Using a Java based image uploader and having problems, seems my controller action is not being hit if I upload multiple files. I can't use fiddler or FireBug because they don't pickup the Java apps request to the server. I need to see what is being requested in debug mode so I can fix my Route - I am assuming this is my problem.
How can I hook into this and see what the request is?
You could still use a web debugging proxy (like Fiddler) if your Java based image uploader supports a proxy. Other than that you can use a packet sniffer like Wireshark or break your debug session at a point with a HttpContext, e.g. in Global.asax at BeginRequest.
Related
IIS seems to be an application that listens for incoming connections, parses the data sent there as HTTP requests, and maps request urls to directories based on a site an application and a virtual directory, and then does something based on the file present (or not present) on that location.
MVC meanwhile takes an HTTP request, routes it to a controller, which generates a HTTP response and sends it back.
It seems MVC handles exactly the same part of the network stack as IIS does, modulo the network endpoint (and that is a fairly trivial part of code, the hard work is done by the underlying OS part of the network stack on TCP level), but an MVC site is hosted "in" IIS somehow.
But IIS is a massive program. It must do something other than connection management. What does it actually do, and what do all these concepts ("site", "application", "virtual directory") mean in the context of a project that seems to replace their function in the first place?
MVC nor IIS do any port listening or HTTP parsing. That's http.sys's job, which is the HTTP Server API. See MSDN: HTTP Server API, how exactly does http.sys work, Introduction to IIS Architectures, and especially HTTP Request Processing in IIS.
IIS adds a lot of functionality on top of http.sys, apart from configuration and management: handlers and modules. Those allow you to run any kind of code to generate or alter a response for an HTTP request.
Key point here are handlers. They decide what particular piece of software will be invoked to handle a request, or they handle the request themselves. You have static resource handlers to handle for example requests for image, css and js files. There's also the ASP.NET handler that handles .aspx requests, see Introduction to HTTP Handlers.
Now MVC works hand in hand with a routing handler. All that the MVC handler does is look at the URL and your routing configuration, and then choose which controller method to invoke to generate the response for the request.
I've an ASP .NET MVC4 application that uses SimpleMembership and allows users to sign in with their google accounts.
In order to do that I configured the application's AuthConfig class by uncommenting the OAuthWebSecurity.RegisterGoogleClient(); line to add google as an external login method. I didn't really change much inside the external login methods that already come with the ASP .NET MVC4 Internet Application template.
Problem:
Everything works fine when I run it locally (IIS express) or when I deploy it to a 'test' server (IIS 6.1, accessible on the intranet only). When I click my "sign in with google" button, I'm sent to google's authentication page, whose url looks something like this:
https://accounts.google.com/ServiceLogin?service=lso&passive=12096...(long url)
Alas, when I deploy it to the 'production' server (internet facing) and try to access it via internet, Google authentication stops working: when I click my "sign in with google" I'm being sent to an url that looks like this:
http://MY_APPLICATION_NAME.MY_DOMAIN.com/accounts/o8/ud?openid.claimed_id=http%3A%2F%2Fspecs.openid...(long url)
This url is wrong not only because it has my domain in it (I believe it should be accounts.google.com?), but also because the rest of it is completely different from the url I get when the authentication works.
What I know and have tried:
If I use fiddler, I can see that the application is behaving differently when I'm accessing the application via internet or intranet.
If I access it from within the network, I see I'm making a request to http://MY_APPLICATION_NAME.MY_DOMAIN.com/account/ExternalLogin?returnUrl= and then "Tunnel to www.google.com:443, Tunnel to accounts.google.com:443". This works ok.
If I access it from the internet I see I'm making a request to http://MY_APPLICATION_NAME.MY_DOMAIN.com/account/ExternalLogin?returnUrl= and then another one to http://MY_APPLICATION_NAME.MY_DOMAIN.com/accounts/o8/ud?openid.claimed_id=http%3A%2F%2Fspecs.openid...(long url). This obviously gives a 404.
I might be wrong but I assume that this url is generated by the OAuthWebSecurity.RequestAuthentication(provider, returnUrl). What puzzles me is that it looks like it is requesting the authenticaton to my server instead of accounts.google.com.
My research so far has only brought to me posts/questions/etc. showing how easy it is to use SimpleMembership for external authentication and I can see everyone does it pretty much the same way.
Conclusion:
I believe this probably has something to do with something I must configure on web.config or IIS. I do know that the requests to my application arrive at my DNS server which does a url rewrite and forwards the request to my web server, although I don't know if this is related to the problem.
Does anyone have any idea of what might be wrong or ever had a similar issue? Any help would be appreciated.
EDIT:
I've looked into OpenAuthSecurityManager.cs's source code and although I can't debug it I see the problem might be related to an incorrect HttpContext inside the RequestAuthentication method, due to my reverse proxy settings on IIS?
I ended up with a request to change the IT infrastructure.
OpenAuthSecurityManager.cs was probably getting a wrong HttpContext instance because of the way the requests were being handled by the previous infrastructure (requests arrived at our DNS server and were forwarded to the web service, on a different server inside our network, with UrlRerwrite rules).
It's working now.
So I have the following scenario (it's a Grails 2.1 app):
I have a Controller that can be accessed via //localhost:8080/myController
This controller in turn executes a call to another URL opening a connection using new URL("https://my.other.url").openConnection()
I want to capture the request so I can log the information
I have a Filter present in my web.xml already which does the job well for controllers mapped in my app. But as soon as a request is fired to an external URL, I don't get anything.
I understand that my filter will only be invoked to URLs inside my app, and that depends on my filter mapping which is fine.
I'm struggling to see how a solution inside the app is actually viable. I'm thinking of using a mixed approach with the DevOps team to capture such outgoing calls from the container and then log them into a separate file.
I guess my questions are:
Is there a way to do it inside the app itself?
Is the approach I'm planning a sensible one?
Cheers!
Any reason why you don't want to use http-builder? There a Grails plugin for it, and it makes remote XML calls much easier than handling the plumbing yourself. At the bottom of the linked page they describe how you can enable request logging via log4j configuration.
I want to test the results from a WSDL service in a browser like IE9 or FireFox. I know that I can view the WSDL XML, but I want to test the return results of an endpoint called GetEmployeeById that accepts a parameter called Id and returns a class. I am assuming this is all serialized to XML, so a browser would be a good fit for testing this. Is this possible?
In case you are using Visual Studio for .net development, I think something much better than a browser probably would to use:
wcftestclient <url>
which can be called from the command prompt and is part of the tools from visual studio.
The tool will help you to build and receive complex objects and see the results already serialized.
internet explorer let's you make a request with simple string parameters if the WSDL provides enough information.
If you haven't seen it, then probably the WSDL is only for discoverability reasons, probably just points to another service in a different transport protocol, not port 80, if the service is not on port 80 you won't be able to use your browser.
You have another more complex tool called FIDDLER that you can format any kind of http request, as well as receiving any kind of requests, like json for example.
You can use this URL to test WSDL endpoints, send request and see response.
I have a flex app using BlazeDS to talk with a web app using Spring Security. During normal use the user has already logged into the web app before running the flex app, so the browser takes care of passing the JSESSIONID session cookie on the outgoing messages so the web app knows who they're coming from.
However, I'd like to be able to run the flex app from my IDE (IntelliJ IDEA) for debugging, which means there's been no previous login and thus no existing session. I put some code in -- just for the purpose of debugging -- to first send a login message. That works, and the JSESSIONID cookie comes with the response, but I don't know how to attach it to the subsequent BlazeDS remoting calls that the app makes.
Is there some sort of channel configuration that does this, or some other method? And if you're going to point me to the BlazeDS/SpringSecurity preauthentication example, I appreciate the thought, but we already have a fairly involved configuration of Spring Security and I don't want to mess with that.
As an aside, I was a bit disconcerted when I tried to follow a suggestion to call login() on the RemoteObject's ChannelSet, only to find that the ChannelSet was null. I don't see how that can be, since the remoting calls work, using -- I can only assume -- the AMF channel defined in the services-config.xml. Anyway, I don't know whether login() works by sending j_username and j_password to /j_spring_security_check anyway, so it might not have been appropriate; and of course I'd still be left with the subject of this query, which is how to use the session once it's been created.
I don't think it'll help to explain anything, but I'll include some code and config snippets...
The login:
<mx:HTTPService id="loginRequest" url="http://fiddler:8080/app/j_spring_security_check" useProxy="false"
method="POST" result="handleLoginResult(event)">
<mx:request xmlns="">
<j_username>username</j_username>
<j_password>password</j_password>
</mx:request>
</mx:HTTPService>
The RemoteObject:
<mx:RemoteObject id="remoteObject" destination="blazebackend">
<mx:method name="getConfigData" result="handleConfigDataResult(event)" fault="handleFault(event)"/>
<mx:method name="addSession" result="handleAddSessionResult(event)" fault="handleFault(event)"/>
</mx:RemoteObject>
A channel:
<channel-definition id="my-amf" class="mx.messaging.channels.AMFChannel">
<endpoint url="/{context.root}/app/amf" class="flex.messaging.endpoints.AMFEndpoint"/>
</channel-definition>
TIA.
I'd like to be able to run the flex app from my IDE (IntelliJ IDEA) for debugging
Using Eclipse you can debug inside Eclipse IDE when deployed on a localhost or remote server by configuring the "Url or path to use" when starting debugging.
JESSIONID means that you're using Java EE authentication, the login method of the ChannelSet can be used for a custom and or Basic authentication (that can be or not a Java EE authentication), I think the best for you is to deploy on a localhost, or eventually remove security when debugging.