I am searching a way to log the JSON Serialization provider name that's used by my application (is it Moxy or Jackson or Json-b) to be sure that when I configure one of these providers I have a way to check that my config is working.
I am deploying on both payara 4 and 5
Thank you for any help.
Related
I have a ASP.NET Core 3.1 Web API application in which I am using Serilog with Serilog.Sinks.MSSqlServer sink.
Questions:
Is it possible to read Serilog's MSSQL sink configuration (E.g. connection string) using some custom configuration provider if it's not possible to configure settings in the appsettings file?
Is it possible to do some settings on LoggerConfiguration at the end AFTER all the required dependencies are registered? (Something like what we do using IPostConfigureOptions.)
High level description of the problem if you want to know what I am up to:
In my organization, all application settings are stored in a common database. What it means is that the ConnectionString I need for the Serilog MSSqlServer sink will also be in the common database.
Serilog is configured at the Host level using IHostBuilder in Program.cs. On the other hand, the services which read settings from our common database are registered in ASP.NET Core's DI in Startup.cs.
I added a class named SerilogPostConfigure which implements IPostConfigureOptions<LoggerConfiguration> and registered it in Startup.cs like this services.ConfigureOptions<SerilogPostConfigure>(). In this class, I inject all the dependencies which can help me connect to the common database to get the required connection string. However, this class is never invoked ! I don't understand why.
I think you should try to use a custom configuration provider on ASP.NET Core level. You can tell the ASP.NET Core app to read the application's configuration from custom places (It reads from your appsettings.json file and environment variables by default).
Here is an article about creating a custom config provider, that reads configuration from a database: https://learn.microsoft.com/en-us/aspnet/core/fundamentals/configuration/?view=aspnetcore-3.1#custom-configuration-provider
I want to create a simple login module which authenticates users so they can, through a servlet using the weblogic client, access EJB's methods annotated with #RolesAllowed. As you probably noted, I have two seperate tiers - one with a webapp (Tomcat) and one containing business logic (WebLogic).
Generally speaking, I followed this JAAS tutorial (setting things accordingly).
According to the answer to this question, the principals should be propaged to the business tier (even having the tiers on separate machines?)
However, what I'm getting is an error page with following header: HTTP Status 500 - [EJB:010160]Security violation: User <anonymous> has insufficient permission to access EJB type=<ejb>
Also, I created corresponding roles in the WebLogic console.
Some tests from the servlet's GET method (without calling Bean's annotaed method):
request.getUserPrincipal().getName(): ADMIN
request.getParameter("role"): null
request.isUserInRole("admins"): true
(request is obtained from the argument #Context HttpServletRequest request)
Is there any additional thing to do to make it work? Or is it sufficient but there may be an error somewhere?
Let me also point I'm quite new in creating Java EE applications.
Help appreciated
The integration of security information between a servlet container and an EJB container is vendor specific. The question that you cited refers to remote calls between containers from the same vendor.
In your case, you have two different vendors - Apache Tomcat and Oracle WebLogic. Therefore, you are going to have more work to do.
You don't state which version of WebLogic that you're using, however the article Using JAAS Authentication in Java Clients describes the additional steps that you need to do in order to correctly propogate the security context from Tomcat to WebLogic 11g. You will likely be able to find similar information for other WebLogic versions.
I am confused between Elmah and Elmah.Contrib.WebApi. And which one is best option for Web API. Iam already using Nlog for exception logging along with Tracing in Web API. So How Elmah is different from all of them. What is the exact need to going for Elmah??
Thanks in Advance
I find that it is useful for catching errors that you did not catch and log yourself. I am using it for a MVC application and it sends me an email when I have an issue that I need to resolve. I can be proactive and I am working on errors before I can hear from the user.
Elmah addresses your default application error logging. However when you're using Web API, for example ASP.NET MVC Web API, you need some extra logic to log your Web API errors within your Elmah data store.
There are a few ways to address this requirement, one being to use the Elmah.Contrib.WebApi package.
Once the package is imported to your project remember to follow any implementation requires, i.e. startup filter registry (as noted here)
Recently I asked some questions here about web services
How to secure a database using web services?
Glassfish: deploy of multiple applications, some of them with SSL
but didn't find answers at all
This time I will try to be more specific hoping to find some help...
I created a simple web service in Netbeans using the wizard which creates a web service from a Database table. The wizard creates a persistence unit, entity classes and uses JPA.
The restful web service is created using jax-rs and I checked "Use Jersey default" which caused the creation of a web.xml file.
It works but in the database table there are some fields I need for filtering but I don't want reported to the client: how can I hide them in the xml/json produced by the restful web service ?
How can I force to use SSL ?
I tried to put
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
in web.xml, it forces SSL but the response is not the same, it is not xml/json but it contains only the concatenation of the values of the entities ' fields. Besides some URI with path parameters don't work at all. What am I missing ?
Thanks
Filippo
Update about SSL
I made some more checks and using Firefox I got valid responses using SSL, while I get weird results with IE9. In that case forcing to use SSL I got a single long string with alphanumeric characters. As soon as possible I'm going to repeat the test on another computer.
Since you're using Jersey you should have Jackson along with that. Jackson helps working with entity -> JSON and JSON -> entity parsing.
You're looking for an annotation called
#JsonIgnore
And you'll want to put that on the 'getter' method of the member you wish to obscure from the output.
Source: http://jackson.codehaus.org/
I'm trying to publish my website that contains references to servicestack rest APIs.
The Website is fine, but when it tries to access my REST services generated by ServiceStack, it returns 404 errors.
Does anyone know how to publish serviceStack REST services on IIS6?
Thanks
From the instructions on ServiceStack's Hello World tutorial:
Note: due to limitations in IIS 6 - the /custompath must end with
.ashx, e.g: path="servicestack.ashx"
The name can be anything, e.g. it can be api.ashx if you want.
The limitations of handler mappings in ASP.NET/IIS 6 and other possible solutions is explained in this answer.