diff --git a/config/bin/iot-server.sh b/config/bin/iot-server.sh new file mode 100644 index 0000000..c4b7f03 --- /dev/null +++ b/config/bin/iot-server.sh @@ -0,0 +1,383 @@ +#!/bin/sh +# ---------------------------------------------------------------------------- +# Copyright 2005-2012 WSO2, Inc. http://www.wso2.org +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# ---------------------------------------------------------------------------- +# Main Script for the WSO2 Carbon Server +# +# Environment Variable Prequisites +# +# CARBON_HOME Home of WSO2 Carbon installation. If not set I will try +# to figure it out. +# +# JAVA_HOME Must point at your Java Development Kit installation. +# +# JAVA_OPTS (Optional) Java runtime options used when the commands +# is executed. +# +# NOTE: Borrowed generously from Apache Tomcat startup scripts. +# ----------------------------------------------------------------------------- + +# OS specific support. $var _must_ be set to either true or false. +#ulimit -n 100000 + +cygwin=false; +darwin=false; +os400=false; +mingw=false; +case "`uname`" in +CYGWIN*) cygwin=true;; +MINGW*) mingw=true;; +OS400*) os400=true;; +Darwin*) darwin=true + if [ -z "$JAVA_VERSION" ] ; then + JAVA_VERSION="CurrentJDK" + else + echo "Using Java version: $JAVA_VERSION" + fi + if [ -z "$JAVA_HOME" ] ; then + JAVA_HOME=/System/Library/Frameworks/JavaVM.framework/Versions/${JAVA_VERSION}/Home + fi + ;; +esac + +# resolve links - $0 may be a softlink +PRG="$0" + +while [ -h "$PRG" ]; do + ls=`ls -ld "$PRG"` + link=`expr "$ls" : '.*-> \(.*\)$'` + if expr "$link" : '.*/.*' > /dev/null; then + PRG="$link" + else + PRG=`dirname "$PRG"`/"$link" + fi +done + +# Get standard environment variables +PRGDIR=`dirname "$PRG"` + +# Only set CARBON_HOME if not already set +[ -z "$CARBON_HOME" ] && CARBON_HOME=`cd "$PRGDIR/.." ; pwd` + +# Set AXIS2_HOME. Needed for One Click JAR Download +AXIS2_HOME="$CARBON_HOME" + +# For Cygwin, ensure paths are in UNIX format before anything is touched +if $cygwin; then + [ -n "$JAVA_HOME" ] && JAVA_HOME=`cygpath --unix "$JAVA_HOME"` + [ -n "$CARBON_HOME" ] && CARBON_HOME=`cygpath --unix "$CARBON_HOME"` + [ -n "$AXIS2_HOME" ] && CARBON_HOME=`cygpath --unix "$CARBON_HOME"` +fi + +# For OS400 +if $os400; then + # Set job priority to standard for interactive (interactive - 6) by using + # the interactive priority - 6, the helper threads that respond to requests + # will be running at the same priority as interactive jobs. + COMMAND='chgjob job('$JOBNAME') runpty(6)' + system $COMMAND + + # Enable multi threading + QIBM_MULTI_THREADED=Y + export QIBM_MULTI_THREADED +fi + +# For Migwn, ensure paths are in UNIX format before anything is touched +if $mingw ; then + [ -n "$CARBON_HOME" ] && + CARBON_HOME="`(cd "$CARBON_HOME"; pwd)`" + [ -n "$JAVA_HOME" ] && + JAVA_HOME="`(cd "$JAVA_HOME"; pwd)`" + [ -n "$AXIS2_HOME" ] && + CARBON_HOME="`(cd "$CARBON_HOME"; pwd)`" + # TODO classpath? +fi + +if [ -z "$JAVACMD" ] ; then + if [ -n "$JAVA_HOME" ] ; then + if [ -x "$JAVA_HOME/jre/sh/java" ] ; then + # IBM's JDK on AIX uses strange locations for the executables + JAVACMD="$JAVA_HOME/jre/sh/java" + else + JAVACMD="$JAVA_HOME/bin/java" + fi + else + JAVACMD=java + fi +fi + +if [ ! -x "$JAVACMD" ] ; then + echo "Error: JAVA_HOME is not defined correctly." + echo " CARBON cannot execute $JAVACMD" + exit 1 +fi + +# if JAVA_HOME is not set we're not happy +if [ -z "$JAVA_HOME" ]; then + echo "You must set the JAVA_HOME variable before running CARBON." + exit 1 +fi + +if [ -e "$CARBON_HOME/wso2carbon.pid" ]; then + PID=`cat "$CARBON_HOME"/wso2carbon.pid` +fi + +# ----- Process the input command ---------------------------------------------- +args="" +for c in $* +do + if [ "$c" = "--debug" ] || [ "$c" = "-debug" ] || [ "$c" = "debug" ]; then + CMD="--debug" + continue + elif [ "$CMD" = "--debug" ]; then + if [ -z "$PORT" ]; then + PORT=$c + fi + elif [ "$c" = "--stop" ] || [ "$c" = "-stop" ] || [ "$c" = "stop" ]; then + CMD="stop" + elif [ "$c" = "--start" ] || [ "$c" = "-start" ] || [ "$c" = "start" ]; then + CMD="start" + elif [ "$c" = "--version" ] || [ "$c" = "-version" ] || [ "$c" = "version" ]; then + CMD="version" + elif [ "$c" = "--restart" ] || [ "$c" = "-restart" ] || [ "$c" = "restart" ]; then + CMD="restart" + elif [ "$c" = "--test" ] || [ "$c" = "-test" ] || [ "$c" = "test" ]; then + CMD="test" + elif [ "$c" = "--optimize" ] || [ "$c" = "-optimize" ] || [ "$c" = "optimize" ]; then + for option in $*; do + if [ "$option" = "--skipConfigOptimization" ] || [ "$option" = "-skipConfigOptimization" ] || + [ "$option" = "skipConfigOptimization" ]; then + passedSkipConfigOptimizationOption=true + echo "Passed skipConfigOptimization Option: $passedSkipConfigOptimizationOption" + fi + done + + for profile in $*; do + case "$profile" in + *Dprofile=*) + cd $(dirname "$0") + if [ "$passedSkipConfigOptimizationOption" = true ]; then + sh profileSetup.sh $profile --skipConfigOptimization + else + sh profileSetup.sh $profile + fi + echo "Starting the server..." + ;; + esac + done + else + args="$args $c" + fi +done + +if [ "$CMD" = "--debug" ]; then + if [ "$PORT" = "" ]; then + echo " Please specify the debug port after the --debug option" + exit 1 + fi + if [ -n "$JAVA_OPTS" ]; then + echo "Warning !!!. User specified JAVA_OPTS will be ignored, once you give the --debug option." + fi + CMD="RUN" + JAVA_OPTS="-Xdebug -Xnoagent -Djava.compiler=NONE -Xrunjdwp:transport=dt_socket,server=y,suspend=y,address=$PORT" + echo "Please start the remote debugging client to continue..." +elif [ "$CMD" = "start" ]; then + if [ -e "$CARBON_HOME/wso2carbon.pid" ]; then + if ps -p $PID > /dev/null ; then + echo "Process is already running" + exit 0 + fi + fi + export CARBON_HOME="$CARBON_HOME" +# using nohup sh to avoid erros in solaris OS.TODO + nohup sh "$CARBON_HOME"/bin/iot-server.sh $args > /dev/null 2>&1 & + exit 0 +elif [ "$CMD" = "stop" ]; then + export CARBON_HOME="$CARBON_HOME" + kill -term `cat "$CARBON_HOME"/wso2carbon.pid` + exit 0 +elif [ "$CMD" = "restart" ]; then + export CARBON_HOME="$CARBON_HOME" + kill -term `cat "$CARBON_HOME"/wso2carbon.pid` + process_status=0 + pid=`cat "$CARBON_HOME"/wso2carbon.pid` + while [ "$process_status" -eq "0" ] + do + sleep 1; + ps -p$pid 2>&1 > /dev/null + process_status=$? + done + +# using nohup sh to avoid erros in solaris OS.TODO + nohup sh "$CARBON_HOME"/bin/iot-server.sh $args > /dev/null 2>&1 & + exit 0 +elif [ "$CMD" = "test" ]; then + JAVACMD="exec "$JAVACMD"" +elif [ "$CMD" = "version" ]; then + cat "$CARBON_HOME"/bin/version.txt + cat "$CARBON_HOME"/bin/wso2carbon-version.txt + exit 0 +fi + +# ---------- Handle the SSL Issue with proper JDK version -------------------- +java_version=$("$JAVACMD" -version 2>&1 | awk -F '"' '/version/ {print $2}') +java_version_formatted=$(echo "$java_version" | awk -F. '{printf("%02d%02d",$1,$2);}') +if [ $java_version_formatted -lt 0107 ] || [ $java_version_formatted -gt 1100 ]; then + echo " Starting WSO2 Carbon (in unsupported JDK)" + echo " [ERROR] CARBON is supported only on JDK 1.7, 1.8, 9, 10 and 11" +fi + +CARBON_XBOOTCLASSPATH="" +for f in "$CARBON_HOME"/lib/xboot/*.jar +do + if [ "$f" != "$CARBON_HOME/lib/xboot/*.jar" ];then + CARBON_XBOOTCLASSPATH="$CARBON_XBOOTCLASSPATH":$f + fi +done + + +CARBON_CLASSPATH="" +if [ -e "$JAVA_HOME/lib/tools.jar" ]; then + CARBON_CLASSPATH="$JAVA_HOME/lib/tools.jar" +fi +for f in "$CARBON_HOME"/bin/*.jar +do + if [ "$f" != "$CARBON_HOME/bin/*.jar" ];then + CARBON_CLASSPATH="$CARBON_CLASSPATH":$f + fi +done +for t in "$CARBON_HOME"/lib/*.jar +do + CARBON_CLASSPATH="$CARBON_CLASSPATH":$t +done +for t in "$CARBON_HOME"/lib/endorsed/*.jar +do + CARBON_CLASSPATH="$CARBON_CLASSPATH":$t +done + + + +# For Cygwin, switch paths to Windows format before running java +if $cygwin; then + JAVA_HOME=`cygpath --absolute --windows "$JAVA_HOME"` + CARBON_HOME=`cygpath --absolute --windows "$CARBON_HOME"` + AXIS2_HOME=`cygpath --absolute --windows "$CARBON_HOME"` + CLASSPATH=`cygpath --path --windows "$CLASSPATH"` + CARBON_CLASSPATH=`cygpath --path --windows "$CARBON_CLASSPATH"` + CARBON_XBOOTCLASSPATH=`cygpath --path --windows "$CARBON_XBOOTCLASSPATH"` +fi + +# ----- Execute The Requested Command ----------------------------------------- + +echo JAVA_HOME environment variable is set to $JAVA_HOME +echo CARBON_HOME environment variable is set to "$CARBON_HOME" + +cd "$CARBON_HOME" + +TMP_DIR="$CARBON_HOME"/tmp +if [ -d "$TMP_DIR" ]; then +rm -rf "$TMP_DIR"/* +fi + +START_EXIT_STATUS=121 +status=$START_EXIT_STATUS + +if [ -z "$JVM_MEM_OPTS" ]; then + java_version=$("$JAVACMD" -version 2>&1 | awk -F '"' '/version/ {print $2}') + JVM_MEM_OPTS="-Xms256m -Xmx1024m" + if [ "$java_version" \< "1.8" ]; then + JVM_MEM_OPTS="$JVM_MEM_OPTS -XX:MaxPermSize=256m" + fi +fi +echo "Using Java memory options: $JVM_MEM_OPTS" + +#To monitor a Carbon server in remote JMX mode on linux host machines, set the below system property. +# -Djava.rmi.server.hostname="your.IP.goes.here" + +JAVA_VER_BASED_OPTS="" + + +if [ $java_version_formatted -ge 1100 ]; then + JAVA_VER_BASED_OPTS="--add-opens=java.base/java.net=ALL-UNNAMED --add-opens=java.base/java.lang=ALL-UNNAMED --add-opens java.rmi/sun.rmi.transport=ALL-UNNAMED" +fi + +while [ "$status" = "$START_EXIT_STATUS" ] +do + $JAVACMD \ + -Xbootclasspath/a:"$CARBON_XBOOTCLASSPATH" \ + $JVM_MEM_OPTS \ + -XX:+HeapDumpOnOutOfMemoryError \ + -XX:HeapDumpPath="$CARBON_HOME/repository/logs/heap-dump.hprof" \ + $JAVA_OPTS \ + -Dcom.sun.management.jmxremote \ + -classpath "$CARBON_CLASSPATH" \ + $JAVA_VER_BASED_OPTS \ + -Djava.io.tmpdir="$CARBON_HOME/tmp" \ + -Dcatalina.base="$CARBON_HOME/lib/tomcat" \ + -Dwso2.server.standalone=true \ + -Dcarbon.registry.root=/ \ + -Djava.command="$JAVACMD" \ + -Dcarbon.home="$CARBON_HOME" \ + -Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager \ + -Dcarbon.config.dir.path="$CARBON_HOME/repository/conf" \ + -Djava.util.logging.config.file="$CARBON_HOME/repository/conf/etc/logging-bridge.properties" \ + -Dcomponents.repo="$CARBON_HOME/repository/components/plugins" \ + -Dconf.location="$CARBON_HOME/repository/conf"\ + -Dcom.atomikos.icatch.file="$CARBON_HOME/lib/transactions.properties" \ + -Dcom.atomikos.icatch.hide_init_file_path=true \ + -Dorg.apache.jasper.compiler.Parser.STRICT_QUOTE_ESCAPING=false \ + -Dorg.apache.jasper.runtime.BodyContentImpl.LIMIT_BUFFER=true \ + -Dcom.sun.jndi.ldap.connect.pool.authentication=simple \ + -Dcom.sun.jndi.ldap.connect.pool.timeout=3000 \ + -Dorg.terracotta.quartz.skipUpdateCheck=true \ + -Djava.security.egd=file:/dev/./urandom \ + -Dfile.encoding=UTF8 \ + -Djava.net.preferIPv4Stack=true \ + -Dcom.ibm.cacheLocalHost=true \ + -Dorg.wso2.ignoreHostnameVerification=true \ + -Dorg.opensaml.httpclient.https.disableHostnameVerification=true \ + -Dhttpclient.hostnameVerifier=AllowAll \ + -DworkerNode=false \ + -DenableCorrelationLogs=false \ + -Dcarbon.new.config.dir.path="$CARBON_HOME/repository/resources/conf" \ + -Djavax.xml.xpath.XPathFactory:http://java.sun.com/jaxp/xpath/dom=net.sf.saxon.xpath.XPathFactoryImpl \ + -Diot.core.host="localhost" \ + -Diot.core.https.port="9443" \ + -Diot.core.http.port="9763" \ + -Diot.gateway.host="localhost" \ + -Diot.gateway.https.port="8243" \ + -Diot.gateway.http.port="8280" \ + -Diot.gateway.carbon.https.port="9443" \ + -Diot.gateway.carbon.http.port="9763" \ + -Diot.gateway.websocket.ws.port="9099" \ + -Diot.gateway.websocket.wss.port="8099" \ + -Diot.keymanager.host="localhost" \ + -Diot.keymanager.https.port="9443" \ + -Diot.remotesession.server.https.port="443" \ + -Diot.remotesession.server.host="${MGT_HOSTNAME}" \ + -Diot.apim.host="localhost" \ + -Diot.apim.https.port="9443" \ + -Dmqtt.broker.host="${MQTT_HOSTNAME}" \ + -Dmqtt.broker.port="1883" \ + -Denable-api-scopes-sharing="true" \ + -Dagent-bundle="org.wso2.carbon.emm.mdmagent" \ + -Diot.reporting.event.host="" \ + -Diot.reporting.webapp.host="" \ + -Diot.grafana.http.host="" \ + -Diot.grafana.https.host="" \ + org.wso2.carbon.bootstrap.Bootstrap $* + status=$? +done diff --git a/config/deployment.toml b/config/deployment.toml new file mode 100644 index 0000000..f9fcbcd --- /dev/null +++ b/config/deployment.toml @@ -0,0 +1,407 @@ +[server] +hostname = "${MGT_HOSTNAME}" +#offset=0 +base_path = "${carbon.protocol}://${carbon.host}:${carbon.management.port}" +#discard_empty_caches = false +server_role = "default" + +[database_configuration] +enable_h2_console = "true" + +[super_admin] +username = "${SUPER_ADMIN_USERNAME}" +password = "${SUPER_ADMIN_PASSWORD}" +create_admin_account = true + +[user_store] +type = "database_unique_id" + +[database.apim_db] +type = "mysql" +url = "jdbc:mysql://${DB_HOST}:3306/AM_DB?allowPublicKeyRetrieval=true&useSSL=false" +username = "${DB_USERNAME}" +password = "${DB_PASSWORD}" +driver = "com.mysql.cj.jdbc.Driver" + +[database.shared_db] +type = "mysql" +url = "jdbc:mysql://${DB_HOST}:3306/SHARED_DB?allowPublicKeyRetrieval=true&useSSL=false" +username = "${DB_USERNAME}" +password = "${DB_PASSWORD}" +driver = "com.mysql.cj.jdbc.Driver" + +[database.user] +type = "mysql" +url = "jdbc:mysql://${DB_HOST}:3306/UM_DB?allowPublicKeyRetrieval=true&useSSL=false" +username = "${DB_USERNAME}" +password = "${DB_PASSWORD}" +driver = "com.mysql.cj.jdbc.Driver" + +[keystore.tls] +file_name = "wso2carbon.jks" +type = "JKS" +password = "wso2carbon" +alias = "wso2carbon" +key_password = "wso2carbon" + +[identity_mgt.endpoint] +enable_self_signup_endpoint = false + +[web_app.listener] +class_name = ["io.entgra.device.mgt.core.apimgt.webapp.publisher.lifecycle.listener.APIPublisherLifecycleListener", "io.entgra.device.mgt.core.device.mgt.core.config.permission.lifecycle.WebAppDeploymentLifecycleListener"] + +#[keystore.primary] +#file_name = "wso2carbon.jks" +#type = "JKS" +#password = "wso2carbon" +#alias = "wso2carbon" +#key_password = "wso2carbon" + +#[keystore.internal] +#file_name = "wso2carbon.jks" +#type = "JKS" +#password = "wso2carbon" +#alias = "wso2carbon" +#key_password = "wso2carbon" + +[[apim.gateway.environment]] +name = "Default" +type = "hybrid" +display_in_api_console = true +description = "This is a hybrid gateway that handles both production and sandbox token traffic." +show_as_token_endpoint_url = true +service_url = "https://localhost:${mgt.transport.https.port}/services/" +username= "${admin.username}" +password= "${admin.password}" +ws_endpoint = "ws://${GATEWAY_HOSTNAME}:9099" +wss_endpoint = "wss://${GATEWAY_HOSTNAME}:8099" +http_endpoint = "http://${GATEWAY_HOSTNAME}" +https_endpoint = "https://${GATEWAY_HOSTNAME}" +websub_event_receiver_http_endpoint = "http://localhost:9021" +websub_event_receiver_https_endpoint = "https://localhost:8021" + +[apim.sync_runtime_artifacts.gateway] +gateway_labels =["Default"] + +#[apim.cache.gateway_token] +#enable = true +#expiry_time = "900s" + +#[apim.cache.resource] +#enable = true +#expiry_time = "900s" + +#[apim.cache.km_token] +#enable = false +#expiry_time = "15m" + +#[apim.cache.recent_apis] +#enable = false + +#[apim.cache.scopes] +#enable = true + +#[apim.cache.publisher_roles] +#enable = true + +#[apim.cache.jwt_claim] +#enable = true +#expiry_time = "15m" + +#[apim.cache.tags] +#expiry_time = "2m" + +#[apim.analytics] +#enable = false +#properties."publisher.reporter.class" = "io.entgra.api.analytics.data.publisher.CustomReporter" +#config_endpoint = "https://localhost:8080/auth/v1" +#auth_token = "" + +#[apim.key_manager] +#service_url = "https://localhost:9443/services/" +#username = "$ref{super_admin.username}" +#password = "$ref{super_admin.password}" +#pool.init_idle_capacity = 50 +#pool.max_idle = 100 +#key_validation_handler_type = "default" +#key_validation_handler_type = "custom" +#key_validation_handler_impl = "org.wso2.carbon.apimgt.keymgt.handlers.DefaultKeyValidationHandler" + +#[apim.idp] +#server_url = "https://localhost:${mgt.transport.https.port}" +#authorize_endpoint = "https://localhost:${mgt.transport.https.port}/oauth2/authorize" +#oidc_logout_endpoint = "https://localhost:${mgt.transport.https.port}/oidc/logout" +#oidc_check_session_endpoint = "https://localhost:${mgt.transport.https.port}/oidc/checksession" + +#[apim.jwt] +#enable = true +#encoding = "base64" # base64,base64url +#generator_impl = "org.wso2.carbon.apimgt.keymgt.token.JWTGenerator" +#claim_dialect = "http://wso2.org/claims" +#convert_dialect = false +#header = "X-JWT-Assertion" +#signing_algorithm = "SHA256withRSA" +#enable_user_claims = true +#claims_extractor_impl = "org.wso2.carbon.apimgt.impl.token.ExtendedDefaultClaimsRetriever" + +[apim.oauth_config] +# ------------------Enabled for IOT/EMM --------------------------- +enable_outbound_auth_header = true +#auth_header = "Authorization" +#revoke_endpoint = "https://localhost:${https.nio.port}/revoke" +#enable_token_encryption = false +#enable_token_hashing = false + +[apim.devportal] +url = "https://${MGT_HOSTNAME}/devportal" +#enable_application_sharing = false +#if application_sharing_type, application_sharing_impl both defined priority goes to application_sharing_impl +#application_sharing_type = "default" #changed type, saml, default #todo: check the new config for rest api +#application_sharing_impl = "org.wso2.carbon.apimgt.impl.SAMLGroupIDExtractorImpl" +#display_multiple_versions = false +#display_deprecated_apis = false +#enable_comments = true +#enable_ratings = true +#enable_forum = true +#enable_anonymous_mode=true +#enable_cross_tenant_subscriptions = true +#default_reserved_username = "apim_reserved_user" + +[apim.cors] +allow_origins = "*" +allow_methods = ["GET","PUT","POST","DELETE","PATCH","OPTIONS"] +allow_headers = ["authorization","Access-Control-Allow-Origin","Content-Type","SOAPAction","apikey","Internal-Key"] +allow_credentials = false + +#[apim.throttling] +#enable_data_publishing = true +#enable_policy_deploy = true +#enable_blacklist_condition = true +#enable_persistence = true +#throttle_decision_endpoints = ["tcp://${MANAGER_IP}:5672","tcp://${WORKER_IP}:5672"] +#event_duplicate_url = ["tcp://${MANAGER_IP}:5672"] + +#[apim.throttling.blacklist_condition] +#start_delay = "5m" +#period = "1h" + +#[apim.throttling.jms] +#start_delay = "5m" + +#[apim.throttling.event_sync] +#hostName = "0.0.0.0" +#port = 11224 + +#[apim.throttling.event_management] +#hostName = "0.0.0.0" +#port = 10005 + +#[[apim.throttling.url_group]] +#traffic_manager_urls = ["tcp://${MANAGER_IP}:9611","tcp://${WORKER_IP}:9611"] +#traffic_manager_auth_urls = ["ssl://${MANAGER_IP}:9711","ssl://${WORKER_IP}:9711"] +#type = "loadbalance" + +[apim.cache_invalidation] +enabled = true + +#[[apim.throttling.url_group]] +#traffic_manager_urls = ["tcp://localhost:9611","tcp://localhost:9611"] +#traffic_manager_auth_urls = ["ssl://localhost:9711","ssl://localhost:9711"] +#type = "failover" + +#[apim.workflow] +#enable = false +#service_url = "https://localhost:9445/bpmn" +#username = "$ref{super_admin.username}" +#password = "$ref{super_admin.password}" +#callback_endpoint = "https://localhost:${mgt.transport.https.port}/api/am/admin/v0.17/workflows/update-workflow-status" +#token_endpoint = "https://localhost:${https.nio.port}/token" +#client_registration_endpoint = "https://localhost:${mgt.transport.https.port}/client-registration/v0.17/register" +#client_registration_username = "$ref{super_admin.username}" +#client_registration_password = "$ref{super_admin.password}" + +#data bridge config +#[transport.receiver] +#type = "binary" +#worker_threads = 10 +#session_timeout = "30m" +#keystore.file_name = "$ref{keystore.tls.file_name}" +#keystore.password = "$ref{keystore.tls.password}" +#tcp_port = 9611 +#ssl_port = 9711 +#ssl_receiver_thread_pool_size = 100 +#tcp_receiver_thread_pool_size = 100 +#ssl_enabled_protocols = ["TLSv1","TLSv1.1","TLSv1.2"] +#ciphers = ["SSL_RSA_WITH_RC4_128_MD5","SSL_RSA_WITH_RC4_128_SHA"] + +#[apim.notification] +#from_address = "APIM.com" +#username = "APIM" +#password = "APIM+123" +#hostname = "localhost" +#port = 3025 +#enable_start_tls = false +#enable_authentication = true + +#[apim.token.revocation] +#notifier_impl = "org.wso2.carbon.apimgt.keymgt.events.TokenRevocationNotifierImpl" +#enable_realtime_notifier = true +#realtime_notifier.ttl = 5000 +#enable_persistent_notifier = true +#persistent_notifier.hostname = "https://localhost:2379/v2/keys/jti/" +#persistent_notifier.ttl = 5000 +#persistent_notifier.username = "root" +#persistent_notifier.password = "root" + +[[event_handler]] +name="userPostSelfRegistration" +subscriptions=["POST_ADD_USER"] + +[service_provider] +sp_name_regex = "^[\\sa-zA-Z0-9._-]*$" + +[database.local] +url = "jdbc:h2:./repository/database/WSO2CARBON_DB;DB_CLOSE_ON_EXIT=FALSE" + +[[event_listener]] +id = "token_revocation" +type = "org.wso2.carbon.identity.core.handler.AbstractIdentityHandler" +name = "org.wso2.is.notification.ApimOauthEventInterceptor" +order = 1 +[event_listener.properties] +notification_endpoint = "https://${KM_HOSTNAME}/internal/data/v1/notify" +username = "${admin.username}" +password = "${admin.password}" +'header.X-WSO2-KEY-MANAGER' = "default" + +[apim.sync_runtime_artifacts.gateway.skip_list] +apis = ["_TokenAPI_.xml", "_API_Application_Registration_.xml", "health-check.xml"] +sequences = ["_api_registration_fault_.xml"] + +[transport.https.properties] +maxHttpHeaderSize="16384" +proxyPort = 443 + +#[[transport.http.proxy_profile]] +#proxy_host = "10.12.0.4" +#proxy_port = "8080" +#target_hosts = ["*"] +# +#[[transport.http.secured_proxy_profile]] +#proxy_host = "10.12.0.4" +#proxy_port = "8080" +#target_hosts = ["*"] + +[transport.http.properties] +maxHttpHeaderSize="16384" + +[oauth.grant_type.jwt_bearer] +grant_handler="io.entgra.device.mgt.core.device.mgt.oauth.extensions.handlers.grant.ExtendedJWTGrantHandler" + +[[oauth.custom_grant_type]] +name="access_token" +grant_handler="io.entgra.device.mgt.core.device.mgt.oauth.extensions.handlers.grant.AccessTokenGrantHandler" +grant_validator="io.entgra.device.mgt.core.device.mgt.oauth.extensions.validators.AccessTokenGrantValidator" + +[oauth.token_renewal] +renew_refresh_token=false + +[admin_service.wsdl] +enable = false + +[mdm_ui_conf] +tags = ["device_management", "transport_management"] +scopes = ["perm:app:review:view", "perm:app:review:update", "perm:app:publisher:view", "perm:app:publisher:update", "perm:app:store:view", "perm:app:subscription:install", "perm:app:subscription:uninstall", "perm:admin:app:review:update", "perm:admin:app:review:view", "perm:admin:app:publisher:update", "perm:admin:app:review:update", "perm:admin:app:subscription:view", "perm:device-types:types", "perm:enterprise:modify", "perm:enterprise:view", "perm:android-work:customer", "perm:android-work:admin", "perm:application-command:modify", "perm:sign-csr", "perm:admin:devices:view", "perm:admin:topics:view", "perm:roles:add", "perm:roles:add-users", "perm:roles:update", "perm:roles:permissions", "perm:roles:details", "perm:roles:view", "perm:roles:create-combined-role", "perm:roles:delete", "perm:dashboard:vulnerabilities", "perm:dashboard:non-compliant-count", "perm:dashboard:non-compliant", "perm:dashboard:by-groups", "perm:dashboard:device-counts", "perm:dashboard:feature-non-compliant", "perm:dashboard:count-overview", "perm:dashboard:filtered-count", "perm:dashboard:details", "perm:get-activity", "perm:devices:delete", "perm:devices:applications", "perm:devices:effective-policy", "perm:devices:compliance-data", "perm:devices:features", "perm:devices:operations", "perm:devices:search", "perm:devices:details", "perm:devices:update", "perm:devices:view", "perm:view-configuration", "perm:manage-configuration", "perm:policies:remove", "perm:policies:priorities", "perm:policies:deactivate", "perm:policies:get-policy-details", "perm:policies:manage", "perm:policies:activate", "perm:policies:update", "perm:policies:changes", "perm:policies:get-details", "perm:users:add", "perm:users:details", "perm:users:count", "perm:users:delete", "perm:users:roles", "perm:users:user-details", "perm:users:credentials", "perm:users:search", "perm:users:is-exist", "perm:users:update", "perm:users:send-invitation", "perm:admin-users:view", "perm:admin:devices:update-enrollment", "perm:groups:devices", "perm:groups:update", "perm:groups:add", "perm:groups:device", "perm:groups:devices-count", "perm:groups:remove", "perm:groups:groups", "perm:groups:groups-view", "perm:groups:share", "perm:groups:count", "perm:groups:roles", "perm:groups:devices-remove", "perm:groups:devices-add", "perm:groups:assign", "perm:device-types:configs", "perm:device-types:features", "perm:device-types:types", "perm:applications:install", "perm:applications:uninstall", "perm:admin-groups:count", "perm:admin-groups:view", "perm:admin-groups:add", "perm:notifications:mark-checked", "perm:notifications:view", "perm:admin:certificates:delete", "perm:admin:certificates:details", "perm:admin:certificates:view", "perm:admin:certificates:add", "perm:admin:certificates:verify", "perm:admin", "perm:devicetype:deployment", "perm:device-types:events", "perm:device-types:events:view", "perm:admin:device-type", "perm:admin:device-type:view", "perm:admin:device-type:configs", "perm:device:enroll", "perm:geo-service:analytics-view", "perm:geo-service:alerts-manage", "appm:read", "perm:devices:permanent-delete", "perm:android:manage-configuration", "perm:android:view-configuration", "perm:user:permission-view", "perm:ios:view-configuration", "perm:ios:manage-configuration", "perm:ios:dep-view", "perm:ios:dep-add", "perm:windows:view-configuration", "perm:windows:manage-configuration", "perm:android:lock-devices", "perm:android:unlock-devices", "perm:android:location", "perm:android:clear-password", "perm:android:control-camera", "perm:android:enterprise-wipe", "perm:android:wipe", "perm:android:ring", "perm:android:applications", "perm:android:reboot", "perm:android:change-LockTask", "perm:android:mute", "perm:android:configure-display-message", "perm:android:send-app-restrictions", "perm:android:file-transfer", "perm:android:set-webclip", "perm:android:set-password-policy", "perm:android:change-lock-code", "perm:android:upgrade-firmware", "perm:android:send-notification", "perm:geo-service:geo-fence", "perm:metadata:view", "perm:metadata:create", "perm:metadata:update", "perm:sms-handler:view-configuration", "perm:com-module:admin:configure", "perm:com-module:admin:enrol", "perm:com-module:admin:status-update", "perm:com-module:view", "perm:rmr:admin:add-schedule", "perm:rmr:admin:assign-meter", "perm:rmr:admin:attach-com", "perm:rmr:admin:billing-registers-retrieve", "perm:rmr:admin:delete-schedule", "perm:rmr:admin:detach-com", "perm:rmr:admin:detach-meter", "perm:rmr:admin:enrol", "perm:rmr:admin:load-profile-retrieve", "perm:rmr:admin:remote-relay-off", "perm:rmr:admin:replace-meter", "perm:rmr:admin:self-test", "perm:rmr:admin:time-sync", "perm:rmr:admin:update-meter-mode", "perm:rmr:admin:update-meter-state", "perm:rmr:admin:update-schedule", "perm:rmr:admin:view-meter-reading", "perm:rmr:admin:view-schedule", "perm:rmr:device:assign", "perm:rmr:device:enrol", "perm:rmr:device:install", "perm:rmr:device:unassign", "perm:rmr:device:validate", "perm:rmr:device:view", "perm:rmr:sms", "perm:sim:admin:enrol", "perm:sim:admin:permanent-delete", "perm:sim:admin:update", "perm:sim:view", "perm:power-meter-dlms:event-mgt", "perm:rmr:admin:upload-credentials", "perm:rmr:admin:remote-configure", "perm:rmr:view-configuration", "perm:rmr:manage-configuration", "perm:com-module:types-view", "perm:com-module:signal-view", "perm:com-module:admin:attach-sim", "perm:com-module:admin:detach-sim", "perm:rmr:device:report-event", "perm:meter-request:view", "perm:meter-request:create", "perm:meter-request:cancel", "perm:meter-request:first-review", "perm:meter-request:second-review", "perm:meter-request:assign", "perm:meter-request:dispatch", "perm:meter-request:receive", "perm:meter-request:admin:update", "perm:rmr:admin:update-customer-assign", "perm:rmr:device:view-install-data", "perm:rmr:self-test", "perm:rmr:user:branches", "perm:rmr:admin:branch-overview", "perm:rmr:admin:branch-assignment", "perm:rmr:admin:reachability-overview", "perm:rmr:admin:signal-reception", "perm:rmr:admin:customer-overview", "perm:rmr:admin:customer-locations", "perm:rmr:admin:system-dashboard", "perm:rmr:admin:meter-inventory", "perm:rmr:admin:meter-reachability-report", "perm:sim:types:view", "perm:rmr:device:types:view", "perm:sg:cb:admin:add", "perm:sg:cb:admin:view", "perm:sg:cb:admin:attach-sim", "perm:sg:cb:admin:detach-sim", "perm:sg:cb:admin:status-update", "perm:sg:oc:admin:add", "perm:sg:oc:admin:view", "perm:sg:oc:admin:attach-cb", "perm:sg:oc:admin:detach-cb", "perm:sg:oc:admin:status-update", "perm:sg:oc:admin:upload-config", "perm:sg:oc:admin:download-config", "perm:sg:admin:register-read", "perm:sg:admin:event-read", "perm:sg:admin:enroll", "perm:sg:admin:install-sg", "perm:sg:admin:operation-execute"] +enable_sso=false + +[device_mgt_conf.policy_conf] +monitoring_enable=false + +[device_mgt_conf.certificate_cache_conf] +enable=false + +[device_mgt_conf.event_operation_task_conf] +enable=false + +[device_mgt_conf.remote_session_conf] +enabled=false + +[device_mgt_conf.push_notification_conf] +scheduler_batch_size=1000 +scheduler_batch_delay_mills=10000 +scheduler_task_initial_delay=10000 +scheduler_task_enabled=false +push_notification_providers=["io.entgra.proprietary.switchgear.iec104.adaptor.IEC104PushNotificationProvider"] + +#[sim.datasource] +#name="jdbc/DM_DS" + +[database.device_mgt] +type = "mysql" +url = "jdbc:mysql://${DB_HOST}:3306/DM_DB?allowPublicKeyRetrieval=true&useSSL=false" +username = "${DB_USERNAME}" +password = "${DB_PASSWORD}" +driver = "com.mysql.cj.jdbc.Driver" + +[database.switchgear] +type = "mysql" +url = "jdbc:mysql://${DB_HOST}:3306/DM_DB?allowPublicKeyRetrieval=true&useSSL=false" +username = "${DB_USERNAME}" +password = "${DB_PASSWORD}" +driver = "com.mysql.cj.jdbc.Driver" + +[database.sim_mgt] +type = "mysql" +url = "jdbc:mysql://${DB_HOST}:3306/DM_DB?allowPublicKeyRetrieval=true&useSSL=false" +username = "${DB_USERNAME}" +password = "${DB_PASSWORD}" +driver = "com.mysql.cj.jdbc.Driver" + +[[device_mgt_conf.operation_timeout_conf]] +device_types=["switchgear_controlbox"] +code="DOUBLE_COMMAND" +initial_status="PENDING" +timeout=30000 +next_status="ERROR" + +[[device_mgt_conf.operation_timeout_conf]] +device_types=["switchgear_controlbox"] +code="DOUBLE_COMMAND" +initial_status="CONFIRMED" +timeout=30000 +next_status="ERROR" + +[heart_beat_beacon_conf] +enable=true +notifier_initial_delay_in_seconds=30 +notifier_frequency_in_seconds=60 +time_skew_in_seconds=5 +sever_timeout_interval_in_seconds=60 + +[heart_beat_beacon_conf.cluster_formation_changed_configs] +cluster_formation_changed_notifiers=["io.entgra.proprietary.switchgear.iec104.adaptor.ClusterFormationChangedReceiver"] + +[database.heart_beat] +type = "mysql" +url = "jdbc:mysql://${DB_HOST}:3306/HEART_BEAT_DB?allowPublicKeyRetrieval=true&useSSL=false" +username = "${DB_USERNAME}" +password = "${DB_PASSWORD}" +driver = "com.mysql.cj.jdbc.Driver" + +[switchgear] +operation_mgt.read_only=false +communication.device_stability_wait_time=30000 + +[device_mgt_conf.identity_conf] +server_url="https://localhost:9443" +admin_username="${admin.username}" +admin_password="${admin.password}" + +[device_mgt_conf.key_manager_conf] +server_url="https://localhost:9443" +admin_username="${admin.username}" +admin_password="${admin.password}" + +[[switchgear.ui_config.dashboards]] +name="KIBANA_DASHBOARD" +url="https://logs.sg.local/app/dashboards#/view/c6df6590-be16-11ec-8519-d1b35b9753bc?embed=true&_g=(filters%3A!()%2CrefreshInterval%3A(pause%3A!t%2Cvalue%3A0)%2Ctime%3A(from%3Anow%2Fd%2Cto%3Anow%2Fd))&show-query-input=true&show-time-filter=true" \ No newline at end of file diff --git a/config/log4j2.properties b/config/log4j2.properties new file mode 100644 index 0000000..c73829f --- /dev/null +++ b/config/log4j2.properties @@ -0,0 +1,492 @@ +# list of all appenders +#add entry "syslog" to use the syslog appender +appenders=CARBON_CONSOLE, CARBON_LOGFILE, AUDIT_LOGFILE, SG_LOGFILE, ATOMIKOS_LOGFILE, CARBON_TRACE_LOGFILE, ERROR_LOGFILE, OPEN_TRACING, SERVICE_APPENDER, TRACE_APPENDER, osgi, CORRELATION, BOTDATA_APPENDER +#, syslog + +# CARBON_CONSOLE is set to be a ConsoleAppender using a PatternLayout. +appender.CARBON_CONSOLE.type = Console +appender.CARBON_CONSOLE.name = CARBON_CONSOLE +appender.CARBON_CONSOLE.layout.type = PatternLayout +appender.CARBON_CONSOLE.layout.pattern = [%d{DEFAULT}] %5p - %c{1} %m%n +appender.CARBON_CONSOLE.filter.threshold.type = ThresholdFilter +appender.CARBON_CONSOLE.filter.threshold.level = TRACE + +# CARBON_LOGFILE is set to be a DailyRollingFileAppender using a PatternLayout. +appender.CARBON_LOGFILE.type = RollingFile +appender.CARBON_LOGFILE.name = CARBON_LOGFILE +appender.CARBON_LOGFILE.fileName = ${sys:carbon.home}/repository/logs/wso2carbon.log +appender.CARBON_LOGFILE.filePattern = ${sys:carbon.home}/repository/logs/wso2carbon-%d{MM-dd-yyyy}.log +appender.CARBON_LOGFILE.layout.type = PatternLayout +appender.CARBON_LOGFILE.layout.pattern = TID: [%tenantId] [%appName] [%d] %5p {%c} - %m%ex%n +appender.CARBON_LOGFILE.policies.type = Policies +appender.CARBON_LOGFILE.policies.time.type = TimeBasedTriggeringPolicy +appender.CARBON_LOGFILE.policies.time.interval = 1 +appender.CARBON_LOGFILE.policies.time.modulate = true +#appender.CARBON_LOGFILE.policies.size.type = SizeBasedTriggeringPolicy +#appender.CARBON_LOGFILE.policies.size.size=10MB +appender.CARBON_LOGFILE.strategy.type = DefaultRolloverStrategy +appender.CARBON_LOGFILE.strategy.max = 20 +appender.CARBON_LOGFILE.filter.threshold.type = ThresholdFilter +appender.CARBON_LOGFILE.filter.threshold.level = INFO + +#elk switchgear log file +# SG_LOGFILE is set to be a DailyRollingFileAppender using a PatternLayout. +appender.SG_LOGFILE.type = RollingFile +appender.SG_LOGFILE.name = SG_LOGFILE +appender.SG_LOGFILE.fileName = ${sys:carbon.home}/repository/logs/elk/switchgear.log +appender.SG_LOGFILE.filePattern = ${sys:carbon.home}/repository/logs/elk/switchgear-%d{MM-dd-yyyy}.log +appender.SG_LOGFILE.layout.type = PatternLayout +appender.SG_LOGFILE.layout.pattern = [%5p] [%d{ISO8601}] [%X{EventCategory}] [%X{InitiatedBy}] [%X{SgId}] [%X{CbSerial}] [%X{OcSerial}] [%X{IpAddress}] [%X{State}] - %m%ex%n +appender.SG_LOGFILE.policies.type = Policies +appender.SG_LOGFILE.policies.time.type = TimeBasedTriggeringPolicy +appender.SG_LOGFILE.policies.time.interval = 1 +appender.SG_LOGFILE.policies.time.modulate = true +#appender.SG_LOGFILE.policies.size.type = SizeBasedTriggeringPolicy +#appender.SG_LOGFILE.policies.size.size=10MB +appender.SG_LOGFILE.strategy.type = DefaultRolloverStrategy +appender.SG_LOGFILE.strategy.max = 20 +appender.SG_LOGFILE.filter.threshold.type = ThresholdFilter +appender.SG_LOGFILE.filter.threshold.level = DEBUG +appender.SG_LOGFILE.filter.eventFilter.type = RegexFilter +appender.SG_LOGFILE.filter.eventFilter.regex = .*Open/Close.* +appender.SG_LOGFILE.filter.eventFilter.onMatch = DENY +appender.SG_LOGFILE.filter.eventFilter.onMismatch = ACCEPT + +# Appender config to AUDIT_LOGFILE +appender.AUDIT_LOGFILE.type = RollingFile +appender.AUDIT_LOGFILE.name = AUDIT_LOGFILE +appender.AUDIT_LOGFILE.fileName = ${sys:carbon.home}/repository/logs/audit.log +appender.AUDIT_LOGFILE.filePattern = ${sys:carbon.home}/repository/logs/audit-%d{MM-dd-yyyy}.log +appender.AUDIT_LOGFILE.layout.type = PatternLayout +appender.AUDIT_LOGFILE.layout.pattern = TID: [%tenantId] [%d] %5p {%c} - %m%ex%n +appender.AUDIT_LOGFILE.policies.type = Policies +appender.AUDIT_LOGFILE.policies.time.type = TimeBasedTriggeringPolicy +appender.AUDIT_LOGFILE.policies.time.interval = 1 +appender.AUDIT_LOGFILE.policies.time.modulate = true +appender.AUDIT_LOGFILE.policies.size.type = SizeBasedTriggeringPolicy +appender.AUDIT_LOGFILE.policies.size.size=10MB +appender.AUDIT_LOGFILE.strategy.type = DefaultRolloverStrategy +appender.AUDIT_LOGFILE.strategy.max = 20 +appender.AUDIT_LOGFILE.filter.threshold.type = ThresholdFilter +appender.AUDIT_LOGFILE.filter.threshold.level = INFO + +# Appender config to send Atomikos transaction logs to new log file tm.out. +appender.ATOMIKOS_LOGFILE.type = RollingFile +appender.ATOMIKOS_LOGFILE.name = ATOMIKOS_LOGFILE +appender.ATOMIKOS_LOGFILE.fileName = ${sys:carbon.home}/repository/logs/tm.out +appender.ATOMIKOS_LOGFILE.filePattern = ${sys:carbon.home}/repository/logs/tm-%d{MM-dd-yyyy}.out +appender.ATOMIKOS_LOGFILE.layout.type = PatternLayout +appender.ATOMIKOS_LOGFILE.layout.pattern = [%d] [%tenantId] %5p {%c} - %m%ex%n +appender.ATOMIKOS_LOGFILE.policies.type = Policies +appender.ATOMIKOS_LOGFILE.policies.time.type = TimeBasedTriggeringPolicy +appender.ATOMIKOS_LOGFILE.policies.time.interval = 1 +appender.ATOMIKOS_LOGFILE.policies.time.modulate = true +appender.ATOMIKOS_LOGFILE.strategy.type = DefaultRolloverStrategy +appender.ATOMIKOS_LOGFILE.strategy.max = 20 + +# Appender config to CARBON_TRACE_LOGFILE +appender.CARBON_TRACE_LOGFILE.type = RollingFile +appender.CARBON_TRACE_LOGFILE.name = CARBON_TRACE_LOGFILE +appender.CARBON_TRACE_LOGFILE.fileName = ${sys:carbon.home}/repository/logs/wso2carbon-trace-messages.log +appender.CARBON_TRACE_LOGFILE.filePattern = ${sys:carbon.home}/repository/logs/wso2carbon-trace-messages-%d{MM-dd-yyyy}.log +appender.CARBON_TRACE_LOGFILE.layout.type = PatternLayout +appender.CARBON_TRACE_LOGFILE.layout.pattern = [%d] [%tenantId] %5p {%c} - %m%ex%n +appender.CARBON_TRACE_LOGFILE.policies.type = Policies +appender.CARBON_TRACE_LOGFILE.policies.time.type = TimeBasedTriggeringPolicy +appender.CARBON_TRACE_LOGFILE.policies.time.interval = 1 +appender.CARBON_TRACE_LOGFILE.policies.time.modulate = true +appender.CARBON_TRACE_LOGFILE.policies.size.type = SizeBasedTriggeringPolicy +appender.CARBON_TRACE_LOGFILE.policies.size.size=10MB +appender.CARBON_TRACE_LOGFILE.strategy.type = DefaultRolloverStrategy +appender.CARBON_TRACE_LOGFILE.strategy.max = 20 + + +# Appender config to put correlation Log. +appender.CORRELATION.type = RollingFile +appender.CORRELATION.name = CORRELATION +appender.CORRELATION.fileName =${sys:carbon.home}/repository/logs/correlation.log +appender.CORRELATION.filePattern =${sys:carbon.home}/repository/logs/correlation-%d{MM-dd-yyyy}-%i.log.gz +appender.CORRELATION.layout.type = PatternLayout +appender.CORRELATION.layout.pattern = %d{yyyy-MM-dd HH:mm:ss,SSS}|%X{Correlation-ID}|%t|%m%n +appender.CORRELATION.policies.type = Policies +appender.CORRELATION.policies.time.type = TimeBasedTriggeringPolicy +appender.CORRELATION.policies.time.interval = 1 +appender.CORRELATION.policies.time.modulate = true +appender.CORRELATION.policies.size.type = SizeBasedTriggeringPolicy +appender.CORRELATION.policies.size.size=10MB +appender.CORRELATION.strategy.type = DefaultRolloverStrategy +appender.CORRELATION.strategy.max = 20 +appender.CORRELATION.filter.threshold.type = ThresholdFilter +appender.CORRELATION.filter.threshold.level = INFO + + +appender.ERROR_LOGFILE.type = RollingFile +appender.ERROR_LOGFILE.name = ERROR_LOGFILE +appender.ERROR_LOGFILE.fileName =${sys:carbon.home}/repository/logs/wso2-apigw-errors.log +appender.ERROR_LOGFILE.filePattern =${sys:carbon.home}/repository/logs/wso2-apigw-errors-%d{MM-dd-yyyy}-%i.log.gz +appender.ERROR_LOGFILE.layout.type = PatternLayout +appender.ERROR_LOGFILE.layout.pattern = %d{ISO8601} [%X{ip}-%X{host}] [%t] %5p %c{1} %m%n +appender.ERROR_LOGFILE.policies.type = Policies +appender.ERROR_LOGFILE.policies.time.type = TimeBasedTriggeringPolicy +appender.ERROR_LOGFILE.policies.time.interval = 1 +appender.ERROR_LOGFILE.policies.time.modulate = true +appender.ERROR_LOGFILE.policies.size.type = SizeBasedTriggeringPolicy +appender.ERROR_LOGFILE.policies.size.size=10MB +appender.ERROR_LOGFILE.strategy.type = DefaultRolloverStrategy +appender.ERROR_LOGFILE.strategy.max = 20 +appender.ERROR_LOGFILE.filter.threshold.type = ThresholdFilter +appender.ERROR_LOGFILE.filter.threshold.level = WARN + + +appender.CARBON_SYS_LOG.type = Syslog +appender.CARBON_SYS_LOG.name = CARBON_SYS_LOG +appender.CARBON_SYS_LOG.host = localhost +appender.CARBON_SYS_LOG.facility = USER +appender.CARBON_SYS_LOG.layout.type = PatternLayout +appender.CARBON_SYS_LOG.layout.pattern = [%d] %5p - %x %m {%c}%n +appender.CARBON_SYS_LOG.filter.threshold.type = ThresholdFilter +appender.CARBON_SYS_LOG.filter.threshold.level = DEBUG + +appender.OPEN_TRACING.type = RollingFile +appender.OPEN_TRACING.name = OPEN_TRACING +appender.OPEN_TRACING.fileName =${sys:carbon.home}/repository/logs/wso2-apimgt-open-tracing.log +appender.OPEN_TRACING.filePattern =${sys:carbon.home}/repository/logs/wso2-apimgt-open-tracing-%d{MM-dd-yyyy}-%i.log.gz +appender.OPEN_TRACING.layout.type = PatternLayout +appender.OPEN_TRACING.layout.pattern = %d{HH:mm:ss,SSS} [%X{ip}-%X{host}] [%t] %5p %m%nn +appender.OPEN_TRACING.policies.type = Policies +appender.OPEN_TRACING.policies.time.type = TimeBasedTriggeringPolicy +appender.OPEN_TRACING.policies.time.interval = 1 +appender.OPEN_TRACING.policies.time.modulate = true +appender.OPEN_TRACING.policies.size.type = SizeBasedTriggeringPolicy +appender.OPEN_TRACING.policies.size.size=10MB +appender.OPEN_TRACING.strategy.type = DefaultRolloverStrategy +appender.OPEN_TRACING.strategy.max = 20 +appender.OPEN_TRACING.filter.threshold.type = ThresholdFilter +appender.OPEN_TRACING.filter.threshold.level = TRACE + + +appender.TRACE_APPENDER.type = RollingFile +appender.TRACE_APPENDER.name = TRACE_APPENDER +appender.TRACE_APPENDER.fileName = ${sys:carbon.home}/repository/logs/wso2-apigw-trace.log +appender.TRACE_APPENDER.filePattern = ${sys:carbon.home}/repository/logs/wso2-apigw-trace-%d{MM-dd-yyyy}.log +appender.TRACE_APPENDER.layout.type = PatternLayout +appender.TRACE_APPENDER.layout.pattern = %d{HH:mm:ss,SSS} [%X{ip}-%X{host}] [%t] %5p %c{1} %m%n +appender.TRACE_APPENDER.policies.type = Policies +appender.TRACE_APPENDER.policies.time.type = TimeBasedTriggeringPolicy +appender.TRACE_APPENDER.policies.time.interval = 1 +appender.TRACE_APPENDER.policies.time.modulate = true +appender.TRACE_APPENDER.strategy.type = DefaultRolloverStrategy +appender.TRACE_APPENDER.strategy.max = 20 + +appender.SERVICE_APPENDER.type = RollingFile +appender.SERVICE_APPENDER.name = SERVICE_APPENDER +appender.SERVICE_APPENDER.fileName = ${sys:carbon.home}/repository/logs/wso2-apigw-service.log +appender.SERVICE_APPENDER.filePattern = ${sys:carbon.home}/repository/logs/wso2-apigw-service-%i.log +appender.SERVICE_APPENDER.layout.type = PatternLayout +appender.SERVICE_APPENDER.layout.pattern = %d{ISO8601} [%X{ip}-%X{host}] [%t] %5p %c{1} %m%n +appender.SERVICE_APPENDER.policies.type = Policies +appender.SERVICE_APPENDER.policies.size.type = SizeBasedTriggeringPolicy +appender.SERVICE_APPENDER.policies.size.size=1000KB +appender.SERVICE_APPENDER.strategy.type = DefaultRolloverStrategy +appender.SERVICE_APPENDER.strategy.max = 10 + + +appender.osgi.type = PaxOsgi +appender.osgi.name = PaxOsgi +appender.osgi.filter = * + +loggers = sg, iec, adaptor, trace-messages, org-apache-coyote, com-hazelcast, Owasp-CsrfGuard, org-apache-axis2-wsdl-codegen-writer-PrettyPrinter, org-apache-catalina, org-wso2-carbon-apacheds, org-apache-directory-server-ldap, org-apache-directory-server-core-event, org-quartz, org-apache-jackrabbit-webdav, org-apache-juddi, org-apache-commons-digester-Digester, org-apache-jasper-compiler-TldLocationsCache, org-apache-qpid, qpid-message, org-apache-tiles, org-apache-commons-httpclient, org-apache-solr, me-prettyprint-cassandra-hector-TimingLogger, org-apache-axis-enterprise, org-apache-directory-shared-ldap, org-apache-directory-server-ldap-handlers, org-apache-directory-shared-ldap-entry-DefaultServerAttribute, org-apache-directory-server-core-DefaultDirectoryService, org-apache-directory-shared-ldap-ldif-LdifReader, org-apache-directory-server-ldap-LdapProtocolHandler, org-apache-directory-server-core, org-apache-directory-server-ldap-LdapSession, DataNucleus, Datastore, Datastore-Schema, JPOX-Datastore, JPOX-Plugin, JPOX-MetaData, JPOX-Query, JPOX-General, JPOX-Enhancer, org-apache-hadoop-hive, hive, ExecMapper, ExecReducer, net-sf-ehcache-config-ConfigurationFactory, axis2Deployment, equinox, tomcat2, StAXDialectDetector, trace, synapse, axis2, hunsicker, thrift-publisher + +logger.sg.name = io.entgra.proprietary.switchgear.core +logger.sg.level = DEBUG +#logger.sg.additivity = false +logger.sg.appenderRef.SG_LOGFILE.ref = SG_LOGFILE + +logger.InboundWebsocketSourceHandler.name = org.wso2.carbon.inbound.endpoint.protocol.websocket.InboundWebsocketSourceHandler +logger.InboundWebsocketSourceHandle.level = DEBUG + +logger.InboundWebsocketResponseSender.name = org.wso2.carbon.inbound.endpoint.protocol.websocket.InboundWebsocketResponseSender +logger.InboundWebsocketResponseSender.level = DEBUG + +logger.WebSocketClientHandler.name = org.wso2.carbon.websocket.transport.WebSocketClientHandler +logger.WebSocketClientHandler.level = DEBUG + +logger.WebsocketTransportSender.name = org.wso2.carbon.websocket.transport.WebsocketTransportSender +logger.WebsocketTransportSender.level = DEBUG + +logger.iec.name = org.openmuc.j60870 +logger.iec.level = DEBUG + +logger.adaptor.name = io.entgra.proprietary.switchgear.iec104.adaptor +logger.adaptor.level = DEBUG +logger.adaptor.additivity = false +logger.adaptor.appenderRef.SG_LOGFILE.ref = SG_LOGFILE + +logger.JAGGERY_LOG.name = JAGGERY +logger.JAGGERY_LOG.level = INFO + +logger.AUDIT_LOG.name = AUDIT_LOG +logger.AUDIT_LOG.level = INFO +logger.AUDIT_LOG.appenderRef.AUDIT_LOGFILE.ref = AUDIT_LOGFILE +logger.AUDIT_LOG.additivity = false + +logger.trace-messages.name = trace.messages +logger.trace-messages.level = TRACE +logger.trace-messages.appenderRef.CARBON_TRACE_LOGFILE.ref = CARBON_TRACE_LOGFILE + +logger.org-apache-coyote.name = org.apache.coyote +logger.org-apache-coyote.level = WARN + +logger.com-hazelcast.name = com.hazelcast +logger.com-hazelcast.level = ERROR + +logger.Owasp-CsrfGuard.name = Owasp.CsrfGuard +logger.Owasp-CsrfGuard.level = WARN + +logger.org-apache-axis2-wsdl-codegen-writer-PrettyPrinter.name = org.apache.axis2.wsdl.codegen.writer.PrettyPrinter +logger.org-apache-axis2-wsdl-codegen-writer-PrettyPrinter.level = ERROR +logger.org-apache-axis2-wsdl-codegen-writer-PrettyPrinter.appenderRef.CARBON_LOGFILE.ref = CARBON_LOGFILE + +logger.org-apache-axis2-clustering.name = org.apache.axis2.clustering +logger.org-apache-axis2-clustering.level = INFO +logger.org-apache-axis2-clustering.additivity = false + +logger.org-apache.name = org.apache +logger.org-apache.level = INFO +logger.org-apache.additivity = false +logger.org-apache.appenderRef.CARBON_LOGFILE.ref = CARBON_LOGFILE + +logger.org-apache-catalina.name = org.apache.catalina +logger.org-apache-catalina.level = ERROR + +logger.org-apache-tomcat.name = org.apache.tomcat +logger.org-apache-tomcat.level = INFO + +logger.org-wso2-carbon-apacheds.name = org.wso2.carbon.apacheds +logger.org-wso2-carbon-apacheds.level = WARN + +logger.org-apache-directory-server-ldap.name = org.apache.directory.server.ldap +logger.org-apache-directory-server-ldap.level = ERROR + +logger.org-apache-directory-server-core-event.name = org.apache.directory.server.core.event +logger.org-apache-directory-server-core-event.level = WARN + +logger.com-atomikos.name = com.atomikos +logger.com-atomikos.level = INFO +logger.com-atomikos.additivity = false +logger.com-atomikos.appenderRef.ATOMIKOS_LOGFILE.ref = ATOMIKOS_LOGFILE + +logger.org-quartz.name = org.quartz +logger.org-quartz.level = WARN + +logger.org-apache-jackrabbit-webdav.name = org.apache.jackrabbit.webdav +logger.org-apache-jackrabbit-webdav.level = WARN + +logger.org-apache-juddi.name = org.apache.juddi +logger.org-apache-juddi.level = ERROR + +logger.org-apache-commons-digester-Digester.name = org.apache.commons.digester.Digester +logger.org-apache-commons-digester-Digester.level = WARN + +logger.org-apache-jasper-compiler-TldLocationsCache.name = org.apache.jasper.compiler.TldLocationsCache +logger.org-apache-jasper-compiler-TldLocationsCache.level = WARN + +logger.org-apache-qpid.name = org.apache.qpid +logger.org-apache-qpid.level = WARN + +logger.org-apache-qpid-server-Main.name = org.apache.qpid.server.Main +logger.org-apache-qpid-server-Main.level = INFO + +logger.qpid-message.name = qpid.message +logger.qpid-message.level = WARN + +logger.qpid-message-broker-listening.name = qpid.message.broker.listening +logger.qpid-message-broker-listening.level = INFO + +logger.org-apache-tiles.name = org.apache.tiles +logger.org-apache-tiles.level = WARN + +logger.org-apache-commons-httpclient.name = org.apache.commons.httpclient +logger.org-apache-commons-httpclient.level = ERROR + +logger.org-apache-solr.name = org.apache.solr +logger.org-apache-solr.level = ERROR + +logger.me-prettyprint-cassandra-hector-TimingLogger.name = me.prettyprint.cassandra.hector.TimingLogger +logger.me-prettyprint-cassandra-hector-TimingLogger.level = ERROR + +logger.org-wso2.name = org.wso2 +logger.org-wso2.level = INFO + +logger.org-wso2-carbon.name = org.wso2.carbon +logger.org-wso2-carbon.level = INFO + +logger.org-apache-axis-enterprise.name = org.apache.axis2.enterprise +logger.org-apache-axis-enterprise.level = FATAL +logger.org-apache-axis-enterprise.appenderRef.CARBON_LOGFILE.ref = CARBON_LOGFILE + +logger.org-apache-directory-shared-ldap.name = org.apache.directory.shared.ldap +logger.org-apache-directory-shared-ldap.level = WARN +logger.org-apache-directory-shared-ldap.appenderRef.CARBON_LOGFILE.ref = CARBON_LOGFILE + +logger.org-apache-directory-server-ldap-handlers.name = org.apache.directory.server.ldap.handlers +logger.org-apache-directory-server-ldap-handlers.level = WARN +logger.org-apache-directory-server-ldap-handlers.appenderRef.CARBON_LOGFILE.ref = CARBON_LOGFILE + +#Following are to remove false error messages from startup (IS) +logger.org-apache-directory-shared-ldap-entry-DefaultServerAttribute.name = org.apache.directory.shared.ldap.entry.DefaultServerAttribute +logger.org-apache-directory-shared-ldap-entry-DefaultServerAttribute.level = FATAL +logger.org-apache-directory-shared-ldap-entry-DefaultServerAttribute.appenderRef.CARBON_LOGFILE.ref = CARBON_LOGFILE + +logger.org-apache-directory-server-core-DefaultDirectoryService.name = org.apache.directory.server.core.DefaultDirectoryService +logger.org-apache-directory-server-core-DefaultDirectoryService.level = ERROR +logger.org-apache-directory-server-core-DefaultDirectoryService.appenderRef.CARBON_LOGFILE.ref = CARBON_LOGFILE + +logger.org-apache-directory-shared-ldap-ldif-LdifReader.name = org.apache.directory.shared.ldap.ldif.LdifReader +logger.org-apache-directory-shared-ldap-ldif-LdifReader.level = ERROR +logger.org-apache-directory-shared-ldap-ldif-LdifReader.appenderRef.CARBON_LOGFILE.ref = CARBON_LOGFILE + +logger.org-apache-directory-server-ldap-LdapProtocolHandler.name = org.apache.directory.server.ldap.LdapProtocolHandler +logger.org-apache-directory-server-ldap-LdapProtocolHandler.level = ERROR +logger.org-apache-directory-server-ldap-LdapProtocolHandler.appenderRef.CARBON_LOGFILE.ref = CARBON_LOGFILE + +logger.org-apache-directory-server-core.name = org.apache.directory.server.core +logger.org-apache-directory-server-core.level = ERROR +logger.org-apache-directory-server-core.appenderRef.CARBON_LOGFILE.ref = CARBON_LOGFILE + +logger.org-apache-directory-server-ldap-LdapSession.name = org.apache.directory.server.ldap.LdapSession +logger.org-apache-directory-server-ldap-LdapSession.level = Error +logger.org-apache-directory-server-ldap-LdapSession.appenderRef.CARBON_LOGFILE.ref = CARBON_LOGFILE + +logger.correlation.name = correlation +logger.correlation.level = INFO +logger.correlation.appenderRef.CORRELATION.ref = CORRELATION +logger.correlation.additivity = false + +#Hive Related Log configurations +logger.DataNucleus.name = DataNucleus +logger.DataNucleus.level = ERROR + +logger.Datastore.name = Datastore +logger.Datastore.level = ERROR + +logger.Datastore-Schema.name = Datastore.Schema +logger.Datastore-Schema.level = ERROR + +logger.JPOX-Datastore.name = JPOX.Datastore +logger.JPOX-Datastore.level = ERROR + +logger.JPOX-Plugin.name = JPOX.Plugin +logger.JPOX-Plugin.level = ERROR + +logger.JPOX-MetaData.name = JPOX.MetaData +logger.JPOX-MetaData.level = ERROR + +logger.JPOX-Query.name = JPOX.Query +logger.JPOX-Query.level = ERROR + +logger.JPOX-General.name = JPOX.General +logger.JPOX-General.level = ERROR + +logger.JPOX-Enhancer.name = JPOX.Enhancer +logger.JPOX-Enhancer.level = ERROR + +logger.org-apache-hadoop-hive.name = org.apache.hadoop.hive +logger.org-apache-hadoop-hive.level = WARN + +logger.hive.name = hive +logger.hive.level = WARN + +logger.ExecMapper.name = ExecMapper +logger.ExecMapper.level = WARN + +logger.ExecReducer.name = ExecReducer +logger.ExecReducer.level = WARN + +logger.net-sf-ehcache-config-ConfigurationFactory.name = net.sf.ehcache.config.ConfigurationFactory +logger.net-sf-ehcache-config-ConfigurationFactory.level = ERROR + +logger.axis2Deployment.name = org.apache.axis2.deployment +logger.axis2Deployment.level = WARN + +logger.equinox.name = org.eclipse.equinox +logger.equinox.level = FATAL + +logger.tomcat2.name = tomcat +logger.tomcat2.level = FATAL + +logger.StAXDialectDetector.name = org.apache.axiom.util.stax.dialect.StAXDialectDetector +logger.StAXDialectDetector.level = ERROR + + +logger.trace.name = trace +logger.trace.level = TRACE +logger.trace.appenderRef.OPEN_TRACING.ref = OPEN_TRACING + +logger.synapse.name = org.apache.synapse +logger.synapse.level = INFO + +logger.synapse_transport.name = org.apache.synapse.transport +logger.synapse_transport.level = INFO + + +logger.axis2.name = org.apache.axis2 +logger.axis2.level = INFO + +logger.axis2_transport.name = org.apache.axis2.transport +logger.axis2_transport.level = INFO + + +logger.hunsicker.name = de.hunsicker.jalopy.io +logger.hunsicker.level = FATAL + +logger.synapse-headers.name = org.apache.synapse.transport.http.headers +logger.synapse-headers.level = DEBUG + +logger.synapse-wire.name = org.apache.synapse.transport.http.wire +logger.synapse-wire.level = DEBUG + +logger.thrift-publisher.name = org.wso2.carbon.databridge.agent.thrift.AsyncDataPublisher +logger.thrift-publisher.level = WARN + +logger.service_logger.name = SERVICE_LOGGER +logger.service_logger.level = INFO +logger.service_logger.additivity = false +logger.service_logger.appenderRef.SERVICE_APPENDER.ref = SERVICE_APPENDER + +logger.wso2-callhome.name = org.wso2.callhome +logger.wso2-callhome.level = INFO + +logger.trace_logger.name = TRACE_LOGGER +logger.trace_logger.level = INFO +logger.trace_logger.appenderRef.TRACE_APPENDER.ref = TRACE_APPENDER + + +# root loggers +rootLogger.level = ERROR +rootLogger.appenderRef.CARBON_CONSOLE.ref = CARBON_CONSOLE +rootLogger.appenderRef.CARBON_LOGFILE.ref = CARBON_LOGFILE +rootLogger.appenderRef.ERROR_LOGFILE.ref = ERROR_LOGFILE +rootLogger.appenderRef.PaxOsgi.ref = PaxOsgi +#rootLogger.appenderReg.CARBON_SYS_LOG.ref = CARBON_SYS_LOG +#rootLogger.appenderRef.syslog.ref = syslog +# bot detection feature appender +appender.BOTDATA_APPENDER.type=RollingFile +appender.BOTDATA_APPENDER.name=BOTDATA_APPENDER +appender.BOTDATA_APPENDER.fileName=${sys:carbon.home}/repository/logs/wso2-BotDetectedData.log +appender.BOTDATA_APPENDER.filePattern=${sys:carbon.home}/repository/logs/wso2-BotDetectedData-%d{MM-dd-yyyy}.log +appender.BOTDATA_APPENDER.layout.type=PatternLayout +appender.BOTDATA_APPENDER.layout.pattern=[%d] [%tenantId] %5p {%c} - %m%ex%n +appender.BOTDATA_APPENDER.policies.type=Policies +appender.BOTDATA_APPENDER.policies.time.type=TimeBasedTriggeringPolicy +appender.BOTDATA_APPENDER.policies.time.interval=1 +appender.BOTDATA_APPENDER.policies.time.modulate=true +appender.BOTDATA_APPENDER.policies.size.type=SizeBasedTriggeringPolicy +appender.BOTDATA_APPENDER.policies.size.size=10MB +appender.BOTDATA_APPENDER.strategy.type=DefaultRolloverStrategy +appender.BOTDATA_APPENDER.strategy.max=20 +logger.org-wso2-carbon-apimgt-gateway-mediators-BotDetectionMediator.name=org.wso2.carbon.apimgt.gateway.mediators.BotDetectionMediator +logger.org-wso2-carbon-apimgt-gateway-mediators-BotDetectionMediator.level=INFO +logger.org-wso2-carbon-apimgt-gateway-mediators-BotDetectionMediator.appenderRef.BOTDATA_APPENDER.ref=BOTDATA_APPENDER +logger.org-wso2-carbon-apimgt-gateway-mediators-BotDetectionMediator.additivity=false +category.SERVICE_APPENDER._OpenService_=TRACE_APPENDER, BOTDATA_APPENDER diff --git a/config/repository/components/lib/mysql-connector-j-8.0.33.jar b/config/repository/components/lib/mysql-connector-j-8.0.33.jar new file mode 100644 index 0000000..3f741f5 Binary files /dev/null and b/config/repository/components/lib/mysql-connector-j-8.0.33.jar differ diff --git a/config/repository/conf/README.md b/config/repository/conf/README.md new file mode 100644 index 0000000..e69de29 diff --git a/config/repository/conf/etc/jwt.properties b/config/repository/conf/etc/jwt.properties new file mode 100644 index 0000000..6901005 --- /dev/null +++ b/config/repository/conf/etc/jwt.properties @@ -0,0 +1,57 @@ +# +# Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. +# +# WSO2 Inc. licenses this file to you under the Apache License, +# Version 2.0 (the "License"); you may not use this file except +# in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, +# software distributed under the License is distributed on an +# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +# KIND, either express or implied. See the License for the +# specific language governing permissions and limitations +# under the License. +# + +#issuer of the JWT +iss=https://${MGT_HOSTNAME}:443/oauth2/token + +TokenEndpoint=https://${iot.gateway.host}:${iot.gateway.https.port}/token?tenantDomain=carbon.super + +#audience of JWT claim +#comma seperated values +aud=https://${MGT_HOSTNAME}:443/oauth2/token + +#expiration time of JWT (number of minutes from the current time) +exp=1000 + +#issued at time of JWT (number of minutes from the current time) +iat=0 + +#nbf time of JWT (number of minutes from current time) +nbf=0 + +#skew between IDP and issuer(seconds) +skew=0 + +# JWT Id +#jti=token123 + +#KeyStore to cryptographic credentials +#KeyStore=repository/resources/security/wso2carbon.jks + +#Password of the KeyStore +#KeyStorePassword=wso2carbon + +#Alias of the SP's private key +#PrivateKeyAlias=wso2carbon + +#Private key password to retrieve the private key used to sign +#AuthnRequest and LogoutRequest messages +#PrivateKeyPassword=wso2carbon + +#this will be used as the default IDP config if there isn't any config available for tenants. +default-jwt-client=true \ No newline at end of file diff --git a/config/repository/resources/security/client-truststore.jks b/config/repository/resources/security/client-truststore.jks new file mode 100644 index 0000000..9642c5e Binary files /dev/null and b/config/repository/resources/security/client-truststore.jks differ