I have about 3 apps in glassfish-4 using SingleSignOn for security and a 4th app for 'Access Control' where all the users for all the apps login and get redirected to any of the apps the user has access to. Everything has been working perfectly until now that i need to add a 5th app. And the 5th app refused to work with the others.
here is the code snippet i used in the first in all the apps:
#Named
#SessionScoped
public class SecurityController
// unnecessary codes ommitted
String email = FacesContext.getCurrentInstance().getExternalContext().getRemoteUser();
if(email==null){
FacesContext.getCurrentInstance().getExternalContext()
.redirect("http://localhost:8080/AccessControl/login.xhtml")
}
This has been working for me in all the first 3 apps but wouldnt work in this last one. Am using standard Java EE 6 with primefaces 5.0.
Here is the error i get:
Warning: Servlet.service() for servlet Faces Servlet threw exception
java.lang.NullPointerException
at com.sun.faces.context.flash.ELFlash.doLastPhaseActions(ELFlash.java:644)
at com.sun.faces.context.flash.ELFlash.doPostPhaseActions(ELFlash.java:582)
at com.sun.faces.context.ExternalContextImpl.doLastPhaseActions(ExternalContextImpl.java:1081)
at com.sun.faces.context.ExternalContextImpl.redirect(ExternalContextImpl.java:643)
Any suggestion will be greatly appreciated as this is delaying a long due move to production. Thanks
Related
So I'm working on implementing Oath2 authentication to allow my app to access Intuit Quickbooks company resources (items, customers, etc).
Intuit provides working examples using Spring, but I'm developing my app using JavaEE 8 with GlassFish5.
The Spring sample app callback contoller is structured as follows:
#Controller
public class CallbackController {
...
#RequestMapping("/oauth2redirect")
public String callBackFromOAuth(#RequestParam("code") String authCode, #RequestParam("state") String state, #RequestParam(value = "realmId", required = false) String realmId, HttpSession session) {
...
//after successful validation
return "connected";
This is the redirect handler controller; which address it's configured at the intuit portal (in this case, http://localhost:8080/oauth2redirect) that will be called after user approves the app and intuit will send back authorization code to this url.
So I'm a bit stuck finding what's the equivalent Spring callback redirect handler in JavaEE.
Is a #WebServlet or #WebService needed here? But then it wouldn't integrate nicely with JSF to just return the "connected" string so that it redirects to desired page (in this case connected.xhtml).
Not looking for workarounds, but the correct and standard way of implementing this on JavaEE. If you can point me to some sample apps out there or tutorials I would greatly appreciate it.
Thanks a lot in advance!
Here's full source code for callback handler controller and the full sample app.
There is at least not a really good alternative in JSF. Yes, you could 'abuse' JSF but there are other, better standards for this and this is (almost) what Spring also does. If you read the Spring Specs , you'll see the word 'Rest' being used a lot.
Well, there is a real java standard called 'Jax-RS' that is the standardized counterpart of what you do in spring.
This provides a decent analysis of the two So Jax-RS is the way to go.
But a #WebServlet or #WebService integrate perfectly with JSF. You can store any authentication information in the session and use that from JSF. No problem at all.
What is the equivalent code in JBOSS 7 for Weblogic's login security module code Authenticate.authenticate()
I recommend you toroughfully read JBOSS excellent migration guide .
WebLogic provides a proprietary ServletAuthentication class to perform programmatic login. In JBoss AS 7, you can use the standard Java EE6 Servlet 3.0 HttpServletRequest.login() method to perform programmatic login or you can define a element in the web.xml file.
To enable programmatic login, you must replace the WebLogic proprietary code with one of the following:
You can add the following annotations to the Servlet class that performs the authentication.
// Imports for annotations
import javax.annotation.security.DeclareRoles;
import javax.servlet.annotation.WebServlet;
import javax.servlet.annotation.HttpConstraint;
import javax.servlet.annotation.ServletSecurity;
#WebServlet("/securedUrlPattern")
#ServletSecurity(#HttpConstraint(rolesAllowed = { "myRole" }))
#DeclareRoles("myRole")
public class SecuredServlet extends HttpServlet {
//Rest of code
}
If you prefer not to use the standard servlet, you can instead add a element containing a dummy URL pattern to the web.xml file. This notifies JBoss to create a default Authenticator. Failure to create a element in the web.xml file may result in the error message "No authenticator available for programmatic login".
Another reason we should choose JBOSS over Weblogic
When deploying a dynamic web project with JSF facet to Eclipse+GlassFish, the following error occurs:
The message says:
WELD-001437: Normal scoped bean class javax.faces.component.UIViewRoot is not proxyable because the type is final or it contains a final method public final void javax.faces.component.UIComponent.popComponentFromEL(javax.faces.context.FacesContext) - com.sun.faces.cdi.ViewProducer#1ccfebd3
How is this caused and how can I solve it? The same codebase and server works fine in Netbeans.
Because your NetBeans project has been worked successful. In this case, You should import exist NetBeans project to Eclipse IDE, don't create new Eclipse project. This make avoid errors or mistakes.
Turn off all other web application servers, avoid port number collision.
I am trying to create unit tests for my ASP.NET MVC 5.1 app.
I want to verify the outgoing URL by using the UrlHelper.Action() method.
I can do that with ASP.NET MVC 4, but cannot with ASP.NET MVC 5.1.
There is an exception when call the Action() method:
An unhandled exception of type 'System.NotImplementedException' occurred in System.Web.dll
Additional information: The method or operation is not implemented.
Please help me a solution!
Thanks
I ran into the same issue. In my case, the NotImplementedException was coming from HttpContextBase.GetService.
The following code solved the problem:
public override object GetService(Type serviceType)
{
return DependencyResolver.Current.GetService(serviceType);
}
I want to set different themes to my Vaadin application, depending on the user agent.
In particular I want to distinguish at least between mobile devices (iPhone, Android,...) and desktop web browser.
Vaadin's API reveals two interesting classes:
BrowserInfo
WebBrowser
BrowserInfo seems to do the job perfectly for my needs, but fails on instancing via its get-method:
SEVERE: javax.servlet.ServletException: ...
Caused by: java.lang.UnsatisfiedLinkError: com.vaadin.terminal.gwt.client.BrowserInfo.getBrowserString()Ljava/lang/String;
Couldn't find a way to access WebBrowser from within my application either.
Did I choose the right approach for browser distinction?
Why does accessing BrowserInfo fail?
As #quickanalysis pointed out, you've to be aware of the separation of client-/server-side components.
For getting the user agent string on server-side, the following code snippet does the job:
ApplicationContext context = this.getContext();
if (context instanceof WebApplicationContext) {
String userAgent = ((WebApplicationContext)this.getContext()).
getBrowser().getBrowserApplication();
}
From what class you are trying to call this method? The BrowserInfo is available at client-side as WebBrowser ar the server-side. Take a look at the package naming.