I have written a java servlet in app engine that i am trying to connect to a cloud sql, i am working in eclipse kepler on windows. in the google cloud console i have authorized by app to access the database, they are both stored in the US.
To enable cloud sql for my app in eclipse i am going to google>app engine settings...
i try to configure the cloud sql instance, i am using the appropriate instance name : and i have specified the correct database name username and password, i have also tried with a blank password, and both a blank password and user niether have worked. additionally, i am using the same email account across my database and app engine and eclipse. the error i receive is:
Could not connect to Profile (<project>.GoogleCloudSQL.AppEngineInstance).
Error creating SQL Model Connection connection to
Profile(<project>.GoogleCloudSQL.AppEngineInstance). (Error: Not authorized to access
instance: <instance:database>)
Not authorized to access instance: <instance:database>
Error creating Google Cloud SQL Connection factory connection to Profile
(<project>.GoogleCloudSQL.AppEngineInstance). (Error: Not authorized to access
instance: <instance:database>)
Not authorized to access instance: <instance:database>
i then tried to test the database using the google_sql.sh script provided in the bin folder of the appengine sdk. i sent me to a url to get an authorization code, after entering the authorization code i was just given the script fails stating "the provided authorization grant is invalid, expired, revoked etc.".
i just want my app engine java servlet to be able to access my cloud sql database...does anyone have any advice? a solution? a similar problem?
Please take a look at the following link for the recommended way to connect to your CloudSQL instance from dev purposes.
https://developers.google.com/appengine/docs/java/cloud-sql/#connect_and_post
In short, just get an IP address for the CloudSQL instance using admin API or cloud console, authorize your network to access the CloudSQL instance through Cloud console, and point your application to it.
Related
I am developing a Google App Engine (Standard environment) application which uses Google Cloud Storage. I have used App Engine APIs for Cloud Storage until now, which provides a local emulation for the Cloud Storage using Datastore. As those APIs are getting obsolete now, I have decided to use the recommended APIs, however I am struggling with the credentials when running on the Local Server (I am already using the new Cloud Code plugin, not the old App Engine one).
I have created a service account and I have created and downloaded the key for it. If I would be running a normal Java app, I would be able to specify enviroment variables for the VM and I could provide the necessary -DGOOGLE_APPLICATION_CREDENTIALS=xxxxx.json parameters. The server provided by the Cloud Code does not seem to have any way how to provide environment variables, I can only provide VM options, therefore I do not know how can I provide the necessary environment to it, or how to pass the credentials to it in some other way. The only way I got it kind of working was using
gcloud auth application-default login
which has saved credentials in D:\Users\xxxx\AppData\Roaming\gcloud\application_default_credentials.json. This works, but any time I am debugging my application, I get following warning:
com.google.auth.oauth2.DefaultCredentialsProvider warnAboutProblematicCredentials
WARNING: Your application has authenticated using end user credentials from Google Cloud SDK. We recommend that most server applications use service accounts instead. If your application continues to use end user credentials from Cloud SDK, you might receive a "quota exceeded" or "API not enabled" error.
I am not sure how serious this warning is, but it sure sounds scary to me.
In my application I use this code (Scala, Java would be very similar) to create the service with the credentials:
val credentials = GoogleCredentials.getApplicationDefault
val storage = StorageOptions.newBuilder().setCredentials(credentials).build().getService
What is the proper way to pass service account credentials when running on a local Google App Engine server?
The issue with the big warning is that Google does not want you to use User Credentials in place of Service Account credentials. Google is locking down (restricting) what scopes/data third-party services (you) can request. My advice is to not use User Credentials anymore as they will eventually no longer work.
There are several methods to solve this.
Method 1: Setup the CLI to use a service account:
gcloud auth activate-service-account test#development.iam.gserviceaccount.com --key-file=test_google_account.json
Use the correct email address for the service account. This can be found in the Google Cloud console and also in the JSON file. Google libraries will find these credentials. On my website, I have written several articles on the details of services accounts, Application Default Credentials (ADC), etc.
Method 2: Specify the service account in your code
credentials = GoogleCredentials.fromStream(new FileInputStream(service_account_filename))
Create a flag or environment variable so that your code can if-else decide when running on your desktop to process credentials.
Method 3:
If the system (not the VM command line) environment variable GOOGLE_APPLICATION_CREDENTIALS is set, the libraries will use the filename that the variable points to for service account credentials. This file is a Google Cloud Service Account credentials file in JSON format.
Set this environment variable before you launch your IntelliJ.
My Document Links:
https://www.jhanley.com/google-cloud-application-default-credentials/
https://www.jhanley.com/google-cloud-setting-up-gcloud-with-service-account-credentials/
https://www.jhanley.com/google-cloud-creating-and-authorizing-service-account-credentials-with-the-cli/
I am trying to authenticate Azure SQL Database using access token, Problem is, the access token(and refresh token) is generated on the different machine and SQL server authentication java code is on another machine. My application on 2nd machine picks the refresh token from the properties file. I am able to get the access token using refresh token but not able to authenticate the Azure SQL DB using that. However, everything works fine if I do the whole process on the same machine.
Are access token generated IP bound or machine bound?
Error: Database connection failed: Error message: Login failed for user ''. ClientConnectionId:321ad51b-77d5-4681-a162-d6c8afd477aa
The issue has been resolved, it was due to wrong (pretty old) version of MSSQL JDBC jar.
Each user has a default database. When you connect to computer that's running Microsoft SQL Server, and you do not specify a login database, the default database is used. However, if the default database is unavailable at the time of the connection, you may not be able to connect
I am reading data from google spreadsheet API using java. I am able to read on my local machine and the URL getting below for auth2:
https://accounts.google.com/o/oauth2/auth?access_type=offline&client_id=679281701678-iacku5po12k0if70abstnthne9ia57kg.apps.googleusercontent.com&redirect_uri=http://localhost:39740/Callback&response_type=code&scope=https://www.googleapis.com/auth/spreadsheets
My callback URL is
http://localhost:62238/Callback?code=4/k6rwrqBFTJ310Yhy9EBpIA7eH9PqL-HXwC3hi9Q0How#
However, when I am deploying my war on the production server so I am not able to see callback function.
If any one knows about this please suggest to me how to integrate on the production server.
Whenever you integrate with any OAUTH enabled google api. You need to provide the restrictions on google dev console like authorized origins and authorized redirect uris. I think you might have provided different port from your local than what is running in your production in your authorized origins, that is why it is not able to connect from your production server but it is able to connect from your local. you can cross check once.
I downloaded the Spring social project from https://github.com/spring-projects/spring-social-samples/tree/master/spring-social-quickstart
When I run the project on Tomcat, after asking for connection and connecting to facebook, the webpage automatically redirects to
http://localhost:8080/spring-social-quickstart/signin?error=provider#=
I am unable to understand the error. can anyone help?
//After Debugging
It is never executing the method in HomeController.java which extracts the friends and return the next page.
Check the followings:
Most probably you are disconnected from Internet. So check your network connectivity.
Ensure you have given correct username and password while connecting to facebook.
Client Id and secret (generally in XML or properties file, you get it when you create your application in facebook / twitter) you use are correct.
Make sure that you have defined a callback url while creating application in facebook / twitter.
How should I write my connection string in jdbc when I want to connect to a SQL server where windows authentication is needed and I am connecting to a named instance?
So I have my connection string like
jdbc:sqlserver://sqlserver4\Test;datebaseName=TestDB;user=g\John;password=hello123
I have also tried with sqlserver4;namedInstance=Testinstead of sqlserver4\Test
I have tried under
Control Panel -> Administrative Tools -> ODBC Data Source
Shift Right-Click -> Run as different user
login as user=g\John password=hello123 with this test I can connect successfuly, but in my jdbc connection string I get Login failed for user g\John.
Do I have to setup my connection string in a specific way when using Windows User Authentication and named instance in the DB?
According to: https://msdn.microsoft.com/en-us/library/bsz5788z.aspx
If your application runs on a Windows-based intranet, you might be able to use Windows integrated authentication for database access. Integrated security uses the current Windows identity established on the operating system thread to access the SQL Server database. You can then map the Windows identity to a SQL Server database and permissions.
To connect to SQL Server using Windows integrated authentication, you must identify the Windows identity under which your ASP.NET application is running. You must also be sure that the identity has been granted access to the SQL Server database. This topic includes a code example that displays the current Windows identity of the ASP.NET application.
So try maybe adding this:
integratedSecurity=true;
At the end of your connection string and removing username and password
In Production system, all the database servers/hosts will have application specific user ids like report_app_user, dev_app_user,dev_env_user,test_env_user,uat_env_user and the JDBC api will connect it promptly.
Please talk to ITsupport team/db admin to get a application specific user id.
Otherwise, you will not be able to use db user which is tied with windows authentication.
I have tried all that, but it seems that I have to implement some spring security and setup an LDAP server to be able to connect through an AD user, with MuleESB. But thanks anyway :).