Skip to main content

Me at WSO2Con 2011-Day 1


This blog will provide you my experience at WSO2Con 2011, as one of the witness from the large crowd participated in such a successful and valuable open-source programming conference.

Location- Colombo,Sri Lanka
Date- 12th Sep-16th Sep 2011

The key reason for blogging about this event is NOT due to I'm a member of the WSO2 team,but I want to share the value added knowledge and experience I was gained from the conference.The event continued with two tutorials days with three days of main conference.It's not only covered the technical stuff,but also cultural aspects with highlighting Sri Lankan signature in each of the conference day evenings.

The agenda can be found from here

Following is the summary what I learnt from some of the sessions out from the all sessions which I was able to participated in the conference.I'll  present the details of those sessions as linked multiple posts.

Day 1-      12th of September 2011

Tutorial 1-Practical SOA for the Solution Architect

Presenter-Ganesh  Prasad,Independent Consultant.


Summary of what I learnt

SOA[Service oriented architecture]-in a simple way which means eliminating all the unnecassary dependencies among components in a system while keeping the required dependencies in  a specified way.
Solution architects has to concern two different aspects of SOA,if they are going to develop SOA based solutions;.

1.Technology Layer-This layer contains three components as Service Container,Broker and Process Co-ordinator.Service container is used to keep logic code if required while connect with a service.Broker is used to function as a mediator/adapter/etc,which can be used to connect with legacy systems.Process co-ordinator can be used to handle and process different functions in a system.The presenter highlighted that mis-use of the broker.That's most of the people try to use one andonly broker for whole system.But then it reduces availability and performance of the system.

2.Data Layer-SOA Data Layer has set of principles which we need to follow-up when we going to develop SOA based solutions.

  •   Identify dependencies[implicit & explicit]
  •   Make all implicit dependencies as explicit.
  •   Eliminate unnecassary dependencies.
  •  Map domain data to message data[Don't derive/generate one from other] eg:-Do a person need to know motor engineering[as domain data] just for learning car-driving[as message data].

Above points are the reminded data which I have,but the presenter described more than above with the most important aspect.That was presenter gave three real world examples to the audience for trying SOA based solutions for them.
  
Tutorial 2-Introduction to Web and SOA Security
Presenters-Thilina Buddhika; Amila Jayasekara,WSO2

Summary of what I learnt

SOA security is mostly dealing with xml security.It focused on ensuring confidentiality[xml encryption] and intergrity[xml signature] of xml docs.

Web services security uses existing xml security to secure SOAP messsages.

Adding to above presenters explain about cryptography,SSL[Secure Socket Layer],TLS[Transport Layer Security],Single sign on methods[OpenID,SAML],STS[Security Token Service],authentication aspects as encryption,authorization aspects[either role based or attributes based] as XACML[attributes based authorization],WS-security policies,Practical solutions from WSO2 Identity Server for above security aspects and real world scenarios implemented using WSO2 Identity Server.



Comments

Post a Comment

Popular posts from this blog

Convert an InputStream to XML

For that we can use DocumentBuilder class in java. By using the method parse(InputStream) ; A new DOM Document object will return. InputStream input; DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance(); DocumentBuilder parser = factory.newDocumentBuilder(); Document dc= parser.parse(input); In the above code segment,by using the created Document object,the corresponding XML file for the inputStream can be accessed. References: http://www.w3schools.com/dom/dom_intro.asp http:// download.oracle.com/javase/1.4.2/docs/api/javax/xml/parsers/DocumentBuilder.html
2 comments
Read more

Concat two xml values with XSLT

The use-case described in this blog-post,is there's an WSO2 ESB node setup to proxy an incoming message to a particular back-end endpoint.  Before delivering the message to the back-end endpoint,from the ESB node itself,this incoming message need to processed and change its inside xml payload format. For eg: Below is the incoming message <?xml version="1.0" encoding="UTF-8"?> <CinemaHall name="liberty"> <OwnerData> <Name>John Smith</Name> <openedDate>12/12/80</openedDate> <quality>good</quality> </OwnerData> <CinemaHallData> <rows>100</rows> <seats> <seat>50</seat> <seat>60</seat> </seats> </CinemaHallData> </CinemaHall> This message need to be changed as  below; <?xml version="1.0" encoding="UTF-8"?> <CinemaHall name="liberty"...
3 comments
Read more

Passing end-user details from client to real backend endpoint via JWT token

In real-world business system,WSO2 API Manager useful on exposing company APIs, in a secured and controlled manner with the features provided by APIManager as; OAuth support [To secure API invocations] Throttling support [To control API invocations] Monitoring support [To track API usage] More technically what happening is when a user sends a particular API request,it will goes to WSO2 APIManager node and from there,the request will route to the real implemented back-end endpoint of the particular API and get back the response and returned it to the API invoked user. There can be a use-case,that this back-end endpoint may expect the details of API invoked user as to pass those details to some internal company usage  as; Additional authentication/authorization Track usage data from an internal system. So how to support above requirement from WSO2 AM. There comes the use of JSON Web Token[JWT] implementation done inside WSO2 AM. JWT is a means of representing claims to...
7 comments
Read more