I have two endpoints in my Java Jersey web service:
{host}/{accountNo}
{host}/{accountNo}/service
Due to some problem with other systems i need to add a regex to validate the accountNo, so i only to enter both endpoints if the accountNo is aplhanumeric.
This was my solution:
#Path("/{accNo : [a-zA-Z0-9]*$}") for the first endpoint
#Path("/{accNo : [a-zA-Z0-9]*$}/service") for the second enpoint
The first endpoint is working fine and it validates everything that i wanted
However , every time i try to call endpoint 2 it returns not found.
Can you help me?
The following should work:
#Path("/{accNo: [a-zA-Z0-9]*}/service")
Just remove $ that means end of line.
Related
As part of learning how to integrate OneLogin SSO in my ColdFusion app I pulled this git repo -
https://github.com/GiancarloGomez/ColdFusion-OneLogin and set up locally. But, while sending the auth request to OneLogin we are getting an error message saying "We're sorry, but something went wrong.
We've been notified about this issue and we'll take a look at it shortly."
I could not find the root cause of this issue. Appreciate your timely help on this.
Configuration on OneLogin looks like below. Note that consumer URL I modified to http://127.0.0.1:8500/coldfusion-onelogin/consume.cfm instead of actual format mentioned (http://127.0.0.1:8500/coldfusion-onelogin/consume/) in the YouTube video provided in the readme file of this git repo. I had tried changing the consumer URL format as this http://127.0.0.1:8500/coldfusion-onelogin/consume/ but we are still getting the error message.
Access Tab in OneLogin looks like below,
Below is the code which sends auth request to OneLogin.
<cfscript>
try{
// used to encode string - chose to use Java version just in case CF did not encode correctly
// encodeForURL appears to work but to keep the same as the samples from OneLogin I will use the Java reference
urlEncoder = createObject("java","java.net.URLEncoder");
// the appSettings object contain application specific settings used by the SAML library
appSettings = createObject("java","com.onelogin.AppSettings");
// set the URL of the consume file for this app. The SAML Response will be posted to this URL
appSettings.setAssertionConsumerServiceUrl(request.company.getConsumeUrl());
// set the issuer of the authentication request. This would usually be the URL of the issuing web application
appSettings.setIssuer(request.company.getIssuerUrl());
// the accSettings object contains settings specific to the users account.
accSettings = createObject("java","com.onelogin.AccountSettings");
// The URL at the Identity Provider where to the authentication request should be sent
accSettings.setIdpSsoTargetUrl("https://app.onelogin.com/saml/signon/" & request.company.getIssuerID());
// Generate an AuthRequest and send it to the identity provider
authReq = createObject("java","com.onelogin.saml.AuthRequest").init(appSettings, accSettings);
// now send to one login
location ( accSettings.getIdp_sso_target_url() & "?SAMLRequest=" & authReq.getRidOfCRLF(urlEncoder.encode(authReq.getRequest(authReq.base64),"UTF-8")), false);
}
catch(Any e){
writeDump(e);
}
</cfscript>
Below is the format of auth request URL ,
https://app.onelogin.com/saml/signon/[issuerId]?SAMLRequest=[SamlRequest].
I am not providing the actual URL here since I am not sure whether someone can tamper it or not. But please do let us know if it is really required to solve this issue.
Below is the screenshot of the SAML Login Page , from here I am clicking on the button and send auth request to OneLogin.
Also, In the index.cfm , form action attribute is "/post/". Since it was throwing an error I had to replace it with "/coldfusion-onelogin/post.cfm". Here coldfusion-onelogin is a folder under wwwroot. Any settings in ColdFusion to be modified so that it will not throw any error if we keep the form action attribute as "/post/" ?.
Hmmm. The consumer URL validator is supposed to be a regex expression, and I'm not sure how it's going to handle a literal HTTP value (since it'll try to evaluate it as regex)
So try changing URL validator to be something dumb like *. (match everything)
That should hopefully clear the error until you can sort out what you want the validation to be in production.
You need to first logout from the OneLogin Admin Panel
https://app.onelogin.com/logout
To successfully test the demo app.
I'm going to create one rest services in rest dsl xml. On that I have created one routes. For the route I am going to call my own microservices (this is created other project) for using toD uri. Once I get response I am going to take the values from the body (response json). After that again I am going to call other services in the same route based on the response values (we are taking one field in the response).
My question is
how we can take the values from the response in first service
And how to set headers in that respected values in first values..
How to call 2 services in route. Is it possible to call tod uri two times?
Sample code
<toD uri=http://localhost >
<log message =${body} >
(this response is going to set 2nd service query parameter value )
<toD uri=http://localhost? 1 services response values a>
Not sure if I fully understand your case, but here are my answers to your questions:
1) You can select any value from a JSON response with JsonPath. To use it later, you probably want to save it on the Message header
.setHeader("myHeader", jsonpath("$.your.json.path"))
2) Sorry, I don't understand this question :-)
3) Yes, you can make as many .to() or .toD() as you like
However, if you want to call REST services and you use the Camel REST component, you can profit from built-in URI templating. That means perhaps you don't need .toD()
For example
.to("rest:get:hello/{myHeader}")
would insert the value extracted from the JSON response above because the placeholder name is looked up in the message headers and if found replaced with the value of the corresponding message header
.setHeader("myHeader", jsonpath("$.your.json.path")) // assume jsonpath result is "world"
.to("rest:get:hello/{myHeader}") // URI "hello/world" is called
while doing get operation in spring boot application,
like api/getbooks/1 : it fetches the first record.
for api/getbooks/# : gives invalid parameter.
but api/getbooks/1# : gives the same result as api/getbooks/1.
how can i make it not to accept #?
In the article of URL fragments on Wikipedia can find
The fragment identifier functions differently to the rest of the URI:
its processing is exclusively client-side with no participation from
the web server, ...
When an agent requests a web resource from a Web server, the agent sends the URI to the server, but does not send the fragment
So that is basically the intended behavior the # and everything afterwards is not sent to server. So the URL server gets is the same for both queries.
I am using Jersey 2.x.
I have a GET Request with the following method signature :
#GET
#Path("/size/file/{fileName}")
#Produces("application/json")
public Response getFileSize(#PathParam("fileName") String filename,
#Context ContainerRequestContext crc) {
......
......
}
I hit my URL in the following two ways :
http://localhost:8083/sample/size/file/hello_____
http://localhost:8083/sample/size/file/hello#$
please notice the #$ in the 2nd request.
When I check the parameter in GET Request using IDE Watcher , for the first request the fileName is hello_____ and output is invalid file name.
For the second one when I checked the parameter I found it as hello, I wonder where the #$ gone ?
I have the following questions with the above context.
Why the GET request accepted _____ but not #$ (in the backend)?
What happened to #$ did the jersey cleared the special characters itself ?
I tried passing # then the output is invalid file name, why this time # is not cleared as in case of #$ ?
Is this is a sql injection and can affect my API. If yes then how to handle such scenarios. What actions to take to prevent this ?
I hope I am clear with my questions.
Thank you
I have some code making a #Path for an endpoint:
#Path("/productLine:[a-zA-Z]{1,25}}/cat")
I want to allow two word product lines in the URL. I tried this
#Path("productLine:[a-zA-Z ]{1,25}}/cat")
But the client returns a
HTTP 404 Not Found
when I use a request that has two words, like this:
/services/New Host/cat
can u try with:
#Path("productLine:[a-zA-Z\x0B]{1,25}}/cat")
This worked:
#Path("productLine:[a-zA-Z%20]{1,25}}/cat")
The %20 is the HTTP encoding for space.