Spring Security - Custom JSON Message instead showing Login page - rest

I would like to get your valuable feedback on the below.
I am stuck in processing Spring-Security. I know that when i login to through form-login, the login-processing-url will be triggered and the page is redirected to spring security login.
But is it possible to cast a CUSTOM JSON Message when I haven't logged in to my application but about trying to access any API URL via REST. Your help would be much appreciated.!
I am using ExtJS for UI Login and Spring as RESTful service
Wondering to integrate this two view (Spring login view and my custom ExtJS login view)
<security:http authentication-manager-ref="authenticationManager" use-expressions='true' >
<security:form-login login-processing-url="/login" always-use-default-target="true"
default-target-url="/user/authen" username-parameter="uid" password-parameter="password"
authentication-failure-handler-ref="authenticationFailureHandler" />
<security:intercept-url pattern="/login" access="permitAll" />
<security:intercept-url pattern="/**" access="isAuthenticated()" />
<security:intercept-url pattern="/denied" access="permitAll" />
<security:access-denied-handler error-page="/login/accessDenied"/>
<security:logout logout-url="/logout" invalidate-session="true" />
<security:http-basic/>
</security:http>
<bean id="authenticationFailureHandler"
class="org.springframework.security.web.authentication.ExceptionMappingAuthenticationFailureHandler">
<property name="exceptionMappings">
<props>
<prop key="org.springframework.security.authentication.BadCredentialsException">/login/badCredentials</prop>
<prop key="org.springframework.security.authentication.CredentialsExpiredException">/login/credentialsExpired</prop>
<prop key="org.springframework.security.authentication.LockedException">/login/accountLocked</prop>
<prop key="org.springframework.security.authentication.DisabledException">/login/accountDisabled</prop>
<prop key="org.springframework.security.authentication.AccessDeniedException">/login/accessDenied</prop>
</props>
</property>
</bean>
R.R. Vigneshwaran

Related

Alfresco permission of deployed custom workflow

How can i set the permission of a custom worflow?
I deployed a BPMN 2.0 workflow, by placing the bpmn20.xml in /alfresco/extension and also using the following workflow-context.xml
<?xml version='1.0' encoding='UTF-8'?>
<!DOCTYPE beans PUBLIC '-//SPRING//DTD BEAN//EN' 'http://www.springframework.org/dtd/spring-beans.dtd'>
<beans>
<bean id="acme.workflowBootstrap" parent="workflowDeployer">
<property name="workflowDefinitions">
<list>
<props>
<prop key="engineId">activiti</prop>
<prop key="location">alfresco/extension/workflows/activiti/superflow.bpmn20.xml</prop>
<prop key="mimetype">text/xml</prop>
<prop key="redeploy">false</prop>
</props>
</list>
</property>
</bean>
</beans>
The workflow can by found in the Worfkflow console and can be run.
The problem remaing is, that I can only see this worfklow as admin in alfresco share. Not as admin#acme.
How can I set permission to use this workflow as different user than admin?
There is an alfresco extension project available to achieve workflow permissions https://addons.alfresco.com/addons/workflow-permissions
Configuration is done in your share custom config, using the elelement "permission-workflows" like this :
<config evaluator="string-compare" condition="Workflow">
<!-- A list of workflow definitions that are NOT displayed
<hidden-workflows>
<!-- Hide all WCM related workflows -->
<workflow name="jbpm$wcmwf:*" />
<workflow name="jbpm$wf:*" />
<workflow name="activiti$activiti*" />
<workflow name="activiti$quickStart*" />
</hidden-workflows>
<!-- A list of workflow tasks that are NOT displayed inShare -->
<hidden-tasks>
<!-- Hide all WCM related tasks -->
<task type="wcmwf:*" />
</hidden-tasks>
<permission-workflows default="allow">
<permission-workflow name="activiti$epubcreate">
<authorities>
<authority type="group">GROUP_ALFRESCO_ADMINISTRATORS</authority>
</authorities>
</permission-workflow>
</permission-workflows>
</config>
I cannot really speak to how much of the Activiti engine that is bundled with Alfresco is actually exposed. But in the stand alone Activiti product you can assign "candidate starters" to any process.
http://www.activiti.org/userguide/#_add_a_candidate_starter_to_a_process_definition
This uses the identityLinks mechanism that is also available for tasks, instances and executions.

connecting to Oracle XE with myBatis using JDBC in Eclipse

I'm using Eclipse with Maven, in myBatis-config.xml I have the following codes. The H2 part of the code works as I can connect to H2 with my program and access the database. The Oracle part of my code doesn't work. I'm using ORACLE DATABASE XE 11.2, application express with a workspace: test, username: name, password: 123. When I run a testing class in Eclipse, I could pass the H2 tests, but when I run the same test using oracle instead, it gets an error. "Error selecting key or setting result to parameter object. Case: java.sql.SQLSyntaxErrorException: ORA-02289: sequence does not exist.
<environment id="H2">
<transactionManager type="JDBC" />
<dataSource type="POOLED">
<property name="driver" value="org.h2.Driver" />
<property name="url" value="jdbc:h2:tcp://localhost:9096/sample/testDB" />
<property name="username" value="sa" />
<property name="password" value="123" />
</dataSource>
</environment>
<environment id="ORACLE">
<transactionManager type="JDBC" />
<dataSource type="POOLED">
<property name="driver" value="oracle.jdbc.OracleDriver" />
<property name="url" value="jdbc:oracle:thin:#localhost:1521:xe" />
<property name="username" value="system" />
<property name="password" value="123" />
</dataSource>
</environment>
Hello reading the documentation from the official site of MyBatis I could obtain the following information:
In case of using the multi-db feature you will need to inform the databaseIdProvider property in the following way:
In case of using the multi-db feature you will need to inform the databaseIdProvider property in the following way:
<bean id="vendorProperties" class="org.springframework.beans.factory.config.PropertiesFactoryBean">
<property name="properties">
<props>
<prop key="SQL Server">sqlserver</prop>
<prop key="DB2">db2</prop>
<prop key="Oracle">oracle</prop>
<prop key="MySQL">mysql</prop>
</props>
</property>
</bean>
<bean id="databaseIdProvider" class="org.apache.ibatis.mapping.VendorDatabaseIdProvider">
<property name="properties" ref="vendorProperties"/>
</bean>
<bean id="sqlSessionFactory" class="org.mybatis.spring.SqlSessionFactoryBean">
<property name="dataSource" ref="dataSource" />
<property name="mapperLocations" value="classpath*:sample/config/mappers/**/*.xml" />
<property name="databaseIdProvider" ref="databaseIdProvider"/>
</bean>
Hope it has been helpful.
Greetings.
NOTE Since 1.3.0, configuration property has been added. It can be specified a Configuration instance directly without MyBatis XML configuration file. For example:
mybatis.org/spring/es/factorybean.html

Using optional fields with StaxEventItemReader

I have a Spring Batch application and I'm using the StaxEventItemReader as my ItemReader. By default XStream requires us to declare a property for each possible XML tag or else it throws an UnknownFieldException exception. There are ways to code around this with Java but with Spring Batch, the InputReader doesn't seem to have a way to modify it. Is there a way to flag fields as optional in the xml?
My bean is configured basically like this
<job id="synchronizecustomerData" xmlns="http://www.springframework.org/schema/batch">
<step id="readWritecustomers">
<tasklet>
<chunk reader="customerReader"
processor="customerProcessor"
writer="customerSyncWriter"
commit-interval="1"
skip-policy="alwaysSkip" >
</chunk>
</tasklet>
</step>
</job>
<bean id="customerReader" class="org.springframework.batch.item.xml.StaxEventItemReader">
<property name="fragmentRootElementName" value="customer" />
<property name="resource" ref="inputResource" />
<property name="unmarshaller" ref="customerMarshaller" />
</bean>
<bean id="inputResource" class="org.springframework.core.io.FileSystemResource">
<constructor-arg value="c:/sf/data.xml" />
</bean>
<bean id="customerMarshaller" class="org.springframework.oxm.xstream.XStreamMarshaller">
<property name="aliases">
<util:map id="aliases">
<entry key="customer" value="com.company.batchmaster.sf.beans.customer" />
<entry key="name" value="java.lang.String" />
</util:map>
</property>
</bean>
<bean id="customerProcessor" class="org.springframework.batch.item.support.CompositeItemProcessor">
<property name="delegates">
<list>
<ref bean="customerTransformer" />
</list>
</property>
</bean>
<bean id="customerTransformer" class="com.company.batchmaster.sf.chunk.customerTransformer" />
<bean id="customerSyncWriter" class="com.company.batchmaster.sf.chunk.customerSyncWriter" />
My import file looks like this, just getting it up and running
<?xml version="1.0" encoding="UTF-8"?>
<records>
<customer xmlns="http://springframework.org/batch/sample/io/oxm/domain">
<name>ABC Dealer</name>
<types>CR</types>
</customer>
</records>
Thanks for any help.
I am assuming Customer class has properties name and type.
Annotate it as XmlAttribute.defaultValue() as described in Jaxb guide
No need to this (<entry key="name" value="java.lang.String" />) alias because you are unmarshalling a complete Customer object from a node as specified with <property name="fragmentRootElementName" value="customer" />

not able to call restfull services

I am learning restfull , I have downloaded and deployed the example from following url.
http://fruzenshtein.com/spring-jpa-data-hibernate-mysql/ U can download source from git hub in page link
I have deployed and its deployed without an error.
When i am calling this restfull it is showing 404. I am using following url to call service.
http://127.0.0.1:8080/dpr-data/shop/create
Am i doing some thing wrong.
Can any body look into this example . I have moved spring configuration from java class to xml .
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:tx="http://www.springframework.org/schema/tx"
xmlns:p="http://www.springframework.org/schema/p"
xmlns:context="http://www.springframework.org/schema/context"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
http://www.springframework.org/schema/tx
http://www.springframework.org/schema/tx/spring-tx-3.0.xsd
http://www.springframework.org/schema/context
http://www.springframework.org/schema/context/spring-context-3.0.xsd">
<context:component-scan base-package="com.spr.controller" />
<context:component-scan base-package="com.spr.exception" />
<context:component-scan base-package="com.spr.init" />
<context:component-scan base-package="com.spr.model" />
<context:component-scan base-package="com.spr.repository" />
<context:component-scan base-package="com.spr.service" />
<context:component-scan base-package="com.spr.validation" />
<bean id="transactionManager" class="org.springframework.orm.jpa.JpaTransactionManager"
p:entityManagerFactory-ref="entityManagerFactory" />
<bean id="entityManagerFactory"
class="org.springframework.orm.jpa.LocalContainerEntityManagerFactoryBean"
p:dataSource-ref="dataSource">
<property name="jpaVendorAdapter">
<bean class="org.springframework.orm.jpa.vendor.HibernateJpaVendorAdapter" />
</property>
<property name="persistenceUnitName" value="medical-unit" />
<property name="persistenceXmlLocation" value="/WEB-INF/persistence.xml" />
<property name="jpaProperties">
<props>
<prop key="dss.hibernate.dialect">org.hibernate.dialect.MySQLDialect</prop>
<prop key="dss.hibernate.generate_statistics">false</prop>
<prop key="dss.hibernate.cache.use_structured_entries">true</prop>
<prop key="dss.hibernate.show_sql">true</prop>
<prop key="dss.hibernate.format_sql">true</prop>
<prop key="dss.hibernate.jdbc.batch_size">50</prop>
<prop key="dss.hibernate.connection.username">root</prop>
<prop key="dss.hibernate.connection.password">root</prop>
</props>
</property>
</bean>
<bean id="dataSource" class="org.springframework.jdbc.datasource.DriverManagerDataSource">
<property name="driverClassName" value="com.mysql.jdbc.Driver" />
<property name="url" value="jdbc:mysql://127.0.0.1:3306/medicalstore" />
<property name="username" value="root" />
<property name="password" value="root" />
</bean>
<bean id="viewResolver"
class="org.springframework.web.servlet.view.UrlBasedViewResolver" >
<property name="prefix">
<value>/WEB-INF/pages/</value>
</property>
<property name="suffix">
<value>.jsp</value>
</property>
<property name="viewClass">
<value>org.springframework.web.servlet.view.JstlView</value>
</property>
</bean>
<!-- Data Source Declaration
<bean id="commonBasePooledDataSource" class="com.mchange.v2.c3p0.ComboPooledDataSource"
destroy-method="close">
</bean>-->
Deploy works perfectly and controller is getting initiated , I am have put one log in #postconstructor methos and log is printing. But i am not able to get result from this service.
Having looked at the example, I noticed that the final name defined for the project in the POM is:
<finalName>dpr-data</finalName>
Note, starts with a 'd', not 's'.
This will result in the war file dpr-data.war and will be deployed to the context root dpr-data. This means you should access the service using the following URL:
http://127.0.0.1:8080/dpr-data/shop/create

How to initialize ConnectionFactory for remote JMS queue when remote machine is not running?

Using JBoss 4.0.5, JBossMQ, and Spring 2.0.8, I am trying to configure Spring to instantiate beans which depend on a remote JMS Queue resource. All of the examples I've come across depend on using JNDI to do lookup for things like the remote ConnectionFactory object.
My problem is when trying to bring up a machine which would put messages into the remote queue, if the remote machine is not up, JNDI lookup simply fails, causing deployment to fail. Is there a way to get Spring to keep trying to lookup this object in the background while not blocking the remainder of deployment?
Iit's difficult to be sure without seeing your spring config, but assuming you're using Spring's JndiObjectFactoryBean to do the JNDI lookup, then you can set the lookupOnStartup property to false, which allows the context to start up even if the JNDI target isn't there. The JNDI resolution will be done the first time the ConnectionFactory is used.
However, this just shifts the problem further up the chain, because if some other component tries to get a JMS Connection on startup, then you're back where you started. You can use the lazy-init="true" attribute on your other beans to prevent this from happening on deployment, but it's easy to accidentally put something in your config which forces everything to initialize.
You're absolutely right. I tried setting lookupOnStartup to false and lazy-init=true . This just defers the problem to the first time that the Queue is attempted to be used. Then an exception as follows is thrown:
[org.jboss.mq.il.uil2.SocketManager] Failed to handle: org.jboss.mq.il.uil2.msgs.CloseMsg29702787[msgType: m_connectionClosing, msgID: -2147483606, error: null]
java.io.IOException: Client is not connected
Moreover, it looks like the lookup is never attempted again. When the machine with the remote queue is brought back up, no messages are ever processed subsequently. This really does seem like it should be well within the envelope of use cases for J2EE nonsense, and yet I'm not having much luck... It feels like it should even maybe be a solved problem.
For completion's sake, the following is the pertinent portion of my Spring configuration.
<bean id="jndiTemplate" class="org.springframework.jndi.JndiTemplate">
<property name="environment">
<props>
<prop key="java.naming.provider.url">localhost:1099</prop>
<prop key="java.naming.factory.url.pkgs">org.jnp.interfaces:org.jboss.naming</prop>
<prop key="java.naming.factory.initial">org.jnp.interfaces.NamingContextFactory</prop>
</props>
</property>
</bean>
<bean id="connectionFactory" class="org.springframework.jndi.JndiObjectFactoryBean">
<property name="jndiTemplate">
<ref bean="jndiTemplate"/>
</property>
<property name="jndiName">
<value>ConnectionFactory</value>
</property>
</bean>
<bean id="remoteJndiTemplate" class="org.springframework.jndi.JndiTemplate" lazy-init="true">
<property name="environment">
<props>
<prop key="java.naming.provider.url">jnp://10.0.100.232:1099</prop>
<prop key="java.naming.factory.url.pkgs">org.jnp.interfaces:org.jboss.naming</prop>
<prop key="java.naming.factory.initial">org.jnp.interfaces.NamingContextFactory</prop>
</props>
</property>
</bean>
<bean id="remoteConnectionFactory" class="org.springframework.jndi.JndiObjectFactoryBean" lazy-init="true">
<property name="jndiTemplate" ref="remoteJndiTemplate"/>
<property name="jndiName" value="ConnectionFactory" />
<property name="lookupOnStartup" value="false" />
<property name="proxyInterface" value="javax.jms.ConnectionFactory" />
</bean>
<bean id="destinationResolver" class="com.foo.jms.FooDestinationResolver" />
<bean id="localVoicemailTranscodingDestination" class="org.springframework.jndi.JndiObjectFactoryBean">
<property name="jndiTemplate" ref="jndiTemplate"/>
<property name="jndiName" value="queue/voicemailTranscoding" />
</bean>
<bean id="globalVoicemailTranscodingDestination" class="org.springframework.jndi.JndiObjectFactoryBean" lazy-init="true" >
<property name="jndiTemplate" ref="remoteJndiTemplate" />
<property name="jndiName" value="queue/globalVoicemailTranscoding" />
</bean>
<bean id="jmsTemplate" class="org.springframework.jms.core.JmsTemplate" >
<property name="connectionFactory" ref="connectionFactory"/>
<property name="defaultDestination" ref="localVoicemailTranscodingDestination" />
</bean>
<bean id="remoteJmsTemplate" class="org.springframework.jms.core.JmsTemplate" lazy-init="true">
<property name="connectionFactory" ref="remoteConnectionFactory"/>
<property name="destinationResolver" ref="destinationResolver"/>
</bean>
<bean id="globalQueueStatus" class="com.foo.bar.recording.GlobalQueueStatus" />
<!-- Do not deploy this bean for machines other than transcoding machine -->
<condbean:cond test="${transcoding.server}">
<bean id="voicemailMDPListener"
class="org.springframework.jms.listener.adapter.MessageListenerAdapter" lazy-init="true">
<constructor-arg>
<bean class="com.foo.bar.recording.mdp.VoicemailMDP" lazy-init="true">
<property name="manager" ref="vmMgr" />
</bean>
</constructor-arg>
</bean>
</condbean:cond>
<bean id="voicemailForwardingMDPListener"
class="org.springframework.jms.listener.adapter.MessageListenerAdapter" lazy-init="true">
<constructor-arg>
<bean class="com.foo.bar.recording.mdp.QueueForwardingMDP" lazy-init="true">
<property name="queueStatus" ref="globalQueueStatus" />
<property name="template" ref="remoteJmsTemplate" />
<property name="remoteDestination" ref="globalVoicemailTranscodingDestination" />
</bean>
</constructor-arg>
</bean>
<bean id="prototypeListenerContainer"
class="org.springframework.jms.listener.DefaultMessageListenerContainer"
abstract="true"
lazy-init="true">
<property name="concurrentConsumers" value="5" />
<property name="connectionFactory" ref="connectionFactory" />
<!-- 2 is CLIENT_ACKNOWLEDGE: http://java.sun.com/j2ee/1.4/docs/api/constant-values.html#javax.jms.Session.CLIENT_ACKNOWLEDGE -->
<!-- 1 is autoacknowldge -->
<property name="sessionAcknowledgeMode" value="1" />
<property name="sessionTransacted" value="true" />
</bean>
<!-- Do not deploy this bean for machines other than transcoding machine -->
<condbean:cond test="${transcoding.server}">
<bean id="voicemailMDPContainer" parent="prototypeListenerContainer" lazy-init="true">
<property name="destination" ref="globalVoicemailTranscodingDestination" />
<property name="messageListener" ref="voicemailMDPListener" />
</bean>
</condbean:cond>
<bean id="voicemailForwardMDPContainer" parent="prototypeListenerContainer" lazy-init="true">
<property name="destination" ref="localVoicemailTranscodingDestination" />
<property name="messageListener" ref="voicemailForwardingMDPListener" />
</bean>