Monthly Archives: March 2013

Website hacking XSS attack

Leave a comment

Posted by on March 21, 2013 in Other



Get Android SDK up and running on Netbeans

1 Comment

Posted by on March 20, 2013 in Android App


Tags: ,

JConsole with Cassandra DB

Most of the people cannot find the way to connect to the Cassandra DB process through the JConsole. Let me explain how to do in simple way.

1. First you have to download the Cassandra DB and do the following changes on $Cassandra_Home/conf/



2. Now Start the Cassandra DB now you can connect to the Cassandra Process through the JConsole.

URL – service:jmx:rmi:///jndi/rmi://:7199/jmxrmi
ex/ service:jmx:rmi:///jndi/rmi://


You don’t need to put Username and Password to connect.



Posted by on March 7, 2013 in java, Other


Tags: ,

How to attach JProfiler with WSO2 Products

JProfiler is very useful software for developers to monitor the memory usage, CPU usage, etc. of Java program. With in this post I’ll explain how to attached the JProfiler to the Carbon products. I’ll take latest Identity server 4.1.0 version as a Carbon product.

1. First thing is you need to download the JProfiler and install in to your machine. I have downloaded the JProfiler and installed in the following location.


2. Then you have to put the following line into the file located at $IS_HOME/repository/bin/

-agentpath:/home/dinuka/jprofiler7/bin/linux-x64/ \


3.Now go to $IS_HOME/repository/bin and start the


You can see Its waiting for connection from JProfiler.

4. Go to the location of JProfiler “/home/dinuka/jprofiler7/bin” and run the “jprofiler” file to start the JProfiler



Now go to Session->Start Center and select the tab “New Session” then click New Session


Select “Attach to Profiled JVM (local or remote)” and fill the details of Identity Server then click ok


5. You can select one of the following categories (Instrumentation or Sampling)



Then you can see Identity Server is Starting up.


Now JProfiler is connected Successfully


1 Comment

Posted by on March 5, 2013 in Identity Server, java, Other, wso2


Tags: , ,

Cassandra DB as Secondary user store in IS

The Apache Cassandra database is the right choice when you need scalability and high availability without compromising performance. So now the Cassandra User Store manager is available in IS from 4.1.0 release and we support the multiple credentials with Cassandra DB.

What is multiple credential support? see the following picture you can take some idea about this.
multiple credentials

Lets look at the configuration of Cassandra user as a secondary user store.

1. Extract the Cassandra DB and edit the following file $Cassandra_Home/conf/cassandra.yaml
Replace the following values with existing directory

data_file_directories: /home/dinuka/cassandra/data
commitlog_directory: /home/dinuka/cassandra/commitlog
saved_caches_directory: /var/lib/cassandra/saved_caches

2. Go to $Cassandra_Home/bin and run the cassandra file to start the Cassandra DB

3. Go to $IS_HOME/repository/conf/carbon.xml and do the following changes.
Enable HTTP transport for All Admin Services
i. Please uncomment following element


Enable Email usernames support
i. Please uncomment following element


4. Now you need to go to $IS_HOME/repository/conf/user-mgt.xml and do the configuration as follows. I’m running IS and Cassandra both in Same machine.

     <UserStoreManager class="org.wso2.carbon.user.core.ldap.ReadWriteLDAPUserStoreManager">
            <Property name="defaultRealmName">WSO2.ORG</Property>
            <Property name="kdcEnabled">false</Property>
            <Property name="ConnectionURL">ldap://localhost:${Ports.EmbeddedLDAP.LDAPServerPort}</Property>
            <Property name="ConnectionName">uid=admin,ou=system</Property>
            <Property name="ConnectionPassword">admin</Property>
            <Property name="passwordHashMethod">SHA</Property>
            <Property name="UserNameListFilter">(objectClass=person)</Property>
            <Property name="UserEntryObjectClass">identityPerson</Property>
            <Property name="UserSearchBase">ou=Users,dc=wso2,dc=org</Property>
            <Property name="UserNameSearchFilter">(&amp;(objectClass=person)(uid=?))</Property>
            <Property name="UserNameAttribute">uid</Property>
            <Property name="PasswordJavaScriptRegEx">^[\\S]{5,30}$</Property>
	    <Property name="ServicePasswordJavaRegEx">^[\\S]{5,30}$</Property>
	    <Property name="ServiceNameJavaRegEx">^[\\S]{2,30}/[\\S]{2,30}$</Property>
            <Property name="UsernameJavaScriptRegEx">^[\\S]{3,30}$</Property>
            <Property name="UsernameJavaRegEx">[a-zA-Z0-9._-|//]{3,30}$</Property>
            <Property name="RolenameJavaScriptRegEx">^[\\S]{3,30}$</Property>
            <Property name="RolenameJavaRegEx">[a-zA-Z0-9._-|//]{3,30}$</Property>
	    <Property name="ReadLDAPGroups">true</Property>
	    <Property name="WriteLDAPGroups">true</Property>
	    <Property name="EmptyRolesAllowed">true</Property>
            <Property name="GroupSearchBase">ou=Groups,dc=wso2,dc=org</Property>
            <Property name="GroupNameListFilter">(objectClass=groupOfNames)</Property>
	    <Property name="GroupEntryObjectClass">groupOfNames</Property>
            <Property name="GroupNameSearchFilter">(&amp;(objectClass=groupOfNames)(cn=?))</Property>
            <Property name="GroupNameAttribute">cn</Property>
            <Property name="MembershipAttribute">member</Property>
            <Property name="UserRolesCacheEnabled">true</Property>
	    <Property name="UserDNPattern">uid={0},ou=Users,dc=wso2,dc=org</Property>
	    <Property name="SCIMEnabled">true</Property>
	    <Property name="maxFailedLoginAttempt">0</Property>

	<UserStoreManager class="org.wso2.carbon.user.cassandra.CassandraUserStoreManager">
		<Property name="Keyspace">User_KS</Property>
		<Property name="Host">localhost</Property>
		<Property name="Port">9160</Property>
		<Property name="PasswordDigest">SHA-256</Property>
		<Property name="StoreSaltedPassword">true</Property>
		<Property name="AuthenticateWithAnyCredential">true</Property>
		<Property name="DomainName">multipleCredentialUserStoreDomain</Property>
			<Credential type="Default">org.wso2.carbon.user.cassandra.credentialtypes.EmailCredential</Credential>
			<Credential type="Email">org.wso2.carbon.user.cassandra.credentialtypes.EmailCredential</Credential>
			<Credential type="PhoneNumber">org.wso2.carbon.user.cassandra.credentialtypes.PhoneNumberCredential</Credential>
			<Credential type="Device">org.wso2.carbon.user.cassandra.credentialtypes.DeviceCredential</Credential>
			<Credential type="External">org.wso2.carbon.user.cassandra.credentialtypes.ExternalProviderCredential</Credential>

5. Now you successfully done the configuration for secondary user store. for more details follow this configuration doc.

6. You can use the MultipleCredentialsUserAdmin service and write your own Java client to talk to IS and authenticate the users. IS 4.1.0 doesn’t support the UI functionality but it will be available with future releases.

7. I have created some Jmeter client to talk to IS to authenticate the users with multiple can download it here.


Leave a comment

Posted by on March 4, 2013 in Identity Server, java, Other, wso2


Tags: , , ,

%d bloggers like this: