CodeMarvels – Page 20 – All's the Code !

Reason: This error occurs usually because of a misplaced “order by” clause.
If in a many to many mapping, the serial order is defined in the cross reference table, the order-by attribute should be provided in the “collection” node as below –

<bag name="projects" ... table="users_projects" inverse="true" order-by="sl_num">
  		<key column="userId"/>
  		<many-to-many column="projectId" class="Project"/>
 </bag>

On other hand, if the collection is to be sorted by a column defined in the collection member, the order-by should be provided in the many-to-many or one-to-many node, as shown below.

<bag name="projects" ... table="users_projects" inverse="true">
  		<key column="userId"/>
  		<many-to-many column="projectId" class="Project"  order-by="name"/>
 </bag>

Solution: Move the order-by attribute to appropriate node depending on which table holds the sorted field.

Notes

Solution to MySQLSyntaxErrorException: Unknown column ‘xxxxx_.elt’ in ‘field list’

Posted on December 27, 2010 by Kj / 0 Comment

Bug: The above exception thrown when using hibernate.

Reason: This usually occurs when column name is not mentioned in many-to-many node.
The correct mapping for a many to many relation is –

  	<bag name="projects".... table="users_projects" >
  		<key column="userId"/>
  		<many-to-many column="projectId" class="Project" />
  	</bag>

Solution: The mapped columns should be provided in the key and many-to-many nodes as above.

Technology

Spring security 3 – How to display login errors ?

Posted on December 26, 2010 by Kj / 0 Comment

Heres how we display different error messages for the different cases of authentication failures like bad credentials, credentials expired etc.

Step 1. Configure an authentication failure handler in the application context.

	<beans:bean id="authenticationFailureHandler"
		class="org.springframework.security.web.authentication.ExceptionMappingAuthenticationFailureHandler">
		<beans:property name="exceptionMappings">
			<beans:props>
				<beans:prop key="org.springframework.security.authentication.BadCredentialsException">/login/badCredentials</beans:prop>
				<beans:prop key="org.springframework.security.authentication.CredentialsExpiredException">/login/credentialsExpired</beans:prop>
				<beans:prop key="org.springframework.security.authentication.LockedException">/login/accountLocked</beans:prop>
				<beans:prop key="org.springframework.security.authentication.DisabledException">/login/accountDisabled</beans:prop>
			</beans:props>
		</beans:property>
	</beans:bean>

Step 2. Refer this handler in the form-login node of http namespace configuration.

 <form-login login-page='/login' default-target-url="/home"  authentication-failure-handler-ref="authenticationFailureHandler"/>

Step3. Capture the different URL extensions configured in step 1 in the login controller. (The example below uses Spring MVC)

    @RequestMapping(value = "/login/{error}", method = RequestMethod.GET)
   
    public final String displayLoginform(Model model,  @PathVariable final String error) {
        model.addAttribute("error", error);
    	return "login";
    }

Step 4. Check the attribute error in the JSP and print appropriate message for each case.

Done !

Notes

Error: attribute property is mandatory for tag authentication

Posted on December 12, 2010 by Kj / 0 Comment

Bug: The exception thrown when migrating to spring 3.

Reason: This exception thrown when migrating to spring-security 3 occurs due to spring 3 (authentication tag) using the attribute “properties” in place of “operation” used by previous versions.

Solution : Use <sec:authentication property=”principal.role”/> instead of <sec:authentication operation=”role”/>

Notes/Technology

Solve MySQL ERROR 1005: Can’t create table (errno: 150)

Posted on December 9, 2010 by Kj / 0 Comment

Bug: Above error occurs when rebuilding a database from the SQL script.

Reason: This error usually occurs when the table being created cannot fulfill a foreign key constraint. This often happens when importing from a previously exported database script as database export tools like SQL Yog export tables in alphabetical order of their names, irrespective of their inter-dependencies.

Solution: Recreate the DB script in “Turn off foreign key” mode. If this is not possible, in the current script, run the create query for independent tables first, followed by ones dependent on them, and so on.

Technology

How to enable CAS without SSL

Posted on December 6, 2010 by Kj / 0 Comment

This is a tiny tutorial on steps required to enable CAS (Jasig, v3.4x ) single-sign-out without SSL. These are the steps involved to remove dependency on SSL –

Use HTTP urls (instead of HTTPS ones) in all client configurations.
Edit [CAS-server-deployment-root]/ WEB-INF/ spring-configuration/ ticketGrantingTicketCookieGenerator.xml
1. Change the value of attribute “p:cookieSecure” to false.
Edit [CAS-server-deployment-root]/ WEB-INF /spring-configuration/ warnCookieGenerator.xml
1. Change the value of attribute “p:cookieSecure” to false.

The CAS authentication and SSO should work without problems on plain HTTP now.

Technology

Apache : RewriteRule vs Alias

Posted on December 3, 2010 by Kj / 0 Comment

A small note on order of execution of a RewriteRule directive and a folder Alias on Apache HTTPD – RewriteRule is always executed before the Alias, thus making a rewrite shown in the listing below possible –

[sourcecode language=”php”]
Alias /assets/ "//contenthost/assets/"
<Directory "//contenthost/assets">
AllowOverride None
Options None
Order allow,deny
Allow from all
</Directory>

RewriteCond %{HTTP_REFERER} !^http://mydomain.com.*$ [NC]
RewriteRule (.*)/assets/* – [F]
[/sourcecode]

This will make sure that if calls to /assets/ are not coming from our domain, they are rejected; else they will be picked from the aliased folder “//contenthost/assets”

Technology

Enabling SSL on a Tomcat “devl” machine (Windows)

Posted on November 27, 2010 by Kj / 0 Comment

These are the steps involved to enable SSL on Tomcat on developer machine for test purposes.

1. Create a certificate key store

Run this command in the command prompt –

[sourcecode language=”bash”]

%JAVA_HOME%\bin\keytool -genkey -alias tomcat -keyalg RSA

[/sourcecode]

An interactive console based program is launched –

When asked for a password, provide one and confirm the same.
The program then prompts for your first name and last name; here, enter the name of the host machine. eg. testserver1. (Do NO T enter the IP of the host here.)
Provide proper values for further prompts like Company Name, State etc.
Press enter when prompted for a tomcat password.

This will create a key repository file .keystore in the home folder of the (windows) user.

2. Edit the Server.xml (in [catalina-home]/conf)

1. Uncomment the node <Connector port=”8443″……/>.

2. Edit/Add the following attributes (colored) to the above node –

protocol=”org.apache.coyote.http11.Http11Protocol” SSLEnabled=”true” keystoreFile=”${user.home}/.keystore” keystorePass=”[the-password-you-provided]” maxThreads=”150″ scheme=”https” secure=”true” clientAuth=”false” sslProtocol=”TLS” />

3. Start tomcat. Run an application using URL “http: //[ hostname]:8443/[appname]”.

4. The browser probably shows an “Untrusted Certificate” warning – Ignore and proceed.

Following are additional steps required to enable java based HTTP-clients talk to this newly created secured server .

3. Install the Host Certificate as Trusted

Download and unzip this file to desktop.
In the folder InstallCert run this in command prompt – [sourcecode language=”bash”] java -cp . InstallCert [above-host-name]:8443 [/sourcecode]
When done, the program creates a file “jssecacerts” in the same folder. Copy this file to folder (java-home)/jre/lib/security.

Done !

You should now be able to run services requiring sercured connection on this host like CAS server and clients.