Posts

Showing posts from June, 2017

JVM Garbage Collection and Optimizations

Image
Overview When troubleshooting systems for performance-related issues, memory optimizations are a place that needs a deep analysis of what each system stores in the memory, how long those are stored, and access patterns. This post is to keep a note on the background information and valuable points to note in such an effort, specific to Java-based implementations as a deep understanding of the JVM behaviors is very beneficial in the process.

Java language provides much convenience to the developers by taking care of the memory management to a great extent letting the focus be on the rest of the logic. Still having a good understanding of how Java does this underneath, rationalize several best practices we follow in Java implementations and help design the programs better and think seriously on some aspects that can later lead to memory leaks and system stability in the long run. Java Garbage Collector has a big role in this been responsible for freeing up memory by removing memory gar…

WSO2 Identity Server - Extension Points - Part 2 - OAuth

OAuth2 is widely used in the enterprise today for authorization aspects of APIs. This is the second post on the extension points available in WSO2 Identity Server after WSO2 Identity Server - Extension Points - Part 1 - SAML

All the implementation using following extension point needs to be configured at <IS_HOME>/repository/conf/identity/identity.xml file under the element OAuth.
1. Custom OAuth grant handlerUsage: When we need to support an OAuth flow that is different from standard grant types. Validates the grant, scopes, and access delegation.
Sample:https://docs.wso2.com/display/IS510/Writing+a+Custom+OAuth+2.0+Grant+Type
Interface:org.wso2.carbon.identity.oauth2.token.handlers.grant.AuthorizationGrantHandler
2. Client Auth Handler
Usage: When the client credential authentication needs to be customized. By default we validate the client id and secret.
Interface: org.wso2.carbon.identity.oauth2.token.handlers.clientauth.ClientAuthenticationHandler
3. OAuthCallbackHandlerAn ex…