What I did in My Internship @ WSO2

Andun S.L. Gunawardana Software Engineering Intern

Application Server Team

Development Technology Group

WSO2 Lanka (Pvt) Ltd

Projects Within Internship

Main Projects:

Entitlement Servlet Filter Feature

RawXSLT Mediator for WSO2 ESB

New XPATH Parser for WSO2 ESB

Other Projects:

Refactoring WSO2 Application Server Samples

Test Automation Hackathon


Main Projects:




Other Projects:



Requirement :

Providing XACML policy based fine grained

authorization to webapp requests, using WSO2

Identity Server.


Step sequence to take an Entitlement

Decision :


Components Added to the Carbon

Platform :


• Entitlement PEP Proxy Component • Entitlement Servlet Filter Component • XACML Filter Feature • Sample for WSO2 Application Server 5.0.1


Platform :



Use of Entitlement Proxy Component :

◦ Act as a proxy for communication between

WSO2 IS(PDP) and PEP.

◦ Entitlement Servlet Filter and the Entitlement

Mediator use this new component.


Entitlement Proxy Component :


Why Entitlement Proxy Component ? ◦ Make User Life Easy,

User have to invoke a method in the proxy to get a entitlement

decision.

User don't have to implement XACML request related things to

use a XACML policy hosted in IS. The proxy hides those

complexity from user.

User can use SOAP, Thrift or JSON to PDP PEP communication

without worrying about the implementations.

◦ Entitlement requests can be sent either using XACML 3.0

or XACML 2.0.

◦ Several PEPs can use same Proxy to communicate with

several PDPs(WSO2 IS instances) at the same time.



Platform :



Use of Entitlement Servlet Filter Component :

◦ Act as the PEP.

◦ Checking the authorization of requests which are coming for webapps which are hosted in WSO2 Application Server or Any other WebApp container.


Entitlement Servlet Filter Component :


How to use Entitlement Servlet Filter Component : ◦ The webapp have to engage the Entitlement Servlet

filter using the web.xml.

◦ Necessary parameters to initialize the PEP proxy have to be provided via the web.xml

◦ The webapp must have a J2EE authentication mechanism.


How to use Entitlement Servlet Filter Component :



Platform :



Entitlement Servlet Filter Feature can be found in the Carbon 4.0.2 P2 repo.

Entitlement Servlet Filter Feature ships with Application Server 5.0.1 with a Sample to illustrate it’s functionality.



Main Projects:




Other Projects:



Requirement : ◦ Creating a performance improved XSLT

transformation Mediator.

◦ Do XSLT transformations in the Binary Relay Mode of the WSO2 ESB.

RawXSLT Mediator

Weaknesses of the Existing XSLT Mediator : ◦ It build AXIOM data model for each message. So bit large

messages will add hugh performance drawback.

◦ To overcome that Stream Level Transformation is suggested, without creating AXIOM data model.

RawXSLT Mediator

How RawXSLT Mediator Works ?

RawXSLT Mediator

Improvement :

RawXSLT Mediator

0.00

500.00

1,000.00

1,500.00

2,000.00

2,500.00

3,000.00

n =5000,

c=10

n =2500,

c=20

n =1250,

c=40

n =625,

c=80

n =250,

c=200

n =125,

c=400

n =50,

c=1000

Requests Handled Per Second : Message Size 500B

Normal XSLT Mediator RawXSLT Mediator

Improvement :

RawXSLT Mediator

0.00

200.00

400.00

600.00

800.00

1,000.00

1,200.00

1,400.00

1,600.00

1,800.00

2,000.00

n =5000,

c=10

n =2500,

c=20

n =1250,

c=40

n =625,

c=80

n =250,

c=200

n =125,

c=400

n =50,

c=1000

Requests Handled Per Second : Message Size 1K


Improvement :

RawXSLT Mediator

0.00

200.00

400.00

600.00

800.00

1,000.00

1,200.00

n =5000,

c=10

n =2500,

c=20

n =1250,

c=40

n =625,

c=80

n =250,

c=200

n =125,

c=400

n =50,

c=1000



Improvement :

RawXSLT Mediator

0.00

100.00

200.00

300.00

400.00

500.00

600.00

n =5000, c=10 n =2500, c=20 n =1250, c=40 n =250, c=200 n =50, c=1000



Limitations of the RawXSLT Mediator : ◦ It can be only used in Binary Relay Mode of ESB.

◦ The XSLT transformation sheets have mandatory conditions. So flexibility of the transformation is limited.

RawXSLT Mediator


Main Projects:




Other Projects:



Requirement :

◦ Create a XAPTH parser which will suite to parse

simple XPATH expressions with better

performance.

New XPATH Parser

Weaknesses of the Current XPATH Parser : ◦ It reads and build full XML tree for parse XPATH

which can be parsed without building the complete tree.

◦ That is a big performance drawback, so new XPATH parser is suggested which can parse simple XPATH expression with better performance using Streams of XML and on top of AXIOM.

New XPATH Parser

Lets XPATH : /data/book/author/name with the

following XML,

New XPATH Parser

New implementation of XPATH Parser:

◦ Create small components which are responsible

to do simple operations to AXIOM data model.

◦ For Example,

Component to return XML node if it matches some

conditions.

Component to return set of children of a XML node if it

matches some conditions.

Component to return an attribute of a XML node.


Using those created small components we can get a

result of a XPATH expression,

New XPATH Parser

New implementation of XPATH Parser:

◦ So the new XAPTH parser will do the following,

◦ When we give a XPATH expression to the parser

it will create the component chain which will do

the processing to get the result of the XAPTH.

◦ When the parsing happens, the input XML is

passed though the component chain and output

the result.

◦ To create the component chain we have analyze

the given XPATH expression.

◦ For that We use Antlr Parser Generator.

New XPATH Parser

The Syntax Tree For a XAPTH Using Antlr,

New XPATH Parser

Improvement :

New XPATH Parser

0.00

500.00

1,000.00

1,500.00

2,000.00

2,500.00

3,000.00

3,500.00

4,000.00

n =50,

c=2000

n =100,

c=1000

n =200,

c=500

n =400,

c=250

n =800,

c=125

n =2000,

c=50


Synapse XPATH New XPATH


Main Projects:




Other Projects:



◦ Adding Apache Ant Build Files to the APP Server

samples, with more flexibility to run

independently.

◦ Added run scripts to samples which will make

the samples complete.

◦ Structuring samples with necessary documents.

◦ Creating Wiki Docs for the Samples.

◦ Refactored JAX-WS & JAX-RS samples to run

with in the current platform.

Refactoring App Server Samples


Main Projects:




Other Projects:



◦ Wrote number of test cases to WSO2 ESB.

Mediators, Endpoints, VFS Tranport

◦ Added improvement to Clarity Test Framework.

REST Support

Failover Test Support

Load Balance Endpoint Test Support

◦ Added a alternative mechanism to check ESB logs

using custom Mediator. This required because

ESB’s Log Reading Functionality is broken.


Projects Within Internship Related Links :

◦ http://www.insightforfuture.blogspot.com/2012/09/xacml-policy-definition-pointpdp-proxy.html

◦ http://www.insightforfuture.blogspot.com/2012/07/providing-xacml-fine-grained.html

◦ http://www.insightforfuture.blogspot.com/2012/07/providing-xacml-fine-grained_22.html

◦ http://docs.wso2.org/wiki/display/AS501/Entitlement+Servlet+Filter+Sample

◦ http://wso2.org/svn/browse/wso2/carbon/platform/branches/4.0.0/components/identity/org.wso2.carbon.identity.entitlement.proxy/

◦ http://wso2.org/svn/browse/wso2/carbon/platform/branches/4.0.0/components/identity/org.wso2.carbon.identity.entitlement.filter/

◦ http://wso2.org/svn/browse/wso2/carbon/platform/branches/4.0.0/features/identity/xacml/org.wso2.carbon.identity.xacml.filter.feature/

◦ http://wso2.org/svn/browse/wso2/carbon/platform/branches/4.0.0/products/as/5.0.1/modules/samples/product/EntitlementFilter/

http://docs.wso2.org/wiki/display/AS501/Entitlement+Servlet+Filter+Sample
































http://wso2.org/svn/browse/wso2/carbon/platform/branches/4.0.0/components/identity/org.wso2.carbon.identity.entitlement.proxy/



http://wso2.org/svn/browse/wso2/carbon/platform/branches/4.0.0/components/identity/org.wso2.carbon.identity.entitlement.filter/



http://wso2.org/svn/browse/wso2/carbon/platform/branches/4.0.0/features/identity/xacml/org.wso2.carbon.identity.xacml.filter.feature/



http://wso2.org/svn/browse/wso2/carbon/platform/branches/4.0.0/products/as/5.0.1/modules/samples/product/EntitlementFilter/

http://wso2.org/svn/browse/wso2/carbon/platform/branches/4.0.0/products/as/5.0.1/modules/samples/product/EntitlementFilter/

What I Learn at WSO2

• Technologies • Products & Tools • Software Engineering Principals • Best Practices

• WSO2 Specific



• WSO2 Specific

◦ Application Server

◦ ESB

◦ Identity Server

◦ Carbon Platform

◦ Clarity Framework

◦ Source Code Management

◦ Release Cycle

◦ Support Strategy

◦ Developer Studio

WSO2 Specific



• WSO2 Specific

◦ JAVA : In-depth Use, Libraries

◦ SOAP

◦ XACML

◦ XPATH/XSLT

◦ JSP

◦ OSGI

Technologies



• WSO2 Specific

◦ Apache Axis2

◦ Apache Synapse

◦ Apache Tomcat

◦ Saxon

◦ Antlr

◦ AXIOM

◦ Intellij IDEA

◦ Maven

◦ Ant

◦ SOAP UI

Products & Tools

◦ Sonar

◦ FindBugs

◦ JConsole

◦ JMeter

◦ JProfiler

◦ TCPMon

◦ Bamboo

◦ JIRA

◦ SVN



• WSO2 Specific

◦ Service Oriented Architecture

◦ Cloud Computing

◦ Agile Development Process

◦ Customer Requirement Analysis

◦ Documentation

◦ Software Evolution

◦ Testing and Quality Assurance

◦ Providing Support to Customers

Software Engineering Principles



• WSO2 Specific

◦ Code Quality

◦ Developer Testing

◦ Performance Testing

◦ Documentation

◦ Version Controlling

◦ Discussing Ideas

Best Practices

Thank You

What I did in My Internship @ WSO2

Education