RSS
 

Archive for the ‘Java’ Category

BlazeDS Custom Authentication

30 Apr

Here are the steps to roll your own BlazeDS Custom Authentication:

You’ll need to write a Java Class that implements the following class(es):

flex.messaging.security.LoginCommand;
flex.messaging.security.LoginCommandExt;

For example:

package com.dl.login;

import flex.messaging.security.LoginCommand;
import flex.messaging.security.LoginCommandExt;

import com.dl.login.UserVO;

public class LoginProxy implements LoginCommand,LoginCommandExt
{
public Principal doAuthentication(String username, Object attributes)
{

String password = (String)attributes;
//At this point you’d typically check against a datastore / LDAP / etc

if(username.equals(“riafan”) && password.equals(“mysecret”))
{
UserVO vo = new UserVO(username);
return vo;
}
return null;
}

public boolean doAuthorization(Principal user, List roles)
{

UserVO u = (UserVO)user;

if(u == null)
return false;

for(int i=0;i<roles.size();i++)
{
String role = (String)roles.get(i);
if(u.hasRole(role))
return true;
}
return false;
}

public boolean logout(Principal arg0) {
// TODO Auto-generated method stub
return false;
}

public void start(ServletConfig arg0) {
// TODO Auto-generated method stub

}

public void stop() {
// TODO Auto-generated method stub

}

public String getPrincipalNameFromCredentials(String arg0, Object arg1) {
// TODO Auto-generated method stub
return null;
}
}

In this example UserVO must implement java.security.Principal

package com.dl.login;

import java.security.Principal;

public class UserVO implements Principal
{

public String [] groups;
public String username;

public UserVO(String username)
{
this.username = username;
// Make sure we apply the array groups (roles) this user belongs to at some point :)
}

public String getName() {

return this.username;
}

public boolean hasRole(String role)
{
for(int i=0;i<groups.length;i++)
{
if(groups[i].equals(role))
return true;
}
return false;
}

}

Okay, now we just need to point the services-config.xml to our class
<security>

<login-command class=”com.dl.login.LoginProxy” server=”all”>
<!– a.k.a. true = per ‘tab’ authentication –>
<!– when set to true a browser refresh will also reset auth –>
<per-client-authentication>false</per-client-authentication>
</login-command>

<security-constraint id=”trusted”>
<auth-method>Basic</auth-method>
<roles>
<role>guests</role>
<role>accountants</role>
<role>employees</role>
<role>managers</role>
</roles>
</security-constraint>

</security>

That’s it.

To actually secure a destination, use the remoting-config.xml

<destination id=”AlertProxy” >
<properties>
<source>com.dl.alerts.AlertDAO</source>
<scope>application</scope>
</properties>

<security>
<security-constraint ref=”trusted”/>
</security>

</destination>

 
No Comments

Posted in Java

 

BlazeDS Context.xml

23 Apr

While deploying a BlazeDS project, I ran into a small problem that the META-INF/context.xml was not being loaded by tomcat.

The context.xml has a simple JNDI datasource defined

auth="Container"
type="javax.sql.DataSource"
username="username"
password="password"
driverClassName="com.mysql.jdbc.Driver"
url="jdbc:mysql://yourhost.com:3306/dbname" />

Reading up on the tomcat docs it became obvious that tomcat was loading the Adobe BlazeDZ tomcat/conf/context.xml.

 
No Comments

Posted in Java

 

Java Soap Client

19 Nov

I ran into a short problem writing a Java SOAP client. I was using the Axis[2] wsdl2java class to generate my Java classes. The latest version of wsdl2java has omitted the -T parameter that’s used to specify the SOAP version for the generate classes. The client’s soap endpoint only accepts SOAP 1.1 (not 1.2) so this proved to be a problem. I downloaded an older version of Axis [1.4] so I could specify the -T 1.1 and build against SOAP 1.1.
Download hip hop songs mp3
Buy Levitra Vardenafil
This time around the generated Java classes are missing the soap envelope headers needed by the service. I found a great article covering this exact problem.

The only change needed from there was in the service stub…

The org.apache.axis.soap.SOAPConstants.SOAP12_CONSTANTS needed to be changed to org.apache.axis.soap.SOAPConstants.SOAP11_CONSTANTS. I was a bit surpised to see those constants after building w/the wsdl2java -T 1.1 argument.

Disclaimer: I’m not a SOAP *expert* so feel free to provide feedback :-)

 
No Comments

Posted in Java

 

Flex, Java Remoting, and JMS [null message body]

07 Aug

So I was pounding out some code this afternoon, ran into a small snag and thought I’d post. Neuro-physiologists tell us that we better remember what we write down so here goes.

Similar to my post a few months ago, I made a simple omission in my coding flurry.

I was working with a backend Java class that published messages to [ActiveMQ] JMS. I wrote up a simple VO class to publish via JMS.


package com.dl.sifagents.vo;

import java.io.Serializable;

public class ZISEventVO implements Serializable
{
public String eventType = "";
public String payloadPackage = "";
public String payloadElement = "";
public String xml = "";
}

On the Flex side, I wrote up an AS3 implementation


package com.dl.sifagents.vo
{
[RemoteClass(alias="com.dl.sifagents.vo.ZISEventVO")]
[Bindable]
public class ZISEventVO
{
public var eventType:String;
public var payloadPackage:String;
public var payloadElement:String;
public var xml:String;
}
}

I published the VO to JMS…


public void publishObjectToJMS(Serializable o)
{
try {
ObjectMessage message = _pubSession.createObjectMessage();
message.setObject(o);
_publisher.publish(message, Message.DEFAULT_DELIVERY_MODE, Message.DEFAULT_PRIORITY, 5 * 60 * 1000);
} catch (JMSException e1) {
e1.printStackTrace();
}
}

I received the JMS message in Flex (via BlazeDS) but the message body was null. I checked and doubled checked my Java VO implementation vs AS3 VO implementation and couldn’t find any naming conflicts or errors.

Then it hit me, in my haste I’d forgotten to upload the Java VO class to BlazeDS (i.e. to the WEB-INF/classes folder)!

That’s my piece of humble pie for the week :) Back to work.

 
3 Comments

Posted in BlazeDS, JMS, Java