sorry for my poor english, my current config like this:
<bean class="org.springframework.session.web.http.DefaultCookieSerializer">
<property name="cookieName" value="test_sessionid"></property>
<property name="cookiePath" value="/"></property>
<!-- <property name="domainName" value="example.com"></property> -->
<property name="domainNamePattern" value="^.+?\\.(\\w+\\.[a-z]+)$"></property>
</bean>
i want to custom a domain,it is working well while i configured the domainName property.but when i configure the domainNamePattern as above,it just working on localhost and ip address,but no
www.example.com
test.example.com
tks.
It looks like you are not using a valid Regular Expression (the expression is escaped for Java String but you are using XML). The expression will not match any of the domains so it will always use the current domain. Try the following instead:
<bean class="org.springframework.session.web.http.DefaultCookieSerializer">
<property name="cookieName" value="test_sessionid"></property>
<property name="cookiePath" value="/"></property>
<!-- <property name="domainName" value="example.com"></property> -->
<property name="domainNamePattern" value="^.+?\.(\w+\.[a-z]+)$"></property>
</bean>
Related
I am making custom effects with Direct2D, based on Microsoft Learn page. The problem is that, I wanted to make a Direct2D effect which support a variable input count, like Direct2D Composite Effect, while the XML registration string used for ID2D1Factory1::RegisterEffectFromString seemed to take fixed <Input> properties. What should be done in XML registration string?
My XML is almost the same as one from Microsoft Learn page. Still I will provide mine.
auto xml_AxisRotation = XML(
<?xml version='1.0'?>
<Effect>
<!--System Properties-->
<Property name='DisplayName' type='string' value='MultiInput Effect'/>
<Property name='Author' type='string' value='Nan_ok'/>
<Property name='Category' type='string' value='None'/>
<Property name='Description' type='string' value='asdfasdfasdf'/>
<Inputs>
<Input name='Source1'/>
<Input name='Source2'/>
//...?
</Inputs>
<!--Custom Properties go here-->
<Property name='Mode' type='int32'>
<Property name='DisplayName' type='string' value='Mode'/>
<Property name='Default' type='int32' value='1'/>
</Property>
</Effect>
);
I once deliberately omitted the whole <Input> part, but it failed to perform; E_INVALIDARG has been returned.
The XML registration and actual Direct2D effect's input taking worked differently. By proper implementing ID2D1EffectImpl::SetGraph and calling ID2D1Effect::SetInputCount, I was able to set variable numbers of target.
It seemed ok to leave <Inputs> with no <Input> property. here is my XML example.
auto xml_AxisRotation = XML(
<?xml version='1.0'?>
<Effect>
<!--System Properties-->
<Property name='DisplayName' type='string' value='MultiInput Effect'/>
<Property name='Author' type='string' value='Nan_o'/>
<Property name='Category' type='string' value='None'/>
<Property name='Description' type='string' value='asdfasdfasdf'/>
<Inputs> </Inputs> <!--Leaving like this is ok-->
<!--Custom Properties go here-->
<Property name='Mode' type='int32'>
<Property name='DisplayName' type='string' value='Mode'/>
<Property name='Default' type='int32' value='1'/>
</Property>
</Effect>
);
<bean id="dataSource" class="org.apache.commons.dbcp.BasicDataSource">
<property name="driverClassName" value="${db.driver}"/>
<property name="url" value="${db.jdbcurl}"/>
<property name="username" value="${db.username}"/>
<property name="password" value="${db.password}"/>
</bean>
<bean id="sessionFactory" class="org.springframework.orm.hibernate3.LocalSessionFactoryBean">
<property name="dataSource" ref="datasource">
<property name="hibernateProperties">
<value>
hibernate.c3po.max_size=20
</value>
</property>
</bean>
Hi guys, I have above set up for my application. We use DBCP connection pool. However, We have also set c3po properties in my hibernate SessionFactory.
My observation from the log suggests that DBCP overwrite the C3P0 properties in hibernate.
In this situation, is c3p0 property complete redundant? If yes, does it take up unnecessary resources in any way?
Thanks.
I'm creating a java client consumer for a web service using SpringWS-Security.
My Request SOAP (That I use in SOAP UI)
<soapenv:Envelope
xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:sch="http://myws.mycompany.com/myws/schema">
<soapenv:Header>
<wsse:Security soapenv:mustUnderstand="1"
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<wsse:UsernameToken xmlns:wsu="http://schemas.xmlsoap.org/ws/2003/06/utility">
<wsse:Username>myUsernameString</wsse:Username>
<wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">123</wsse:Password>
</wsse:UsernameToken>
</wsse:Security>
</soapenv:Header>
<soapenv:Body>
<sch:GetUserDetails idSender="5"/>
</soapenv:Body>
</soapenv:Envelope>
My servlet.xml in the WS.
<bean name="endpointMapping"
class="org.springframework.ws.server.endpoint.mapping.PayloadRootQNameEndpointMapping">
<property name="interceptors">
<list>
<ref local="wsSecurityInterceptor" />
</list>
</property>
<bean id="wsSecurityInterceptor"
class="org.springframework.ws.soap.security.wss4j.Wss4jSecurityInterceptor">
<property name="validationActions" value="UsernameToken" />
<property name="validationCallbackHandler" ref="springSecurityCallbackHandler" />
</bean>
<bean id="springSecurityCallbackHandler"
class="org.springframework.ws.soap.security.wss4j.callback.SpringPlainTextPasswordValidationCallbackHandler">
<property name="authenticationManager" ref="authenticationManager"/>
</bean>
<bean id="authenticationProvider" class="ws.security.CustomAuthenticationProviderImpl">
<property name="userCommonService" ref="userCommonService" />
<security:custom-authentication-provider/>
</bean>
<security:authentication-manager alias="authenticationManager" />.
In my Java Client - applicationContext.xml
<bean name="webserviceTemplate" class="org.springframework.ws.client.core.WebServiceTemplate">
<property name="defaultUri" value="http:/localhost:8080/myws-ws/" />
<property name="marshaller" ref="marshaller" />
<property name="unmarshaller" ref="unmarshaller" />
<property name="interceptors">
<list>
<ref local="wsSecurityInterceptor" />
</list>
</property>
</bean>
<oxm:jaxb2-marshaller id="marshaller"
contextPath="org.example.bean.schema" />
<oxm:jaxb2-marshaller id="unmarshaller"
contextPath="org.example.org.bean.schema" />
<bean id="client" class="example.client.impl.EfactClientImpl">
<property name="webServiceTemplate" ref="webserviceTemplate" />
</bean>
<bean id="wsSecurityInterceptor" class="org.springframework.ws.soap.security.wss4j.Wss4jSecurityInterceptor">
<property name="securementActions" value="UsernameToken"/>
</bean>
When I use SOAP UI to consume the service everything is going fine, I think I need a little help at the Java Client and its context because when I run it I got this error:
The security token could not be authenticated or authorized; nested exception is:
javax.security.auth.callback.UnsupportedCallbackException; nested exception is org.apache.ws.security.WSSecurityException: The security token could not be authenticated or authorized; nested exception is:
javax.security.auth.callback.UnsupportedCallbackException
When I debug my app I can notice that this element is crashing:
GetUserRequest request = new GetUserRequest();
request.setIdentifier(user.getIdentifier());
request.setPassword(user.getPassword());
GetUserResponse response = new GetUserResponse();
/* Crashing here. */
response = (GetUserResponse) getWebServiceTemplate().marshalSendAndReceive(request);
FYI: I always see this list of users in SpringWS with security, but what if I have a lot of users trying to access.
WS - [servlet-name]-servlet.xml
<bean id="callbackHandler" class="org.springframework.ws.soap.security.wss4j.callback.SimplePasswordValidationCallbackHandler">
<property name="users">
<props>
<prop key="Bert">Ernie</prop>
<prop key="Mickey">Mouse</prop>
</props>
</property>
</bean>
How can I resolve this UnsupportedCallbackException Exception?
You must specify SecurementUsername and SecurementPassword at call time. This is a programmatically example:
WebServiceTemplate webServiceTemplate = new WebServiceTemplate();
webServiceTemplate.setDefaultUri(uri);
Wss4jSecurityInterceptor interceptor = new Wss4jSecurityInterceptor();
interceptor.setSecurementActions(securementActions);
interceptor.setSecurementMustUnderstand(true);
interceptor.setSecurementUsername(usuario);
interceptor.setSecurementPassword(contrasena);
webServiceTemplate.setInterceptors(new ClientInterceptor[] {interceptor});
I was getting this error when I upgraded from cfx 2.2.X to 2.7.X. Due to feature upgrades, the server side code was not able to read the password as a result the password was received as null by the server. Make sure the server received the correct username and password, which would fix this issue.
Currently i am implementing web services using Spring-ws . Here i am struck with xsd validation . For xsd validation i am using the following configruation
<bean id="validatingInterceptor" class="org.springframework.ws.soap.server.endpoint.interceptor.PayloadValidatingInterceptor">
<property name="xsdSchema" ref="schema" />
<property name="validateRequest" value="true" />
<property name="validateResponse" value="true" />
</bean>
<bean id="schema" class="org.springframework.xml.xsd.SimpleXsdSchema">
<property name="xsd" value="/WEB-INF/ProductSchema.xsd" />
</bean>
Here i am passing the xsd file during bean initialization . Is there any way for me to send this(ProductSchema.xsd) xsd file dynamically. Because I will comes to know which xsd file needs to send based on the input payload.
Please help me. Thanks in advance
I don't know how many XSD's you have, but perhaps you can define imports in ProductSchema.xsd to include the others. That's at least how I've got it set up.
For example:
<import namespace="http://namespace" schemaLocation="data.xsd" />
I'm not quite sure of what you are trying to do.
But you can make different endpoints/methods that matches different payloads by annotating the handler method with a localPart that matches the name of an element i the payload:
#Endpoint
public class MyEndpoint {
#PayloadRoot(namespace = NAMESPACE_URI, localPart = "NameOfMyXmlRequestElement")
#ResponsePayload
public MyResponse handleMyRequest(#RequestPayload MyRequest MyRequest) throws Exception {
...
A recived request can then be unmarshalled/validated using a specific schema:
<bean id="myJaxb2Marshaller" class="org.springframework.oxm.jaxb.Jaxb2Marshaller">
<property name="classesToBeBound">
<list>
<value>mydomain.model.oxm.MyRequest</value>
<value>mydomain.model.oxm.MyResponse</value>
</list>
</property>
<property name="schema" ref="MyServiceSchema" />
</bean>
<bean id="MyServiceSchema" class="org.springframework.core.io.ClassPathResource">
<constructor-arg value="WEB-INF/schemas/MyService.xsd" />
</bean>
The MyRequest class must be annotated to work with the Jaxb2marshaller, #XmlRootElement(name="MyRequest") etc...
I wonder how/where can I manage Authentication at SecurityContext in pre-authentation Scenario.
I am using spring security 2.x to implement pre-authentation Scenario in my project. now, it patially work.
After user login by pre-authentation process, they can be authrozied with relevant roles, and are able to acecess resources which defined in security:filter.
e.g.
<security:filter-invocation-definition-source lowercase-comparisons="true" path-type="ant">
<security:intercept-url pattern="/resource/**" access="ROLE_ADMIN" />
In a some controller, I want to check principal in security content.
public abstract class AbstractUserAuthenticationController extends AbstractController
{
protected boolean isAuthenticated(String userName)
{
Object obj = SecurityContextHolder.getContext().getAuthentication().getPrincipal(); // where issue come up
But SecurityContextHolder.getContext().getAuthentication() always return null.
In addition, I also can not use secuiry tag in jsp to check if user has relative roles
<security:authorize ifNotGranted="ROLE_ADMIN">
no role found
</security:authorize>
Below shows the "filterChainProxy" I am using.
<bean id="filterChainProxy" class="org.springframework.security.util.FilterChainProxy">
<property name="filterInvocationDefinitionSource">
<value>
CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
PATTERN_TYPE_APACHE_ANT
/*subscri*=httpSessionContextIntegrationFilter,logoutFilter,j2eePreAuthenticatedProcessingFilter,securityContextHolderAwareRequestFilter,subscribeExceptionTranslationFilter,filterInvocationInterceptor
/**=httpSessionContextIntegrationFilter,logoutFilter,j2eePreAuthenticatedProcessingFilter,logoutFilter,rememberMeProcessingFilter,exceptionTranslationFilter,filterSecurityInterceptor
</value>
</property>
</bean>
<bean id="preAuthenticatedAuthenticationProvider" class="org.springframework.security.providers.preauth.PreAuthenticatedAuthenticationProvider">
<property name="preAuthenticatedUserDetailsService" ref="preAuthenticatedUserDetailsService" />
</bean>
<bean id="preAuthenticatedUserDetailsService" class="demo.project.security.auth.RsaAuthenticationUserDetailsService" >
<property name="userService" ref="userService" />
</bean>
<bean id="j2eePreAuthFilter" class="demo.project.security.filter.AutoLoginFilter">
<property name="authenticationManager" ref="authenticationManager" />
<property name="userService" ref="userService" />
</bean>
I think I need to set Authentication to SecurityContext in somewhere, But I do not know where/where.
What I am missing? Can anyone provide me some clues?
Thanks!
Ian
You should use SecurityContextHolder.setContext method to store your SecurityContext prior to getting it back.
The simplest way for doing this is just SecurityContextHolder.setContext(new SecurityContextImpl()).