I've started exploring axon framework.
I'm following this tutorial
It is basically creating an account, retrieving information about the account and few other activities.
Whenever an event takes place, an entry is stored in Domain Event Entry Table. The payload is also present in hashed form . My questions are :
Is it possible to access the entries present in Domain Event Entry table ?If yes , then how?
Also, If I want to add the query and do log it in the console, does the payload appear in hashed form or in the original format.
Any help will be appreciated.
Checking the project you shared, I would start by upgrading the version you are using. I can see it's using 4.4.3 while latest is 4.5.3 and it brings lots of improvements and new features.
Before going to your questions, I believe it is important to note some things here.
This project is NOT using Axon Server, so your Events are stored on a Database of your choice. In this case, since you have JPA on your classpath, Axon Framework will automatically configure a JpaEventStorageEngine for you. Similar to the TokenStore implementation.
It is important to know about the Serializers as well, and for that I will refer to the official docs. Configuring them, you can have your Events stored as XML or JSON.
So, to your questions now:
Yes, you can access them as you would do in a normal database. Since I can see on the project it has /h2-console enabled, going there would be my first choice. Alternatively, you can configure any tool/app capable of checking the contents of your database.
For logging the query, you have to configure Hibernate for example for logging that. In any case, it will log it as a deserialized object and not as a 'payload' form. Of course, you can write some queries for the DomainEventEntry table and log the payload but that's not how you are supposed to use that table.
For more info, I would recommend going to the official docs or to our Axon Academy!
Edit 1: adding info about QueryHandler
Axon Framework offers, as you noted, #QueryHandler annotation which should be part of your Query side (appart from the Command side, derived from CQRS concept). That is the side responsible for providing information based on Events (from your Event Store a.k.a. DomainEventEntry in your case). Basically, Events will be propagated to the Query side where you will have one or more EventHandlers components/methods responsible to handle the Event and write the derived result to a form of storage (usually a relational database). You also have one or more QueryHandlers components/methods that will get Query messages, perform the query it (using a Repository for example) and return the response to the caller. In that sense, you can really tailor your query side the way you want! The ref guide has some info about Query Handlers that I recommend!
You can access the events in the domain events table. With H2 you can log in to the H2 console and find it there.
If you use a query the payload will be deserialized (no XML or JSON) and can be used to log information or whatever you need to do.
Related
I would like to save in my database information about history, for example user "dog" edited field "grass" in table "garden".
I have trigger which saves everything correctly but I have problem with username "dog". Username is logged user's name and I don't now how to "catch" it, because I don't know how to tell my database (PostgreSQL) that this specific user did that.
How can I tell my trigger that it should use value "dog"?
I would like to write an application in Java using Spring Framework and Hibernate Framework. I haven't any app code, because now I'm creating database and thinking about my future application.
Any ideas?
For certain database platforms, they offer context parameters. To use these, you would:
Set the database context parameters.
You can simply use the native SQL interface exposed by Session or EntityManager to accomplish this step.
Register an AfterTransactionCompletionProcess with the Session.
This should basically use the provided Session and clear the database context parameters which you set as part of (1). You would want to do this regardless of whether the transaction was successful or not. This step makes sure those context parameters are cleared prior to giving the JDBC connection back to your connection pool.
Execute your normal ORM changes.
But there is probably a much simplier approach all together, called Hibernate Envers.
Hibernate Envers is designed to mirror your mapped #Entity classes and keep a running history of changes made to your entities. You can easily configure the fields you'd like audited should there only be a subset of fields you're interested in the history on. Additionally, the Envers API exposes an easy way for you to query the history tables and get historical snapshots.
In order to store your username "dog" with Hibernate Envers, you would need to merely implement a custom RevisionEntity that contains your userName field and set it. You can find more information on how to configure the necessary components for this here.
I wonder if it is possible to add a listener to Cassandra getting the table and the primary key for changed entries? It would be great to have such a mechanism.
Checking Cassandra documentation I only find adding StateListener(s) to the Cluster instance.
Does anyone know how to do this without hacking Cassandras data store or encapsulate the driver and do something on my own?
Check out this future jira --
https://issues.apache.org/jira/browse/CASSANDRA-8844
If you like it vote for it : )
CDC
"In databases, change data capture (CDC) is a set of software design
patterns used to determine (and track) the data that has changed so
that action can be taken using the changed data. Also, Change data
capture (CDC) is an approach to data integration that is based on the
identification, capture and delivery of the changes made to enterprise
data sources."
-Wikipedia
As Cassandra is increasingly being used as the Source of Record (SoR)
for mission critical data in large enterprises, it is increasingly
being called upon to act as the central hub of traffic and data flow
to other systems. In order to try to address the general need, we,
propose implementing a simple data logging mechanism to enable
per-table CDC patterns.
If clients need to know about changes, the world has mostly gone to the message broker model-- a middleman which connects producers and consumers of arbitrary data. You can read about Kafka, RabbitMQ, and NATS here. There is an older DZone article here. In your case, the client writing to the database would also send out a change message. What's nice about this model is you can then pull whatever you need from the database.
Kafka is interesting because it can also store data. In some cases, you might be able to dispose of the database altogether.
Are you looking for something like triggers?
https://github.com/apache/cassandra/tree/trunk/examples/triggers
A database trigger is procedural code that is automatically executed
in response to certain events on a particular table or view in a
database. The trigger is mostly used for maintaining the integrity of
the information on the database. For example, when a new record
(representing a new worker) is added to the employees table, new
records should also be created in the tables of the taxes, vacations
and salaries.
I'm multing a multi-tenant SaaS web-application in Java, Spring, Struts2 and Hibernate. After a bit of research, i choose to implement multi-tenancy in a shared db, shared schema, shared table approach. And tagging each db-line with a tenantId.
I have rewritting my application, so Managers and Dao's will take the tenantId as a parameter to only serve the correct db-resources.
This works perfect for all view's when getting information. And also for creating new stuff (using the logged in users tenantId to store the info).
However, for updating and deleting stuff I am not sure how to secure my application.
For example: When a user want to edit an object, the url will be: /edit?objectId=x
And this is mapped to an action that will retrieve this object by Id. Meaning any logged in user can by url-modification view any object.
This i can solve by adding the tenantId to the Dao so if the User tries to view an object outside his tenancy he will get nothing.
Ok thats ok then, but about when sending in the edit-form?
What if the user modifies the request, messing with the hidden field objectId so the action will receive a request to alter an object not belonging to the users tenancy.
Or if the users url-modifies a delete action /delete?objectId=x
Basicly I need some way of assure that the logged in user has access to whatever he is trying to do. For all get's its easy. Just putting the tenantId in the where clause.
But for updates and deletes i'm not sure what direction to go.
I could query the db for every update and delete to see if the users has access to the object, but i'm trying to keep db-interaction to the minimum. So i find it impractical to make an extra db-call for every such action.
Does anyone have any hints or tips to my issues?
The same for reading applies to writing/updating: user can only see/access/change what they own. Your question is more about database that about anything else. The same constraints you apply to viewing data must also apply to writing data.
In this case, you don't want to wear the performance of a query first then an update. That's fine, since you can update the database with conditions. Since this seems likely to be database-level in your case you need to know what your database is capable of (to do it in one go). For example, oracle has the merge statement.
I am quite late to this thread and maybe you have already built the solution you were asking here about. Anyway, I have implemented a database-per-tenant multitenant web application using Spring Boot 2 and secured the web access using Spring Security 5. The data access is via Spring JPA (with Hibernate 5 as the JPA provider). Do take a look here.
Our's is a product specific to a domain.Here are some of the typical security use cases,
A normal User can edit only his profile data or anybody data based on permission
A user can see only data that belongs to his department while another user can data from all departments
These requirements changes from customer to customer so we can not just hard code the filtering logic in our application code or maintain multiple versions of the application.
We use Hibernate criteria based filtering and like to add additional Restrictions based on some expressions associated with a Permission. An expression for use case 1, mentioned above, may look like this, 'userId=user.userId' where 'user' is a keyword and represents current authenticated user and 'userId' is a property of the object for which criteria is created.
We want to define a dsl using which we can derive criteria restriction as well as 'where' clause for sql.
Are there any existing frameworks which will enable us to do it, without going for dsl? Based on the use cases mentioned above, do you think it can be achieved in different way?
Additional Info: We define only domain objects with some meta information to generate UI. Persistence, security etc are taken care by our core framework.
Have you tested Hibernate filters?
They are great mechanism for record level filtering, you can define multiple filters (for example two filters for your case) on each entity and enable or disable them according to current user.
Shall mention that filters can accept parameters (for example your current user id).
We have used this great feature of Hibernate 3 on a large project, which had a hierarchical organization unit and that worked fine.
By the way if you use Oracle as your database, consider Oracle's virtual private database feature.
We decided to go with our own dsl using antlr
I am to the topic of Hibernate. I am working no on validation system now. I would like to search the database, whether data entered by the user already exists in it, such as login. How to do it using hibernate?
Please check following link: http://gwt-vl.sourceforge.net/?to=serverDoc
Esspecially the section: Server side to client side validation This may help you to validate your form on the server side.
If you need to know about communication with backend I would recommend (GWT_PLATFORM)[http://code.google.com/p/gwt-platform/] it's a great framework by Philip Beaudoin and also some highly respected by GWT team and was infect release before GWT MVP . Okay you already have that sorted out then what you will need to work out what combination of UI fields is a unique database entity for example Name and Date of Birth something along these lines. Then before you persist this data you will using your DAO (I am assuming you have a DAO layer) search for that object (you can use JPA QL even with hibernate or Hibernate Criteria) if your search (and user doesnot know about it just a back end process) does not return a result then you can just persist then new information but if it does then it will be upto the business rule weather you show user and error or update the information.