You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@stratos.apache.org by im...@apache.org on 2013/11/01 18:36:39 UTC
[3/9] Renamed load balancer product from elb to load-balancer
http://git-wip-us.apache.org/repos/asf/incubator-stratos/blob/847cbde0/products/load-balancer/modules/distribution/src/main/conf/datasources.properties
----------------------------------------------------------------------
diff --git a/products/load-balancer/modules/distribution/src/main/conf/datasources.properties b/products/load-balancer/modules/distribution/src/main/conf/datasources.properties
new file mode 100644
index 0000000..0cf8cdb
--- /dev/null
+++ b/products/load-balancer/modules/distribution/src/main/conf/datasources.properties
@@ -0,0 +1,58 @@
+#
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied. See the License for the
+# specific language governing permissions and limitations
+# under the License.
+#
+
+################################################################################
+## DataSources Configuration
+################################################################################
+#synapse.datasources=lookupds,reportds
+#synapse.datasources.icFactory=com.sun.jndi.rmi.registry.RegistryContextFactory
+#synapse.datasources.providerPort=2199
+## If following property is present , then assumes that there is an external JNDI provider and will not start a RMI registry
+##synapse.datasources.providerUrl=rmi://localhost:2199
+#
+#synapse.datasources.lookupds.registry=Memory
+#synapse.datasources.lookupds.type=BasicDataSource
+#synapse.datasources.lookupds.driverClassName=org.apache.derby.jdbc.ClientDriver
+#synapse.datasources.lookupds.url=jdbc:derby://localhost:1527/lookupdb;create=false
+## Optionally you can specifiy a specific password provider implementation which overrides any globally configured provider
+#synapse.datasources.lookupds.secretProvider=org.apache.synapse.commons.security.secret.handler.SharedSecretCallbackHandler
+#synapse.datasources.lookupds.username=esb
+## Depending on the password provider used, you may have to use an encrypted password here!
+#synapse.datasources.lookupds.password=esb
+#synapse.datasources.lookupds.dsName=lookupdb
+#synapse.datasources.lookupds.maxActive=100
+#synapse.datasources.lookupds.maxIdle=20
+#synapse.datasources.lookupds.maxWait=10000
+#
+#synapse.datasources.reportds.registry=JNDI
+#synapse.datasources.reportds.type=PerUserPoolDataSource
+#synapse.datasources.reportds.cpdsadapter.factory=org.apache.commons.dbcp.cpdsadapter.DriverAdapterCPDS
+#synapse.datasources.reportds.cpdsadapter.className=org.apache.commons.dbcp.cpdsadapter.DriverAdapterCPDS
+#synapse.datasources.reportds.cpdsadapter.name=cpds
+#synapse.datasources.reportds.dsName=reportdb
+#synapse.datasources.reportds.driverClassName=org.apache.derby.jdbc.ClientDriver
+#synapse.datasources.reportds.url=jdbc:derby://localhost:1527/reportdb;create=false
+## Optionally you can specifiy a specific password provider implementation which overrides any globally configured provider
+#synapse.datasources.reportds.secretProvider=org.apache.synapse.commons.security.secret.handler.SharedSecretCallbackHandler
+#synapse.datasources.reportds.username=esb
+## Depending on the password provider used, you may have to use an encrypted password here!
+#synapse.datasources.reportds.password=esb
+#synapse.datasources.reportds.maxActive=100
+#synapse.datasources.reportds.maxIdle=20
+#synapse.datasources.reportds.maxWait=10000
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/incubator-stratos/blob/847cbde0/products/load-balancer/modules/distribution/src/main/conf/embedded-ldap.xml
----------------------------------------------------------------------
diff --git a/products/load-balancer/modules/distribution/src/main/conf/embedded-ldap.xml b/products/load-balancer/modules/distribution/src/main/conf/embedded-ldap.xml
new file mode 100644
index 0000000..144628e
--- /dev/null
+++ b/products/load-balancer/modules/distribution/src/main/conf/embedded-ldap.xml
@@ -0,0 +1,165 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ ~ Licensed to the Apache Software Foundation (ASF) under one
+ ~ or more contributor license agreements. See the NOTICE file
+ ~ distributed with this work for additional information
+ ~ regarding copyright ownership. The ASF licenses this file
+ ~ to you under the Apache License, Version 2.0 (the
+ ~ "License"); you may not use this file except in compliance
+ ~ with the License. You may obtain a copy of the License at
+ ~
+ ~ http://www.apache.org/licenses/LICENSE-2.0
+ ~
+ ~ Unless required by applicable law or agreed to in writing,
+ ~ software distributed under the License is distributed on an
+ ~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ ~ KIND, either express or implied. See the License for the
+ ~ specific language governing permissions and limitations
+ ~ under the License.
+ -->
+
+<!--
+ All carbon based products comes with a LDAP user store.
+ For this we use an embedded LDAP in carbon based products.
+ This file contains necessary configurations to control the behavior of embedded LDAP.
+ You may use this file to enable, disable LDAP server, configure connection admin password, etc ...
+ In addition to embedded-ldap server configurations this file also has Kerberos KDC (Key Distribution Center)
+ specific configurations.
+-->
+
+<EmbeddedLDAPConfig>
+
+ <!--
+ LDAP server configurations
+ ==========================
+ This section contains LDAP server specific configurations.
+
+ Property Usage
+ ======= ====
+ enable If true the embedded LDAP server will start when server starts up.
+ Else embedded LDAP server will not start. Thus user has to use a different
+ user store.
+ instanceid An id given to the LDAP server instance.
+ connectionPassword The password of the admin. (uid=admin,ou=system)
+ workingDirectory Location where LDAP will store its schema files.
+ AdminEntryObjectClass Object class which encapsulate attributes needed by claims.
+ allowAnonymousAccess Should allow users to access LDAP server without credentials. Default false.
+ accessControlEnabled Should access control be enabled among partitions. Default true.
+ saslHostName Default host name to be used in SASL (Simple Authentication and Security Layer).
+ This property comes from apacheds implementation itself.
+ saslPrincipalName Default SASL principal name. Again this property also comes from apacheds implementation
+ itself.
+ -->
+ <EmbeddedLDAP>
+ <Property name="enable">false</Property>
+ <Property name="port">${Ports.EmbeddedLDAP.LDAPServerPort}</Property>
+ <Property name="instanceId">default</Property>
+ <Property name="connectionPassword">admin</Property>
+ <Property name="workingDirectory">.</Property>
+ <Property name="AdminEntryObjectClass">wso2Person</Property>
+ <Property name="allowAnonymousAccess">false</Property>
+ <Property name="accessControlEnabled">true</Property>
+ <Property name="denormalizeOpAttrsEnabled">false</Property>
+ <Property name="maxPDUSize">2000000</Property>
+ <Property name="saslHostName">localhost</Property>
+ <Property name="saslPrincipalName">ldap/localhost@EXAMPLE.COM</Property>
+ </EmbeddedLDAP>
+
+ <!--
+ Default partition configurations
+ ================================
+ When embedded LDAP server starts for the first time it will create a default partition.
+ Following properties configure values for the default partition.
+
+ Property Usage
+ ======= =====
+ id Each partition is given an id. The id given to the default paritition.
+ realm Realm is the place where we store user principals and service principals.
+ The name of the realm for default partition.
+ kdcPassword This parameter is used when KDC (Key Distribution Center) is enabled. In apacheds
+ KDC also has a server principal. This defines a password for KDC server principal.
+ ldapServerPrinciplePassword If LDAP server is also defined as a server principal, this will be the password.
+
+ -->
+ <DefaultPartition>
+ <Property name="id">root</Property>
+ <Property name="realm">wso2.org</Property>
+ <Property name="kdcPassword">secret</Property>
+ <Property name="ldapServerPrinciplePassword">randall</Property>
+ </DefaultPartition>
+
+ <!--
+ Default partition admin configurations
+ ======================================
+ In a multi-tenant scenario each tenant will have a separate partition. Thus tenant admin will be the partition admin.
+ Following configurations define admin attributes for above created default partition.
+
+ Property Usage
+ ======== =====
+ uid UID attribute for partition admin.
+ commonName The cn attribute for admin
+ lastName The sn attribute for admin
+ email The email attribute for admin
+ passwordType The password hashing mechanism. Following hashing mechanisms are available, "SHA", "MD5".
+ "Plaintext" is also a valid value. If KDC is enabled password type will be enforced to be
+ plain text.
+ -->
+ <PartitionAdmin>
+ <Property name="uid">admin</Property>
+ <Property name="firstName">admin</Property>
+ <Property name="lastName">admin</Property>
+ <Property name="email">admin@wso2.com</Property>
+ <Property name="password">admin</Property>
+ <Property name="passwordType">SHA</Property>
+ </PartitionAdmin>
+
+ <!--
+ Default partition admin's group configuration
+ =============================================
+ Embedded LDAP is capable of keeping group information also.
+ If LDAP groups are enabled in user store (usr-mgt.xml) group information will be
+ recorded in a separate sub-context. Following configuration defines the group
+ properties.
+
+ Property Usage
+ ======= =====
+ adminRoleName The name of the role/group that admin should be included.
+ groupNameAttribute The attribute which group name will be recorded.
+ memberNameAttribute The attribute which memebers are recorded.
+ -->
+ <PartitionAdminGroup>
+ <Property name="adminRoleName">admin</Property>
+ <Property name="groupNameAttribute">cn</Property>
+ <Property name="memberNameAttribute">member</Property>
+ </PartitionAdminGroup>
+
+ <!--
+ KDC configurations
+ =================
+ Following configurations are applicable to KDC server. Generally, the KDC is only enabled in
+ Identity Server. You may enable KDC server if you wish to do so. But if you dont have any Kerberos specific
+ programs, it is recommended to disable KDC server.
+
+ Property Usage
+ ======= =====
+ name Name given to default KDC server.
+ enabled If true a KDC server will start when starting LDAP server.
+ Else a KDC server will not start with a LDAP server.
+ protocol Default protocol to be used in KDC communication. Default is UDP.
+ maximumTicketLifeTime The maximum life time of a ticket issued by the KDC.
+ maximumRenewableLifeTime Life time which a ticket can be used by renewing it several times.
+ preAuthenticationTimeStampEnabled Pre-authentication is a feature in latest Kerberos protocol.
+ This property says whether to enable it or disable it.
+ -->
+ <KDCServer>
+ <Property name="name">defaultKDC</Property>
+ <Property name="enabled">false</Property>
+ <Property name="protocol">UDP</Property>
+ <Property name="host">localhost</Property>
+ <Property name="port">${Ports.EmbeddedLDAP.KDCServerPort}</Property>
+ <Property name="maximumTicketLifeTime">8640000</Property>
+ <Property name="maximumRenewableLifeTime">604800000</Property>
+ <Property name="preAuthenticationTimeStampEnabled">true</Property>
+ </KDCServer>
+
+</EmbeddedLDAPConfig>
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/incubator-stratos/blob/847cbde0/products/load-balancer/modules/distribution/src/main/conf/jndi.properties
----------------------------------------------------------------------
diff --git a/products/load-balancer/modules/distribution/src/main/conf/jndi.properties b/products/load-balancer/modules/distribution/src/main/conf/jndi.properties
new file mode 100644
index 0000000..71a1821
--- /dev/null
+++ b/products/load-balancer/modules/distribution/src/main/conf/jndi.properties
@@ -0,0 +1,4 @@
+connectionfactoryName=topicConnectionfactory
+connectionfactory.topicConnectionfactory=amqp://admin:admin@carbon/carbon?brokerlist='tcp://localhost:5677'
+java.naming.factory.initial=org.wso2.andes.jndi.PropertiesFileInitialContextFactory
+
http://git-wip-us.apache.org/repos/asf/incubator-stratos/blob/847cbde0/products/load-balancer/modules/distribution/src/main/conf/loadbalancer.conf
----------------------------------------------------------------------
diff --git a/products/load-balancer/modules/distribution/src/main/conf/loadbalancer.conf b/products/load-balancer/modules/distribution/src/main/conf/loadbalancer.conf
new file mode 100644
index 0000000..3128f1a
--- /dev/null
+++ b/products/load-balancer/modules/distribution/src/main/conf/loadbalancer.conf
@@ -0,0 +1,17 @@
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied. See the License for the
+# specific language governing permissions and limitations
+# under the License.
+
http://git-wip-us.apache.org/repos/asf/incubator-stratos/blob/847cbde0/products/load-balancer/modules/distribution/src/main/conf/log4j.properties
----------------------------------------------------------------------
diff --git a/products/load-balancer/modules/distribution/src/main/conf/log4j.properties b/products/load-balancer/modules/distribution/src/main/conf/log4j.properties
new file mode 100644
index 0000000..649bb4c
--- /dev/null
+++ b/products/load-balancer/modules/distribution/src/main/conf/log4j.properties
@@ -0,0 +1,137 @@
+#
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied. See the License for the
+# specific language governing permissions and limitations
+# under the License.
+#
+
+##
+# This is the log4j configuration file used by WSO2 ESB
+# =====================================================
+#
+# IMPORTANT : Please do not remove or change the names of any of the Appenders defined here.
+# The layout pattern & log file can be changed using the WSO2 ESB Management Console, and those
+# settings will override the settings in this file.
+##
+
+##
+# WSO2 ESB is now able to create per-service trace logs at runtime. Thus while a message
+# is being processed through a Proxy service or the Synapse service (i.e. message mediation through
+# the 'main' sequence), tracing may be turned 'on' at any Proxy, Sequence or Mediator level. This
+# trace state 'flows' with the message - i.e from a trace enabled sequence to another sequence etc.
+# and applies to all mediators within a trace enabled sequence etc. unless another sequence or
+# mediator does not override and specify a different trace setting.
+##
+
+# the root category is ERROR (applies for all 3rd party JARs etc) and will be logged to the
+# LOG_APPENDER and the CONSOLE_APPENDER
+
+log4j.rootLogger=ERROR, CARBON_CONSOLE, CARBON_LOGFILE, ERROR_LOGFILE
+
+log4j.category.org.apache.synapse=INFO
+log4j.category.org.apache.synapse.transport=INFO
+log4j.category.org.apache.axis2=INFO
+log4j.category.org.apache.axis2.transport=INFO
+log4j.logger.com.atomikos=INFO,ATOMIKOS
+log4j.logger.org.quartz=WARN
+log4j.logger.org.wso2=INFO
+log4j.logger.org.wso2.carbon=INFO
+log4j.logger.org.apache.stratos.lb.endpoint=INFO
+log4j.logger.org.apache.stratos.messaging=INFO
+
+log4j.logger.org.apache.catalina=WARN
+log4j.logger.org.apache.synapse.endpoints.EndpointContext=ERROR
+log4j.logger.org.apache.coyote=WARN
+log4j.logger.org.apache.axis2.enterprise=FATAL
+log4j.logger.de.hunsicker.jalopy.io=FATAL
+
+# uncomment the following logs to see HTTP headers and messages
+# nhttp case
+#log4j.logger.org.apache.synapse.transport.nhttp.headers=DEBUG
+#log4j.logger.org.apache.synapse.transport.nhttp.wire=DEBUG
+# passthru case
+#log4j.logger.org.apache.synapse.transport.passthru.headers=DEBUG
+#log4j.logger.org.apache.synapse.transport.passthru.wire=DEBUG
+
+#nhttp accesslogs
+#log4j.logger.org.apache.synapse.transport.nhttp.access=INFO
+
+#passthru access logs
+log4j.logger.org.apache.synapse.transport.passthru.access=INFO
+
+# qpid related logs for the message broker
+log4j.logger.qpid=FATAL
+log4j.logger.org.apache.qpid=FATAL
+
+# The console appender is used to display general information at console
+log4j.appender.CARBON_CONSOLE=org.apache.log4j.ConsoleAppender
+log4j.appender.CARBON_CONSOLE.layout=org.apache.log4j.PatternLayout
+log4j.appender.CARBON_CONSOLE.layout.ConversionPattern=[%d{ISO8601}] %5p - %c{1} %m%n
+
+# Configure the service logger at INFO level. Writes only run-time/mediation-time audit messages
+log4j.category.SERVICE_LOGGER=INFO, SERVICE_APPENDER
+log4j.additivity.SERVICE_LOGGER=false
+log4j.appender.SERVICE_APPENDER=org.apache.log4j.RollingFileAppender
+log4j.appender.SERVICE_APPENDER.File=repository/logs/${instance.log}/wso2-elb${instance.log}.log
+log4j.appender.SERVICE_APPENDER.MaxFileSize=1000KB
+log4j.appender.SERVICE_APPENDER.MaxBackupIndex=10
+log4j.appender.SERVICE_APPENDER.layout=org.apache.log4j.PatternLayout
+log4j.appender.SERVICE_APPENDER.layout.ConversionPattern=%d{ISO8601} [%X{ip}-%X{host}] [%t] %5p %c{1} %m%n
+
+# The trace logger dumps enough information @INFO level, but maybe pushed upto TRACE.
+# Writes only run-time/mediation time tracing/debug messages for messages passing through trace
+# enabled sequences, mediators and services. Enabling tracing on these has a performance impact
+log4j.category.TRACE_LOGGER=INFO, TRACE_APPENDER
+log4j.additivity.TRACE_LOGGER=false
+log4j.appender.TRACE_APPENDER=org.apache.log4j.DailyRollingFileAppender
+log4j.appender.TRACE_APPENDER.File=repository/logs/${instance.log}/wso2-elb-trace${instance.log}.log
+log4j.appender.TRACE_APPENDER.Append=true
+log4j.appender.TRACE_APPENDER.layout=org.apache.log4j.PatternLayout
+log4j.appender.TRACE_APPENDER.layout.ConversionPattern=%d{HH:mm:ss,SSS} [%X{ip}-%X{host}] [%t] %5p %c{1} %m%n
+
+# CARBON_LOGFILE is set to be a DailyRollingFileAppender using a PatternLayout.
+log4j.appender.CARBON_LOGFILE=org.apache.log4j.DailyRollingFileAppender
+# Log file will be overridden by the configuration setting in the DB
+# This path should be relative to WSO2 Carbon Home
+log4j.appender.CARBON_LOGFILE.File=${carbon.home}/repository/logs/${instance.log}/wso2carbon${instance.log}.log
+log4j.appender.CARBON_LOGFILE.Append=true
+log4j.appender.CARBON_LOGFILE.layout=org.wso2.carbon.utils.logging.TenantAwarePatternLayout
+# ConversionPattern will be overridden by the configuration setting in the DB
+log4j.appender.CARBON_LOGFILE.layout.ConversionPattern=TID: [%T] [%S] [%d] %P%5p {%c} - %x %m {%c}%n
+log4j.appender.CARBON_LOGFILE.layout.TenantPattern=%U%@%D [%T] [%S]
+log4j.appender.CARBON_LOGFILE.threshold=DEBUG
+
+# The standard error log where all the warnings, errors and fatal errors will be logged
+log4j.appender.ERROR_LOGFILE=org.apache.log4j.FileAppender
+log4j.appender.ERROR_LOGFILE.File=repository/logs/${instance.log}/wso2-elb-errors.log
+log4j.appender.ERROR_LOGFILE.layout=org.apache.log4j.PatternLayout
+log4j.appender.ERROR_LOGFILE.layout.ConversionPattern=%d{ISO8601} [%X{ip}-%X{host}] [%t] %5p %c{1} %m%n
+log4j.appender.ERROR_LOGFILE.threshold=WARN
+
+log4j.logger.org.apache.directory.shared.ldap=WARN, CARBON_CONSOLE
+log4j.logger.org.apache.directory.server.ldap.handlers=WARN, CARBON_CONSOLE
+log4j.logger.org.apache.directory.shared.ldap.entry.DefaultServerAttribute=FATAL, CARBON_CONSOLE
+log4j.logger.org.apache.directory.shared.ldap.ldif.LdifReader=ERROR, CARBON_CONSOLE
+log4j.logger.org.apache.directory.server.ldap.LdapProtocolHandler=ERROR, CARBON_CONSOLE
+
+# Appender config to send Atomikos transaction logs to new log file tm.out.
+log4j.appender.ATOMIKOS = org.apache.log4j.RollingFileAppender
+log4j.appender.ATOMIKOS.File = repository/logs/tm.out
+log4j.appender.ATOMIKOS.Append = true
+log4j.appender.ATOMIKOS.layout = org.apache.log4j.PatternLayout
+log4j.appender.ATOMIKOS.layout.ConversionPattern=%p %t %c - %m%n
+log4j.additivity.com.atomikos=false
+
+
http://git-wip-us.apache.org/repos/asf/incubator-stratos/blob/847cbde0/products/load-balancer/modules/distribution/src/main/conf/nhttp.properties
----------------------------------------------------------------------
diff --git a/products/load-balancer/modules/distribution/src/main/conf/nhttp.properties b/products/load-balancer/modules/distribution/src/main/conf/nhttp.properties
new file mode 100644
index 0000000..36c48b3
--- /dev/null
+++ b/products/load-balancer/modules/distribution/src/main/conf/nhttp.properties
@@ -0,0 +1,49 @@
+#
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied. See the License for the
+# specific language governing permissions and limitations
+# under the License.
+#
+
+# This file contains the configuration parameters used by the Non-blocking HTTP transport
+
+worker_pool_size_core=400
+worker_pool_size_max=500
+#worker_thread_keepalive_sec=60
+#worker_pool_queue_length=-1
+#io_threads_per_reactor=2
+io_buffer_size=16384
+
+#http.socket.timeout=60000
+#nhttp_buffer_size=8192
+#http.tcp.nodelay=1
+#http.connection.stalecheck=0
+
+# Uncomment the following property for an AIX based deployment
+#http.nio.interest-ops-queueing=true
+
+# HTTP Sender thread pool parameters
+#snd_t_core=20
+#snd_t_max=100
+#snd_alive_sec=5
+#snd_qlen=-1
+#snd_io_threads=2
+
+# HTTP Listener thread pool parameters
+#lst_t_core=20
+#lst_t_max=100
+#lst_alive_sec=5
+#lst_qlen=-1
+#lst_io_threads=2
http://git-wip-us.apache.org/repos/asf/incubator-stratos/blob/847cbde0/products/load-balancer/modules/distribution/src/main/conf/passthru-http.properties
----------------------------------------------------------------------
diff --git a/products/load-balancer/modules/distribution/src/main/conf/passthru-http.properties b/products/load-balancer/modules/distribution/src/main/conf/passthru-http.properties
new file mode 100644
index 0000000..ce690e5
--- /dev/null
+++ b/products/load-balancer/modules/distribution/src/main/conf/passthru-http.properties
@@ -0,0 +1,35 @@
+#
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied. See the License for the
+# specific language governing permissions and limitations
+# under the License.
+#
+
+## This file contains the configuration parameters used by the Pass-through HTTP transport
+
+## Pass-through HTTP transport specific tuning parameters
+force.passthrough.builder=false
+worker_pool_size_core=400
+worker_pool_size_max=500
+#worker_thread_keepalive_sec=60
+#worker_pool_queue_length=-1
+#io_threads_per_reactor=2
+io_buffer_size=16384
+#http.max.connection.per.host.port=32767
+
+## Other parameters
+#http.user.agent.preserve=false
+#http.server.preserve=true
+#http.connection.disable.keepalive=false
http://git-wip-us.apache.org/repos/asf/incubator-stratos/blob/847cbde0/products/load-balancer/modules/distribution/src/main/conf/rule-component.conf
----------------------------------------------------------------------
diff --git a/products/load-balancer/modules/distribution/src/main/conf/rule-component.conf b/products/load-balancer/modules/distribution/src/main/conf/rule-component.conf
new file mode 100644
index 0000000..6652551
--- /dev/null
+++ b/products/load-balancer/modules/distribution/src/main/conf/rule-component.conf
@@ -0,0 +1,21 @@
+<!--
+ Licensed to the Apache Software Foundation (ASF) under one
+ or more contributor license agreements. See the NOTICE file
+ distributed with this work for additional information
+ regarding copyright ownership. The ASF licenses this file
+ to you under the Apache License, Version 2.0 (the
+ "License"); you may not use this file except in compliance
+ with the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing,
+ software distributed under the License is distributed on an
+ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ KIND, either express or implied. See the License for the
+ specific language governing permissions and limitations
+ under the License.
+-->
+<RuleServer>
+ <RuleEngineProvider class="org.wso2.carbon.rule.engine.jsr94.JSR94BackendRuntimeFactory"/>
+</RuleServer>
http://git-wip-us.apache.org/repos/asf/incubator-stratos/blob/847cbde0/products/load-balancer/modules/distribution/src/main/conf/synapse-configs/default/registry.xml
----------------------------------------------------------------------
diff --git a/products/load-balancer/modules/distribution/src/main/conf/synapse-configs/default/registry.xml b/products/load-balancer/modules/distribution/src/main/conf/synapse-configs/default/registry.xml
new file mode 100644
index 0000000..f259c7a
--- /dev/null
+++ b/products/load-balancer/modules/distribution/src/main/conf/synapse-configs/default/registry.xml
@@ -0,0 +1,26 @@
+<?xml version="1.0" encoding="ISO-8859-1"?>
+<!--
+ ~ Licensed to the Apache Software Foundation (ASF) under one
+ ~ or more contributor license agreements. See the NOTICE file
+ ~ distributed with this work for additional information
+ ~ regarding copyright ownership. The ASF licenses this file
+ ~ to you under the Apache License, Version 2.0 (the
+ ~ "License"); you may not use this file except in compliance
+ ~ with the License. You may obtain a copy of the License at
+ ~
+ ~ http://www.apache.org/licenses/LICENSE-2.0
+ ~
+ ~ Unless required by applicable law or agreed to in writing,
+ ~ software distributed under the License is distributed on an
+ ~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ ~ KIND, either express or implied. See the License for the
+ ~ specific language governing permissions and limitations
+ ~ under the License.
+ -->
+
+<!-- Registry declaration of the WSO2 ESB -->
+<registry xmlns="http://ws.apache.org/ns/synapse" provider="org.wso2.carbon.mediation.registry.WSO2Registry">
+ <!--all resources loaded from the URL registry would be
+ cached for this number of milliseconds -->
+ <parameter name="cachableDuration">15000</parameter>
+</registry>
http://git-wip-us.apache.org/repos/asf/incubator-stratos/blob/847cbde0/products/load-balancer/modules/distribution/src/main/conf/synapse-configs/default/sequences/errorHandler.xml
----------------------------------------------------------------------
diff --git a/products/load-balancer/modules/distribution/src/main/conf/synapse-configs/default/sequences/errorHandler.xml b/products/load-balancer/modules/distribution/src/main/conf/synapse-configs/default/sequences/errorHandler.xml
new file mode 100644
index 0000000..8621bee
--- /dev/null
+++ b/products/load-balancer/modules/distribution/src/main/conf/synapse-configs/default/sequences/errorHandler.xml
@@ -0,0 +1,31 @@
+<?xml version="1.0" encoding="ISO-8859-1"?>
+<!--
+ ~ Licensed to the Apache Software Foundation (ASF) under one
+ ~ or more contributor license agreements. See the NOTICE file
+ ~ distributed with this work for additional information
+ ~ regarding copyright ownership. The ASF licenses this file
+ ~ to you under the Apache License, Version 2.0 (the
+ ~ "License"); you may not use this file except in compliance
+ ~ with the License. You may obtain a copy of the License at
+ ~
+ ~ http://www.apache.org/licenses/LICENSE-2.0
+ ~
+ ~ Unless required by applicable law or agreed to in writing,
+ ~ software distributed under the License is distributed on an
+ ~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ ~ KIND, either express or implied. See the License for the
+ ~ specific language governing permissions and limitations
+ ~ under the License.
+ -->
+ <sequence name="errorHandler" xmlns="http://ws.apache.org/ns/synapse">
+ <log level="full">
+ <property name="MESSAGE" value="Executing default 'fault' sequence"/>
+ <property name="ERROR_CODE" expression="get-property('ERROR_CODE')"/>
+ <property name="ERROR_MESSAGE" expression="get-property('ERROR_MESSAGE')"/>
+ </log>
+ <makefault response="true">
+ <code value="tns:Receiver" xmlns:tns="http://www.w3.org/2003/05/soap-envelope"/>
+ <reason value="COULDN'T SEND THE MESSAGE TO THE SERVER."/>
+ </makefault>
+ <send/>
+ </sequence>
http://git-wip-us.apache.org/repos/asf/incubator-stratos/blob/847cbde0/products/load-balancer/modules/distribution/src/main/conf/synapse-configs/default/sequences/fault.xml
----------------------------------------------------------------------
diff --git a/products/load-balancer/modules/distribution/src/main/conf/synapse-configs/default/sequences/fault.xml b/products/load-balancer/modules/distribution/src/main/conf/synapse-configs/default/sequences/fault.xml
new file mode 100644
index 0000000..91ec170
--- /dev/null
+++ b/products/load-balancer/modules/distribution/src/main/conf/synapse-configs/default/sequences/fault.xml
@@ -0,0 +1,66 @@
+<?xml version="1.0" encoding="ISO-8859-1"?>
+<!--
+ ~ Licensed to the Apache Software Foundation (ASF) under one
+ ~ or more contributor license agreements. See the NOTICE file
+ ~ distributed with this work for additional information
+ ~ regarding copyright ownership. The ASF licenses this file
+ ~ to you under the Apache License, Version 2.0 (the
+ ~ "License"); you may not use this file except in compliance
+ ~ with the License. You may obtain a copy of the License at
+ ~
+ ~ http://www.apache.org/licenses/LICENSE-2.0
+ ~
+ ~ Unless required by applicable law or agreed to in writing,
+ ~ software distributed under the License is distributed on an
+ ~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ ~ KIND, either express or implied. See the License for the
+ ~ specific language governing permissions and limitations
+ ~ under the License.
+ -->
+
+<!-- Default fault sequence shipped with the Apache Synapse -->
+<sequence xmlns="http://ws.apache.org/ns/synapse" name="fault">
+
+ <!-- Log the message at the full log level with the ERROR_MESSAGE and the ERROR_CODE-->
+ <!-- log level="full">
+ <property name="MESSAGE" value="Executing default 'fault' sequence"/>
+ <property name="ERROR_CODE" expression="get-property('ERROR_CODE')"/>
+ <property name="ERROR_MESSAGE" expression="get-property('ERROR_MESSAGE')"/>
+ </log -->
+
+ <!-- Drops the messages by default if there is a fault -->
+ <script language="js"><![CDATA[
+ mc.setPayloadXML(
+ <body>{mc.getProperty("ERROR_MESSAGE")}</body>
+ );
+ ]]></script>
+ <switch source="get-property('ERROR_CODE')">
+ <case regex="101504">
+ <property name="HTTP_SC" value="504" scope="axis2"/>
+ <sequence key="seq_timeout"/>
+ </case>
+ <case regex="303001">
+ <property name="HTTP_SC" value="503" scope="axis2"/>
+ <sequence key="seq_endpoint_down"/>
+ </case>
+ <case regex="111503">
+ <property name="HTTP_SC" value="503" scope="axis2"/>
+ <sequence key="seq_endpoint_down"/>
+ </case>
+ <case regex="404">
+ <property name="HTTP_SC" value="404" scope="axis2"/>
+ </case>
+ <default>
+ <property name="HTTP_SC" value="500" scope="axis2"/>
+ </default>
+ </switch>
+
+ <property name="NO_ENTITY_BODY" scope="axis2" action="remove"/>
+ <header name="To" action="remove"/>
+ <property name="RESPONSE" value="true" scope="default" type="STRING"/>
+ <property name="messageType" value="text/html" scope="axis2"/>
+ <property name="contentType" value="text/html" scope="axis2"/>
+
+ <send />
+
+</sequence>
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/incubator-stratos/blob/847cbde0/products/load-balancer/modules/distribution/src/main/conf/synapse-configs/default/sequences/main.xml
----------------------------------------------------------------------
diff --git a/products/load-balancer/modules/distribution/src/main/conf/synapse-configs/default/sequences/main.xml b/products/load-balancer/modules/distribution/src/main/conf/synapse-configs/default/sequences/main.xml
new file mode 100644
index 0000000..b74c6d4
--- /dev/null
+++ b/products/load-balancer/modules/distribution/src/main/conf/synapse-configs/default/sequences/main.xml
@@ -0,0 +1,73 @@
+<?xml version="1.0" encoding="ISO-8859-1"?>
+<!--
+ ~ Licensed to the Apache Software Foundation (ASF) under one
+ ~ or more contributor license agreements. See the NOTICE file
+ ~ distributed with this work for additional information
+ ~ regarding copyright ownership. The ASF licenses this file
+ ~ to you under the Apache License, Version 2.0 (the
+ ~ "License"); you may not use this file except in compliance
+ ~ with the License. You may obtain a copy of the License at
+ ~
+ ~ http://www.apache.org/licenses/LICENSE-2.0
+ ~
+ ~ Unless required by applicable law or agreed to in writing,
+ ~ software distributed under the License is distributed on an
+ ~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ ~ KIND, either express or implied. See the License for the
+ ~ specific language governing permissions and limitations
+ ~ under the License.
+ -->
+
+<!-- Default main sequence shipped with the WSO2 ESB -->
+<sequence xmlns="http://ws.apache.org/ns/synapse" name="main" onError="fault">
+ <description>The main sequence for the message mediation</description>
+ <in>
+ <property name="SERVICE_PREFIX" expression="$axis2:SERVICE_PREFIX"/>
+ <send>
+ <endpoint name="tenantAwareLBEndpoint">
+ <class name ="org.apache.stratos.lb.endpoint.endpoint.TenantAwareLoadBalanceEndpoint">
+ <parameter name="algorithmClassName">org.apache.stratos.lb.endpoint.algorithm.RoundRobin</parameter>
+ <parameter name="failover">true</parameter>
+ <parameter name="sessionAffinity">true</parameter>
+ <parameter name="sessionTimeout">90000</parameter>
+ <!-- parameter name="configuration">$system:loadbalancer.conf</parameter -->
+ </class>
+ </endpoint>
+ </send>
+ <drop/>
+ </in>
+ <out>
+ <!-- Add response interceptor mediator -->
+ <class name="org.apache.stratos.lb.endpoint.mediators.ResponseInterceptor">
+ </class>
+
+ <!-- Updating location value in response header -->
+ <filter source="$trp:Location" regex=".+">
+ <property name="LB_SP_HOST_NAME" expression="$ctx:SERVICE_PREFIX"
+ pattern="(^http.?://\b)(.*):(\d*)(.*)" group="2"/>
+ <property name="EP_RESPONSE_LOC_PROTOCOL" expression="$trp:Location"
+ pattern="(^http.?://\b)(.*):(\d*)(.*)" group="1"/>
+ <property name="EP_RESPONSE_LOC_HOST_NAME" expression="$trp:Location"
+ pattern="(^http.?://\b)(.*):(\d*)(.*)" group="2"/>
+ <property name="EP_RESPONSE_LOC_PATH" expression="$trp:Location"
+ pattern="(^http.?://\b)(.*):(\d*)(.*)" group="4"/>
+
+ <switch source="fn:lower-case($ctx:EP_RESPONSE_LOC_PROTOCOL)">
+ <case regex="https://">
+ <property name="Location"
+ expression="fn:concat($ctx:EP_RESPONSE_LOC_PROTOCOL,$ctx:LB_HOST_NAME,':',$ctx:LB_HTTPS_PORT,$ctx:EP_RESPONSE_LOC_PATH)"
+ scope="transport"/>
+ </case>
+ <case regex="http://">
+ <property name="Location"
+ expression="fn:concat($ctx:EP_RESPONSE_LOC_PROTOCOL,$ctx:LB_HOST_NAME,':',$ctx:LB_HTTP_PORT,$ctx:EP_RESPONSE_LOC_PATH)"
+ scope="transport"/>
+ </case>
+ </switch>
+ </filter>
+
+ <!-- Send the response to the client -->
+ <send/>
+ <drop/>
+ </out>
+</sequence>
http://git-wip-us.apache.org/repos/asf/incubator-stratos/blob/847cbde0/products/load-balancer/modules/distribution/src/main/conf/synapse-configs/default/synapse.xml
----------------------------------------------------------------------
diff --git a/products/load-balancer/modules/distribution/src/main/conf/synapse-configs/default/synapse.xml b/products/load-balancer/modules/distribution/src/main/conf/synapse-configs/default/synapse.xml
new file mode 100755
index 0000000..d8ad52d
--- /dev/null
+++ b/products/load-balancer/modules/distribution/src/main/conf/synapse-configs/default/synapse.xml
@@ -0,0 +1,25 @@
+<?xml version="1.0" encoding="ISO-8859-1"?>
+<!--
+ ~ Licensed to the Apache Software Foundation (ASF) under one
+ ~ or more contributor license agreements. See the NOTICE file
+ ~ distributed with this work for additional information
+ ~ regarding copyright ownership. The ASF licenses this file
+ ~ to you under the Apache License, Version 2.0 (the
+ ~ "License"); you may not use this file except in compliance
+ ~ with the License. You may obtain a copy of the License at
+ ~
+ ~ http://www.apache.org/licenses/LICENSE-2.0
+ ~
+ ~ Unless required by applicable law or agreed to in writing,
+ ~ software distributed under the License is distributed on an
+ ~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ ~ KIND, either express or implied. See the License for the
+ ~ specific language governing permissions and limitations
+ ~ under the License.
+ -->
+
+<!-- The default synapse configuration shipped with the WSO2 Elastic Load Balancer
+ -->
+
+<definitions xmlns="http://ws.apache.org/ns/synapse">
+</definitions>
http://git-wip-us.apache.org/repos/asf/incubator-stratos/blob/847cbde0/products/load-balancer/modules/distribution/src/main/conf/synapse.properties
----------------------------------------------------------------------
diff --git a/products/load-balancer/modules/distribution/src/main/conf/synapse.properties b/products/load-balancer/modules/distribution/src/main/conf/synapse.properties
new file mode 100755
index 0000000..c3cbdb4
--- /dev/null
+++ b/products/load-balancer/modules/distribution/src/main/conf/synapse.properties
@@ -0,0 +1,38 @@
+#
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied. See the License for the
+# specific language governing permissions and limitations
+# under the License.
+#
+
+#synapse.threads.core = 20
+#synapse.threads.max = 100
+#synapse.threads.keepalive = 5
+#synapse.threads.qlen = 10
+#synapse.threads.group = synapse-thread-group
+#synapse.threads.idprefix = SynapseWorker
+
+synapse.sal.endpoints.sesssion.timeout.default=600000
+
+#In memory statistics cleaning state
+statistics.clean.enable=false
+
+# Dependency tracking Synapse observer
+# Comment out to disable dependency management
+synapse.observers=org.wso2.carbon.mediation.dependency.mgt.DependencyTracker
+
+# User defined wsdlLocator/Schema Resolver Implementations.
+# synapse.wsdl.resolver=org.wso2.carbon.mediation.initializer.RegistryWSDLLocator
+# synapse.schema.resolver=org.wso2.carbon.mediation.initializer.RegistryXmlSchemaURIResolver
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/incubator-stratos/blob/847cbde0/products/load-balancer/modules/distribution/src/main/conf/user-mgt.xml
----------------------------------------------------------------------
diff --git a/products/load-balancer/modules/distribution/src/main/conf/user-mgt.xml b/products/load-balancer/modules/distribution/src/main/conf/user-mgt.xml
new file mode 100644
index 0000000..5a4a3a3
--- /dev/null
+++ b/products/load-balancer/modules/distribution/src/main/conf/user-mgt.xml
@@ -0,0 +1,242 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ ~ Licensed to the Apache Software Foundation (ASF) under one
+ ~ or more contributor license agreements. See the NOTICE file
+ ~ distributed with this work for additional information
+ ~ regarding copyright ownership. The ASF licenses this file
+ ~ to you under the Apache License, Version 2.0 (the
+ ~ "License"); you may not use this file except in compliance
+ ~ with the License. You may obtain a copy of the License at
+ ~
+ ~ http://www.apache.org/licenses/LICENSE-2.0
+ ~
+ ~ Unless required by applicable law or agreed to in writing,
+ ~ software distributed under the License is distributed on an
+ ~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ ~ KIND, either express or implied. See the License for the
+ ~ specific language governing permissions and limitations
+ ~ under the License.
+ -->
+
+<UserManager>
+ <Realm>
+ <Configuration>
+ <AdminRole>admin</AdminRole>
+ <AdminUser>
+ <UserName>admin</UserName>
+ <Password>admin</Password>
+ </AdminUser>
+ <EveryOneRoleName>everyone</EveryOneRoleName> <!-- By default users in this role sees the registry root -->
+ <Property name="dataSource">jdbc/WSO2CarbonDB</Property>
+ <Property name="MultiTenantRealmConfigBuilder">org.wso2.carbon.user.core.config.multitenancy.SimpleRealmConfigBuilder</Property>
+ </Configuration>
+ <!-- Following is the default user store manager. This user store manager is based on embedded-apacheds LDAP. It reads/writes users and roles into the default apacheds LDAP user store. Descriptions about each of the following properties can be found in user management documentation of the respective product. In case if user core cache domain is needed to identify uniquely set property <Property name="UserCoreCacheIdentifier">domain</Property>
+ Note: Do not comment within UserStoreManager tags. Cause, specific tag names are used as tokens when building configurations for products. -->
+ <!--UserStoreManager class="org.wso2.carbon.user.core.ldap.ReadWriteLDAPUserStoreManager">
+ <Property name="ConnectionURL">ldap://localhost:${Ports.EmbeddedLDAP.LDAPServerPort}</Property>
+ <Property name="ConnectionName">uid=admin,ou=system</Property>
+ <Property name="ConnectionPassword">admin</Property>
+ <Property name="passwordHashMethod">SHA</Property>
+ <Property name="UserNameListFilter">(objectClass=person)</Property>
+ <Property name="UserEntryObjectClass">wso2Person</Property>
+ <Property name="UserSearchBase">ou=Users,dc=wso2,dc=org</Property>
+ <Property name="UserNameSearchFilter">(&(objectClass=person)(uid=?))</Property>
+ <Property name="UserNameAttribute">uid</Property>
+ <Property name="PasswordJavaScriptRegEx">^[\\S]{5,30}$</Property>
+ <Property name="UsernameJavaScriptRegEx">^[\\S]{3,30}$</Property>
+ <Property name="UsernameJavaRegEx">^[^~!@#$;%^*+={}\\|\\\\<>,\'\"]{3,30}$</Property>
+ <Property name="RolenameJavaScriptRegEx">^[\\S]{3,30}$</Property>
+ <Property name="RolenameJavaRegEx">^[^~!@#$;%^*+={}\\|\\\\<>,\'\"]{3,30}$</Property>
+ <Property name="ReadLDAPGroups">true</Property>
+ <Property name="WriteLDAPGroups">true</Property>
+ <Property name="EmptyRolesAllowed">true</Property>
+ <Property name="GroupSearchBase">ou=Groups,dc=wso2,dc=org</Property>
+ <Property name="GroupNameListFilter">(objectClass=groupOfNames)</Property>
+ <Property name="GroupEntryObjectClass">groupOfNames</Property>
+ <Property name="GroupNameSearchFilter">(&(objectClass=groupOfNames)(cn=?))</Property>
+ <Property name="GroupNameAttribute">cn</Property>
+ <Property name="MembershipAttribute">member</Property>
+ <Property name="UserRolesCacheEnabled">true</Property>
+ <Property name="UserDNPattern">uid={0},ou=Users,dc=wso2,dc=org</Property>
+ </UserStoreManager-->
+
+ <!-- Following is the configuration for internal JDBC user store. This user store manager is based on JDBC. In case if application needs to manage passwords externally set property <Property name="PasswordsExternallyManaged">true</Property>. In case if user core cache domain is needed to identify uniquely set property <Property name="UserCoreCacheIdentifier">domain</Property>. Furthermore properties, IsEmailUserName and DomainCalculation are readonly properties.
+ Note: Do not comment within UserStoreManager tags. Cause, specific tag names are used as tokens when building configurations for products. -->
+ <UserStoreManager class="org.wso2.carbon.user.core.jdbc.JDBCUserStoreManager">
+ <Property name="ReadOnly">false</Property>
+ <Property name="MaxUserNameListLength">100</Property>
+ <Property name="IsEmailUserName">false</Property>
+ <Property name="DomainCalculation">default</Property>
+ <Property name="PasswordDigest">SHA-256</Property>
+ <Property name="StoreSaltedPassword">true</Property>
+ <Property name="UserNameUniqueAcrossTenants">false</Property>
+ <Property name="PasswordJavaRegEx">^[\S]{5,30}$</Property>
+ <Property name="PasswordJavaScriptRegEx">^[\\S]{5,30}$</Property>
+ <Property name="UsernameJavaRegEx">^[^~!#$;%^*+={}\\|\\\\<>,\'\"]{3,30}$</Property>
+ <Property name="UsernameJavaScriptRegEx">^[\\S]{3,30}$</Property>
+ <Property name="RolenameJavaRegEx">^[^~!@#$;%^*+={}\\|\\\\<>,\'\"]{3,30}$</Property>
+ <Property name="RolenameJavaScriptRegEx">^[\\S]{3,30}$</Property>
+ <Property name="UserRolesCacheEnabled">true</Property>
+ </UserStoreManager>
+
+ <!-- If product is using an external LDAP as the user store in READ ONLY mode, use following user manager.
+ In case if user core cache domain is needed to identify uniquely set property <Property name="UserCoreCacheIdentifier">domain</Property>
+ -->
+ <!--UserStoreManager class="org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager">
+ <Property name="ReadOnly">true</Property>
+ <Property name="MaxUserNameListLength">100</Property>
+ <Property name="ConnectionURL">ldap://localhost:10389</Property>
+ <Property name="ConnectionName">uid=admin,ou=system</Property>
+ <Property name="ConnectionPassword">admin</Property>
+ <Property name="UserSearchBase">ou=system</Property>
+ <Property name="UserNameListFilter">(objectClass=person)</Property>
+ <Property name="UserNameAttribute">uid</Property>
+ <Property name="ReadLDAPGroups">false</Property>
+ <Property name="GroupSearchBase">ou=system</Property>
+ <Property name="GroupNameListFilter">(objectClass=groupOfNames)</Property>
+ <Property name="GroupNameAttribute">cn</Property>
+ <Property name="MembershipAttribute">member</Property>
+ <Property name="UserRolesCacheEnabled">true</Property>
+ <Property name="ReplaceEscapeCharactersAtUserLogin">true</Property>
+ </UserStoreManager-->
+
+ <!-- Active directory configuration is as follows.
+ In case if user core cache domain is needed to identify uniquely set property <Property name="UserCoreCacheIdentifier">domain</Property>
+ There are few special properties for "Active Directory".
+ They are :
+ 1.Referral - (comment out this property if this feature is not reuired) This enables LDAP referral support.
+ 2.BackLinksEnabled - (Do not comment, set to true or false) In some cases LDAP works with BackLinksEnabled. In which role is stored
+ at user level. Depending on this value we need to change the Search Base within code.
+ 3.isADLDSRole - (Do not comment) Set to true if connecting to an AD LDS instance else set to false.
+ -->
+ <!--UserStoreManager class="org.wso2.carbon.user.core.ldap.ActiveDirectoryUserStoreManager">
+ <Property name="defaultRealmName">WSO2.ORG</Property>
+ <Property name="kdcEnabled">false</Property>
+ <Property name="ConnectionURL">ldaps://10.100.1.100:636</Property>
+ <Property name="ConnectionName">CN=admin,CN=Users,DC=WSO2,DC=Com</Property>
+ <Property name="ConnectionPassword">A1b2c3d4</Property>
+ <Property name="passwordHashMethod">SHA</Property>
+ <Property name="UserSearchBase">CN=Users,DC=WSO2,DC=Com</Property>
+ <Property name="UserEntryObjectClass">user</Property>
+ <Property name="UserNameAttribute">cn</Property>
+ <Property name="isADLDSRole">false</Property>
+ <Property name="userAccountControl">512</Property>
+ <Property name="UserNameListFilter">(objectClass=user)</Property>
+ <Property name="UserNameSearchFilter">(&(objectClass=user)(cn=?))</Property>
+ <Property name="UsernameJavaRegEx">^[^~!@#$;%^*+={}\\|\\\\<>]{3,30}$</Property>
+ <Property name="UsernameJavaScriptRegEx">^[\\S]{3,30}$</Property>
+ <Property name="PasswordJavaScriptRegEx">^[\\S]{5,30}$</Property>
+ <Property name="RolenameJavaScriptRegEx">^[\\S]{3,30}$</Property>
+ <Property name="RolenameJavaRegEx">^[^~!@#$;%^*+={}\\|\\\\<>]{3,30}$</Property>
+ <Property name="ReadLDAPGroups">true</Property>
+ <Property name="WriteLDAPGroups">true</Property>
+ <Property name="EmptyRolesAllowed">true</Property>
+ <Property name="GroupSearchBase">CN=Users,DC=WSO2,DC=Com</Property>
+ <Property name="GroupEntryObjectClass">group</Property>
+ <Property name="GroupNameAttribute">cn</Property>
+ <Property name="MembershipAttribute">member</Property>
+ <Property name="GroupNameListFilter">(objectcategory=group)</Property>
+ <Property name="GroupNameSearchFilter">(&(objectClass=group)(cn=?))</Property>
+ <Property name="UserRolesCacheEnabled">true</Property>
+ <Property name="Referral">follow</Property>
+ <Property name="BackLinksEnabled">true</Property>
+ </UserStoreManager-->
+
+ <!-- If product is using an external LDAP as the user store in read/write mode, use following user manager
+ In case if user core cache domain is needed to identify uniquely set property <Property name="UserCoreCacheIdentifier">domain</Property>
+ -->
+ <!--UserStoreManager class="org.wso2.carbon.user.core.ldap.ReadWriteLDAPUserStoreManager">
+ <Property name="ConnectionURL">ldap://localhost:10389</Property>
+ <Property name="ConnectionName">uid=admin,ou=system</Property>
+ <Property name="ConnectionPassword">secret</Property>
+ <Property name="passwordHashMethod">SHA</Property>
+ <Property name="UserNameListFilter">(objectClass=person)</Property>
+ <Property name="UserEntryObjectClass">inetOrgPerson</Property>
+ <Property name="UserSearchBase">ou=system</Property>
+ <Property name="UserNameSearchFilter">(&(objectClass=person)(uid=?))</Property>
+ <Property name="UserNameAttribute">uid</Property>
+ <Property name="UsernameJavaRegEx">^[^~!@#$;%^*+={}\\|\\\\<>]{3,30}$</Property>
+ <Property name="UsernameJavaScriptRegEx">^[\\S]{3,30}$</Property>
+ <Property name="RolenameJavaScriptRegEx">^[\\S]{3,30}$</Property>
+ <Property name="RolenameJavaRegEx">^[^~!@#$;%^*+={}\\|\\\\<>]{3,30}$</Property>
+ <Property name="PasswordJavaScriptRegEx">^[\\S]{5,30}$</Property>
+ <Property name="ReadLDAPGroups">true</Property>
+ <Property name="WriteLDAPGroups">true</Property>
+ <Property name="EmptyRolesAllowed">false</Property>
+ <Property name="GroupSearchBase">ou=system</Property>
+ <Property name="GroupNameListFilter">(objectClass=groupOfNames)</Property>
+ <Property name="GroupEntryObjectClass">groupOfNames</Property>
+ <Property name="GroupNameSearchFilter">(&(objectClass=groupOfNames)(cn=?))</Property>
+ <Property name="GroupNameAttribute">cn</Property>
+ <Property name="MembershipAttribute">member</Property>
+ <Property name="UserRolesCacheEnabled">true</Property>
+ <Property name="ReplaceEscapeCharactersAtUserLogin">true</Property>
+ </UserStoreManager-->
+
+ <!-- Following user manager is used by Identity Server (IS) as its default user manager.
+ IS will do token replacement when building the product. Therefore do not change the syntax.
+ If "kdcEnabled" parameter is true, IS will allow service principle management. Thus "ServicePasswordJavaRegEx", "ServiceNameJavaRegEx"
+ properties control the service name format and service password formats.
+ In case if user core cache domain is needed to identify uniquely set property <Property name="UserCoreCacheIdentifier">domain</Property>
+ -->
+ <!--ISUserStoreManager class="org.wso2.carbon.user.core.ldap.ReadWriteLDAPUserStoreManager">
+ <Property name="defaultRealmName">WSO2.ORG</Property>
+ <Property name="kdcEnabled">false</Property>
+ <Property name="ConnectionURL">ldap://localhost:${Ports.EmbeddedLDAP.LDAPServerPort}</Property>
+ <Property name="ConnectionName">uid=admin,ou=system</Property>
+ <Property name="ConnectionPassword">admin</Property>
+ <Property name="passwordHashMethod">SHA</Property>
+ <Property name="UserNameListFilter">(objectClass=person)</Property>
+ <Property name="UserEntryObjectClass">scimPerson</Property>
+ <Property name="UserSearchBase">ou=Users,dc=wso2,dc=org</Property>
+ <Property name="UserNameSearchFilter">(&(objectClass=person)(uid=?))</Property>
+ <Property name="UserNameAttribute">uid</Property>
+ <Property name="PasswordJavaScriptRegEx">^[\\S]{5,30}$</Property>
+ <Property name="ServicePasswordJavaRegEx">^[\\S]{5,30}$</Property>
+ <Property name="ServiceNameJavaRegEx">^[\\S]{2,30}/[\\S]{2,30}$</Property>
+ <Property name="UsernameJavaScriptRegEx">^[\\S]{3,30}$</Property>
+ <Property name="UsernameJavaRegEx">^[^~!@#$;%^*+={}\\|\\\\<>,\'\"]{3,30}$</Property>
+ <Property name="RolenameJavaScriptRegEx">^[\\S]{3,30}$</Property>
+ <Property name="RolenameJavaRegEx">^[^~!@#$;%^*+={}\\|\\\\<>,\'\"]{3,30}$</Property>
+ <Property name="ReadLDAPGroups">true</Property>
+ <Property name="WriteLDAPGroups">true</Property>
+ <Property name="EmptyRolesAllowed">true</Property>
+ <Property name="GroupSearchBase">ou=Groups,dc=wso2,dc=org</Property>
+ <Property name="GroupNameListFilter">(objectClass=groupOfNames)</Property>
+ <Property name="GroupEntryObjectClass">groupOfNames</Property>
+ <Property name="GroupNameSearchFilter">(&(objectClass=groupOfNames)(cn=?))</Property>
+ <Property name="GroupNameAttribute">cn</Property>
+ <Property name="MembershipAttribute">member</Property>
+ <Property name="UserRolesCacheEnabled">true</Property>
+ <Property name="UserDNPattern">uid={0},ou=Users,dc=wso2,dc=org</Property>
+ <Property name="SCIMEnabled">true</Property>
+ </ISUserStoreManager-->
+
+ <AuthorizationManager
+ class="org.wso2.carbon.user.core.authorization.JDBCAuthorizationManager">
+ <Property name="AdminRoleManagementPermissions">/permission</Property>
+ <Property name="AuthorizationCacheEnabled">true</Property>
+ </AuthorizationManager>
+ </Realm>
+</UserManager>
+
+<!--*******Description of some of the configuration properties used in user-mgt.xml*********************************
+UserRolesCacheEnabled - This is to indicate whether to cache role list of a user. By default it is set to true.
+ You may need to disable it if user-roles are changed by external means and need to reflect
+ those changes in the carbon product immediately.
+
+ReplaceEscapeCharactersAtUserLogin - This is to configure whether escape characters in user name needs to be replaced at user login.
+ Currently the identified escape characters that needs to be replaced are '\' & '\\'
+
+UserDNPattern - This property will be used when authenticating users. During authentication we do a bind. But if the user is login with
+ email address or some other property we need to first lookup LDAP and retreive DN for the user. This involves an additional step.
+ If UserDNPattern is specified the DN will be contructed using the pattern specified in this property. Performance of this is much better than looking
+ up DN and binding user.
+
+passwordHashMethod - This says how the password should be stored. Allowed values are as follows,
+ SHA - Uses SHA digest method
+ MD5 - Uses MD 5 digest method
+ PLAIN_TEXT - Plain text passwords
+ In addition to above this supports all digest methods supported by http://docs.oracle.com/javase/6/docs/api/java/security/MessageDigest.html.
+
+-->