Solution to Hibernate error: Unknown column ‘******’ in ‘order clause’

Bug: A above exception thrown when using hibernate.

Reason: This error occurs usually because of a misplaced “order by” clause.
If in a many to many mapping, the serial order is defined in the cross reference table, the order-by attribute should be provided in the “collection” node as below –

On other hand, if the collection is to be sorted by a column defined in the collection member, the order-by should be provided in the many-to-many or one-to-many node, as shown below.

Solution: Move the order-by attribute to appropriate node depending on which table holds the sorted field.

Solution to MySQLSyntaxErrorException: Unknown column ‘xxxxx_.elt’ in ‘field list’

Bug: The above exception thrown when using hibernate.

Reason: This usually occurs when column name is not mentioned in many-to-many node.
The correct mapping for a many to many relation is –

Solution: The mapped columns should be provided in the key and many-to-many nodes as above.

Spring security 3 – How to display login errors ?

Heres how we display different error messages for the different cases of authentication failures like bad credentials, credentials expired etc.

Step 1. Configure an authentication failure handler in the application context.

Step 2. Refer this handler in the form-login node of http namespace configuration.

Step3. Capture the different URL extensions configured in step 1 in the login controller. (The example below uses Spring MVC)

Step 4. Check the attribute error in the JSP and print appropriate message for each case.

Done !

Error: attribute property is mandatory for tag authentication

Bug: The exception thrown when migrating to spring 3.

Reason:  This exception thrown when migrating to spring-security 3 occurs due to spring 3 (authentication tag) using the attribute “properties” in place of “operation” used by previous versions.

Solution : Use <sec:authentication property=”principal.role”/> instead of <sec:authentication operation=”role”/>

Solve MySQL ERROR 1005: Can’t create table (errno: 150)

Bug: Above error occurs when rebuilding a database from the SQL script.

Reason: This error usually occurs when the table being created cannot fulfill a foreign key constraint. This often happens when importing from a previously exported database script as database export tools like SQL Yog export tables in alphabetical order of their names, irrespective of their inter-dependencies.

Solution: Recreate the DB script in “Turn off foreign key” mode. If this is not possible, in the current script, run the create query for independent tables first, followed by ones dependent on them, and so on.

How to enable CAS without SSL

This is a tiny tutorial on steps required to enable CAS (Jasig, v3.4x ) single-sign-out without SSL. These are the steps involved to remove dependency on SSL –

  1. Use HTTP urls (instead of HTTPS ones) in all client configurations.
  2. Edit [CAS-server-deployment-root]/ WEB-INF/ spring-configuration/ ticketGrantingTicketCookieGenerator.xml
    1. Change the value of attribute “p:cookieSecure” to false.
  3. Edit [CAS-server-deployment-root]/ WEB-INF /spring-configuration/ warnCookieGenerator.xml
    1. Change the value of attribute “p:cookieSecure” to false.

The CAS authentication and SSO should work without problems on plain HTTP now.

Apache : RewriteRule vs Alias

A small note on order of execution of a RewriteRule directive and a folder Alias on Apache HTTPD – RewriteRule is always executed before the Alias, thus making a rewrite shown in the listing below possible –

[sourcecode language=”php”]
Alias /assets/ "//contenthost/assets/"
<Directory "//contenthost/assets">
AllowOverride None
Options None
Order allow,deny
Allow from all

RewriteCond %{HTTP_REFERER} !^*$ [NC]
RewriteRule (.*)/assets/* – [F]

This will make sure that if calls to /assets/ are not coming from our domain, they are rejected; else they will be picked from the aliased folder “//contenthost/assets”

Enabling SSL on a Tomcat “devl” machine (Windows)

These are the steps involved to enable SSL on Tomcat on developer machine for test purposes.

1. Create a certificate key store

Run this command in the command prompt –

[sourcecode language=”bash”]

%JAVA_HOME%\bin\keytool -genkey -alias tomcat -keyalg RSA


An interactive console based program is launched –

  1. When asked for a password, provide one and confirm the same.
  2. The program then prompts for your first name and last name; here, enter the name of the host machine. eg. testserver1. (Do NO T enter the IP of the host here.)
  3. Provide proper values for further prompts like Company Name, State etc.
  4. Press enter when prompted for a tomcat password.

This will create a key repository file .keystore in the home folder of the (windows) user.

2. Edit the Server.xml (in [catalina-home]/conf)

1. Uncomment the node <Connector port=”8443″……/>.

2. Edit/Add the following attributes (colored) to the above node –

protocol=”org.apache.coyote.http11.Http11Protocol” SSLEnabled=”true” keystoreFile=”${user.home}/.keystore” keystorePass=”[the-password-you-provided]” maxThreads=”150″ scheme=”https” secure=”true” clientAuth=”false” sslProtocol=”TLS” />

3. Start tomcat. Run an application using  URL “http: //[ hostname]:8443/[appname]”.

4. The browser probably shows an “Untrusted Certificate” warning – Ignore and proceed.

Following are additional steps required to enable java based HTTP-clients  talk to this newly created secured server .

3. Install the Host Certificate as Trusted

  1. Download and unzip this file to desktop.
  2. In the folder InstallCert run this in command prompt – [sourcecode language=”bash”] java -cp . InstallCert [above-host-name]:8443 [/sourcecode]
  3. When done, the program creates a file “jssecacerts” in the same folder. Copy this file to folder (java-home)/jre/lib/security.

Done !

You should now  be able to run services requiring sercured connection on this host like CAS server and clients.

Installing PHP5.3.3 on Apache 2.2x (Windows)

List of steps involved in getting PHP5 to work with a pre-installed Apache server on Windows.

  1. Download the file “” from “”
  2. Extract contents of this file to C:/PHP/
  3. Copy C:/PHP/php.ini.development to a new file  php.ini in the same folder
  4. In the httpd.conf file of Apache, add the following lines after the LoadModule block.
    [sourcecode language=”bash”]
    LoadModule php5_module "C:/PHP/php5apache2_2.dll"
    AddHandler application/x-httpd-php .php<
    # configure the path to php.ini
    PHPIniDir "C:/PHP"
  5. Restart Apache.

Thats it ! PHP pages should now be processed and displayed by apache. To test, create a file PHPTest.php in folder “[Apache-root]/htdocs/” with following content.

[sourcecode language=”php”]

In the browser open the URL “http://localhost/PHPTest.php”. This should now display the PHP engine details.

Now, as required the document root, extensions folder, available extension etc for PHP can be configured in the file C:/PHP/php.ini.