I have specified the smtp server and authentication info in the mail.properties, but appfuse 2.2 just ignores the mail.username and mail.password properties.
How to workarround this problem?
Finally I figured it out.
The smtp setting is located in appfuse-service-2.2.1.jar/applicationContext-service.xml.
Copy it to src/resources, rename it to applicationContext-services.xml, and uncomment the authentication settings, modify the mail.properties to add auth info.
Modify the web.xml, change the contextConfigLocation, use the new applicationContext-services.xml.
Related
I have to get all these Headers (mentioned below) green when checked the URL "https://.com" on securityheaders.com.
Headers: "Strict-Transport-Security" "Content-Security-Policy" "X-Frame-Options" "X-Content-Type-Options"
The Web Server running here is IBM WebSphere 9.0.5.13 here.
I know it need to be added in some Web.xml file with a context param but there are so manu web.xml files not sure which one, OR
we also tried from the Server Web Container Settings by adding this which didnt work:
com.ibm.ws.webcontainer.ADD_STS_HEADER_WEBAPP....value=max-age=31536000;includeSubDomains;preload
com.ibm.ws.webcontainer.addStrictTransportSecurityHeader....value=max-age=31536000;includeSubDomains;preload
But neither did work. I need to do this for all the Headers mentioned above.
We know how to do this for Tomcat, but having difficulty with WebSphere guys.
If anybody knows how to do this please help me. Thanking you guys in advance
Regards,
Mainak
You need to use the Servlet API's to set custom response headers, either in your application or in a filter. If you can't do that, you can often do similar if you have a proxy server in front of your application.
WebSphere Liberty has basic support for adding custom response headers via server.xml, but it's not available in the traditional websphere application server.
HSTS is unique as there is support for it at various levels in configuration.
When I go to Glassfish web console localhost 4848 and go to Resources JavaMail and hit the "new" button, I get this error class java.lang.RuntimeException I'm fairly new to Glassfish and am trying to follow the mail tutorials. Can anyone give me some advice on where to start? Thx in advance!!
This is a bug introduced in the GlassFish 4.1.1 release. GlassFish 4.1 should work.
For any one struggling to do this via the Web Console and doesn't want to downgrade, just use the sub-command line option to create the mail session then continue on the web console to add additional properties.
asadmin> create-javamail-resource --mailhost localhost
--mailuser sample --fromaddress sample\#sun\.com mail/MyMailSession
Fortunately I was able to get the email to work. The problem was that they had setup Exchange for an Anonymous user with no security (SMTP not SMTPS). However, I never did get the JavaMail in Glassfish to work. Due to some other reasons, the decision was made to stick with the current version of Glassfish. I did try to go back to 4.1 as noted, but had similar issues in getting JavaMail setup as a Resource. Once I got the basic issue resolved, I abandoned the effort to go back to 4.1, so I'm not sure if that would have changed anything.
Thx
I've genrated my application with JHipster. I've changed the authentication way in my project to use LDAPS.
I added configuration in application.yml
Server SSL:
key-store: classpath:keystore.jks
key-store-password: secret
key-password: secret
I didn't add any other code (i.e. java) for this certificate.
When I try to launch my application in a browser, it doesn't work; however if I delete this configuration, it works. Does my application really needs a certificate for the connection to LDAPS?
What is wrong with this code, should I add java code somewhere to complete my configuration?
Thanks for your answers
Not enough information to help you. Which version of JHipster, which authentication did you choose when generating your app?
To make it work with LDAP you must change the SecurityConfiguration class.
I am using resin app server
request.getSession.invalidate();reguest.getSession(true) is not working properly and its not resetting session ID while using Resin.
Also I am not able to use request.changeSessionId() as the resin version is not able to use JavaEE7 libraries.
Please share your views on how to resolve session fixation with Resin
Resin 4.0.x doesn't implement Servlet 3.1 API.
Resin provides reuse-session-id configuration option that helps control session cookie behaviour.
http://caucho.com/resin-4.0/reference.xtp#session-config
This is a fresh install of Raven #2230, running on IIS8/Win8. When studio starts it offers to create new database, then browser pops up credentials window (401).
Web.config has add key="Raven/AnonymousAccess" value="All"/ set. Also tried add key="Raven/AnonymousUserAccessMode" value="All"/ as per documentation.
Anonymous Authentication on site is enabled, so is Windows Authentication.
Added Raven.Bundles.Authorization.dll to plugins folder (not sure if needed, but didn't make any difference).
Am I missing something ?
RavenDB as of today, is on version 2750 (stable). Upgrade and this issue should be fixed.
The way to do this is to set the AnonymousAccess setting in web.config to Admin:
<add key="Raven/AnonymousAccess" value="Admin"/>
You should change this back to All once you have created your database.