I would like to allow access to some API RESTful test methods only if the service is not in production.
Could I configure a context param in web.xml similar to
<context-param>
<description>Mientras desarrollamos, este es el valor que debemos usar. Luego, el plan de despliegue creado por Sistemas cambia este valor en función del entorno al valor correcto.</description>
<param-name>javax.faces.PROJECT_STAGE</param-name>
<param-value>Development</param-value>
</context-param>
that I use in JSF?
I try to have the same behaviour I have in JSF but in JAX-RS.
Related
In some cases I've encoutered this problem on some machines; apllication doesn't start with no msg or sometimes with Windows crash errors. I think depends on some framework component, but really I don't know how to resolve. I've already verified Visual C++ Redist Presence (2017). Can you help me? I've just looked at Windows Registry Event and there are 2 error events; I've attached following.
Any ideas? I use ftp2 ChilkatDotNet4.dll version 9.5.0.68
=======================================
Eventi Errore FTP
Nome registro: Application
Origine: .NET Runtime
Data: 18/07/2018 16:46:51
ID evento: 1026
Categoria attività:Nessuna
Livello: Errore
Parole chiave: Classico
Utente: N/D
Computer: ETagliabue-PC
Descrizione:
Applicazione: PigrecoFTP.exe
Versione framework: v4.0.30319
Descrizione: il processo è stato terminato a causa di un'eccezione non gestita.
Informazioni sull'eccezione: System.BadImageFormatException
in PigrecoFTP.mFTP.Main()
in PigrecoFTP.fLogo..ctor()
Informazioni sull'eccezione: System.InvalidOperationException
in PigrecoFTP.My.MyProject+MyForms.Create__Instance__[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.__Canon)
in PigrecoFTP.My.MyApplication.OnCreateMainForm()
in Microsoft.VisualBasic.ApplicationServices.WindowsFormsApplicationBase.OnRun()
in Microsoft.VisualBasic.ApplicationServices.WindowsFormsApplicationBase.DoApplicationModel()
in Microsoft.VisualBasic.ApplicationServices.WindowsFormsApplicationBase.Run(System.String[])
in PigrecoFTP.My.MyApplication.Main(System.String[])
========================================================
Nome registro: Application
Origine: Application Error
Data: 18/07/2018 16:46:51
ID evento: 1000
Categoria attività:(100)
Livello: Errore
Parole chiave: Classico
Utente: N/D
Computer: ETagliabue-PC
Descrizione:
Nome dell'applicazione che ha generato l'errore: PigrecoFTP.exe, versione: 2.1.1.0, timestamp: 0x5b29fefa
Nome del modulo che ha generato l'errore: KERNELBASE.dll, versione: 10.0.17134.165, timestamp: 0xfa43f4b2
Codice eccezione: 0xe0434352
Offset errore 0x0010ddc2
ID processo che ha generato l'errore: 0x2514
Ora di avvio dell'applicazione che ha generato l'errore: 0x01d41ea629d4fcc3
Percorso dell'applicazione che ha generato l'errore: C:\Pigreco 2.1\PigrecoFTP.exe
Percorso del modulo che ha generato l'errore: C:\WINDOWS\System32\KERNELBASE.dll
ID segnalazione: 0ada4e60-4e0b-43fc-b86e-f13c3d332488
Nome completo pacchetto che ha generato l'errore:
ID applicazione relativo al pacchetto che ha generato l'errore:
XML evento:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Application Error" />
<EventID Qualifiers="0">1000</EventID>
<Level>2</Level>
<Task>100</Task>
<Keywords>0x80000000000000</Keywords>
<TimeCreated SystemTime="2018-07-18T14:46:51.940619500Z" />
<EventRecordID>9008</EventRecordID>
<Channel>Application</Channel>
<Computer>ETagliabue-PC</Computer>
<Security />
</System>
<EventData>
<Data>PigrecoFTP.exe</Data>
<Data>2.1.1.0</Data>
<Data>5b29fefa</Data>
<Data>KERNELBASE.dll</Data>
<Data>10.0.17134.165</Data>
<Data>fa43f4b2</Data>
<Data>e0434352</Data>
<Data>0010ddc2</Data>
<Data>2514</Data>
<Data>01d41ea629d4fcc3</Data>
<Data>C:\Pigreco 2.1\PigrecoFTP.exe</Data>
<Data>C:\WINDOWS\System32\KERNELBASE.dll</Data>
<Data>0ada4e60-4e0b-43fc-b86e-f13c3d332488</Data>
<Data>
</Data>
<Data>
</Data>
</EventData>
</Event>
===================================================
Nome registro: Application
Origine: Windows Error Reporting
Data: 18/07/2018 16:47:04
ID evento: 1001
Categoria attività:Nessuna
Livello: Informazioni
Parole chiave: Classico
Utente: N/D
Computer: ETagliabue-PC
Descrizione:
Bucket errato 1422329624855657611, tipo 5
Nome evento: CLR20r3
Risposta: Non disponibile
ID CAB: 0
Firma problema:
P1: PigrecoFTP.exe
P2: 2.1.1.0
P3: 5b29fefa
P4: PigrecoFTP
P5: 2.1.1.0
P6: 5b29fefa
P7: c9
P8: c
P9: System.InvalidOperationException
P10:
File allegati:
\\?\C:\ProgramData\Microsoft\Windows\WER\Temp\WERF0A4.tmp.mdmp
\\?\C:\ProgramData\Microsoft\Windows\WER\Temp\WERF289.tmp.WERInternalMetadata.xml
\\?\C:\ProgramData\Microsoft\Windows\WER\Temp\WERF2AA.tmp.xml
\\?\C:\ProgramData\Microsoft\Windows\WER\Temp\WERF2A8.tmp.csv
\\?\C:\ProgramData\Microsoft\Windows\WER\Temp\WERF2C8.tmp.txt
I file potrebbero essere disponibili qui:
C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_PigrecoFTP.exe_34f9c1645f3274f7fd82cee797602cbfb31baa9a_0989035a_3c1d22df
Simbolo analisi:
Nuova ricerca di soluzioni: 0
ID rapporto: 0ada4e60-4e0b-43fc-b86e-f13c3d332488
Stato rapporto: 2147487744
Bucket con hash: 0d7268abdbc332eec3bd21420b093c8b
GUID CAB: 0
XML evento:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Windows Error Reporting" />
<EventID Qualifiers="0">1001</EventID>
<Level>4</Level>
<Task>0</Task>
<Keywords>0x80000000000000</Keywords>
<TimeCreated SystemTime="2018-07-18T14:47:04.981973000Z" />
<EventRecordID>9011</EventRecordID>
<Channel>Application</Channel>
<Computer>ETagliabue-PC</Computer>
<Security />
</System>
<EventData>
<Data>1422329624855657611</Data>
<Data>5</Data>
<Data>CLR20r3</Data>
<Data>Non disponibile</Data>
<Data>0</Data>
<Data>PigrecoFTP.exe</Data>
<Data>2.1.1.0</Data>
<Data>5b29fefa</Data>
<Data>PigrecoFTP</Data>
<Data>2.1.1.0</Data>
<Data>5b29fefa</Data>
<Data>c9</Data>
<Data>c</Data>
<Data>System.InvalidOperationException</Data>
<Data>
</Data>
<Data>
\\?\C:\ProgramData\Microsoft\Windows\WER\Temp\WERF0A4.tmp.mdmp
\\?\C:\ProgramData\Microsoft\Windows\WER\Temp\WERF289.tmp.WERInternalMetadata.xml
\\?\C:\ProgramData\Microsoft\Windows\WER\Temp\WERF2AA.tmp.xml
\\?\C:\ProgramData\Microsoft\Windows\WER\Temp\WERF2A8.tmp.csv
\\?\C:\ProgramData\Microsoft\Windows\WER\Temp\WERF2C8.tmp.txt</Data>
<Data>C:\ProgramData\Microsoft\Windows\WER\ReportArchive\AppCrash_PigrecoFTP.exe_34f9c1645f3274f7fd82cee797602cbfb31baa9a_0989035a_3c1d22df</Data>
<Data>
</Data>
<Data>0</Data>
<Data>0ada4e60-4e0b-43fc-b86e-f13c3d332488</Data>
<Data>2147487744</Data>
<Data>0d7268abdbc332eec3bd21420b093c8b</Data>
<Data>0</Data>
</EventData>
</Event>
A System.BadImageFormatException is thrown when a process is trying to load a dependency that has a different bitness compared to the process itself. This could be a 32-bit process trying to load a 64-bit DLL, or a 64-bit process trying to load a 32-bit DLL.
Chilkat isn't compiled as AnyCPU, but instead contains two DLLs (one 32-bit and one 64-bit). This means that if you really want to compile your application as AnyCPU you have to ship it with both the 32-bit and 64-bit version of the ChilkatDotNet4.dll, and have the installer install both of them into the Global Assembly Cache (GAC).
If you cannot/don't want to do it this way, the alternatives are:
Compile your application as 32-bit only.
Do the same as Chilkat and release two versions of your application: one 32-bit and one 64-bit.
The BadImageFormatException is the "Common Error #1" described here: http://www.chilkatsoft.com/x64_Framework4.asp
Also, the ChilkatDotNet4.dll is the assembly one would use with the .NET 4.0 Framework. It would require the MSVC 2010 runtime redist to be installed on the system, which it probably already is.. See http://cknotes.com/chilkat-net-assemblies-matching-visual-studio-versions-to-net-framework-versions-to-vc-runtime-versions/
I am trying to read the user id of the user that is calling my OData service.
In my web.xml the OData servlet is a protected area
<servlet>
<servlet-name>EJODataServlet</servlet-name>
<servlet-class>org.apache.cxf.jaxrs.servlet.CXFNonSpringJaxrsServlet</servlet-class>
<init-param>
<param-name>javax.ws.rs.Application</param-name>
<param-value>org.apache.olingo.odata2.core.rest.app.ODataApplication</param-value>
</init-param>
<init-param>
<param-name>org.apache.olingo.odata2.service.factory</param-name>
<param-value>com.wombling.odata.service.EJServiceFactory</param-value>
</init-param>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>EJODataServlet</servlet-name>
<url-pattern>/EJOData.svc/*</url-pattern>
</servlet-mapping>
<login-config>
<auth-method>FORM</auth-method>
</login-config>
<security-constraint>
<web-resource-collection>
<web-resource-name>Protected Area</web-resource-name>
<url-pattern>/a/*</url-pattern>
<url-pattern>/index.html</url-pattern>
<url-pattern>*.html</url-pattern>
<url-pattern>/EJOData.svc/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>extension_user</role-name>
</auth-constraint>
</security-constraint>
When I create the factory to serve the response to a query:
public class EJServiceFactory extends ODataServiceFactory {
#Override
public ODataService createService(ODataContext ctx) throws ODataException {
return RuntimeDelegate
.createODataSingleProcessorService(
new AnnotationEdmProvider(
"com.wombling.odata.models"),
new EJODataProcessor("admin")); //TODO this should not be hardcoded
}
}
I cannot see any way that I can get from the ODataContext the user that has passed authentication. If I were to be using basic auth - then I could just get the header, but I'm not using basic auth, but OAuth2 bearer tokens (created by a SAML assertion).
I'd expect the ODataContext provide me access to the request user id, but no luck. Is there some other means that I can use? Or do I need to force the calling application to insert the user id in the request headers (doesn't seem ideal to me!)
To retrieve the request object via the ODataContext object is a little bit tricky. Try this:
HttpServletRequest r = (HttpServletRequest) ctx.getParameter(ODataContext.HTTP_SERVLET_REQUEST_OBJECT);
ctx is your instance of the ODataContext class. From the request object you get all what you need.
I'm trying to populate a method named getData() via the web service PasarelaService over IIS and WCF. At the same time, this service gets the data from a method named getDato(), via named pipe, inside a self-hosted independent-process named Multiplexor. All works fine, except when I call PasarelaService from IIS.
When I test the service with WcfTestClient, directly from
http://localhost:49208/PasarelaService.svc
, avoiding IIS, all works fine and correct value is taken from Multiplexor, but when I test the same service via IIS, from
http://localhost:8001/PasarelaService.svc?wsdl
ever returns zero.
It seems that when I call the service in the first mode, a new instance of PasarelaService is created and the execution thread runs over the constructor and then over GetData(). But when I call the service from IIS, perhaps no instance is created and no constructor nor Initconexion() is executed. Only GetData() method is called but returns zero with no errors. I don't know why.
Pasarela code:
Imports Multiplexor
<ServiceBehavior(InstanceContextMode:=InstanceContextMode.Single)> _
Public Class PasarelaService
Implements IPasarelaService
' dato que suministramos al consumidor web
Private count As Integer
Dim proxy As IServiciosScreen = Nothing
Public Sub New()
count = 0
Me.InitConexion()
End Sub
Private Sub InitConexion()
Try
Dim ep As New EndpointAddress("net.pipe://localhost/8100")
proxy = ChannelFactory(Of IServiciosScreen).CreateChannel(New NetNamedPipeBinding(), ep)
Catch ex As Exception
Debug.WriteLine(ex.ToString)
End Try
End Sub
Public Function GetData() As String Implements IPasarelaService.GetData
Try
count = proxy.GetDato()
Catch ex As Exception
Debug.WriteLine(ex.ToString)
End Try
Return count.ToString()
End Function
End Class
Rellevant web.config from PasarelaService.
<system.serviceModel>
<bindings />
<services>
<service name="Pasarela.PasarelaService" behaviorConfiguration="Pasarela.PasarelaServiceBehavior">
<!-- Service Endpoints -->
<endpoint address="" binding="basicHttpBinding" contract="Pasarela.IPasarelaService">
<!--
Antes de la implementación, se debe quitar o reemplazar el siguiente elemento de identidad para reflejar la
identidad bajo la que funciona el servicio implementado. Si se quita, WCF deducirá automáticamente una identidad
apropiada.
-->
<identity>
<dns value="localhost"/>
</identity>
</endpoint>
<endpoint address="mex" binding="mexHttpBinding" contract="IMetadataExchange"/>
</service>
</services>
<behaviors>
<serviceBehaviors>
<behavior name="Pasarela.PasarelaServiceBehavior">
<!-- Para evitar revelar información de los metadatos, establezca el valor siguiente en false antes de la implementación -->
<serviceMetadata httpGetEnabled="true"/>
<!-- Para recibir detalles de las excepciones en los fallos, con el fin de poder realizar la depuración, establezca el valor siguiente en true. Para no revelar información sobre las excepciones, establézcalo en false antes de la implementación -->
<serviceDebug includeExceptionDetailInFaults="true"/>
</behavior>
</serviceBehaviors>
</behaviors>
I'm trying to set up a web application based on glassfish 3.1 + JSF2. The authorization is performed using a CAS server installing the jasig cas client in the web app as suggested here:
Configuring the JA-SIG CAS Client for Java in the web.xml
and I'm able to catch the principal object inside an EJB when the user is authenticated.
CAS principal attributes comes from LDAP on Active Directory. Now how can I add authorization?
How can I enable the access of certain web pages only to specific groups of users defined in AD?
The purpose is just to let users access different web pages according to their LDAP roles.
I've tried to follow Securing Web Applications from the Java EE tutorial and my web.xml is
<filter>
<filter-name>CAS Authentication Filter</filter-name>
<filter-class>org.jasig.cas.client.authentication.AuthenticationFilter</filter-class>
<init-param>
<param-name>casServerLoginUrl</param-name>
<param-value>https://casserver:8443/cas/login</param-value>
</init-param>
<init-param>
<param-name>serverName</param-name>
<param-value>http://localhost:8080</param-value>
</init-param>
</filter>
<filter>
<filter-name>CAS Validation Filter</filter-name>
<filter-class>org.jasig.cas.client.validation.Cas20ProxyReceivingTicketValidationFilter</filter-class>
<init-param>
<param-name>casServerUrlPrefix</param-name>
<param-value>https://casserver:8443/cas</param-value>
</init-param>
<init-param>
<param-name>serverName</param-name>
<param-value>http://localhost:8080</param-value>
</init-param>
</filter>
<filter>
<filter-name>CAS HttpServletRequest Wrapper Filter</filter-name>
<filter-class>org.jasig.cas.client.util.HttpServletRequestWrapperFilter</filter-class>
</filter>
<!--
<filter>
<filter-name>CAS Assertion Thread Local Filter</filter-name>
<filter-class>org.jasig.cas.client.util.AssertionThreadLocalFilter</filter-class>
</filter>
-->
<filter-mapping>
<filter-name>CAS Authentication Filter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>CAS Validation Filter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>CAS HttpServletRequest Wrapper Filter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<context-param>
<param-name>javax.faces.PROJECT_STAGE</param-name>
<param-value>Production</param-value>
</context-param>
<servlet>
<servlet-name>Faces Servlet</servlet-name>
<servlet-class>javax.faces.webapp.FacesServlet</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>Faces Servlet</servlet-name>
<url-pattern>/faces/*</url-pattern>
</servlet-mapping>
<session-config>
<session-timeout>
30
</session-timeout>
</session-config>
<welcome-file-list>
<welcome-file>faces/index.xhtml</welcome-file>
</welcome-file-list>
<security-constraint>
<display-name>Pagina di user</display-name>
<web-resource-collection>
<web-resource-name>index1</web-resource-name>
<description>ristretto a user</description>
<url-pattern>/faces/index.xhtml</url-pattern>
</web-resource-collection>
<auth-constraint>
<description>user only</description>
<role-name>AMP-User</role-name>
</auth-constraint>
</security-constraint>
<security-constraint>
<display-name>Pagina di profile</display-name>
<web-resource-collection>
<web-resource-name>index2</web-resource-name>
<description>risretto a profile</description>
<url-pattern>/faces/index_2.xhtml</url-pattern>
</web-resource-collection>
<auth-constraint>
<description>profile only</description>
<role-name>AMP-Profile</role-name>
</auth-constraint>
</security-constraint>
<security-role>
<description>utente generico</description>
<role-name>AMP-User</role-name>
</security-role>
<security-role>
<description>Utente di alto profilo</description>
<role-name>AMP-Profile</role-name>
</security-role>
I've then assigned the roles to my LDAP groups in glassifh-web.xml
<glassfish-web-app error-url="">
<security-role-mapping>
<role-name>AMP-Profile</role-name>
<group-name>AMP-Profile</group-name>
</security-role-mapping>
<security-role-mapping>
<role-name>AMP-User</role-name>
<group-name>AMP-User</group-name>
</security-role-mapping>
<class-loader delegate="true"/>
<jsp-config>
<property name="keepgenerated" value="true">
<description>Keep a copy of the generated servlet class' java code.</description>
</property>
</jsp-config>
</glassfish-web-app>
The problem is that when I access to the page index.xhtml a form is asking me to authenticate but the authentication should be done by the CAS server. Anyway I cannot authenticate.
How can I use CAS authentication and map LDAP groups to roles?
You can use the security annotations (JSR 250, javax.security.annotations), to define role based access control:
#Stateless
#DeclareRoles({"admin", "users"})
public class HelloEJB implements Hello {
#PermitAll
public String hello(String msg) {
return "Hello, " + msg;
}
#RolesAllowed("admin")
public String bye(String msg) {
return "Bye, " + msg;
}
}
Slightly adapted example from the first link below
Here I declared the roles first, using #DeclareRoles. #PermitAll grants access to all authenticated users, while #RolesAllowed only grants access to the mentioned roles.
You will need to set up roles in your deployment descriptors and in glassfish as well. I found this article very helpful. The Glassfish Server Security Guide goes through the details. You also might want to check out this question. If you run into some problems, ask back here on SO.
we are developing a JSF spring webflow web application and we are trying to use the primefaces fileupload widget. primefaces works fine, the widgets get rendered correctly. however the fileupload is not working. the handlefileupload function in the backingbean FileUploadController is never called. other primefaces components for example a button can call functions in that bean, so it gets initialized correctly. below you find our configuration. currently we are developing in eclipse and deploying the web app with maven and run the app with a jetty server directly in eclipse. deploying the .war on tomcat didnt work either.
Problem:
after file selection and clicking on upload the widget is giving either the error 'IO Error' or 'HTTP Error'
some data is transfered to the server (we sniffed the network traffic)
handlefileupload() function in the backingbean FileUploadController is never called
Dependencies
org.primefaces 2.2.RC2
org.springframework.webflow, webflow and faces 2.2.1.RELEASE
commons-fileupload 1.2.2
commons-io 2.0
com.sun.faces, api and impl 2.0.3
org.springframework.security
web.xml
<filter>
<filter-name>PrimeFaces FileUpload Filter</filter-name>
<filter-class>org.primefaces.webapp.filter.FileUploadFilter</filter-class>
</filter><filter-mapping>
<filter-name>PrimeFaces FileUpload Filter</filter-name>
<servlet-name>Faces Servlet</servlet-name>
</filter-mapping>
start.xhtml
<h:form id="mainForm" enctype="multipart/form-data" prependid="false" >
<p:fileUpload id="fileUp" fileUploadListener="#fileUploadController.handleFileUpload}"
description="Images" /></h:form>
FileUploadController.java
public void handleFileUpload(FileUploadEvent event) {
System.out.println("FileUpload Test");
FacesMessage msg = new FacesMessage("ok", event.getFile().getFileName() + " is uploaded.");
FacesContext.getCurrentInstance().addMessage(null, msg);
}
beans-config.xml
<bean id="fileUploadController" class="de.hsrm.mi.media.FileUploadController" scope="session"></bean>
Thanks in advance. We hope someone can help us :)
use this filter instead
<filter>
<filter-name>PrimeFaces FileUpload Filter</filter-name>
<filter-class>
org.primefaces.webapp.filter.FileUploadFilter
</filter-class>
</filter>
<filter-mapping>
<filter-name>PrimeFaces FileUpload Filter</filter-name>
<servlet-name>Spring MVC Dispatcher Servlet</servlet-name>
</filter-mapping>
There is and error or you have copied it wrong from your's xhtml file
<h:form id="mainForm" enctype="multipart/form-data" prependid="false" >
<p:fileUpload id="fileUp" fileUploadListener="#fileUploadController.handleFileUpload}"
description="Images" /></h:form>
The "{" is missing before "fileUploadController.handleFileUpload}" should be:
<h:form id="mainForm" enctype="multipart/form-data" prependid="false" >
<p:fileUpload id="fileUp" fileUploadListener="#{fileUploadController.handleFileUpload}"
description="Images" /></h:form>