Re: AppModule: using injected service in ContributeWebSecurityManager
Thanks. It works. I created public static DataSource buildMyDataSource() { // ... implemenation. } then inject the code using @Local @Service("myDataSource") DataSource dataSource like you suggested. -- View this message in context: http://tapestry.1045711.n5.nabble.com/AppModule-using-injected-service-in-ContributeWebSecurityManager-tp5713989p5714000.html Sent from the Tapestry - User mailing list archive at Nabble.com. - To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org For additional commands, e-mail: users-h...@tapestry.apache.org
AppModule: using injected service in ContributeWebSecurityManager
Hi i have the following problem. I have set the following code. public void contributeWebSecurityManager( final Configuration configuration //, @InjectService("myDataSource")final DataSource dataSource ) { final JdbcRealm realm = new JdbcSaltedRealm(); realm.setDataSource(getJndiDataSource()); // realm.setDataSource(dataSource); -- does not work realm.setAuthenticationQuery(AppModule.AUTHENTICATION_QUERY); realm.setUserRolesQuery(AppModule.USER_ROLES_QUERY); realm.setPermissionsQuery(AppModule.PERMISSION_QUERY); realm.setPermissionsLookupEnabled(true); realm.setCredentialsMatcher(this.credentialsMatcher); configuration.add(realm); } In the same AppModule class I have this public static void bind(final ServiceBinder binder) { binder.bind(DataSource.class, AppModule.getJndiDataSource().getClass()) .withId("blog.dataSource"); } When i run my app it seems the datasource is not injected. How am I able to inject the datasource binded into ContributeWebSecurityManager. This is error i am getting when using service injection instead of just manually getting the datasource. NFO: Cannot create JDBC driver of class '' for connect URL 'null' java.lang.NullPointerException at sun.jdbc.odbc.JdbcOdbcDriver.getProtocol(JdbcOdbcDriver.java:524) at sun.jdbc.odbc.JdbcOdbcDriver.knownURL(JdbcOdbcDriver.java:493) at sun.jdbc.odbc.JdbcOdbcDriver.acceptsURL(JdbcOdbcDriver.java:307) at java.sql.DriverManager.getDriver(DriverManager.java:273) at org.apache.tomcat.dbcp.dbcp.BasicDataSource.createConnectionFactory(BasicDataSource.java:1437) at org.apache.tomcat.dbcp.dbcp.BasicDataSource.createDataSource(BasicDataSource.java:1371) at org.apache.tomcat.dbcp.dbcp.BasicDataSource.getConnection(BasicDataSource.java:1044) at $DataSource_210503fddf1.getConnection(Unknown Source) at org.springframework.jdbc.datasource.DataSourceUtils.doGetConnection(DataSourceUtils.java:111) at org.springframework.jdbc.datasource.DataSourceUtils.getConnection(DataSourceUtils.java:77) at org.springframework.jdbc.core.JdbcTemplate.execute(JdbcTemplate.java:573) at org.springframework.jdbc.core.JdbcTemplate.query(JdbcTemplate.java:637) at org.springframework.jdbc.core.JdbcTemplate.query(JdbcTemplate.java:666) at org.springframework.jdbc.core.JdbcTemplate.query(JdbcTemplate.java:674) at org.springframework.jdbc.core.JdbcTemplate.queryForObject(JdbcTemplate.java:729) at org.apache.shiro.realm.JdbcSaltedRealm.getPasswordForUser(JdbcSaltedRealm.java:242) at org.apache.shiro.realm.JdbcSaltedRealm.doGetAuthenticationInfo(JdbcSaltedRealm.java:170) at org.apache.shiro.realm.JdbcSaltedRealm.doGetAuthenticationInfo(JdbcSaltedRealm.java:61) -- View this message in context: http://tapestry.1045711.n5.nabble.com/AppModule-using-injected-service-in-ContributeWebSecurityManager-tp5713989.html Sent from the Tapestry - User mailing list archive at Nabble.com. - To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org For additional commands, e-mail: users-h...@tapestry.apache.org
Re: Tapestry 5.25 with Tynamo 0.4.0 onActionFromLogout not redirecting to index page.
Thanks it works. logout It would be cool if a.) I can specify and configure the post logout page as either a parameter or configuration (don't know how). b.) Fix the session issue during logout. http://tapestry.1045711.n5.nabble.com/Error-after-logout-td3389686.html (The whole reason why i wanted custom logout beside redirecting to index page). -- View this message in context: http://tapestry.1045711.n5.nabble.com/Tapestry-5-25-with-Tynamo-0-4-0-onActionFromLogout-not-redirecting-to-index-page-tp4521350p4539232.html Sent from the Tapestry - User mailing list archive at Nabble.com. - To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org For additional commands, e-mail: users-h...@tapestry.apache.org
Re: Tapestry 5.25 with Tynamo 0.4.0 onActionFromLogout not redirecting to index page.
Re: Tapestry 5.25 with Tynamo 0.4.0 onActionFromLogout not redirecting to index page.
Hi actually after looking at the log. onActionFromLogout doesn't seem to get called either. -- View this message in context: http://tapestry.1045711.n5.nabble.com/Tapestry-5-25-with-Tynamo-0-4-0-onActionFromLogout-not-redirecting-to-index-page-tp4521350p4528286.html Sent from the Tapestry - User mailing list archive at Nabble.com. - To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org For additional commands, e-mail: users-h...@tapestry.apache.org
Tapestry 5.25 with Tynamo 0.4.0 onActionFromLogout not redirecting to index page.
So i have many pages that implements "onActionFromLogout" @InjectPage private Index index; public Object onActionFromLogout() { SecurityUtils.getSubject().logout(); try { // the session is already invalidated, but need to cause an exception since tapestry doesn't know about it // and you'll get a container exception message instead without this. Unfortunately, there's no way of // configuring Shiro to not invalidate sessions right now. See DefaultSecurityManager.logout() // There's a similar issues in Tapestry - Howard has fixed, but no in T5.2.x releases yet request.getSession(false).invalidate(); // some more stuff } catch (Exception ex) { LOG.error("error in logging out", ex); } return index; } but when I click on the logout link generated by tag it does not take me to the index page. I want to invalidate the session, logout and get taken to index page instead of staying on the same page. What is happening. post logout page A --> page A page B --> page B page C --> page C What should happen. Instead I want page A --> Index. What is wrong? What is the best way to solve the problem. Thanks -- View this message in context: http://tapestry.1045711.n5.nabble.com/Tapestry-5-25-with-Tynamo-0-4-0-onActionFromLogout-not-redirecting-to-index-page-tp4521350p4521350.html Sent from the Tapestry - User mailing list archive at Nabble.com. - To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org For additional commands, e-mail: users-h...@tapestry.apache.org
Tynamo 0.4.0 security: How to create custom credential matcher.
Hi I have the following credential matcher from shiro.ini. Since the support for its remove, how would I convert the following. [main] credentialsMatcher=org.apache.shiro.authc.credential.HashedCredentialsMatcher credentialsMatcher.storedCredentialsHexEncoded=false credentialsMatcher.hashIterations=1024 credentialsMatcher.hashAlgorithmName=SHA-512 jdbcSaltedRealm=org.apache.shiro.realm.JdbcSaltedRealm jdbcSaltedRealm.credentialsMatcher=$credentialsMatcher To using new "Tapestry-style all-in-Java configuration" Thanks -- View this message in context: http://tapestry.1045711.n5.nabble.com/Tynamo-0-4-0-security-How-to-create-custom-credential-matcher-tp4490139p4490139.html Sent from the Tapestry - User mailing list archive at Nabble.com. - To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org For additional commands, e-mail: users-h...@tapestry.apache.org
Tapestry 5.2.5 , Tynamo Security 0.3.1 getting unexpected runtime exception on logout.
Hi i have the following class. Layout.java which has this. Here is in my layout.tml @Log public Object onActionFromLogout() { this.securityService.getSubject().logout(); try { final Session session = this.request.getSession(false); if (session != null && !session.isInvalidated()) { session.invalidate(); } } catch (final IllegalStateException ex) { Layout.LOG.error("error in logging out", ex); } return this.index; } The above was the suggestion i tried from http://tapestry.1045711.n5.nabble.com/Error-after-logout-td3389686.html Error after logout 1.) I logout of index (default page) and i don't get any error. 2.) I go to some other page, say page B. I logout and i get the error below. 3.) Implemented suggestion and still got the same error. Here is my log. 2011-05-29 08:48:54,589 ERROR [org.apache.tapestry5.services.TapestryModule.RequestExceptionHandler]Unexpected runtime exception: Attempting to perform a user-only operation. The current Subject is not a user (they haven't been authenticated or remembered from a previous login). Access denied. 2011-05-29 08:48:54,604 WARN [org.apache.tapestry5.services.TapestryModule.RequestExceptionHandler]string I don't see any log trace in my code. However, I do see the @log in other component. What is wrong? Whats the best solution to this problem. -- View this message in context: http://tapestry.1045711.n5.nabble.com/Tapestry-5-2-5-Tynamo-Security-0-3-1-getting-unexpected-runtime-exception-on-logout-tp4437983p4437983.html Sent from the Tapestry - User mailing list archive at Nabble.com. - To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org For additional commands, e-mail: users-h...@tapestry.apache.org
Re: Tapestry 5.2.5: does not contain a property (or public field) named
Thanks. That was the problem. i use imageBasePath in html and now works. -- View this message in context: http://tapestry.1045711.n5.nabble.com/Tapestry-5-2-5-does-not-contain-a-property-or-public-field-named-tp4367257p4371470.html Sent from the Tapestry - User mailing list archive at Nabble.com. - To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org For additional commands, e-mail: users-h...@tapestry.apache.org
Tapestry 5.2.5: does not contain a property (or public field) named
Hi I have the following class. my page file. class MyPage { @Property @Inject @Symbol(value = UploadSymbols.REPOSITORY_LOCATION) private String imageBasePath; } my tml file. ${imageBathPath}/${image2} I get the following error. Could not convert 'imageBathPath' into a component parameter binding: Exception generating conduit for expression 'imageBathPath' com.content.pages.MyPage does not contain a property (or public field) named 'imageBathPath'. How do I inject symbols (like repository location) into pages. -- View this message in context: http://tapestry.1045711.n5.nabble.com/Tapestry-5-2-5-does-not-contain-a-property-or-public-field-named-tp4367257p4367257.html Sent from the Tapestry - User mailing list archive at Nabble.com. - To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org For additional commands, e-mail: users-h...@tapestry.apache.org
Tapestry: 5.2.5 : File upload with bean edit form (Example)
Hi does anyone have an example of using file uploading with beaneditform. The example shows one using without bean edit form, but I want one with using beaneditform. Thanks. -- View this message in context: http://tapestry.1045711.n5.nabble.com/Tapestry-5-2-5-File-upload-with-bean-edit-form-Example-tp4358726p4358726.html Sent from the Tapestry - User mailing list archive at Nabble.com. - To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org For additional commands, e-mail: users-h...@tapestry.apache.org
Re: Tapestry 5: @Property object is null when using in onActivate
Yes i want to redirect to another page if the user is not sign in. However I found my main problem. I was returning this which would cause it to reinitialize itself, thus causing infinite loop. Instead I return null if the authentication passed. Thanks. -- View this message in context: http://tapestry.1045711.n5.nabble.com/Tapestry-5-Property-object-is-null-when-using-in-onActivate-tp4335791p4340930.html Sent from the Tapestry - User mailing list archive at Nabble.com. - To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org For additional commands, e-mail: users-h...@tapestry.apache.org
Re: Tapestry 5: @Property object is null when using in onActivate
public Object onActivate(final Integer databaseId) { Validate.notNull(this.myCommand, "command should be injected"); this.dbRecord = this.myDao.getRecordById(databaseId); final User user = this.securityService.getCurrentUser(); Object obj = this; if (user == null) { obj = this.index; } else { this.myCommand.setValue(dbRecord.getValue()); this.databaseId = databaseId; } return obj; } -- View this message in context: http://tapestry.1045711.n5.nabble.com/Tapestry-5-Property-object-is-null-when-using-in-onActivate-tp4335791p4337766.html Sent from the Tapestry - User mailing list archive at Nabble.com. - To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org For additional commands, e-mail: users-h...@tapestry.apache.org
Re: Tapestry 5: @Property object is null when using in onActivate
Hi I tried it. End up getting this. Firefox has detected that the server is redirecting the request for this address in a way that will never complete. It seems like their is a endless loop going from onActivate and object annotated with @property -- View this message in context: http://tapestry.1045711.n5.nabble.com/Tapestry-5-Property-object-is-null-when-using-in-onActivate-tp4335791p4336539.html Sent from the Tapestry - User mailing list archive at Nabble.com. - To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org For additional commands, e-mail: users-h...@tapestry.apache.org
Tapestry 5: @Property object is null when using in onActivate
Hi I have a situation where I have a @property object. @Property private Command cmd. My onActivate would take an id and load it from db and set the obj onActivate(Integer databaseId) { DBRecord dbRecord = myDao.getById(databaseId); if (dbRecord != null) { cmd.setVal(dbRecord.getValue()); <-- causes npe } } How would I be able to load the db object from db and than setup the value of Object into the command. -- View this message in context: http://tapestry.1045711.n5.nabble.com/Tapestry-5-Property-object-is-null-when-using-in-onActivate-tp4335791p4335791.html Sent from the Tapestry - User mailing list archive at Nabble.com. - To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org For additional commands, e-mail: users-h...@tapestry.apache.org
Re: Tapestry 5.25 autocomplete not working.
I found my problem. I had to put a parameter namespace block around it to get it working. I put it inside -- View this message in context: http://tapestry.1045711.n5.nabble.com/Tapestry-5-25-autocomplete-not-working-tp4287751p4290071.html Sent from the Tapestry - User mailing list archive at Nabble.com. - To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org For additional commands, e-mail: users-h...@tapestry.apache.org
Re: Tapestry 5.25 autocomplete not working.
so here is my tml file. I follow and add @Log and even put if (LOG.isDebugEnabled()) { LOG.debug("calling loading of frameworks starting with {}", partial); } Are their anything missing? Are their samples i can see. I debug it in firefox, and I don't see any autocomplete css/js in source code being render. The other tapestry component such as ajax submitting behavior works fine. Thanks. -- View this message in context: http://tapestry.1045711.n5.nabble.com/Tapestry-5-25-autocomplete-not-working-tp4287751p4288794.html Sent from the Tapestry - User mailing list archive at Nabble.com. - To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org For additional commands, e-mail: users-h...@tapestry.apache.org
Tapestry 5.25 autocomplete not working.
Hi i have the following field. public class FrameworkPage{ @Component(id = "frameworkName") private TextField frameworkName; public List onProvideCompletionsFromFrameworkName(final String partial) { return this.frameworkService.getFrameworkByName(partial); } } I have an input field. in tml file. It seems the auto complete is never getting fired. WHat is wrong? -- View this message in context: http://tapestry.1045711.n5.nabble.com/Tapestry-5-25-autocomplete-not-working-tp4287751p4287751.html Sent from the Tapestry - User mailing list archive at Nabble.com.
Re: tapestry-spring: injecting with multiple implementation.
Well its ugly but i have to get around it by manual loading the JNDI data source. private static DataSource getJndiDataSource() { DataSource dataSource = null; final String datasourceContext = "java:comp/env/jdbc/DS" try { final Context initialContext = new InitialContext(); dataSource = (DataSource) initialContext.lookup(datasourceContext); } catch (final NamingException namingException) { AppModule.LOG.error("can't get data source", namingException); } return dataSource; } -- View this message in context: http://tapestry.1045711.n5.nabble.com/tapestry-spring-injecting-with-multiple-implementation-tp3318764p4266441.html Sent from the Tapestry - User mailing list archive at Nabble.com. - To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org For additional commands, e-mail: users-h...@tapestry.apache.org
tapestry-spring: injecting with multiple implementation.
HI i have a problem in injecting multiple data source into different application. I have a.) selling service that uses one data source (via ) b.) authentication service that uses another. (via ) and so on. now in my appmodule i inject the service with two option: option A:) @Autowired @Qualifier("authentication.dataSource") private DataSource dataSource; does not work because the data source is never injected. option B.) @Inject private DataSource dataSource; i get too many class matching error. What would be best way around this? Will the next version of tapestry allow the ability to choose which implementation to inject? -- View this message in context: http://tapestry.1045711.n5.nabble.com/tapestry-spring-injecting-with-multiple-implementation-tp3318764p3318764.html Sent from the Tapestry - User mailing list archive at Nabble.com. - To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org For additional commands, e-mail: users-h...@tapestry.apache.org
Re: tapestry security with 1.1.0 of shiro --> unable to get sha512 login working.
thanks. how do i test that my configuration is working correctly? final String username = "username"; final String password = "password"; String hashedPasswordBase64 = new Sha512Hash(password).toBase64(); // ini part. Ini ini = new Ini(); Ini.Section main = ini.addSection("main"); main.put("credentialsMatcher", "org.apache.shiro.authc.credential.Sha512CredentialsMatcher"); main.put("iniRealm.credentialsMatcher", "$credentialsMatcher"); main.put("credentialsMatcher.storedCredentialsHexEncoded", "false"); Ini.Section testUsers = ini.addSection(IniRealm.USERS_SECTION_NAME); testUsers.put(username, hashedPasswordBase64); IniSecurityManagerFactory factory = new IniSecurityManagerFactory(ini); SecurityManager sm = factory.createInstance(); //try to log-in: Subject subject = new Subject.Builder(sm).buildSubject(); //ensure thread clean-up after the login method returns. Test cases only: subject.execute(new Runnable() { public void run() { SecurityUtils.getSubject().login(new UsernamePasswordToken(username, password)); } }); Assert.assertEquals(subject.getPrincipal(), username); but i have no idea , how to test salt. -- View this message in context: http://tapestry.1045711.n5.nabble.com/tapestry-security-with-1-1-0-of-shiro-unable-to-get-sha512-login-working-tp3263653p3264486.html Sent from the Tapestry - User mailing list archive at Nabble.com. - To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org For additional commands, e-mail: users-h...@tapestry.apache.org
tapestry security with 1.1.0 of shiro --> unable to get sha512 login working.
So this is in my pom.xml I have 0.2.0 version of tynamo security excluding apache shiro 1.0.0.incubating and instead using 1.1.0 of apache shiro. my save user looks like this.. // begin save user RandomNumberGenerator rng = new SecureRandomNumberGenerator(); String byteSource = rng.nextBytes().toBase64(); String hashedPasswordBase64 = new Sha512Hash(password, byteSource.getBytes(), 1024).toBase64(); RegisterUser user = new RegisterUser(username, email, hashedPasswordBase64, byteSource); return this.userDao.createUser(user); // end save user. inside my jdbcSaltedRealm which extends JdbcRealm. it has these code. // begin code protected static final String DEFAULT_AUTHENTICATION_QUERY = "select password, passwordSalt from users where username = ?"; @Override protected SaltedAuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException { UsernamePasswordToken upToken = (UsernamePasswordToken) token; String username = upToken.getUsername(); // Null username is invalid if (username == null) { throw new AccountException("Null usernames are not allowed by this realm."); } Connection conn = null; SaltedAuthenticationInfo info = null; try { conn = dataSource.getConnection(); PasswordWithSalt pws = getPasswordForUser(conn, username); if (pws == null) { throw new UnknownAccountException("No account found for user [" + username + "]"); } info = buildAuthenticationInfo(username, pws.getPassword(), pws.getSalt()); } catch (SQLException e) { final String message = "There was a SQL error while authenticating user [" + username + "]"; if (log.isErrorEnabled()) { log.error(message, e); } // Rethrow any SQL errors as an authentication exception throw new AuthenticationException(message, e); } finally { JdbcUtils.closeConnection(conn); } return info; } protected SaltedAuthenticationInfo buildAuthenticationInfo(String username, String password, ByteSource passwordSalt) { return new SimpleAuthenticationInfo(username, password, passwordSalt, getName()); } private PasswordWithSalt getPasswordForUser(Connection conn, String username) throws SQLException { PreparedStatement ps = null; ResultSet rs = null; String password = null; ByteSource salt = null; try { ps = conn.prepareStatement(authenticationQuery); ps.setString(1, username); // Execute query rs = ps.executeQuery(); // Loop over results - although we are only expecting one result, since usernames should be unique boolean foundResult = false; while (rs.next()) { // Check to ensure only one row is processed if (foundResult) { throw new AuthenticationException("More than one user row found for user [" + username + "]. Usernames must be unique."); } password = rs.getString(1); String saltString = rs.getString(2); salt = new SimpleByteSource(Base64.decode(saltString)); foundResult = true; } } finally { JdbcUtils.closeResultSet(rs); JdbcUtils.closeStatement(ps); } return new PasswordWithSalt(password, salt); } // my appmodule is like this. public void contributeWebSecurityManager(Configuration configuration) { realm = new JdbcSaltedRealm(); realm.setDataSource(dataSource); realm.setAuthenticationQuery(AUTHENTICATION_QUERY); realm.setUserRolesQuery(USER_ROLES_QUERY); realm.setPermissionsQuery(PERMISSION_QUERY); realm.setPermissionsLookupEnabled(true); configuration.add(realm); } public void contributeApplicationDefaults(MappedConfiguration configuration) { // 1 MB max file size, 5 MB request upload size. configuration.add(SecuritySymbols.SHOULD_LOAD_INI_FROM_CONFIG_PATH, "true"); } // now my shiro.ini is like this. [main] credentialsMatcher=org.apache.shiro.authc.credential.Sha512CredentialsMatcher # base64 encoding, not hex in this example: credentialsMatcher.storedCredentialsHexEncoded=false credentialsMatcher.hashIterations=1024 now whenever i logon i keep getting wrong username and password, is their a guide or sample on how to get hashing to work with tapestry tynamo security. i could get it working without hashing, but i rather add hashing to store salted password. thanks. --
tapestry tynamo forum login question.
Hi i have a few question. how do i set up jdbc relam is doing this k? public class AppModule { @Inject private static DataSource dataSource; private static JdbcRealm realm; private static final String AUTHENTICATION_QUERY = "select PASSWORD from USER_ROLES_VIEW where USER_NAME = ?"; private static final String USER_ROLES_QUERY = "select ROLE_NAME from USER_ROLES_VIEW where USER_NAME = ?"; public static void bind(ServiceBinder binder) { binder.bind(ReplyDao.class, ReplyDaoJdbcImpl.class); binder.bind(ReviewDao.class, ReviewDaoJdbcImpl.class); binder.bind(ImageDao.class, ImageDaoJdbcImpl.class); binder.bind(ContentWriteService.class, ContentWriteServiceImpl.class); binder.bind(ContentReadService.class, ContentReadServiceImpl.class); } public static void contributeWebSecurityManager(Configuration configuration) { realm = new JdbcRealm(); realm.setDataSource(dataSource); realm.setAuthenticationQuery(AUTHENTICATION_QUERY); realm.setUserRolesQuery(USER_ROLES_QUERY); realm.setPermissionsLookupEnabled(true); configuration.add(realm); } } 2nd for the login page what happen if i want to override the design and force it to go to https how do i do that? thanks, Chun Ping Wang. -- View this message in context: http://tapestry.1045711.n5.nabble.com/tapestry-tynamo-forum-login-question-tp3229411p3229411.html Sent from the Tapestry - User mailing list archive at Nabble.com. - To unsubscribe, e-mail: users-unsubscr...@tapestry.apache.org For additional commands, e-mail: users-h...@tapestry.apache.org