WSO2 BPS(BPEL) - Deadline or Escalation expression - bpel

Hi I am working on WSO2 BPS(BPEL) 3.1.0,
#My Scenario
if task is not completed within the given time.
I need to give the deadlines,and escalated to superior wise.
I tried working examples, but i didn't get any information.
How can i achieve this using WSO2 BPS(BPEL).

Escalation support is available with WSO2 BPS. Can you check out the ClaimsApprovalTaskWithDeadline.zip sample available from BPS 3.2.0 which is basically doing a notification based on a deadline.
Regards
Nandika

Related

CVE-ID: CVE-2022-29464 - Security Advisory WSO2-2021-1738

We observed vulnerability CVE-2022-29464 being exploited in the wild since April, allowing unrestricted file uploads resulting to arbitrary remote code execution (RCE) found from here
This affects WSO2 API Manager 2.2.0 and above, Identity Server 5.2.0 and above, Identity Server Analytics 5.4.0 to 5.6.0, Identity Server as Key Manager 5.3.0 and above, Open Banking AM 1.4.0 and above, and Enterprise Integrator 6.2.0 and above.
We're using WSO2 EI Product V6.4.0/6.5.0.
I have seen Security Advisory WSO2-2021-1738 guideline too.
We don't have Support Subscription, So I'm planning to remove <FileUploadConfig>mappings in the <product_home>/conf/carbon.xml as suggested in same WSO2 Security Advisory page.
Is this mitigations step enough or do we need to concentrate further more on this?
As per the advisory, it seems disabling the file upload services is not a complete fix. If you look at the fix that has been implemented it has code-level changes as well.[1]
[1] - https://github.com/wso2/carbon-kernel/pull/3152/files

CVE-2021-44228 - LOG4J - Does SNOWFLAKE contain any vulnerability related to LOG4J? Thanks

Does SNOWFLAKE contain any vulnerability related to LOG4J?
I want to confirm if SNOWFLAKE contains any vulnerability.
thanks in advance.
Snowflake's official announcement for this is
The Snowflake platform does not utilize Log4j as part of our production environment or any client connectors. The Snowflake Security and Incident Response teams have implemented additional threat detection measures and are actively monitoring this issue should further response be required.

WSO2 CEP 3.0 for Cassandra database

I need to use WSO2 CEP 3.0 for a project but I do not have a clue about it. My idea is to use the CEP engine as triggers on a little Cassandra database that I have created , to edit one field when another one is changed.
I have read the official documentation, searched on the support forums (stackoverflow included), googled about it, but still I do not know what steps I have to follow.
I would appreciate if anyone could give some explanation or any documentation for doing this task.
Thanks in advance.
CEP is a processing engine that processes events in real-time.. To process events, events needs to send to CEP in some manner. In your case if any change occur db, there should be some other client or external party need send events to CEP. There are several default adaptors available which receive events. see the links [1] & [2] for more info..
[1] http://docs.wso2.org/display/CEP300/Input+Event+Adaptors
[2] http://wso2.com/library/articles/2013/08/writing-custom-event-adaptors-for-cep-3.0.0/

Apache ODE, BPEL, Invoke RESTful API

Apache ODE documentation seems to support this i.e. invoking/orchestrating RESTFul APIs.
No examples sources available on their site and even after trying hard on Google couldn't find anything useful.
Can someone help me to find a direction?
I'm using latest Apache ODE distribution with Eclipse BPEL designer.
We have a large SET of RESTFul APIs that provides the core interface to our business processes entirely. BPEL seems to be good Orchestration/Workflow programming solution but without the RESTFul API support out of the box I'm almost giving up on it.
I must be missing something here. Please suggest.
This sample is compliant with ws-BPEL 2.0 standard, we have tested only on wso2 bps, you'll be able to run it on ODE with minimal changes to the process. https://svn.wso2.org/repos/wso2/carbon/platform/branches/4.0.0/products/bps/3.0.0/modules/samples/product/src/main/resources/bpel/2.0/TestRESTProcess

Spring/Spring Security 3.0.x execution flow

I'm currently in the process of migrating an application from Spring 2.5.6 to Spring 3.0.4 and Spring Security 3.0.2 and I was wondering if there was some kind of execution flow for both of these framework so that developpers could know what is being called before what.
For those of you who are doing this kind of migration, I can tell you that it's not a simple task that's why I was wondering if some experts, out there, in the wild, would have some references about these flow.
Thanks
You should start here:
http://static.springsource.org/spring-security/site/docs/3.0.x/reference/springsecurity.html
This is a detailed overview of how spring works and will get you up to speed on the changes. Additionally I highly recommend the book by Peter Mularien - Spring Security 3.
With these two references you'll be on your way in no time.
Grant

Resources