Monthly Archives: April 2012

Apache Shiro Basic 2

This is Stuff” blog explains the Shiro in very detail way.

I can use default filter (authc – in this case), but I can create a custom filter by extending the existing default filters. So no need to update web.xml rather shiro.ini file need to be updated.

 public class VerboseFormAuthFilter extends FormAuthenticationFilter
 {
    protected void setFailureAttribute( ServletRequest request, AuthenticationException ae)
    {
      String message = ae.getMessage();
      request.setAttribute(getFailureKeyAttribute(), message);
    }
 }

 

# Replace Form Authentication filter with Verbose filter. By default, it was "FormAuthenticationFilter".
authc = VerboseFormAuthFilter
# Request parameter with login error info. By default, 'shiroLoginFailure'. This will be used in JSP to retrieve error.
authc.failureKeyAttribute=myShiroLoginFailure

The purpose of having my own Form filter is to display an error message from the filter. As I defined failureKeyAttribute name “myShiroLoginFailutre” in the shiro.ini, same attribute name will be used in the JSP.

<%
String error = (String)request.getAttribute(“myShiroLoginFailure”);
if (error != null)
{
%>
Login attempt was unsuccessful :<%=error%>
<%
}
%>

Advertisements

wsdl2java usage

I have been using wsdl2java command for long time. I feel I need to record this information somewhere even though there are tons of information related to this. So below is for my own reference.

ComplexType object in the WebService, specially, inheritance happened in the WebService, we must use simple Stub and many classes generation.  In general, there are 2 ways of generating consumer.

1. One complex Stub class with inner classes
2. One simple Stub class with complex type classes
Personally, I think one complex Stub class is better because it is easy to maintain and cleaner. I will explain two different WSDL2Java scripts. We can call generateJavaFromWsdl.sh script or directly execute WSDL2Java.bat file in Axis1-1.3/bin folder.

One Complex Stub (Preferred method)
CMNprfService.wsdl package : com.abs.cro

[USR:DEV] msjo@HY126045 $ wsdl2java.bat -o C:/temp/gen
-uri eiservices.wsdl -d adb -sp -s -p com.abs.usr.webservice.dcm
Using AXIS2_HOME: C:\DevApps\axis2-1.6.2Using 
JAVA_HOME:        c:/bea103/jrockit81sp6_142_10
[USR:DEV] msjo@HY126045 $

-o C:/temp/gen indicate output location
-uri location and name of WSDL. I generated locally. Not like Axis1.1, WSDL should be copied locally in order to generate java classes. I think it is because of axis2 architecture changes. As you can see there is no parameter for userid and password.
-d adb Axis Databinding is default. There are 2 other ways to generate java classes, but this way is the simplest and easiest way.
-sp Suppress namespace prefix. To simplify SOAP request/response object.
-s Synchronous call stub only (if you don’t specify -s or generate with -a another class called a CallbackHandler will be generated)
-p specify the package name, so you don’t need to change it later

Simple Stub and many classes

[USR:DEV] msjo@HY126045 $ wsdl2java.bat -o C:/temp/adbAll
-uri CmDcmService.wsdl -g -ss -d adb -p abs.usr.webservices.dcm
Using AXIS2_HOME: C:\DevApps\axis2-1.6.2Using 
JAVA_HOME:        c:/bea103/jrockit81sp6_142_10
[USR:DEV] msjo@HY126045 $

-g generate all classes
-ss generate serverside code

Using Github

I have been thinking about sharing XProject code to other team members. Currently, all individual projects are located locally on developers machine. I thought we could use GitHub to merge these projects later on.

There is a GitHub help online. It is very helpful to understand how GitHub works. So far, I grasp the basic concept of how GitHub works. When I tried first time, I made a mistake by naming Remote Repo different from my local Repo. I tried to rename Remote Repo to match my local, but Git Bash didn’t recognize the Remote Repo.

Below is the key command that displays after creating a Remote Repo.

Global setup:
Set up git
git config --global user.name "Michael Jo"
git config --global user.email michael.jo@gmail.com

Next steps:
mkdir Hello-World
cd Hello-World
git init
touch README
git add README
git commit -m 'first commit'
git remote add origin git@github.com:demj33/Hello-World.git
git push -u origin master

Existing Git Repo?
cd existing_git_repo
git remote add origin git@github.com:demj33/Hello-World.git
git push -u origin master

Git Bash Command to Add, Commit, and Push source code to Remote Repo from Git Bash

(Source code was from IBM Richfaces Tutorial)

msjo@HY139275 ~/GitRepo
$ cd Hello-World

msjo@HY139275 ~/GitRepo/Hello-World (master)
$ ls
README

msjo@HY139275 ~/GitRepo/Hello-World (master)
$ git add .
warning: LF will be replaced by CRLF in JbossRich/JavaSource/City.java.
The file will have its original line endings in your working directory.
warning: LF will be replaced by CRLF in JbossRich/JavaSource/dwRF4D1Handler.java
.
The file will have its original line endings in your working directory.
warning: LF will be replaced by CRLF in JbossRich/WebContent/WEB-INF/faces-confi
g.xml.
The file will have its original line endings in your working directory.
warning: LF will be replaced by CRLF in JbossRich/WebContent/index.xhtml.
The file will have its original line endings in your working directory.
warning: LF will be replaced by CRLF in JbossRich/WebContent/result.xhtml.
The file will have its original line endings in your working directory.

msjo@HY139275 ~/GitRepo/Hello-World (master)
$ git status -s
A JbossRich/.classpath
A JbossRich/.project
A JbossRich/.settings/.jsdtscope
A JbossRich/.settings/oracle.eclipse.tools.webtier.ui.prefs
A JbossRich/.settings/org.eclipse.jdt.core.prefs
A JbossRich/.settings/org.eclipse.wst.common.component
A JbossRich/.settings/org.eclipse.wst.common.project.facet.core.prefs.xml
A JbossRich/.settings/org.eclipse.wst.common.project.facet.core.xml
A JbossRich/.settings/org.eclipse.wst.jsdt.ui.superType.container
A JbossRich/.settings/org.eclipse.wst.jsdt.ui.superType.name
A JbossRich/JavaSource/City.java
A JbossRich/JavaSource/dwRF4D1Handler.java
A JbossRich/JavaSource/dwRF4Demo1.properties
A JbossRich/JavaSource/resources/application.properties
A JbossRich/WebContent/META-INF/MANIFEST.MF
A JbossRich/WebContent/WEB-INF/classes/City.class
A JbossRich/WebContent/WEB-INF/classes/dwRF4D1Handler.class
A JbossRich/WebContent/WEB-INF/classes/dwRF4Demo1.properties
A JbossRich/WebContent/WEB-INF/classes/resources/application.properties
A JbossRich/WebContent/WEB-INF/faces-config.xml
A JbossRich/WebContent/WEB-INF/lib/cssparser-0.9.5.jar
A JbossRich/WebContent/WEB-INF/lib/guava-11.0.2.jar
A JbossRich/WebContent/WEB-INF/lib/richfaces-components-api-4.2.0.Final.jar
A JbossRich/WebContent/WEB-INF/lib/richfaces-components-ui-4.2.0.Final.jar
A JbossRich/WebContent/WEB-INF/lib/richfaces-core-api-4.2.0.Final.jar
A JbossRich/WebContent/WEB-INF/lib/richfaces-core-impl-4.2.0.Final.jar
A JbossRich/WebContent/WEB-INF/lib/sac-1.3.jar
A JbossRich/WebContent/WEB-INF/web.xml
A JbossRich/WebContent/css/default.css
A JbossRich/WebContent/images/DukeGuitar.jpg
A JbossRich/WebContent/images/myphoto.jpg
A JbossRich/WebContent/images/roseTab.jpg
A JbossRich/WebContent/index.xhtml
A JbossRich/WebContent/result.xhtml
A JbossRich/ant/build.properties

msjo@HY139275 ~/GitRepo/Hello-World (master)
$ git config --global user.name "Michael Jo"

msjo@HY139275 ~/GitRepo/Hello-World (master)
$ git config --global user.email michael.jo@gmail.com

msjo@HY139275 ~/GitRepo/Hello-World (master)
$ git commit -m "initially added"
[master 3eae909] initially added
warning: LF will be replaced by CRLF in JbossRich/JavaSource/City.java.
The file will have its original line endings in your working directory.
warning: LF will be replaced by CRLF in JbossRich/JavaSource/dwRF4D1Handler.java
.
The file will have its original line endings in your working directory.
warning: LF will be replaced by CRLF in JbossRich/WebContent/WEB-INF/faces-confi
g.xml.
The file will have its original line endings in your working directory.
warning: LF will be replaced by CRLF in JbossRich/WebContent/index.xhtml.
The file will have its original line endings in your working directory.
warning: LF will be replaced by CRLF in JbossRich/WebContent/result.xhtml.
The file will have its original line endings in your working directory.
35 files changed, 647 insertions(+)
create mode 100644 JbossRich/.classpath
create mode 100644 JbossRich/.project
create mode 100644 JbossRich/.settings/.jsdtscope
create mode 100644 JbossRich/.settings/oracle.eclipse.tools.webtier.ui.prefs
create mode 100644 JbossRich/.settings/org.eclipse.jdt.core.prefs
create mode 100644 JbossRich/.settings/org.eclipse.wst.common.component
create mode 100644 JbossRich/.settings/org.eclipse.wst.common.project.facet.cor
e.prefs.xml
create mode 100644 JbossRich/.settings/org.eclipse.wst.common.project.facet.cor
e.xml
create mode 100644 JbossRich/.settings/org.eclipse.wst.jsdt.ui.superType.contai
ner
create mode 100644 JbossRich/.settings/org.eclipse.wst.jsdt.ui.superType.name
create mode 100644 JbossRich/JavaSource/City.java
create mode 100644 JbossRich/JavaSource/dwRF4D1Handler.java
create mode 100644 JbossRich/JavaSource/dwRF4Demo1.properties
create mode 100644 JbossRich/JavaSource/resources/application.properties
create mode 100644 JbossRich/WebContent/META-INF/MANIFEST.MF
create mode 100644 JbossRich/WebContent/WEB-INF/classes/City.class
create mode 100644 JbossRich/WebContent/WEB-INF/classes/dwRF4D1Handler.class
create mode 100644 JbossRich/WebContent/WEB-INF/classes/dwRF4Demo1.properties
create mode 100644 JbossRich/WebContent/WEB-INF/classes/resources/application.p
roperties
create mode 100644 JbossRich/WebContent/WEB-INF/faces-config.xml
create mode 100644 JbossRich/WebContent/WEB-INF/lib/cssparser-0.9.5.jar
create mode 100644 JbossRich/WebContent/WEB-INF/lib/guava-11.0.2.jar
create mode 100644 JbossRich/WebContent/WEB-INF/lib/richfaces-components-api-4.
2.0.Final.jar
create mode 100644 JbossRich/WebContent/WEB-INF/lib/richfaces-components-ui-4.2
.0.Final.jar
create mode 100644 JbossRich/WebContent/WEB-INF/lib/richfaces-core-api-4.2.0.Fi
nal.jar
create mode 100644 JbossRich/WebContent/WEB-INF/lib/richfaces-core-impl-4.2.0.F
inal.jar
create mode 100644 JbossRich/WebContent/WEB-INF/lib/sac-1.3.jar
create mode 100644 JbossRich/WebContent/WEB-INF/web.xml
create mode 100644 JbossRich/WebContent/css/default.css
create mode 100644 JbossRich/WebContent/images/DukeGuitar.jpg
create mode 100644 JbossRich/WebContent/images/myphoto.jpg
create mode 100644 JbossRich/WebContent/images/roseTab.jpg
create mode 100644 JbossRich/WebContent/index.xhtml
create mode 100644 JbossRich/WebContent/result.xhtml
create mode 100644 JbossRich/ant/build.properties

msjo@HY139275 ~/GitRepo/Hello-World (master)
$ git status
# On branch master
# Your branch is ahead of 'origin/master' by 1 commit.
#
nothing to commit (working directory clean)

msjo@HY139275 ~/GitRepo/Hello-World (master)
$ git push -u origin master
Enter passphrase for key '/c/Users/msjo/.ssh/id_rsa':
Counting objects: 48, done.
Delta compression using up to 2 threads.
Compressing objects: 100% (41/41), done.
Writing objects: 100% (47/47), 6.87 MiB | 11 KiB/s, done.
Total 47 (delta 2), reused 0 (delta 0)
To git@github.com:demj33/Hello-World.git
020f976..3eae909 master -> master
Branch master set up to track remote branch master from origin.

msjo@HY139275 ~/GitRepo/Hello-World (master)
$

Remote Repo : https://github.com/mjtoolbox/Hello-World

Resources

Glassfish Basic Authentication

In my previous post, I used Apache Shiro to authenticate users. However, I can use basic authentication from Glassfish server.

web.xml

 <security-constraint>    
   <web-resource-collection>        
   <web-resource-name>Secure Application</web-resource-name>        
   <url-pattern>/*</url-pattern>        
   <http-method>GET</http-method>        
   <http-method>POST</http-method>    
   </web-resource-collection>      
   <auth-constraint>        
      <role-name>Users</role-name>    
   </auth-constraint>   
</security-constraint>    
<login-config>    
  <auth-method>BASIC</auth-method>    
  <realm-name>file</realm-name>  
</login-config>    
<security-role>    
   <role-name>Users</role-name>  
</security-role>

Just like weblogic.xml at work, sun-web.xml needs to be modified with role mapping.

sun-web.xml

<security-role-mapping>    
      <role-name>Users</role-name>    
      <group-name>Users</group-name>  
</security-role-mapping>

Depending on the security realm (admin-realm, certificate, file), I can configure different realm. To be simple, I used file realm. By clicking Manage Users, you can add username/password. This information will be stored in the keyfile (C:\glassfish3\glassfish\domains\domain1\config). Same thing can be done through asadmin console.

Above example will use BASIC authentication. A login popup screen will be prompted to the users prior to access any url (based on the url pattern). The details of form based login is in the JEE 6 Tutorial.

Apache Shiro Basic – Glassfish, JSF, Eclipse

Apache Shiro is originally called jsecurity. At our work, we use JAAS with Weblogic specific implementation by using LDAP realm. In the xproject, I’d like to implement the Apache Shiro. Shiro documentation was pretty good and several blogger posted pretty detail step by step guide.

In this blog, I’d like to focus on setting up Shiro in JSF project in Eclipse environment with Glassfish. I will focus on the basic authentication & configuration in this page. Later, I will add more roles and SSL connection.

Follow below steps to setup the project:

  1. Download Shiro Web and Shiro Core (1.2.0) from Apache Shiro site.
  2. Create a Dynamic Web Project in the Eclipse. Use MyEclipse implmentation.
  3. Overwrite faces-config.xml to overwrite mojaar implmentation. Please see my previous page.
  4. Create index.xhtml, result.xhtml, and login.jsp.
  5. Create welcome.java as a ManagedBean. navigate() method will return “result.xhtml”. I am omitting all the business logic for the simplicity.
  6. Create shiro.ini file in the WEB-INF folder. Follow the template from Apache Shiro configuration document.
  7. Update web.xml to add Shiro listener, filter, and filter mapping.
  8. I think Shiro source code has references to log4j and slf4j. For this reason, I had to include log4j-1.2.16.jar, slf4j-api-1.6.4.jar, and slf4j-log4j12-1.6.4.jar in the classpath. If Eclipse still throws ClassNotFoundException, incluse these jar files in the lib folder under WEB-INF.

shiro.ini

[main]
authc.loginUrl = /login.jsp
authc.successUrl = /faces/index.xhtml

[users]
user01 = user01, Users
user02 = user02, Users

[roles]
Users = *

[urls]
login.jsp = authc
/** = authc

web.xml add below lines

<listener>
    <listener-class>org.apache.shiro.web.env.EnvironmentLoaderListener</listener-class>
</listener>
<filter>
    <filter-name>ShiroFilter</filter-name>
    <filter-class>org.apache.shiro.web.servlet.ShiroFilter</filter-class>
</filter>
<filter-mapping>
    <filter-name>ShiroFilter</filter-name>
    <url-pattern>/*</url-pattern>
    <dispatcher>REQUEST</dispatcher>
    <dispatcher>FORWARD</dispatcher>
    <dispatcher>INCLUDE</dispatcher>
    <dispatcher>ERROR</dispatcher>   
</filter-mapping>

login.jsp

<form name="loginform" action="" method="post">
    Username: <input type="text" name="username"/><br/>
    Password: <input type="password" name="password"/>
    <input type="checkbox" name="rememberMe" value="true"/>Remember Me?<br/>
   <input type="submit" name="submit" value="Login">
</form>

By hitting http://localhost:8080/MyProject/faces/index.xhtml page, Shiro filter will intercep the request object and redirect to http://localhost:8080/MyProject/login.jsp for authentication.

I added only one role [Users] with two users [user01, user02] in the shiro.ini file for the initial testing purpose, but I can add more roles and define detail navigation rules in the shiro.ini file.

In my next post, I will add more roles and attempt to do with the SSL.