I am building a client application for Intra Office Messaging System using Openfire as server. Using Roster class I can find the list of buddies (friends/contacts) using:
Roster rs= con.getRoster();
Collection<RosterEntry> list=rs.getEntries();
System.out.println("\n\n" + list.size() + " buddy(ies):");
for (RosterEntry r : list) {
System.out.println(r.getName());
}
But since this is an IOMS (Intra Office Messaging System), the requirement is diferent. There is no need to add contact. All users should see every other user and his status. Is there a way to achieve this?
One way to do this would be to integrating your openfire with AD. Add all users in a single common group and then import that group in the client. That way a user will automatically appear as a member of that group, and his/her online status will be available to all members of that group. And make sure whenever a new user is added, it becomes member of this group. This way everybody is imported at once in user's list.
Here is a reference link regarding same: Openfire Automatic Roster Population via Shared Groups and here is the guide to integrate Openfire with LDAP
Another way would be to update Openfire code and change registration process to add code for automatically adding all users to buddy list of the newly registered user. You can also do the same code on client side. But this is not a good path to walk on, as it will cause problem as the number of users in system grows.
Related
I enroll a fully-managed device with Android Management API using qrCode.
After enrollment, I want to get any kind of detail of enrolmentToken or qrCode that was used to enroll the device, so I can ping my server of the details and update the database accordingly.
I want to implement this in flutter framework.
This thing can be done by implementing pub/sub in which I can subscribe every enterprise to a certain topic and allow ENROLLMENT notification which listens for such notifications.
To identify which enrollment token an admin used during device provisioning, you can use the devices.get method. When using this method, the following fields will provide relevant information about the token:
The enrollmentTokenName field contains the token's name.
The enrollmentTokenData field - if an enrollment token provides additional data, this field contains that data.
Additionally, you can also use enrollmentTokens.get to get more information about the enrollment used. This method gets an active, unexpired enrollment token, and only a partial view of EnrollmentToken is returned (all the fields but name and expirationTimestamp are empty).
I'm finding a way to programatically list Google Cloud projects inside an organization. I'm trying to use a service account exported json credential to achieve such purpose in this way:
// More info on the endpoint here:
// https://cloud.google.com/resource-manager/reference/rest/v1/projects/list
final CloudResourceManager cloudResourceManagerService = createCloudResourceManagerService();
final CloudResourceManager.Projects.List listRequest = cloudResourceManagerService
.projects()
.list()
.setFilter("labels.it-restoring:false name:IT-TEST-*");
final ListProjectsResponse listResponse = listRequest.execute();
if (listResponse.isEmpty()) {
throw new RuntimeException("The API did not get any response"); // I never get past here
}
log.info("Listing projects returned: {}", listResponse);
The problem I find is that I always get an empty response. Even though I assigned the service account the role of owner. According to docs, I could use roles/
resourcemanager.organizationAdmin which I also set but with no luck. I create the CloudResourceManagement api object using getApplicationDefault.
However if I do gcloud beta auth application-default login which triggers an auth flow in the browser and authenticate with the user which is the owner of the organization this works and lists all the projects that I have.
Can anybody explain to me what I should do to store a proper credential which would emulate he user owner? I already set the service account with the Owner role which in theory gives virtually access to all resources and still no luck.
In order to list the projects on your organization, you need the permission resourcemanager.projects.get. Please find more information in this link The service account might have the owner role of 1 project, and not enought to list them all.
An alternative solution is to grant the account the cloudasset.assets.searchAllResources permission at org level by using one of the following roles:
roles/cloudasset.viewer
roles/cloudasset.owner
roles/viewer
roles/editor
roles/owner
With this permission, you can list all the projects within an organization 456:
gcloud asset search-all-resources \
--asset-types="cloudresourcemanager.googleapis.com/Project"
--scope=organizations/456
Documentation: https://cloud.google.com/asset-inventory/docs/searching-resources
Related post: How to find, list, or search resources across services (APIs) and projects in Google Cloud Platform?
I have a java application running in ECS in which I want to read data from table in account 1 (source_table) and write it to a table in account 2 (destination_table). I created two dynamodb clients with different credential providers - for source_table client I'm using an STSAssumeRoleSessionCredentialsProvider with the arn of a role in account 1; for destination client I'm using DefaultAWSCredentialsProviderChain.
The assume role bit works and I'm able to read using the source client but using the destination client does not work - it still tries to use the assumed role credentials when trying to write to destination_table and fails with unauthorized error (assumed-role is not authorized to perform Put Item).
I tried using EC2ContainerCredentialsProviderWrapper on the destination client but same error.
Should this work? Or are the credentials shared under the hood which makes it impossible to have two different AWSCredentialProviders running simultaneously like this?
I noticed this answer which uses static credentials and apparently works, so I'm at a loss why this doesn't work.
I figured it out with some help from AWS support. It was a problem with my IAM configuration on the role in account 2. I was misled by the error message which said 'assumed-role is not authorized to perform Put Item' when in fact my original account 2 role itself was unable to do so.
I am working on project which used Maximo Asset Management program. Our customer wants to know client IP when any person create new service request. I have searched on the internet but I can't find any topics about that. I 'm working with Java on businessobjects , I have took IP but this IP was Server's IP , as you know that Maximo run on server therefore it shows server ip , but I want to take which user/client create new service request.
In Maximo
Go to->Security->Users
Select Action -> Manage Sessions
Click on arrow to expand info on any logged in user
Here you can see Name and Client Host (ip address of user)
Click on the client host field and hold down alt+i to see the database table and field for this. The result MAXSESSION.CLIENTHOST is the table MAXSESSION and the field is CLIENTHOST.
If I can take #davejal's answer a step further, you could try the following:
Create a relationship called MAXSESSION from PERSON to MAXSESSION where userid = :personid. Note that if MAXUSER.USERID != MAXUSER.PERSONID in your system then your relationship will have to be "upgraded" to userid = (select userid from maxuser where personid = :personid).
Create an attribute on TICKET called REPORTEDBYIP same-as MAXSESSION.CLIENTHOST.
Create a crossover domain called TKREPORTEDBY against PERSON.
The Validation Where Clause should be personid = :reportedbyid.
Have a row in your Crossover Fields table where Source Field is MAXSESSION.CLIENTHOST and Target Field is REPORTEDBYIP.
Apply the TKREPORTEDBY domain to the TICKET.REPORTEDBYID attribute.
A known problem with the above is that if the user is logged in twice from different IPs, it is unknown which one will get crossed over onto the ticket / SR. You could upgrade the where clause in the relationship to always get the alphanumerically lower or higher one, using max() or min(). Or you could change the relationship to find the latest LOGINTRACKING record and use that. But again, there's no sure way, in such a situation, to guarantee that the IP you record will be the one they created the ticket from. But still, this solution is a step in the desired direction.
I have to build a web application who shows some data. I will have two kinds of user: register users and anonymous users. Registers users will run the app from the company intranet, and anonymous users will run the app from internet. Registers users will see more data than the anonymous ones.
I need a login form to registers users (to know who is seeing the data), but when an anonymous user will use the application, login form must not show.
In the same web application, the first screen must be a login form, but in some cases the login form must not appear. What is the best way to do that?
I'm using Vaadin (Java framework based on GWT) to develop my app. I think a good way to do that is checking the browser url, but I'm not sure if is the best approach.
Just as McOmghall says. You can get the user's ip by calling:
WebBrowser b = (WebBrowser) getMainWindow().getTerminal().
String ip = b.getAddress();
or (in your Application class):
WebBrowser b = ((WebApplicationContext) getContext()).getBrowser();
String ip = b.getAddress();
Then you can use Jakara Commons Net to check if the IP address is in the subnet of your company (for example 192.168.0.0/24):
SubnetInfo subnet = (new SubnetUtils("192.168.0.0", "255.255.255.0")).getInfo();
boolean test = subnet.isInRange(ip);
Here's another cool solution that doesn't require the use of any 3rd party libs.
Source 1
Source 2
If you have distinction between extranet and intranet, you should check the origin of the connection by IP. Java provides a way to do this, but I don't know if this is possible with Vaadin.