on the password pattern validation from [1].

[1] http://tharindue.blogspot.com/2016/08/user-password-pattern-regex-front-end.html

Thanks,
TharinduE

On Wed, Dec 20, 2017 at 11:46 AM, Godwin Shrimal <[hidden email]> wrote:
Hi Dilini,

Please see my comments.


I think it makes sense to populate additional parameters in UI when adding user store from the management console.
Yes, this is handled correctly from the management console side as expected.
 
Yeah, when adding user store via admin services its bit hard to add those number of optional parameters. So I propose following solutions.

1. Improve our documentation and describe required optional parameters and add a sample request with optional parameters
In this case, every time the optional properties are changed the doc needs to be updated and the developer needs to update the request too.
I don't think optional parameters are changing frequently, it is something changing rearely when we need to introudce some feature to perticluar user store. And if optional parameters added newly, existing request should work as expected without breaking and not MUST to add that parameters to request.
But, in this case it is a must to add the optional parameters in the request which is wrong. This hinders the usability aspect from the user perspective. So, IMO we should document the full request as well as handle it as per solution 2.  

As an API its not wrong not to send optional parameters, But yes. Its not working as expected if we not send them. Yes, we need to fully document the request with optional parameters as suggested in solution1 as an imidiate step. We may need implement the solution 2 in future. Lets wait and see the feedback from IAM team.


Thanks
Godwin

 


2. Change backend to add default parameters (same as what we do in UI) if user is not sending additional parameters in request
+1 for this solution. Here, the developer does not need to worry about the 100 odd optional parameters at all. If he needs to change few parameters, he can change only the required ones.


Thanks
Godwin

On Wed, Dec 20, 2017 at 5:00 PM, Dilini Gunatilake <[hidden email]> wrote:
Hi IAM Team,

I need to create a JDBC secondary user store via admin services and I configured only the mandatory parameters and sent the request. The request was successful and the user store was created. However, when I tried to add a user to that user store, it says the password length is invalid and did not let me create a user.

Request:

<soap:Envelope xmlns:soap="http://www.w3.org/2003/05/soap-envelope" xmlns:xsd="http://org.apache.axis2/xsd" xmlns:xsd1="http://dto.configuration.store.user.identity.carbon.wso2.org/xsd">
   <soap:Header/>
   <soap:Body>
      <xsd:addUserStore>
         <!--Optional:-->
         <xsd:userStoreDTO>
            <!--Optional:-->
            <xsd1:className>org.wso2.carbon.user.core.jdbc.JDBCUserStoreManager</xsd1:className>
            <!--Optional:-->
            <xsd1:description>created with admin services</xsd1:description>
            <!--Optional:-->
            <xsd1:disabled>false</xsd1:disabled>
            <!--Optional:-->
            <xsd1:domainId>PRIMARY-JDBC780-ATTRIBUTE-STORE</xsd1:domainId>
            <!--Zero or more repetitions:-->
            <xsd1:properties>
               <xsd1:name>url</xsd1:name>
               <xsd1:value>jdbc:mysql://localhost:3306/is520user</xsd1:value>
            </xsd1:properties>
            <xsd1:properties>
               <xsd1:name>userName</xsd1:name>
               <xsd1:value>wso2carbonxxx</xsd1:value>
            </xsd1:properties>
            <xsd1:properties>
               <xsd1:name>password</xsd1:name>
               <xsd1:value>wso2carbonxxx</xsd1:value>
            </xsd1:properties>
            <xsd1:properties>
               <xsd1:name>driverName</xsd1:name>
               <xsd1:value>com.mysql.jdbc.Driver</xsd1:value>
            </xsd1:properties>       
            <xsd1:properties>
               <xsd1:name>CountRetrieverClass</xsd1:name>
               <xsd1:value>org.wso2.carbon.identity.user.store.count.jdbc.JDBCUserStoreCountRetriever</xsd1:value>
            </xsd1:properties>  
         </xsd:userStoreDTO>
      </xsd:addUserStore>
   </soap:Body>
</soap:Envelope>

This may be because I haven't configured the optional parameters such as username/password regex etc. in the request. But, IMO the request should work successfully with only mandatory parameters. 

If I do the same via management console, the additional parameters will be populated in the UI and saved in the xml when we save the configuration.

If a developer needs to create a user store via admin services, how can the developer achieve this? If the developer needs to configure optional parameters, there are around 100 parameters. What are the must have additional parameters the user needs to configure or what is the best way to handle this?

Thanks,
Dilini

--
Dilini Gunatilake
Software Engineer - QA Team

Mobile : <a href="tel:+94%2077%20116%202518" value="+94771162518" target="_blank">+94771162518





--
Godwin Amila Shrimal
Associate Technical Lead
WSO2 Inc.; http://wso2.com
lean.enterprise.middleware

mobile: +94772264165



--
Dilini Gunatilake
Software Engineer - QA Team

Mobile : <a href="tel:+94%2077%20116%202518" value="+94771162518" target="_blank">+94771162518





--
Godwin Amila Shrimal
Associate Technical Lead
WSO2 Inc.; http://wso2.com
lean.enterprise.middleware

mobile: +94772264165



--
Dilini Gunatilake
Software Engineer - QA Team

Mobile : <a href="tel:+94%2077%20116%202518" value="+94771162518" target="_blank">+94771162518





--
Godwin Amila Shrimal
Associate Technical Lead
WSO2 Inc.; http://wso2.com
lean.enterprise.middleware

mobile: +94772264165

_______________________________________________
Dev mailing list
[hidden email]
http://wso2.org/cgi-bin/mailman/listinfo/dev




--

Tharindu Edirisinghe
Senior Software Engineer | WSO2 Inc
Platform Security Team
Blog : http://tharindue.blogspot.com
mobile : +94 775181586


_______________________________________________
Dev mailing list
[hidden email]
http://wso2.org/cgi-bin/mailman/listinfo/dev
Reply | Threaded
Open this post in threaded view
|

Re: [IAM] User store does not behave as expected when it is created through admin services with only mandatory parameters

Dilini Gunatilake
Hi Tharindu/Godwin,

I already checked the config file. The default regex were not added. Following are the only configs available in the file (which are the ones I configured).

<?xml version="1.0" encoding="UTF-8"?><UserStoreManager class="org.wso2.carbon.user.core.jdbc.JDBCUserStoreManager">
      <Property name="url">jdbc:mysql://localhost:3306/is520user</Property>
      <Property name="userName">wso2carbon</Property>
      <Property encrypted="true" name="password">A1yNIeGmb1QZHDIk09yOyx/+PWDPNRfOk6tCiCnQWzhFiXFaVu5dSWfqah7AElOdKqjgl0BOFdk4sXRGtjdPM3t8bODe9KzKrA3EJJ2mP16zbOah8JhFMJJDWOw0wkBy4TSnl7GBrGJMzQTazzYaxN/+nVpF25nbq1p7TzNytOJxagNMRjwnhgl08lFPNKs1VCJ1D4spQ4zjLp5oJBftdzMdi5wPo8tdNWu/oRRPZjz4Y/mWy4cE7hHZlPul3kYzm1BP2kWX/rsUgRdaKeSKaQwqNVOOsZxCgWTCanUMmZKvHOxehVe3BypebciR58RQH5Vyk6l+JCrXNvBN1OBOoA==</Property>
      <Property name="driverName">com.mysql.jdbc.Driver</Property>
      <Property name="CountRetrieverClass">org.wso2.carbon.identity.user.store.count.jdbc.JDBCUserStoreCountRetriever</Property>
      <Property name="DomainName">PRIMARY-JDBC780-ATTRIBUTE-STORE</Property>
      <Property name="Description">created with admin services</Property>
</UserStoreManager>


@Godwin -  +1 for the approach.

Thanks,
Dilini


On Wed, Dec 20, 2017 at 11:25 PM, Tharindu Edirisinghe <[hidden email]> wrote:
Hi Dilini,

After adding the secondary userstore, you can find the config file related to that in repository/deployment/server/userstores/ location. Although you have not added the regex parameters when you created the userstore from the admin service, I believe it should have added some default regex there. You need to check the following two properties in the file.

PasswordJavaRegEx
PasswordJavaScriptRegEx

You can find more information on the password pattern validation from [1].

[1] http://tharindue.blogspot.com/2016/08/user-password-pattern-regex-front-end.html

Thanks,
TharinduE

On Wed, Dec 20, 2017 at 11:46 AM, Godwin Shrimal <[hidden email]> wrote:
Hi Dilini,

Please see my comments.


I think it makes sense to populate additional parameters in UI when adding user store from the management console.
Yes, this is handled correctly from the management console side as expected.
 
Yeah, when adding user store via admin services its bit hard to add those number of optional parameters. So I propose following solutions.

1. Improve our documentation and describe required optional parameters and add a sample request with optional parameters
In this case, every time the optional properties are changed the doc needs to be updated and the developer needs to update the request too.
I don't think optional parameters are changing frequently, it is something changing rearely when we need to introudce some feature to perticluar user store. And if optional parameters added newly, existing request should work as expected without breaking and not MUST to add that parameters to request.
But, in this case it is a must to add the optional parameters in the request which is wrong. This hinders the usability aspect from the user perspective. So, IMO we should document the full request as well as handle it as per solution 2.  

As an API its not wrong not to send optional parameters, But yes. Its not working as expected if we not send them. Yes, we need to fully document the request with optional parameters as suggested in solution1 as an imidiate step. We may need implement the solution 2 in future. Lets wait and see the feedback from IAM team.


Thanks
Godwin

 


2. Change backend to add default parameters (same as what we do in UI) if user is not sending additional parameters in request
+1 for this solution. Here, the developer does not need to worry about the 100 odd optional parameters at all. If he needs to change few parameters, he can change only the required ones.


Thanks
Godwin

On Wed, Dec 20, 2017 at 5:00 PM, Dilini Gunatilake <[hidden email]> wrote:
Hi IAM Team,

I need to create a JDBC secondary user store via admin services and I configured only the mandatory parameters and sent the request. The request was successful and the user store was created. However, when I tried to add a user to that user store, it says the password length is invalid and did not let me create a user.

Request:

<soap:Envelope xmlns:soap="http://www.w3.org/2003/05/soap-envelope" xmlns:xsd="http://org.apache.axis2/xsd" xmlns:xsd1="http://dto.configuration.store.user.identity.carbon.wso2.org/xsd">
   <soap:Header/>
   <soap:Body>
      <xsd:addUserStore>
         <!--Optional:-->
         <xsd:userStoreDTO>
            <!--Optional:-->
            <xsd1:className>org.wso2.carbon.user.core.jdbc.JDBCUserStoreManager</xsd1:className>
            <!--Optional:-->
            <xsd1:description>created with admin services</xsd1:description>
            <!--Optional:-->
            <xsd1:disabled>false</xsd1:disabled>
            <!--Optional:-->
            <xsd1:domainId>PRIMARY-JDBC780-ATTRIBUTE-STORE</xsd1:domainId>
            <!--Zero or more repetitions:-->
            <xsd1:properties>
               <xsd1:name>url</xsd1:name>
               <xsd1:value>jdbc:mysql://localhost:3306/is520user</xsd1:value>
            </xsd1:properties>
            <xsd1:properties>
               <xsd1:name>userName</xsd1:name>
               <xsd1:value>wso2carbonxxx</xsd1:value>
            </xsd1:properties>
            <xsd1:properties>
               <xsd1:name>password</xsd1:name>
               <xsd1:value>wso2carbonxxx</xsd1:value>
            </xsd1:properties>
            <xsd1:properties>
               <xsd1:name>driverName</xsd1:name>
               <xsd1:value>com.mysql.jdbc.Driver</xsd1:value>
            </xsd1:properties>       
            <xsd1:properties>
               <xsd1:name>CountRetrieverClass</xsd1:name>
               <xsd1:value>org.wso2.carbon.identity.user.store.count.jdbc.JDBCUserStoreCountRetriever</xsd1:value>
            </xsd1:properties>  
         </xsd:userStoreDTO>
      </xsd:addUserStore>
   </soap:Body>
</soap:Envelope>

This may be because I haven't configured the optional parameters such as username/password regex etc. in the request. But, IMO the request should work successfully with only mandatory parameters. 

If I do the same via management console, the additional parameters will be populated in the UI and saved in the xml when we save the configuration.

If a developer needs to create a user store via admin services, how can the developer achieve this? If the developer needs to configure optional parameters, there are around 100 parameters. What are the must have additional parameters the user needs to configure or what is the best way to handle this?

Thanks,
Dilini

--
Dilini Gunatilake
Software Engineer - QA Team

Mobile : <a href="tel:+94%2077%20116%202518" value="+94771162518" target="_blank">+94771162518





--
Godwin Amila Shrimal
Associate Technical Lead
WSO2 Inc.; http://wso2.com
lean.enterprise.middleware

mobile: +94772264165



--
Dilini Gunatilake
Software Engineer - QA Team

Mobile : <a href="tel:+94%2077%20116%202518" value="+94771162518" target="_blank">+94771162518





--
Godwin Amila Shrimal
Associate Technical Lead
WSO2 Inc.; http://wso2.com
lean.enterprise.middleware

mobile: +94772264165



--
Dilini Gunatilake
Software Engineer - QA Team

Mobile : <a href="tel:+94%2077%20116%202518" value="+94771162518" target="_blank">+94771162518





--
Godwin Amila Shrimal
Associate Technical Lead
WSO2 Inc.; http://wso2.com
lean.enterprise.middleware

mobile: +94772264165

_______________________________________________
Dev mailing list
[hidden email]
http://wso2.org/cgi-bin/mailman/listinfo/dev




--

Tharindu Edirisinghe
Senior Software Engineer | WSO2 Inc
Platform Security Team
Blog : http://tharindue.blogspot.com
mobile : <a href="tel:+94%2077%20518%201586" value="+94775181586" target="_blank">+94 775181586




--
Dilini Gunatilake
Software Engineer - QA Team

Mobile : +94771162518



_______________________________________________
Dev mailing list
[hidden email]
http://wso2.org/cgi-bin/mailman/listinfo/dev
Reply | Threaded
Open this post in threaded view
|

Re: [IAM] User store does not behave as expected when it is created through admin services with only mandatory parameters

Sherene Mahanama
Hi IAM Team, 

The UserStoreConfigAdminService has been documented in [1]. I have also added a tip under the addUserStore operation that links off to the relevant docs for a full list of properties including optional properties for each user store type. 

However, the sample request given under the addUserStore() operation [2] only includes mandatory parameters which will not work as mentioned by Dilini and Godwin. Can we please have a working sample request that we can add to the doc? Which optional parameters need to be included in the request for it to work as expected? Please advise.


Thanks,
Sherene

On Thu, Dec 21, 2017 at 9:18 AM, Dilini Gunatilake <[hidden email]> wrote:
Hi Tharindu/Godwin,

I already checked the config file. The default regex were not added. Following are the only configs available in the file (which are the ones I configured).

<?xml version="1.0" encoding="UTF-8"?><UserStoreManager class="org.wso2.carbon.user.core.jdbc.JDBCUserStoreManager">
      <Property name="url">jdbc:mysql://localhost:3306/is520user</Property>
      <Property name="userName">wso2carbon</Property>
      <Property encrypted="true" name="password">A1yNIeGmb1QZHDIk09yOyx/+PWDPNRfOk6tCiCnQWzhFiXFaVu5dSWfqah7AElOdKqjgl0BOFdk4sXRGtjdPM3t8bODe9KzKrA3EJJ2mP16zbOah8JhFMJJDWOw0wkBy4TSnl7GBrGJMzQTazzYaxN/+nVpF25nbq1p7TzNytOJxagNMRjwnhgl08lFPNKs1VCJ1D4spQ4zjLp5oJBftdzMdi5wPo8tdNWu/oRRPZjz4Y/mWy4cE7hHZlPul3kYzm1BP2kWX/rsUgRdaKeSKaQwqNVOOsZxCgWTCanUMmZKvHOxehVe3BypebciR58RQH5Vyk6l+JCrXNvBN1OBOoA==</Property>
      <Property name="driverName">com.mysql.jdbc.Driver</Property>
      <Property name="CountRetrieverClass">org.wso2.carbon.identity.user.store.count.jdbc.JDBCUserStoreCountRetriever</Property>
      <Property name="DomainName">PRIMARY-JDBC780-ATTRIBUTE-STORE</Property>
      <Property name="Description">created with admin services</Property>
</UserStoreManager>


@Godwin -  +1 for the approach.

Thanks,
Dilini


On Wed, Dec 20, 2017 at 11:25 PM, Tharindu Edirisinghe <[hidden email]> wrote:
Hi Dilini,

After adding the secondary userstore, you can find the config file related to that in repository/deployment/server/userstores/ location. Although you have not added the regex parameters when you created the userstore from the admin service, I believe it should have added some default regex there. You need to check the following two properties in the file.

PasswordJavaRegEx
PasswordJavaScriptRegEx

You can find more information on the password pattern validation from [1].

[1] http://tharindue.blogspot.com/2016/08/user-password-pattern-regex-front-end.html

Thanks,
TharinduE

On Wed, Dec 20, 2017 at 11:46 AM, Godwin Shrimal <[hidden email]> wrote:
Hi Dilini,

Please see my comments.


I think it makes sense to populate additional parameters in UI when adding user store from the management console.
Yes, this is handled correctly from the management console side as expected.
 
Yeah, when adding user store via admin services its bit hard to add those number of optional parameters. So I propose following solutions.

1. Improve our documentation and describe required optional parameters and add a sample request with optional parameters
In this case, every time the optional properties are changed the doc needs to be updated and the developer needs to update the request too.
I don't think optional parameters are changing frequently, it is something changing rearely when we need to introudce some feature to perticluar user store. And if optional parameters added newly, existing request should work as expected without breaking and not MUST to add that parameters to request.
But, in this case it is a must to add the optional parameters in the request which is wrong. This hinders the usability aspect from the user perspective. So, IMO we should document the full request as well as handle it as per solution 2.  

As an API its not wrong not to send optional parameters, But yes. Its not working as expected if we not send them. Yes, we need to fully document the request with optional parameters as suggested in solution1 as an imidiate step. We may need implement the solution 2 in future. Lets wait and see the feedback from IAM team.


Thanks
Godwin

 


2. Change backend to add default parameters (same as what we do in UI) if user is not sending additional parameters in request
+1 for this solution. Here, the developer does not need to worry about the 100 odd optional parameters at all. If he needs to change few parameters, he can change only the required ones.


Thanks
Godwin

On Wed, Dec 20, 2017 at 5:00 PM, Dilini Gunatilake <[hidden email]> wrote:
Hi IAM Team,

I need to create a JDBC secondary user store via admin services and I configured only the mandatory parameters and sent the request. The request was successful and the user store was created. However, when I tried to add a user to that user store, it says the password length is invalid and did not let me create a user.

Request:

<soap:Envelope xmlns:soap="http://www.w3.org/2003/05/soap-envelope" xmlns:xsd="http://org.apache.axis2/xsd" xmlns:xsd1="http://dto.configuration.store.user.identity.carbon.wso2.org/xsd">
   <soap:Header/>
   <soap:Body>
      <xsd:addUserStore>
         <!--Optional:-->
         <xsd:userStoreDTO>
            <!--Optional:-->
            <xsd1:className>org.wso2.carbon.user.core.jdbc.JDBCUserStoreManager</xsd1:className>
            <!--Optional:-->
            <xsd1:description>created with admin services</xsd1:description>
            <!--Optional:-->
            <xsd1:disabled>false</xsd1:disabled>
            <!--Optional:-->
            <xsd1:domainId>PRIMARY-JDBC780-ATTRIBUTE-STORE</xsd1:domainId>
            <!--Zero or more repetitions:-->
            <xsd1:properties>
               <xsd1:name>url</xsd1:name>
               <xsd1:value>jdbc:mysql://localhost:3306/is520user</xsd1:value>
            </xsd1:properties>
            <xsd1:properties>
               <xsd1:name>userName</xsd1:name>
               <xsd1:value>wso2carbonxxx</xsd1:value>
            </xsd1:properties>
            <xsd1:properties>
               <xsd1:name>password</xsd1:name>
               <xsd1:value>wso2carbonxxx</xsd1:value>
            </xsd1:properties>
            <xsd1:properties>
               <xsd1:name>driverName</xsd1:name>
               <xsd1:value>com.mysql.jdbc.Driver</xsd1:value>
            </xsd1:properties>       
            <xsd1:properties>
               <xsd1:name>CountRetrieverClass</xsd1:name>
               <xsd1:value>org.wso2.carbon.identity.user.store.count.jdbc.JDBCUserStoreCountRetriever</xsd1:value>
            </xsd1:properties>  
         </xsd:userStoreDTO>
      </xsd:addUserStore>
   </soap:Body>
</soap:Envelope>

This may be because I haven't configured the optional parameters such as username/password regex etc. in the request. But, IMO the request should work successfully with only mandatory parameters. 

If I do the same via management console, the additional parameters will be populated in the UI and saved in the xml when we save the configuration.

If a developer needs to create a user store via admin services, how can the developer achieve this? If the developer needs to configure optional parameters, there are around 100 parameters. What are the must have additional parameters the user needs to configure or what is the best way to handle this?

Thanks,
Dilini

--
Dilini Gunatilake
Software Engineer - QA Team

Mobile : <a href="tel:+94%2077%20116%202518" value="+94771162518" target="_blank">+94771162518





--
Godwin Amila Shrimal
Associate Technical Lead
WSO2 Inc.; http://wso2.com
lean.enterprise.middleware

mobile: +94772264165



--
Dilini Gunatilake
Software Engineer - QA Team

Mobile : <a href="tel:+94%2077%20116%202518" value="+94771162518" target="_blank">+94771162518





--
Godwin Amila Shrimal
Associate Technical Lead
WSO2 Inc.; http://wso2.com
lean.enterprise.middleware

mobile: +94772264165



--
Dilini Gunatilake
Software Engineer - QA Team

Mobile : <a href="tel:+94%2077%20116%202518" value="+94771162518" target="_blank">+94771162518





--
Godwin Amila Shrimal
Associate Technical Lead
WSO2 Inc.; http://wso2.com
lean.enterprise.middleware

mobile: +94772264165

_______________________________________________
Dev mailing list
[hidden email]
http://wso2.org/cgi-bin/mailman/listinfo/dev




--

Tharindu Edirisinghe
Senior Software Engineer | WSO2 Inc
Platform Security Team
Blog : http://tharindue.blogspot.com
mobile : <a href="tel:+94%2077%20518%201586" value="+94775181586" target="_blank">+94 775181586




--
Dilini Gunatilake
Software Engineer - QA Team

Mobile : <a href="tel:+94%2077%20116%202518" value="+94771162518" target="_blank">+94771162518



_______________________________________________
Dev mailing list
[hidden email]
http://wso2.org/cgi-bin/mailman/listinfo/dev




--
Sherene Mahanama
Technical Writer

WSO2 (pvt.) Ltd.
Colombo, Sri Lanka
Mobile: <a href="tel:%28%2B94%29%20773131798" value="+94773131798" style="font-family:Arial,Helvetica,Verdana,monospace,san-serif;font-size:x-small;background-color:rgb(230,230,230);color:rgb(17,85,204)" target="_blank">(+94) 777994805

_______________________________________________
Dev mailing list
[hidden email]
http://wso2.org/cgi-bin/mailman/listinfo/dev
Reply | Threaded
Open this post in threaded view
|

Re: [IAM] User store does not behave as expected when it is created through admin services with only mandatory parameters

Chankami Maddumage
Hi Sherene ,

Did you able to get a working sample request ?
This is a blocker for us when automating  scripts for Test grid .



On Tue, Jan 16, 2018 at 1:51 PM, Sherene Mahanama <[hidden email]> wrote:
Hi IAM Team, 

The UserStoreConfigAdminService has been documented in [1]. I have also added a tip under the addUserStore operation that links off to the relevant docs for a full list of properties including optional properties for each user store type. 

However, the sample request given under the addUserStore() operation [2] only includes mandatory parameters which will not work as mentioned by Dilini and Godwin. Can we please have a working sample request that we can add to the doc? Which optional parameters need to be included in the request for it to work as expected? Please advise.


Thanks,
Sherene

On Thu, Dec 21, 2017 at 9:18 AM, Dilini Gunatilake <[hidden email]> wrote:
Hi Tharindu/Godwin,

I already checked the config file. The default regex were not added. Following are the only configs available in the file (which are the ones I configured).

<?xml version="1.0" encoding="UTF-8"?><UserStoreManager class="org.wso2.carbon.user.core.jdbc.JDBCUserStoreManager">
      <Property name="url">jdbc:mysql://localhost:3306/is520user</Property>
      <Property name="userName">wso2carbon</Property>
      <Property encrypted="true" name="password">A1yNIeGmb1QZHDIk09yOyx/+PWDPNRfOk6tCiCnQWzhFiXFaVu5dSWfqah7AElOdKqjgl0BOFdk4sXRGtjdPM3t8bODe9KzKrA3EJJ2mP16zbOah8JhFMJJDWOw0wkBy4TSnl7GBrGJMzQTazzYaxN/+nVpF25nbq1p7TzNytOJxagNMRjwnhgl08lFPNKs1VCJ1D4spQ4zjLp5oJBftdzMdi5wPo8tdNWu/oRRPZjz4Y/mWy4cE7hHZlPul3kYzm1BP2kWX/rsUgRdaKeSKaQwqNVOOsZxCgWTCanUMmZKvHOxehVe3BypebciR58RQH5Vyk6l+JCrXNvBN1OBOoA==</Property>
      <Property name="driverName">com.mysql.jdbc.Driver</Property>
      <Property name="CountRetrieverClass">org.wso2.carbon.identity.user.store.count.jdbc.JDBCUserStoreCountRetriever</Property>
      <Property name="DomainName">PRIMARY-JDBC780-ATTRIBUTE-STORE</Property>
      <Property name="Description">created with admin services</Property>
</UserStoreManager>


@Godwin -  +1 for the approach.

Thanks,
Dilini


On Wed, Dec 20, 2017 at 11:25 PM, Tharindu Edirisinghe <[hidden email]> wrote:
Hi Dilini,

After adding the secondary userstore, you can find the config file related to that in repository/deployment/server/userstores/ location. Although you have not added the regex parameters when you created the userstore from the admin service, I believe it should have added some default regex there. You need to check the following two properties in the file.

PasswordJavaRegEx
PasswordJavaScriptRegEx

You can find more information on the password pattern validation from [1].

[1] http://tharindue.blogspot.com/2016/08/user-password-pattern-regex-front-end.html

Thanks,
TharinduE

On Wed, Dec 20, 2017 at 11:46 AM, Godwin Shrimal <[hidden email]> wrote:
Hi Dilini,

Please see my comments.


I think it makes sense to populate additional parameters in UI when adding user store from the management console.
Yes, this is handled correctly from the management console side as expected.
 
Yeah, when adding user store via admin services its bit hard to add those number of optional parameters. So I propose following solutions.

1. Improve our documentation and describe required optional parameters and add a sample request with optional parameters
In this case, every time the optional properties are changed the doc needs to be updated and the developer needs to update the request too.
I don't think optional parameters are changing frequently, it is something changing rearely when we need to introudce some feature to perticluar user store. And if optional parameters added newly, existing request should work as expected without breaking and not MUST to add that parameters to request.
But, in this case it is a must to add the optional parameters in the request which is wrong. This hinders the usability aspect from the user perspective. So, IMO we should document the full request as well as handle it as per solution 2.  

As an API its not wrong not to send optional parameters, But yes. Its not working as expected if we not send them. Yes, we need to fully document the request with optional parameters as suggested in solution1 as an imidiate step. We may need implement the solution 2 in future. Lets wait and see the feedback from IAM team.


Thanks
Godwin

 


2. Change backend to add default parameters (same as what we do in UI) if user is not sending additional parameters in request
+1 for this solution. Here, the developer does not need to worry about the 100 odd optional parameters at all. If he needs to change few parameters, he can change only the required ones.


Thanks
Godwin

On Wed, Dec 20, 2017 at 5:00 PM, Dilini Gunatilake <[hidden email]> wrote:
Hi IAM Team,

I need to create a JDBC secondary user store via admin services and I configured only the mandatory parameters and sent the request. The request was successful and the user store was created. However, when I tried to add a user to that user store, it says the password length is invalid and did not let me create a user.

Request:

<soap:Envelope xmlns:soap="http://www.w3.org/2003/05/soap-envelope" xmlns:xsd="http://org.apache.axis2/xsd" xmlns:xsd1="http://dto.configuration.store.user.identity.carbon.wso2.org/xsd">
   <soap:Header/>
   <soap:Body>
      <xsd:addUserStore>
         <!--Optional:-->
         <xsd:userStoreDTO>
            <!--Optional:-->
            <xsd1:className>org.wso2.carbon.user.core.jdbc.JDBCUserStoreManager</xsd1:className>
            <!--Optional:-->
            <xsd1:description>created with admin services</xsd1:description>
            <!--Optional:-->
            <xsd1:disabled>false</xsd1:disabled>
            <!--Optional:-->
            <xsd1:domainId>PRIMARY-JDBC780-ATTRIBUTE-STORE</xsd1:domainId>
            <!--Zero or more repetitions:-->
            <xsd1:properties>
               <xsd1:name>url</xsd1:name>
               <xsd1:value>jdbc:mysql://localhost:3306/is520user</xsd1:value>
            </xsd1:properties>
            <xsd1:properties>
               <xsd1:name>userName</xsd1:name>
               <xsd1:value>wso2carbonxxx</xsd1:value>
            </xsd1:properties>
            <xsd1:properties>
               <xsd1:name>password</xsd1:name>
               <xsd1:value>wso2carbonxxx</xsd1:value>
            </xsd1:properties>
            <xsd1:properties>
               <xsd1:name>driverName</xsd1:name>
               <xsd1:value>com.mysql.jdbc.Driver</xsd1:value>
            </xsd1:properties>       
            <xsd1:properties>
               <xsd1:name>CountRetrieverClass</xsd1:name>
               <xsd1:value>org.wso2.carbon.identity.user.store.count.jdbc.JDBCUserStoreCountRetriever</xsd1:value>
            </xsd1:properties>  
         </xsd:userStoreDTO>
      </xsd:addUserStore>
   </soap:Body>
</soap:Envelope>

This may be because I haven't configured the optional parameters such as username/password regex etc. in the request. But, IMO the request should work successfully with only mandatory parameters. 

If I do the same via management console, the additional parameters will be populated in the UI and saved in the xml when we save the configuration.

If a developer needs to create a user store via admin services, how can the developer achieve this? If the developer needs to configure optional parameters, there are around 100 parameters. What are the must have additional parameters the user needs to configure or what is the best way to handle this?

Thanks,
Dilini

--
Dilini Gunatilake
Software Engineer - QA Team

Mobile : <a href="tel:+94%2077%20116%202518" value="+94771162518" target="_blank">+94771162518





--
Godwin Amila Shrimal
Associate Technical Lead
WSO2 Inc.; http://wso2.com
lean.enterprise.middleware

mobile: +94772264165



--
Dilini Gunatilake
Software Engineer - QA Team

Mobile : <a href="tel:+94%2077%20116%202518" value="+94771162518" target="_blank">+94771162518





--
Godwin Amila Shrimal
Associate Technical Lead
WSO2 Inc.; http://wso2.com
lean.enterprise.middleware

mobile: +94772264165



--
Dilini Gunatilake
Software Engineer - QA Team

Mobile : <a href="tel:+94%2077%20116%202518" value="+94771162518" target="_blank">+94771162518





--
Godwin Amila Shrimal
Associate Technical Lead
WSO2 Inc.; http://wso2.com
lean.enterprise.middleware

mobile: +94772264165

_______________________________________________
Dev mailing list
[hidden email]
http://wso2.org/cgi-bin/mailman/listinfo/dev




--

Tharindu Edirisinghe
Senior Software Engineer | WSO2 Inc
Platform Security Team
Blog : http://tharindue.blogspot.com
mobile : <a href="tel:+94%2077%20518%201586" value="+94775181586" target="_blank">+94 775181586




--
Dilini Gunatilake
Software Engineer - QA Team

Mobile : <a href="tel:+94%2077%20116%202518" value="+94771162518" target="_blank">+94771162518



_______________________________________________
Dev mailing list
[hidden email]
http://wso2.org/cgi-bin/mailman/listinfo/dev




--
Sherene Mahanama
Technical Writer

WSO2 (pvt.) Ltd.
Colombo, Sri Lanka
Mobile: <a href="tel:%28%2B94%29%20773131798" value="+94773131798" style="font-family:Arial,Helvetica,Verdana,monospace,san-serif;font-size:x-small;background-color:rgb(230,230,230);color:rgb(17,85,204)" target="_blank">(+94) 777994805



--
Best Regards,

Chankami Maddumage
Software Engineer - QA Team
WSO2 Inc; http://www.wso2.com/.
Mobile: <a href="tel:%2B94%20%280%29%20773%20381%20250" value="+94773381250" target="_blank">+94 (0) 722223096


_______________________________________________
Dev mailing list
[hidden email]
http://wso2.org/cgi-bin/mailman/listinfo/dev
Reply | Threaded
Open this post in threaded view
|

Re: [IAM] User store does not behave as expected when it is created through admin services with only mandatory parameters

Chankami Maddumage
Hi Sathya,

Thanks for the request. This works as expected .

On Wed, Jan 24, 2018 at 10:10 AM, Sathya Bandara <[hidden email]> wrote:
Hi Sherene,

Following is a sample request for addUserStore() operation in UserStoreConfigAdminService which I have tested and verified on a 5.3.0 WUM updated pack. However this is for a JDBCUserStoreManager. Hope this might be of help to you.

<soap:Envelope xmlns:soap="http://www.w3.org/2003/05/soap-envelope" xmlns:xsd="http://org.apache.axis2/xsd" xmlns:xsd1="http://dto.configuration.store.user.identity.carbon.wso2.org/xsd">
   <soap:Header/>
   <soap:Body>
      <xsd:addUserStore>
         <!--Optional:-->
         <xsd:userStoreDTO>
            <!--Optional:-->
            <xsd1:className>org.wso2.carbon.user.core.jdbc.JDBCUserStoreManager</xsd1:className>
            <!--Optional:-->
            <xsd1:description></xsd1:description>
            <!--Optional:-->
            <xsd1:disabled>false</xsd1:disabled>
            <!--Optional:-->
            <xsd1:domainId>SECONDARY</xsd1:domainId>
            <!--Zero or more repetitions:-->
            <xsd1:properties>
               <!--Optional:-->
               <xsd1:name>url</xsd1:name>
               <!--Optional:-->
               <xsd1:value>jdbc:mysql://localhost:3306/JDBC_user_store?useSSL=false</xsd1:value>
            </xsd1:properties>
            <xsd1:properties>
               <!--Optional:-->
               <xsd1:name>userName</xsd1:name>
               <!--Optional:-->
               <xsd1:value>root</xsd1:value>
            </xsd1:properties>
            <xsd1:properties>
               <!--Optional:-->
               <xsd1:name>password</xsd1:name>
               <!--Optional:-->
               <xsd1:value>root</xsd1:value>
            </xsd1:properties>
            <xsd1:properties>
               <!--Optional:-->
               <xsd1:name>driverName</xsd1:name>
               <!--Optional:-->
               <xsd1:value>com.mysql.jdbc.Driver</xsd1:value>
            </xsd1:properties>
            <xsd1:properties>
               <!--Optional:-->
               <xsd1:name>maxActive</xsd1:name>
               <!--Optional:-->
               <xsd1:value>50</xsd1:value>
            </xsd1:properties>
            <xsd1:properties>
               <!--Optional:-->
               <xsd1:name>maxWait</xsd1:name>
               <!--Optional:-->
               <xsd1:value>60000</xsd1:value>
            </xsd1:properties>
            <xsd1:properties>
               <!--Optional:-->
               <xsd1:name>validationQuery</xsd1:name>
               <!--Optional:-->
               <xsd1:value>SELECT 1</xsd1:value>
            </xsd1:properties>
         </xsd:userStoreDTO>
      </xsd:addUserStore>
   </soap:Body>
</soap:Envelope>

Thanks,
Sathya

On Tue, Jan 23, 2018 at 10:13 PM, Sherene Mahanama <[hidden email]> wrote:
Hi IAM Team,

Kind reminder on this. 

Thanks,
Sherene

On Tue, Jan 23, 2018 at 5:34 PM, Chankami Maddumage <[hidden email]> wrote:
Hi Sherene ,

Did you able to get a working sample request ?
This is a blocker for us when automating  scripts for Test grid .



On Tue, Jan 16, 2018 at 1:51 PM, Sherene Mahanama <[hidden email]> wrote:
Hi IAM Team, 

The UserStoreConfigAdminService has been documented in [1]. I have also added a tip under the addUserStore operation that links off to the relevant docs for a full list of properties including optional properties for each user store type. 

However, the sample request given under the addUserStore() operation [2] only includes mandatory parameters which will not work as mentioned by Dilini and Godwin. Can we please have a working sample request that we can add to the doc? Which optional parameters need to be included in the request for it to work as expected? Please advise.


Thanks,
Sherene

On Thu, Dec 21, 2017 at 9:18 AM, Dilini Gunatilake <[hidden email]> wrote:
Hi Tharindu/Godwin,

I already checked the config file. The default regex were not added. Following are the only configs available in the file (which are the ones I configured).

<?xml version="1.0" encoding="UTF-8"?><UserStoreManager class="org.wso2.carbon.user.core.jdbc.JDBCUserStoreManager">
      <Property name="url">jdbc:mysql://localhost:3306/is520user</Property>
      <Property name="userName">wso2carbon</Property>
      <Property encrypted="true" name="password">A1yNIeGmb1QZHDIk09yOyx/+PWDPNRfOk6tCiCnQWzhFiXFaVu5dSWfqah7AElOdKqjgl0BOFdk4sXRGtjdPM3t8bODe9KzKrA3EJJ2mP16zbOah8JhFMJJDWOw0wkBy4TSnl7GBrGJMzQTazzYaxN/+nVpF25nbq1p7TzNytOJxagNMRjwnhgl08lFPNKs1VCJ1D4spQ4zjLp5oJBftdzMdi5wPo8tdNWu/oRRPZjz4Y/mWy4cE7hHZlPul3kYzm1BP2kWX/rsUgRdaKeSKaQwqNVOOsZxCgWTCanUMmZKvHOxehVe3BypebciR58RQH5Vyk6l+JCrXNvBN1OBOoA==</Property>
      <Property name="driverName">com.mysql.jdbc.Driver</Property>
      <Property name="CountRetrieverClass">org.wso2.carbon.identity.user.store.count.jdbc.JDBCUserStoreCountRetriever</Property>
      <Property name="DomainName">PRIMARY-JDBC780-ATTRIBUTE-STORE</Property>
      <Property name="Description">created with admin services</Property>
</UserStoreManager>


@Godwin -  +1 for the approach.

Thanks,
Dilini


On Wed, Dec 20, 2017 at 11:25 PM, Tharindu Edirisinghe <[hidden email]> wrote:
Hi Dilini,

After adding the secondary userstore, you can find the config file related to that in repository/deployment/server/userstores/ location. Although you have not added the regex parameters when you created the userstore from the admin service, I believe it should have added some default regex there. You need to check the following two properties in the file.

PasswordJavaRegEx
PasswordJavaScriptRegEx

You can find more information on the password pattern validation from [1].

[1] http://tharindue.blogspot.com/2016/08/user-password-pattern-regex-front-end.html

Thanks,
TharinduE

On Wed, Dec 20, 2017 at 11:46 AM, Godwin Shrimal <[hidden email]> wrote:
Hi Dilini,

Please see my comments.


I think it makes sense to populate additional parameters in UI when adding user store from the management console.
Yes, this is handled correctly from the management console side as expected.
 
Yeah, when adding user store via admin services its bit hard to add those number of optional parameters. So I propose following solutions.

1. Improve our documentation and describe required optional parameters and add a sample request with optional parameters
In this case, every time the optional properties are changed the doc needs to be updated and the developer needs to update the request too.
I don't think optional parameters are changing frequently, it is something changing rearely when we need to introudce some feature to perticluar user store. And if optional parameters added newly, existing request should work as expected without breaking and not MUST to add that parameters to request.
But, in this case it is a must to add the optional parameters in the request which is wrong. This hinders the usability aspect from the user perspective. So, IMO we should document the full request as well as handle it as per solution 2.  

As an API its not wrong not to send optional parameters, But yes. Its not working as expected if we not send them. Yes, we need to fully document the request with optional parameters as suggested in solution1 as an imidiate step. We may need implement the solution 2 in future. Lets wait and see the feedback from IAM team.


Thanks
Godwin

 


2. Change backend to add default parameters (same as what we do in UI) if user is not sending additional parameters in request
+1 for this solution. Here, the developer does not need to worry about the 100 odd optional parameters at all. If he needs to change few parameters, he can change only the required ones.


Thanks
Godwin

On Wed, Dec 20, 2017 at 5:00 PM, Dilini Gunatilake <[hidden email]> wrote:
Hi IAM Team,

I need to create a JDBC secondary user store via admin services and I configured only the mandatory parameters and sent the request. The request was successful and the user store was created. However, when I tried to add a user to that user store, it says the password length is invalid and did not let me create a user.

Request:

<soap:Envelope xmlns:soap="http://www.w3.org/2003/05/soap-envelope" xmlns:xsd="http://org.apache.axis2/xsd" xmlns:xsd1="http://dto.configuration.store.user.identity.carbon.wso2.org/xsd">
   <soap:Header/>
   <soap:Body>
      <xsd:addUserStore>
         <!--Optional:-->
         <xsd:userStoreDTO>
            <!--Optional:-->
            <xsd1:className>org.wso2.carbon.user.core.jdbc.JDBCUserStoreManager</xsd1:className>
            <!--Optional:-->
            <xsd1:description>created with admin services</xsd1:description>
            <!--Optional:-->
            <xsd1:disabled>false</xsd1:disabled>
            <!--Optional:-->
            <xsd1:domainId>PRIMARY-JDBC780-ATTRIBUTE-STORE</xsd1:domainId>
            <!--Zero or more repetitions:-->
            <xsd1:properties>
               <xsd1:name>url</xsd1:name>
               <xsd1:value>jdbc:mysql://localhost:3306/is520user</xsd1:value>
            </xsd1:properties>
            <xsd1:properties>
               <xsd1:name>userName</xsd1:name>
               <xsd1:value>wso2carbonxxx</xsd1:value>
            </xsd1:properties>
            <xsd1:properties>
               <xsd1:name>password</xsd1:name>
               <xsd1:value>wso2carbonxxx</xsd1:value>
            </xsd1:properties>
            <xsd1:properties>
               <xsd1:name>driverName</xsd1:name>
               <xsd1:value>com.mysql.jdbc.Driver</xsd1:value>
            </xsd1:properties>       
            <xsd1:properties>
               <xsd1:name>CountRetrieverClass</xsd1:name>
               <xsd1:value>org.wso2.carbon.identity.user.store.count.jdbc.JDBCUserStoreCountRetriever</xsd1:value>
            </xsd1:properties>  
         </xsd:userStoreDTO>
      </xsd:addUserStore>
   </soap:Body>
</soap:Envelope>

This may be because I haven't configured the optional parameters such as username/password regex etc. in the request. But, IMO the request should work successfully with only mandatory parameters. 

If I do the same via management console, the additional parameters will be populated in the UI and saved in the xml when we save the configuration.

If a developer needs to create a user store via admin services, how can the developer achieve this? If the developer needs to configure optional parameters, there are around 100 parameters. What are the must have additional parameters the user needs to configure or what is the best way to handle this?

Thanks,
Dilini

--
Dilini Gunatilake
Software Engineer - QA Team

Mobile : <a href="tel:+94%2077%20116%202518" value="+94771162518" target="_blank">+94771162518





--
Godwin Amila Shrimal
Associate Technical Lead
WSO2 Inc.; http://wso2.com
lean.enterprise.middleware

mobile: +94772264165



--
Dilini Gunatilake
Software Engineer - QA Team

Mobile : <a href="tel:+94%2077%20116%202518" value="+94771162518" target="_blank">+94771162518





--
Godwin Amila Shrimal
Associate Technical Lead
WSO2 Inc.; http://wso2.com
lean.enterprise.middleware

mobile: +94772264165



--
Dilini Gunatilake
Software Engineer - QA Team

Mobile : <a href="tel:+94%2077%20116%202518" value="+94771162518" target="_blank">+94771162518





--
Godwin Amila Shrimal
Associate Technical Lead
WSO2 Inc.; http://wso2.com
lean.enterprise.middleware

mobile: +94772264165

_______________________________________________
Dev mailing list
[hidden email]
http://wso2.org/cgi-bin/mailman/listinfo/dev




--

Tharindu Edirisinghe
Senior Software Engineer | WSO2 Inc
Platform Security Team
Blog : http://tharindue.blogspot.com
mobile : <a href="tel:+94%2077%20518%201586" value="+94775181586" target="_blank">+94 775181586




--
Dilini Gunatilake
Software Engineer - QA Team

Mobile : <a href="tel:+94%2077%20116%202518" value="+94771162518" target="_blank">+94771162518



_______________________________________________
Dev mailing list
[hidden email]
http://wso2.org/cgi-bin/mailman/listinfo/dev




--
Sherene Mahanama
Technical Writer

WSO2 (pvt.) Ltd.
Colombo, Sri Lanka
Mobile: <a href="tel:%28%2B94%29%20773131798" value="+94773131798" style="font-family:Arial,Helvetica,Verdana,monospace,san-serif;font-size:x-small;background-color:rgb(230,230,230);color:rgb(17,85,204)" target="_blank">(+94) 777994805



--
Best Regards,

Chankami Maddumage
Software Engineer - QA Team
WSO2 Inc; http://www.wso2.com/.
Mobile: <a href="tel:%2B94%20%280%29%20773%20381%20250" value="+94773381250" target="_blank">+94 (0) 722223096




--
Sherene Mahanama
Technical Writer

WSO2 (pvt.) Ltd.
Colombo, Sri Lanka
Mobile: <a href="tel:%28%2B94%29%20773131798" value="+94773131798" style="font-family:Arial,Helvetica,Verdana,monospace,san-serif;font-size:x-small;background-color:rgb(230,230,230);color:rgb(17,85,204)" target="_blank">(+94) 777994805



--
Sathya Bandara
Software Engineer
WSO2 Inc. http://wso2.com
Mobile: <a href="tel:+94%2071%20411%205032" value="+94714115032" target="_blank">(+94) 715 360 421

<a href="tel:+94%2071%20411%205032" value="+94714115032" target="_blank">



--
Best Regards,

Chankami Maddumage
Software Engineer - QA Team
WSO2 Inc; http://www.wso2.com/.
Mobile: <a href="tel:%2B94%20%280%29%20773%20381%20250" value="+94773381250" target="_blank">+94 (0) 722223096


_______________________________________________
Dev mailing list
[hidden email]
http://wso2.org/cgi-bin/mailman/listinfo/dev
Reply | Threaded
Open this post in threaded view
|

Re: [IAM] User store does not behave as expected when it is created through admin services with only mandatory parameters

Darshana Gunawardana
Hi Sherene,

Add request in the doc [1] contains question mark ('?').. Can you please check and update the doc. And following the same pattern you can try other types of user store types.. Will you be able to try that out and update docs?

Thanks,

On Wed, Jan 24, 2018 at 3:34 PM, Sherene Mahanama <[hidden email]> wrote:
Hi Maneesha, Chankami and Sathya,

Thanks for providing the request and creating the git issue! I added the request given in Chankami's last reply to the doc [1] and added a line to the note stating that certain parameters such as connection URL, username, password and driver name are mandatory when creating a secondary user store. 

Will close the git issue once Sathya has had a chance to test out the request for ActiveDirectoryUserStoreManager, ReadOnlyLDAPUserStoreManager, ReadWriteLDAPUserStoreManager and CarbonRemoteUserStoreManager. Thanks all!


Thanks,
Sherene


On Wed, Jan 24, 2018 at 12:56 PM, Maneesha Wijesekara <[hidden email]> wrote:
Hi Sathya,

Thanks for providing the sample request to create a secondary JDBC User Store . 

In order to moving forward with other users stores, can you also provide the same for ActiveDirectoryUserStoreManager, ReadOnlyLDAPUserStoreManager, ReadWriteLDAPUserStoreManager and CarbonRemoteUserStoreManager ?

@Sherene -
I have create a doc issue [1] to track this.


Thanks and Regards
Maneesha

On Wed, Jan 24, 2018 at 11:52 AM, Chankami Maddumage <[hidden email]> wrote:
Hi
Thanks Sathaya Issue resolved.

@Sherene Pls add below request as the sample

POST data:

<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsd="http://org.apache.axis2/xsd" xmlns:xsd1="http://dto.configuration.store.user.identity.carbon.wso2.org/xsd">
   <soapenv:Header/>
   <soapenv:Body>
      <xsd:addUserStore>
         <!--Optional:-->
         <xsd:userStoreDTO>
            <!--Optional:-->
            <xsd1:className>org.wso2.carbon.user.core.jdbc.JDBCUserStoreManager</xsd1:className>
            <!--Optional:-->
            <xsd1:description></xsd1:description>
            <!--Optional:-->
            <xsd1:disabled>false</xsd1:disabled>
            <!--Optional:-->
            <xsd1:domainId>SECONDARY</xsd1:domainId>
            <!--Zero or more repetitions:-->
            <xsd1:properties>
               <!--Optional:-->
               <xsd1:name>url</xsd1:name>
               <!--Optional:-->
               <xsd1:value>jdbc:mysql://192.168.48.154:3306/test</xsd1:value>
            </xsd1:properties>
            <xsd1:properties>
               <!--Optional:-->
               <xsd1:name>userName</xsd1:name>
               <!--Optional:-->
               <xsd1:value>root</xsd1:value>
            </xsd1:properties>
            <xsd1:properties>
               <!--Optional:-->
               <xsd1:name>password</xsd1:name>
               <!--Optional:-->
               <xsd1:value>root</xsd1:value>
            </xsd1:properties>
            <xsd1:properties>
               <!--Optional:-->
               <xsd1:name>driverName</xsd1:name>
               <!--Optional:-->
               <xsd1:value>com.mysql.jdbc.Driver</xsd1:value>
            </xsd1:properties>
            <xsd1:properties>
               <!--Optional:-->
               <xsd1:name>maxActive</xsd1:name>
               <!--Optional:-->
               <xsd1:value>50</xsd1:value>
            </xsd1:properties>
            <xsd1:properties>
               <!--Optional:-->
               <xsd1:name>maxWait</xsd1:name>
               <!--Optional:-->
               <xsd1:value>60000</xsd1:value>
            </xsd1:properties>
            <xsd1:properties>
               <!--Optional:-->
               <xsd1:name>validationQuery</xsd1:name>
               <!--Optional:-->
               <xsd1:value>SELECT 1</xsd1:value>
            </xsd1:properties>
             <xsd1:properties>
               <xsd1:name>PasswordJavaScriptRegEx</xsd1:name>
               <xsd1:value>^[\S]{5,30}$</xsd1:value>
            </xsd1:properties>
            <xsd1:properties>
               <xsd1:name>UsernameJavaScriptRegEx</xsd1:name>
               <xsd1:value>^[\S]{5,30}$</xsd1:value>
            </xsd1:properties>
            <xsd1:properties>
               <xsd1:name>RoleNameJavaScriptRegEx</xsd1:name>
               <xsd1:value>^[\S]{5,30}$</xsd1:value>
            </xsd1:properties>
            <xsd1:properties>
               <xsd1:name>PasswordJavaRegEx</xsd1:name>
               <xsd1:value>^[\S]{5,30}$</xsd1:value>
            </xsd1:properties>
         </xsd:userStoreDTO>
      </xsd:addUserStore>
   </soap:Body>
</soap:Envelope>


On Wed, Jan 24, 2018 at 11:46 AM, Sathya Bandara <[hidden email]> wrote:
Hi Chankami,

In your request, the property name for the password regex should start with a capital letter. Instead of passwordJavaScriptRegEx, this should be PasswordJavaScriptRegEx. This should be the same for usernameJavaScriptRegEx and roleNameJavaScriptRegEx. Can you try with the suggested solution?

Thanks,
Sathya

On Wed, Jan 24, 2018 at 11:33 AM, Chankami Maddumage <[hidden email]> wrote:
Hi Sathya

Using you request  JDBC user store successfully added. But user cannot add to the user store.
"Password length should be within 5 to 30 characters" UI  validate occurred. (my password have more than 5 characters)
Then I added below request  with the regx validations , still the error didn't  resolved.

<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsd="http://org.apache.axis2/xsd" xmlns:xsd1="http://dto.configuration.store.user.identity.carbon.wso2.org/xsd">
   <soapenv:Header/>
   <soapenv:Body>
      <xsd:addUserStore>
         <!--Optional:-->
         <xsd:userStoreDTO>
            <!--Optional:-->
            <xsd1:className>org.wso2.carbon.user.core.jdbc.JDBCUserStoreManager</xsd1:className>
            <!--Optional:-->
            <xsd1:description></xsd1:description>
            <!--Optional:-->
            <xsd1:disabled>false</xsd1:disabled>
            <!--Optional:-->
            <xsd1:domainId>SECONDARY</xsd1:domainId>
            <!--Zero or more repetitions:-->
            <xsd1:properties>
               <!--Optional:-->
               <xsd1:name>url</xsd1:name>
               <!--Optional:-->
               <xsd1:value>jdbc:mysql://192.168.48.154:3306/test</xsd1:value>
            </xsd1:properties>
            <xsd1:properties>
               <!--Optional:-->
               <xsd1:name>userName</xsd1:name>
               <!--Optional:-->
               <xsd1:value>root</xsd1:value>
            </xsd1:properties>
            <xsd1:properties>
               <!--Optional:-->
               <xsd1:name>password</xsd1:name>
               <!--Optional:-->
               <xsd1:value>root</xsd1:value>
            </xsd1:properties>
            <xsd1:properties>
               <!--Optional:-->
               <xsd1:name>driverName</xsd1:name>
               <!--Optional:-->
               <xsd1:value>com.mysql.jdbc.Driver</xsd1:value>
            </xsd1:properties>
            <xsd1:properties>
               <!--Optional:-->
               <xsd1:name>maxActive</xsd1:name>
               <!--Optional:-->
               <xsd1:value>50</xsd1:value>
            </xsd1:properties>
            <xsd1:properties>
               <!--Optional:-->
               <xsd1:name>maxWait</xsd1:name>
               <!--Optional:-->
               <xsd1:value>60000</xsd1:value>
            </xsd1:properties>
            <xsd1:properties>
               <!--Optional:-->
               <xsd1:name>validationQuery</xsd1:name>
               <!--Optional:-->
               <xsd1:value>SELECT 1</xsd1:value>
            </xsd1:properties>
                        <xsd1:properties>
               <xsd1:name>passwordJavaScriptRegEx</xsd1:name>
               <xsd1:value>^[\S]{5,30}$</xsd1:value>
            </xsd1:properties>
            <xsd1:properties>
               <xsd1:name>usernameJavaScriptRegEx</xsd1:name>
               <xsd1:value>^[\S]{5,30}$</xsd1:value>
            </xsd1:properties>
            <xsd1:properties>
               <xsd1:name>roleNameJavaScriptRegEx</xsd1:name>
               <xsd1:value>^[\S]{5,30}$</xsd1:value>
            </xsd1:properties>
            <xsd1:properties>
               <xsd1:name>PasswordJavaRegEx</xsd1:name>
               <xsd1:value>^[\S]{5,30}$</xsd1:value>
            </xsd1:properties>
         </xsd:userStoreDTO>
      </xsd:addUserStore>
   </soap:Body>
</soap:Envelope>

Any help is highly appreciated





On Wed, Jan 24, 2018 at 10:26 AM, Chankami Maddumage <[hidden email]> wrote:
Hi Sathya,

Thanks for the request. This works as expected .

On Wed, Jan 24, 2018 at 10:10 AM, Sathya Bandara <[hidden email]> wrote:
Hi Sherene,

Following is a sample request for addUserStore() operation in UserStoreConfigAdminService which I have tested and verified on a 5.3.0 WUM updated pack. However this is for a JDBCUserStoreManager. Hope this might be of help to you.

<soap:Envelope xmlns:soap="http://www.w3.org/2003/05/soap-envelope" xmlns:xsd="http://org.apache.axis2/xsd" xmlns:xsd1="http://dto.configuration.store.user.identity.carbon.wso2.org/xsd">
   <soap:Header/>
   <soap:Body>
      <xsd:addUserStore>
         <!--Optional:-->
         <xsd:userStoreDTO>
            <!--Optional:-->
            <xsd1:className>org.wso2.carbon.user.core.jdbc.JDBCUserStoreManager</xsd1:className>
            <!--Optional:-->
            <xsd1:description></xsd1:description>
            <!--Optional:-->
            <xsd1:disabled>false</xsd1:disabled>
            <!--Optional:-->
            <xsd1:domainId>SECONDARY</xsd1:domainId>
            <!--Zero or more repetitions:-->
            <xsd1:properties>
               <!--Optional:-->
               <xsd1:name>url</xsd1:name>
               <!--Optional:-->
               <xsd1:value>jdbc:mysql://localhost:3306/JDBC_user_store?useSSL=false</xsd1:value>
            </xsd1:properties>
            <xsd1:properties>
               <!--Optional:-->
               <xsd1:name>userName</xsd1:name>
               <!--Optional:-->
               <xsd1:value>root</xsd1:value>
            </xsd1:properties>
            <xsd1:properties>
               <!--Optional:-->
               <xsd1:name>password</xsd1:name>
               <!--Optional:-->
               <xsd1:value>root</xsd1:value>
            </xsd1:properties>
            <xsd1:properties>
               <!--Optional:-->
               <xsd1:name>driverName</xsd1:name>
               <!--Optional:-->
               <xsd1:value>com.mysql.jdbc.Driver</xsd1:value>
            </xsd1:properties>
            <xsd1:properties>
               <!--Optional:-->
               <xsd1:name>maxActive</xsd1:name>
               <!--Optional:-->
               <xsd1:value>50</xsd1:value>
            </xsd1:properties>
            <xsd1:properties>
               <!--Optional:-->
               <xsd1:name>maxWait</xsd1:name>
               <!--Optional:-->
               <xsd1:value>60000</xsd1:value>
            </xsd1:properties>
            <xsd1:properties>
               <!--Optional:-->
               <xsd1:name>validationQuery</xsd1:name>
               <!--Optional:-->
               <xsd1:value>SELECT 1</xsd1:value>
            </xsd1:properties>
         </xsd:userStoreDTO>
      </xsd:addUserStore>
   </soap:Body>
</soap:Envelope>

Thanks,
Sathya

On Tue, Jan 23, 2018 at 10:13 PM, Sherene Mahanama <[hidden email]> wrote:
Hi IAM Team,

Kind reminder on this. 

Thanks,
Sherene

On Tue, Jan 23, 2018 at 5:34 PM, Chankami Maddumage <[hidden email]> wrote:
Hi Sherene ,

Did you able to get a working sample request ?
This is a blocker for us when automating  scripts for Test grid .



On Tue, Jan 16, 2018 at 1:51 PM, Sherene Mahanama <[hidden email]> wrote:
Hi IAM Team, 

The UserStoreConfigAdminService has been documented in [1]. I have also added a tip under the addUserStore operation that links off to the relevant docs for a full list of properties including optional properties for each user store type. 

However, the sample request given under the addUserStore() operation [2] only includes mandatory parameters which will not work as mentioned by Dilini and Godwin. Can we please have a working sample request that we can add to the doc? Which optional parameters need to be included in the request for it to work as expected? Please advise.


Thanks,
Sherene

On Thu, Dec 21, 2017 at 9:18 AM, Dilini Gunatilake <[hidden email]> wrote:
Hi Tharindu/Godwin,

I already checked the config file. The default regex were not added. Following are the only configs available in the file (which are the ones I configured).

<?xml version="1.0" encoding="UTF-8"?><UserStoreManager class="org.wso2.carbon.user.core.jdbc.JDBCUserStoreManager">
      <Property name="url">jdbc:mysql://localhost:3306/is520user</Property>
      <Property name="userName">wso2carbon</Property>
      <Property encrypted="true" name="password">A1yNIeGmb1QZHDIk09yOyx/+PWDPNRfOk6tCiCnQWzhFiXFaVu5dSWfqah7AElOdKqjgl0BOFdk4sXRGtjdPM3t8bODe9KzKrA3EJJ2mP16zbOah8JhFMJJDWOw0wkBy4TSnl7GBrGJMzQTazzYaxN/+nVpF25nbq1p7TzNytOJxagNMRjwnhgl08lFPNKs1VCJ1D4spQ4zjLp5oJBftdzMdi5wPo8tdNWu/oRRPZjz4Y/mWy4cE7hHZlPul3kYzm1BP2kWX/rsUgRdaKeSKaQwqNVOOsZxCgWTCanUMmZKvHOxehVe3BypebciR58RQH5Vyk6l+JCrXNvBN1OBOoA==</Property>
      <Property name="driverName">com.mysql.jdbc.Driver</Property>
      <Property name="CountRetrieverClass">org.wso2.carbon.identity.user.store.count.jdbc.JDBCUserStoreCountRetriever</Property>
      <Property name="DomainName">PRIMARY-JDBC780-ATTRIBUTE-STORE</Property>
      <Property name="Description">created with admin services</Property>
</UserStoreManager>


@Godwin -  +1 for the approach.

Thanks,
Dilini


On Wed, Dec 20, 2017 at 11:25 PM, Tharindu Edirisinghe <[hidden email]> wrote:
Hi Dilini,

After adding the secondary userstore, you can find the config file related to that in repository/deployment/server/userstores/ location. Although you have not added the regex parameters when you created the userstore from the admin service, I believe it should have added some default regex there. You need to check the following two properties in the file.

PasswordJavaRegEx
PasswordJavaScriptRegEx

You can find more information on the password pattern validation from [1].

[1] http://tharindue.blogspot.com/2016/08/user-password-pattern-regex-front-end.html

Thanks,
TharinduE

On Wed, Dec 20, 2017 at 11:46 AM, Godwin Shrimal <[hidden email]> wrote:
Hi Dilini,

Please see my comments.


I think it makes sense to populate additional parameters in UI when adding user store from the management console.
Yes, this is handled correctly from the management console side as expected.
 
Yeah, when adding user store via admin services its bit hard to add those number of optional parameters. So I propose following solutions.

1. Improve our documentation and describe required optional parameters and add a sample request with optional parameters
In this case, every time the optional properties are changed the doc needs to be updated and the developer needs to update the request too.
I don't think optional parameters are changing frequently, it is something changing rearely when we need to introudce some feature to perticluar user store. And if optional parameters added newly, existing request should work as expected without breaking and not MUST to add that parameters to request.
But, in this case it is a must to add the optional parameters in the request which is wrong. This hinders the usability aspect from the user perspective. So, IMO we should document the full request as well as handle it as per solution 2.  

As an API its not wrong not to send optional parameters, But yes. Its not working as expected if we not send them. Yes, we need to fully document the request with optional parameters as suggested in solution1 as an imidiate step. We may need implement the solution 2 in future. Lets wait and see the feedback from IAM team.


Thanks
Godwin

 


2. Change backend to add default parameters (same as what we do in UI) if user is not sending additional parameters in request
+1 for this solution. Here, the developer does not need to worry about the 100 odd optional parameters at all. If he needs to change few parameters, he can change only the required ones.


Thanks
Godwin

On Wed, Dec 20, 2017 at 5:00 PM, Dilini Gunatilake <[hidden email]> wrote:
Hi IAM Team,

I need to create a JDBC secondary user store via admin services and I configured only the mandatory parameters and sent the request. The request was successful and the user store was created. However, when I tried to add a user to that user store, it says the password length is invalid and did not let me create a user.

Request:

<soap:Envelope xmlns:soap="http://www.w3.org/2003/05/soap-envelope" xmlns:xsd="http://org.apache.axis2/xsd" xmlns:xsd1="http://dto.configuration.store.user.identity.carbon.wso2.org/xsd">
   <soap:Header/>
   <soap:Body>
      <xsd:addUserStore>
         <!--Optional:-->
         <xsd:userStoreDTO>
            <!--Optional:-->
            <xsd1:className>org.wso2.carbon.user.core.jdbc.JDBCUserStoreManager</xsd1:className>
            <!--Optional:-->
            <xsd1:description>created with admin services</xsd1:description>
            <!--Optional:-->
            <xsd1:disabled>false</xsd1:disabled>
            <!--Optional:-->
            <xsd1:domainId>PRIMARY-JDBC780-ATTRIBUTE-STORE</xsd1:domainId>
            <!--Zero or more repetitions:-->
            <xsd1:properties>
               <xsd1:name>url</xsd1:name>
               <xsd1:value>jdbc:mysql://localhost:3306/is520user</xsd1:value>
            </xsd1:properties>
            <xsd1:properties>
               <xsd1:name>userName</xsd1:name>
               <xsd1:value>wso2carbonxxx</xsd1:value>
            </xsd1:properties>
            <xsd1:properties>
               <xsd1:name>password</xsd1:name>
               <xsd1:value>wso2carbonxxx</xsd1:value>
            </xsd1:properties>
            <xsd1:properties>
               <xsd1:name>driverName</xsd1:name>
               <xsd1:value>com.mysql.jdbc.Driver</xsd1:value>
            </xsd1:properties>       
            <xsd1:properties>
               <xsd1:name>CountRetrieverClass</xsd1:name>
               <xsd1:value>org.wso2.carbon.identity.user.store.count.jdbc.JDBCUserStoreCountRetriever</xsd1:value>
            </xsd1:properties>  
         </xsd:userStoreDTO>
      </xsd:addUserStore>
   </soap:Body>
</soap:Envelope>

This may be because I haven't configured the optional parameters such as username/password regex etc. in the request. But, IMO the request should work successfully with only mandatory parameters. 

If I do the same via management console, the additional parameters will be populated in the UI and saved in the xml when we save the configuration.

If a developer needs to create a user store via admin services, how can the developer achieve this? If the developer needs to configure optional parameters, there are around 100 parameters. What are the must have additional parameters the user needs to configure or what is the best way to handle this?

Thanks,
Dilini

--
Dilini Gunatilake
Software Engineer - QA Team

Mobile : <a href="tel:+94%2077%20116%202518" value="+94771162518" target="_blank">+94771162518





--
Godwin Amila Shrimal
Associate Technical Lead
WSO2 Inc.; http://wso2.com
lean.enterprise.middleware

mobile: +94772264165



--
Dilini Gunatilake
Software Engineer - QA Team

Mobile : <a href="tel:+94%2077%20116%202518" value="+94771162518" target="_blank">+94771162518





--
Godwin Amila Shrimal
Associate Technical Lead
WSO2 Inc.; http://wso2.com
lean.enterprise.middleware

mobile: +94772264165



--
Dilini Gunatilake
Software Engineer - QA Team

Mobile : <a href="tel:+94%2077%20116%202518" value="+94771162518" target="_blank">+94771162518





--
Godwin Amila Shrimal
Associate Technical Lead
WSO2 Inc.; http://wso2.com
lean.enterprise.middleware

mobile: +94772264165

_______________________________________________
Dev mailing list
[hidden email]
http://wso2.org/cgi-bin/mailman/listinfo/dev




--

Tharindu Edirisinghe
Senior Software Engineer | WSO2 Inc
Platform Security Team
Blog : http://tharindue.blogspot.com
mobile : <a href="tel:+94%2077%20518%201586" value="+94775181586" target="_blank">+94 775181586




--
Dilini Gunatilake
Software Engineer - QA Team

Mobile : <a href="tel:+94%2077%20116%202518" value="+94771162518" target="_blank">+94771162518



_______________________________________________
Dev mailing list
[hidden email]
http://wso2.org/cgi-bin/mailman/listinfo/dev




--
Sherene Mahanama
Technical Writer

WSO2 (pvt.) Ltd.
Colombo, Sri Lanka
Mobile: <a href="tel:%28%2B94%29%20773131798" value="+94773131798" style="font-family:Arial,Helvetica,Verdana,monospace,san-serif;font-size:x-small;background-color:rgb(230,230,230);color:rgb(17,85,204)" target="_blank">(+94) 777994805



--
Best Regards,

Chankami Maddumage
Software Engineer - QA Team
WSO2 Inc; http://www.wso2.com/.
Mobile: <a href="tel:%2B94%20%280%29%20773%20381%20250" value="+94773381250" target="_blank">+94 (0) 722223096




--
Sherene Mahanama
Technical Writer

WSO2 (pvt.) Ltd.
Colombo, Sri Lanka
Mobile: <a href="tel:%28%2B94%29%20773131798" value="+94773131798" style="font-family:Arial,Helvetica,Verdana,monospace,san-serif;font-size:x-small;background-color:rgb(230,230,230);color:rgb(17,85,204)" target="_blank">(+94) 777994805



--
Sathya Bandara
Software Engineer
WSO2 Inc. http://wso2.com
Mobile: <a href="tel:+94%2071%20411%205032" value="+94714115032" target="_blank">(+94) 715 360 421

<a href="tel:+94%2071%20411%205032" value="+94714115032" target="_blank">



--
Best Regards,

Chankami Maddumage
Software Engineer - QA Team
WSO2 Inc; http://www.wso2.com/.
Mobile: <a href="tel:%2B94%20%280%29%20773%20381%20250" value="+94773381250" target="_blank">+94 (0) 722223096




--
Best Regards,

Chankami Maddumage
Software Engineer - QA Team
WSO2 Inc; http://www.wso2.com/.
Mobile: <a href="tel:%2B94%20%280%29%20773%20381%20250" value="+94773381250" target="_blank">+94 (0) 722223096




--
Sathya Bandara
Software Engineer
WSO2 Inc. http://wso2.com
Mobile: <a href="tel:+94%2071%20411%205032" value="+94714115032" target="_blank">(+94) 715 360 421

<a href="tel:+94%2071%20411%205032" value="+94714115032" target="_blank">



--
Best Regards,

Chankami Maddumage
Software Engineer - QA Team
WSO2 Inc; http://www.wso2.com/.
Mobile: <a href="tel:%2B94%20%280%29%20773%20381%20250" value="+94773381250" target="_blank">+94 (0) 722223096




--
Maneesha Wijesekara
Software Engineer - QA Team
WSO2 Inc.

Mobile: <a href="tel:%2B94712443119" value="+94774171471" target="_blank">+94712443119



--
Sherene Mahanama
Technical Writer

WSO2 (pvt.) Ltd.
Colombo, Sri Lanka
Mobile: <a href="tel:%28%2B94%29%20773131798" value="+94773131798" style="font-family:Arial,Helvetica,Verdana,monospace,san-serif;font-size:x-small;background-color:rgb(230,230,230);color:rgb(17,85,204)" target="_blank">(+94) 777994805



--
Regards,

Darshana Gunawardana
Technical Lead
WSO2 Inc.; http://wso2.com
E-mail: [hidden email]
Mobile: +94718566859
Lean . Enterprise . Middleware


_______________________________________________
Dev mailing list
[hidden email]
http://wso2.org/cgi-bin/mailman/listinfo/dev