(also posted here: https://github.com/ehcache/ehcache3/issues/3129 )
I'm trying to upgrade from 2 to 3 and the (large) codebase contains:
net.sf.ehcache.hibernate.SingletonEhCacheProvider
inside xml-based bean containers:
<prop key="hibernate.cache.provider_class">net.sf.ehcache.hibernate.SingletonEhCacheProvider</prop>
and I don't see in the migration guide any hints on what is an acceptable way to achieve this:
https://www.ehcache.org/documentation/3.3/migration-guide.html
I'm using Spring 3.2.18 and hibernate as low as 3.3:
./WEB-INF/lib/hibernate-3.2.3.ga.jar
./WEB-INF/lib/hibernate-annotations-3.3.0.ga.jar
./WEB-INF/lib/hibernate-commons-annotations-4.0.1.Final.jar
./WEB-INF/lib/hibernate-validator-5.1.3.Final.jar
./WEB-INF/lib/spring-aop-3.2.18.RELEASE.jar
./WEB-INF/lib/spring-beans-3.2.18.RELEASE.jar
./WEB-INF/lib/spring-context-3.2.18.RELEASE.jar
./WEB-INF/lib/spring-context-support-3.2.18.RELEASE.jar
./WEB-INF/lib/spring-core-3.2.18.RELEASE.jar
./WEB-INF/lib/spring-expression-3.2.18.RELEASE.jar
./WEB-INF/lib/spring-jdbc-3.2.18.RELEASE.jar
./WEB-INF/lib/spring-jms-3.0.3.RELEASE.jar
./WEB-INF/lib/spring-orm-3.2.18.RELEASE.jar
./WEB-INF/lib/spring-oxm-3.2.18.RELEASE.jar
./WEB-INF/lib/spring-security-config-3.1.2.RELEASE.jar
./WEB-INF/lib/spring-security-core-3.2.10.RELEASE.jar
./WEB-INF/lib/spring-security-saml2-core-1.0.0.RC2.jar
./WEB-INF/lib/spring-security-web-3.2.10.RELEASE.jar
./WEB-INF/lib/spring-test-3.2.18.RELEASE.jar
./WEB-INF/lib/spring-tx-3.2.18.RELEASE.jar
./WEB-INF/lib/spring-web-3.2.18.RELEASE.jar
./WEB-INF/lib/spring-webmvc-3.2.18.RELEASE.jar
./WEB-INF/lib/spring-ws-core-2.1.4.RELEASE-all.jar
What is the easiest way to use ehcache 3 with code that currently uses net.sf.ehcache.hibernate.SingletonEhCacheProvider?
Is there a compatibility matrix? I see lots of search results about Hibernate 4+, Spring/Spring Boot at higher versions than my code has.
(note: this is legacy code not written by me :) And we do have plans to modernize but there's a more immediate security concern with ehcache 2 that I need to address)
I am building an application which uses drools 7.47.0, this application creates drools packages dynamically and executes the packages.
The same package can be executed if it has already been built. The packages have versions and can be updated. If updated the new version would have to be build and executed existing running session would not be affected by this change in version.
These packages could be executed independently or multiple packages can be combined and executed.
Package 1: com.somepackage.p1
Package 2: com.somepackage.p2
Package 3: com.somepackage.p3
Execution
Scenario 1: com.somepackage.p1
Scenario 2: com.somepackage.p1 & com.somepackage.p2
Scenario 3: com.somepackage.p1 & com.somepackage.p2 & com.somepackage.p3
Due to performance as suggested by drools documentation it is better to cache the KieBase.
So we were planning to build the KieBase for each package 1 KieBase.
How do we combine KieBases at runtime?
I tried the following
Creating KieModuleModels
KieModuleModel module = ks.newKieModuleModel();
KieBaseModel baseModel = module.newKieBaseModel(some-dynamic-name);
.....
KieFileSystem kfs = ks.newKieFileSystem();
ReleaseId rid = ks.newReleaseId(release-id);
// Iteratively include all the individual KieBases
for(...){
baseModel.addInclude(r);
}
kfs.generateAndWritePomXML(rid);
kfs.writeKModuleXML(module.toXML());
KieBuilder kb = ks.newKieBuilder(kfs);
// the build this and extract the session from the Kie Container
Create KieBase
InternalKnowledgeBase kbase = (InternalKnowledgeBase) (kBaseConfig == null ? KnowledgeBaseFactory.newKnowledgeBase() : KnowledgeBaseFactory.newKnowledgeBase(kBaseConfig));
// Create a session from this and locally in memory cache the KieBase
The problem i see with this is that the there would be multiple combinations in memory and if any particular version changes that would have to be internally managed.
Need some inputs on how we can build and manage?
Using
JBoss 7.1.0 EAP
Infinispan 8.2.8.Final-redhat-1
Is it possible to use passivation and memory based evictions with infinispan?
When I try to use this configuration:
ConfigurationBuilder config = new ConfigurationBuilder();
config.clustering().cacheMode(CacheMode.DIST_SYNC);
config.eviction()
.type(EvictionType.MEMORY)
.size(heapAllocationForCache);
config.persistence().passivation(true)
.addSingleFileStore()
.location("/path/to/cache-dir")
.purgeOnStartup(true);
When I try this configuration I get this error:
2019-10-30 11:28:59 INFO [] EvictionConfigurationBuilder:114 - ISPN000152: Passivation configured without an eviction policy being selected. Only manually evicted entities will be passivated.
Here is the validation logic:
if (!strategy.isEnabled()) {
if (maxEntries > 0) {
strategy(EvictionStrategy.LIRS);
log.debugf("Max entries configured (%d) without eviction strategy. Eviction strategy overriden to %s", maxEntries, strategy);
} else if (getBuilder().persistence().passivation() && strategy != EvictionStrategy.MANUAL) {
log.passivationWithoutEviction(); // <--------- this line is where the warning comes from
}
}
Can you not use memory based eviction with Passivation? Or is this a bug with the validation on Infinispan 8.2.x?
Note we cannot set
strategy(EvictionStrategy.LRU) etc because of this code:
https://github.com/infinispan/infinispan/blob/8.2.11.Final/core/src/main/java/org/infinispan/configuration/cache/EvictionConfigurationBuilder.java
if (strategy.isEnabled() && maxEntries <= 0)
throw new CacheConfigurationException("Eviction maxEntries value cannot be less than or equal to zero if eviction is enabled");
As you use EAP the I would not use the Infinispan bits inside of EAP as this are not meant to be used for application cache - also you can not update the version as this is not supported.
Best approach is to use RHDG as a supported product or (if you can't) use the latest Infinispan version to have a full feature set and the latest fixes.
Also with 9.x yuo can use off-heap memory which provide often a better performance.
See this post for more details Unable to use Infinispan embedded cachemanager on JBoss EAP 7.2
You should be able to. The problem though is that in 8.2 the default strategy is NONE [1]. Setting the strategy to LIRS or LRU should fix your issue. Newer versions of Infinispan this setting is no longer required unless you want to set it to MANUAL eviction strategy.
config.eviction()
.type(EvictionType.MEMORY)
.strategy(EvictionStrategy.LRU)
.size(heapAllocationForCache);
[1] https://github.com/infinispan/infinispan/blob/8.2.x/core/src/main/java/org/infinispan/configuration/cache/EvictionConfiguration.java#L19
We are attempting to test the defeasible belief system in the Kie Workbench 6.2.0.Final, and would like to be able to use Test Scenerios feature to test defeasible rules.
In the following setup we created a Test Scenerio. We were expecting the "CheckforACK" rule to run but not "NotNO" rule. Instead, both rules are running in the test scenerio.
I have modified the kiemodule.xml
<kbase name="defaultKieBase" default="true" packages="abc.qwerty.*">
<ksession name="kiesession" beliefSystem="defeasible"/>
</kbase>
Here are the rules we are testing with:
rule "NotNO" #Defeasible
when
$f : foo( bar!= "NO", ppId==12345)
then
System.out.println("PPSuccess");
end
rule "CheckforAll" #Defeats("NotNO")
when
$f : foo( bar== "ALL", ppId==12345, mpId==101)
then
System.out.println("OverideSuccess");
end
Parameters for TestScenerio: bar == ALL,ppId == 12345,mpId == 101
In my example I would like the "CheckforAll" rule to run, but not the "NotNO". When I run the test both rules are being ran.
Any help will be appreciated.
Took advice from laune and reached out to the Drools User Group. The test scenario feature in kieworkbench will always use the kiesession without the belief system in 6.2.0.Final. They are planning to make this kiesession editable for test scenarios in future releases.
Discussion took place here
[https://groups.google.com/d/msgid/drools-usage/fd77a506-6357-4639-a154-63111d981907%40googlegroups.com.]
I'm working on set of constants for my project, and I'd like to use roslyn to verify some of them in source code level. To achieve this, I'm loading entire solution using following snippet into AppDomain with IsFullyTrusted == true and IsHomogenous == true, i.e. remoting is enabled with x86 platform target:
// load workspace, i.e. solution from Visual Studio
var workspace = Roslyn.Services.Workspace.LoadSolution(solutionFile);
Test runners for NCrunch and NUnit with x86 platform with Roslyn
But while using either ncrunch 1.45 or nunit 2.6.2 nunit-console-x86.exe with platform configuration x86 as test runners, I'm constantly getting following System.Security.SecurityException:
System.Security.SecurityException : Type System.Runtime.Remoting.ObjRef and the types derived from it (such as System.Runtime.Remoting.ObjRef) are not permitted to be deserialized at this security level.
Server stack trace:
at System.Runtime.Serialization.FormatterServices.CheckTypeSecurity(Type t, TypeFilterLevel securityLevel)
at System.Runtime.Serialization.Formatters.Binary.ObjectReader.CheckSecurity(ParseRecord pr)
at System.Runtime.Serialization.Formatters.Binary.ObjectReader.ParseObject(ParseRecord pr)
at System.Runtime.Serialization.Formatters.Binary.ObjectReader.Parse(ParseRecord pr)
at System.Runtime.Serialization.Formatters.Binary.__BinaryParser.ReadObjectWithMapTyped(BinaryObjectWithMapTyped record)
at System.Runtime.Serialization.Formatters.Binary.__BinaryParser.ReadObjectWithMapTyped(BinaryHeaderEnum binaryHeaderEnum)
at System.Runtime.Serialization.Formatters.Binary.__BinaryParser.Run()
at System.Runtime.Serialization.Formatters.Binary.ObjectReader.Deserialize(HeaderHandler handler, __BinaryParser serParser, Boolean fCheck, Boolean isCrossAppDomain, IMethodCallMessage methodCallMessage)
at System.Runtime.Serialization.Formatters.Binary.BinaryFormatter.Deserialize(Stream serializationStream, HeaderHandler handler, Boolean fCheck, Boolean isCrossAppDomain, IMethodCallMessage methodCallMessage)
at System.Runtime.Remoting.Channels.CoreChannel.DeserializeBinaryRequestMessage(String objectUri, Stream inputStream, Boolean bStrictBinding, TypeFilterLevel securityLevel)
at System.Runtime.Remoting.Channels.BinaryServerFormatterSink.ProcessMessage(IServerChannelSinkStack sinkStack, IMessage requestMsg, ITransportHeaders requestHeaders, Stream requestStream, IMessage& responseMsg, ITransportHeaders& responseHeaders, Stream& responseStream)
Exception rethrown at [0]:
at System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage reqMsg, IMessage retMsg)
at System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData& msgData, Int32 type)
at Roslyn.Utilities.RemoteServices.Initialize(Int32 clientProcessId)
at Roslyn.Utilities.RemoteServices.StartRemoteServicesProcess()
at Roslyn.Utilities.RemoteServices.get_Instance()
at Roslyn.Utilities.RemoteServices.CreateInstance[T]()
at Roslyn.Services.Host.TemporaryStorageServiceFactory.CreateService(IWorkspaceServiceProvider workspaceServices)
at Roslyn.Services.Host.WorkspaceServiceProviderFactory.<>c__DisplayClass6.<OnImportsSatisfied>b__1(IWorkspaceServiceProvider wsp)
at Roslyn.Services.Host.WorkspaceServiceProvider.ConstructService(Type type)
at System.Collections.Concurrent.ConcurrentDictionary`2.GetOrAdd(TKey key, Func`2 valueFactory)
at Roslyn.Services.Host.WorkspaceServiceProvider.GetService[TWorkspaceService]()
at Roslyn.Services.SolutionServices..ctor(IWorkspaceServiceProvider workspaceServices)
at Roslyn.Services.Solution..ctor(SolutionId id, String filePath, VersionStamp version, VersionStamp latestProjectVersion, IWorkspaceServiceProvider workspaceServices)
at Roslyn.Services.Host.SolutionFactoryServiceFactory.SolutionFactoryService.CreateSolution(SolutionId id)
at Roslyn.Services.Host.TrackingWorkspace.CreateNewSolution(ISolutionFactoryService solutionFactory, SolutionId id)
at Roslyn.Services.Host.TrackingWorkspace..ctor(IWorkspaceServiceProvider workspaceServiceProvider, Boolean enableBackgroundCompilation, Boolean enableInProgressSolutions)
at Roslyn.Services.Host.HostWorkspace..ctor(IWorkspaceServiceProvider workspaceServiceProvider, Boolean enableBackgroundCompilation, Boolean enableInProgressSolutions, Boolean enableFileTracking)
at Roslyn.Services.Host.LoadedWorkspace..ctor(IWorkspaceServiceProvider workspaceServiceProvider, IDictionary`2 globalProperties, Boolean enableBackgroundCompilation, Boolean enableFileTracking)
at Roslyn.Services.Host.LoadedWorkspace.LoadSolution(String solutionFileName, String configuration, String platform, Boolean enableFileTracking)
at Roslyn.Services.Workspace.LoadSolution(String solutionFileName, String configuration, String platform, Boolean enableFileTracking)
There is a discussion on NCrunch forum, but I have tried all following options without success:
Add [assembly: AllowPartiallyTrustedCallers] to AssemblyInfo.cs
Add [assembly: SecurityRules(SecurityRuleSet.Level1)] to AssemblyInfo.cs
Add <NetFx40_LegacySecurityPolicy enabled="true" /> to app.config
Run VS2012 as Administrator
Decorate both unittests and implementation with [SecuritySafeCritical]
Update: create new AppDomain and provide
PermissionState.Unrestricted, SecurityPermissionFlag.AllFlags and DataProtectionPermissionFlags.AllFlags
Add Host Evidence: SecurityZone.MyComputer, System.Security.Policy.Hash and System.Security.Policy.StrongName
Add all assemblies (both mine and Roslyn CTP) to fullTrustAssemblies while creating of AppDomain
Update #2
This exception happens only while I'm running test under x86 configuration, after I had switched to x64 platform configuration, everything seems to work fine
Question
Are there any other attributes or configuration changes to app.config or AppDomain that could help to enable deserialization in .NET Framework remoting for System.Runtime.Remoting.ObjRef while running under x86 configuration?
Temporary solution
Switch to x64 build configuration only for unittest project(s)
Source code
Whole source code is available at github: to reproduce error run following unittest using NCrunch IntrospectionTests.Introspection_SearchForComplexityGt10_ApprovedList
Discussion at NCrunch forum
Additional information
Also I notice...
A lot of instances of Roslyn.Services.dll hang in background, after all tests had been completed.
Lack of Host Evidences for NCrunch: System.Security.Policy.Hash and System.Security.Policy.StrongName with test runner assembly name
resharper MSIL (should be x64 inside) and nunit 2.6.2 nunit-console.exe test runner are working fine, so it looks like Roslyn configuration/remoting/security configuration issue.
It looks like ncrunch is executing the tests in Partial Trust, whereas Resharper is running them in Full Trust.
Roslyn has not been tested in Partial Trust scenarios. There are likely to be accesses to APIs that require Full Trust.
I haven't used ncrunch, but maybe there is a way to configure it to run the tests in Full Trust?
I want to add something!
After upgrading an NUnit instance I manage to run to both 2.6.2 and 2.6.3 of the software, my team ran into similar issues with this exact System.Security exception that Akim was seeing.
We were creating an IpcChannel with some of our custom NUnit logic that wasn't created with the right trust settings, so we had to change something that looked like:
IpcChannel channel = new IpcChannel(string.Format("localhost:{0}", portNum));
To -
BinaryServerFormatterSinkProvider serverProvider = new BinaryServerFormatterSinkProvider();
serverProvider.TypeFilterLevel = System.Runtime.Serialization.Formatters.TypeFilterLevel.Full;
BinaryClientFormatterSinkProvider clientProvider = new BinaryClientFormatterSinkProvider();
var properties = new System.Collections.Hashtable();
properties["name"] = "ipc";
properties["priority"] = "20";
properties["portName"] = string.Format("localhost:{0}", portNum);
IpcChannel channel = new IpcChannel(properties, clientProvider, serverProvider);
Just a quick fix I noticed that I figured I would forward to anybody seeing something similar that can't just switch their platform settings. To be fair, it took me about four hours to figure out so I didn't want the knowledge to go to waste.