WSO2 Con for all.

WSO2 con is probably the biggest open source IT event happening in Sri Lanka. Apart from the other open source events that took place in the past like FOSSSL and Apache Con Asia, WSO2 Con is the only IT conference that brings together industry leaders from around the world to share their knowledge and experiences in Sri Lanka. 

Modeled after Apache Con, WSO2 Con has added tutorial tracks to the conference this year in addition to speaker sessions and key notes. Just like it was in last year, some greats in the industry will be delivering keynotes. Also some fantastic sessions have been lined up to share experiences in building open source middleware and solving integration problems using those software.

If you want to dive deep and learn stuff hands on , don’t miss the tutorial tracks. There is nothing like learning from someone who has actually been there and done it.

Add to that the great food that will be served, you are in for an event you will remember.

Find out more about WSo2 Con at http://wso2.com/events/wso2con-2011-colombo/

 

?xsd option added to WSF/PHP

?xsd is an standard option to serve an xsd file imported within a wsdl. This was a missing feature in WSF/PHP. In WSF/PHP automatic wsdl generation, it does not generate additional xsds which are imported by the wsdl and hence this option would not be required. However, with wsdl mode, you could have additional xsds imported in the wsdl. Now you can obtain these xsds with the option ?xsd=xsdfilename.xsd.

How to statically serve a wsdl with WSF/PHP.

WSF/PHP has two modes of operations. When using wsdl mode, you will always start with a wsdl and hence, that wsdl will be served for ?wsdl request. On the other hand, you can write a service with annotations and the corresponding wsdl will be generated for you. However, when using the xml-in-out mode with WSMessage object as the input and output parameter for the operation, its better to be able to serve a wsdl that is saved in the server since auto generated wsdl’s schema might not match the operation accepted xml.

Getting this done is quite simple. all you need to do is to set the option “omitProcesswsdl” in WSService operations array to true. 

$opParams = array("testFunction"=>"WSMESSAGE"); $service = new WSService(array(  "wsdl"=>"mystaticwsdl.wsdl",         "omitProcesswsdl"=>TRUE,         "opParams"=>$opParams,         "operations" => $operations,         "actions"=>$actions );

By specifying omitProcesswsdl, you can prevent WSF/PHP from trying to process the operation as a WSDL Mode operation. Also note that you would need to set your function as of type WSMESSAGE by using opParams. This is a work about which is not required for current svn trunk.

 

WSO2 Web Services Framework for PHP 2.1.0 Released

We are pleased to announce the release of v2.1.0 of  wso2 wsf/php. This release comes after quite some time since the 2.0.0 release was back in late 2008. Since then a lot of changes have token place in the underlying code base of WSF/PHP. The WS-Security handling has been improved and updated and that functionality is now available with this release of WSF/PHP. In addition to that, this release is built and tested for PHP 5.3. Many users have been querying about a PHP 5.3 compatible release for a while and with this release, all the issues users had with installing and running on php 5.3 will be solved.

You can download the release from http://wso2.org/downloads/wsf/php.

You can find the complete release note here.

https://svn.wso2.org/repos/wso2/branches/wsf/php/2.1.0/NEWS

Enjoy WSO2 WSF/PHP 2.1.0.

Configure https with WS-Security

Using WS-Security Username Token alone with Transport level security, HTTPS, is quite common. By default, Username token is used with WS-Security Signature. Lets look at how to configure WS-Security Username Token with WSF/PHP.

Since, by default, WSF/PHP tries to sign the username token credentials, you would need to specify client certificate and the private key for configuring Username Token.

e.g

$security_options = array("useUsernameToken" => TRUE );

$policy = new WSPolicy(array("security" => $security_options));

$security_token = new WSSecurityToken(array("user" => "Raigama",
                                            "password" => "RaigamaPW",
                                            "passwordType" => "Digest",
                                            "privateKey" => $my_key,
                                              "certificate" => $my_cert));

I have copied a code snippet from the username token sample. As you can see, we are only configuring username token by using the option useUsernameToken in the policy configuration. However, for the WSSecurityToken configuration, I have passed both the “privateKey” option and “certificate” option. The private key refer to the client’s private key and certificate refer to client’s certificate which contains the public key of the client.  This is because, by default, UsernameToken uses signature to enhance security of username token.

Often you would need to use https transport and plaintext username password instead of a signed username token.  You can easily enable this option by specifying a policy file and an empty transportBinding element within it as follows.

<wsp:Policy xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"
    xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">
    <wsp:ExactlyOne>
        <wsp:All>
            <sp:TransportBinding>
                <wsp:Policy>
                </wsp:Policy>
            </sp:TransportBinding>
            <sp:SignedSupportingTokens>
                <wsp:Policy>
                    <sp:UsernameToken
                        sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient">
                        <wsp:Policy>
                            <sp:WssUsernameToken10 />
                        </wsp:Policy>
                    </sp:UsernameToken>
                </wsp:Policy>
            </sp:SignedSupportingTokens>
        </wsp:All>
    </wsp:ExactlyOne>
</wsp:Policy>

Now create the WSPolicy object by using the policy file.

$policy = new WSPolicy($policy_string);

In the WSClient options change “to” endpoint from “http” to “https” and specify the “CACert” option.

How to configure https for Apache2.2 and consume PHP web services over https

Step 1.

Create a Certificate Authority, CA.

openssl genrsa -des3 -out ca.key 4096
openssl req -new -x509 -days 365 -key ca.key -out ca.crt

Now we have a certificate authority certificate to sign the certificate for the server.

Step 2.

Generate a key for the server.

openssl genrsa -des3 -out server.key 4096

Generate a certificate signing request

openssl req -new -key server.key -out server.csr

Optional step : remove the passphrase from the key

Rename server.key to server.key.bac.

openssl rsa -in server.key.bac -out server.key

Step3.

Sign the generated key with certificate authority

openssl x509 -req -days 365 -in server.csr -CA ca.crt -CAkey ca.key -set_serial 01 -out server.crt

Now we have the necessary keys and certificates to configure Apache2.2 server to enable https

Step4.

copy the generated keys, certificates to a directory named keys under the conf directory.

Uncomment ssl module and ssl configuration file in httpd.conf.

LoadModule ssl_module modules/mod_ssl.so

Include conf/extra/httpd-ssl.conf

Step 5.

configure https in httpd-ssl.conf file located in conf/extra directory. Use the default settings and specify the following Files to match your local settings.

SLCertificateFile "F:/Apache2.2/conf/keys/server.crt"

SSLCertificateKeyFile "F:/Apache2.2/conf/keys/server.key"

SSLCACertificateFile "F:/Apache2.2/conf/keys/ca.crt"

#SSLVerifyClient require

SSLVerifyDepth 1

SSLVerifyClient and SSLVerifyDepth options would only be required, if you want the client to authenticate to the server using a certificate and a passphrase.

Now you have successfully configured https for your server.

When connecting to the server, you can obtain the servers certificate by using openssl.

openssl s_client –connect localhost:443 > scert.pem

Now open the scert.pem and remove the unnecessary. Only the content within the -----BEGIN CERTIFICATE----- and -----END CERTIFICATE----- needed for the certificate. You certificate would look like

-----BEGIN CERTIFICATE-----

-----END CRETIFICATE-----

Step 6.

Now we can connect to a service deployed in Apache server using https and consume it.

$client = new WSClient(array(“to”=>”https://localhost/webservices/service1.php”,

                                                “CACert”=>”cert.pem”));

$response = $client->request($input);

Much more detailed discussion on implementing https alone with Axis2/C is available here.

BAM Tool for PHP

Business Activity Monitoring (BAM), open source tool, can be used to monitor PHP Web services as well.

You can use the generic mode of the tool and monitor Web services as well as all PHP deployments in general.

Here is an article on Business Activity Monitoring - An Introduction to learn more about BAM

SOA Workshop

Here is an opportunity to get hands on experience on implementing SOA.

 

 

 

 

 

 

 

 

 

 

 

 

You can find more details here. http://ww2.wso2.org/~nandika/soa-workshop.pdf. and of course visit http://wso2.com to register.

Common Issue with Certificates created on Windows

One of the common issues faced when dealing with certificates for doing SSL communication or WS-Security is that the certificates created on windows does not work on Linux. This is due to the addition of Windows Specific characters to the certificate. I have seen so many users struggle to get SSL/HTTPS working due to this problem.

So easiest thing to do, if you want to run a client with HTTPS on Linux with a certificate created on windows, just do a dos2unix on the certificate.  :)

This should help you save a lot of time.

Building WSF/PHP with PHP 5.3.0

Since the release of PHP5.3.0 number of requests were there inquiring the compatibility of WSF/PHP with PHP 5.3.0.  I tried it out on windows and I only encountered minor issues. These issues are now fixed on the svn trunk. Here is how you can build WSF/PHP from the svn source to use with PHP 5.3.0.

First download both PHP 5.3.0 source and binary distributions from php.net. You will also need to download the binary tools such as bison.exe which are required to build the PHP source.

Next you need to run the buildconf.bat contained with the php source in order to build the windows specific headers.

Now you are ready to build wsf/php for php 5.3.0.

Get the svn source of wsf/php from  https://wso2.org/repos/wso2/trunk/wsf/php.

svn co http://wso2.org/repos/wso2/trunk/wsf/php wsfphp

Now cd to wsfphp directory and open the configure.in file and set php configurations as follows.

PHP_SRC_DIR = E:\php\php-5.3.0
PHP_BIN_DIR = E:\php\php-5.3.0-Win32
BINDLIB_DIR = E:\php\bindlib-cvs-vc8

Of course you need to set the other dependencies according to your machine configurations.

Now run the build.bat file. This will build wsf/php binary for php 5.3.0

Servey: Tools for PHP Web Services?

This is a servery to find out, what PHP progremmers need the most when it comes to dealing with Web services.

Please feel free to comment on this blog post.

What is your wishlist when it comes to PHP Web servies? What tools are you looking for?

How about something similar to PHP MyAdmin for PHP Web services? Point to the service, and just use it?

What about hosting? Do you have trhoube consuming services from hosted PHP instances?

What about IDE integration? Would you like it to be intergated with, say, Eclipse?

Feel free to let us know.

WSO2 WSF/CPP 2.0.0 Released

WSO2 WSF/CPP 1.0.0 was released sometime back with the intention of providing a C++ API for C++ developers while leveraging the capabilities of WSF/C Web Services Stack. It only had the Client API. With this new release,the product has been significantly enhanced with the addition of a Service API, Code Generation support for C++, and Many WS-Security features. WSF/C++ can be deployed on both Apache2, and IIS. Also it has the stand alone http server as well. You can download WSF/C++ from http://wso2.org/downloads/wsf/cpp.

Here is the complete release note.

 

WSO2 Web Services Framework for C++ (WSO2 WSF/C++) 2.0.0 Released

=================================================================

WSO2 WSF/C++ team is pleased to announce the release of WSO2 WSF/C++ 2.0.0.

You can download this release from: http://wso2.org/downloads/wsf/cpp

WSO2 Web Services Framework for C++ (WSO2 WSF/C++) is a standards compliant, enterprise

grade, open source, C++ library for providing and consuming Web services in C++, based on the popular,

WSO2 WSF/C library.

Project home page:

http://wso2.org/projects/wsf/cpp

-------------

Key Features

=============

1. Client API to consume Web services

      * ServiceClient class with one-way and two-way service invocation support

        for SOAP 1.1, and SOAP 1.2.

      * Options class to facilitate configuring the client for both SOAP and REST options.

2. Service API to provide Web Services

      * ServiceSkeleton class to extend from to implement services.

2. Attachments with MTOM

      * Binary optimized

      * Non-optimized (Base64 binary)

      * Attachment Caching Support

3. WS-Addressing

      * Version 1.0

      * Submission

4. WSPolicy

5. WS-Security

      * Username Token

      * Timestamp Token

      *  Signing

      *  Encryption

      * WS-SecurityPolicy based configuration 

      * Reply detection

      * WS-Trust

      * WS-Secure Conversation  

6. Code generation Tool

      * By providing a wsdl and options, generate client stubs and service skeletons

        in C++ using the code generation tool.

7. SSL enabled transport layer

8. WS-Reliable Messaging

9. Has all the capabilities available from WSF/C library.

--------------------------------

Major Changes Since Last Release

================================

1. Service API which enable implementing services in C++.

2. Code Generation tool for C++.

3. Documentation Improved.

4. WS-Security Additions including

    * WS-Secure Conversation

    * Replay Detection

5. Many bug fixes.

-------------------

Known Issues

-------------------

Dual channel scenarios could cause crash issues.

-------------------

Reporting Problems

===================

Issues can be reported using the public JIRA available at:

https://wso2.org/jira/browse/WSFCPP

----------------------

Contact Us

===========

Please subscribe to our user or developer mailing lists. For details on how

to subscribe please visit: http://wso2.org/mail

We welcome your early feedback on this implementation.

Thank you for your interest in WSO2 WSF/C++.

-- WSO2 WSF/C++ Team --

Free Live Online Training

WOS2 is offering a live online training session for WSF/PHP free of charge this week. This is a one time offer. So hurry up and register now if you are willing to participate.

To register , visit www.wso2.com