I'm trying to build a java http server connected to a database (mysql) where one of my objectives are to NOT use a gui.
Instead, to let the "user" insert data by simply entering the desired input on top of a URL
For example:
in this url, the user is inserting his id number = (123) and his name = (JOE)
localhost/employee/add?id=123&name=JOE
or a remove example, removing a row by id only..
localhost/employee/remove?id=123
I was searching the web for a code example for over 4 hours and got to early morning hours with no luck :/
All I found was that it's called "url patterns" which you configure via java EE & net beans or similar platforms (all that I've encountered so far..)
but none of the tutorials/explanations wont demonstrate how to implement that by sending queries and configuring multiple url patterns together.
Can someone explain, demonstrate this technique ?
Thousand thankyous in advance, Iguana.
Related
I am using RESTFUL webservices using Spring framework.Some information is displayed on the user interface using the data returned by webservices. There is a webservice, which gets the usernames and their roles from the database. For a particular user , I would like to have all the webservices display data in the form of ####,#### for first name,lastname ; ##/##/#### for date of birth etc. Since I am using JDBC to connect to the database, here's what I was thinking of doing:
Should I consider passing an additional parameter (maybe sending a value 0 or 1 ; 0 for all other users and 1 for user for which I want to hide the information) to each and every GET webservice so that when it comes to getting data from the database in the JDBC code part,I could check whether the flag is set to 1 or 0 and based on this, I could do something like this in the JDBC code :
// Code for a case when flag is set to `0`. Hence retrieving information from the database.
while(rs.next()) {
EmployeeList empList = new EmployeeList();
empList.setEmpId(empId);
empList.setEmployeeName(rs.getString("name"));
employeeList.add(empList);
}
// Code for a case when flag is set to `1`. Hence hiding information and not retrieving information from the database.
while(rs.next()) {
EmployeeList empList = new EmployeeList();
empList.setEmpId(empId);
empList.setEmployeeName("####,######");
employeeList.add(empList);
}
I am wondering, if this is an appropriate way to achieve my task or is there some other way around?
Edit:More clarifications on my requirements:
I am using jqxWidget in the UI to display the information I am getting from a RESTFUL webservice in JSON format. For example, let's consider this example and the screenshot for better understanding of my requirement:
1) Let's say I am getting all the information from the JSON response which I am populating in the jQXWidget as shown in the screenshot above.
2) In the above widget, I would like to hide say for example, First Name, Last Name and Quantity like the following:
First Name = XXXXX
Last Name = XXXXX
Quantity = ####
In my application, if a user clicks on a particular row , a new page is displayed with some additional information. After click, new sets of web services are called and those web services takes First Name, Last Name and Quantity as input parameters. My concern is that, if I somehow replace the First Name with XXXXX, Last Name with XXXXX and Quantity with #### using any approach, when a user clicks on any of the row of the widget, the next set of web services
are going to get XXXX and #### as input and eventually will fail. Please correct me if my understanding until this point is not correct.
Thanks
I am using Spring 4.2.5 version.
This depends on what sort of information hiding you want to achieve. Typically you shouldn't do this manually.
You can use, for example, role-based authorization. Exact details depends on the web-service framework you are using.
For spring MVC, you can use something similar to this:
Custom authorization in Spring MVC
I wish to display some data from my SQL server into my application.
Let me explain throw an example what have i done until now, and please tell me how should i go on with my work:
(1) I have a database named: 'DB1'
(2) In my database i have table named 'users':
Id, Name, LastName
1 Dave Stone
2 Rose Mary
3 Gray Lone
(3) I created 3 php files: 1/ config.php (sets up my database log in information like password...)
2/ DBConnection.php : `
// Connecting to database
public function connect() {
require_once 'Config.php';
// Connecting to mysql database
$this->conn = new mysqli(DB_HOST, DB_USER, DB_PASSWORD, DB_DATABASE);
// return database handler
return $this->conn;
}
}
?>
3/ GetUsers.php which i dont know how should i write it - this would be the code which will echo whatever i want from the table.
(4) Inside my android studio project i have a MainActivity.java and i want to get all the LastNames of all the users in the database and do whatever with them... like print them into a text box it doesn't really matter (let's say i don't know how many users I have).
I need some one to help me get stages (3)3/ + (4) done / explained.
I think what you mean is a good method to retrieve and set values from app to database, the best and most prominent way is using basic REST services that convert your db values to JSON then you load the json using your api key as authentication, it might sound really stressful but is in fact very easy and flexible to implement, the only way you can directly set and get db values on android is using sqlite (android local inbuilt db)
The best tutorial and major explanation for exactly what you want to achieve is here
http://www.androidhive.info/2014/01/how-to-create-rest-api-for-android-app-using-php-slim-and-mysql-day-12-2/
Then this one for further works
http://www.androidhive.info/2012/01/android-login-and-registration-with-php-mysql-and-sqlite/
It covers how you make a rest service yourself
In Neo4J, I want to use the bolt protocol.
I installed the 3.1 version of Neo4J.
I my Java project, that already works well with normal HTTP Rest API of Neo4J, I integrate with Maven the needed drivers and achieve to perform request with BOLT.
The problem is everywhere you make a search about bolt they give example like this one :
MATCH (a:Product) return a.name
But I don't want the name, I want all the data of all product, what ever i know or not before what are these columns, like here:
MATCH (a:Product) return * --> here I retrieve only the ids of nodes
I found there https://github.com/neo4j-contrib/neo4j-jdbc/tree/master/neo4j-jdbc-bolt we can "flatten" the result but it seems to not work or I didn't understand how it works:
GraphDatabase.driver( "bolt://localhost:7687/?flatten=-1", AuthTokens.basic( "neo4j", "......." ) );
I put the ?flatten=-1 at the end of my connection address... but that changed nothing.
Anyone can help? Or confirm it's not possible or not working ?
Thanks
Ok I understood my error, I didn’t dig enough in the object returned. So used to have a JSON formatted response, I didn’t see that I have to search in the StatementResult object to find the wanted object with its properties. In fact Eclipse in the “expressions” shows “in fly” only the ids, but inside the object data are there.
Record oneRecord = rs.next();
String src = oneRecord.get("m").get("source");
That way I can reconstruct my object
Hi I have read Glassfish 3.1.2's JDBCRealm has a new Password Encryption Algorithm field. What is it for? and googled for similar topics but it seems no definitive answer has been published.
In short, I have a jdbc realm working in glassfish 3, when I upgrade to 3.1.2, same configuration does not work. According to the previous thread, I have set the JaasContext to jdbcDigestRealm (in addition to jdbcRealm which also does not work), set the Digest Algorithm to MD5 (I used MD5 in v 3 and it worked). For Password Encryption Algorithm I tried 'blank', and 'hex', both do not work.
Could someone please tell me how I should configure. My credentials table is based on mysql with MD5 hashed passwords according to http://jugojava.blogspot.hk/2011/02/jdbc-security-realm-with-glassfish-and.html.
I succeed to make it works with the following settings. I add a few comments with my current (mis)understanding.
JAASContext = "jdbcRealm" => The value must be set according to file 'glassfish3/glassfish/domains/domain1/config/login.conf'. By default, the class 'com.sun.enterprise.security.auth.login.JDBCLoginModule' (which implement the JDBCrealm) is configured under "jdbcRealm". There is another login module configured under "jdbcDigestRealm". This one is not part of the current topic.
JNDI = "..." => I put there the name of a datasource that already
exists for the database of my application.
UserTable = "MY_SCHEMA.usertable" => The 'full qualified name' of the
database table.
UserNameColumn = "userid" => column name where you store the user
name
PasswordColumn = "password" => column name where you store the (hash
of the) user passsword.
GroupTable = "MY_SCHEMA.grouptable" => The 'full qualified name' of
the database table.
GroupTableUserNameColumn = "" => no clue about the usage of this...
GroupNameColumn = "groupid" => column name where you store the user
name
AssignGroups = "" => As far as I understand the GF code, this is a way to assign a list of groups to every user registered in the realm. It's kind of hard-coding. More or less every realm available on GlassFish (could) make use of this property.
DatabaseUser = "" => As I understood, you need this if you aren't
using the JNDI (the second parameter).
DatabasePassword = "" => As I understood, you need this if you aren't
using the JNDI (the second parameter).
DigestAlgorithm = "SHA-256" => 'MD5', 'SHA-1' or 'SHA-256'. 'SHA-256'
is the default. Let's take 'SHA-256'.
PasswordEncryptionAlgorithm = "AES" => The digest algorithm is applied to the password before storing the password. The new password encryption is an added layer of security which allows the "hash" (the string after the DA has been applied to the password) to be encrypted. In this way, if an attacker retrieves the passwords from the database they are encrypted and hashed. It's highly unlikely that such data would be useful to an attacker.
Encoding = "Hex" => You have the choice between 'Hex' or 'Base64'.
Hex was convenient for me.
Charset = "" => As my database does not have an 'exotic' charset, I
do not think I need to set something smart there. I leave it blank
and it works.
Hope it will help.
PS: If somebody have a link to REAL documentation (not the official one which is completly useless at this moment), please, put a link here.
I spent a while today playing with this (Java EE 7, Glassfish 4 on Ubuntu 12.04). As it turns out, most of the fields on the Realm Page are not needed. The following fields were the only ones that are needed to establish a successful connection to the database.
Realm Name - Any name, as long as you use the same name in web.xml
JAAS Context - Any Name
JNDI - Any Name (I used jdbc/DB Name)
User Table - Table which contains all the users
User Name column - Column in the users table which contains your user-names
Password - Column which contains hashed passwords (SHA 256)
Group Table - Table which contains groups
Group Name Column - Column in the groups table which contain group names
I left everything else blank. My database password column had the password hashed using SHA 256.
I tested this by filling in random text in the 'Password Encryption' field and saving it. Redeployed my application and restarted Glassfish 4. Still worked. This means that the field, while still present is not being read anymore.
P.S - The real documentation as mentioned in the first answer is still quite poor.
First things first. What is your log output?
What are the symptoms of your "not working problem"?
Did basic-authentication pop-up window occurred?
Did you get
No login module configured for jdbcDigestRealm
or other error message?
change security log level if don't have any log output from unsuccessful login attempt.
I have two variations to the jdbcRealm issue. The first existed from a domain that was created using GF 3.1.1 which continued to work after updating the GF server to the 3.1.2.2 release. I then created a new domain on this server. The new domain was configured using the jdbcRealm. All of the parameters were the same for the 3.1.1 configuration except for the "Password Encryption Algorithm" which didn't exist under the 3.1.1 configuration screen. When I tried to login using my Web Application I was constantly getting the "jdbcrealm.invaliduserreason[#]" error in the log file.
The only way that I was able to resolve and to successfully login to my application was by adding the AES to the "Password Encryption Algorithm" field. I saved the change and restarted the server and once again I am able to successfully authenticate users from the jdbcRealm connection.
There is a somewhat more detailed guide here -> http://is.gd/Jx6Gnp
I am using Apache Solr for search. I use this to provide personal user-based search. i.e. each user has a separate physical Lucene Index. So for 10 users, I have 10 separate physical indexes on disk.
To support searches on these indexes, I am planning to use Solr MultiCore Feature. With the various articles I have been reading regarding this, it looks like this would work.
Where I am actually not sure is, when a solr searcher gets a query, instead of sending the query to all the multiple-cores, how do I funnel the query to that core which has that particular user's index connected to? Is this a config change or do I need to do code level changes?
i.e. I want to send the query to only one solr-core (based on userid). Is this even possible?
UPDATE: So according to one of the solutons I can add multi-cores in the solrconfig.xml i.e. at the time of starting solr I'll need to mention the cores (or in my case the users). So now, if I want to add a new user's index, I'll probably need to stop solr, edit its config, add that users core & start solr again. Is there any way to dynamically add cores to a running solr instance?
Solr cores are essentially multiple indices run in the same context on an application server. You can think of it as installing 1 war-file for each user. Each core is separated by a name, hence you must yourself keep track of which url is valid for which user.
E.g.,
http://host.com/solr/usercore1/select?q=test
http://host.com/solr/usercore2/select?q=test
Which is based on the config solr.xml:
<solr persistent="true" sharedLib="lib">
<cores adminPath="/admin/cores">
<core name="usercore1" instanceDir="usercore1" />
<core name="usercore2" instanceDir="usercore1" />
</cores>
</solr>
...instead of sending the query to all the multiple-cores...
This approach is called sharding and is based on distributed searching, which is a completely separate feature which focuses on splitting one users index over multiple solr instances.
[EDIT]
One approach to creating new cores is by solrj which provides a routine CoreAdmin.createCore(..). You could also do this using a manual HTTP request: /cores?action=CREATE&name=usercore3...
Solr can also reload its config dynamically, if you had a script in place which edited the cores config these changes should be picked up too.
You can combine multicore with sharding via this following URL :
http://localhost:8983/solr/core0/select?shards=localhost:8983/solr/core0,localhost:8983/solr/core1&q=*:*
Im using solrj.
First creating cores. I found 2 ways.
first way:
SolrCore solrCore = coreContainer.create(new CoreDescriptor(
coreContainer,
coreName,
"."));
coreContainer.register(solrCore, true);
second way:
SolrQuery solrQuery = new SolrQuery();
solrQuery.setParam(CommonParams.QT, "/admin/cores");
solrQuery.setParam(
CoreAdminParams.ACTION,
CoreAdminParams.CoreAdminAction.CREATE.name());
solrQuery.setParam(
CoreAdminParams.NAME,
name);
solrQuery.setParam(
CoreAdminParams.INSTANCE_DIR,
"./" + name);
solrQuery.setParam(
CoreAdminParams.CONFIG,
solrHomeRelativePath + solrConfigHomeRelativePath);
solrQuery.setParam(
CoreAdminParams.SCHEMA,
solrHomeRelativePath + solrSchemaHomeRelativePath);
solrQuery.setParam(
CoreAdminParams.DATA_DIR,
".");
solrServer.query(solrQuery);
to query a particular core I just do :
SolrServer solrServer = new EmbeddedSolrServer(coreContainer, coreName);
and then perform my queries the way I usually do using solrj.
So in your case, you would simply get the corename associated with the user doing a search request. The coreContainer instance would be shared but not the SolrServer instance.
By the way Im doing something similar to you!
See you.
When you use mmulticore, you create separate conf folder that contain separate query and schema and and the way the results are being fetched.
And when you hit the below url
http://{your localhost}:8983/solr
The you will see the list of cores that you have created. and for each core you will have to create index like this
http://{your localhost}:8983/solr/{your_core_name1}/dataimport?command=full-import
http://{your localhost}:8983/solr/{your_core_name2}/dataimport?command=full-import
http://{your localhost}:8983/solr/{your_core_name3}/dataimport?command=full-import
and after creating index, you will have to refer to the core when performing search like this,
http://{your localhost}:8983/solr/{your_core_name3}/select/?q=*:*&start=0&rows=100