[WSO2 IS]Setting new challenge question sets

1.I am using WSO2 IS 5.0.0+service pack1

2.You need to have jdk 1.6/ 1.7 to use WSO2 IS 5.0.0

3.I will be showing how to add new challenge question sets using ‘UserIdentityManagementAdminService’ SOAP api.

4.This service is a admin webservice embedded inside WSO2 IS.

5.External parties can invoke methods expose by this web service via a tool like SOAP UI.

6.Here I will show adding new challenge question set by a new tenant admin.

7.For that you need to create a new tenant in WSO2 IS.

8.My tenant is ann@ibm.com

9.Now login to management console as ann@ibm.com and create a new user called ‘denu’. So the full qualified username will be denu@ibm.com. Give that user admin permissions

10.Create another user called ‘loguser’. Assign him permissions to ‘login’ to management console and monitor ‘logs’

11.Before invoking any apis in ‘UserIdentityManagementAdminService’, make sure that you have added claim uri mappings for challenge question sets.

In WSO2 IS two sets of challenge questions are there.


As you can see the claim uri is equal to the challenge question set id.

So, if you plan to add a new set of challenge questions with ‘http://wso2.org/claims/challengeQuestion3’ set id, then before doing anything you need to add a claim mapping for it as below.


You can give any value from underlying data store as the mapped attribute.

After setting the challenge question claims manually in the tenant admin as above, you can invoke the apis exposed by the soap api.


[Git]Merging Conflicted PRs

  1. Update the master
  2. Checkout a new branch from the master

git checkout -b new-branch master

3. pull the conflicting PR from the remote branch in remote repository

git pull https://github.com/denuwanthi/identity-inbound-auth-oauth.git remote-branch

4.Resolve merge conflicts

git add the modified files, and commit them

5.checkout the master

git checkout master

6.merge the new branch with resolved conflicts to master

git merge –no-ff new-branch

7.push the local master to your remote repository

git push origin master


[WSO2 APIM]Mediation Extensions

When adding mediation extensions to WSO2 APIM, it is recommended to upload them via WSO2 APIM tooling (Developer Studio Eclipse plugin).

Following documentation provide detail steps on how to achieve that.




[WSO2 Carbon]Custom Authentication for WSO2 Management Console

Almost all the WSO2 products are shipped with a management console.

You normally authenticates with this management console by typing username and password in the the login page.


But, that is not the only way you can authenticate with WSO2 management console.

WSO2 provides extension points to plugin custom authentication mechanisms to login to WSO2 management console.

Example usecase:

You have an identity provider which authenticates the users. The identity provider will send the authenticated user name as a header to WSO2 . In that case you don;t want the user to login again to management console. Since user is already verified from the identity provider, you want the user to get logged directly to management console.


So, in the above case the authentication mechanism you want to use with the management console is slightly different.

To cater such custom authentication scenarios, WSO2 provide you the capability to write custom authenticators.

You can write your custom authenticator and add it to ‘dropins’ folder and configure it in ‘authenticators.xml‘ situated at ‘<CARBON_HOME>/repository/conf/security‘ folder.

<Authenticator name=”CustomAuthenticator” disabled=”false”>

The authenticators.xml already have some custom authenticators defined in it.




You can enable the authenticators by changing the ‘disabled’ attribute to ‘false’.

In order to disable the authenticator put disabled=”true”.

The <Priority> element defines the precedence of the authenticators. If the priority value is high, precedence will be high.


[WSO2]Enabling GC logs in WSO2 servers


I am using WSO2 API Manager 2.1.0 distribution. This will be similar to any WSO2 product.

  1. Open wso2server.sh file located at ‘wso2am-2.1.0/bin’ folder.
  2. Add following command under the ‘$JVM_MEM_OPTS’


-XX:+PrintGC -XX:+PrintGCDetails -XX:+PrintGCDateStamps -Xloggc:”$CARBON_HOME/repository/logs/gc.log” \



-XX:+HeapDumpOnOutOfMemoryError \

-XX:HeapDumpPath=”$CARBON_HOME/repository/logs/heap-dump.hprof” \

-XX:+PrintGC -XX:+PrintGCDetails -XX:+PrintGCDateStamps -Xloggc:”$CARBON_HOME/repository/logs/gc.log” \



3.Then a file named gc.log will be created in ‘wso2am-2.1.0/repository/logs’ folder.

GC logs will be printed there.

[WSO2 ESB 5.0.0][WSO2 ESB Tooling]SOAP to ISO8583 transformation

In this blog post, I will show how to achieve  SOAP to ISO8583 transformation using ESB 5.0.0.


In order to achieve that I will be using WSO2 ESB tooling eclipse plugin to create necessary synapse artifacts.

Open eclipse mars with ESB tooling plugin installed.

Go to ‘Developer Studio’ -> ‘Open Dashboard’.

Select ‘ESB Config Project’ as below image.


Then select ‘New ESB Config Project’


Then click ‘Next’ and give a project name you like. I gave ‘SoapToIso’. Then untick the ‘Use Default Location’ and browse and provide a folder you want your projects to be saved in the computer.



Then click ‘Finish’.

Now a project called ‘SoapToIso’ will be created.


Now right click that project and select ‘Add or Remove Connector’



Now keep this aside for a while, and go to https://store.wso2.com/store/assets/esbconnector/details/e4cf3fd5-445f-4317-beb6-09998906fb0d url.


Click the ‘Download Connector’ button. A zip file called ‘iso8583-connector-1.0.1.zip’ will be downloaded.

Now let’s get back to our ESB config project.

Now click next in ‘Add or Remove Connectors’ wizard.Then select ‘connector location’ and browse the zip file you just downloaded above.


click ‘Finish’.

Now right click the ‘proxy-services’ in ‘SoapToISo’ ESB config project and select ‘New’ -> ‘Proxy Service’


Then select ‘Create a new proxy service’.


Then give a name you like for the proxy service. I gave ‘ISO85883-Test’. And select ‘Custom Proxy’ from the drop down list for ‘Proxy Service Type’


Now click ‘Finish’.

Now a file called ‘ISO85883-Test.xml’ will be created with a source and design view as below.


There you can see ‘Iso8583 Connector’ in the Palette. This connector came here due to we uploading the ‘iso8583-connector-1.0.1.zip’ to the ESB config project.

Now just drag the ‘init’ icon in the left side Palette to the proxy service ‘Design’ view.Then it will look as follow.


Now double click the ‘init’ icon on the ‘Design’ view. Then a tab called ‘Properties’ will be open below. There will be ‘Connector Operatoin’ section, where you can enter the server host and port of the listening server. My java server is listening on port 5010 and running on ‘localhost’. So I gave those values.


Now drag ‘sendMessage’ icon in front of ‘init’ as below.


Now make sure to save the ISO8583-Test.xml file.

Now you have completed creating the ESB config project.

Next step is to create a ‘Composite Application Project’ out of this ESB config project.

For that just right click in the ‘Project Explorer’ space and select ‘New’->’Project’.

Then click ‘Composite Application Project’


Then give a name you like for the composite project. I gave ‘SoapToIsoCompositeApp’.

Then select the ESB config project (SoapToIso) you created as shown in the below image and click ‘Next’.



Click ‘Finish’.

A new composite  app will be created as below.


Now right click the composite app project and select ‘Export Composite Application Project’.

Then browse a location you want the composite app to be exported as below.


Then click ‘Next’ and ‘Finish’. Now you can go to the location you gave and check if a file in .car extenstion is created. I have a ‘SoapToIsoCompositeApp_1.0.0.car’ created in my compute. The .car is the file format we use to upload artifacts to WSO2 ESB product.

Now, let’s keep it aside for a while.

Let’s start the ESB 5.0.0 server now.Before that, inorder to support ISO8583 connector, you need to add 4 jar files to ‘wso2esb-5.0.0/repository/components/lib’ folder.





You can download those jars from





Then unzip the ‘iso8583-connector-1.0.1.zip’ file you downloaded in the beginning. Inside that folder you can find a file called jposdef.xml. Copy that file and paste it inside ‘wso2esb-5.0.0’ folder.

Now start the ESB server.

Login to the management console.Go to ‘Main’->’Manage’->’Connectors’->’Add’

Browse and upload the ‘iso8583-connector-1.0.1.zip’ file as below


Refresh and go to Connectors ‘List’ view. There you will see the added connector. Enable the connector by clicking on the ‘Disabled’ icon


Now we need to add the previously created ‘SoapToIsoCompositeApp_1.0.0.car’ file.

Go to ‘Main’->’Manage’->’Carbon Applications’ ->’Add’ and upload the created .car file


Now, if you go to ‘Main’->’Manage’->’Services’->’List’ you can see the ISO8583-Test proxy service is deployed.


If you click the WSDL1.1 or WSDL2.0 icon, you can get the wsdl url of your proxy service.

Mine is ‘http://localhost:8280/services/ISO8583-Test?wsdl


you can copy that url and create a soap project in SoapUI.


Soap Request:

<soapenv:Envelope xmlns:soapenv=”http://schemas.xmlsoap.org/soap/envelope/”&gt;
<field id=”0″>0200</field>
<field id=”3″>201345</field>
<field id=”4″>000000500000</field>
<field id=”7″>0111522180</field>
<field id=”11″>123489</field>
<field id=”32″>100009</field>
<field id=”44″>XYRTUI5269TYUI</field>
<field id=”111″>ABCDEFGHIJ 1234567890</field>

Now you are ready to send the request to the proxy service at ESB.

Once the SOAP meesgae comes to ESB the ISO8583 connector will send the message to the Test java server listening on port 5010.

You can get a sample test server at https://github.com/Kanapriya/ISO8583TestServer.git

You can do any change to the code if you need also.

Start the test server by running the main class.

It will print ‘Server is waiting for client on port 5010’

Now send the request from SoapUI.

Then the test server will print

There is a client connected
Data From Client : 0200B220000100100000000000000002000020134500000050000001115221801234890610000914XYRTUI5269TYUI021ABCDEFGHIJ 1234567890
0210B22000010210000000000000000200002013450000005000000111522180123489061000090014XYRTUI5269TYUI021ABCDEFGHIJ 1234567890

As you can see the server read and print the standard  ISO8583 message returned by ESB.


Defining Taxonomies in WSO2 G-Reg

WSO2 G-Reg 5.3.0 is now released.

This latest G-Reg version comes with ability to add and use taxonomies on governance assets.

So, let’s see how we can add taxonomies to governance assets.

Taxonomies are defined and attached to asset types via G-Reg management console.

1.Visit WSO2 G-Reg management console. (https://host:9443/carbon/)

2.Go to Extensions->Taxonomy and click ‘Add New Taxonomy’


3. In the appearing text area you can see a default taxonomy definition as follow:

<taxonomy id="Teams" name="Teams">

<root id="wso2Teams" displayName="WSO2 Teams">
<node id="sales" displayName="Sales"></node>
<node id="marketing" displayName="Marketing"></node>
<node id="hR" displayName="HR"></node>
<node id="engineering" displayName="Engineering">
<node id="governanceTG" displayName="Governance TG">
<node id="esGReg" displayName="ES/GReg"></node>
<node id="is" displayName="IS"></node>
<node id="security" displayName="Security"></node>
<node id="platformTG" displayName="Platform TG">
<node id="asCarbon" displayName="AS/Carbon"></node>
<node id="dS" displayName="DS"></node>
<node id="developerStudio" displayName="Developer Studio"></node>
<node id="uiUX" displayName="UI/UX"></node>
<node id="platformExtension" displayName="Platform Extension"></node>
<node id="integrationTG" displayName="Integration TG">
<node id="esbGwLb" displayName="ESB/GW/LB"></node>
<node id="mb" displayName="MB"></node>
<node id="bpsBrs" displayName="BPS/BRS"></node>
<node id="uiUX" displayName="PC "></node>
<node id="platformExtension" displayName="DIS"></node>
<node id="dataTG" displayName="Data TG">
<node id="dasDss" displayName="DAS/DSS"></node>
<node id="cep" displayName="CEP"></node>
<node id="ml" displayName="ML"></node>
<node id="analytics" displayName="Analytics"></node>
<node id="research" displayName="Research"></node>
<node id="apiTG" displayName="API TG">
<node id="apiManager" displayName="API Manager"></node>
<node id="appManager" displayName="App Manager"></node>
<node id="emmIot" displayName="EMM/IOT"></node>
<node id="qaTG" displayName="QA TG">
<node id="qa" displayName="QA"></node>
<node id="qaa" displayName="QAA"></node>
<node id="cloudTG" displayName="Cloud TG">
<node id="appFactory" displayName="AppFactory /SS"></node>
<node id="cloudTeam" displayName="Cloud Team"></node>
<node id="paas" displayName="PaaS"></node>
<node id="devOpsTeam" displayName="DevOps Team"></node>
<node id="Finance" displayName="Finance"></node>
<node id="Admin" displayName="Admin"></node>

You can remove that definition and add your own taxonomy xml configuration

4.Now click ‘Save’ to save the defined taxonomy configuration


Now you defined a taxonomy.

The next step is to attach this taxonomy to some asset type so that, you can use taxonomy related functionalities on your asset.

5.Go to Extensions->Artifact Types and select the asset type you want to apply the above defined taxonomy.


I need to add the earlier defined taxonomy to the asset type ‘restservice’.

6.click ‘View/Edit’ link in front of ‘restservice’.

Then add following line in the xml configuration


<taxonomy name="Teams" />


Since the taxonomy I defined was named as ‘Teams’,  we need to add that name under <taxonomy name=”Teams” />

You can add the above xml configuration right after the xml entry for <lifecycle>.

Now you have attached taxonomy for restservices.

If you try to create a new service in G-Reg Publisher you will have field to add taxonomy according to your desire.