wso2 interview questions
Top wso2 frequently asked interview questions
We're currently evaluating the WSO2 Identity Server and I got a few questions about it:
- Could the Identity Server be used as an SSO provider for custom applications deployed (just like CAS)? Is there a client API to access the server programatically to verify a ticket?
- Is there a way to customize the login page of the Identity Server or substitute it with my own (and how)?
- Is the Identity Server able to login users with digital certificates?
Source: (StackOverflow)
We are currently evaluating the WSO2 Identity server. We want to use email address as an username. By default the username is 30 characters, it is not long enough. And it must support both . and @ in the username. Is there an way to configure this? The user store is a JDBC(Mysql) one.
Thanks
Source: (StackOverflow)
When a client asks a resource server to get a protected resource with an OAuth 2.0 access token, how does this server validate the token? The OAuth 2.0 refresh token protocol?
Source: (StackOverflow)
I am using WSO2 Identity Server for Single Sign On Implementations.
In my demo applications I am trying to get Custom claim attributes of authenticated User from my own JDBC Database.
I followed this blog of Pushpalanka.
This worked fine for the Identity Server 5.0.0
But when I updated Identity Server with latest Update "WSO2-IS-5.0.0-SP01", Custom Claim Handling stopped working.
Following is the error stack :
[2015-04-22 19:09:43,311] ERROR
{org.wso2.carbon.identity.application.authentication.framework.handler.sequence.impl.DefaultStepBasedSequenceHandler}
- Claim handling failed! org.wso2.carbon.identity.application.authentication.framework.exception.FrameworkException:
Index: 0, Size: 0 at
com.wso2.sample.claim.handler.CustomClaimHandler.handleLocalClaims(CustomClaimHandler.java:200)
at
com.wso2.sample.claim.handler.CustomClaimHandler.handleClaimMappings(CustomClaimHandler.java:66)
at
org.wso2.carbon.identity.application.authentication.framework.handler.sequence.impl.DefaultStepBasedSequenceHandler.handleClaimMappings(DefaultStepBasedSequenceHandler.java:604)
at
org.wso2.carbon.identity.application.authentication.framework.handler.sequence.impl.DefaultStepBasedSequenceHandler.handlePostAuthentication(DefaultStepBasedSequenceHandler.java:394)
at
org.wso2.carbon.identity.application.authentication.framework.handler.sequence.impl.DefaultStepBasedSequenceHandler.handle(DefaultStepBasedSequenceHandler.java:134)
at
org.wso2.carbon.identity.application.authentication.framework.handler.request.impl.DefaultAuthenticationRequestHandler.handle(DefaultAuthenticationRequestHandler.java:121)
at
org.wso2.carbon.identity.application.authentication.framework.handler.request.impl.DefaultRequestCoordinator.handle(DefaultRequestCoordinator.java:94)
at
org.wso2.carbon.identity.application.authentication.framework.servlet.CommonAuthenticationServlet.doPost(CommonAuthenticationServlet.java:54)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:755) at
javax.servlet.http.HttpServlet.service(HttpServlet.java:848) at
org.eclipse.equinox.http.helper.ContextPathServletAdaptor.service(ContextPathServletAdaptor.java:37)
at
org.eclipse.equinox.http.servlet.internal.ServletRegistration.service(ServletRegistration.java:61)
at
org.eclipse.equinox.http.servlet.internal.ProxyServlet.processAlias(ProxyServlet.java:128)
at
org.eclipse.equinox.http.servlet.internal.ProxyServlet.service(ProxyServlet.java:60)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:848) at
org.wso2.carbon.tomcat.ext.servlet.DelegationServlet.service(DelegationServlet.java:68)
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:305)
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210)
at
org.wso2.carbon.tomcat.ext.filter.CharacterSetFilter.doFilter(CharacterSetFilter.java:61)
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:243)
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210)
at
org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:222)
at
org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:123)
at
org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:472)
at
org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:171)
at
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:99)
at
org.wso2.carbon.tomcat.ext.valves.CompositeValve.continueInvocation(CompositeValve.java:178)
at
org.wso2.carbon.tomcat.ext.valves.CarbonTomcatValve$1.invoke(CarbonTomcatValve.java:47)
at
org.wso2.carbon.webapp.mgt.TenantLazyLoaderValve.invoke(TenantLazyLoaderValve.java:56)
at
org.wso2.carbon.tomcat.ext.valves.TomcatValveContainer.invokeValves(TomcatValveContainer.java:47)
at
org.wso2.carbon.tomcat.ext.valves.CompositeValve.invoke(CompositeValve.java:141)
at
org.wso2.carbon.tomcat.ext.valves.CarbonStuckThreadDetectionValve.invoke(CarbonStuckThreadDetectionValve.java:156)
at
org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:936)
at
org.wso2.carbon.tomcat.ext.valves.CarbonContextCreatorValve.invoke(CarbonContextCreatorValve.java:52)
at
org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:118)
at
org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:407)
at
org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1004)
at
org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:589)
at
org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.run(NioEndpoint.java:1653)
at
java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
at
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
at java.lang.Thread.run(Thread.java:745) Caused by:
java.lang.IndexOutOfBoundsException: Index: 0, Size: 0 at
java.util.ArrayList.rangeCheck(ArrayList.java:635) at
java.util.ArrayList.get(ArrayList.java:411) at
org.wso2.carbon.claim.mgt.ClaimManagerHandler.validateClaims(ClaimManagerHandler.java:668)
at
org.wso2.carbon.claim.mgt.ClaimManagerHandler.getMappingsFromOtherDialectToCarbon(ClaimManagerHandler.java:529)
at
org.wso2.carbon.claim.mgt.ClaimManagerHandler.getMappingsMapFromOtherDialectToCarbon(ClaimManagerHandler.java:614)
at
com.wso2.sample.claim.handler.CustomClaimHandler.handleLocalClaims(CustomClaimHandler.java:141).
According to my study on source code of Identity Server this problem is in Authentication Framework at org.wso2.identity.application.authentication.framewotk component.
The problem might be in validating claims but I didnt found any method named validateClaims in the source code.
In the source code given in blog post, Authentication Framework version - 4.2.2 is used.
I tried using latest version of Authentication Framework - 4.2.3.
But the problem is still in the same component.
I am still giving my efforts on this. I need some guidance on this.
Please someone help if I am missing something or any of you have faced same problem.
Thanks.
Source: (StackOverflow)
I have a REST service deployed on a server and would like to expose it (proxy it) through WSO2 ESB and use the ESB security to secure the access to the service (probably HTTP BASIC authentication that looks by username and password in the ESB user database). I cannot find a good documentation describing how to do it. Could this be done using WSO2 ESB and how?
Source: (StackOverflow)
While working out how to build the wso2 platform from source, I have found many references to the terms 'orbit', 'kernel' and 'platform'.
These terms represent separate code repositories, e.g.
svn co https://svn.wso2.org/repos/wso2/carbon/orbit/trunk/ orbit
svn co https://svn.wso2.org/repos/wso2/carbon/kernel/trunk/ kernel
svn co https://svn.wso2.org/repos/wso2/carbon/platform/trunk/ platform
What do these terms represent in functionality and what is their relationship to each other?
Source: (StackOverflow)
I need to know how to get wso2 users by claim value, to perform some kind of search?
example:
getUsersByClaimValue(String claimUri, String claimValue);
Source: (StackOverflow)
I am trying to generate a stub using jax-ws for the WSO2 Identity Server admin service https://xx.xx.xx.xx:9447/services/RemoteUserStoreManagerService?wsdl.
I've downloaded the wsdl but when I run:
wsimport -p org.wso2 RemoteUserStoreManagerService.xml
I get the following errors
[ERROR] operation "updateCredential" has an invalid style
line 679 of file:/C:/tmp/RemoteUserStoreManagerService.xml
[ERROR] operation "setUserClaimValue" has an invalid style
line 683 of file:/C:/tmp/RemoteUserStoreManagerService.xml
[ERROR] operation "deleteUserClaimValues" has an invalid style
line 692 of file:/C:/tmp/RemoteUserStoreManagerService.xml
[ERROR] operation "deleteUserClaimValue" has an invalid style
line 696 of file:/C:/tmp/RemoteUserStoreManagerService.xml
[ERROR] operation "updateCredentialByAdmin" has an invalid style
line 705 of file:/C:/tmp/RemoteUserStoreManagerService.xml
[ERROR] operation "deleteRole" has an invalid style
line 739 of file:/C:/tmp/RemoteUserStoreManagerService.xml
[ERROR] operation "deleteUser" has an invalid style
line 748 of file:/C:/tmp/RemoteUserStoreManagerService.xml
[ERROR] operation "updateRoleName" has an invalid style
line 762 of file:/C:/tmp/RemoteUserStoreManagerService.xml
[ERROR] operation "updateRoleListOfUser" has an invalid style
line 766 of file:/C:/tmp/RemoteUserStoreManagerService.xml
[ERROR] operation "addUser" has an invalid style
line 780 of file:/C:/tmp/RemoteUserStoreManagerService.xml
[ERROR] operation "addRole" has an invalid style
line 784 of file:/C:/tmp/RemoteUserStoreManagerService.xml
[ERROR] operation "updateUserListOfRole" has an invalid style
line 788 of file:/C:/tmp/RemoteUserStoreManagerService.xml
[ERROR] operation "setUserClaimValues" has an invalid style
line 797 of file:/C:/tmp/RemoteUserStoreManagerService.xml
[ERROR] operation "updateCredential" has an invalid style
line 857 of file:/C:/tmp/RemoteUserStoreManagerService.xml
[ERROR] operation "setUserClaimValue" has an invalid style
line 878 of file:/C:/tmp/RemoteUserStoreManagerService.xml
[ERROR] operation "deleteUserClaimValues" has an invalid style
line 887 of file:/C:/tmp/RemoteUserStoreManagerService.xml
[ERROR] operation "deleteUserClaimValue" has an invalid style
line 908 of file:/C:/tmp/RemoteUserStoreManagerService.xml
[ERROR] operation "updateCredentialByAdmin" has an invalid style
line 917 of file:/C:/tmp/RemoteUserStoreManagerService.xml
[ERROR] operation "deleteRole" has an invalid style
line 1010 of file:/C:/tmp/RemoteUserStoreManagerService.xml
[ERROR] operation "deleteUser" has an invalid style
line 1019 of file:/C:/tmp/RemoteUserStoreManagerService.xml
[ERROR] operation "updateRoleName" has an invalid style
line 1040 of file:/C:/tmp/RemoteUserStoreManagerService.xml
[ERROR] operation "updateRoleListOfUser" has an invalid style
line 1061 of file:/C:/tmp/RemoteUserStoreManagerService.xml
[ERROR] operation "addUser" has an invalid style
line 1094 of file:/C:/tmp/RemoteUserStoreManagerService.xml
[ERROR] operation "addRole" has an invalid style
line 1103 of file:/C:/tmp/RemoteUserStoreManagerService.xml
[ERROR] operation "updateUserListOfRole" has an invalid style
line 1112 of file:/C:/tmp/RemoteUserStoreManagerService.xml
[ERROR] operation "setUserClaimValues" has an invalid style
line 1121 of file:/C:/tmp/RemoteUserStoreManagerService.xml
[ERROR] operation "updateCredential" has an invalid style
line 1205 of file:/C:/tmp/RemoteUserStoreManagerService.xml
[ERROR] operation "setUserClaimValue" has an invalid style
line 1226 of file:/C:/tmp/RemoteUserStoreManagerService.xml
[ERROR] operation "deleteUserClaimValues" has an invalid style
line 1235 of file:/C:/tmp/RemoteUserStoreManagerService.xml
[ERROR] operation "deleteUserClaimValue" has an invalid style
line 1256 of file:/C:/tmp/RemoteUserStoreManagerService.xml
[ERROR] operation "updateCredentialByAdmin" has an invalid style
line 1265 of file:/C:/tmp/RemoteUserStoreManagerService.xml
[ERROR] operation "deleteRole" has an invalid style
line 1358 of file:/C:/tmp/RemoteUserStoreManagerService.xml
[ERROR] operation "deleteUser" has an invalid style
line 1367 of file:/C:/tmp/RemoteUserStoreManagerService.xml
[ERROR] operation "updateRoleName" has an invalid style
line 1388 of file:/C:/tmp/RemoteUserStoreManagerService.xml
[ERROR] operation "updateRoleListOfUser" has an invalid style
line 1409 of file:/C:/tmp/RemoteUserStoreManagerService.xml
[ERROR] operation "addUser" has an invalid style
line 1442 of file:/C:/tmp/RemoteUserStoreManagerService.xml
[ERROR] operation "addRole" has an invalid style
line 1451 of file:/C:/tmp/RemoteUserStoreManagerService.xml
[ERROR] operation "updateUserListOfRole" has an invalid style
line 1460 of file:/C:/tmp/RemoteUserStoreManagerService.xml
[ERROR] operation "setUserClaimValues" has an invalid style
line 1469 of file:/C:/tmp/RemoteUserStoreManagerService.xml
[ERROR] missing required property "style" of element "operation"
Failed to parse the WSDL.
Here's the wsdl schema around line 679 of the file where the first error appears (not posting the whole schema, because it's rather large):
<wsdl:operation name="updateCredential">
<wsdl:input message="ns:updateCredentialRequest" wsaw:Action="urn:updateCredential"/>
<wsdl:fault message="ns:RemoteUserStoreManagerServiceUserStoreException" name="RemoteUserStoreManagerServiceUserStoreException" wsaw:Action="urn:updateCredentialRemoteUserStoreManagerServiceUserStoreException"/>
</wsdl:operation>
<wsdl:operation name="setUserClaimValue">
<wsdl:input message="ns:setUserClaimValueRequest" wsaw:Action="urn:setUserClaimValue"/>
<wsdl:fault message="ns:RemoteUserStoreManagerServiceUserStoreException" name="RemoteUserStoreManagerServiceUserStoreException" wsaw:Action="urn:setUserClaimValueRemoteUserStoreManagerServiceUserStoreException"/>
</wsdl:operation>
<wsdl:operation name="getUserClaimValuesForClaims">
<wsdl:input message="ns:getUserClaimValuesForClaimsRequest" wsaw:Action="urn:getUserClaimValuesForClaims"/>
<wsdl:output message="ns:getUserClaimValuesForClaimsResponse" wsaw:Action="urn:getUserClaimValuesForClaimsResponse"/>
<wsdl:fault message="ns:RemoteUserStoreManagerServiceUserStoreException" name="RemoteUserStoreManagerServiceUserStoreException" wsaw:Action="urn:getUserClaimValuesForClaimsRemoteUserStoreManagerServiceUserStoreException"/>
</wsdl:operation>
Source: (StackOverflow)
I am designing a new application that needs identity management functionality (i.e. managing user accounts and roles). I would like to delegate that functionality to an Identity Server.
- Is there a REST or SOAP API's exposed by WSO2 Identity Server for managing user accounts (e.g. similar to OpenAM's REST api)?
I did find the WSO2 AuthenticationAdmin wsdl https://localhost:9443/services/AuthenticationAdmin?wsdl but that doesn't have user account management functionality.
- Is there an authorative list of all the wsdl's that are exposed by the WSO2 platform? So far, I've found the AuthenticationAdmin wsdl and EventBrokerService wsdl by searching on google.
Source: (StackOverflow)
We have develop some APIs for a client and we have published them through API Manager. We have provided the client with some code examples on PHP which work fine. The only problem is that they are using those APIs through AJAX in a different domain to the one associated with AM. Is this a cross domain problem?
I have tried setting the apache server in front of API Manager with the following headers, so that cross domain is allowed
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Authorization, Content-Type, Accept
Access-Control-Allow-Methods: GET,POST,PUT,DELETE,OPTIONS
Access-Control-Allow-Origin: *
But even with these headers, I still get a 401 Unauthorizaed when making calls to AM. I have tried making the requests directly to AM without going through Apache (port 8282) but we still get the same problem.
Has anyone enocountered the same problem? Thanks in advanced!
Source: (StackOverflow)
We would like to write our own custom extension (feature) for wso2 carbon. Is there some documentation for authoring features?
We did manage to just "hack" our way into writing a custom feature. But how do we host it? It seems Carbon is looking at some very specific repository descriptors - artifacts.jar and content.jar
How can we generate these descriptors without tying into the Carbon build. Is there some documentation describing how to setup a third party feature repository?
Source: (StackOverflow)
I need to create a .NET client for a wso2 Secure Token Service.
Normally I would create a simple console or WinForm project adding a Service Reference to it. The exposed WSDL would be turned in a set of classes that I can use to query the service and to properly manage its response.
Unfortunately, the generated request and response classes are empty: just the class declaration without any property or method. This is similar to the behaviour described in this other (unanswered) Stack Overflow question Call wso2 STS IssueToken service from C# client
I have found a sample request for the service in this forum post: http://cxf.547215.n5.nabble.com/Sample-STS-Client-tp4643980p4664175.html and I made it to work with SOAP UI.
Is there a proper, and possibly automated, way to recreate the complex data structure needed to query the Secure Token Service?
EDIT
OK, after many tries I have reduced the SOAP request from the above forum post to the minimal structure needed to still get a RequestSecurityTokenResponse from the STS service.
<soap:Envelope xmlns:soap="http://www.w3.org/2003/05/soap-envelope">
<soap:Header xmlns:wsa="http://www.w3.org/2005/08/addressing">
<wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<wsse:UsernameToken wsu:Id="UsernameToken-6D35592DCDDA26FFF3141578725699577">
<wsse:Username>USERNAME HERE</wsse:Username>
<wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">PASSWORD HERE</wsse:Password>
</wsse:UsernameToken>
<wsu:Timestamp wsu:Id="TS-6D35592DCDDA26FFF3141578725699576">
<wsu:Created>2014-11-12T10:14:16.995Z</wsu:Created>
<wsu:Expires>2014-11-12T10:16:16.995Z</wsu:Expires>
</wsu:Timestamp>
</wsse:Security>
<wsa:Action soap:mustUnderstand="1">http://schemas.xmlsoap.org/ws/2005/02/trust/RST/SCT</wsa:Action>
<wsa:MessageID soap:mustUnderstand="1">uuid:6d4eab69-77f9-42b7-8d6b-1f710020fb0b</wsa:MessageID>
<wsa:To soap:mustUnderstand="1">STS ENDPOINT ADDRESS HERE</wsa:To>
</soap:Header>
<soap:Body>
<wst:RequestSecurityToken xmlns:wst="http://schemas.xmlsoap.org/ws/2005/02/trust">
<wst:RequestType>http://schemas.xmlsoap.org/ws/2005/02/trust/Issue</wst:RequestType>
<wst:TokenType>http://schemas.xmlsoap.org/ws/2005/02/sc/sct</wst:TokenType>
<wst:Claims>
<wsid:ClaimType Uri="http://wso2.org/claims/userid" xmlns:wsid="http://schemas.xmlsoap.org/ws/2005/05/identity"/>
</wst:Claims>
</wst:RequestSecurityToken>
</soap:Body>
</soap:Envelope>
I have obtained a partial success defining in the app.config of my project either a single wsHttpBinding like the following:
<wsHttpBinding>
<binding name="SendUsername" messageEncoding="Text">
<security mode ="TransportWithMessageCredential">
<message clientCredentialType ="UserName"/>
<transport clientCredentialType ="Basic" />
</security>
</binding>
</wsHttpBinding>
with or without adding a CustomBinding like the following:
<customBinding>
<binding name="wso2carbon-stsSoap12Binding">
<security defaultAlgorithmSuite="Default" authenticationMode="IssuedToken"
requireDerivedKeys="true" securityHeaderLayout="Lax" includeTimestamp="true">
<localClientSettings detectReplays="false" />
<localServiceSettings detectReplays="false" />
<issuedTokenParameters keyType ="SymmetricKey" tokenType ="http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0">
<issuer address =STS ENDPOINT ADDRESS HERE binding ="wsHttpBinding" bindingConfiguration ="SendUsername"/>
<claimTypeRequirements>
<add claimType ="http://wso2.org/claims/userid"/>
</claimTypeRequirements>
</issuedTokenParameters>
</security>
<textMessageEncoding messageVersion="Soap12" />
<httpsTransport />
</binding>
</customBinding>
In both cases however the request throws a timeout exception, and inspecting with WCF tracing the issued request I can see that it is missing the Claims element. Any hints?
Source: (StackOverflow)
I want to merge WSO2 ESB and Data Services Products to execute both of them
on one server.
Both of them are based on Carbon framework and consists of some OSGi bundles.
Is there a simple way to do this.
Best regards.
--Seyyed Jamal
Source: (StackOverflow)
I am constructing a POC. And I created a pass through proxy service for Google Plus.
Without using any proxy service I get this is my output :
{
"kind":"plus#person",
"etag":"\"ExituU7aUpmkkfyD52VulzptThw/4J1clegrhxYC2fsJOu2XWCs1Ewg\"",
"id":"117488614303967062311",
"displayName":"Abhi NeoN",
"name":{
"familyName":"NeoN",
"givenName":"Abhi"
},
"tagline":"hey guys ! ssup!! check out ma recnt videos... uploaded",
"gender":"male",
"aboutMe":"\u003cb\u003ehie, abhishek - ma full name \u003c/b\u003e\u003cdiv\u003e\u003cb\u003em a DANCER ,\u003c/b\u003e\u003c/div\u003e\u003cdiv\u003e\u003cb\u003ei luv ma dancing .\u003c/b\u003e\u003c/div\u003e\u003cdiv\u003e\u003cb\u003ei care ma dancing ,\u003c/b\u003e\u003c/div\u003e\u003cdiv\u003e\u003cb\u003ei jus hv a gr8 thng in me dats ma dancing.\u003c/b\u003e\u003c/div\u003e",
"relationshipStatus":"single",
"url":"https://plus.google.com/117488614303967062311",
"image":{
"url":"https://lh6.googleusercontent.com/-tF-ip0tUxD4/AAAAAAAAAAI/AAAAAAAAAAA/WKI3USUh_DA/photo.jpg?sz=50"
},
"urls":[
{
"value":"https://plus.google.com/117488614303967062311",
"type":"profile"
},
{
"value":"https://www.googleapis.com/plus/v1/people/117488614303967062311",
"type":"json"
}
],
"organizations":[
{
"name":"our lady of nazareth high school",
"title":"science",
"type":"school"
},
{
"name":"",
"title":"BLUEBYTES",
"type":"work"
}
]
}
But when I try to do the same using a simple pass through service I get only :
{
"kind":"plus#person"
}
I read on the wso2esb site that they had a bug and the explanation given to resolve the bug was that json data received was not in the proper format.
But now how do I resolve the problem. I mean is their any way I can manipulate the json data before the esb converts it into json data.
Source: (StackOverflow)