Dom McMillan

Greenhorn
+ Follow
since Jul 26, 2011
Merit badge: grant badges
For More
Cows and Likes
Cows
Total received
In last 30 days
0
Forums and Threads

Recent posts by Dom McMillan

Trying to deploy a war into a CI environment (JBoss 6.1.0 on RHEL 6.3) using the jboss-maven-plugin (mvn jboss:deploy) the below FileNotFoundException is thrown. What needs to be changed with the configuration to make the deployment work? Did anyone make such a deployment and could post some code?

The file path which is stated in the exception seems to be composed of two parts:
1. /opt/jbossOss/da34Infos/miniLogs/ci/
2. c:\data\workspaceIndigoMaven\myapp\target\myapp.war
I would expect only the second part to be there since that is correctly pointing to the war file on the local Windows 7 system. The first part seems to be the value of system property user.dir.



extract from pom.xml

.settings.xml (maven)

11 years ago
Hello,

for a JSF maven application I would like to find out how I can easily test it using an embedded server (for fast turn-around times in TDD). I managed to created a drone test based on arquillian and drone on a remote adapter on JBoss AS7. But that takes too long too execute.

How can I easily create and fastly run tests in order to make TDD real fun (is there somewhere an example I could go through)? I thought of the possibility in a test class to use a @BeforeClass annotation to set up and start the server, a @Before annotation to initialize a context and seed the database, @Test for testing and later @AfterClass for shutting down the server. How are you guys test your applications?

Regards,

Dom
12 years ago
@Brendan: thanks for your advice. Much appreciated!
@Tim: thanks for your rather general comments on JSF.

In "core JAVASERVER(TM) FACES, THIRD EDITION" from DAVID GEARY and CAY HORSTMANN on page 525 I found the following comment: "NOTE: Currently, there is no specification for logging off or for switching identities when using container-managed security. This is a problem, particularly for testing web applications. GlassFish and Tomcat use cookies to represent the current user. You need to quit and restart your browser (or at least clear personal data) whenever you want to switch your identity."

So currently it seems logging out is only possible with application managed security, i.e. it needs to be programmed within the application.

I'll set this thread to resolved.
13 years ago
JSF
I'm not sure whether I do understand you correctly:
- with respect to the cookies you can't really say because you didn't focus on it in the past.
- with respect to the protected page being loaded you can recommend to check whether the links (URLs) are correct? (they are)
Is that what you mean? Because as of now I miss a hint on what the problem could be and how I could solve it. An "anomaly" is either a bug or a feature. If it is a feature then something is wrong in my app. If it's a bug then someone might already know about it - since my application is not very sophisticated.
13 years ago
JSF
That leaves me with the initial questions. In the meantime, I checked again my app with the following results:
1.) Start of the application (index.html with the link to a CMS-protected area)
Result: no cookie yet set, and hence no session established
2.) Klick on the link to the protected area. As a result not the welcome.xhtml is loaded but login.html (declarative security)
Result: a cookie is set, in the specific test with value 50033e41d18d500e302036f6eb74
3.) Enter credentials and submit form; welcome.xhtml of the protected area is loaded
Result: a new session is established (I assume that is the security session) with cookie value 500736ddf603308a1e58f032b08e
4.) Logout again. session.invalidate() is called. Again index.html is loaded.
Result: Still the same cookie is set on the client: 500736ddf603308a1e58f032b08e
5.) Click again on the link to the protected area
Result: welcome.xhtml is opened but without information from the backing bean and a new session is established with cookie value 502f6e71e4ca1580e9761cf8d983

So, questions:
- After step 4 I would have assumed the cookie to be deleted. A possible explanation for that behaviour could be that the server is deleting the session only on the server but not on the client. That means the cookie is still available on the client but without a corresponding session on the server. Is that understanding correct? If not, why is the session still existant, although session.invalidate was called?
- What can be done to avoid after step 5 the loading of welcome.xhtml? What would be a "good" way to solve that?
- Where can I find more info/readings/books about the mentioned security context (UserPrincipal and remoteUserId) - to get deeper into the subject?

Regards,

Dom

13 years ago
JSF
Thanks for the welcome and your answer, Tim!

Since I opened already another thread with a more specific question may I close this thread and link to the other? I will then include questions there.

Here we go: https://coderanch.com/t/547156/JSF/java/After-logout-JSF-relogin-withtout
13 years ago
JSF
Hello,

context:
- JSF on glassfish 3.1
- FORM based authentication (realm via a derby database)
- I am using no servlets but JSF
- "process":
(1) on requesting the base URL index.html is loaded which includes a link to /protected/welcome.xhtml
(2) click on that link => due to the login requirement (see web.xml below) login.html is loaded
(3) user fills in credentials and submits the form (to a UserBean)
(4) welcome.xhtml is loaded successfully upon successful login
(5) user logs out from welcome.xhtml via button and is redirected to index.html

Problem: The logout is not working correctly:
(a) When after the logout the login button is pressed again but without providing credentials then welcome.xhtml again is loaded (without any user information). That shouldn't be possible. It cannot be the cache (tested by deactivating the cache in the browser).
(b) It does not delete the session (session cookie not deleted on the client and keeps the same value).


web.xml

faces-config.xml


Regards,

Dom
13 years ago
JSF
Hello,

for an application managed authentication I use a derby database. In the UserBean the logout() method is called in case the user logs out. However, in the first code sample the session object is always null. If the declaration and definition of the variables facesContext and session is included inside the logout() method then it works (code sample 2)!? Shouldn't the session object be only once initialized and then stay the same for the duration of the session? Why is that?

Code sample 1:


Code sample 2:


Would the given logout() method be a good example (application managed authentication) of executing a logout or did I miss something? Will the server make the client to delete the cookie (on the client) or will the server just destroy the session object related to that specific client? How can I test the correct behaviour (e.g. check whether the correct object is being deleted)?

For container managed authentication would a logout method look the same as above?

Hints / questions on any of these questions much appreciated since I cannot find answers in the literature.

Regards,

Dom
13 years ago
JSF