Marcelo Tataje

Ranch Hand
+ Follow
since Jan 31, 2011
Marcelo likes ...
Oracle Java Ubuntu
Merit badge: grant badges
For More
Cows and Likes
Cows
Total received
0
In last 30 days
0
Total given
0
Likes
Total received
1
Received in last 30 days
0
Total given
7
Given in last 30 days
0
Forums and Threads
Scavenger Hunt
expand Ranch Hand Scavenger Hunt
expand Greenhorn Scavenger Hunt

Recent posts by Marcelo Tataje

Hello everybody, I want to make a Java App to manage certificates.

For example, for a keystore, in the requirements I've received, I need two files that I've already have:
1. Certificate (.cer or .pem extension),
2. the private key file (.key extension).
I wonder to know how can I create my own keystore with these files, how do I set the alias, password and all what my keystore needs.

Now, what I've also been asked for is to create a truststore based on the keystore:
- Generate a .CER file from keystore.jks
- Import .cer file into a new file named truststore.jks
- Import Root certificate (which I already have)
- Import Intermediate certificate (which I already have)


And I know that all what I want is possible with the "keytool" java offers, but I need an application that can do all this process. I've been thinking on using the Runtime class to execute keytool commands, but for some of the commands I need a confirmation and I couldn't manage to find how to accept or decline a command executed from java.

Is there maybe a framework for this kind of job. I'd really appreciate your help and thanks in advanced.
11 years ago
Hello everybody, I'm facing a very difficult requirement for an application that I'm developing.

The issue is that I have a restful web service and I use only two methods: POST and GET. In addition I have a Worker Thread which can be considered as a Daemon or a background thread. The flow of the application must be that some user sends a document to my REST using the POST Method, my POST Method gets the bytes of the message, process them into a DocumentBean and I put it on a Message broker. My worker thread is the java application which will be in charge of get the message from the broker and save it in an inbox path in the server. If all the flow is completed, the worker thread will set a boolean variable to true and if not, false and my post method is supposed to return an XML with tags <Response><code>200</code><message>OK</message></Response> and if it fails, it changes the code to 500 and message Error.

I've already tested the flow using a JUnit Test, what I don't have any idea is how my RestInterface will retrieve the status of the worker thread. Inside the POST method I'm converting the bytes to a Bean type and then I'm sending it to the Message Broker, then my worker thread do all the job, but how can I notify the rest that the process is complete to send the XML Response to the cliente?

Please I'll be really grateful if somebody could help me with this. Thank you very much for your time.
11 years ago
Hi everybody, I've been asked to make some validations with a X509Certificate, I've tried to make them by googleing some samples on the web, but no success

I have a Web Application which connects to a Restful Web Service, this Web Service return an XML document which is signed, so it contains a Signature Tag which contains child nodes with an X509Certificate. I've been asked to verify:

1. The signature of the certificate
2. The revocation status of the certificate
3. If the certificate has been issued by a trusted root

The problem is that the only parameter I have is that X509 Certificate data which I convert to X509Certificate java type.

I've found examples of OCSP and Signature validations which I tested in other projects and they always require two certificates: A trusted one and the target.

In my case I have the target which I receive from the Web Service as I menctioned before, but I don't have any other certificate.

So my question is: The validations I mentioned are possible to perform with only one certificate like the one I'm getting from the XML or I need two as a mandatory requirement?

And if I need two certificates, how should they be related?


Maybe it's a dummy question but it's the first time I heard about this time of requirement and I haven't work with certificates too much

Please if somebody could help me I will be grateful. Thanks in advance for any help.


11 years ago
Hi, I'm facing the next issue. I'm working with a simple java application and a WebService. The Web Service operation returns a String which contains the certificate data you know:

----BEGIN CERTIFICATE-----zzhjaY5469O....-----END CERTIFICATE----

What I want is to convert that String data into a x509Certificate. The problem is that whenever I try to execute the convertion, an exception is thrown and shows that the Certificate is not valid.

Here's the code I'm using:



The problem is that when I retrieve the certificate it's coming in one line like: sdjaskdlkasjdiji238918172912kjYhjhkuhukhku==
When I used that form of String it fails, even I've tried adding the ----BEGIN CERTIFICATE---- and -----END CERTIFICATE-----
But nothings happened, it still has error.

Somebody please could help me? I'd be really grateful. Thanks in advance
11 years ago
Hello everybody, I'm facing a tricky requirement implementing a Web Service and it's client using Metro and JAX-WS. The goal of the application is to send an XML document through a WebService, the application is implemented using WSRM, WS-Addressing and SAML 2.0 Sender Vouches assertion, it has been developed using a contract first WSDL document and configured through wsit.xml setting the keystores and truststores. Everything it's ok, the application runs perfectly. But the tricky requirement is that the application requires to compare the certificate of the client side with the certificate which is located at server side. I tried to give solution to problem using SOAHandlers because I noticed that the only moment in which I can get the server side certificate is when the Create-Response is executed, that's why I catch the soap and get the certificate then i use an if-else to manage actions when the certificate is not valid. What's the problem? That when I catch the SOAP in Response and throws the exception, the xml file has been already delivered. Then I set another solution, I developed a "ping" method which communicates with the server and retrieve the certificate, compare with client side and throws exception. But if the certificate is correct I execute the sending of the document. What is the problem in this solution? That sequences are created two times: first time when it makes a ping and the second time to send the xml file which is a very heavy-weight validation in terms of performance and I think is not a good practice. In Metro, the sequence is like this:

1. CreateSequence
2.CreateSequenceResponse
3.Create (Here I send the message)
4.CreateResponse

What I want is to catch the Certificate when the application is using CreateSequence or CreateSequenceResponse to cut the flow in that point and avoid all the resource-hard-work.
With the current solution, I have to make the flow two times as I menctioned.
If I just execute the flow and validate using the SOAPHandler, the time when the validations throws the exception is too late because the message has been already sent in the Create step. And the validate seems to be executed in the CreateResponse.

I'm new to Metro and this kind of validations with certificates, maybe is there something I could do with SAML Handlers or wsit. Please if somebody could help me I will really be grateful. Thanks in advance.
12 years ago
Hello everybody, I've been racking my brain for three days with a problem I cannot solve, it's about JSF and primefaces... what I want to do to begin is simple. I have my index.xhtml page which has a button, the button forwards to a page where there's an image and a cropper which is implemented with primefaces (p:imageCropper). When I access the page I can see the pointer of the cropper and also select an area, the problem is when I call the "Crop" command button because nothing happens it even doesn't calls my action (managed bean) but what is weird is that a message is shown under my form and says: Conversion error occurred
I'm pasting the code of my xhtml and my managed bean class:

image-preview.xhtml



ImageCropperBean.java



I don't know what to do, I'm working with Eclipse Helios and the image I'm using is inside the WebContent folder, that's why I'm calling it directly. I thought that the problem could be my java class but it cannot be since I have a System.out.println("Inside crop") and it's there's nothing on console. I don't know if the problem is primefaces.

Another thing is that in all the examples I have seen on the web, the import for cropped image in the class is: org.primefaces.ui.component.imagecropper.CroppedImage;
while in my case I just have: org.primefaces.model.CroppedImage

Could it be that the problem?

Libraries I'm using are the following:

el-api-1.1jar
el-impl-1.1
jsf-api.jar
jsf-impl.jar
jstl-api-1.2.jar
jstl-impl-1.2.jar
primefaces-2.2.jar

I hope somebody could help me please, I'd be very grateful. Thanks in advance.
12 years ago
JSF
Thanks, but as I menctioned before, I've already tried with javascript, but I don't know if it's 100% effective, since even when I disable the button I can click again the button and send the request for the second time. I know there are some frameworks which that can be integrated to use something like s:token, but I'm not sure if it's compatible with Tomcat using JSF. Is there any other possible solution or implementation for this?
12 years ago
JSF
I hope somebody could help me with this issue, it's the first time I'm working with JSF after working for three years with Struts2. I need a functionality in JSF to handle double submit on an xhtml page. I mean I have a h:commandButton hich executes an action which registers a group of entities in a database and send an email after this, all this is done, but since it takes some time to perform the operation, the user can click again the submit button, that's why I need to avoid the second click, is there any idea for this?
I tried with a javascript that disables the button for some seconds but I don't know if it's 100% effective and if it's correct to do that in a formal application. I head about seam and shale frameworks but when I look for shale it's not available anymore and seam is for JBoss and I'm working with Apache Tomcat.

I'll be grateful if somebody could help me with this please, thanks in advance.
12 years ago
JSF
Thank you very much, it worked. I've been racking my brain with this. Thanks
12 years ago
JSF
Hello everybody, I've been working in a Java EE Project using JSF as my framework and JPA for persistence. The issue is kind of complex for me, well I think maybe it's simplier than it looks like.
I've developed a web application in which an user can register itself to send documents in pdf through a nice user interface. When the user is registered he uploads a document and when he click on a button named "Send document", he specifies an email to alert the recipient that he has recieved a document.

I've already managed to send the email through my application, the email contains a text like this: "You have recieved a file, to look it please click on the following url: sjdhajhdajsd.xhtml"
When somebody click this link if he's not registered in my application he can see the document but he has no all the options I included in this application. But if he's registered he can access all the options. I don't know if there's some solution for this case, it's something like using profiles?

Please I'd be very grateful if somebody could help me. I heard from a friend that in Struts2 he did it something similar by creating a public directory and a private directory and configure both tomcat and web.xml

Any ideas or suggestion please? Thanks in advance
12 years ago
JSF
I developed my own maven plugin(jar application), this plugin has been made to attend requirements of a specific application(dynamic web project). I also included this using the plugin tag on my project's pom.xml and I don't have any problems deploying my maven project since the plugin is in my local computer. But my main web application can be downloaded and tested from different parts and different computers so they would need to also to download the plugin project and run mvn install and then after that, execute mvn install with my main project, I don't know if there's a way in which everyone who downloads my application just run the mvn install with the mvn project and download the plugin into the repository. My plugin project which is separated from my main project because it is just a plugin, is located on a subversion, I don't know if there's a way in which I could include the plugin and reference the svn url or something like that, for example my web applicattion pom.xml includes this:



apconfig-plugin is the name of the plugin I developed using the MOJO api. When I execute my web application pom.xml I don't have any problem because I have the application in my repo. But when I go to another computer and execute the pom.xml it throws exceptions because the plugin app is not found.
Any idea on how to solve this? please, I would be very grateful. Thanks in advance.
12 years ago
Sorry for the inconvenients, after look my pom.xml for almost 4 hours I was able to found the error, the problem were these tags:



I removed from my pom and voilá, it worked. Hope the solution runs for the person who needed. Thanks for your attention and time.
12 years ago
Hello everybody, I've been working with maven with a multi-module project, I had some problems to achieve my war building but I finally did it. The problem now is the deploying of my war.

The problem is basically that my war is being generated with some extra jars, these "extra" jars causes a conflict with other jars in my tomcat, that's why I want to remove them during the build of my war. For example my war must be like this to run:

ROOT.war/WEB-INF/classes/lib/stax-api.jar
ROOT.war/WEB-INF/classes/lib/webservices-rt.jar
ROOT.war/WEB-INF/classes/lib/junit.jar

But in the war they appeared like this:
ROOT.war/WEB-INF/classes/lib/activation.jar
ROOT.war/WEB-INF/classes/lib/jaxb.jar
ROOT.war/WEB-INF/classes/lib/xerces.jar
ROOT.war/WEB-INF/classes/lib/stream.jar
ROOT.war/WEB-INF/classes/lib/stax-api.jar
ROOT.war/WEB-INF/classes/lib/webservices-rt.jar
ROOT.war/WEB-INF/classes/lib/junit.jar
and a lot of jars more that I don't want because they cause a "NoSuchMethodError" during my deploy in tomcat, I tried the tag "scope: provided" for the dependencies, I also tried "excludes" to exclude the jars but none of them seems to work, the war is always generated with all these jars.

Please I will be very grateful if someone could help me I will be really grateful, thanks in advance for your attention and help.
12 years ago
Hello everybody, in an older post I ask for some help to create a pom.xml in which I could set properties in some project's files using the pom.xml based on an external properties files. I finally achieved my purpose, well I thought so because when I run the mvn install, not all the files variables are being replaced. My project is a Web Service Client (METRO based), the structure of my project is like this:

webserviceClient(root)
---------SRC
----------------MAIN_DIRECTORY
------------------------JAVA_DIRECTORY
--------------------------------config.properties
--------------------------------log4j.xml
------------------------RESOURCES_DIRECTORY
----------------TEST_DIRECTORY
----------------WSDL_DIRECTORY
------------------------samplewsdl.wsdl
------------------------
----------------wsit-client.xml
----------------samplewsdl.xml
----------------jax-ws-catalog.xml

Kind of complex, the point is that the files I want to set the variables are located in different parts, some of them in the root of SRC, some of them inside JAVA directory and not inside resources, another resource is located inside WSDL directory. When I execute my pom.xml is like it builds the application and put the files inside classes directory inside target, but when I look for a META-INF autogenerated folder the files are still with the ${variable} reference. That's why I'm having problems with the deploy. I know the problem is in resource filtering tag, but I've tried everything and sometimes the filtering copies the source code but without any change of the ${variable} reference. Is there any way to replace all the resources in the SRC (which contains all the files) and generate the build with the variables replaced by the values specified in properties. I'll be really grateful if you could help me, my pom is as follows:




Thanks for your help, any advice will be really appreciated.
12 years ago
In addition to the previous post, I wonder if it's a way, command or tag that let pom replace the properties in every single file found, I mean like make a lookup or search and replace in all the files that contains references to variables, I mean, to ensure that every value replaces the variable in every single file when the target directory is generated.

Thanks in advance
12 years ago