I am having trouble getting Camel to work with jndi. I am deploying camel inside of IBM Websphere.
Inside of Websphere there is a jdni connection called "vzw.ds.commerce" that is setup to connect to the database I want to access.
This route below works:
<bean class="org.apache.commons.dbcp.BasicDataSource"
destroy-method="close" id="publishDB">
<property name="driverClassName" value="oracle.jdbc.driver.OracleDriver" />
<property name="url"
value="jdbc:oracle:thin:#//server.com:2051/mbschema" />
<property name="username" value="username" />
<property name="password" value="password" />
</bean>
<bean id="commerceDataSource" class="org.springframework.jndi.JndiObjectFactoryBean">
<property name="jndiName" value="vzw.ds.commerce" />
</bean>
<camelContext xmlns="http://camel.apache.org/schema/spring">
<route id="timer-to-console" customId="true">
<from uri="timer://foo?fixedRate=true&period=10s" />
<transform>
<simple>30004</simple>
</transform>
<process ref="createSQL" />
<to uri="jdbc:publishDB" />
<process ref="processSQL" />
<to uri="stream:out" />
</route>
</camelContext>
However, I want to use the jndi connection and not have the connection information in the route.
When I change the line to:
I get the error:
java.sql.SQLException: invalid arguments in call DSRA0010E: SQL State = null, Error Code = 17,433
The code I posted actually was correct. The problem I had was with the setup on Websphere.
Once I changed the setting on Websphere the code started working.
Related
I my web application ,BoneCP DB connection pool configuration as following, it is creating too may DB connection
I need to know what is the default number of DB connection below configuration created
What is the optimal BoneCP configuration( avoiding unwanted connection)
<bean id="appDataSource" class="com.jolbox.bonecp.BoneCPDataSource" destroy-method="close">
<property name="driverClass" value="${database.driverClassName}" />
<property name="jdbcUrl" value="${database.url}" />
<property name="username" value="${database.username}"/>
<property name="password" value="${database.password}"/>
<!--<property name="idleConnectionTestPeriodInMinutes" value="2"/>-->
<property name="maxConnectionsPerPartition" value="15"/>
<property name="minConnectionsPerPartition" value="1"/>
<property name="partitionCount" value="4"/>
<property name="acquireIncrement" value="2"/>
<property name="statementsCacheSize" value="100"/>
<property name="releaseHelperThreads" value="5"/>
</bean>
I have a situation:
Step 1: Obtained access token (grant_type=password) (A1) and also a refresh token.(RT1)
Step 2: Accessed resource (R) using the token (A1) - Success
Step 3:Revoked user access role for Resource R.
Step 4: Obtained access token (grant_type=password) (A2) and also a refresh token.(RT2)
Step 5: Accessed resource (R) using the token (A2) - Failed
till here all fine.now comes the unexpected part.
Step 6: Obtained new access token (grant_type=refresh_token) using RT2. Unexpectedly using this access token i was able to access resource R.
During this whole flow none of the token was expired one.
I see two issues here:- User roles aren't getting updated for refresh token on grant_type=password and for grant_type=refresh_token. Although access token has changed (Step 4) but refresh token remains same RT1 == RT2. hence any further usage of RT gives access token with previous roles.
How do i tell spring (oauth2) to update user roles (for the newly created token's) while obtaining the access token using refresh token and also while updating RT with new roles (step4), to resolve this discrepancy.
Below is the Authorization server configuration:
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:oauth="http://www.springframework.org/schema/security/oauth2"
xmlns:security="http://www.springframework.org/schema/security"
xsi:schemaLocation="http://www.springframework.org/schema/security/oauth2 http://www.springframework.org/schema/security/spring-security-oauth2.xsd
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security.xsd
http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd">
<bean id="daoAuthenticationProvider" class="org.springframework.security.authentication.dao.DaoAuthenticationProvider">
<property name="userDetailsService">
<bean class="com.dummy.mc.security.service.UserDetailsServiceImpl">
<property name="userRepository" ref="userRepository" />
<property name="grantedAuthorityRepository" ref="grantedAuthorityRepository" />
</bean>
</property>
<property name="passwordEncoder">
<bean class="com.dummy.mc.security.password.McpmPasswordEncoder">
<property name="encodeHashAsBase64" value="true" />
</bean>
</property>
<property name="saltSource">
<bean class="org.springframework.security.authentication.dao.ReflectionSaltSource">
<property name="userPropertyToUse" value="salt" />
</bean>
</property>
</bean>
<!--https://stackoverflow.com/questions/49761597/spring-oauth2-clientid-passed-in-as-username-for-password-grant-type-->
<bean id="tokenStore" class="org.springframework.security.oauth2.provider.token.store.JdbcTokenStore">
<constructor-arg ref="dataSource" />
</bean>
<bean id="tokenServices"
class="org.springframework.security.oauth2.provider.token.DefaultTokenServices">
<property name="tokenStore" ref="tokenStore" />
<property name="supportRefreshToken" value="true" />
<property name="clientDetailsService" ref="clientDetailsService" />
<property name="reuseRefreshToken" value="false"/>
</bean>
<bean id="oauthAccessDeniedHandler"
class="org.springframework.security.oauth2.provider.error.OAuth2AccessDeniedHandler" />
<bean id="clientCredentialsTokenEndpointFilter"
class="org.springframework.security.oauth2.provider.client.ClientCredentialsTokenEndpointFilter">
<property name="authenticationManager" ref="clientDetailAuthenticationManager" />
</bean>
<!-- Authentication manager for client (not resource-owner) authentication required to
protect the token endpoint URL -->
<security:authentication-manager id="clientDetailAuthenticationManager">
<security:authentication-provider user-service-ref="clientDetailsUserService"/>
</security:authentication-manager>
<bean id="clientDetailsUserService" class="org.springframework.security.oauth2.provider.client.ClientDetailsUserDetailsService">
<constructor-arg ref="clientDetailsService"/>
</bean>
<bean id="clientAuthenticationEntryPoint"
class="org.springframework.security.oauth2.provider.error.OAuth2AuthenticationEntryPoint">
<property name="realmName" value="test/client" />
<property name="typeName" value="Basic" />
</bean>
<security:http pattern="/oauth/token" create-session="stateless" use-expressions="true" authentication-manager-ref="authenticationManager">
<security:intercept-url pattern="/oauth/token" access="isAuthenticated()" />
<security:anonymous enabled="false" />
<security:http-basic entry-point-ref="clientAuthenticationEntryPoint" />
<!-- include this only if you need to authenticate clients via request
parameters -->
<security:custom-filter ref="clientCredentialsTokenEndpointFilter"
after="BASIC_AUTH_FILTER" />
<security:access-denied-handler ref="oauthAccessDeniedHandler" />
</security:http>
<authorization-server client-details-service-ref="clientDetailsService"
xmlns="http://www.springframework.org/schema/security/oauth2" token-services-ref="tokenServices" >
<authorization-code />
<implicit />
<refresh-token />
<client-credentials />
<password authentication-manager-ref="authenticationManager" />
</authorization-server>
<!-- <oauth:resource-server id="resourceFilter" token-services-ref="tokenServices" authentication-manager-ref="authenticationManager" />
-->
<security:authentication-manager id="authenticationManager">
<security:authentication-provider ref="daoAuthenticationProvider">
</security:authentication-provider>
</security:authentication-manager>
<oauth:client-details-service id="clientDetailsService">
<oauth:client client-id="core-api" secret="secret"
authorized-grant-types="password,client_credentials,refresh_token" scope="read"
resource-ids="api-core" access-token-validity="36000"
authorities="ROLE_CLIENT,ROLE_TRUSTED_CLIENT" />
</oauth:client-details-service>
</beans>
Resource Server Configuration:
<mvc:default-servlet-handler />
<mvc:annotation-driven/>
<security:global-method-security pre-post-annotations="enabled"/>
<!-- TODO: make an access denied view that tells me something useful -->
<security:http use-expressions="true" entry-point-ref="oauthAuthenticationEntryPoint">
<security:intercept-url pattern="/**" access="isFullyAuthenticated() and hasRole('api.core')" />
<security:custom-filter ref="resourceServerFilter" before="PRE_AUTH_FILTER" />
<security:access-denied-handler ref="oauthAccessDeniedHandler" />
<security:anonymous />
</security:http>
<!-- It's just a "feature" of the Spring Security that an authentication manager is mandatory.
so install an empty one because it isn't used at run time -->
<security:authentication-manager/>
<oauth:resource-server id="resourceServerFilter" token-services-ref="tokenServices" resource-id="api-core"/>
<bean id="tokenServices" class="org.springframework.security.oauth2.provider.token.DefaultTokenServices" >
<property name="tokenStore" ref="tokenStore" />
</bean>
<bean id="tokenStore" class="org.springframework.security.oauth2.provider.token.store.JdbcTokenStore">
<constructor-arg ref="dataSource" />
</bean>
<bean id="oauthAuthenticationEntryPoint" class="org.springframework.security.oauth2.provider.error.OAuth2AuthenticationEntryPoint">
<property name="realmName" value="test/client" />
<property name="typeName" value="Basic" />
</bean>
<bean id="oauthAccessDeniedHandler" class="org.springframework.security.oauth2.provider.error.OAuth2AccessDeniedHandler" />
Authorities are loaded when access token its required.
Using jdbc store, authorities are saved to OAUTH_ACCESS_TOKEN table, AUTHENTICATION column.
When refresh token its required, authorities are loaded from database.
If authorities changed after access token was required, you will have to implement custom token store.
Take a look to org.springframework.security.oauth2.provider.token.store.JdbcTokenStore, and extend from it.
I need to implement session management in spring security but I am getting an error while deploying the application on tomcat. Application is trying to fetch invalid-session-url and expired-url property values from property file but getting error on deplement.
<security:http entry-point-ref="casAuthenticationEntryPoint" auto-config="true">
<security:intercept-url pattern="/*" access="ROLE_USER"/>
<security:custom-filter position="CAS_FILTER" ref="casAuthenticationFilter"/>
<security:logout invalidate-session="true" logout-url="/logout" logout-success-url="#{CAS_server}/logout?service=#{CAS_application}/" delete-cookies="JSESSIONID"/>
<security:session-management invalid-session-url="#{CAS_server}/logout?service=#{CAS_application}" session-fixation-protection="newSession" >
<security:concurrency-control max-sessions="1" expired-url="#{CAS_server}/logout?service=#{CAS_application}" error-if-maximum-exceeded="true" />
</security:session-management>
</security:http>
I am only getting this error on session-management tag. Any one have any idea.
Quickly configured a Spring security app and my configuration contain following and it works fine ( note the injection of properties in session management tag)
test.properties
mytestservice=MyApp
loginurl=/my-login.html
invalidsessionurl=/my-login.html
Spring security config
<bean id="webPropertyConfigurer"
class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer">
<property name="ignoreResourceNotFound" value="true" />
<property name="ignoreUnresolvablePlaceholders" value="true" />
<property name="locations">
<list>
<value>classpath:test.properties</value>
</list>
</property>
</bean>
<security:http>
<security:intercept-url pattern="/my-login.jsp" access="permitAll" />
<security:intercept-url pattern="/**" access="hasRole('USER')" />
<security:form-login login-page="${loginurl}"
authentication-failure-url="${loginurl}?error" />
<security:http-basic />
<security:session-management invalid-session-url="${invalidsessionurl}/logout?service=${mytestservice}" session-fixation-protection="newSession" />
<security:logout />
</security:http>
I get a MVC website and with the log4net to record the log.
In the web application, I store the user information in session, add log some information after executing one operation. Then the session lost when I returned to the home page(just type the url of the home page).
I am sure that the session lost which has no relation to the "Response.Redirect()" or something else, because I test the application and found it will recover after I comment the lockingModel property which value is "log4net.Appender.FileAppender+MinimalLock" in log4net config file.
Below is the configuration:
<?xml version="1.0"?>
<log4net debug="true">
<appender name="AllInfoRollingAppender" type="log4net.Appender.RollingFileAppender">
<file value="bin\\Log\\AllInfo-UniqueBlog-" />
<lockingModel type="log4net.Appender.FileAppender+MinimalLock" />
<appendToFile value="true" />
<staticLogFileName value="false" />
<rollingStyle value="Composite" />
<datePattern value="yyyy-MM-dd.LOG" />
<maximumFileSize value="1M" />
<maxSizeRollBackups value="4" />
<layout type="log4net.Layout.PatternLayout">
<conversionPattern value="%date [%thread] %-5level %logger: %message%newline%exception" />
</layout>
</appender>
<root>
<level value="ALL" />
<appender-ref ref="AllInfoRollingAppender" />
</root>
</log4net>
So I think the "lockingModel" property in log4net config cause this error, but i don't know the reason, and it will not throw any error there, does anyone encounter this? I found it is inconceivable because this shouldn't cause this issue.
Your question is totally not readable. However I have to things you can check. If your session is lost, do you log before or after the Session.Redirec(). If you log after the session redirect, your code is never hit. The redirect ends your current thread. Next thing you can enable log4net debugging:
<configuration>
<appSettings>
<add key="log4net.Internal.Debug" value="true"/>
</appSettings>
...
<system.diagnostics>
<trace autoflush="true">
<listeners>
<add
name="textWriterTraceListener"
type="System.Diagnostics.TextWriterTraceListener"
initializeData="C:\tmp\log4net.txt" />
</listeners>
</trace>
</system.diagnostics>
...
</configuration>
If something bad happens in log4net, you will see it in the logs.
I have done following RabbitMQ-Spring configuration for RPC call
Following is the configuration:-
/>
<rabbit:queue name="identity.queue" />
<rabbit:direct-exchange name="identity.exchange">
<rabbit:bindings>
<rabbit:binding queue="identity.queue" key="identity.binding"/>
</rabbit:bindings>
</rabbit:direct-exchange>
<bean id="idenityListener"
class="org.springframework.amqp.remoting.service.AmqpInvokerServiceExporter">
<property name="serviceInterface" value="<<package>.AA" />
<property name="service" ref="AAProxy" />
<property name="amqpTemplate" ref="template" />
</bean>
<rabbit:listener-container connection-factory="connectionFactory">
<rabbit:listener ref="idenityListener" queue-names="identity.queue" />
</rabbit:listener-container>
At client side:-
/>
<bean id="identityClient"
class="org.springframework.amqp.remoting.client.AmqpProxyFactoryBean">
<property name="amqpTemplate" ref="identityTemplate" />
<property name="serviceInterface" value="<<package>.AA" />
</bean>
<bean id="AAProxy" class="<xx>.AAProxy" init-method="init" />
<rabbit:template id="identityTemplate" connection-factory="connectionFactory" reply-timeout="2000"
routing-key="identity.binding" exchange="identity.exchange" />
I am getting the following error while setup for RabbitMQ RPC call. This setup working on same machine and while not working on different machine:-
Caused by: org.springframework.remoting.RemoteProxyFailureException: No reply received - perhaps a timeout in the template?
at org.springframework.amqp.remoting.client.AmqpClientInterceptor.invoke(AmqpClientInterceptor.java:60)
**Log file:-**
=ERROR REPORT==== 19-Feb-2015::10:05:59 ===
Channel error on connection <0.1474.0> (172.16.206.139:59826 -> 172.16.206.154:5672, vhost: '/', user: 'reetesh'), channel 13:
{amqp_error,not_found,"no queue 'identity.queue' in vhost '/'",
'queue.declare'}
Whenever I tried to connect I found following above in log.
Reetesh
i had a similar problem, i not fix them. Finally i use "direct reply-to"
See
http://docs.spring.io/spring-amqp/docs/1.4.3.BUILD-SNAPSHOT/reference/html/amqp.html
3.7.1 section.
with this configuration not needs a fixed reply queue and "reply-listener" is not required and should not be configured.