bonita 6.2 connect to database - business-process-management

I have a grails application. How do I configure, it to connect to bonita database from the application so I can query some of the bonita tables ?
this is what i have in datasource.groovy, and it does not seem to work.
dataSource {
driverClassName = "oracle.jdbc.OracleDriver"
dialect = org.hibernate.dialect.Oracle10gDialect
dbCreate = "validate"
pooled = true
url = "jdbc:oracle:thin:#localhost:1521:bonita"
username = "bonita"
password = "bonita"
}

First of all, I would like to point out that I am not a Grails expert so I hope my answer will make sense.
One word on best practices when connecting to Bonita: you should always avoid accessing to its database for R/W purposes for two main reasons:
The database structure is complex and not documented
The application relies on a Hibernate cache for its database accesses. Writing directly to the database could cause issues.
Instead of accessing the Bonita database, you should use the provided APIs.
Since you are using Grails, you have Access to Groovy. This may allow you to use the Java based Bonita APIs to connect to the Bonita Engine?
If this does not work, please consider the Bonita REST APIs.

That is the right configuration. Something else in a custom plugin was causing an issue.

Related

Can Spring Rabbitmq XML configuration of ssl properties "passPhrase" be compromised?

I have used Spring Rabbitmq XML configuration in my project. To create the RabbitConnectionFactoryBean, we provide the ssl.properties file resource with below properties
keyStore=file:/secret/keycert.p12
trustStore=file:/secret/trustStore
keyStore.passPhrase=secret
trustStore.passPhrase=secret
The passPhrases are hardcoded values. We are worried that any one who gains access to the system can read this file and misuse it. It is true that the system admin and OS should protect these files, but this can be considered a security threat when untrusted user logs in.
In this link Gary suggests to use Java configuration and we can use that to create the RabbitConnectionFactoryBean and maybe read the encrypted passwords from system and use the setter to set them in the bean.
But since we are already using XML configuration, is there any other ways to secure the passPhrases in the properties file?
Will this same configuration cause similar security issue in the PRODUCTION environment.?
Kindly help me on how to achieve security on the above.
Not sure if that is legal to say in the public, but I'll try.
There is some security token approach, when you start your project it requests such a token. An admin (or security representative) comes, inserts some special flesh drive, enter passwords. Your project reads properties from that device, populates all the properties and starts properly. That admin pulls flesh drive from USB and goes away. No one see password for your application!
The other solution you could consider is something like Config Server. So, your properties are stored somewhere outside of the current machine.
You also can really follow encryption way as well: http://cloud.spring.io/spring-cloud-static/Finchley.RELEASE/multi/multi__spring_cloud_context_application_context_services.html#_encryption_and_decryption

graphenedb_url connection error

My graphebedb_url is gotten from heroku to access my neo4j database online. It is correct but when I initiate db connection. It returns error 403.which is forbidden request.
I'm founder & CEO of GrapheneDB. philippkueng/node-neo4j supports authentication via URL.
According to the project's readme, the snippet should look like this. I've adjusted it to load the connection URI from the env variable:
var neo4j = require('node-neo4j');
db = new neo4j(process.env['GRAPHENEDB_URL']);
Attention: The latests release of the driver is 9 months old, so it might not be compatible with the latests versions of Neo4j. This is not related to your authentication issue though.
For an up-to-date nodejs driver I'd recommend thingdom/node-neo4j
Can you describe what you've tried?
Perhaps you need the username and password? Your driver might not support the username and password as part of the URL. You might need to specify it separately (keep in mind there are two node-neo4j drivers when looking at documentation)
Also, ideally you should be using the Heroku environment variable rather than hardcoding the URL.

How can I pass session information from one screen to another in MVC 3 running on Azure

I have a screen where a user selects database source from a drop down. Once that's selected I would like the information passed onto other screens so the user does not keep having to select.
How can I pass information such as this from one screen to another? Note that the information is just very small things like:
DatasourceID - 2 characters
SubjectID - 2 characters
As I am running on Azure can I assume the best place to store this would be on the client side? I saw one implementation that stored data like this:
Session["abc"] = "def";
if (Session["abc"] != null)
etc ...
Is this the best way or am I missing something. Also how would the above work when the page could be served by different servers each time around? Does the above store information locally?
The Session is stored on the Server Side. Now in Azure you have a few options where exactly it is stored. It depends on what you would like to do with this datasource. If this is something you just need in the following screen, you can store it in TempData which is stored in the session. It is kept there until you read it.
Now you have these options to store the session state:
in Azure AppFabric Cache
in a SQL Azure DB
in blob storage
Azure AppFabric Caching has got a Session provider which is very easy to set up. You can just create a new cache in the Azure portal and get the required web.config entries by clicking the according button on the toolbar. this is also explained in detail here.
Using that you can store things in the Session out of process. The downside is that it's a bit expensive (about 45$/month for a 128 MB cache). So the alternative would be to store session state in SQL Azure. There's a Session provider for SQL Azure.
Here's a link to a great introduction by Scott Hanselman to the ASP.NET universal providers. If you're not using membership, then you just need to setup System.Web.Providers.DefaultSessionStateProvider.
Just make sure you point the connection string to your SQL Azure DB. Note: You must set MultipleActiveResultSets=True in the connection string, so be sure to add it back if you’ve copied the SQL Azure connection string from the portal.
Then there is also a session provider for blog storage in the training Kit, available with a sample app at http://code.msdn.microsoft.com/windowsazure/Windows-Azure-ASPNET-03d5dc14.
I believe it is unsupported by MS.
Hope this helps.

Does anyone have any experience using CloudFoundry with Grails?

I am at the point with my Grails app that I want to deploy it up onto Amazon EC2 so I can start showing it to people. I have a little experience using EC2 "manually" to put other projects onto the web, but I was hoping to find something which made the deployment cycle a little more manageable. In steps CloudFoundry.
I have read through the web site and watched the tutorials, and on the face of it I like what I see. However, before I commit to it I wondered whether any of you have experiences to share from the coal face.
Specifically I am going to be deploying a MySQL database along with the app and it's not clear what exactly you need to supply (SQL scripts?) and how to best configure my project to deploy through CloudFoundry so that the host name is configured correctly. I also have a small amount of standard rows which I insert in my BootStrap.groovy and I wonder whether that stuff makes it through deployment.
Lastly, it is free at the moment, but they are sayin they will introduce charging later. Are there any open source alternatives that it may be better to investigate in case CloudFoundry ends up being expensive?
Thanks
I have a little experience with CloudFoundry. They have been so kind to sponsor the GR8Conf website, deployed through their service.
For configuring the SQL, it appears to me, that the simple solution is to use the CloudFoundry plugin, and enter
cloudFoundry.db.schemaName="myName"
in the config/CloudFoundry.groovy file.
In your config/DataSource.groovy you should have:
production {
dataSource {
driverClassName = 'com.mysql.jdbc.Driver'
dbCreate = "update"
url = "jdbc:mysql://localhost/myName" // or url = "jdbc:mysql://${System.getProperty("dbHostName", "localhost")}/myName"
dialect = 'org.hibernate.dialect.MySQLDialect'
username = "myName_user"
password = "myName_password"
}
}
(I got some of this info from: http://www.cloudfoundry.com/getting_started.html)
I do not think that you have to supply additional SQL scripts. What you define in your BootStrap will make through deployment.
On pricing, I have no ideas. I'd suggest you write to their support to ask.
On a side notice: The www.gr8conf.org website is not running on EC2 yet, but that is beacuse I have not yet figured out, how to back up my database from EC2 to S3, and that's rather important, because when an EC2 instance ends, everything in it is lost, if not backed up.
/Søren

Account based lookup in ASP.NET

I'm looking at using ASP.NET for a new SaaS service, but for the love of me I can't seem to figure out how to do account lookups based on subdomains like most SaaS applications (e.g. 37Signals) do.
For example, if I offer yourname.mysite.com, then how would I use ASP.NET (MVC specifically) to extract the subdomain so I can load the right template (displaying your company's name and the like)? Can it be done with regular routing?
This seems to be a common thing in SaaS so there has to be an easy way to do it in ASP.NET; I know there are plugins that do it for other frameworks like Ruby on Rails.
This works for me:
//--------------------------------------------------------------------------------------------------------------------------
public string GetSubDomain()
{
string SubDomain = "";
if (Request.Url.HostNameType == UriHostNameType.Dns)
SubDomain = Regex.Replace(Request.Url.Host, "((.*)(\\..*){2})|(.*)", "$2");
if (SubDomain.Length == 0)
SubDomain = "www";
return SubDomain;
}
I'm assuming that you would like to handle multiple accounts within the same web application rather than building separate sites using the tools in IIS. In our work, we started out creating a new web site for each subdomain but have found that this approach doesn't scale well - especially when you release an update and then have to modify dozens of sites! Thus, I do recommend this approach rather than the server-oriented techniques suggested above based on several years worth of experience doing exactly what you propose.
The code above just makes sure that this is a fully formed URL (rather, say, than an IP address) and returns the subdomain. It has worked well for us in a fairly high-volume environment.
You should be able to pick this up from the ServerVariables collection, but first you need to configure IIS and DNS to work correctly. So you know 37Signals probably use Apache or another open source, unix web server. On Apache this is referred to as VirtualHosting.
To do this with IIS you would need to create a new DNS entry (create a CNAME yourname.mysite.com to application.mysite.com) for each domain that points to your application in IIS (application.mysite.com).
You then create a host header entry in the IIS application (application.mysite.com) that will accept the header yourname.mysite.com. Users will actually hit application.mysite,com but the address is the custom subdomain. You then access the ServerVariables collection to get the value to decide on how to customize the site.
Note: there are several alternative implementations you could follow depending on requirements.
Handle the host header processing at a hardware load balancer (more likely 37Signals do this, than rely on the web server), and create a custom HTTP header to pass to the web application.
Create a new web application and host header for each individual application. This is probably an inefficient implementation for a large number of users, but could offer better isolation and security for some people.
You need to configure your DNS to support wildcard subdomains. It can be done by adding an A record pointing to your IP address, like this:
* A 1.2.3.4
Once its done, whatever you type before your domain will be sent to your root domain, where you can get by splitting the HTTP_HOST server variable, like the user buggs said above:
string user = HttpContext.Request.ServerVariables["HTTP_HOST"].Split(".")
//use the user variable to query the database for specific data
PS. If you are using a shared hosting you're probably going to have to by a Unique IP addon from them, since it's mandatory for the wildcard domains to work. If you're using a dedicated hosting you already have your own IP.
The way I have done it is with HttpContext.Request.ServerVariables["HTTP_HOST"].Split(".").
Let me know if you need more help.

Resources