I have been using myBatis with org.apache.commons.dbcp.BasicDataSource as the data source.
for some reason, even under an impossible load, myBatis uses only a few connections from the pool (around 23).
As you can see below my initial size of connections is 50, but some of them just stay idle.
Any ideas what could be causing this?
<bean id="myDataSource" class="org.apache.commons.dbcp.BasicDataSource" destroy-method="close">
<property name="driverClassName" value="com.mysql.jdbc.Driver"/>
<property name="url" value="#{'jdbc:mysql://' + mysql + ':3306/mydb?autoReconnect=true'}"/>
<property name="username" value="user"/>
<property name="password" value="pass"/>
<property name="validationQuery" value="SELECT 1"/>
<property name="testOnBorrow" value="true"/>
<property name="maxWait" value="5000"/>
<property name="initialSize" value="50"/>
<property name="maxIdle" value="50"/>
<property name="maxActive" value="1000"/>
</bean>
<bean id="sqlSessionFactory" class="org.mybatis.spring.SqlSessionFactoryBean">
<property name="dataSource" ref="myDataSource"/>
<property name="configLocation" value="classpath:mybatisConfiguration.xml"/>
</bean>
Related
I my web application ,BoneCP DB connection pool configuration as following, it is creating too may DB connection
I need to know what is the default number of DB connection below configuration created
What is the optimal BoneCP configuration( avoiding unwanted connection)
<bean id="appDataSource" class="com.jolbox.bonecp.BoneCPDataSource" destroy-method="close">
<property name="driverClass" value="${database.driverClassName}" />
<property name="jdbcUrl" value="${database.url}" />
<property name="username" value="${database.username}"/>
<property name="password" value="${database.password}"/>
<!--<property name="idleConnectionTestPeriodInMinutes" value="2"/>-->
<property name="maxConnectionsPerPartition" value="15"/>
<property name="minConnectionsPerPartition" value="1"/>
<property name="partitionCount" value="4"/>
<property name="acquireIncrement" value="2"/>
<property name="statementsCacheSize" value="100"/>
<property name="releaseHelperThreads" value="5"/>
</bean>
I am trying to add encryption in properties file, The content is not getting decrypt
My Spring DSL looks like:
<bean id="jasypt" class="org.apache.camel.component.jasypt.JasyptPropertiesParser">
<property name="password" value="test"/>
<property name="algorithm" value="PBEWithMD5AndDES"/>
</bean>
<!-- define the camel properties component -->
<bean id="properties" class="org.apache.camel.component.properties.PropertiesComponent">
<!-- the properties file is in the classpath -->
<property name="location" value="classpath:my-properties.properties"/>
<!-- and let it leverage the jasypt parser -->
<property name="propertiesParser" ref="jasypt"/>
</bean>
<bean class="org.apache.activemq.ActiveMQConnectionFactory" id="jmsFactory">
<property name="brokerURL" value="tcp://localhost:61616"/>
<property name="userName" value="${jboss.fuse.username}"/>
<property name="password" value="${jboss.fuse.password}"/>
</bean>
my-properties.properties
jboss.fuse.username=ENC(D0hnlLDZfGPiC6DtU+NKog==)
jboss.fuse.password=ENC(D0hnlLDZfGPiC6DtU+NKog==)
Error message : java.lang.SecurityException: User name [ENC(D0hnlLDZfGPiC6DtU+NKog==)] or password is invalid.
PropertiesComponent doesn't work.It should be BridgePropertyPlaceholderConfigurer if you are using Spring DSL
<bean
class="org.apache.camel.spring.spi.BridgePropertyPlaceholderConfigurer" id="bridgePropertyPlaceholder">
<property name="location" value="classpath:my-properties.properties"/>
<property name="parser" ref="jasypt"/>
</bean>
I am attempting to go through the Spring Security SAML Quick Start at:
http://docs.spring.io/spring-security-saml/docs/1.0.0.RELEASE/reference/html/chapter-quick-start.html
I've gone through the four steps listed, done the two simple edits to sample/src/main/webapp/WEB-INF/securityContext.xml, and attempt to start the app as described in step 5.
I receive this error:
Bean property 'signMetadata' is not writable or has an invalid setter method.
Does the parameter type of the setter match the return type of the getter?
I have only changed the few lines of XML as described in the QuickStart.
That section of the relevant file looks like this:
<bean id="metadataGeneratorFilter" class="org.springframework.security.saml.metadata.MetadataGeneratorFilter">
<constructor-arg>
<bean class="org.springframework.security.saml.metadata.MetadataGenerator">
<property name="entityId" value="urn:test:chazlarson:waconia" />
<property name="signMetadata" value="false" />
</bean>
</constructor-arg>
</bean>
compared to the QuickStart's suggestion of:
<bean id="metadataGeneratorFilter" class="org.springframework.security.saml.metadata.MetadataGeneratorFilter">
<constructor-arg>
<bean class="org.springframework.security.saml.metadata.MetadataGenerator">
<property name="entityId" value="replaceWithUniqueIdentifier"/>
<property name="signMetadata" value="false"/>
</bean>
</constructor-arg>
</bean>
What have I missed? I am sure this is simple, but I've gone through this simple process on two different machines with the same result.
Did you try this example?
<bean id="metadataGeneratorFilter" class="org.springframework.security.saml.metadata.MetadataGeneratorFilter">
<constructor-arg>
<bean class="org.springframework.security.saml.metadata.MetadataGenerator">
<property name="entityId" value="replaceWithUniqueIdentifier"/>
<property name="extendedMetadata">
<bean class="org.springframework.security.saml.metadata.ExtendedMetadata">
<property name="signMetadata" value="false"/>
<property name="idpDiscoveryEnabled" value="true"/>
</bean>
</property>
</bean>
</constructor-arg></bean>
I looked into MetadataGenerator class and there is no property signMetadata.
I would recommend you to follow this doc
I was successfully able to add google as another authenticator in tonr2 example application. But what I'm stuck with is, removing the application's login screen and make use of google as mode of authentication into the application.
Also, each time I click on Google Info, I'm always taken to the "Accept"/"No Thanks" Page instead of remembering my approval already (I've logged in the same google account at all times)
Here is my modified spring-servlet.xml
<sec:http access-denied-page="/login.jsp?authorization_error=true" >
<sec:custom-filter ref="oauth2ClientFilter" after="EXCEPTION_TRANSLATION_FILTER" />
<sec:intercept-url pattern="/google/**" access="IS_AUTHENTICATED_ANONYMOUSLY" />
<sec:intercept-url pattern="/**" access="IS_AUTHENTICATED_ANONYMOUSLY" />
<sec:form-login authentication-failure-url="/login.jsp?authentication_error=true"
default-target-url="/index.jsp" login-page="/login.jsp"
login-processing-url="/login.do" />
<sec:logout logout-success-url="/index.jsp" logout-url="/logout.do" />
</sec:http>
<sec:authentication-manager >
<sec:authentication-provider>
<sec:user-service>
<sec:user name="marissa" password="wombat" authorities="ROLE_USER" />
<sec:user name="sam" password="kangaroo" authorities="ROLE_USER" />
</sec:user-service>
</sec:authentication-provider>
</sec:authentication-manager>
<!--apply the oauth client context -->
<oauth:client id="oauth2ClientFilter" />
<oauth:resource id="google" type="authorization_code"
client-id="174058367013-sdyu2a9q0fek0smsqgdjjtss26tp83dt.apps.googleusercontent.com"
client-secret="IBAAGEyTXmM0xijZ5AvvJ65x" authentication-scheme="query"
access-token-uri="https://accounts.google.com/o/oauth2/token"
user-authorization-uri="https://accounts.google.com/o/oauth2/auth"
client-authentication-scheme="form"
scope="https://www.googleapis.com/auth/userinfo.profile https://www.googleapis.com/auth/userinfo.email" />
<bean id="conversionService"
class="org.springframework.context.support.ConversionServiceFactoryBean">
<property name="converters">
<set>
<bean
class="org.springframework.security.oauth.examples.tonr.converter.AccessTokenRequestConverter" />
</set>
</property>
</bean>
<mvc:default-servlet-handler />
<mvc:annotation-driven>
<mvc:message-converters>
<bean
class="org.springframework.http.converter.BufferedImageHttpMessageConverter" />
</mvc:message-converters>
</mvc:annotation-driven>
<bean id="contentViewResolver"
class="org.springframework.web.servlet.view.ContentNegotiatingViewResolver">
<property name="mediaTypes">
<map>
<entry key="json" value="application/json" />
</map>
</property>
<property name="defaultViews">
<bean
class="org.springframework.web.servlet.view.json.MappingJacksonJsonView" />
</property>
</bean>
<!--Basic application beans. -->
<bean id="viewResolver"
class="org.springframework.web.servlet.view.InternalResourceViewResolver">
<property name="prefix" value="/WEB-INF/jsp/" />
<property name="suffix" value=".jsp" />
</bean>
<bean id="googleController"
class="org.springframework.security.oauth.examples.tonr.mvc.GoogleController">
<property name="googleRestTemplate">
<oauth:rest-template resource="google">
<property name="messageConverters">
<list>
<bean
class="org.springframework.http.converter.json.MappingJacksonHttpMessageConverter">
<property name="supportedMediaTypes">
<list>
<bean class="org.springframework.http.MediaType">
<!--google sends its json as text/javascript for some reason -->
<constructor-arg value="text" />
<constructor-arg value="javascript" />
</bean>
<bean class="org.springframework.http.MediaType">
<constructor-arg value="application" />
<constructor-arg value="json" />
</bean>
</list>
</property>
</bean>
</list>
</property>
</oauth:rest-template>
</property>
</bean>
I have configured my web application with the following config file:
<beans xmlns="http://www.springframework.org/schema/beans" xmlns:security="http://www.springframework.org/schema/security"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.0.xsd">
<security:global-method-security secured-annotations="enabled" pre-post-annotations="enabled" />
<!--
Filter chain; this is referred to from the web.xml file. Each filter
is defined and configured as a bean later on.
-->
<!-- Note: anonumousProcessingFilter removed. -->
<bean id="filterChainProxy" class="org.springframework.security.web.FilterChainProxy">
<security:filter-chain-map path-type="ant">
<security:filter-chain pattern="/**"
filters="securityContextPersistenceFilter,
basicAuthenticationFilter,
exceptionTranslationFilter,
filterSecurityInterceptor" />
</security:filter-chain-map>
</bean>
<!--
This filter is responsible for session management, or rather the lack
thereof.
-->
<bean id="securityContextPersistenceFilter" class="org.springframework.security.web.context.SecurityContextPersistenceFilter">
<property name="securityContextRepository">
<bean class="org.springframework.security.web.context.HttpSessionSecurityContextRepository">
<property name="allowSessionCreation" value="false" />
</bean>
</property>
</bean>
<!-- Basic authentication filter. -->
<bean id="basicAuthenticationFilter" class="org.springframework.security.web.authentication.www.BasicAuthenticationFilter">
<property name="authenticationManager" ref="authenticationManager" />
<property name="authenticationEntryPoint" ref="authenticationEntryPoint" />
</bean>
<!-- Basic authentication entry point. -->
<bean id="authenticationEntryPoint" class="org.springframework.security.web.authentication.www.BasicAuthenticationEntryPoint">
<property name="realmName" value="Ayudo Web Service" />
</bean>
<!--
An anonymous authentication filter, which is chained after the normal authentication mechanisms and automatically adds an
AnonymousAuthenticationToken to the SecurityContextHolder if there is no existing Authentication held there.
-->
<!--
<bean id="anonymousProcessingFilter" class="org.springframework.security.web.authentication.AnonymousProcessingFilter">
<property name="key" value="ayudo" /> <property name="userAttribute" value="anonymousUser, ROLE_ANONYMOUS" /> </bean>
-->
<!--
Authentication manager that chains our main authentication provider
and anonymous authentication provider.
-->
<bean id="authenticationManager" class="org.springframework.security.authentication.ProviderManager">
<property name="providers">
<list>
<ref local="daoAuthenticationProvider" />
<ref local="inMemoryAuthenticationProvider" />
<!-- <ref local="anonymousAuthenticationProvider" /> -->
</list>
</property>
</bean>
<!--
Main authentication provider; in this case, memory implementation.
-->
<bean id="inMemoryAuthenticationProvider" class="org.springframework.security.authentication.dao.DaoAuthenticationProvider">
<property name="userDetailsService" ref="propertiesUserDetails" />
</bean>
<security:user-service id="propertiesUserDetails" properties="classpath:operators.properties" />
<!-- Main authentication provider. -->
<bean id="daoAuthenticationProvider" class="org.springframework.security.authentication.dao.DaoAuthenticationProvider">
<property name="userDetailsService" ref="userDetailsService" />
</bean>
<!--
An anonymous authentication provider which is chained into the ProviderManager so that AnonymousAuthenticationTokens are
accepted.
-->
<!--
<bean id="anonymousAuthenticationProvider" class="org.springframework.security.authentication.AnonymousAuthenticationProvider">
<property name="key" value="ayudo" /> </bean>
-->
<bean id="userDetailsService" class="org.springframework.security.core.userdetails.jdbc.JdbcDaoImpl">
<property name="dataSource" ref="dataSource" />
</bean>
<bean id="exceptionTranslationFilter" class="org.springframework.security.web.access.ExceptionTranslationFilter">
<property name="authenticationEntryPoint" ref="authenticationEntryPoint" />
<property name="accessDeniedHandler">
<bean class="org.springframework.security.web.access.AccessDeniedHandlerImpl" />
</property>
</bean>
<bean id="filterSecurityInterceptor" class="org.springframework.security.web.access.intercept.FilterSecurityInterceptor">
<property name="securityMetadataSource">
<security:filter-security-metadata-source use-expressions="true">
<security:intercept-url pattern="/*.html" access="permitAll" />
<security:intercept-url pattern="/version" access="permitAll" />
<security:intercept-url pattern="/users/activate" access="permitAll" />
<security:intercept-url pattern="/**" access="isAuthenticated()" />
</security:filter-security-metadata-source>
</property>
<property name="authenticationManager" ref="authenticationManager" />
<property name="accessDecisionManager" ref="accessDecisionManager" />
</bean>
<bean id="accessDecisionManager" class="org.springframework.security.access.vote.AffirmativeBased">
<property name="decisionVoters">
<list>
<bean class="org.springframework.security.access.vote.RoleVoter" />
<bean class="org.springframework.security.web.access.expression.WebExpressionVoter" />
</list>
</property>
</bean>
As soon as I run my application on tomcat, I get a request for username/password basic authentication dialog. Even when I try to access: localhost:8080/myapp/version, which is explicitly set to permitAll, I get the authentication request dialog. Help!
Thank,
Sammy
You have the basicAuthenticationFilter in your filter chain therefor it's going to try to authenticate a user. The permitAll will allow any user, but the request still needs to have a user in the SecurityContext (retrieved from your UserDetailsService).
If you want those URI's to allow all access (even without authenticating a user) then do this:
<intercept-url pattern="/version" filters="none"/>