Andun S.L. Gunawardana Software Engineering Intern Application Server Team Development Technology Group WSO2 Lanka (Pvt) Ltd
Andun S.L. Gunawardana Software Engineering Intern
Application Server Team
Development Technology Group
WSO2 Lanka (Pvt) Ltd
Projects Within Internship
Main Projects:
Entitlement Servlet Filter Feature
RawXSLT Mediator for WSO2 ESB
New XPATH Parser for WSO2 ESB
Other Projects:
Refactoring WSO2 Application Server Samples
Test Automation Hackathon
Projects Within Internship
Main Projects:
Entitlement Servlet Filter Feature
RawXSLT Mediator for WSO2 ESB
New XPATH Parser for WSO2 ESB
Other Projects:
Refactoring WSO2 Application Server Samples
Test Automation Hackathon
Requirement :
Providing XACML policy based fine grained
authorization to webapp requests, using WSO2
Identity Server.
Entitlement Servlet Filter Feature
Step sequence to take an Entitlement
Decision :
Entitlement Servlet Filter Feature
Components Added to the Carbon
Platform :
Entitlement Servlet Filter Feature
• Entitlement PEP Proxy Component • Entitlement Servlet Filter Component • XACML Filter Feature • Sample for WSO2 Application Server 5.0.1
Components Added to the Carbon
Platform :
Entitlement Servlet Filter Feature
• Entitlement PEP Proxy Component • Entitlement Servlet Filter Component • XACML Filter Feature • Sample for WSO2 Application Server 5.0.1
Use of Entitlement Proxy Component :
◦ Act as a proxy for communication between
WSO2 IS(PDP) and PEP.
◦ Entitlement Servlet Filter and the Entitlement
Mediator use this new component.
Entitlement Servlet Filter Feature
Entitlement Proxy Component :
Entitlement Servlet Filter Feature
Why Entitlement Proxy Component ? ◦ Make User Life Easy,
User have to invoke a method in the proxy to get a entitlement
decision.
User don't have to implement XACML request related things to
use a XACML policy hosted in IS. The proxy hides those
complexity from user.
User can use SOAP, Thrift or JSON to PDP PEP communication
without worrying about the implementations.
◦ Entitlement requests can be sent either using XACML 3.0
or XACML 2.0.
◦ Several PEPs can use same Proxy to communicate with
several PDPs(WSO2 IS instances) at the same time.
Entitlement Servlet Filter Feature
Components Added to the Carbon
Platform :
Entitlement Servlet Filter Feature
• Entitlement PEP Proxy Component • Entitlement Servlet Filter Component • XACML Filter Feature • Sample for WSO2 Application Server 5.0.1
Use of Entitlement Servlet Filter Component :
◦ Act as the PEP.
◦ Checking the authorization of requests which are coming for webapps which are hosted in WSO2 Application Server or Any other WebApp container.
Entitlement Servlet Filter Feature
Entitlement Servlet Filter Component :
Entitlement Servlet Filter Feature
How to use Entitlement Servlet Filter Component : ◦ The webapp have to engage the Entitlement Servlet
filter using the web.xml.
◦ Necessary parameters to initialize the PEP proxy have to be provided via the web.xml
◦ The webapp must have a J2EE authentication mechanism.
Entitlement Servlet Filter Feature
How to use Entitlement Servlet Filter Component :
Entitlement Servlet Filter Feature
Components Added to the Carbon
Platform :
Entitlement Servlet Filter Feature
• Entitlement PEP Proxy Component • Entitlement Servlet Filter Component • XACML Filter Feature • Sample for WSO2 Application Server 5.0.1
Entitlement Servlet Filter Feature can be found in the Carbon 4.0.2 P2 repo.
Entitlement Servlet Filter Feature ships with Application Server 5.0.1 with a Sample to illustrate it’s functionality.
Entitlement Servlet Filter Feature
Projects Within Internship
Main Projects:
Entitlement Servlet Filter Feature
RawXSLT Mediator for WSO2 ESB
New XPATH Parser for WSO2 ESB
Other Projects:
Refactoring WSO2 Application Server Samples
Test Automation Hackathon
Requirement : ◦ Creating a performance improved XSLT
transformation Mediator.
◦ Do XSLT transformations in the Binary Relay Mode of the WSO2 ESB.
RawXSLT Mediator
Weaknesses of the Existing XSLT Mediator : ◦ It build AXIOM data model for each message. So bit large
messages will add hugh performance drawback.
◦ To overcome that Stream Level Transformation is suggested, without creating AXIOM data model.
RawXSLT Mediator
How RawXSLT Mediator Works ?
RawXSLT Mediator
Improvement :
RawXSLT Mediator
0.00
500.00
1,000.00
1,500.00
2,000.00
2,500.00
3,000.00
n =5000,
c=10
n =2500,
c=20
n =1250,
c=40
n =625,
c=80
n =250,
c=200
n =125,
c=400
n =50,
c=1000
Requests Handled Per Second : Message Size 500B
Normal XSLT Mediator RawXSLT Mediator
Improvement :
RawXSLT Mediator
0.00
200.00
400.00
600.00
800.00
1,000.00
1,200.00
1,400.00
1,600.00
1,800.00
2,000.00
n =5000,
c=10
n =2500,
c=20
n =1250,
c=40
n =625,
c=80
n =250,
c=200
n =125,
c=400
n =50,
c=1000
Requests Handled Per Second : Message Size 1K
Normal XSLT Mediator RawXSLT Mediator
Improvement :
RawXSLT Mediator
0.00
200.00
400.00
600.00
800.00
1,000.00
1,200.00
n =5000,
c=10
n =2500,
c=20
n =1250,
c=40
n =625,
c=80
n =250,
c=200
n =125,
c=400
n =50,
c=1000
Requests Handled Per Second : Message Size 5K
Normal XSLT Mediator RawXSLT Mediator
Improvement :
RawXSLT Mediator
0.00
100.00
200.00
300.00
400.00
500.00
600.00
n =5000, c=10 n =2500, c=20 n =1250, c=40 n =250, c=200 n =50, c=1000
Requests Handled Per Second : Message Size 10K
Normal XSLT Mediator RawXSLT Mediator
Limitations of the RawXSLT Mediator : ◦ It can be only used in Binary Relay Mode of ESB.
◦ The XSLT transformation sheets have mandatory conditions. So flexibility of the transformation is limited.
RawXSLT Mediator
Projects Within Internship
Main Projects:
Entitlement Servlet Filter Feature
RawXSLT Mediator for WSO2 ESB
New XPATH Parser for WSO2 ESB
Other Projects:
Refactoring WSO2 Application Server Samples
Test Automation Hackathon
Requirement :
◦ Create a XAPTH parser which will suite to parse
simple XPATH expressions with better
performance.
New XPATH Parser
Weaknesses of the Current XPATH Parser : ◦ It reads and build full XML tree for parse XPATH
which can be parsed without building the complete tree.
◦ That is a big performance drawback, so new XPATH parser is suggested which can parse simple XPATH expression with better performance using Streams of XML and on top of AXIOM.
New XPATH Parser
Lets XPATH : /data/book/author/name with the
following XML,
New XPATH Parser
New implementation of XPATH Parser:
◦ Create small components which are responsible
to do simple operations to AXIOM data model.
◦ For Example,
Component to return XML node if it matches some
conditions.
Component to return set of children of a XML node if it
matches some conditions.
Component to return an attribute of a XML node.
Entitlement Servlet Filter Feature
Using those created small components we can get a
result of a XPATH expression,
New XPATH Parser
New implementation of XPATH Parser:
◦ So the new XAPTH parser will do the following,
◦ When we give a XPATH expression to the parser
it will create the component chain which will do
the processing to get the result of the XAPTH.
◦ When the parsing happens, the input XML is
passed though the component chain and output
the result.
◦ To create the component chain we have analyze
the given XPATH expression.
◦ For that We use Antlr Parser Generator.
New XPATH Parser
The Syntax Tree For a XAPTH Using Antlr,
New XPATH Parser
Improvement :
New XPATH Parser
0.00
500.00
1,000.00
1,500.00
2,000.00
2,500.00
3,000.00
3,500.00
4,000.00
n =50,
c=2000
n =100,
c=1000
n =200,
c=500
n =400,
c=250
n =800,
c=125
n =2000,
c=50
Requests Handled Per Second : Message Size 10K
Synapse XPATH New XPATH
Projects Within Internship
Main Projects:
Entitlement Servlet Filter Feature
RawXSLT Mediator for WSO2 ESB
New XPATH Parser for WSO2 ESB
Other Projects:
Refactoring WSO2 Application Server Samples
Test Automation Hackathon
◦ Adding Apache Ant Build Files to the APP Server
samples, with more flexibility to run
independently.
◦ Added run scripts to samples which will make
the samples complete.
◦ Structuring samples with necessary documents.
◦ Creating Wiki Docs for the Samples.
◦ Refactored JAX-WS & JAX-RS samples to run
with in the current platform.
Refactoring App Server Samples
Projects Within Internship
Main Projects:
Entitlement Servlet Filter Feature
RawXSLT Mediator for WSO2 ESB
New XPATH Parser for WSO2 ESB
Other Projects:
Refactoring WSO2 Application Server Samples
Test Automation Hackathon
◦ Wrote number of test cases to WSO2 ESB.
Mediators, Endpoints, VFS Tranport
◦ Added improvement to Clarity Test Framework.
REST Support
Failover Test Support
Load Balance Endpoint Test Support
◦ Added a alternative mechanism to check ESB logs
using custom Mediator. This required because
ESB’s Log Reading Functionality is broken.
Test Automation Hackathon
Projects Within Internship Related Links :
◦ http://www.insightforfuture.blogspot.com/2012/09/xacml-policy-definition-pointpdp-proxy.html
◦ http://www.insightforfuture.blogspot.com/2012/07/providing-xacml-fine-grained.html
◦ http://www.insightforfuture.blogspot.com/2012/07/providing-xacml-fine-grained_22.html
◦ http://docs.wso2.org/wiki/display/AS501/Entitlement+Servlet+Filter+Sample
◦ http://wso2.org/svn/browse/wso2/carbon/platform/branches/4.0.0/components/identity/org.wso2.carbon.identity.entitlement.proxy/
◦ http://wso2.org/svn/browse/wso2/carbon/platform/branches/4.0.0/components/identity/org.wso2.carbon.identity.entitlement.filter/
◦ http://wso2.org/svn/browse/wso2/carbon/platform/branches/4.0.0/features/identity/xacml/org.wso2.carbon.identity.xacml.filter.feature/
◦ http://wso2.org/svn/browse/wso2/carbon/platform/branches/4.0.0/products/as/5.0.1/modules/samples/product/EntitlementFilter/
What I Learn at WSO2
• Technologies • Products & Tools • Software Engineering Principals • Best Practices
• WSO2 Specific
What I Learn at WSO2
• Technologies • Products & Tools • Software Engineering Principals • Best Practices
• WSO2 Specific
◦ Application Server
◦ ESB
◦ Identity Server
◦ Carbon Platform
◦ Clarity Framework
◦ Source Code Management
◦ Release Cycle
◦ Support Strategy
◦ Developer Studio
WSO2 Specific
What I Learn at WSO2
• Technologies • Products & Tools • Software Engineering Principals • Best Practices
• WSO2 Specific
◦ JAVA : In-depth Use, Libraries
◦ SOAP
◦ XACML
◦ XPATH/XSLT
◦ JSP
◦ OSGI
Technologies
What I Learn at WSO2
• Technologies • Products & Tools • Software Engineering Principals • Best Practices
• WSO2 Specific
◦ Apache Axis2
◦ Apache Synapse
◦ Apache Tomcat
◦ Saxon
◦ Antlr
◦ AXIOM
◦ Intellij IDEA
◦ Maven
◦ Ant
◦ SOAP UI
Products & Tools
◦ Sonar
◦ FindBugs
◦ JConsole
◦ JMeter
◦ JProfiler
◦ TCPMon
◦ Bamboo
◦ JIRA
◦ SVN
What I Learn at WSO2
• Technologies • Products & Tools • Software Engineering Principals • Best Practices
• WSO2 Specific
◦ Service Oriented Architecture
◦ Cloud Computing
◦ Agile Development Process
◦ Customer Requirement Analysis
◦ Documentation
◦ Software Evolution
◦ Testing and Quality Assurance
◦ Providing Support to Customers
Software Engineering Principles
What I Learn at WSO2
• Technologies • Products & Tools • Software Engineering Principals • Best Practices
• WSO2 Specific
◦ Code Quality
◦ Developer Testing
◦ Performance Testing
◦ Documentation
◦ Version Controlling
◦ Discussing Ideas
Best Practices
Thank You