Ray Lim

Greenhorn
+ Follow
since Jan 10, 2002
Merit badge: grant badges
For More
Cows and Likes
Cows
Total received
0
In last 30 days
0
Total given
0
Likes
Total received
0
Received in last 30 days
0
Total given
0
Given in last 30 days
0
Forums and Threads
Scavenger Hunt
expand Ranch Hand Scavenger Hunt
expand Greenhorn Scavenger Hunt

Recent posts by Ray Lim

Hello...
I'm trying to get Xerces to validate an xml against a schema.
I'm following an example I found on the web.
http://www-106.ibm.com/developerworks/xml/library/x-tipsch.html
The parser seems to check if the xml is well-formed but not check if the xml follows the related schema.
When I modify the XML shouldn't I get an exception saying it no longer follows the schema?
Here is the java code.


Thanks,
Ray
Thanks Tong...
For the candidate history of the java test, the site is:
https://www.certmanager.net/~sun_s/login.html
Is there a website I can send employers to show that I passed the xml cert, again similiar to the java cert.
Where is the java certification proof site as well?
[ July 11, 2003: Message edited by: Ray Lim ]
Thanks karthik, I was sure it something like that but just wasn't looking in the right places for the servletcontext.
Not quite sure what problem you are running into when "war"ing the project. I war'd my project and deployed to another context and ran my /ServletTestRunner. Went ok. Have you tried manually deploying the war, instead of having deployed from ear?
21 years ago
I am trying to create a test for a simple Action that needs to retrieve the "configuration" object from ServletContext. I guess what I need to do is create the Configuration object and set it to ServletContext before testing the perform. How do I set anything to ServletContext in StrutsTestcase?
----------------------------------------
Action perform method

Test Code
21 years ago
Which container are you using?
I'm getting a similiar error in Bea Weblogic 6.
I found a reference link.
http://castor.exolab.org/list-archive/msg20428.html
That refers to using "ojdbc1.4.jar" instead of classes<ver>.jar but I can't find a place to download ojdbc1.4.jar. So I'm not exactly sure if this is a fix.
Here ya go... I used scriptlets for the example, but I used taglibs in actual code.
login.form--------------------------------------
<html><body>
<form method="POST" action="/loginAction.do" >
<table border="0" cellspacing="5">
<tr>
<th align="right">Username:</th>
<td align="left"><input type="text" name="j_username"></td>
</tr>
<tr>
<th align="right">Password:</th>
<td align="left"><input type="password" name="j_password"></td>
</tr>
<tr>
<td align="right"><input type="submit" value="Log In"></td>
<td align="left"><input type="reset"></td>
</tr>
</table>
Authenticated as:<%= request.getRemoteUser() %><br>
<% if(session.getAttribute("username") == null)
{out.println("Not Logged In");}
else
{out.println("Logged In as: " + session.getAttribute("username")+"<br><a href='/smartcafe/logout.jsp'>Logoff</a>");}
%><br>

</form>
</body></html>
loginAction servlet-----------------------------
//validate user
LDAPActor la = new LDAPActor();
String username = request.getParameter("j_username");
String password = request.getParameter("j_password");
boolean result = la.authenticate(username, password, LDAPActor.AUTH_BY_CN);

if (result){
//if principal is set then logout person
if (request.getUserPrincipal() != null)
{
session.invalidate();
session = null;
session = request.getSession(true);
}
session.setAttribute("username", username );
session.setAttribute("password", password );
//setup any additional vars
response.sendRedirect("index.jsp");
}
else
{
// invalid auth
response.sendRedirect("login.jsp");
}
web.xml-------------------------------------
<security-constraint>
<web-resource-collection>
<web-resource-name>Testing</web-resource-name>
<url-pattern>/authentication/east.jsp</url-pattern>
<http-method>POST</http-method>
<http-method>GET</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>EAST</role-name>
</auth-constraint>
</security-constraint>
<security-constraint>
<web-resource-collection>
<web-resource-name>Testing</web-resource-name>
<url-pattern>/courses</url-pattern>
<http-method>POST</http-method>
<http-method>GET</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>Students</role-name>
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>FORM</auth-method>
<realm-name>default</realm-name>
<form-login-config>
<form-login-page>/loginRouter.jsp</form-login-page>
<form-error-page>/authentication/error.jsp</form-error-page>
</form-login-config>
</login-config>
loginRouter.jsp page----------------------------------
<%@ page import = "java.net.*" %>
<%
if(session.getAttribute("username") != null && session.getAttribute("password") != null && request.getUserPrincipal() == null)
{
String username = (String)session.getAttribute("username");
String password = (String)session.getAttribute("password");
response.sendRedirect("j_security_check?j_username=" + URLEncoder.encode(username) +"&j_password=" + URLEncoder.encode(password));
}

%>
--------------------------------------------------
Within the servlet, the LDAPActor is an API I wrote to talk to LDAP. The login form is an include on home, secondary, or login page[not on loginRouter.jsp]. loginRouter.jsp is used as a redirection page. After the action, the username/password are kept in session but the user has not had to access a protected resource(PR). But the first time they try to attempt access a PR then they are sent to the loginRouter.jsp. Then, the router sends an authentication call. If valid they are sent to the PR they requested.
So in essence, the code lets the user save their username/password in session till when the system actually needs it.
[ February 07, 2002: Message edited by: Ray Lim ]
[ February 07, 2002: Message edited by: Ray Lim ]
22 years ago
Under the session object, I couldn't find any attributes related to which protected resource I was trying to access. using session.getAttributeNames()
For everyone, regarding the third point of logging-in a person who is not requesting a protected resource. I have found the creating my own login servlet which keeps the username and password in session works best, so far. Then when accessing a protected resource, I use the stored username/password and call "j_servlet_check" which then redirects back to the protected resource. If you want more info on this just let me know.
22 years ago
Under the session object, I couldn't find any attributes related to which protected resource I was trying to access.
For everyone, regarding the third point of logging-in a person who is not requesting a protected resource. I have found the creating my own login servlet which keeps the username and password in session works best, so far. Then when accessing a protected resource, I use the stored username/password and call "j_servlet_check" which then redirects back to the protected resource. If you want more info on this just let me know.
22 years ago
I am using "j_servlet_check" for authentication. After a successful login, the function redirects to the resource the user was trying to access. Is there a way to change this so I can choose where the function redirects to?
On a more general note, Should I be using j_servlet_check for authentication? Is there a better mechinism?
Also, is there a way to authenticate a person is requesting a non-protected resource. Just to log them in for profiling purposes.
FYI. I'm using Tomcat 4
[ February 06, 2002: Message edited by: Ray Lim ]
22 years ago
For testing purposes, I want to create a servlet or JSP to simulate that my session is of a logged-in user.
In a sense by running the servlet/jsp, it would log my session in and setup the
session.getId()
request.getRemoteUser()
request.getUserPrincipal()
roles for the request.isUserInRole(role) check
Sort of like an auto-login.... Is this possible?
ps. I am already using form-based authentication against an LDAP in Tomcat 4.
[ February 04, 2002: Message edited by: Ray Lim ]
[ February 04, 2002: Message edited by: Ray Lim ]
22 years ago
The default page contains a big blue header with the text below. I would like to know how to change this or any of the default error pages. Thanks
Apache Tomcat/4.0.1 - HTTP Status 403 - Access to the requested resource has been denied
type Status report
message Access to the requested resource has been denied
description Access to the specified resource (Access to the requested resource has been denied) has been forbidden.
22 years ago
I think so, Yes. I have jsp files at the application root (http://localhost:8080/myapp/test.jsp) but they are not running the front controller. Only the jsp under the http://localhost:8080/myapp/sampleapp/ directory run the front controller. How do I make all jsp under the webapp run the front controller? I tried putting the servlet mapping to "/*" but then I got an endless redirect when the front controller forwards to the target.
[ January 11, 2002: Message edited by: Ray Lim ]
22 years ago
JSP
I have been using and like JEdit (http://www.jedit.org/). It's Open-Source, which means free. Also, it has Ant support and other cool plugins. I don't care for the file navigation system too much.
22 years ago
JSP
I have implented the Front Controller pattern from the J2EE blueprints.
http://developer.java.sun.com/developer/technicalArticles/J2EE/despat/
However, it looks like I have to keep all the jsp files under /sample_app folder, which I don't like. Is there a way to implement the controller on jsp's at the root level(/)?
the web.xml for this is below
<web-app>
<!-- the web.xml file of the web component of the sample application -->
<!-- all other specs -->
<servlet>
<servlet-name>CentralEntryPoint</servlet-name>
<servlet-class>FrontControllerImpl</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>CentralEntryPoint</servlet-name>
<!-- The following forces all web page requests of this
application to be routed through the front controller -->
<url-pattern>/sample_app/*</url-pattern>
</servlet-mapping>
<!-- all other specs -->
</web-app>
22 years ago
JSP