al langley

Ranch Hand
+ Follow
since Mar 28, 2008
Merit badge: grant badges
For More
Cows and Likes
Cows
Total received
0
In last 30 days
0
Total given
0
Likes
Total received
0
Received in last 30 days
0
Total given
0
Given in last 30 days
0
Forums and Threads
Scavenger Hunt
expand Ranch Hand Scavenger Hunt
expand Greenhorn Scavenger Hunt

Recent posts by al langley

Thanks for your reply Henry.
In the original code posting, I tried to simplify the problem (incorrectly thinking the problem was with loading the jar). But thanks to your answer, I see the problem may be in the code and classes inside the jar file. The stack trace was almost identical to the error message described in the original post, except the name of the class was different.

I'll post what I find (when i find it) for those who are interested so that they won't repeat my mistake.

Thanks for answering the question, I can at least look in the different place now for the problem.
14 years ago
In my application, I use classes that are contained in a jar file. One such class is called "jarStuff.ClassInJar"

I have a reference to a ClassInJar object that gets instantiated in the constructor of Class A when the program is started.

Basically:


Occasionally (1 out of 10 times), I get the following error:

Exception in Thread Main java.lang.NullPointerException
at test.A<init>Unknown Source

I'm not sure what the cause of the error is, but it is not consistent, and only occurs occasionally.
1. Is it possible that the error is getting thrown because the jar file has not yet been loaded before the constructor is called?
2. Is there a way to programatically verify a jar file has been loaded (and its classes are available) when a program starts?

Thank you.
14 years ago
Thanks, will try out the security filter.

The advice is very appreciated!
15 years ago
Thanks for the response!

I have a situation where I have pages that only authorized users should be able to see. I think the scenarios are simple enough to be covered by declarative security. But I was wondering what factors I should look at.

I'd like to learn more about security and how it is typically handled when it comes to servlets and web apps in general. Anyone know a good book, or link?

Thanks again.
15 years ago
I have used the <security-constraint> tags and just started to use realms with a database in Tomcat (thanks for the link again Ben Souther) to allow certain users to view certain pages.
But what if I only want a user to be authenticated once, and for the rest of the session the user can access all pages he is authorized to view without having to be authenticated each time.

How are declarative and programmatic security typically used in these situations?

This is what I was thinking:
The first time a user logs in from the login page, the username/password as well as the authentication method that is declared in the <security-constraints> sections of the DD is used.

Once the user has been authenticated the first time (a correct username/password combo) I set a Boolean variable
in a session object to true.


Then for all other pages that require authentication, I just check the session object to see if the attribute value is set to true. If it is (and the user is logged in) I display the appropriate info, otherwise I display a message for the user to go log in.


I'm just curious as to how such cases are typically handled and if there is a more secure(or proper) way to handle this.
Thanks for taking the time to read my question.
Any thoughts or suggestions would be much appreciated.
[ May 19, 2008: Message edited by: al langley ]
15 years ago
Thanks! much appreciated!
15 years ago
I've tested and used the tomcat-user.xml file in conjunction with the <security-constraint> tags in DD to limit access to certain pages. Using this method, I've defined username, passwords and roles in the tomcat-user.xml file.


I was wondering how this is handled in bigger applications where it wouldn't be efficient to declare all users and their passwords in a tomcat-user.xml file.

I'm guessing information such as username, passwords, and roles can be kept in a database and not in a xml file.
My question is, how do you tell a container that a user has a certain role if you don't declare it in tomcat-user.xml?

Thanks
15 years ago
I bought my driver's license and credit card.
I just bought two forms of ID...and nothing else. Not sure if the rules are the same everywhere though.

GOOD LUCK!!
[ May 04, 2008: Message edited by: al langley ]
Hi Vijaya Sravanthi,
Thanks for the props!
As per your question, I'm not sure if I am allowed to say what is on the test and what is not? Bbut I would say that the test does a pretty thorough job of covering the topics in HFSJ and almost everything is covered one way or another as questions, or as possible answers. Knowing the topics covered in HFSJ makes selecting and rejecting the answer choices a lot easier. So if it is in the book (with the exception of struts in chapter 14), I would know it.
Good luck.
[ May 04, 2008: Message edited by: al langley ]
Thanks for the props. I must admit, part of the thrill of passing is posting the results.