Secure vault support in WSO2 ESB inbound parameters

In ESB 5.0.0, wso2:vault-lookup('alias') expression can be used in all inbound endpoint parameters. even in registry resource text, valut-lookup() expression can be used and set resource as the parameter value.

Parameter value  need to be encrypted and store with a alias and retrieve the actual value in your ESB  inbound configuration as below.

Before adding alias, You need to run the cipher tool in ESB. Go to bin directory and issue
"sh ciphertool.sh -Dconfigure"
Then go to the management console and click on "Manage Password" and create a alias my.username and my.password. here you can store the encrypted value for given values.

Add a registry resource(conf:/userInfo/password) which contains  {wso2:vault-lookup('my.password')} as the text contains.

Then you can use the alias in your inbound parameters with lookup fuction.
 Ex: wso2:vault-lookup('my.password')

<inboundEndpoint xmlns="http://ws.apache.org/ns/synapse"  
          name="activemq"  
          sequence="seq1"  
          onError="fault"  
          protocol="jms"  
          suspend="false">  
   <parameters>  
    <parameter name="interval">10</parameter>  
    <parameter name="sequential">true</parameter>  
    <parameter name="coordination">true</parameter>  
    <parameter name="java.naming.factory.initial">org.apache.activemq.jndi.ActiveMQInitialContextFactory</parameter>  
    <parameter name="java.naming.provider.url">tcp://localhost:61616</parameter>  
    <parameter name="transport.jms.ConnectionFactoryJNDIName">QueueConnectionFactory</parameter>  
    <parameter name="transport.jms.ConnectionFactoryType">queue</parameter>  
    <parameter name="transport.jms.Destination">order</parameter>  
    <parameter name="transport.jms.SessionTransacted">false</parameter>  
    <parameter name="transport.jms.SessionAcknowledgement">AUTO_ACKNOWLEDGE</parameter>  
    <parameter name="transport.jms.CacheLevel">3</parameter>  
    <parameter name="transport.jms.UserName">{wso2:vault-lookup('my.username')}</parameter>  
    <parameter name="transport.jms.Password" key="conf:/userInfo/password"/>  
    <parameter name="transport.jms.SubscriptionDurable">false</parameter>  
    <parameter name="transport.jms.SharedSubscription">false</parameter>  
   </parameters>  
 </inboundEndpoint>  

foreach sample configuration in WSO2 ESB

foreach mediator helps you to iterate through a element array. For a example, if you need to iterate xml array and concatenate them together, bellow configuration read all the id and concatenate them.

 <foreach xmlns:ns1="http://ws.wso2.org/dataservice"  
          id="Idforeach"  
          expression="//ns1:Entries/ns1:Entry/ns1:id">  
       <sequence>  
        <property name="ID"  
             expression="fn:concat($ctx:ID,//ns1:id, ',')"  
             type="STRING"/>  
       </sequence>  
     </foreach>  
     <log level="custom">  
       <property name="IDs" expression="$ctx:ID"/>  
     </log>  

Ex: ESB will log "IDs = 105,106," for below request payload

 <Entries xmlns="http://ws.wso2.org/dataservice">  
 <Entry><id>105</id></Entry>  
 <Entry><id>106</id></Entry>  
 </Entries>

How to secure a queue with username and password in ActiveMQ

How to secure a queue with username and password in ActiveMQ

By Default, Queue in a ActiveMQ server can be access without username and password. Adding below configuration in to activemq.xml will make sure that queue is secure with username and password. Then you need to provide a username and password when you create a connection.

 <broker  
   xmlns="http://activemq.apache.org/schema/core"   
 brokerName="localhost" dataDirectory="${activemq.data}">  
 ...........     
 <plugins>  
     <simpleAuthenticationPlugin>  
       <users>  
         <authenticationUser username="nuwan"   
                   password="mypassword"   
                   groups="admins,publishers,consumers" />  
       </users>  
     </simpleAuthenticationPlugin>  
   </plugins>   
 ................   
  </broker>