Hi I have been using Spring AMQP with connection obtained from CachingConnectionFactory with the properties being shown below
<bean id="connectionFactory"
class="org.springframework.amqp.rabbit.connection.CachingConnectionFactory">
<constructor-arg value="rabbit-server-fqdn" />
<property name="virtualHost" value="some-vhost" />
<property name="username" value="username" />
<property name="password" value="password " />
<property name="channelCacheSize" value="25" />
</bean>
Now i need to change my mode to Connection as i need to check open connection
<bean id="connectionFactory"
class="org.springframework.amqp.rabbit.connection.CachingConnectionFactory">
<constructor-arg value="rabbit-server-fqdn" />
<property name="virtualHost" value="some-vhost" />
<property name="username" value="username" />
<property name="password" value="password " />
<property name="cacheMode" value="CONNECTION" />
<property name="channelCacheSize" value="25" />
</bean>
So
Q1. Will channelCacheSize will work ?
Q2. what will be default connection pool size in CachingConnectionFactory ?
Q3. Do i need to set additional property ?
The CHANNEL is better, because you don't need to create a new connection for each call, but reuse a shared one.
The Reference Manual has plenty of facts on the matter. One of them is when do you really need CONNECTION mode:
The use of separate connections might be useful in some environments, such as consuming from an HA cluster, in conjunction with a load balancer, to connect to different cluster members.
The shared connection is still can be traced for open/close state via ConnectionListener injected into that CachingConnectionFactory.
Related
I have a use case where when the connectivity to rabbitmq goes down I need to manage the messages in different way.
I have a logic
RabbitTempate template // get template using API call
template.setReplyTimeout(10000);
template.convertAndSend(message);
But the problem is when the rabbitmq server connectivity goes down Spring AMQP automatically waits for connectivity to get resolved for 5 min
But because of that the client thread calling that particular logic waits for 5 min .
Is there any way i can change it , I am using CachingConnectionFactory
<bean id="connectionFactory"
class="org.springframework.amqp.rabbit.connection.CachingConnectionFactory">
<constructor-arg value="rabbit-server-fqdn" />
<property name="virtualHost" value="vhost" />
<property name="username" value="username" />
<property name="password" value="password" />
<property name="cacheMode" value="CONNECTION" />
<property name="channelCacheSize" value="25" />
</bean>
Is there any way I can override these settings from 5 min so that client API does not need to wait for such huge amount of time ?
<bean id="dataSource" class="org.apache.commons.dbcp.BasicDataSource">
<property name="driverClassName" value="${db.driver}"/>
<property name="url" value="${db.jdbcurl}"/>
<property name="username" value="${db.username}"/>
<property name="password" value="${db.password}"/>
</bean>
<bean id="sessionFactory" class="org.springframework.orm.hibernate3.LocalSessionFactoryBean">
<property name="dataSource" ref="datasource">
<property name="hibernateProperties">
<value>
hibernate.c3po.max_size=20
</value>
</property>
</bean>
Hi guys, I have above set up for my application. We use DBCP connection pool. However, We have also set c3po properties in my hibernate SessionFactory.
My observation from the log suggests that DBCP overwrite the C3P0 properties in hibernate.
In this situation, is c3p0 property complete redundant? If yes, does it take up unnecessary resources in any way?
Thanks.
This question already has an answer here:
c3p0 pool is not shrinking
(1 answer)
Closed 8 years ago.
I am using c3p0 connection pool with spring (with plain jdbc, NO hibernate). Here is my config
<bean id="myDataSource" class="com.mchange.v2.c3p0.ComboPooledDataSource" destroy-method="close">
<property name="driverClass" value="${jdbc.driver}"/>
<property name="jdbcUrl" value="${jdbc.url}"/>
<property name="user" value="${jdbc.username}"/>
<property name="password" value="${jdbc.password}"/>
<property name="acquireIncrement" value="3"/>
<property name="minPoolSize" value="3"/>
<property name="maxPoolSize" value="25"/>
<property name="maxStatementsPerConnection" value="0"/>
<property name="numHelperThreads" value="6"/>
<property name="testConnectionOnCheckout" value="false" />
<property name="testConnectionOnCheckin" value="false" />
<property name="idleConnectionTestPeriod" value="10"/>
<property name="preferredTestQuery" value="select curdate()"/>
<property name="maxIdleTime" value="5" />
<property name="unreturnedConnectionTimeout" value="5" />
<property name="debugUnreturnedConnectionStackTraces" value="true" />
</bean>
I do see that connection pool hits max value of 25 connections but there shrinks back never shrinks back when load reduces.
I am missing some config here???
Please see the config parameters maxIdleTime and maxIdleTimeExcessConnections.
If you want to aggressively pare back pool size when load lightens, set a short maxIdleTimeExcessConnections. Leave just plain maxIdleTime fairly long, so you don't needlessly churn through Connections once your pool has hit minPoolSize.
If you don't care so much, then just set maxIdleTime and eventually the pool will shrink as idle Connections expire. But for reasonable values of maxIdleTime, this will happen slowly.
If neither maxIdleTime nor maxIdleTimeExcessConnections (nor maxConnectionAge) are set, these values all default to zero, meaning Connections never expire, and the pool will only shrink as Connections break and fail tests.
I am trying to configure spring security 3 so that when a users is forced to login again (eg. when the session has timed out) the user will be taken back the the page they where on before the authorisation process began.
I am using a SavedRequestAwareAuthenticationSuccessHandler but the original request does not seem to be saved in the cache.
Below is my security configuration.
<security:http auto-config="false"
use-expressions="true"
access-denied-page="/views/auth/login?error=true"
entry-point-ref="authenticationEntryPoint" >
<security:intercept-url pattern="/*" access="hasRole('ROLE_USER')" />
<security:intercept-url pattern="/views/*" access="hasRole('ROLE_USER')" />
<security:intercept-url pattern="/data/*" access="hasRole('ROLE_USER')" />
<security:intercept-url pattern="/auth/*" access="permitAll" />
<security:logout invalidate-session="true" logout-success-url="/views/auth/login" logout-url="/views/auth/logout" />
<security:session-management invalid-session-url="/views/auth/login" >
<security:concurrency-control max-sessions="1" error-if-maximum-exceeded="true" />
</security:session-management>
<security:custom-filter ref="authenticationFilter" position="FORM_LOGIN_FILTER"/>
</security:http>
<security:authentication-manager />
<bean id="authenticationFilter" class="com.security.web.filter.UsernamePasswordAuthenticationFilter">
<property name="allowSessionCreation" value="true" />
<property name="authenticationManager" ref="authenticationManager"/>
<property name="authenticationFailureHandler" ref="aAuthenticationFailureHandler" />
<property name="authenticationSuccessHandler" ref="authenticationSuccessHandler" />
</bean>
<bean id="authenticationManager" class="com.security.web.manager.AuthenticationManager" />
<bean id="authenticationEntryPoint" class="org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint" >
<property name="loginFormUrl" value="/views/auth/login"/>
</bean>
<bean id="authenticationFailureHandler" class="org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler">
<property name="defaultFailureUrl" value="/views/auth/login?error=true"/>
</bean>
<bean id="authenticationSuccessHandler" class="org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler">
<property name="defaultTargetUrl" value="/views"/>
</bean>
Any help would be appreciated.
I know this question is old, but I wanted to document what I found for others.
Short Answer
The problem is that if you use the invalid-session-url on the <session-management> tag, then the original request will not be saved in the cache.
Explanation
This is discussed at the spring source forum:
http://forum.springsource.org/showthread.php?89352-requestCache-null-when-using-session-management-gt-invalid-session-url
In the above forum, Luke Taylor, a senior member of the security team says:
The invalid-session-url implies that the previous session has expired and the user should start again. There's no connection with the RequestCache which is used for restoring a request after a user has logged in.
and
When a session expires you can't know that it is safe to continue with the requested URL as some required state may have been lost along with the session. It may be OK in your particular case, but it's not a safe assumption in general.
You may be missing this :
<bean id="requestCacheAwareFilter"
class="org.springframework.security.web.savedrequest.RequestCacheAwareFilter">
<constructor-arg ref="requestCache"/>
</bean>
<bean id="requestCache" class="org.springframework.security.web.savedrequest.HttpSessionRequestCache"/>
also you need to add requestCache been to authenticationSuccessHandler
<property name="requestCache" ref="requestCache"/>
I'm having trouble discovering exactly what I need to implement in order to use a custom authentication method with my web application using Spring Security. I have a Grails application with the Spring Security plugin that currently uses the standard user/password authentication with a browser form. This is working correctly.
I need to implement a mechanism alongside of this that implements a type of MAC authentication. If the HTTP request contains several parameters (e.g. a user identifier, timestamp, signature, etc.) I need to take those parameters, perform some hashing and signature/timestamp comparisons, and then authenticate the user.
I'm not 100% sure where to start with this. What Spring Security classes do I need to extend/implement? I have read the Reference Documentation and have an okay understanding of the concepts, but am not really sure if I need a Filter or Provider or Manager, or where/how exactly to create Authentication objects. I've messed around trying to extend AbstractProcessingFilter and/or implement AuthenticationProvider, but I just get caught up understanding how I make them all play nicely.
Implement a custom AuthenticationProvider which gets all your authentication information from the Authentication: getCredentials(), getDetails(), and getPrincipal().
Tie it into your Spring Security authentication mechanism using the following configuration snippet:
<bean id="myAuthenticationProvider" class="com.example.MyAuthenticationProvider">
<security:custom-authentication-provider />
</bean>
This step is optional, if you can find a suitable one from standard implementations. If not, implement a class extending the Authentication interface on which you can put your authentication parameters:
(e.g. a user identifier, timestamp, signature, etc.)
Extend a custom SpringSecurityFilter which ties the above two classes together. For example, the Filter might get the AuthenticationManager and call authenticate() using your implementation of Authentication as input.
You can extend AbstractAuthenticationProcessingFilter as a start.
You can reference UsernamePasswordAuthenticationFilter which extends AbstractAuthenticationProcessingFilter. UsernamePasswordAuthenticationFilter implements the standard Username/Password Authentication.
Configure your Spring Security to add or replace the standard AUTHENTICATION_PROCESSING_FILTER. For Spring Security Filter orders, see http://static.springsource.org/spring-security/site/docs/3.0.x/reference/ns-config.html#filter-stack
Here is a configuration snippet for how to replace it with your implementation:
<beans:bean id="myFilter" class="com.example.MyAuthenticationFilter">
<custom-filter position="AUTHENTICATION_PROCESSING_FILTER"/>
</beans:bean>
I have recently put up a sample application that does custom authentication with Spring Security 3.
The source code is here.
More details are in this blog post.
Here is an example of securityContext.xml configuration file using custom autenticationFilter (extending AUTHENTICATION_PROCESSING_FILTER) and authenticationProvider. The user authentication data is provided by jdbc connection. Configuration is for Spring Security 2.0.x
<?xml version="1.0" encoding="UTF-8"?>
<sec:global-method-security />
<sec:http auto-config="false" realm="CUSTOM" create-session="always" servlet-api-provision="true"
entry-point-ref="authenticationProcessingFilterEntryPoint" access-denied-page="/notauthorized.xhtml"
session-fixation-protection="migrateSession">
<sec:port-mappings>
<sec:port-mapping http="80" https="443" />
</sec:port-mappings>
<sec:anonymous granted-authority="ROLE_ANONYMOUS" username="Anonymous" />
<sec:intercept-url pattern="/**" access="ROLE_ANONYMOUS, ROLE_USER" />
<sec:logout logout-url="/logoff" logout-success-url="/home.xhtml" invalidate-session="false" />
</sec:http>
<bean id="authenticationProcessingFilterEntryPoint" class="org.springframework.security.ui.webapp.AuthenticationProcessingFilterEntryPoint">
<property name="loginFormUrl" value="/login.xhtml" />
<property name="forceHttps" value="false" />
</bean>
<bean id="authenticationProcessingFilter" class="mypackage.CustomAuthenticationProcessingFilter">
<sec:custom-filter position="AUTHENTICATION_PROCESSING_FILTER" />
<property name="defaultTargetUrl" value="/" />
<property name="filterProcessesUrl" value="/logon" />
<property name="authenticationFailureUrl" value="/loginError.xhtml" />
<property name="alwaysUseDefaultTargetUrl" value="false" />
<property name="authenticationManager" ref="authenticationManager" />
</bean>
<jee:jndi-lookup id="securityDataSource" jndi-name="jdbc/DB_DS" />
<bean id="myUserDetailsService" class="mypackage.CustomJdbcDaoImpl">
<property name="dataSource" ref="securityDataSource" />
<property name="rolePrefix" value="ROLE_" />
</bean>
<bean id="apcAuthenticationProvider" class="mypackage.CustomDaoAuthenticationProvider">
<property name="userDetailsService" ref="myUserDetailsService" />
<sec:custom-authentication-provider />
</bean>
<bean id="authenticationManager" class="org.springframework.security.providers.ProviderManager">
<property name="providers">
<list>
<ref local="apcAuthenticationProvider" />
</list>
</property>
</bean>
</beans>